Last August we updated the Latitude API documentation to exclude all
references to OAuth v1.0 endpoints for the Latitude API, and suggested
developers migrate to OAuth 2.0.
On April 20, we intend to turn off access to the OAuth1 endpoint. For
those developers who are still using the deprecated OAuth1 endpoint,
please see the documentation for using the OAuth 2.0, which is
available at http://code.google.com/apis/latitude/v1/using_rest.html#auth
If you have any questions about updating your application, please let
us know.
Last August we updated the Latitude API documentation to exclude all
references to OAuth v1.0 endpoints for the Latitude API, and suggested
developers migrate to OAuth 2.0.
On April 20, we intend to turn off access to the OAuth1 endpoint. For
those developers who are still using the deprecated OAuth1 endpoint,
please see the documentation for using the OAuth 2.0, which is
available at http://code.google.com/apis/latitude/v1/using_rest.html#auth
If you have any questions about updating your application, please let
us know.
On Tuesday, March 6, 2012 9:53:16 PM UTC+1, Josh Livni wrote:
> Hi all,
> Last August we updated the Latitude API documentation to exclude all > references to OAuth v1.0 endpoints for the Latitude API, and suggested > developers migrate to OAuth 2.0.
> On April 20, we intend to turn off access to the OAuth1 endpoint. For > those developers who are still using the deprecated OAuth1 endpoint, > please see the documentation for using the OAuth 2.0, which is > available at http://code.google.com/apis/latitude/v1/using_rest.html#auth
> If you have any questions about updating your application, please let > us know.
There is no way to migrate Oauth1 access tokens to Oauth2.
Also take into account the following :
- You'll need to use the new Oauth2 enpoints in the re-authorize process. - Keep in mind that Google accounts who are not opted into Latitude will not be able to "activate" it in the new OAuth2 flow (in the old Oauth1 based flow there was a custom checkbox specifically for opting into Latitude during the authorization flow. - Oauth2 uses both access tokens and refresh tokens. Unless you specify the offline access parameter in your Oauth2 flow, you'll only receive an access token that is valid for 1 hour. You'll not get a refresh token to automatically refresh the access token when it expires (can be done by specifying offline access).
On Tuesday, April 10, 2012 12:08:48 AM UTC+2, Alexis wrote:
> Hi Josh,
> Is there any mechanism to migrate Oauth1 access token as part of this? Or > does this require end-user to re-authorize third party applications?
> Thanks
> Alexis
> On Tuesday, March 6, 2012 9:53:16 PM UTC+1, Josh Livni wrote:
>> Hi all,
>> Last August we updated the Latitude API documentation to exclude all >> references to OAuth v1.0 endpoints for the Latitude API, and suggested >> developers migrate to OAuth 2.0.
>> On April 20, we intend to turn off access to the OAuth1 endpoint. For >> those developers who are still using the deprecated OAuth1 endpoint, >> please see the documentation for using the OAuth 2.0, which is >> available at http://code.google.com/apis/latitude/v1/using_rest.html#auth
>> If you have any questions about updating your application, please let >> us know.
On Tue, Apr 10, 2012 at 11:38 AM, Davy <ddewa...@gmail.com> wrote: > There is no way to migrate Oauth1 access tokens to Oauth2.
> Also take into account the following :
> You'll need to use the new Oauth2 enpoints in the re-authorize process. > Keep in mind that Google accounts who are not opted into Latitude will not > be able to "activate" it in the new OAuth2 flow (in the old Oauth1 based > flow there was a custom checkbox specifically for opting into Latitude > during the authorization flow. > Oauth2 uses both access tokens and refresh tokens. Unless you specify the > offline access parameter in your Oauth2 flow, you'll only receive an access > token that is valid for 1 hour. You'll not get a refresh token to > automatically refresh the access token when it expires (can be done by > specifying offline access).
> Regards, > Davy
> On Tuesday, April 10, 2012 12:08:48 AM UTC+2, Alexis wrote:
>> Hi Josh,
>> Is there any mechanism to migrate Oauth1 access token as part of this? Or >> does this require end-user to re-authorize third party applications?
