When a user logs in, I want to check if their domain has my Marketplace app installed. It looks like this should in theory be possible with the Marketplace License API endpoints.
However, whenever I try to use the "Try it now" feature for the Customer License, User License or License Notification endpoints, I always get a 403 Forbidden with the message "Not authorized to access the application ID".
For example, if I try to query the LicenseNotification endpoint, I do the following:
Click on the Authorize toggle and click "Authorize" to authorize that scope for my logged-in user (which is the Google Apps Admin account which owns the application, btw).
For applicationId, I then enter the 12-digit "App Id" field from the Google Apps Marketplace SDK settings in the old developers console (Also known as Project Number from the new developers console app overview page).
When I click Execute I get the 403 "Not authorized to access the application ID". I have also tried using my Project Id (i.e. "my-app" from the Developers Console Overview page) in place of the Project Number/App Id, and get the same response.
Am I missing something here?
Alternatively, if someone knows of another way for the owner of a GAM App to query a list of domains which have it installed, that would be an ideal solution for me as well - I couldn't find anything like this.
Okay, read some more and figured this out at last.
What I was missing was the fact that the authentication for the Licensing endpoints requires you to use a Service Account, not a regular user account. Which makes sense why the "Try it Now" feature on the documentation pages didn't work at all.
Unfortunately, we use PHP and the google-api-php-client does NOT yet have services for the Licensing APIs. However, the client project does show an example of using a service account instead of the normal user OAuth2 flow.
I used this example and stole a little bit of the source code from Resource.php's call method to call the Customer License endpoint to check to see if a domain has our app installed or not:
$privateKey = file_get_contents('path/to/private-key.p12');
$serviceAccountName = '12345-j@developer.gserviceaccount.com';
$cred = new \Google_Auth_AssertionCredentials(
$serviceAccountName,
array('https://www.googleapis.com/auth/appsmarketplace.license'),
$privateKey
);
$client = new \Google_Client();
$client->setApplicationName('Apps_Marketplace_Licensing_Check');
$client->setAssertionCredentials($cred);
if ($client->getAuth()->isAccessTokenExpired()) {
$client->getAuth()->refreshTokenWithAssertion($cred);
}
$url = \Google_Http_REST::createRequestUri(
'appsmarket/v2/',
'customerLicense/{appId}/{customerId}', [
'appId' => ['location' => 'path', 'type' => 'string', 'value' => $appId],
'customerId' => ['location' => 'path', 'type' => 'string', 'value' => $domain]
]
);
$httpRequest = new \Google_Http_Request($url, 'GET');
$httpRequest->setBaseComponent($client->getBasePath());
$httpRequest = $client->getAuth()->sign($httpRequest);
/* returns JSON array */
$result = $client->execute($httpRequest);
$isDomainInstalled = ($result && isset($result['state']) && $result['state'] == 'ACTIVE');
Hopefully the folks over at the google-api-php-client project will eventually add a true service for these endpoints, but for now this workaround isn't too terribly painful.
The licensing API may help you to obtain the information you need https://developers.google.com/google-apps/marketplace/v2/developers_guide
