Application Integration - Conversion from curl command to python script

I had a scenario where I need to convert the curl command into a python snippet in order to trigger the API Trigger of Application Integration. This is the curl command:

curl -X POST -H "Content-Type: application/json" -d '{"trigger_id":"api_trigger/trigger_id", "inputParameters": {"partyName": {"stringValue": "sample_string"}}}' 'https://region-integrations.googleapis.com/v1/projects/project/locations/-/integrations/integrationName:execute' -H "Authorization: Bearer $(gcloud auth print-access-token)"

I have written the python snippet in this way:

url=‘https://region-integrations.googleapis.com/v1/projects/project/locations/-/integrations/integrationName:execute’
info = {
‘client_id’: client_id,
‘client_secret’: client_secret,
‘refresh_token’: refresh_token
}
creds = Credentials.from_authorized_user_info(info=info)
access_token = creds.token
headers = {‘Authorization’: f’Bearer {access_token}', ‘Content-Type’: ‘application/json’}
payload = {
“trigger_id”: “api_trigger/trigger_id”,
“inputParameters”: {
“party_name”: {“stringValue”: str(party_id)}
}
}

response = requests.post(url, headers=headers, data=json.dumps(payload))

I obtained the client_id and client_secret from the OAuth 2.0 client IDs section of Credentials page. I obtained the refresh token from the Oauth 2.0 playground by authorizing the APIs and exchanging the authorization code for tokens. I am able to see the response in the OAuth Playground when I post a request there as the Authenticatio_token gets added there automatically. I am facing the issue when I am trying to get the acccess_token from my Flask Application. I am seeing the access_token as 'None" even though the client_id, client_secret and refresh_token are set correctly. It would be great if anyone can help me to solve this issue.

I would recommend using the official python library for Google Cloud APIs. The repo is here

Please note, at the moment we support the v1alpha APIs.

@Anonymous ,

Thank you for the solution!! I am able to get the access tokens now. Is there any way to skip this authorization part. We wanted to let the end-user get the results quickly by calling the API Trigger. We wanted to let the users access the information even if they don’t have the Google account ( This will fail here as the users should authenticate ). Is there any mechanism by which we can bypass this OAuth part?

No, that is not possible. The Execute API is a Google API (integrations.googleapis.com) and therefore always protected by Google OAuth. If you want to open the API to users who don’t have Google Account, please consider a gateway like Apigee. You can implement other techniques to secure the API (or keep it open, but accessible via a private network).

@Anonymous ,

Thank You for the quick response. I am having a last doubt regarding the same topic (regarding the setting of login_hint and access_type). I have posted this here - https://www.googlecloudcommunity.com/gc/Integration-Services/Application-Integration-Regarding-OAuth-for-API-Trigger/td-p/542635. Can you please provide your inputs regarding this.
Thank You.

I am not familiar with how App Engine works. Cloud Run and Cloud Functions are associated with service accounts. Any code running in Cloud Run or Functions automatically obtain tokens from the SA configured for the Run/Functions.