Python YouTube API Tutorial: Using OAuth to Access User Accounts

hey there how's it going everybody in this video we're going to be using python and the youtube api to access a user's account so far we've only been using public information on youtube by accessing public playlists public videos and things like that but you might want to access some private user data such as a user's likes or comments or even allow a user to modify their account in some way through python such as allowing them to upload a video like videos comment or whatever else we're able to do through the api so to do this we're going to need to use a better authentication protocol than the api keys that we've currently been using so we're going to need to update our scripts to use oauth instead so oauth 2 will allow you or your users to give our scripts and applications limited access to third-party accounts and that third-party account or application in this video is going to be youtube you've likely seen something like this in applications before so for example if you've used instagram then you probably have noticed that instagram also gives you the option to automatically post photos to twitter or facebook now if you did choose to post to twitter then instagram would open up a page to log into your twitter account and it would say something like you know instagram would like to be able to post a tweet on your behalf please log in to allow instagram access to your twitter account that is basically what oauth is so for example i'm currently using this on youtube to grab a list of my youtube members so that i can add them and my patrons to credits at the end of my videos so in this video i'm going to give my python script access to my youtube channel using oauth and then i'll just do something simple like list my private or unlisted videos i think my latest unlisted video is one of me as like a kid back in 1992 or something like that so if you stick around to the end of the video then you'll get to see that now if you haven't watched my video on getting started with the youtube api using python then definitely watch that video first because that's where i show the basics of the youtube api and how to connect different services and i'm using the script that we ended with in that video as a starting point so with that said let's go ahead and get started so like i said i'm just going to do a very simple example where i use oauth to access my uploaded videos but first let's see what this looks out looks like without oauth so that you can see what it looks like just using an api key so to grab my uploaded videos one way that we can do this is first instead of accessing my channel statistics like we did in that getting started video i'm instead going to access content details and this will print out some details from my channel and if i run this then there's one part down here that says related playlists now if we look at our related playlists we can see that we have one here called uploads so that is a playlist of all of my uploads and this is that playlist id so i'm going to grab that playlist id and now let's print out all of my videos from that playlist or actually it'll just be the first five videos of the playlist so in order to do this instead of accessing the channels resourced here i'm instead going to change this to playlist items and i'm still going to list these now let's grab the status of these playlist items and i can just remove this four username here and instead i'm going to type in playlist id and paste that playlist id that we got before now that d and id is lowercase sometimes i've accidentally made that uppercase instead so now that we have this in place let's go ahead and run our code and now we can see that we get back some information here for the first five videos of this playlist and we can take a look at the status here we can see that uh the privacy status of these videos are public uh so those are these are my latest public videos uh but one thing i wanted to show here was down here at the bottom where it says page info total results is 229 so we can see that using an api key that just gives us public data and it's telling me that i have 229 video uploads uh when i release this video this will be it'll be 230 public videos but these are all public if i wanted to also view my private or unlisted videos then i would need to give my script permission to view my youtube accounts data so to do this we're going to need to create an oauth client so in order to create this we're going to open up our google developers console that we've used in previous videos and i already have mine open here in the browser so to create a new oauth client i am just going to go here to credentials and now i don't have any api keys here that's because i created a new project so that we could see what this looks like from scratch what i was using for that first example was an api key from a different project so if you're confused about that then that's why so in order to create an

oauth client we can click up here on create credentials now instead of an api key we're going to create an oauth client id now if this is the first oauth client id that you've created then you're going to have this screen here that says that you need to configure a consent screen now if uh you've already walked through this once then you won't see this but if it's the first time then let's go ahead and walk through this so first we have to configure a user type so i'm going to choose external here because that is available to any user with a google account um internal is for like g suite users and things like that for internal applications um but most of the time we're going to be uh making external user types here uh so let me click on create and now i got an error here i've been having some uh issues with their site today i don't hopefully that won't affect what we're doing here but now all i'm going to do on this oauth consent screen is i'm just going to put in an application name and then we'll take care of everything else later like the scopes and things like that so i'm just going to set my application name to youtube api so now down here at the bottom i will click on save