>> Thanks
>> Alexis
>> On Tuesday, March 6, 2012 9:53:16 PM UTC+1, Josh Livni wrote:
>>> Hi all,
>>> Last August we updated the Latitude API documentation to exclude all >>> references to OAuth v1.0 endpoints for the Latitude API, and suggested >>> developers migrate to OAuth 2.0.
>>> On April 20, we intend to turn off access to the OAuth1 endpoint. For >>> those developers who are still using the deprecated OAuth1 endpoint, >>> please see the documentation for using the OAuth 2.0, which is >>> available at http://code.google.com/apis/latitude/v1/using_rest.html#auth
>>> If you have any questions about updating your application, please let >>> us know.
> To post to this group, send email to google-latitude-api@googlegroups.com. > To unsubscribe from this group, send email to > google-latitude-api+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/google-latitude-api?hl=en.
Thank you Davy. One more question: Will you progressively phase out Oauth1 by first not allowing new Oauth1 access tokens to be created, then later on turning off API access for Oauth1 tokens, or will the entire Oauth1 API stop functionning this month?
Thanks On Apr 10, 2012 12:38 PM, "Davy" <ddewa...@gmail.com> wrote:
> There is no way to migrate Oauth1 access tokens to Oauth2.
> Also take into account the following :
> - You'll need to use the new Oauth2 enpoints in the re-authorize > process. > - Keep in mind that Google accounts who are not opted into Latitude > will not be able to "activate" it in the new OAuth2 flow (in the old Oauth1 > based flow there was a custom checkbox specifically for opting into > Latitude during the authorization flow. > - Oauth2 uses both access tokens and refresh tokens. Unless you > specify the offline access parameter in your Oauth2 flow, you'll only > receive an access token that is valid for 1 hour. You'll not get a refresh > token to automatically refresh the access token when it expires (can be > done by specifying offline access).
> Regards, > Davy
> On Tuesday, April 10, 2012 12:08:48 AM UTC+2, Alexis wrote:
>> Hi Josh,
>> Is there any mechanism to migrate Oauth1 access token as part of this? Or >> does this require end-user to re-authorize third party applications?
>> Thanks
>> Alexis
>> On Tuesday, March 6, 2012 9:53:16 PM UTC+1, Josh Livni wrote:
>>> Hi all,
>>> Last August we updated the Latitude API documentation to exclude all >>> references to OAuth v1.0 endpoints for the Latitude API, and suggested >>> developers migrate to OAuth 2.0.
>>> If you have any questions about updating your application, please let >>> us know.
>>> Cheers,
>>> -Josh
>> -- > You received this message because you are subscribed to the Google Groups > "Google Latitude API" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/google-latitude-api/-/8TAQQcoV-zsJ. > To post to this group, send email to google-latitude-api@googlegroups.com. > To unsubscribe from this group, send email to > google-latitude-api+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/google-latitude-api?hl=en.
You only need to worry about migrating to OAuth2 if you're using the latitude API. The public badge is not included as part of the API, it's a separate Latitude app, so you're fine.
> On Tue, Apr 10, 2012 at 11:38 AM, Davy <ddewa...@gmail.com> wrote: > > There is no way to migrate Oauth1 access tokens to Oauth2.
> > Also take into account the following :
> > You'll need to use the new Oauth2 enpoints in the re-authorize process. > > Keep in mind that Google accounts who are not opted into Latitude will > not > > be able to "activate" it in the new OAuth2 flow (in the old Oauth1 based > > flow there was a custom checkbox specifically for opting into Latitude > > during the authorization flow. > > Oauth2 uses both access tokens and refresh tokens. Unless you specify the > > offline access parameter in your Oauth2 flow, you'll only receive an > access > > token that is valid for 1 hour. You'll not get a refresh token to > > automatically refresh the access token when it expires (can be done by > > specifying offline access).
> > Regards, > > Davy
> > On Tuesday, April 10, 2012 12:08:48 AM UTC+2, Alexis wrote:
> >> Hi Josh,
> >> Is there any mechanism to migrate Oauth1 access token as part of this? > Or > >> does this require end-user to re-authorize third party applications?
