Generate Api Key How It Works
TOPS ONE works with multiple partners to improve your TOPS ONE experience. This guide will give you step-by-step instructions on how to enable a partner and generate an API key. Keys are community-specific, a unique key must be provided to the partner for each community that will want to use their services. I am just starting to think about how api keys and secret keys work. Just 2 days ago I signed up for Amazon S3 and installed the S3Fox Plugin.They asked me for both my Access Key and Secret Access Key, both of which require me to login to access.
Introduction
This document is intended for developers who want to write applications that interact with YouTube. It explains basic concepts of YouTube and of the API itself. It also provides an overview of the different functions that the API supports.
Before you start
You need a Google Account to access the Google API Console, request an API key, and register your application.
Create a project in the Google Developers Console and obtain authorization credentials so your application can submit API requests.
After creating your project, make sure the YouTube Data API is one of the services that your application is registered to use:
- Go to the API Console and select the project that you just registered.
- Visit the Enabled APIs page. In the list of APIs, make sure the status is ON for the YouTube Data API v3.
If your application will use any API methods that require user authorization, read the authentication guide to learn how to implement OAuth 2.0 authorization.
So this library does not have this API. KevinBlandy: # AttributeError: 'PublicKey' object has no attribute 'blindeddecryptDon’t try to use a public RSA key to decrypt, and by extension, don’t try to use a private RSA key to encrypt:RSA encryption can only be performed with an RSA public key according to.bold emphasis mine.The library you are using already has a (closed) ticket on the same attribute error:. The cryptography library delegates encryption, decryption, signing and verification to the key instance, but only the, and the.And the PyCryptodome library to explain how to use public and private keys. Generate public key from private rsa pythonm. While technically speaking generating a signature with the public key constitutes encryption, there are enough differences in how public and private keys are used that it is not surprising that this library doesn’t support explicitly using the private key to encrypt with.You see this in other implementations too.
Select a client library to simplify your API implementation.
Familiarize yourself with the core concepts of the JSON (JavaScript Object Notation) data format. JSON is a common, language-independent data format that provides a simple text representation of arbitrary data structures. For more information, see json.org.
Resources and resource types
A resource is an individual data entity with a unique identifier. The table below describes the different types of resources that you can interact with using the API.
Resources | |
---|---|
activity | Contains information about an action that a particular user has taken on the YouTube site. User actions that are reported in activity feeds include rating a video, sharing a video, marking a video as a favorite, and posting a channel bulletin, among others. |
channel | Contains information about a single YouTube channel. |
channelBanner | Identifies the URL to use to set a newly uploaded image as the banner image for a channel. |
channelSection | Contains information about a set of videos that a channel has chosen to feature. For example, a section could feature a channel's latest uploads, most popular uploads, or videos from one or more playlists. |
guideCategory | Identifies a category that YouTube associates with channels based on their content or other indicators, such as popularity. Guide categories seek to organize channels in a way that makes it easier for YouTube users to find the content they're looking for. While channels could be associated with one or more guide categories, they are not guaranteed to be in any guide categories. |
i18nLanguage | Identifies an application language that the YouTube website supports. The application language can also be referred to as a UI language. |
i18nRegion | Identifies a geographic area that a YouTube user can select as the preferred content region. The content region can also be referred to as a content locale. |
playlist | Represents a single YouTube playlist. A playlist is a collection of videos that can be viewed sequentially and shared with other users. |
playlistItem | Identifies a resource, such as a video, that is part of a playlist. The playlistItem resource also contains details that explain how the included resource is used in the playlist. |
search result | Contains information about a YouTube video, channel, or playlist that matches the search parameters specified in an API request. While a search result points to a uniquely identifiable resource, like a video, it does not have its own persistent data. |
subscription | Contains information about a YouTube user subscription. A subscription notifies a user when new videos are added to a channel or when another user takes one of several actions on YouTube, such as uploading a video, rating a video, or commenting on a video. |
thumbnail | Identifies thumbnail images associated with a resource. |
video | Represents a single YouTube video. |
videoCategory | Identifies a category that has been or could be associated with uploaded videos. |
watermark | Identifies an image that displays during playbacks of a specified channel's videos. The channel owner can also specify a target channel to which the image links as well as timing details that determine when the watermark appears during video playbacks and then length of time it is visible. |
Note that, in many cases, a resource contains references to other resources. For example, a playlistItem
resource's snippet.resourceId.videoId
property identifies a video resource that, in turn, contains complete information about the video. As another example, a search result contains either a videoId
, playlistId
, or channelId
property that identifies a particular video, playlist, or channel resource.
Supported operations
The following table shows the most common methods that the API supports. Some resources also support other methods that perform functions more specific to those resources. For example, the videos.rate
method associates a user rating with a video, and the thumbnails.set
method uploads a video thumbnail image to YouTube and associates it with a video.
