Pregunta

We are developing a web service application to retrieve Google Analytics data for user's website using Google Analytics API. The challenge we are facing is, at the authorization part. We are confused as to, which option to use for client authorization to access the analytics data. As we are the third party application, it's obvious that the website owner wouldn't want to divulge any of his secret account information to us. We are well aware of each option, it’s just that we need to know which is the safest / secure option for the website owner to provide us to access the analytics data.

Few options we know are:

  1. Sharing client secrets file with us, or
  2. Sharing service account details, or
  3. If there is any other secure option which can be used here please let me know.

Any guidance is appreciated.

¿Fue útil?

Solución

Had posted the question in google groups site. Suggestion was to use OAuth 2.0 for Web Server applications.

Here is the link to the answer.

Licenciado bajo: CC-BY-SA con atribución
No afiliado a StackOverflow
scroll top