Here's a walkthrough on performing server-side authentication with the Google Analytics API and Node.js.
What you'll need
First, you'll need the Google API Node.js Client - install with
npm install googleapis --save.
Next, go to the Google Developers Console and create an account and a new project.
Turn on the Analytics API from the APIs & Auth section.
Create a new Client ID (in the credential section). Make sure it's a Service Account. This will create and download a .p12 file and reveal a password to you on screen (used below). Also, take note of the Service Account "Email Address" field, you'll need it later.
Move this .p12 file into your project. Run this command from the command line:
openssl pkcs12 -in YOURFILE.p12 -nocerts -passin pass:YOURPASS -nodes -out MYNEWFILE.pem
This generates a .pem file, which you will reference when creating the authentication script.
Hook it up
Next, copy the email address from the service account (in the credential section) and go to your Admin panel in Google Analytics. Find the area to add new users to your Google Analytics Property, and add that email address as a user that has at least READ rights.
Ok, you should be all set to go. Here's the first bit of code you'll need:
This will bring in the Google Analytics API functions and create a new JWT client. Next we just need to authorize, and then we're ready to query the API.
OK, we're authorized. Now, let's query the API. The Google Analytics API comes with a core reporting API and a realtime APi. Make sure you know which one you're using. And make sure you know your rate limits (right now it's 50,000 request/day for free).
PAUSE. That ID in the above statement is important. It's not the account ID, it's not the tracking ID, it's the View ID. Go to the Google Analytics admin panel. Find your "Account", then find the "Property", then find the "View". You'll see "View Settings". Click that. You'll be presented with the details about the view (name, url, time zone, etc.). But most importantly, it tells you the View ID. This is what you need to use in the query statement above.
Also, make sure you include the
auth: jwtClient in there, as it needs to know you're authorized to make that call. That wasn't in the docs, I made a lucky guess :).
Hope that helps!