> >> Thanks
> >> Alexis
> >> On Tuesday, March 6, 2012 9:53:16 PM UTC+1, Josh Livni wrote:
> >>> Hi all,
> >>> Last August we updated the Latitude API documentation to exclude all > >>> references to OAuth v1.0 endpoints for the Latitude API, and suggested > >>> developers migrate to OAuth 2.0.
> >>> On April 20, we intend to turn off access to the OAuth1 endpoint. For > >>> those developers who are still using the deprecated OAuth1 endpoint, > >>> please see the documentation for using the OAuth 2.0, which is > >>> available at > http://code.google.com/apis/latitude/v1/using_rest.html#auth
> >>> If you have any questions about updating your application, please let > >>> us know.
> > To post to this group, send email to > google-latitude-api@googlegroups.com. > > To unsubscribe from this group, send email to > > google-latitude-api+unsubscribe@googlegroups.com. > > For more options, visit this group at > > http://groups.google.com/group/google-latitude-api?hl=en.
Unfortunately, turning down OAuth1 will cause the whole API will stop functioning including granting access to new users and using old tokens to request data for users. If you want your app to keep working, you'll need to migrate to OAuth2 ASAP.
On Tuesday, April 10, 2012 11:34:03 AM UTC-7, Alexis wrote:
> Thank you Davy. One more question: Will you progressively phase out Oauth1 > by first not allowing new Oauth1 access tokens to be created, then later on > turning off API access for Oauth1 tokens, or will the entire Oauth1 API > stop functionning this month?
>> There is no way to migrate Oauth1 access tokens to Oauth2.
>> Also take into account the following :
>> - You'll need to use the new Oauth2 enpoints in the re-authorize >> process. >> - Keep in mind that Google accounts who are not opted into Latitude >> will not be able to "activate" it in the new OAuth2 flow (in the old Oauth1 >> based flow there was a custom checkbox specifically for opting into >> Latitude during the authorization flow. >> - Oauth2 uses both access tokens and refresh tokens. Unless you >> specify the offline access parameter in your Oauth2 flow, you'll only >> receive an access token that is valid for 1 hour. You'll not get a refresh >> token to automatically refresh the access token when it expires (can be >> done by specifying offline access).
>> Regards, >> Davy
>> On Tuesday, April 10, 2012 12:08:48 AM UTC+2, Alexis wrote:
>>> Hi Josh,
>>> Is there any mechanism to migrate Oauth1 access token as part of this? >>> Or does this require end-user to re-authorize third party applications?
>>> Thanks
>>> Alexis
>>> On Tuesday, March 6, 2012 9:53:16 PM UTC+1, Josh Livni wrote:
>>>> Hi all,
>>>> Last August we updated the Latitude API documentation to exclude all >>>> references to OAuth v1.0 endpoints for the Latitude API, and suggested >>>> developers migrate to OAuth 2.0.
>>>> If you have any questions about updating your application, please let >>>> us know.
>>>> Cheers,
>>>> -Josh
>>> -- >> You received this message because you are subscribed to the Google Groups >> "Google Latitude API" group. >> To view this discussion on the web visit >> https://groups.google.com/d/msg/google-latitude-api/-/8TAQQcoV-zsJ. >> To post to this group, send email to google-latitude-api@googlegroups.com >> . >> To unsubscribe from this group, send email to >> google-latitude-api+unsubscribe@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/google-latitude-api?hl=en.
We kept the existing OAuth1 endpoint around a little longer than expected, and it will be turned down on July 19.
If you are still using OAuth1 after the turndown, you will get an "Invalid Credentials" response, with the error message stating that "OAuth1 is no longer supported. You must authorize your request with OAuth 2.0."
On Tuesday, March 6, 2012 12:53:16 PM UTC-8, Josh Livni wrote:
> Hi all,
> Last August we updated the Latitude API documentation to exclude all > references to OAuth v1.0 endpoints for the Latitude API, and suggested > developers migrate to OAuth 2.0.
> On April 20, we intend to turn off access to the OAuth1 endpoint. For > those developers who are still using the deprecated OAuth1 endpoint, > please see the documentation for using the OAuth 2.0, which is > available at http://code.google.com/apis/latitude/v1/using_rest.html#auth
> If you have any questions about updating your application, please let > us know.
