I get an API-Key (but without OAuth approval) but when I use it, I have
then the error "Fehler 401: invalid_client The OAuth client was not
found."
Is it necessary (where in your description
stands "https://www.example.com" ) ("java script origins") to insert an
url where allready a real webserver is running in the internet?
Sorry for this perhaps "stupid" looking questions. Although I'm an experienced developper for desktop-application development, the web development is totally new for me. But I could imagine that other people, which will have a look at tmsweb will perhaps also struggle here, so a clarification would perhaps help more people...
- Select "OAuth client ID" in the "Create Credentials" and not "API Key". This will provide you with the "Client ID" and "Client Secret" that are required for authorization.
- There is no need to enter an URL for JavaScript Origins As redirect URI you can use a localhost URL (example: "http://localhost:8889/")
- Make sure to have the identical values assigned for your component.
Thank you for your answer. In the demo you set als callback-url:
WebGoogleCalendar1.App.CallbackURL :=
'http://localhost:8000/TMSWeb_GoogleCalendar/index.html';
Sow what sould be used? 8000 or 8889?
And do I have to input at the google-side only the adress (without or with TMSWeb_GoogleCalendar/index.html" ?
When
I try to add the "secret"-value in the component itself or at runtime
like "WebGoogleCalendar1.App.Secret := '[the value]';" then I have the
error while compiling "[Error] Unit1.pas(97): identifier not found
"Secret""
By the way, what is the right value for Secret? Client_ID or ClientKey?
Please use the full url of the web application (like in the demo) with the same port number as you can see in the browser when the app is running as redirect uri in the Google console.
Note that you only need to set the App.Key property, the App.Secret property is not required in this case.
Thank you for this information, so it works (beside of the issue, that there is a 2 factor-authentifaction neccessary, but tablet or smartphone is greyed out as option).
So thank you for your help, but I think the information in the source of the app is a little bit missleading, where is written in the comment, that the "GOOGLE-APIkey" is to add there. How we have found out it is more a client-ID nr of the OAuth-Info. Perhaps there should be add a clarification...
But never the less, thanks for the help, that leads to a success... :-)
could you please state which "Scopes for Google API" need to be selected in the OAuth consent screen? It used to work without any special rights. But it seems Google changed its OAuth policy recently and now the OAuth consent screen settings I used to have are no longer sufficient.