Login/Register
YouTube APIs - Access mutiple youtube channels (Brand Accounts) using Google Admin account
Asked Answered
youtube-apiyoutube-data-apiyoutube-analytics-api
A

4

16

I need to extract information from videos using YouTube Analytics and Reporting Api.

I have access to multiple YouTube Brand Accounts, when I log into YouTube with my Google Account.

Using the "Try it" for testing the API, I'm only able to retrieve data for a channel once I switch to the Brand Account that this channel belongs, otherwise I get 403 - Forbidden error.

Is there any way to extract data using the Google Account that I'm using to log in? Because once I create the credentials in developers console, they will be associated to the Google Account and not to the Brand Accounts.

My google account has Manager Role on the brand accounts.

I've search for the onBehalfOfContentOwner field to be used in requests, but I don't know how to get this ID, and I'm not sure if this is applicable in my situations, since we're talking about Brand Accounts, correct me if I'm wrong.

Askew answered 7/12, 2016 at 11:41 Comment(0)
E
25

I fought with this just two days ago. Turns out it IS possible, it's just undocumented and works a bit differently than you'd expect:

Once I create the credentials in developers console, they will be associated to the Google Account and not to the Brand Accounts.

I had the same exact misconception when I first tried (even went so far as to find out the brand account's client_id). Turns out you don't want to use the brand's oauth info -- you want to use your own client_id/client_secret to create a refresh token on behalf of the brand account then use that to create auth tokens.

Steps:

  1. Using your main account create an oauth client_id and client_secret via https://console.developers.google.com/apis/credentials
  2. Edit the client_id/client_secret entry you just added and add "https://developers.google.com/oauthplayground" to the "Authorized redirect URIs" at the bottom of the page.
  3. We're going to create a refresh token the lazy way. Go to https://developers.google.com/oauthplayground/
  4. Click the gears on the top right corner and set access type to "offline", then click "Use your own OAuth credentials" and enter the client_id and client_secret you created in step 1.
  5. Select the scopes you want to give it access to. Click authorize APIs.
  6. Here's the magic bit: You'll now be asked to "Choose an account". Choose the brand account you want to access here, NOT your main account. Since you have permission to access it this'll work fine even though you're using your own client_id and client_secret
  7. Allow the permission access when it prompts you, then you'll be brought back to the oauth playground.
  8. Click "Exchange authorization code for tokens"
  9. Grab the refresh token and use it like normal to generate auth tokens as needed.

Congratulations, you now have api access to the brand account!

Hope that helps.

Edomite answered 14/7, 2017 at 15:1 Comment(11)
Can you pl. Elaborate point#9? Do you mean that it has to be used instead of client id and select brand account in concent screen? Or after doing this I can access brand account api reports using google account?Misplay
You use the refresh token to generate a normal auto token using whatever sdk (or manual calls) you want. And then you use the auth token to make api requests as usual.Edomite
Clear. Thank you. I will give a try.Misplay
Finally I got it using refresh token. Thank you for the solution you provided.Misplay
Can you please help me in point # 9? I had completed all the steps and when I click on "Exchange authorization code for tokens", it returns { "error_description": "Unauthorized", "error": "unauthorized_client" } JSON Object and no refresh tocken is return. I had even tried it in incognito mode but no success...Doss
Just FYI In steps 6-7 after choosing my brand account, I got this error: Error 403: access_denied The developer hasn’t given you access to this app. It’s currently being tested...I had to go back to GG Console - OAuth Consent Screen & added myself as test user to the app.Johnny
Hi @RavindraGullapalli, & Paolo could you explain a bit more the steps after getting the refresh token? I want to use the Youtube Data API to run Google App Scripts against a Youtube brand account. How do I use the refresh token to generate the auth token that you speak of?Johnny
@Johnny you saved me. Didn't think I'll need to add myself as a test user!Ferguson
@paolo you are a legend! thank you for thisAnneal
Getting "admin_policy_enforced account restricted" at step 6 for a brand account I created a few days ago. Can follow all the steps for a brand account I've had for a long time (years). I wonder if it's a Google policy to block new channels from using the API.Catenane
Problem with the Refresh token is that in the docs they say it can revoked at any time as per Googles discretion. So I once managed to run a worker for 6 months from it.. but recently it keeps getting revoked every 7 days. Issue is my docker app doesn't have interactive browser access so I couldn't go to the consent screen to grab a new refresh token. I have to manually do it and it expires at the worst possible time.. stresses me outArdelia
I
4

The YouTube API is different then other google APIs. With other APIs you authenticate access to the full account. However with the YouTube API its channel based. You are going to need to authenticate your application once for each channel.

onBehalfOfContentOwner

This parameter is intended for YouTube content partners that own and manage many different YouTube channels. It allows content owners to authenticate once and get access to all their video and channel data, without having to provide authentication credentials for each individual channel. The actual CMS account that the user authenticates with needs to be linked to the specified YouTube content owner.

