How to use Google Calendar API to fetch events without final user authentication
Hello,
I would like to implement on my portfolio a page that allows user to see my google calendar and book an event to my calendar.
I'm using Next.js and the library FullCalendar. My idea was to fetch all events from Google Calendar API and feed them into FullCalendar. But it seems that you can't fetch all events from a calendar without calling the authentication method, but from what I get, the authentication method open a popup and allow the final user to connect.
That's not what I want, and I can't find any resources showing me another way. I thought I could just give the API KEY, my login information and then access my calendar events.
Does anyone has implements something like I describe ?
12 Replies
You will need to make your own API that holds your credentials, do not put your credentials on the front end
I'm using Next.js so I can execute function on the backend. But the thing is on the documentation of google api calendar the code is executed on the client side in addition of requiring an authentication
It doesn't matter where it's executed as far as the API is concerned, it's just that if done on the server-side you can hide sensitive information
Yeah I know, doesn't solve my problems
You just need to move the API call to the server and then create an endpoint and then replace the calendar API call with a fetch to the API you set up
Hey, thank you for your help, maybe I have badly described my problem. I will find a solution. Have a good day
You will find a solution? I gave you it. I’ll draw a diagram to make it clearer when I’m back at my computer
If you're ever faced with needing to fetch something using a key that needs to be kept secret you just make a private API with that information
Netlify has a serverless functions to hide your key
https://www.netlify.com/blog/a-guide-to-storing-api-keys-securely-with-environment-variables/
Netlify
A Guide to Storing API Keys Securely with Environment Variables
Learn different methods of storing API keys and secrets, and how to share them securely using environment variables on Netlify.
Ok ok just read slowly those next words : I Understand What You Are Saying. That IS NOT my current problem 🙂
I have made some progress. So I'm trying to use OAuth 2.0 for authentication server to server, so that's I don't have to ask the final user to authenticate himself and I can show MY calendar.
I followed the documentation https://developers.google.com/identity/protocols/oauth2/service-account?hl=fr#httprest and I created a JWT Token and signed it with the right algorithm, but when I call https://oauth2.googleapis.com/token to get my access token, the response is a 400 Bad request
Google for Developers
Utiliser OAuth 2.0 pour l'authentification serveur à serveur | Au...