Hi Patricia, Answers inline:
On Thu, May 31, 2012 at 1:06 PM, Patricia N Goldweic < [email protected]> wrote: > So, could somebody please confirm (or otherwise) the following > statements?**** > > ** ** > > - If my app requires write access to the provisioning API, I should be > able to use not only 3-legged OAuth 1.0 (which is currently deprecated), > but also OAuth 2.0 to implement this. Presumably, I can use one of the > existing java client libraries to do this. (a sample of such use that > involved the provisioning api in particular –coupled with OAuth 2.0- would > be great to see). > Yes, you can use either 3-legged OAuth 1.0 or OAuth 2.0 to get write access to the Provisioning API. **** > > ** ** > > - 2-legged access is not yet available for the provisioning API. If it ** > ever** becomes available with OAuth 2.0, I would find it under the > ‘service accounts’ documentation for the provisioning api. > The Provisioning API supports 2-legged OAuth 1.0 in a readonly mode. I don't know if OAuth 2.0 will support the 2-legged flow but we'll make sure everyone knows where to find the docs in case that happens ;) **** > > ** ** > > Thanks in advance,**** > > -Patricia**** > > ** ** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Sandip Shah > *Sent:* Thursday, May 31, 2012 1:40 PM > *To:* [email protected] > *Subject:* Re: [google-apps-apis] Re: OAuth 2.0 and Provisioning API**** > > ** ** > > Patricia,**** > > ** ** > > OAuth 1.0 supported both 3-legged and 2-legged methods for read/write > access (for most APIs).**** > > ** ** > > OAuth 2.0 so far supports 'Desktop Application' and 'Web Server' "flows", > again for read/write access, again for most APIs.**** > > ** ** > > The "Service Accounts" is the equivalent of the 2-legged mechanism and it > is just being rolled out across different APIs. I have not seen an > official page announcing when these will be live on each API, but maybe > someone in Google can throw some light on that.**** > > ** ** > > Sandip**** > > On Thu, May 31, 2012 at 11:32 AM, Patricia N Goldweic < > [email protected]> wrote:**** > > I've also worked with 2-legged Outh for docs, calendar and sites content, > but this was using OAuth 1.0 (not 2.0). In terms of (write) provisioning > access, I thought that the only thing available from Google (that supports > Google Apps accounts) has been 3-legged OAuth 1.0. Is this assumption still > valid? Can somebody from Google clarify? > Ideally, there would be 2-legged support for write provisioning access, > but if there isn't yet, please explain whether 3-legged OAuth 1.0 or OAuth > 2.0 should be used instead for this purpose. Thanks in advance, > -Patricia > > -----Original Message----- > From: [email protected] [mailto: > [email protected]] On Behalf Of bobpuffer > Sent: Monday, May 28, 2012 9:01 AM > To: Google Apps Domain Information and Management APIs > Subject: [google-apps-apis] Re: OAuth 2.0 and Provisioning API > > I have also found this piece of valuable documentation that, if accurate > does suggest calendar data is available via 2LO (tho I guess I've never > been able to get it to work). > > https://developers.google.com/google-apps/marketplace/manifest#supported_scopes > > On May 28, 7:57 am, bobpuffer <[email protected]> wrote: > > You're right, I was in error on the calendar, but am definitely using > > to query and change spreadsheet cell data, create entire sheets in a > > workbook and also Docs listings, creating collections, uploading > > documents (with resumable upload). The most important thing to me is > > what is the future of 2LO for administratively managing such > > requirements? > > Bob > > > > On May 27, 7:26 pm, Sandip Shah <[email protected]> wrote: > > > > > > > > > > > > > > > > > Bob, > > > > > I have been monitoring the forums closely, and no one can get even a > > > the Calendar API to work with Service Accounts (2LO in OAuth 2.0 > world). > > > > > Do you mind posting some sample code? > > > > > Thanks, > > > > > Sandip > > > > > On Sun, May 27, 2012 at 2:34 PM, bobpuffer <[email protected]> > wrote: > > > > ACL lists on all of the documents apis (Sites, Spreadsheets, Docs, > > > > Calendars). Docs listing. Almost anything including querying and > > > > updating cells in spreadsheets. Some spreadsheet functions fail > > > > because the redirect goes to a location that only accepts > Clientlogin. > > > > I'm pretty confused between my experience and your statements. > > > > Most of all I'd be interested in knowing the near and distant > > > > future of being able to support 2-legged OAuth because its > > > > critical and if its going away, we have to align ourselves with a > > > > service that can meet our repository needs using administrative > > > > control without user intervention. > > > > Bob > > > > > > On May 26, 12:53 pm, Sandip