MuleSoft Connector for Google Analytics

Build 20.0.7587

Custom Credentials

You can use a custom OAuth app to authenticate with a service account or a user account. See Using OAuth Authentication for more information.

Authenticate with a User Account

Desktop Authentication with a Custom OAuth App

Follow the steps below to authenticate with the credentials for a custom OAuth app. See Creating a Custom OAuth App.

Get and Refresh the OAuth Access Token

After setting the following, you are ready to connect:

  • OAuthClientId: Set this to the client Id assigned when you registered your app.
  • OAuthClientSecret: Set this to the client secret assigned when you registered your app.
  • InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken.
  • Profile: Set this to the Google Analytics profile or view you want to connect to. This value can be retrieved from the Profiles table. If this is not specified, the first Profile returned will be used.
When you connect the connector opens the OAuth endpoint in your default browser. Log in and grant permissions to the application. The connector then completes the OAuth process:
  1. Extracts the access token from the callback URL and authenticates requests.
  2. Refreshes the access token when it expires.
  3. Saves OAuth values in OAuthSettingsLocation to be persisted across connections.

Authenticate with a Service Account

Service accounts have silent authentication, without user authentication in the browser. You can also use a service account to delegate enterprise-wide access scopes to the connector.

You need to create an OAuth application in this flow. See Creating a Custom OAuth App to create and authorize an app. You can then connect to Google Analytics data that the service account has permission to access.

After setting the following connection properties, you are ready to connect:

  • InitiateOAuth: Set this to GETANDREFRESH.
  • OAuthClientId: Set this to the Client Id in your app settings.
  • OAuthClientSecret: Set this to the Client Secret in your app settings.
  • OAuthJWTCertType: Set this to "PEMKEY_FILE".
  • OAuthJWTCert: Set this to the path to the .pem file you generated.
  • OAuthJWTCertPassword: Set this to the password of the .pem file.
  • OAuthJWTCertSubject: Set this to "*" to pick the first certificate in the certificate store.
  • OAuthJWTSubject: Set this to the email address of the user for whom the application is requesting delegate access. Note that delegate access must be granted by an administrator.
  • Profile: Set this to the Google Analytics profile or view you want to connect to. This value can be retrieved from the Profiles table. If this is not specified, the first Profile returned will be used.
When you connect the connector completes the OAuth flow for a service account.
  1. Creates and signs the JWT with the claim set required by the connector.
  2. Exchanges the JWT for the access token.
  3. Saves OAuth values in OAuthSettingsLocation to be persisted across connections.
  4. Submits the JWT for a new access token when the token expires.

Copyright (c) 2020 CData Software, Inc. - All rights reserved.
Build 20.0.7587