I am working on a dashboard for my colleagues that shows some statistics from Google Analytics along with some other statistics. To access Analytics data, I use OAuth2. OAuth2 requires that the send area be sent along with the authentication request in order to receive access tokens. I created a client identifier in the API console that has access to Google Analytics, and specify an area in the initializer that looks like this:
Rails.application.config.middleware.use OmniAuth::Builder do provider :google_oauth2, ENV['ADMIN_DASHBOARD_GOOGLE_CLIENT_ID'], ENV['ADMIN_DASHBOARD_GOOGLE_CLIENT_SECRET'], { access_type: 'online', approval_prompt: '', scope: 'http://gdata.youtube.com,userinfo.email,userinfo.profile,analytics.readonly' } end
In this case, the omniauth-google-oauth2 and the area that I found in the example somewhere are used. However, for my implementation, I think this area is strange. Instead of http://gdata.youtube.com,userinfo.email,userinfo.profile,analytics.readonly I would like to use https://www.googleapis.com/auth/analytics.readonly , but when you change this area, the request returns invalid_credentials . What is the correct way to specify only access to analytics data?
source share