OAuth applications API

The OAuth applications API allows Hybrid Data Pipeline to identify itself as a registered Google Analytics application with the creation of an OAuth application object. The OAuth application object holds the OAuth cleint_id and client_secret. The permissions required to use the OAuth applications API depend on the operation being used and the tenant environment.

In a multitenant environment, an OAuth application object must belong to a particular tenant, and only one OAuth application object can be created for a Google Analytics data store for each tenant. When an OAuth application object exists in the system tenant and another exists in a child tenant, the OAuth application object in the child tenant will override the one in the system tenant for the users who belong to the child tenant. How the OAuth applications API may be used depends, in part, on the permissions the administrator has. With the Administrator (12) permission, a user can create an OAuth application object in any tenant across the system. With the MgmtAPI (11) and OAuth (28) permissions, a user in the system tenant can create an OAuth application object for the system tenant. This user can also create OAuth application objects for tenants for which he or she has administrative access. With the MgmtAPI (11) and OAuth (28) permissions, a user in a child tenant can create an OAuth application object only in the tenant in which he or she resides.

The following table lists the operations that can be performed with the OAuth applications API.

Task	Request	URL
Retrieve OAuth applications	GET	https://<myserver>:<port>/api/mgmt/oauthapps
Create an OAuth application object	POST	https://<myserver>:<port>/api/mgmt/oauthapps
Retrieve an OAuth application object	GET	https://<myserver>:<port>/api/mgmt/oauthapps/{id}
Update an OAuth application object	PUT	https://<myserver>:<port>/api/mgmt/oauthapps/{id}
Delete an OAuth application object	DELETE	https://<myserver>:<port>/api/mgmt/oauthapps/{id}