You can authenticate with Google Cloud Storage to create your own instance of the Google Cloud Storage element through the UI or through APIs. Once authenticated, you can use the element instance to access the different functionalities offered by the Google Cloud Storage platform.
Authenticate Through the UI
Use the UI to authenticate with Google Cloud Storage and create an element instance. Because you authenticate with Google Cloud Storage via OAuth 2.0, all you need to do is add a name for the instance and provide your OAuth API Key and API Secret. After you create the instance, you'll log in to Google to authorize Cloud Elements access your account. For more information about authenticating an element instance, see Authenticate an Element Instance (UI).
After successfully authenticating, we give you several options for next steps. Make requests using the API docs associated with the instance, map the instance to a virtual data resource, or use it in a formula template.
Authenticate Through API
Authenticating through API is similar to authenticating via the UI. Instead of clicking and typing through a series of buttons, text boxes, and menus, you will instead send a request to our /instances
endpoint. The end result is the same: an authenticated element instance with a token and id.
Authenticating through API follows a multi-step OAuth 2.0 process that involves:
- Getting a redirect URL. This URL sends users to the vendor to log in to their account.
- Authenticating users and receiving the authorization grant code. After the user logs in, the vendor makes a callback to the specified url with an authorization grant code.
- Authenticating the element instance. Using the authorization code from the vendor, authenticate with the vendor to create an element instance at Cloud Elements.
Getting a Redirect URL
Use the following API call to request a redirect URL where the user can authenticate with the API provider. Replace {keyOrId}
with the element key, googlecloudstorage
.
curl -X GET /Elements/{keyOrId}/oauth/url?apiKey=<api_key>&apiSecret=<api_secret>&callbackUrl=<url>
Query Parameters
Query Parameter | Description |
---|---|
apiKey | The API key or client ID obtained from registering your app with the provider. This is the Client ID that you recorded during Google Cloud Storage API Provider Setup. |
apiSecret | The client secret obtained from registering your app with the API provider. This is the Client Secret that you recorded during Google Cloud Storage API Provider Setup. |
callbackUrl | The URL that the API provider returns a user to after they authorize access. This is the Authorized Redirect URL that you recorded during Google Cloud Storage API Provider Setup. |
Example cURL
curl -X GET \
'https://api.cloud-elements.com/elements/api-v2/elements/googlecloudstorage/oauth/url?apiKey=fake_api_key&apiSecret=fake_api_secret&callbackUrl=https://www.mycoolapp.com/auth&state=googlecloudstorage' \
Example Response
Use the oauthUrl
in the response to allow users to authenticate with the vendor.
{
"oauthUrl": "https://accounts.google.com/o/oauth2/auth?prompt=consent&access_type=offline&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdevstorage.full_control&response_type=code&redirect_uri=https%3A%2F%2Fauth.cloudelements.io%2Foauth&state=googlecloudstorage-dupe&client_id=10011628760-n0j35qr3ietmgse1cgavcngaubq06anm.apps.googleusercontent.com",
"element": "googlecloudstorage"
}
Authenticating Users and Receiving the Authorization Grant Code
Provide the response from the previous step to the users. After they authenticate, Google Cloud Storage provides the following information in the response:
- code
- state
Response Parameter | Description |
---|---|
code | The authorization grant code returned from the API provider in an OAuth 2.0 authentication workflow. Cloud Elements uses the code to retrieve the OAuth access and refresh tokens from the endpoint. |
state | A customizable identifier, typically the element key (googlecloudstorage ) . |
error
instead of the code
parameter. In this case, your application can handle the error gracefully.Authenticating the Element Instance
Use the /instances
endpoint to authenticate with Google Cloud Storage and create an element instance.