Operations | |
---|---|
list | Retrieves (GET ) a list of zero or more resources. |
insert | Creates (POST ) a new resource. |
update | Modifies (PUT ) an existing resource to reflect data in your request. |
delete | Removes (DELETE ) a specific resource. |
The API currently supports methods to list each of the supported resource types, and it supports write operations for many resources as well.
Generate Api Key How It Works Free
The table below identifies the operations that are supported for different types of resources. Operations that insert, update, or delete resources always require user authorization. In some cases, list
methods support both authorized and unauthorized requests, where unauthorized requests only retrieve public data while authorized requests can also retrieve information about or private to the currently authenticated user.
Supported Operations | ||||
---|---|---|---|---|
list | insert | update | delete | |
activity | ||||
caption | ||||
channel | ||||
channelBanner | ||||
channelSection | ||||
comment | ||||
commentThread | ||||
guideCategory | ||||
i18nLanguage | ||||
i18nRegion | ||||
playlist | ||||
playlistItem | ||||
search result | ||||
subscription | ||||
thumbnail | ||||
video | ||||
videoCategory | ||||
watermark |
Quota usage
The YouTube Data API uses a quota to ensure that developers use the service as intended and do not create applications that unfairly reduce service quality or limit access for others. All API requests, including invalid requests, incur at least a one-point quota cost. You can find the quota available to your application in the API Console.
Projects that enable the YouTube Data API have a default quota allocation of 10 thousand units per day, an amount sufficient for the overwhelming majority of our API users. Default quota, which is subject to change, helps us optimize quota allocations and scale our infrastructure in a way that is more meaningful to our API users. You can see your quota usage on the Usage tab for the API in the Google Developer's Console.
Note: If you reach the quota limit, you can request additional quota on the Quotas tab in the Developer's Console.
Note that projects that had enabled the YouTube Data API before April 20, 2016, have a different default quota for that API.
Calculating quota usage
Google calculates your quota usage by assigning a cost to each request, but the cost is not the same for each request. Two primary factors influence a request's quota cost:
Different types of operations have different quota costs.
- A simple read operation that only retrieves the ID of each returned resource has a cost of approximately
1
unit. - A write operation has a cost of approximately
50
units. - A video upload has a cost of approximately
1600
units.
- A simple read operation that only retrieves the ID of each returned resource has a cost of approximately
Read and write operations use different amounts of quota depending on the number of resource parts that each request retrieves. Note that
insert
andupdate
operations write data and also return a resource. So, for example, inserting a playlist has a quota cost of 50 units for the write operation plus the cost of the returned playlist resource.As discussed in the following section, each API resource is divided into parts. For example, a
playlist
resource has two parts,snippet
andstatus
, while achannel
resource has six parts and avideo
resource has 10. Each part contains a group of related properties, and the groups are designed so that your application only needs to retrieve the types of data that it actually uses.An API request that returns resource data must specify the resource parts that the request retrieves. Each part then adds approximately
2
units to the request's quota cost. As such, avideos.list
request that only retrieves thesnippet
part for each video might have a cost of3
units. However, avideos.list
request that retrieves all of the parts for each resource might have a cost of around21
quota units.
With these rules in mind, you can estimate the number of read, write, or upload requests that your application could send per day without exceeding your quota. For example, if you have a daily quota of 1,000,000 units, your application could have any of the following approximate limits:
- 200,000 read operations that each retrieve two resource parts.
- 10,000 write operations and 90,000 additional read operations that each retrieve two resource parts.
- 400 video uploads, 1500 write operations, and 50,000 read operations that each retrieve two resource parts.
Important: Only retrieving the resource parts that your application needs conserves your daily quota and make the entire system more efficient.
Partial resources
The API allows, and actually requires, the retrieval of partial resources so that applications avoid transferring, parsing, and storing unneeded data. This approach also ensures that the API uses network, CPU, and memory resources more efficiently.
The API supports two request parameters, which are explained in the following sections, that enable you to identify the resource properties that should be included in API responses.
- The
part
parameter identifies groups of properties that should be returned for a resource. - The
fields
parameter filters the API response to only return specific properties within the requested resource parts.
How to use the part
parameter
The part
parameter is a required parameter for any API request that retrieves or returns a resource. The parameter identifies one or more top-level (non-nested) resource properties that should be included in an API response. For example, a video
resource has the following parts:
snippet
contentDetails
fileDetails
player
processingDetails
recordingDetails
statistics
status
suggestions
topicDetails
All of these parts are objects that contain nested properties, and you can think of these objects as groups of metadata fields that the API server might (or might not) retrieve. As such, the part
parameter requires you to select the resource components that your application actually uses. This requirement serves several purposes:
- It lets you manage your API quota usage. If you increase the number of parts you retrieve in API responses, your API usage increases accordingly, and your available quota decreases.
