Stay organized with collections
Save and categorize content based on your preferences.
OAuth 2.0 is used to access Google APIs. It supports server-to-server interactions
such as those between a web or native application and a Google service. For this
scenario, you need a service account, which is an account that belongs to your
application instead of to an individual end user. Your application calls Google
APIs on behalf of the service account, so users aren't directly involved.
To begin, you must obtain OAuth 2.0 client credentials from the Google API Console.
Your application requests an access token from the Google Authorization Server,
extracts a token from the response, and sends the token to the Google API that
you want to access.
[null,null,["Last updated 2024-10-16 UTC."],[[["\u003cp\u003eOAuth 2.0 and service accounts are used for server-to-server interactions with Google APIs, letting applications access Google services on their own behalf.\u003c/p\u003e\n"],["\u003cp\u003eTo use the Omnichannel API, you need to create a service account in the Google API Console and obtain OAuth 2.0 client credentials.\u003c/p\u003e\n"],["\u003cp\u003eYour application requests an access token using these credentials and includes it in requests to the Omnichannel API, using the \u003ccode\u003ehttps://www.googleapis.com/auth/nbupaymentsmerchants\u003c/code\u003e scope.\u003c/p\u003e\n"],["\u003cp\u003eShare the service account's name ("client_email" from the downloaded JWT) to enable access to the Omnichannel API.\u003c/p\u003e\n"]]],["OAuth 2.0 enables server-to-server access to Google APIs via a service account, eliminating direct user involvement. The process involves obtaining OAuth 2.0 client credentials from the Google API Console. Your app will need to request, receive, and use an access token from the Google Authorization Server to access the API. For Omnichannel API access, the authorization scope `https://www.googleapis.com/auth/nbupaymentsmerchants` is mandatory, a service account, shared with them, must be created, and JSON web token is downloaded to access the API.\n"],null,["# Authorization\n\nOAuth 2.0 is used to access Google APIs. It supports server-to-server interactions\nsuch as those between a web or native application and a Google service. For this\nscenario, you need a service account, which is an account that belongs to your\napplication instead of to an individual end user. Your application calls Google\nAPIs on behalf of the service account, so users aren't directly involved.\n\nTo begin, you must obtain OAuth 2.0 client credentials from the [Google API Console](https://console.developers.google.com).\nYour application requests an access token from the Google Authorization Server,\nextracts a token from the response, and sends the token to the Google API that\nyou want to access.\n\nFor more information on OAuth 2.0, see [Using OAuth2.0 for server-to-server applications](https://developers.google.com/identity/protocols/OAuth2ServiceAccount).\n\nRequired authorization scope\n----------------------------\n\nTo access the Omnichannel API, your app must use the following authorization\nscope:\n`https://www.googleapis.com/auth/nbupaymentsmerchants`\n\nAccess to the API returned in the response depends on the scope you have\nrequested.\n\nCreate service account\n----------------------\n\nBefore you start using Omnichannel API, you must create a service account with\nus.\n\n1. Go to [API console](https://console.developers.google.com).\n2. Sign in using your Gmail account.\n3. [Create a project](https://console.developers.google.com/project).\n4. [Create a\n Service Account](https://console.developers.google.com/apis/credentials/serviceaccountkey), and download a cryptographically signed JSON web token (JWT).\n\n| **Important:**Share service account's name (inside the downloaded JWT \"client_email\" field) with us so that we can add it to our allowlist.\n\nThe following image and steps outline interaction between Google's servers\nand yours:\n[](/pay/india/api/images)\n\n1. The merchant server creates a JSON web token (JWT).\n2. Using the JWT app server requests the authorization server (Google server) for a response token.\n3. The Google server responds to the request raised by the app server.\n4. The app server uses the token to call Google API.\n\nYou must send an authorization token with every request that requires an OAuth\nscope. [Oauth 2.0](https://developers.google.com/identity/protocols/OAuth2) is\nthe supported authorization protocol."]]