Getting the unlimited token for YouTube API

sk8forfood · 10-09-2023 05:41 AM

Hello there!

Our company has Google Workspace (we pay for it). Also we made our own app that works with YouTube API. This app currently is in “Testing” state — which means that its’ token is only valid for 7 days.

I have read in the documentation that a token can be without time limits if:

The app type is “Internal” — hence, it is used only by internal users;
The app type is “External” and it has successfully passed moderation as an app for external users.

My app is intended as “Internal” — only for users who work in my company. So I chose the “Internal” type for it. But when I use OAuth, I get an error:

App is restricted to users within its organization. If you think you should have access, you can contact the developer. Learn more about this error

If I get this right, the system “believes” that a YouTube channel (which is created inside the organization) belongs to a user who is not a member of this said organization.

I suspect that because when you create a channel, a user with random email also is created. In our case:

Here comes the fun part: I do not have access to this newly generated email. Meaning I have no idea how to solve this problem.

So my two questions are:

Do I understand the cause of this problem correctly? If so, how do I solve it?
Are there any alternative solutions for elongating a token's lifespan?

Jimmyvince

Here are some potential solutions for dealing with unlimited tokens when using the YouTube API:

Use OAuth 2.0 authentication instead of API keys for your application. This allows generating refresh tokens that can be exchanged for new access tokens when they expire.
Set up your API credentials to access YouTube Data API v3 rather than v2. Version 3 uses OAuth 2.0 tokens that don't have usage limits.
If using API keys, regenerate them periodically before hitting the usage limit. However, this isn't a scalable long-term solution.
Implement token monitoring and automated refreshing. When a token approaches the usage limit, proactively generate a new one and update it in your application.
If you're making calls from a server, perform token refreshing there. For JavaScript clients, you may need to request new tokens from your server.
Check if you can reduce token usage by optimizing caches, consolidating requests, or otherwise minimizing calls. This raises the limit.
Consider using a Google Cloud project with its own quota if you need higher limits for a production application.
Reach out to Google support to request higher quotas if nothing else helps, explaining your specific use case.

With some strategic implementation of OAuth, token monitoring, and request optimization, you should be able to overcome YouTube API token limit issues.

sylviasun

I'm not sure about the token issue, but just a thought here on the email. Have you tried to email this random address? I suspect it is a forwarding address to the developer.

sk8forfood

Hey, thanks for reaching out!

The thing is, this random e-mail address does not seem to be relevant. It is generated automaticlally for a YouTube channel, when this YouTube channel is created.

In fact, it is impossible to add this newly generated "user" to organization (because there is no actual user behind this address). Furthermore, you can't even send an e-mail to this address (see the screenshot).

As a result, to make an internal app I need all the users to be inside the organization. But also the external user is created when I create a YouTube channel — and I don't have any access to this new user. I don't really have any ideas on how to break this loop.

Hope this clarifies the issue!