- It reduces latency by preventing the API server from spending time retrieving metadata fields that your application doesn't use.
- It reduces bandwidth usage by reducing (or eliminating) the amount of unnecessary data that your application might retrieve.
Over time, as resources add more parts, these benefits will only increase since your application will not be requesting newly introduced properties that it doesn't support.
How to use the fields
parameter
The fields
parameter filters the API response, which only contains the resource parts identified in the part
parameter value, so that the response only includes a specific set of fields. The fields
parameter lets you remove nested properties from an API response and thereby further reduce your bandwidth usage. (The part
parameter cannot be used to filter nested properties from a response.)
The following rules explain the supported syntax for the fields
parameter value, which is loosely based on XPath syntax:
- Use a comma-separated list (
fields=a,b
) to select multiple fields. - Use an asterisk (
fields=*
) as a wildcard to identify all fields. - Use parentheses (
fields=a(b,c)
) to specify a group of nested properties that will be included in the API response. - Use a forward slash (
fields=a/b
) to identify a nested property.
In practice, these rules often allow several different fields
parameter values to retrieve the same API response. For example, if you want to retrieve the playlist item ID, title, and position for every item in a playlist, you could use any of the following values:
fields=items/id,playlistItems/snippet/title,playlistItems/snippet/position
fields=items(id,snippet/title,snippet/position)
fields=items(id,snippet(title,position))
Note: As with all query parameter values, the fields
parameter value must be URL encoded. For better readability, the examples in this document omit the encoding.
Sample partial requests
The examples below demonstrate how you can use the part
and fields
parameters to ensure that API responses only include the data that your application uses:
- Example 1 returns a video resource that includes four parts as well as
kind
andetag
properties. - Example 2 returns a video resource that includes two parts as well as
kind
andetag
properties. - Example 3 returns a video resource that includes two parts but excludes
kind
andetag
properties. - Example 4 returns a video resource that includes two parts but excludes
kind
andetag
as well as some nested properties in the resource'ssnippet
object.
Table of Contents
- Common connection issues
The REST API is a powerful part of WooCommerce which lets you read and write various parts of WooCommerce data such as orders, products, coupons, customers, and shipping zones.
Authorization is usually the part most developers get stuck on so this guide will cover a quick way to test that your API is working on your server and you can auth. If this works but your code to use the API does not, please bare in mind it will be a problem with your code. Please do not open issues asking for support about this on Github - use the support forums.
We'll use both Postman and Insomnia clients in these examples. Both are free and will help you visualise what the API offers.
Before proceeding, please read the REST API docs on authentication which covers the important parts concerning API Keys and Auth. We're only covering connecting over HTTPS here since it's the simplest and most secure method. You should avoid HTTP if possible.
Generate Keys
To start using REST API, you first need to generate API keys.
- Go to WooCommerce > Settings > Advanced
- Go to the REST API tab and click Add key.
- Give the key a description for your own reference, choose a user with access to orders etc, and give the key read/write permissions.
- Click Generate api key.
- Your keys will be shown - do not close this tab yet, the secret will be hidden if you try to view the key again.
Making a basic request
The request URL we'll test is wp-json/wc/v2/orders
. On localhost the full URL may look something like this: https://local.wordpress.dev/wp-json/wc/v2/orders
. Modify this to use your own site URL.
In Postman, you need to set the fields for request type, request URL, and the settings on the authorization tab. For Authorization, choose basic auth and enter your consumer key and consumer secret keys from WooCommerce into the username and password fields
Once done, hit send and you'll see the JSON response from the API if all worked well. You should see something like this:
Insomnia is almost identical to Postman; fill in the same fields and again use basic auth.
Thats it! The API is working.
If you have problems connnecting, you may need to disable SSL verification - see the connection issues section below.
Common connection issues
Connection issues with localhost and self signed SSL certificates
If you're having problems connecting to the REST API on your localhost and seeing errors like this:
Free Api Key
You need to disable SSL verification. In Postman you can find this in the settings:
Insomnia also has this setting the preferences area:
401 Unauthorized
Your API keys or signature is wrong. Ensure that:
What Is An Api Key
- The user you generated API keys for actually has access to those resources.
- The username when authenticating is your consumer key.
- The password when authenticating is your consumer secret.
- Make a new set of keys to be sure.
If your server utilizes FastCGI, check that your authorization headers are properly read.
Consumer key is missing
Occasionally servers may not parse the Authorization header correctly (if you see a “Consumer key is missing” error when authenticating over SSL, you have a server issue).
In this case, you may provide the consumer key/secret as query string parameters instead. Example:
Server does not support POST/DELETE/PUT
Ideally, your server should be configured to accept these types of API request, but if not you can use the _method
property.
How To Find Api Key
See https://developer.wordpress.org/rest-api/using-the-rest-api/global-parameters/#_method-or-x-http-method-override-header