/ or How To Choose a Web Service API

Most startups today leverage commercial SaaS services. When it comes to choosing an API, there are many choices but I tend to try the ones that end in “.io” first. For example, when looking at weather forecast APIs, I skipped over familiar names like Yahoo and Weather Channel and went straight for Better service APIs tend to have domains ending in “.io” and they have straightforward APIs, solid documentation, libraries in your favorite language and simple freemium plans. All of this usually allows you you decide within minutes whether this service will work for you. Check out my super short tutorial on using


Rails Google OAuth2 Tutorial

Google recently deprecated OpenID 2.0 authentication, which I used to authenticate users via Google Apps for internal projects like our Dashboard. In a couple of months, it will just stop working so I’ve been converting projects to use OAuth 2.0. Google login is pretty convenient, especially if your team is on Google Apps. The conversion process was very annoying so I hope this tutorial saves you time.

First, we’ll need to setup a new project in the Google Developers Console.


Next, enable the “Google+ API”:

google plus

Go to “APIS & AUTH > Credentials” and click “Create New Client ID”. You’ll need to configure the origins and redirect URIs for every domain you need. I’ve configured it for development and for Heroku so you can see a live demo.

client settings

You should now have a CLIENT ID and CLIENT SECRET. Let’s put them in your shell startup script so that your app can access them. We do it this way so that you don’t check in sensitive information into your source code.



Now we can run the example:

source ~/.bash_profile
cd ~/Sites
git clone
cd google_oauth2_tutorial/
bundle install
bundle exec rake db:setup
bundle exec rails s

This loads your shell startup script, grabs the source code, setups up the database and starts the app. If all went well, you should be presented with the Google Login screen. After logging in and approving the app permissions, you should see “You are logged in via OAuth 2.0 as <your email>!”.

More Details

This tutorial uses the Omniauth gem, which makes it easier to provide multiple ways for users to authenticate into your app. You specify what you want your app to allow as individual “strategies”:


Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV['GOOGLE_CLIENT_ID_TUTORIAL'], ENV['GOOGLE_CLIENT_SECRET_TUTORIAL'], {scope: 'email,profile'}

Tip: If you want to use this for your Google Apps domain, simple pass an additional parameter:

provider :google_oauth2, ENV['GOOGLE_CLIENT_ID_TUTORIAL'], ENV['GOOGLE_CLIENT_SECRET_TUTORIAL'], {hd: '', scope: 'email,profile'}

The whole flow can be confusing so make sure you reference the Omniauth documentation before trying to troubleshoot. I found that if you don’t fully understand the flow, it will be very hard to debug your code. However, once you do, adding other strategies like Facebook or Twitter should be much easier.


If you’re seeing “invalid client_id”, your environment variables are probably not set correctly. You can use the “printenv” command to verify if the particular terminal tab you’re running the server in has the right variables. If not, source your shell startup script again. If you’re seeing API permission errors, you probably forgot to enable the Google+ API. Google’s documentation has more detailed information on specific errors that may help. If all else fails, clear your browser cookies for localhost.