Shah <[email protected]> wrote: > > > > > Correction - it does not support the Google Apps APIs. > > > > > > > Sandip > > > > > > > On Saturday, May 26, 2012 10:28:17 AM UTC-7, Sandip Shah wrote: > > > > > > > > Hi Bob, > > > > > > > > OAuth 2.0 does not support 2-legged anywhere afaik. > > > > > > > > Which APIs are you using it with? > > > > > > > > Sandip > > > > > > > > On Saturday, May 26, 2012 7:30:30 AM UTC-7, bobpuffer wrote: > > > > > > > >> Is it just that OAuth 2.0 doesn't support 2-legged for the > > > > > >> provisioning? I'm using OAuth 2.0 2-legged all over the > > > > > >> place except the provisioning. > > > > > >> Thanks > > > > > > > >> On May 25, 7:25 pm, Claudio Cherubino <[email protected]> > wrote: > > > > > >> > Hi Bob, > > > > > > > >> > OAuth 2.0 doesn't support the 2-legged flow. > > > > > >> > If you use 2-legged OAuth 1.0 with the Provisioning API you > > > > > >> > don't > > > > have > > > > > >> to > > > > > >> > specify the xoauth_requestor_id parameter. > > > > > > > >> > Claudio > > > > > > > >> > On Fri, May 25, 2012 at 8:24 PM, bobpuffer > > > > > >> > <[email protected]> > > > > > >> wrote: > > > > > >> > > So... in order to programmatically provision user > > > > > >> > > accounts using > > > > > >> 2-legged > > > > > >> > > OAuth 2.0 would the xoauth_requestor_id be the email of > > > > > >> > > an admin > > > > > >> capable of > > > > > >> > > creating new accounts? I'm getting invalid header returns. > > > > > > > >> > > -- > > > > > >> > > You received this message because you are subscribed to > > > > > >> > > the Google > > > > > >> Groups > > > > > >> > > "Google Apps Domain Information and Management APIs" group. > > > > > >> > > To view this discussion on the web visit > > > > > >https://groups.google.com/d/msg/google-apps-mgmt-apis/-/uBM2KVOuStkJ. > > > > > > > >> > > To post to this group, send email to > > > > > >> > > [email protected]. > > > > > >> > > To unsubscribe from this group, send email to > > > > > >> > > [email protected]. > > > > > >> > > For more options, visit this group at > > > > > >> > >http://groups.google.com/group/google-apps-mgmt-apis?hl=en. > > > > > > > On Saturday, May 26, 2012 10:28:17 AM UTC-7, Sandip Shah wrote: > > > > > > > > Hi Bob, > > > > > > > > OAuth 2.0 does not support 2-legged anywhere afaik. > > > > > > > > Which APIs are you using it with? > > > > > > > > Sandip > > > > > > > > On Saturday, May 26, 2012 7:30:30 AM UTC-7, bobpuffer wrote: > > > > > > > >> Is it just that OAuth 2.0 doesn't support 2-legged for the > > > > > >> provisioning? I'm using OAuth 2.0 2-legged all over the > > > > > >> place except the provisioning. > > > > > >> Thanks > > > > > > > >> On May 25, 7:25 pm, Claudio Cherubino <[email protected]> > wrote: > > > > > >> > Hi Bob, > > > > > > > >> > OAuth 2.0 doesn't support the 2-legged flow. > > > > > >> > If you use 2-legged OAuth 1.0 with the Provisioning API you > > > > > >> > don't > > > > have > > > > > >> to > > > > > >> > specify the xoauth_requestor_id parameter. > > > > > > > >> > Claudio > > > > > > > >> > On Fri, May 25, 2012 at 8:24 PM, bobpuffer > > > > > >> > <[email protected]> > > > > > >> wrote: > > > > > >> > > So... in order to programmatically provision user > > > > > >> > > accounts using > > > > > >> 2-legged > > > > > >> > > OAuth 2.0 would the xoauth_requestor_id be the email of > > > > > >> > > an admin > > > > > >> capable of > > > > > >> > > creating new accounts? I'm getting invalid header returns. > > > > > > > >> > > -- > > > > > >> > > You received this message because you are subscribed to > > > > > >> > > the Google > > > > > >> Groups > > > > > >> > > "Google Apps Domain Information and Management APIs" group. > > > > > >> > > To view this discussion on the web visit > > > > > >https://groups.google.com/d/msg/google-apps-mgmt-apis/-/uBM2KVOuStkJ. > > > > > > > >> > > To post to this group, send email to > > > > > >> > > [email protected]. > > > > > >> > > To unsubscribe from this group, send email to > > > > > >> > > [email protected]. > > > > > >> > > For more options, visit this group at > > > > > >> > >http://groups.google.com/group/google-apps-mgmt-apis?hl=en. > > > > > > > On Saturday, May 26, 2012 10:28:17 AM UTC-7, Sandip Shah wrote: > > > > > > > > Hi Bob, > > > > > > > > OAuth 2.0 does not support 2-legged anywhere afaik. > > > > > > > > Which APIs are you using it with? > > > > > > > > Sandip > > > > > > > > On Saturday, May 26, 2012 7:30:30 AM UTC-7, bobpuffer wrote: > > > > > > > >> Is it just that OAuth 2.0 doesn't support 2-legged for the > > > > > >> provisioning? I'm using OAuth 2.0 2-legged all over the > > > > > >> place except the provisioning. > > > > > >> Thanks > > > > > > > >> On May 25, 7:25 pm, Claudio Cherubino <[email protected]> > wrote: > > > > > >> > Hi Bob, > > > > > > > >> > OAuth 