YouTube APIs and Tools

Getting Started
YouTube Data API
- Client Library Guides and Code ^(v2.0)
- Developer's Guide ^(v2.0)
  - Customized!
    (edit)(link)(clear)
  - Customize this guide!
  - Authentication
  - Understanding Video Feeds and Entries
  - Retrieving and Searching for Videos
  - Searching for Channels
  - Searching for Playlists
  - Uploading Videos
  - Updating and Deleting Videos
    - Providing Captions for a Video
  - Community Features
  - Saving and Collecting Videos
  - Enabling User Interaction
  - Using the Simple Update Protocol (SUP)
  - Using Batch Processing
  - Testing and Troubleshooting
  - Retrieving Insight Data for a Video
  - Understanding API Error Responses
  - Revision History
  - Printable version
- Reference Guide ^(v2.0)
- Migration Guide ^(v2.0)
- Interactive Demo
- Prior API Versions
  - Version 1.0
YouTube Player Tools
- Player Parameters
- Player APIs
  - JavaScript API
  - Flash API (AS3)
    - Flash API (AS2)
- Player API Demo
- Sample Playground
Additional Resources

Developer's Guide: Data API Protocol – ClientLogin for Installed Applications

To make an authenticated API request using ClientLogin, you must identify the YouTube user account associated with the request. You must also use YouTube's ClientLogin system for single-user authentication. You will provide the username and password for the user's YouTube user account, verifying that the user is authorized to perform operations associated with that account. The authenticated actions will then be associated with that account. Please note that the following instructions vary slightly from the standard ClientLogin instructions.

To obtain an authentication token, submit an HTTP POST request to the following URL:

https://www.google.com/youtube/accounts/ClientLogin

The following guidelines apply to the request:

The POST request must specify the value application/x-www-form-urlencoded for the Content-Type header.
The POST body must include a string in the following format:
```
Email=<youtube_username>&Passwd=<youtube_password>
  &service=youtube&source=<source>
```
You need to make the following changes to this string:
- Replace the string <youtube_username> with the user's YouTube account username.
- Replace the string <youtube_password> with the user's YouTube account password.
- Replace the string <source> with a short string that identifies your application for logging purposes.
The <youtube_username>, <youtube_password> and <source> values must all be URL-encoded.

Google will return a response that contains the authentication token that you will need to execute API operations associated with the specified user's YouTube account. The authentication token will be the Auth value on that page. In addition, the YouTubeUser value on the page will be the user's YouTube account username. You must extract the authentication token and username from the page and then submit those values in API requests. Please note that authentication tokens expire periodically. As such, your application may need to repeat this authentication process and update the value of the authentication token when the token is rejected as expired.

Note: The Google ClientLogin documentation explains how to also incorporate a CAPTCHA challenge into an application using ClientLogin authentication.

Authentication Example

For example, suppose you want to authenticate a YouTube account for which the username and password are testuser and testpassword, respectively. You can simulate the HTTP POST request using the Linux 'curl' command, as shown in the following example:

curl \
  --location https://www.google.com/youtube/accounts/ClientLogin \
  --data 'Email=testuser&Passwd=testpw&service=youtube&source=Test' \
  --header 'Content-Type:application/x-www-form-urlencoded'

If your authentication request is successful, the response to your request will have the following format. (Please note that the Auth token value has been shortened in the example.)

Auth=AIwbFARksypDdUSGGYRI_5v7Z9TaijoPQqpIfCEjTFPAikn_---OC-I1VJtQ
YouTubeUser=testuser

When you make an authenticated API request using a ClientLogin authentication token, your request needs to specify the Authorization HTTP request header as shown in the example below:

Authorization: GoogleLogin auth=<authentication_token>
X-GData-Key: key=<developer_key>

Process flow diagram

The following diagram illustrates the steps involved in authenticating a user using the ClientLogin authentication scheme. Like AuthSub authentication, ClientLogin authentication can be used with either direct uploading or browser-based uploading.

The image shows the following steps:

The user clicks a link on your site to upload a video.
Your application presents a form for the user to enter a YouTube username and password.
The user submits his YouTube username and password to your installed application.
Your application sends a ClientLogin authentication request to YouTube to obtain an authentication token for uploading the video. The request specifies the username and password for the user's YouTube user account, which will be the account associated with the video.
YouTube verifies the user's username and password and returns the authentication token to your application. If you are using browser-based uploading, the token will allow you to upload the video metadata. If you are using direct uploading, the token will allow you to upload the metadata and the actual video file.

Faster apps faster - GWT 2.0 with Speed Tracer New!

YouTube APIs and Tools

Getting Started

YouTube Data API

YouTube Player Tools

Additional Resources

Developer's Guide: Data API Protocol – ClientLogin for Installed Applications

Process flow diagram

Faster apps faster - GWT 2.0 with Speed Tracer ^New!