To authenticate an element instance:
Construct a JSON body as shown below (see Parameters):
{ "element": { "key": "googlecloudstorage" }, "name": "<INSTANCE_NAME>", "providerData": { "code": "XXXXXXXXXXXXXXXXXXXXXXX" }, "configuration": { "filter.response.nulls": "true", "filemanagement.provider.bucket_name": "XXXXXXXXXXXX", "oauth.api.key": "XXXXXXXXXXXX", "oauth.api.secret": "XXXXXXXXXXX", "project.id": "XXXXXXXXXXXXX", "oauth.callback.url": "https://auth.cloudelements.io/oauth" } }
Call the following, including the JSON body you constructed in the previous step:
POST /instances
Note: Make sure that you include the User and Organization keys in the header. For more information, see Authorization Headers, Organization Secret, and User Secret.Locate the
token
andid
in the response and save them for all future requests using the element instance.
Example cURL
curl -X POST https://api.cloud-elements.com/elements/api-v2/instances \
-H "Authorization: User <USER_SECRET>, Organization <ORGANIZATION_SECRET>" \
-H "Content-Type: application/json" \
-d
'{
"name": "<INSTANCE_NAME>",
"tags": [
"xxxxxxxxx"
],
"providerData": {
"code": "<INSERT>"
},
"configuration": {
"filter.response.nulls": "true",
"filemanagement.provider.bucket_name": "XXXXXXXXXXXX",
"oauth.api.key": "xxxxxxxxxxxx ",
"oauth.api.secret": "xxxxxxxxxx",
"project.id": "xxxxxxxxxxxxx"
}
}'
Parameters
API parameters not shown in Cloud Elements are in code formatting
.
Parameter | Description | Data Type |
---|---|---|
key | The element key. googlecloudstorage | string |
code | The authorization grant code returned from the API provider in an OAuth 2.0 authentication workflow. Cloud Elements uses the code to retrieve the OAuth access and refresh tokens from the endpoint. | string |
Namename | The name of the element instance created during authentication. | string |
oauth.api.key | The API key or client ID obtained from registering your app with the provider. This is the Client ID that you recorded during API Provider Setup. | string |
oauth.api.secret | The client secret obtained from registering your app with the API provider. This is the Client Secret that you recorded during API Provider Setup. | string |
oauth.callback.url | The URL that the API provider returns a user to after they authorize access. This is the Authorized Redirect URL that you recorded during API Provider Setup. | |
filemanagement.provider.bucket_name | The name of the bucket you created during API Provider Setup. | |
project.id | The id given by Google Cloud Platform after you create a project. Refer to API Provider Setup for more information. | |
tags | Optional. User-defined tags to further identify the instance. | string |
Example Response for an Authenticated Element Instance
In this example, the instance ID is 12345
and the instance token starts with "ABC/D...". The actual values returned to you will be unique: make sure you save them for future requests to this new instance.
{
"id": 12345,
"name": "Google Cloud Storage",
"key": "googlecloudstorage",
"description": "Google Cloud Storage is a Restful online file storage web service for storing and accessing data on Google Cloud Platform infrastructure.",
"image": "https://images.cloudelements.io/google-cloud-storage201908151321.png",
"logo": "gcstorage",
"active": true,
"deleted": false,
"typeOauth": false,
"trialAccount": false,
"configuration": [
{
"id": 300511,
"name": "OAuth Scope",
"key": "oauth.scope",
"description": "Google Cloud Storage OAuth Scope",
"defaultValue": "https://www.googleapis.com/auth/devstorage.full_control",
"resellerConfig": false,
"companyConfig": false,
"active": true,
"internal": false,
"groupControl": false,
"displayOrder": 1,
"type": "TEXTFIELD_64",
"hideFromConsole": true,
"required": false
}...
],
"resources": [...],
"objects": [...],
"models": [...],
"transformationsEnabled": true,
"bulkDownloadEnabled": false,
"bulkUploadEnabled": false,
"cloneable": true,
"extendable": false,
"beta": false,
"authentication": {...},
"hooks": [...],
"extended": false,
"modelType": "basic",
"useModelsForMetadata": true,
"hub": "documents",
"protocolType": "http",
"parameters": [...],
"private": true
}