and once that is saved then we should be able to go back here to our credentials and now let's try this again where we click on create credentials and then oauth client id and now that we've set up that consent screen now we can move forward with creating our client id now when you get to this screen here it's going to ask you what type of application that we'll be using for our oauth keys now so far in this series of videos i've only been using python scripts but a simple script isn't listed here in any of the application types now there are several ways that we could set this up but what i'm going to do is i'm going to choose web application now that might be confusing but basically what this means is that i'm going to run a local web server that allows me to log into my google account and give my script access to my private youtube data now this doesn't have to be a local web server if you created a web application that allowed people to log in to their google accounts then you would select this option as well and perhaps in the future i can show how to do this with flask or django so that we could set up that functionality on an actual real website now if running a local web server sounds confusing then don't worry because we're going to be using a google library that makes all of this very easy for us to use okay so now that i've selected this application type now i'm just going to name this so i'll just name this youtube api app and now down here we do need to select a redirect uri and i'll explain more about this in just a minute now since i'm going to be doing this locally i can just do http colon forward slash i'll do localhost and let's run this on port 8080 okay and again i'll explain more about this in just a bit so now let's go ahead and create our application here okay and once we create those oauth credentials it's going to display our client id and our client secret now unlike our api key i'm not going to copy and paste these into my script instead i'm going to use the option um that google gives us to download all these credentials to a single file and that's going to make things a lot easier for us to get authorized later on so i'm just going to say ok here and now here with my client ids i'm going to click this download button here and it's going to download all of this to a clientsecret. json file now this file is going to have a big long random name but i'm going to go to our downloads folder here and i'm just going to let me make this a little larger here so we can see i'm just going to rename this to client secrets dot json instead of this big long random name okay so client secrets dot json and now i'm going to move this json uh file into the directory of our script so i also have that open here in my finder so i'm going to drag this client secrets. json into the same directory as my python script so now i can close these windows down okay so now that we have those client secrets now we can change our script so that this is working with oauth instead of just our api key but we're going to make this process a bit easier by installing some google authorization libraries that will handle a lot of the authorization for us this will also allow or this will also handle the process of running a local web server and everything like that so it makes the entire process a lot easier and we can install these just by using pip so i'm going to open my terminal here and now let's install those libraries so this is pip install and one is called google auth so let's run that and now let's also pip install google auth dash uh oauth lib so let's install this as well okay so now that we have those libraries installed now let's modify our script so that we can authenticate with oauth okay so first of all i'm going to import the authorization classes and i'll need these from the libraries that we just installed so first i'm going to say from google underscore auth underscore oauth lib dot flow i want to import installed app flow and i'm also going to import this request class that it uses to make web requests so i'm going to say from google. auth. transport. request import and this is called request okay and now we're not going to be using this api key anymore so instead let's load in all of

our oauth credentials from that client secrets json file that we move to the same directory as our script so to do this is going to be a flow object so we are going to take this installed app flow class that we just imported and this has a method called from underscore clients underscore secrets underscore file and this file was called client oops let me spell this correctly clientsecrets. json okay so this line here is going to load in all of our credentials now one more thing that we need to add in when working with oauth is the scope of the information our script can access

and when we set the scope then when i allow my script to access my youtube account it will tell me something like you know this script would like to view your youtube account and if we actually wanted to make modifications to our account or view different information then we would need to tell our script exactly what scopes our script will be accessing so that it tells the end user exactly what they're agreeing to when they allow our script access to their account so if you want to view all of the scopes then i have this page open here in my browser as well and it breaks down a little bit more what these scopes do so we can see here that this scope allows us to manage our youtube account um this one is to see all active channel members that's one that i'm using for my private script uh and then there are a few other ones here now the one that we're going to be using is this youtube read only because we're not going to be making any changes to our script we're just going to be viewing information about my account but based on what you're doing with your application you're going to have to choose different scopes so i'm going to copy this url here and now uh let's go back to our script and now we need to also add the our scopes into this installed app flow here so i'm just going to go the next line and i'm going to say that the scopes are equal to and this will