0

I have spent the last couple of nights bashing my head against the wall amongst a see of conflicting out of date documentation and semi-helpful blog posts that were/are appropriate to what I am trying to do.

Essentially I want to write a wee personal app do download my images from PicasaWeb/Google+ and store them on my local hard disk.

I have managed to do the following:

  • Figured out the GData API for the appropriate request to get private album data (works fine in my 'google-logged-in' chrome browser)
  • Got the correct private data back from my GData URL with the token generated by the OAuth playground.
  • Managed to get an OAuth2 token back from https://www.googleapis.com/oauth2/v3/token using JWT.

However - when I try my access token I generate myself I get back a forbidden response with the message 'Not authorized to view access private'.

I am pretty stumped - my only guess is that my service account configured in google developers console doesn't actually have access to my personal google stuff like google+ photos. When I look in there I can see the OAuth playground has access. How do I give my app access - and do I need to in this scenario?

Thanks in advance, Robert

Robert Hughes
  • 1

1 Answers1

0

"my only guess is that my service account configured in google developers console doesn't actually have access to my personal google stuff".

Totally correct.

I guess I see 2-3 questions per month on SO where people have made the false assumption that a Service Account is some kind of proxy to their Google Account. It isn't. It's a completely new and independent account.

The two approaches you can take are:-

  1. Share the items to the Service Account so it has permission to access them.
  2. Give your app direct access to your Picassa account. See How do I authorise an app (web or installed) without user intervention? (canonical ?) for the steps involved.
Community
  • 1
  • 1
pinoyyid
  • 21,499
  • 14
  • 64
  • 115