CE Clipper Emsa Pro

YouTube Testing App

Connect YouTube and validate upload permission.

This page demonstrates the user-facing OAuth grant process for Clipper Emsa Pro. It shows the app details, OAuth client ID, redirect URI, requested scope, token validation, and the upload-only purpose.

Connect / Reconnect YouTube Open Testing Instructions

OAuth Client Details

Show in video
App name Clipper Emsa Pro
Homepage https://clipper.emsa.pro
Privacy Policy https://clipper.emsa.pro/privacy-policy
Terms of Service https://clipper.emsa.pro/terms-of-service
OAuth client type Web application
OAuth client ID 365017663538-q98jq7e4qgsjp4g7bdcam7ndvmkblka0.apps.googleusercontent.com
Client secret configured, hidden
Redirect URI https://clipper.emsa.pro/auth/youtube/callback.php

Token Status

Session only
Access token empty
Refresh token not received yet
Expires in seconds
Granted scope not validated yet
Audience not validated yet

OAuth Grant Process For Review

User flow
  1. User opens https://clipper.emsa.pro/login-youtube.php.
  2. User clicks Connect / Reconnect YouTube.
  3. Google shows the app name, OAuth client, and requested YouTube upload permission.
  4. User grants access and returns to https://clipper.emsa.pro/auth/youtube/callback.php.
  5. The app exchanges the authorization code for tokens, validates the granted scope, and stores the refresh token in the server-side session for this review flow.
  6. The production automation stores the long-lived refresh token as an encrypted GitHub Actions secret and uses it only to upload generated Shorts.

Sensitive And Restricted Scope Usage

Upload only
https://www.googleapis.com/auth/youtube.upload

Used only to upload final generated short videos to the connected YouTube channel.

No unrelated Google access

The app does not request Gmail, Drive, Calendar, Analytics, comment management, video deletion, or private channel-management scopes.

Token handling

Access tokens are temporary. Refresh tokens are kept server-side and never shown in public UI. Users can revoke access from their Google Account.