be a list but the list is just going to contain that read-only scope now if you wanted to add additional scopes here then this is where you would do it okay so that should be everything that we need in terms of our credentials but now we need to run our local web server so that we can log into our google account and allow our script access to our data and this flow object that we just created will do all of this for us so to do this we can just go down another line here and i'm going to use this flow object that we just created and say flow dot run underscore local underscore server so run local server and also if you remember whenever i specified that the url for our redirect uris i said that it was localhost on port 8080 so i'm going to say port 8080 here on my local server now i'm also going to add one more argument here now that this might actually not be necessary but i ran into an issue where i wasn't getting all of the tokens back that i expected and i found this solution online basically i wasn't getting a refresh token and i'll talk more about those in a minute but i think what was happening is that i was getting a refresh token uh for the first time i was running it but since i was uh testing um and running it multiple times it wasn't giving me a re or refresh token every single time so the solution that i found online for this was to pass in a prompt of

consent and that should uh make this give me a refresh token every time i run this even when i'm testing and like i said i'll explain more about these tokens in just a bit but basically once we get authorized with our google account we're going to receive several tokens and one of these is called an access token and another is a refresh token now these access tokens have a short life span and will expire uh shortly after they're issued now the refresh tokens last much longer and you can use them to fetch new access tokens for accessing your data and the issue that i was running into like i said is that i was testing these routes and when you do that it might not send a new refresh token every time okay so let's go ahead and move on and like i said i'll talk more about those tokens in just a bit now when we reach this line of our python script then google is going to run a local web server for us and open up a page for us to log into our google account and once we log in and are properly authorized then it's going to set our credentials within this flow object now we can grab those credentials simply by accessing flow. credentials so i'm going to create a variable here called credentials and these will be set in flow dot credentials okay and that credentials object that's returned has a method called to json that will allow us to print these out in json format so let's do that just so we can make sure everything is working so far so i'm going to print out these credentials and like i said this credentials object has a method called 2json now let me comment out everything below here for now so that we can make sure that everything is working so far so i'm going to comment out everything down here at the bottom so i'm not actually going to use these credentials to connect to the youtube service yet right now we're just going to make sure that we are getting all of our authentication uh taken care of here with what we have so far so let me run this okay so i got an error here that installed appflow has no attributes from clients secrets file this is actually from client secrets file uh sorry for that typo so hopefully that's the only typo i made let's try this again okay so now when i run this we can see that it automatically opens up my web browser and brings me to this page here so let me make this just a little larger so now it's saying okay what account do you want to log in with so i'm going my main account here and when i click on this it's going to say which account or brand do you want to use i have two youtube channels but i'm just going to click my main youtube channel here that you all are mostly familiar with now this screen will pop up here saying that this app isn't verified that's because um you know we're just using a local script but we know that we can trust this because we wrote the script um now if somebody else wrote the script and they're trying to get access to your youtube information or any other information that for that matter then you probably won't want to give them access but we know that we wrote this script and that it's safe so i can click on show advanced here and then go to the youtube api so now this is the scope here it's saying that this script uh wants to view your youtube account so even if it was a nefarious application um all that they would be able to do with this scope is view your youtube data they wouldn't be able to make any changes to your account and you always want to use as little scopes or as few scopes as possible you only want you know you don't want to scare people away you just want to access only the information that you need so i'm going to say that i want to allow this script to view my youtube information so i'll allow that it's going to ask to confirm so i'll allow that again and now it automatically redirects me to this page here that says the auto uh the authentication flow has completed you may close this window so i'm going to close this go back to our script and if you remember we printed out our credentials dot to json here and these are our credentials now whenever it runs the local server it prints out this prompt here that says to authorize your application please visit this url so that is all this part here our actual credentials are this bottom half here so just so that we can see these a little bit better let me copy these and go to a new window here and let me run this json pretty print here so that we can see these a little bit better now one more thing before we look at these credentials now i don't really need that output there that said you know to authorize your application please visit this url i don't want that printed out within my python script if you don't want that one thing that you can do here in your run localsover method is that you can add this authorization let's see i think it's