I have an angular 6 application which makes requests to various oauth2 providers. I’ve managed to successfully request access tokens from these providers using the implicit grant type (will be working on authorization code soon). Now I’m trying to find a list of API endpoints that I can test the access tokens with. For example, requesting user profile information from Google.
So far, I’ve been able to get access tokens from the following providers:
Google (https://accounts.google.com)
Anilist (http://anilist.co)
OneDrive (https://login.live.com)
DropBox (https://www.dropbox.com)
Does anyone know any publicly accessible API endpoints for any of the above (or any other oauth2 provider) that I can test with?
Thanks
Here is how you can answer your question for Google.
You first connect to the Google API explorer web application: https://developers.google.com/apis-explorer/#p/
This web page helps you browse the many Google APIs. So, search for an API named API Discovery Service. It will answer an API that provides information about other Google APIs, such as what APIs are available, the resource, and method details for each API.
Therefore, to get a list of every APIs, you can call the list entry point of this API Discovery Service here: https://www.googleapis.com/discovery/v1/apis?preferred=true
Here is the beginning of the result:
{
"kind": "discovery#directoryList",
"discoveryVersion": "v1",
"items": [
{
"kind": "discovery#directoryItem",
"id": "abusiveexperiencereport:v1",
"name": "abusiveexperiencereport",
"version": "v1",
"title": "Abusive Experience Report API",
"description": "Views Abusive Experience Report data, and gets a list of sites that have a significant number of abusive experiences.",
"discoveryRestUrl": "https://abusiveexperiencereport.googleapis.com/$discovery/rest?version=v1",
"icons": {
"x16": "https://www.gstatic.com/images/branding/product/1x/googleg_16dp.png",
"x32": "https://www.gstatic.com/images/branding/product/1x/googleg_32dp.png"
},
"documentationLink": "https://developers.google.com/abusive-experience-report/",
"preferred": true
},
[...]
On each of those APIs listed by the previous call, the discoveryRestUrl field gives you an URL on which you can get informations like the entrypoint of the corresponding API.
For instance, you can find that the GMail API is described here: https://www.googleapis.com/discovery/v1/apis/gmail/v1/rest
In the output, extract the OAuth2 part from the auth entry to get the scopes:
"auth": {
"oauth2": {
"scopes": {
"https://mail.google.com/": {
"description": "Read, compose, send, and permanently delete all your email from Gmail"
},
"https://www.googleapis.com/auth/gmail.compose": {
"description": "Manage drafts and send emails"
},
"https://www.googleapis.com/auth/gmail.insert": {
"description": "Insert mail into your mailbox"
},
"https://www.googleapis.com/auth/gmail.labels": {
"description": "Manage mailbox labels"
},
"https://www.googleapis.com/auth/gmail.metadata": {
"description": "View your email message metadata such as labels and headers, but not the email body"
},
"https://www.googleapis.com/auth/gmail.modify": {
"description": "View and modify but not delete your email"
},
"https://www.googleapis.com/auth/gmail.readonly": {
"description": "View your email messages and settings"
},
"https://www.googleapis.com/auth/gmail.send": {
"description": "Send email on your behalf"
},
"https://www.googleapis.com/auth/gmail.settings.basic": {
"description": "Manage your basic mail settings"
},
"https://www.googleapis.com/auth/gmail.settings.sharing": {
"description": "Manage your sensitive mail settings, including who can manage your mail"
}
}
}
},
In the description, you will also find the endpoint for the GMail API : https://www.googleapis.com/gmail/v1/users/
Finally, you can access this API by means of OAuth2.
NOTE: every scopes associated with one or several APIs are listed here: https://developers.google.com/identity/protocols/googlescopes