Use PowerShell to make Rest API calls using JSON & OAuth

If you come from an IT Pro background like me, I have probably scared you off already by mentioning terms like Rest API, RegEx, JSON & OAuth. But don’t worry, I am going to walk you though some examples using PowerShell to automatically capture data from a random websites and then in turn post Google blogger blogs including the captured data and send Twitter tweets of the blogs URL using PowerShell.

Why is this important? Think of how large the world wide web is. Imagine a website or group of websites you want to monitor and capture data from. Could be internal websites or external websites. Could be weather, sports results, stock market results etc. Either way, I will show you how to scan the internet, filter and massage the data and then blog and tweet it. The best part of all, this is fully automatic.

In a nutshell, OAuth authentication is made up of different stages. First stage is to get a Client ID & Client Secret, these two fields are available to you when you setup your ‘app’ in either Twitter or Google. Then on top of these, you need an access token and this access token is used when trying to access your app to make it do things, like post a blog or tweet a tweet. Getting the access token in Google attracts more steps than that of Twitter. The access token is the golden key in which you need to do things with e.g . post blogs. With Google, there’s a couple of other steps prior in which you need to get an authorization code and then exchange this authorization code for both an access token and refresh token. The refresh token, if kept, can be used later on to get a new access token each time without going through the other two steps. Roughly every hour you need a new access token, so using the refresh token is a much easier process. Also using an automation process like a robot to do the work or automated task, by using a refresh token it doesn’t require human intervention in order to obtain the access token.

Below are the steps for the Google side of things and is an overview to what is in the script:

  1. Get the authorization code, you provide the following pieces of information in the form of a URL. What is returned is an authorization code which is embedded in the URL. What I mean by this, when running the below parameters compiled into a single URL, it navigates to the URL specified in the redirect_url and a code is appended to the URL. This is why for this step, Internet Explorer is used.Please note, this step is only required if a refresh token is not already obtained or kept.
    1. $scope = “”
    2. $response_type = “code”
    3. $approval_prompt = “force”
    4. $access_type = “offline”
    5. $redirect_uri = “”
  2. Exchange the authorization code for a refresh token and access token.Please note, this step is only required if a refresh token is not already obtained or kept.
    1. $grantType = “authorization_code”
    2. $requestUri = “”
    3. $requestBody = “code=$authorizationCode&client_id=$app_key&client_secret=$app_secret&grant_type=$grantType&redirect_uri=$redirect_uri”
    4. Invoke-RestMethod -Method Post -Uri $requestUri -ContentType “application/x-www-form-urlencoded” -Body $requestBody
  3. Exchange the refresh token for an access token. As long as the refresh token is kept, then this step is all that is needed to gain new access tokens
    1. $grantType = “refresh_token”
    2. $requestUri = “”
    3. $requestBody = “refresh_token=$refreshToken&client_id=$app_key&client_secret=$app_secret&grant_type=$grantType”
    4. Invoke-RestMethod -Method Post -Uri $requestUri -ContentType “application/x-www-form-urlencoded” -Body $requestBody


Twitter setup

First off, you’re going to need to set yourself up a Twitter app, go to Twitter’s application page, sign in….


Click on Create new app.


Fill in the details. The Callback URL is not really important for this exercise.


Click on permissions


Confirm read and write is selected

Click on Keys and Access Tokens


At the bottom, click on Create my access token


Now on this page you need to make a note of Consumer Key (API Key), Consumer Secret (API Secret), Access Token and Access Token Secret. This is what you’ll need in the PowerShell script to automate tweets. Notice too that Twitter give you the access token then and there? Whereas in the Google world, the access token is not at freely available.

Google setup

For the Google setup, you’ll need to go to and sign-up/login and create a new project. The new project will give you access to an


Up the top, click on the drop down list and select your new project.


On the left, click on APIs, then select Blogger API, then select Enable API. This will enable the Blogger API for your new project.


After the API is enabled, you need to setup the credentials. Click on credentials to the left > add credentials > select OAuth 2.0 client ID


Fill out the consent screen details as you wish. Then on the next page, select Web application, give it a name and fill in the redirect URI. Remember, the redirect URI doesn’t have to be anything custom or specific, just any HTTPS URL will do, but better to use your own HTTPS site if you have one.


Take a note of the client ID and client secret on the next screen, as you will need these in the PowerShell script at the top.


The full script is below, a good example of capturing data, filtering it, massaging it and then reporting on it.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s