um authorization underscore prompt um underscore message and i'm just gonna set that to an empty string sorry having trouble typing here so authorization prompt message set that to an empty string and you won't see that big long prompt anymore so now let's go back here to our credentials and now let me take a second to describe a little bit more of what's actually going on here so far with our flow object and what this is actually doing in the background so when it runs this local web server here it's using our client id and our client secret that we get from our client secrets json file and it's using that to go to an authorization url now that authorization url is where we log in and give our application access to the scopes that we listed uh within this method as well now like i said in this case i'm giving access for my app to have read-only access to my youtube account and then after we successfully log in then google sends us back something called an authentication code and then automatically in the background google is exchanging this authentication code for an access token and a refresh token and like i said before the access token is what we use to talk to the youtube api and get the data that we're after but the access token expires fairly quickly so we should set up our application so that it automatically checks if the access token is expired and if it is expired then we'll simply use the refresh token to fetch a new one instead of going through that entire login process again there are probably a few different ways that we could do this but i'll show you how i've personally been doing this so with that said we can see that in our credentials here we have a token this is that access token then we have our refresh token um the token uri client id client secret and scopes just like we talked about before um now if that doesn't make sense let me really quick pause the video and go find a visual of what's going on and that might make a bit more sense okay so i know that what i said earlier was probably a little confusing uh you know this stuff was confusing for me the first couple of times that i did this as well so here's an actual visual of what's going on in the background just so you can be sure that you know what's going on when we request these tokens so first what we're doing is that we are requesting a token that is and then our flow object in the background will run that local web server and go out to the google servers here and that's where we have this user login and consent that's whenever i actually logged into my youtube account and allowed my script access to my youtube data and then this sends back an authorization code to the user and using that flow object this is all done automatically you can also do this manually if you want using http request but what google did automatically for us using that flow object was that it exchanged our authorization code for tokens so that is this part here and then we got a token response from the google servers that is the access token and the refresh token and we use those tokens to call the google api and that is what we're going to do now that we have these access tokens and refresh tokens okay i just wanted to be clear with that so now that we've gone over that again let's actually use these tokens to access our youtube account now like i said i'm going to set up our application so that it automatically checks if the access token is expired and if it is expired then i'm simply going to use the refresh token to fetch a new one instead of going through that entire login process again so the way that i'm going to do this is be saving our credentials into a file using pickle now if you don't know what pickle is basically it's a way for us to save python objects in a file as bytes and then load those objects back into python using that file now if you've never used it before then don't worry too much about it it's almost exactly like working with a regular file so i'm going to import a couple of modules for this so up here at the top we're going to need the os package which we already have imported and also i'm going to import pickle and now what i'm going to do here is that i'm going to initialize our

credits variable at the top of our script and i'm going to set these equal to none so let me cut these out and paste these in up here and i'm going to initialize these uh to none and then we're going to go through some conditionals uh to check if our credentials already exist and if they don't then we will go through this login process okay so now let's imagine how we want the flow of our application to go when we actually run this script so first we want to check if we already have some credentials saved in a pickle file if we do then we want to load those credentials in now i'm going to copy and paste some snippets that i have here since i'm kind of a slow typer and also i make a lot of typos like you guys have probably seen but after i paste these snippets in i'm going to walk over everything that we're doing and also i have a link to these snippets in the description section below if anybody would like to follow along okay so the first snippet that i'm going to grab here is going to be where we are checking if a pickle file already exists so right below our credentials here i'm just going to paste this in and now let me walk over what this snippet is doing so we are saying okay do we have a file in the current directory called token. pickle uh if we do then print out that i'm loading in credentials from my pickle file so then we are opening this pickle file now this is read bytes since this is a bytes file and not just a regular text file so i'm going to open that file and i'm going to call that token and then we are doing credentials is equal to pickle. load and load in that token so that is how you load in information from pickle like i said it's very similar to working with a regular file but you just have to use this pickle. load here and also open this up as bytes okay so at this point in our script here where we check if this exists if we already had some credentials saved then this conditional here will load in those credentials but if that pickle file