cancel
Showing results for 
Search instead for 
Did you mean: 

Authenticate to Google API via OAuth 2.0 from CAI

patrick_weyers
Participant
0 Kudos
596

Hello,

I'm creating a bot that needs access to a specific Google Calendar account (not an account per end-user of the bot).

I've been able to implement the GET operations (e.g. reading a list of public events in my calendar) successfully using an API key provided by Google.

However, I have so far been unsuccessful at getting POST operations (e.g. creating a new event) to work. For these, it is required to authenticate via OAuth2.

  • I have setup the application in the Google Developer console and activate the corresponding Google Calendar API.
  • I have created OAuth 2.0 credentials, which gives my a client ID and a client secret.
  • I have put "https://api.cai.tools.sap" as the redirect URL in the configuration of the OAuth 2.0 credentials in Google Developer console but I'm unsure if this is correct.
  • I have created an authentication template in my SAP CAI bot set to mode "OAuth2 Authentication" and supplied the client ID and the client secret and the authorization URL https://accounts.google.com/o/oauth2/v2/auth

However, this is not working. When trying this skill and activating debug mode, I get:

Warning: An API error has been detected on

"Error while calling API"

Which steps are missing or which settings are incorrect to enable this to work?

Many thanks and best regards

Patrick

View Entire Topic
thomas-bruckner
Product and Topic Expert
Product and Topic Expert

Dear patrick.weyers,

thank you for posting your question. Let me try to clarify the various aspects of your inquiry.

Basically you need to distinguish different flavors, so called "flows", within the OAuth2 specification. These are different ways do obtain an access token, each serving different requirements and scenarios. Within SAP Conversational AI, OAuth2 means more specifically the OAuth2 Client Credential Flow, which enables technical communication between two servers. (Read more)

Different to that Google offer is using for most of its APIs the OAuth2 Authorization Code Flow, which helps applications obtain some permissions based on a user-account after the approval using a redirect flow on the UI. See the full explanation here

Comparing both flows you can see that they require different prerequisites and choreographies to actually get a token from the authorization server of the protected resource. To make use of the OAuth2 feature of SAP Conversational AI, make sure that your external service supports the client credential flow.

I hope this explanation helps.

Regards,

Thomas