2.0 doesn't support the 2-legged flow. > > > > > >> > If you use 2-legged OAuth 1.0 with the Provisioning API you > > > > > >> > don't > > > > have > > > > > >> to > > > > > >> > specify the xoauth_requestor_id parameter. > > > > > > > >> > Claudio > > > > > > > >> > On Fri, May 25, 2012 at 8:24 PM, bobpuffer > > > > > >> > <[email protected]> > > > > > >> wrote: > > > > > >> > > So... in order to programmatically provision user > > > > > >> > > accounts using > > > > > >> 2-legged > > > > > >> > > OAuth 2.0 would the xoauth_requestor_id be the email of > > > > > >> > > an admin > > > > > >> capable of > > > > > >> > > creating new accounts? I'm getting invalid header returns. > > > > > > > >> > > -- > > > > > >> > > You received this message because you are subscribed to > > > > > >> > > the Google > > > > > >> Groups > > > > > >> > > "Google Apps Domain Information and Management APIs" group. > > > > > >> > > To view this discussion on the web visit > > > > > >https://groups.google.com/d/msg/google-apps-mgmt-apis/-/uBM2KVOuStkJ. > > > > > > > >> > > To post to this group, send email to > > > > > >> > > [email protected]. > > > > > >> > > To unsubscribe from this group, send email to > > > > > >> > > [email protected]. > > > > > >> > > For more options, visit this group at > > > > > >> > >http://groups.google.com/group/google-apps-mgmt-apis?hl=en. > > > > > > > On Saturday, May 26, 2012 10:28:17 AM UTC-7, Sandip Shah wrote: > > > > > > > > Hi Bob, > > > > > > > > OAuth 2.0 does not support 2-legged anywhere afaik. > > > > > > > > Which APIs are you using it with? > > > > > > > > Sandip > > > > > > > > On Saturday, May 26, 2012 7:30:30 AM UTC-7, bobpuffer wrote: > > > > > > > >> Is it just that OAuth 2.0 doesn't support 2-legged for the > > > > > >> provisioning? I'm using OAuth 2.0 2-legged all over the > > > > > >> place except the provisioning. > > > > > >> Thanks > > > > > > > >> On May 25, 7:25 pm, Claudio Cherubino <[email protected]> > wrote: > > > > > >> > Hi Bob, > > > > > > > >> > OAuth 2.0 doesn't support the 2-legged flow. > > > > > >> > If you use 2-legged OAuth 1.0 with the Provisioning API you > > > > > >> > don't > > > > have > > > > > >> to > > > > > >> > specify the xoauth_requestor_id parameter. > > > > > > > >> > Claudio > > > > > > > >> > On Fri, May 25, 2012 at 8:24 PM, bobpuffer > > > > > >> > <[email protected]> > > > > > >> wrote: > > > > > >> > > So... in order to programmatically provision user > > > > > >> > > accounts using > > > > > >> 2-legged > > > > > >> > > OAuth 2.0 would the xoauth_requestor_id be the email of > > > > > >> > > an admin > > > > > >> capable of > > > > > >> > > creating new accounts? I'm getting invalid header returns. > > > > > > > >> > > -- > > > > > >> > > You received this message because you are subscribed to > > > > > >> > > the Google > > > > > >> Groups > > > > > >> > > "Google Apps Domain Information and Management APIs" group. > > > > > >> > > To view this discussion on the web visit > > > > > >https://groups.google.com/d/msg/google-apps-mgmt-apis/-/uBM2KVOuStkJ. > > > > > > > >> > > To post to this group, send email to > > > > > >> > > [email protected]. > > > > > >> > > To unsubscribe from this group, send email to > > > > > >> > > [email protected]. > > > > > >> > > For more options, visit this group at > > > > > >> > >http://groups.google.com/group/google-apps-mgmt-apis?hl=en. > > > > > > -- > > > > You received this message because you are subscribed to the Google > > > > Groups "Google Apps Domain Information and Management APIs" group. > > > > To post to this group, send email to > > > > [email protected]. > > > > To unsubscribe from this group, send email to > > > > [email protected]. > > > > For more options, visit this group at > > > >http://groups.google.com/group/google-apps-mgmt-apis?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Google Apps Domain Information and Management APIs" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-apps-mgmt-apis?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Google Apps Domain Information and Management APIs" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-apps-mgmt-apis?hl=en.**** > > ** ** > > -- > You received this message because you are subscribed to the Google Groups > "Google Apps Domain Information and Management APIs" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-apps-mgmt-apis?hl=en.**** > > -- > You received this message because you are subscribed to the Google Groups > "Google Apps Domain Information and Management APIs" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-apps-mgmt-apis?hl=en. > -- You received this message because you are subscribed to the Google Groups "Google Apps Domain Information and Management APIs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-apps-mgmt-apis?hl=en.
