In this instruction blog, we will describe how to create OAuth 2.0 API keys on your Google account. These API keys are necessary in order to make API calls from ERPAG via Blockly scripts. The instructions show how the process itself currently looks. If in the meantime the design of the website we are describing changes, just follow the steps described in the Google documentation. In essence, regardless of possible website design changes, the principle remains identical and you will easily find your way and follow this instruction.

Since OAuth 2.0 authorization is a system with almost the highest level of security, the process of receiving API keys is much more complex than standard ones. Therefore it is necessary to follow the next steps:

  • First of all, you need to have a registered Google account with which you can access your data. This is the account you use to log into the Google service;
  • With your Google account, log into the Google Developer console;
  • Through the Google Developer console create a New Project;
  • After creating a New Project, fill in the parameters of the application that Google requires. After this, Google generates the necessary data (Client ID and Client Secret) for authorizing external applications (ERPAG, in this case).

Working with a Google account

Let’s start from scratch! First, create your Google account. Once you have your own Google account, log into the developer portal on the following page: https://console.developers.google.com.

google authorization page

After logging in to the developer portal, select the “Select a project” option as shown in the picture below.

google select a project

The next step is creating a new project by activating the „New project“ link.

google new project

Now follow the steps for creating a new project.

Enter the description (you can enter anything as a description), and click the „Create“ button.

google project name

After creating, select the project from the menu.

google select project

The next step is opening the main menu, and selecting the option „APIs & Services“ – „OAuth consent screen“.

google main menu

In your next step, select the option „External“, and click on the „Create“ button.

google authorization oauth

Now follows a sequence of several pages where you must fill in all the mandatory data (fields marked with an asterisk).

oauth consent screen

Now you should enter information regarding API resources (Scopes) you want to access (for example Gdrive, Gmail, Maps, etc). In addition to the basic offered options, manually enter additional ones (consult the Google API Library documentation). More information from Scopes can be found on the following link https://developers.google.com/identity/protocols/oauth2/scopes.

google oauth scopes

Adding a Test user in Google

Add a Test user (enter your email account) in the following step.

google oauth test users
google oauth consent screen

Now in the menu activate the option „Credentials“ – „Create Credentials“ – „OAuth client ID“

google create credentials

In the Application type field, select the “Web application” option. In the Authorized redirect URIs field, enter the link https://app.erpag.com/oauth2.aspx as shown in the picture, and finally click the “Create” button.

create Oauth client id google

Your credentials are finally generated and now it is necessary to download them. Activate „Download“ option as shown in the image below.

download credentials google

Finally, you got the “Client ID” and “Client secret” data, which you need to save in order to enter them in ERPAG later.

google oauth credentials

Now your Google API is ready for API calls that you will be able to create yourself and call them from ERPAG.

At the end, it is necessary to create a new API Authorization in ERPAG with the parameters you just generated on the Google developer console.

Log in to ERPAG and activate the “Administration – Customization” – “API Authorizations” option.

Working in ERPAG

ERPAG API AUTHORIZATION

Select option „ADD NEW“ – „OAuth 2.0“.

add new oauth 2.0

For API calls to Google, it is necessary to first authorize the application. This means that you have to enter many parameters that you can find on the following website https://developers.google.com/identity/protocols/oauth2.

You will find out that the basic setup of the authorization process itself requires you to study the huge documentation. That’s why we at ERPAG have created Templates for several different services. Here you only need to enter two basic data, while the other parameters are filled in automatically. In case you need any modification, you can always correct the offered parameters afterward, but it must be according to the documentation of the service you want to authorize (in this case, Google).

By entering the “API authorization” form, go to “Template” and activate the “Google” option as shown in the image.

select google template

Entering Client ID and Client Secret

Now it’s required to enter „Client ID“ and „Client Secret“ from Google. At the end, confirm the import.

client id and client secret

After import confirmation all required parameters will be automatically set up. Finally, save the document.

api authorization

As you can see from the picture, the document status is “NOT AUTHORIZED”. This means that we only entered the parameters, but the application is still not authorized. Now it is necessary to activate the “Get a new Access Token” button to finally allow access to your Google API service.

erpag get new access token

By activating the “Get a new Access Token” option you are starting the process of connecting ERPAG with Google through the OAuth 2.0 protocol, which requires you to log in to your Google account and allow access.

After successful authorization, the status will be “AUTHORIZED”. If some of the input parameters are incorrect or you have quit the authorization, the status can be “AUTHORIZATION ERROR”.

google authorized

Successful authorization considers that ERPAG received an authorization token and refresh token from Google, that looks as follows:

{
"access_token": "ya29.a0Ad52N38d4LIToZMlUx2z04leSHhSPsmgMYVWbkcGEetBf3j1XDJLZmOZDLw0171",
"expires_in": 3599,
"refresh_token": "1//09MZH0hw8BlJCgYIARAAGAkSKjgk787tMkvgkl8tM877680NBvctzhbTJ8O6K3l1UtFUHiquYf48Sm1w",
"scope": "https://www.googleapis.com/auth/userinfo.profile openid https://www.googleapis.com/auth/userinfo.email",
"token_type": "Bearer",
"id_token": "eyJhbGciOiJSUzI1NiLKjhghLkGgfjkui70hjg0hhljhfIjbbgjklojhfgeDViZjI5NmQ2NzI2jb20iLCJhenAiOiIyMjc3OTMxNzg2O-DEtcTZpZnVkZnNvbW10N3Y3NGRu9udGVudC5TZpZnVkZnNvbW10N3Y3NGRuOTB2czVkbGVpY2phYWcuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJzdWIiOiIxMTUyOTY5NzIxMjY0Nzg0NjgyNTciLCJlbWFpbCI6InN0ZXZhLmVycGFnQGdtYWlsLmNvbSIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJhdF9oYXNoIjoialh5TFZfaC1YY0EzQWNiRXQwYmE4USIsIm5hbWUiOiJTdGV2YSBFcnBhZyIsInBpY3R1cmUiOiJodHRwczovL2xoMy5nb29nbGV1c2VyY23M9JUHSU9hUPrRw"
}

ERPAG Stores the received access token in your database. You can use it through Blockly scripts by making new API calls to Google according to your needs. Since the received token has a limited duration (expires_in in seconds) and if the token expires, ERPAG will use the refresh token data to automatically get a new access token.

Start NOW

Read More

Related Posts

How Great Inventory Software Can Help Fight Inflation

In today's rapidly fluctuating economy, businesses face the daunting challenge of fighting inflation. Rising costs can erode profits and disrupt operations, making it essential to adopt strategies that mitigate these impacts. One powerful tool in this battle is...

read more
​ERPAG API – Xero OAuth 2.0 authorization

​ERPAG API – Xero OAuth 2.0 authorization

In this instruction blog, we will describe how to create OAuth 2.0 API keys on your Xero account. These API keys are necessary in order to make API calls from ERPAG via Blockly scripts. The instructions show how the process itself currently looks. If in the meantime...

read more