Google Contacts API now requires HTTPS

Beginning March 31, 2014, Google requires HTTPS for all communication with the Contacts API service in order to improve user security. The majority of application developers already use HTTPS to communicate with the Contacts API, but there are a few legacy applications that still use the HTTP protocol. This change allows for improved security moving forward.

Specifically:

  • Contact read requests using HTTP (HTTP GET) now return HTTP 301 Redirect - Moved Permanently, and are redirected to the HTTPS equivalent of the same URL. Depending on the HTTP library you are using, your application may not require a code change and automatically switch to the more-secure HTTPS protocol by following these redirects.
  • Contact update requests using HTTP (POST, PUTS, and DELETE) now return a HTTP 401 - Unauthorized error. There are fewer applications making update requests, and if yours is one of them, simply changing the HTTP URL to HTTPS will return it to its prior functionality.

Send feedback about...

Contacts API