I'm using the Gmail API in a .Net project using the client_secret.json file.
Is that totally free, or is there any cost we need to pay for using Gmail API?
Also how long is the client_secret.json valid? Is there any expiry of the file?
The Gmail API, like Gmail itself, is (currently) a free service from Google.
(Note that Google does offer additional features for various apps, and charges for those features. See "Gsuite": https://gsuite.google.com/pricing.html?tab_activeEl=tabset-companies)
There are quota (usage) limits on the API.
For client-secrets.json (credentials used for server-to-server authentication), there is no expiration. Of course, a given client secret will stop working if you revoke it (delete it) through the Google developer console.
There is no billing marked for the Gmail API however there are usage limits: https://developers.google.com/gmail/api/v1/reference/quota
The previous answers date back to 2018. Since then Google has updated its policies. Gmail API can be used freely for development purposes, but they charge a hefty one-time fee for production. For more info refer to this blog:
Related
I wanted to write a class library to watch over an inbox for new mails with a particular subject and download the attachment. The end goal is to publish the library in Azure as a WebJob / API with the ability to use this library to host it on-premise. We are also planning to integrate this with a workflow functionality that we have already developed. I have found the following stuff online but have some limitations with each.
Logic Apps has a connector but I will have to write something separate for on-premise.
Office Rest APIS has several APIs exposed but all of these has redirect URL for logging user in. I wanted something like a service principal in this case which can call the URL directly without redirection to MS login page.
Other articles uses Interop DLLs which I guess would create problems when hosting as a WebJob as I have seen in the past.
Please help me with the what would be the best approach and if there is a library built in for this which I'm not able to find.
Thanks a lot in advance.
The Microsoft Graph API would be a pretty good place for getting user emails.
Here is the operation you are looking for: https://graph.microsoft.io/en-us/docs/api-reference/v1.0/api/user_list_messages
So you will need to make a request to something like:
https://graph.microsoft.com/v1.0/users/user#company.com/messages
And you can do this with a service principal. You will need the Mail.Read app-only permission (Read mail in all mailboxes). This will require you to be an Azure AD admin to consent. You can find details on the permission scopes here: https://graph.microsoft.io/en-us/docs/authorization/permission_scopes.
Oh, and there are SDKs so you don't need to write all the stuff yourself: https://graph.microsoft.io/en-us/code-samples-and-sdks
I am trying to read emails from my O365 mailbox through a windows forms application. I want my application to read emails from O365 mailbox using my username and password.
Is it possible to access the O365 api without registering the application on the Azure? (only using user credentials)
I followed this article on msdn, https://msdn.microsoft.com/en-us/library/office/dn567668(v=exchg.150).aspx
I have an issue in this line:
result = context.AcquireToken(resourceId, ClientID, _returnUri); // parameters are no longer valid in this method
Yes, you can do with with Exchange web service API. It is designed for client application. Follow the link, you can find a lot of examples.
One note is: to create the service client, you need specify the version of the Exchange Server, it should be ExchangeVersion.Exchange2013_SP1 for exchange online.
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2013_SP1);
(Second) UPDATE:
As of March 18, 2021 - the retirement of Exchange Web Services basic authentication has been placed on hold until further notice. Please see the latest attached link.
UPDATE - Exchange Online deprecating Basic Authentication
(First) UPDATE:
Microsoft announced on the 3rd April 2020, that in light of the current COVID-19 crisis, Exchange Web Services would continue to operate as current until the second half of 2021 for tenants still actively using it.
We will continue to disable Basic Authentication for newly created
tenants by default and begin to disable Basic Authentication in
tenants that have no recorded usage starting October 2020
Basic Authentication and Exchange Online - April 2020 Update
The below post still applies with respect to the changes, it has just been postponed with no precise date. See the link above for full details.
ORIGINAL:
Given how this is a fairly popular question appearing quite high up on Google search rankings, it's probably worth noting that there is only 12 months left (at the time of writing) to use the Exchange Web Services before it is retired.
The preferred method to connect to these services is through OAuth.
Q: Will my application stop working when you make this change?
A: It might, yes, it depends on the app itself and how it was coded.
If it’s using EWS, and if it’s using Basic authentication then yes, on
October 13th 2020 it will fail to connect. However, if the app is
using Modern Auth/OAuth, then no, it will keep working as it did
before.
Upcoming changes to Exchange Web Services (EWS) API for Office 365
For anyone currently using the above method by Matt for Office 365 mail services, this will apply.
Anyone using on-prem exchange services remains unaffected.
I have an application running on a server that periodically extracts data from Google Analytics. It doesn't issue many queries so I don't think any limit would be a problem.
I have a prototype running, however I had to provide a login a password for the authentication (in code).
I see that I can generate API keys and other kind of authentication bits and pieces in the Google APIs Console, however I am not sure how to use them and whether they can be used in place of the login/password.
It just doesn't seem right to use a user login/password to authenticate a server application.
Is there another way?
(I am using the C# client library)
You should be using OAuth 2.0. See:
http://code.google.com/p/google-gdata/source/browse/trunk/clients/cs/samples/oauth2_sample/oauth2demo.cs
for a sample OAuth workflow.
