Google APIs Console - missing client secret

Question

I tried to create a testing client id for an android app which uses OAUTH 2.0 as login for retrieving user profile. I followed the steps to complete the creation of the client id on google console, but I do not see anywhere the client secret. I'm trying to help my employer with getting google credentials for it's app. I know how to implement OAUTH 2.0 in android, but I need client secret to exchange the code with access token.

First, I selected "Google+ API" from Services tab. Then followed the on screen steps from API Access tab. enter image description here

I created a new service account, dowloaded a new JSON, after that everything worked. — MingalevME, Feb 01 '16 at 12:59

score 26 · Accepted Answer · edited May 23 '17 at 12:09

26

It seems that Google finally ditched the unnecessary client_secret for installable applications and is not yet up-to-date with their documentation. You should check if you already get an access_token in the initial OAuth request like it's handled on Facebook.

Another possibility would be to fall back to using a Simple API Access key.

Update:

First method seems to not work with Google.

The recommended way for Android is to use AccountManager instead of baking your own requests. Follow this example to see how this is implemented and how you get an AuthToken using a Simple API Access key. Instead of using the Tasks API you can then include the OAuth2 API library to retrieve the userinfo.

edited May 23 '17 at 12:09

Community

1
1

answered Jul 02 '12 at 15:43

Jan Gerlinger

7,361
1
44
52

It's not working only with access_code. String authorizationUrl = new GoogleAuthorizationCodeRequestUrl( OAuth2ClientCredentials.CLIENT_ID, OAuth2ClientCredentials.OAUTH_CALLBACK_URL, v).build(); – Alexandru Circus Jul 03 '12 at 08:21
and mWebView.loadUrl(authorizationUrl); – Alexandru Circus Jul 03 '12 at 08:21
above will provide access code but I need access token and I need client secret to exchange the code for the access token. Is there any other solution besides using a Simple API Access key.? I need to get user profile – Alexandru Circus Jul 03 '12 at 08:23
Server returned HTTP response code: 401 for URL: https://www.googleapis.com/oauth2/v1/userinfo?access_token=4/PJiXNBRRdGBYqwXcjbncU2bTXWIu.wh4n9s6ST8wYOl05ti8Z... – Alexandru Circus Jul 03 '12 at 08:27
above is when trying to access user profile using the initial code token. I guess exchanging it with an access token will solve the 401 error. – Alexandru Circus Jul 03 '12 at 08:28
Thanks. I will try this. Please note that I tried(without success) in the past to use Accountmanager, but the tokens provided by it were client login tokens, not OAUTH, so I can't access user info with client login. http://stackoverflow.com/questions/9872495/gdata-get-accountself-contact-first-and-last-name. But I see now that i can get an OAUTh token from android Acc Manager. Thanks again. – Alexandru Circus Jul 04 '12 at 11:08
4

Thanks, it is working. I implemented all from https://developers.google.com/google-apps/tasks/oauth-and-tasks-on-android and changed String AUTH_TOKEN_TYPE = "oauth2:https://www.googleapis.com/auth/tasks"; into String AUTH_TOKEN_TYPE = "oauth2:https://www.googleapis.com/auth/userinfo.profile"; Thanks, you saved me Jan. – Alexandru Circus Jul 04 '12 at 12:05
1

The link to the example you provide Jan Gerlinger, is to an article that has been deprecated. I think the final solution might be to use the Google+ Sign In procedure https://developers.google.com/+/mobile/android/getting-started – marienke Feb 27 '14 at 11:43
I cant see the client ID in any of the code examples in the links here. I need to put the client id somewhere right?? – Ofek Agmon Jan 14 '15 at 06:15

score 10 · Answer 2 · answered Mar 26 '13 at 04:24

10

Click on "Download JSON " Is it what you're looking for ? enter image description here