didn't exist then our credentials would still be set to none so we're going to want to check if those if that credentials variable is still none and even if those credentials were loaded in we're also going to want to check if they're still valid so let me grab the next snippet and walk through everything in detail there now here i have a snippet that we need to import that request i think we already have that yeah here so i don't need to use this snippet here the one that i want is checking if our credentials were loaded in and if they are valid so let me copy these and then i will explain what we're doing here so right after that conditional where we're checking if um that pickle file exists with our current credentials i'm going to just overwrite all of the code that we currently have now all the way up into my comments here so i'm going to paste this in and let's scroll back over here okay so now let me explain what these are doing here so here is the part where we load in our

credentials if they already exist so now we're saying if those credentials don't exist or if those credentials are not valid then we want to come inside of this conditional here and within this conditional there are two things that we want to do we first want to check if our credentials actually exist so if we have credentials which means that they were actually loaded in from the pickle file and if those credentials are expired and if we have a refresh token then we want to refresh our access token using that refresh token and we can do that simply with credentials. refresh and then pass in that google request class that we imported up here at the top and i also made a print statement here just so that we can see that within our file that we are refreshing our access token now if we don't hit this conditional then it means that we don't have uh credentials or you know a refresh token or something like that in that case what we want to do is just do everything that we did before where we fetch new tokens and that is what we have uh done in this video previously up to this point we're in using that we're using that installed app flow from client secrets file um using that client passing in the corrupts correct scope which in my case is youtube read only i am running my local web server and in my case it's on port 8080 and then we are setting our credentials equal to those flow credentials after we are properly authenticated and the user logs into their youtube account and now that we have those credentials i want to save those to a pickle file so that the next time we run this script we don't have to go through this entire login process again so to save this using pickle we can just open up a file using write byte mode and then i can just say pickle dot dump credentials into that file okay so i know that was a lot but like i said i am going to have these uh snippets available in the description section below if anybody wants to follow along with these i'll have those available so that you can copy and paste okay so now that we have all of this in place let's go ahead and run this and make sure that everything's working correctly and if it looks like it's working how it should then we'll finally connect to the youtube service using these oauth credentials and see if we can see my unlisted videos so let's run this and make sure that these snippets that i pasted in are currently working now i don't currently have a credentials pickle file here so i'll probably have to log in again so this is the process that we saw before i'm going to choose my youtube account that i want to give access to i'm going to say that i trust my script allow access and then it says authentication has completed you may close this window so i will close that open that script back up and we can see everything that we printed out here so i said fetching new tokens saving credentials for future use now i know that this is probably going to be hard to see in my sidebar here but i do have a token. pickle file here now like i said this is bytes so this is just going to be a bunch of gibberish but whenever we load that back in python is going to know what to do with that so now that we have our credentials saved in this token. pickle file if i run this again then it should need to open up a browser and make us go through that entire login process again it should just be able to use that pickle file with our existing credentials so let me run this again and see what happens so we can see that when i ran this it simply says loading credentials from file so that means that it loaded in and whenever we hit this conditional here apparently our credentials weren't expired and we didn't have to go through our entire login process again so that's good okay so that should be everything that we need to do for our credentials so now let's finally use these credentials to connect to the youtube api and list out uh my videos so i'm going to go down here and uncomment out my code from before where we connected to this youtube service now we actually don't need to change much here but one thing that we do need to change is that we are no longer using this api key or what youtube has this argument is called developer key so instead of passing in an api key i'm instead going to change this so that we're passing in our new credentials and all we need to do is change this parameter and this argument to credentials so i'm going to say credentials is equal to credentials so let's save that and now if i run this using those new credentials then let's look what we have here so we can see that it loaded those in from a file and now whenever we look at the videos that i get back from my account the first video that i have here this is a privacy status of unlisted so it is seeing my unlisted videos and if i go down to the bottom here now i can see that the page info the total results is 236. now if you remember at the beginning of the video when we made a public request to my channel we were getting 229 videos so we're seeing more videos and that's because i have about seven that are private or unlisted now let's see if we can list out the url of an unlisted video now i could loop through all of my videos like we've done in previous videos but i'd like to keep my other you know videos actually private so i'm just going to grab my first unlisted video that i uploaded not long ago

