OAuth Options

OAuth Options

/accessToken=<token>

Use this option to set an access token.

Usually, this option requires the token type specified with the /tokenType option.

For example:

/accessToken=12345 /tokenType=Bearer

/authCode=<code>

Use this option to set the authorization code obtained from a browser to skip acquiring such code using a built-in gsqlcmd browser.

For example:

/authCode=12345

/authUri=<URL>

Use this option to specify an authozization URL.

For example:

/authUri=https://accounts.google.com/o/oauth2/auth

/clientId=<clientId>

Use this option to set a clientId value used with the OAuth1 and OAuth2 authentication methods.

For example:

gsqlcmd download https://website.com/api/get-quotes /clientId=myapp /clientSecret=mypassword

/clientJson=<file>

Use this option to specify a file with the OAuth2 client credentials and the required authorization information.

For example:

gsqlcmd get-token /clientJson=client_secret.json /tokenJson=access_token.json ^
                  /scope=https://www.googleapis.com/auth/webmasters.readonly

Usually, you may export such file from a registered application page.

For example, a Google Search Console client secret file looks like

{"installed":{
    "client_id":"123456789012-abcdefghijklmnopqrstuvwxyz123456.apps.googleusercontent.com",
    "project_id":"searchconsoleapi-123456",
    "auth_uri":"https://accounts.google.com/o/oauth2/auth",
    "token_uri":"https://oauth2.googleapis.com/token",
    "auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs",
    "client_secret":"Abcdefghijklmnopqrstuvwx",
    "redirect_uris":["urn:ietf:wg:oauth:2.0:oob","http://localhost"]
}}

/clientSecret=<clientSecret>

Use this option to set a clientSecret value used with the OAuth1 and OAuth2 authentication methods.

For example:

gsqlcmd download https://website.com/api/get-quotes /clientId=myapp /clientSecret=mypassword

gsqlcmd sets the /auth option to OAuth1 by default if the /clientId option specified.

/expiresIn=<seconds>

Use this option to set a token expiration time in seconds.

For example:

/expiresIn=3600

gsqlcmd uses this value to refresh expired tokens automatically using the date and time of the file specified with the /tokenJson option.

Usually, exported token files contain this option. So, you do not need to set it manually.

/grantType=<type>

Use this option to specify a required grant type.

For example:

/grantType=authorization_code

OAuth2 defines the following types: authorization_code, client_credentials, password, and refresh_token.

However, it allows extended types also. So, refer to the service documentation.

/redirectUri=<URI>

Use this option to specify a redirect URI.

For example:

/redirectUri=urn:ietf:wg:oauth:2.0:oob

You have to specify an URI registered with an application.

/redirectUris=<URI>

This option is a synonym of the /redirectUri option used to import URIs from files specified with the /clientJson option.

/refreshToken=<token>

Use this option to set a refresh token used to update an expired access token.

For example:

/refreshToken=1/ABCDEFGHIJKLMNOPQRST-abcdefghijklmnopqrstuv

/responseType=<type>

Use this option to specify the response type.

For example:

/responseType=code

OAuth2 defines two response types: code and token.

However, a service can define extended types also. So, refer to the service documentation.

/scope=<scope>

Use this option to specify the required scope.

Find the scopes in the desired service API documentation.

Below is an example for Google Search Console:

gsqlcmd get-token /clientJson=client_secret.json /tokenJson=access_token.json ^
                  /scope=https://www.googleapis.com/auth/webmasters.readonly

/tokenJson=<file>

Use this option to specify a file with access and refresh tokens.

gsqlcmd updates this file automatically in the get-token and refresh-token modes.

For example:

gsqlcmd refresh-token /clientJson=client_secret.json /tokenJson=access_token.json

Below is an example of the token file exported with Google Search Console API:

{
  "access_token": "ya29.abcdefghijklmnopqrstuv-1234567890123456789-abcdefghijklmnopqrstu_123456789012345678-abc-abcdefghijklmnopqrstuvwx-1234567890123",
  "expires_in": 3600,
  "refresh_token": "1/ABCDEFGHIJKLMNOPQRST-abcdefghijklmnopqrstuv",
  "scope": "https://www.googleapis.com/auth/webmasters.readonly",
  "token_type": "Bearer"
}

/tokenType=<type>

Use this option to specify a token type, usually, "Bearer" in OAuth2.

For example:

/accessToken=12345 /tokenType=Bearer

This option requires an access token specified with the /accessToken or /tokenJson options.

Instead of using an access token and its type, you may set the Authorization header using the /header option directly, like

"/header=Authorization: Bearer 12345"

/tokenUri=<URL>

Use this option to set a URL used to acquire and refresh an access token.

For example:

/token_uri=https://oauth2.googleapis.com/token
This website is using cookies. By continuing to browse, you give us your consent to our use of cookies as explained in our Cookie Policy.