answered Mar 26 '13 at 04:24

George Nguyen

2,169
1
16
7

1

Cheers, I found the secrets inside my JSON! – Jack Mar 12 '14 at 18:07
23

i downloaded it. but, i did not found secret id. how can i get – harikrishnan Oct 13 '14 at 12:23
@Jack I also didn't find it. – curiousMind Sep 27 '17 at 13:44
@harikrishnan I have the same issue. The Google docs want me to send a client secret I never got. Also the JSON and the Google Developer Console does not contain a client secret. EDIT: I know that it is a old comment of you, but it seems like Google removed the client secret completly but did not update their documentation. – user3772108 Jul 09 '21 at 13:42
this could help! https://stackoverflow.com/a/73820604/6769119 – Mukundhan Sep 22 '22 at 21:05

score 3 · Answer 3 · answered Aug 24 '17 at 16:06

Since almost everything from the accepted answer has been deprecated, I thought I'd share what I've found.

I needed the People API which requires a client secret. What Google recommends for using People API with Android is,

Select the application type Other, enter the name "People API Quickstart", and click the Create button.

Found here: https://developers.google.com/people/quickstart/java (Step 1 part e)

So if you need a client secret, you might consider using the Other type. Of course, follow the documentation for your specific API first.

Nice buddy!! I will try with it. Thanks – curiousMind Sep 27 '17 at 13:48 — curiousMind, Sep 27 '17 at 13:48

score 2 · Answer 4 · answered Sep 19 '13 at 13:55

Just today I found out that on the new Cloud Console we can see the client secret for android apps - while in the old google console we just can't.

To use the new Cloud console, just click on the message "We are improving the experience. Try the new Cloud Console." Google will ask for a SMS confirmation. Now you'll be redirected to the new cloud console

click this message to use the new cloud console

Now, just select your project, click on "Registered Apps" on the left menu, selected your android app, and voilá, on oAuth 2.0 Client Id you'll see your client secret. No idea why on the old google console it's not displayed, but if you really need a client secret key, it's there.

here we can see the client secret for android apps

There is no "Registered apps" option on my side. What do I have to do to see it? — marienke, Feb 26 '14 at 13:09

score 1 · Answer 5 · answered Jan 02 '21 at 17:52

1

Now that the type Other is unavailable, I used type Desktop since I wish to upload using Visual Studio which is a Desktop app. That worked, I got the client id and client secret.

answered Jan 02 '21 at 17:52

Sudherson Vetrichelvan

557
5
12

score 1 · Answer 6 · answered Sep 22 '22 at 20:58

1

When you update any changes in the credential, make sure you could see the client ID and secret in the dashboard before downloading.

Google cloud takes at the least 10 seconds to regenerate the client id and add it in the json.

Once json is downloaded you can check for client_secret to be present.

answered Sep 22 '22 at 20:58

Mukundhan

3,284
23
36

This is the most valid answer that applies to date, i was goign crazy that where has the client secret gone unless i bumped on this answer and followed the same and guess what, after refreshing the same edit page after 5 mins the client secret was there again on the right column after the client ID – Muhammad Omer Aslam Oct 18 '22 at 01:15
1

@MuhammadOmerAslam we all had been there.. lol :p – Mukundhan Oct 19 '22 at 04:15

score 0 · Answer 7 · answered Aug 23 '23 at 14:46

What worked in my case (I need Client ID and Client Secret for Unity) was to create first Web Application type of application. It contains both Client ID and Secret. Then I used it in Unity as input and then I registered in Google Console a new OAuth ID client for Android application (using SHA1 and module name. With this it finally worked, however it looks more like a workaround and not proper way of working.

score -1 · Answer 8 · answered Feb 11 '15 at 11:37

source said that : Visit the Google Developers Console to obtain OAuth 2.0 credentials such as a client ID and client secret that are known to both Google and your application. The set of values varies based on what type of application you are building. For example, a JavaScript application does not require a secret, but a web server application does.

score -2 · Answer 9 · answered Mar 28 '13 at 13:59

-2

Another solution is that you have to create a client ID with the type of "Installed Application" then you will have the Client secret

answered Mar 28 '13 at 13:59

George Nguyen

2,169
1
16
7

Google APIs Console - missing client secret

9 Answers9

Linked