ago so first let me loop over the first five videos here and make sure that i actually have this unlisted video here now we've actually already seen this but what i'm going to do here is instead of printing out this response i'm going to say for item in response and i'm going to access the items here that were returned and then i'm just going to print out each of those items and each of these in this case should be a video so i'm going to run this and now each of these should be a video and we can see here that the latest video here is unlisted and now let's grab the video id of this video with the video id we'll be able to create a youtube link so in order to get the video id uh up here where we make our request oops i went up a little bit too far here up here where we make this request right here for the part we don't only want the status while we also want the content details so i'm going to save that and run it and now for each video let me go up to the top one here that was the uh unlisted video so that is right here um we can see that we have a video id and with these video ids we can actually create a youtube link so what i'm going to do here is i'm only

going to print out the video ids of these videos so to do this we could access we can see here that we have content details and then within that is video id and this is all dictionaries here so up here when we print out our item i'm just going to access both of those so i'm going to say content details so i want to access that key of each item and then i also want to access the video id within those content details so i'm going to save that and run it and now we're just getting the video ids for each of those now if

you want to create a youtube link using the video id then we can simply do this so first let me capture this into a variable so i'll call this vid underscore id and to create a youtube link i can say youtube link is equal to i'm going to do uh an f string here and this is what uh youtube links to videos look like so i'll say https colon forward slash and this will be a shorthand link so a shorthand link on youtube is u2. be and then forward slash and then the video id so since we're using an f string i'm just going to paste that in there dynamically like that and now let's print out these full youtube links so i'll print these out and so now i have a youtube link here so now let me paste this into my browser and make sure that this worked um so if i paste this sorry hopefully my sound is off let me mute this up let me meet that okay so that is an unlisted video that's a private video that is on my channel um and let me go ahead and pause this as well so if you're interested in watching one of my old home videos that i had unlisted on my channel then you can type in that url and check that out if you'd like it's an unlisted video which means that it's not private but anybody with the url can actually watch it but i'm not going to play the whole thing here because i assume that most of you are more interested in the youtube api and not my home videos so now that we made sure that worked and that we did get a link to our unlisted video here let me go back to uh the script okay so that uh actually worked we can see that this entire process here which i know is a lot of code but most of this is just checking credentials and things like that so that we don't have to log in every time um but we were able to log in using oauth to log into our youtube account and give our script access to some private user data and in this video we only saw that i could see my unlisted videos but there's so much more that we can do with this some apps use this to run analytics for youtube channels and give them tips for how they can improve their import performance um i could use this concept to write an app so that i could use a python script to update my youtube descriptions upload videos change thumbnails or really anything that we'd like to do like i said at the beginning of the video i'm actually using this same process right now to grab my youtube members with the python script so that i can automatically create some credits to the end of each video and i did finally get this working with youtube so now at the end of each video i now have my patreon and youtube contributors listed and you'll see those at the end of this video in just a bit but with that said i think that's going to do it for this video i hope you feel like you got a better understanding of the process of connecting to an api using oauth even if you're not using the youtube api the oauth process will likely look like this for most applications and we'll probably see this in future videos when i use python with twitter and reddit and things like that now in this video we saw an example using my local machine but you could also have the same functionality on a web page or an app where users allow access to their private information for a specific reason so like i said at the beginning of the video this would be similar to instagram having you log into your twitter and allowing them to post photos to your twitter automatically on your behalf each time you post a picture to instagram so something like that is a good example of where you would use something like this so if you find this kind of video useful then maybe i can make some future flask or django videos where we do some oauth stuff like this on an actual web page but if anyone has any questions about what we covered in this video then feel free to ask in the comments section below and i'll do my best to answer those and if you enjoy these tutorials and would like to support them then there are several ways you can do that the easiest way is simply like the video and give it a thumbs up and also it's a huge help to share these videos with anyone who you think would find them useful and if you have the means you can contribute to patreon or youtube and there are links to those pages in the description section below be sure to subscribe for future videos and thank you all for watching