Using the Chrome Web Store Publish API

# Overview

The Chrome Web Store Publish API provides a set of REST endpoints for programmatically creating, updating, and publishing items in the Chrome Web Store.

# Initial setup

Before you can begin making REST calls against the Chrome Web Store, you will need to enable the Chrome Web Store API, configure your OAuth consent screen, and retrieve your API access keys. The following sections walk through this process.

# Enable the Chrome Web Store API

1. Go to the Google Cloud Console.
2. Create a new project or select an existing one.
3. In the search bar type “Chrome Web Store API”.
4. Enable the Chrome Web Store API.

# Configure the OAuth consent screen

1. Go to OAuth consent screen.
2. Select External then Create.
3. Fill out the required App information fields (listed below) then click Save and Continue.
   • App name.
   • User Support email.
   • Developer contact email.
4. Skip Scopes. click Save then Continue.
5. Add your email address to Test users, then click Save then Continue.

# Get the access keys

1. Go to Credentials.
2. Click Create Credentials then OAuth client ID.
3. For Application type, choose Desktop App.
4. Fill out the name, then click Create.

The console will provide the client ID and client secret.

# Testing your OAuth application

You can retrieve an access token to work with the API. For example, enter this URL in your browser, replacing the $CLIENT_ID with the one for your app:

https://accounts.google.com/o/oauth2/auth?response_type=code&scope=https://www.googleapis.com/auth/chromewebstore&client_id=$CLIENT_ID&redirect_uri=urn:ietf:wg:oauth:2.0:oob

You will see a page asking you to accept permission for the requested scope.

Click Accept and copy the code. It should look something like this:

Use this value to request an access token. For example, using curl, you can get an access token by executing the following command (replacing the values of $CLIENT_ID, $CLIENT_SECRET, and $CODE with the values from above):

> curl "https://accounts.google.com/o/oauth2/token" -d \
"client_id=$CLIENT_ID&client_secret=$CLIENT_SECRET&code=$CODE&grant_type=authorization_code&redirect_uri=urn:ietf:wg:oauth:2.0:oob"

This will return a result such as:

{
  "access_token" : "ya29...",
  "expires_in" : 3600,
  "refresh_token" : "1/rwn...",
  "scope": "https://www.googleapis.com/auth/chromewebstore",
  "token_type" : "Bearer",
}

You can now use the access_token to call the API. You can also use the refresh token to get future access tokens. Note that tokens expire after an hour.

# Using the API

Once you have an access token, your extension can then use the Chrome Web Store Publish API. There are endpoints for creating a new item, updating an existing item, and publishing an item.

Below is a list of considerations for using the Publish API:

• Developers are required to enable 2-Step Verification for their Google account to publish or update an existing extension.
• Before you can publish a new item, you have to fill out the Store Listing and Privacy practices tabs in the Developer Dashboard.
• After publishing a new or existing item, it will undergo a review process. See Review Process to learn more.
• To release an update, increase the number in the version field of the manifest.

Learn more about the Chrome Web Store Publish API here.

# Uploading a package to create a new store item

Endpoint: https://www.googleapis.com/upload/chromewebstore/v1.1/items
Type: POST
Header Parameters: 
  $TOKEN: the access token
Body content: the package file to upload

Type the following example on the command line:

> curl \
-H "Authorization: Bearer $TOKEN"  \
-H "x-goog-api-version: 2" \
-X POST \
-T $FILE_NAME \
-v \
https://www.googleapis.com/upload/chromewebstore/v1.1/items

# Uploading a package to update an existing store item

Endpoint: https://www.googleapis.com/upload/chromewebstore/v1.1/items/$ITEM_ID
Type: PUT
Header Parameters: 
  $TOKEN: the access token
Body content: the package file to upload

$ITEM_ID is the ID of the existing Web Store item.

> curl \
-H "Authorization: Bearer $TOKEN"  \
-H "x-goog-api-version: 2" \
-X PUT \
-T $FILE_NAME \
-v \
https://www.googleapis.com/upload/chromewebstore/v1.1/items/$ITEM_ID

# Publishing an item to the public

Endpoint: https://www.googleapis.com/chromewebstore/v1.1/items/$ITEM_ID/publish
Type: POST
Header Parameters: 
  $TOKEN: the access token

> curl \
-H "Authorization: Bearer $TOKEN"  \
-H "x-goog-api-version: 2" \
-H "Content-Length: 0" \
-X POST \
-v \
https://www.googleapis.com/chromewebstore/v1.1/items/$ITEM_ID/publish

# Publishing an item to trusted testers

Endpoint: https://www.googleapis.com/chromewebstore/v1.1/items/$ITEM_ID/publish?publishTarget=trustedTesters
Type: POST
Header Parameters: 
  $TOKEN: the access token

> curl \
-H "Authorization: Bearer $TOKEN"  \
-H "x-goog-api-version: 2" \
-H "Content-Length: 0" \
-X POST \
-v \
https://www.googleapis.com/chromewebstore/v1.1/items/$ITEM_ID/publish?publishTarget=trustedTesters

# Checking the upload status of an item

Endpoint: https://www.googleapis.com/chromewebstore/v1.1/items/$ITEM_ID?projection=DRAFT
Type: GET
Header Parameters: 
  $TOKEN: the access token

curl \
-H "Authorization: Bearer $TOKEN"  \
-H "x-goog-api-version: 2" \
-H "Content-Length: 0" \
-H "Expect:" \
-X GET \
-v \
https://www.googleapis.com/chromewebstore/v1.1/items/$ITEM_ID?projection=DRAFT