The best way to do this is with Google Service Accounts
https://developers.google.com/accounts/docs/OAuth2ServiceAccount
However, I don't know off the top of my head the best library for c#, but there does appear to be support for it in the Google library. http://code.google.com/p/google-api-dotnet-client/wiki/OAuth2#Service_Accounts
Here's a answer specifically about the PHP client.
Service Applications and Google Analytics API V3: Server-to-server OAuth2 authentication?
I'd like to write a console program in C# that posts a Tweet to Twitter. I've never used the Twitter APIs before and don't know anything about how their authentication works. I found an API library called Twitterizer, but it seems geared towards web applications and wants the user to logon with a web browser. All the API docs on Twitter's website seems geared around this scenario as well.
Is it possible to access the Twitter APIs using a console app with no web browser access? I'm perfectly fine hard coding in the name and password for the Twitter user I want to post under as well. Thanks!
Mike
You'll need to use OAuth for authenticating in twitter.
Then use regular HTTP Request to use the twitter JSON-based API.
Here you can find a good article about OAuth, Twitter and console applications.
Also take a loot at linq2twitter lib. From it's documentation;
The Twitter API is built using
Representable State Transfer (REST).
Wikipaedia defines REST as "...a style
of software architecture for
distributed hypermedia systems...",
but I'm going to be so bold as to try
to simplify what that means. In
practice, REST is a Web service
protocol built upon Hypertext Transfer
Protocol (HTTP). You use the REST Web
service by making an HTTP call with a
URL and getting text back in some
form, which is often XML or JSON. So,
if you were to write code that made an
HTTP request with the following URL:
http://api.twitter.com/1/statuses/public_timeline.xml
You would get back an XML document
with all of the Twitter statuses from
the public timeline, which is a
snapshot in time of the last 20 tweets
at the time of your request. Go ahead
and open your browser, copy and paste
the URL above into the address bar,
and see what you get back.
I couldn't find any decent information on the web on how to do this, so I decided to write my own blog post with all the details.. Enjoy!
http://blog.kitchenpc.com/2011/01/22/rise-of-the-twitterbot/
of course you can use anything to connect to Twitter via RESTful api.
you should use oauth, and set up your application in http://dev.twitter.com, then you should read all articles listed in documents, you must specify your app as Client but not Browser so user input a number to get through authentication.
you can use many libraries so that you can save your time, all are listed in the documents
and be CAREFUL, you should not use Twitter's own api console which is buggy (as i know parameters somtimes can't be parsed), you should use APIgee instead which is powerful and stable.
if you want use basic authentication, you should use api proxy (one famous is twip), if you just need only one single C# apps, you must code by yourself:
you should use given username and password to login twitter, parse cookies passed
use normal oauth to get temporaly access token url.
use cookies got from step 1, emulates form submit to allow your apps, capture PIN code
use pin code to finish oauth.
MOST IMPORTANT, you must store access token in client's machine so next time you can bypass above steps
Just wrote a Twitter Bot in C#. This is currently posting tweets to #valuetraderteam.
https://gist.github.com/sdesalas/c82b92200816ecc83af1
The API component in the GIST below is less than 500 lines, only dependency is Json.NET, you'll need to download the latest DLL for either x64 or x86 (depending on what platform you are targetting) and include as a reference in your project.
There is an example at the bottom of the page of how you can make a tweet from a console application
Hopefully this is useful to some other people out there.
I am in the processing of developing a web application which will integrate directly with a Google Calendar associated with a specific Google account. The account being accessed by the Google Data API is not likely to change, so I'm unsure what the most appropriate account authentication method is going to be.
I've reviewed the options avilable and it would seem that AuthSub and OAuth are inappropriate as I will not be logging users into their own account- only displaying and updating a fixed account. The other options available are ClientLogin and Gadgets authentication. Of all of them, ClientLogin seems the best fit, but the documentation states that it is intended for installed applications. While the web application I am developing is not specifically an installed application, it closely mirrors one in this scenario- which is why I think ClientLogin makes the most sense.
Which Google authentication option would be the best fit in this scenario?
After reading http://code.google.com/apis/gdata/docs/auth/overview.html it seems to me that OAuth is the most secure way to achieve your goals. Google recommends OAuth or AuthSub over ClientLogin for Web Applications. In addition using OAuth and AuthSub prevents your application from ever having control of the users email and password meaning you dont need to take the extra steps to protect and update the information. Between OAuth and AuthSub, OAuth is more universally adopted, and more secure due to the fact that requests are signed. Hope that helps.
EDIT: So I misunderstood exactly what your application was doing, if you are only using your google account any method of authentication is probably fine, that said google recommends OAuth or AuthSub for web apps. However the important thing to find out about OAuth and AuthSub is what the life of the token is. If there is no way to make the token last for a long time (months, years) then I would try to use ClientLogin, because then your application will always be able to login to the account. As a side note however for security I would recommend you NOT use your primary google account for the application instead create a second account and simply share the calendar with your primary account, that way if you application was compromised you would not lose your primary google account.