You need to be a YouTube partner then you can contact your account manager and get a CMS id. I have yet to figure out what magic one must archive to become a YouTube partner.

Isonomy answered 7/12, 2016 at 11:45 Comment(2)
@DalmTo so summary, I have to ask to each of my Brand Account (Channel) Managers to give me the CMS ID? Because honesly I don't know on which side we need to have a CMS account, on the Brand Accounts side or on my Google Account side.Askew
The managers I think should be able to get it. I can't be much help I have only worked with one other question that the person had a cms account. If memory serves Google had to enable it and give them the ID needed.Isonomy
C
2

I will give an update to @Paolo's incredible answer. In my case, I was trying to get my private videos using the Playlist.list api. I've never seen an api as poorly documented, asinine, and CONVOLUTED as youtube's api.

Context: I have a main google account for which my youtube api credentials are tied to (there is no google developer accounts for youtube brand accounts) but would like to get the private playlists (and videos) for my youtube account (a brand account). mine=true, key, channelId, onBehalfOfContentOwner, and onBehalfOfContentOwnerChannel all did NOTHING for me. I was getting either public playlists or api errors with various combinations and values of those parameters.

In the end, these were the steps I took to run a node script to get private videos from my brand account:

  1. Go to https://console.developers.google.com/ for your main google account.
  2. In the sidebar, go to APIs & Services, then Credentials
  3. At the top, click +Create Credentials, then Service account
  4. Under Service account details, enter any name, then click Create and Continue
  5. Under "Grand this service account access to project", click continue
  6. Under "Grant users access to this service account", click Done
  7. On the main credentials page that loads, click the newly created service account under Service Accounts
  8. In the tabs, click Keys
  9. Click the Add Key button, then Create new key
  10. Keep JSON, then click create
  11. Save the file as client-key.json in the root of your nodejs project
  12. Go to https://developers.google.com/oauthplayground
  13. Scroll to bottom of scopes and select YouTube Data API v3 v3, then https://www.googleapis.com/auth/youtube and https://www.googleapis.com/auth/youtube.readonly.
  14. In the window that pops up, click your youtube (brand) account, then allow
  15. In the next step, click Exchange authorization code for tokens
  16. Copy the access token
  17. Go back to your node script and use like this:
  const auth = new google.auth.GoogleAuth({
    keyFile: "client-key.json",
    scopes: [
      "https://www.googleapis.com/auth/youtube",
      "https://www.googleapis.com/auth/youtube.force-ssl",
      "https://www.googleapis.com/auth/youtube.readonly",
      "https://www.googleapis.com/auth/youtubepartner",
      "https://www.googleapis.com/auth/youtubepartner-channel-audit",
    ],
  })

  const authClient = await auth.getClient()
  google.options({ auth: authClient })

  const youtube = google.youtube("v3")

  const token = "your token here"

  const results = await youtube.playlists.list({
    part: [
      "snippet",
      "id",
      "contentDetails",
      "status",
      "localizations",
      "status",
    ],
    mine: true,
    auth: token,
    oauth_token: token,
    maxResults: 50,
  })

Note mine: true and that the token must be passed to BOTH auth and oauth_token, but not key. If either parameter is missing, the call will fail. (Why? No clue. Please tell me.) Also, you must continuously renew your access token in the playground after it expires.

Now, with all of this said, I encourage you to find me an api worse than the youtube api. My guess is you'll be hard-pressed to find one even half as ridiculous as this.

P.S. I believe there were additional things required before this such as enabling the youtube api and doing something on the OAUTH Consent Screen but I'm too exhausted with this thing to continue. Hopefully the Google console UX will be enough to guide you through those steps, though quite frankly, I doubt it.

Hope this helps and good luck, because you may actually need it.

Crosseyed answered 19/2, 2022 at 16:52 Comment(1)
The point is to use the refresh token that will send you back a new access token. there a libraries that do the whole implicit flow and works for a user session. but having an app run 24/7/365 .. is more complicated with a brand account.. the refresh token seems to expire randomly causing havoc for servicesArdelia
B
0

If you follow the solution for getting a permanent refresh token and use Java, this works for me

GoogleCredential credential = new GoogleCredential.Builder().setTransport(httpTransport)
                    .setJsonFactory(JSON_FACTORY)
                    .setClientSecrets(oauth2ClientId, oauth2ClientSecret)
                    .build()
                    .setRefreshToken(oauth2RefreshToken);


 this.youTubeClient = new YouTube.Builder(httpTransport, JSON_FACTORY, credential)
                    .setApplicationName(APPLICATION_NAME)
                    .build();

Required dependencies

<dependency>
    <groupId>com.google.apis</groupId>
    <artifactId>google-api-services-youtube</artifactId>
    <version>v3-rev212-1.25.0</version>
    </dependency>
<dependency>
    <groupId>com.google.auth</groupId>
    <artifactId>google-auth-library-oauth2-http</artifactId>
    <version>0.18.0</version>
</dependency>

These resources might also help once you have the refresh token:

Babin answered 31/10, 2019 at 23:45 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.