Ends July 1$89/mo locks in for life. Reverts to $129 after July 1.
ARTICFLY
GET STARTED →
///INTEGRATION

Blogger (Google Blogger v3) Integration

Connect Articfly to your Google Blogger blog with one-click Google OAuth. Articfly auto-publishes AI-generated articles to the blog you pick, refreshes access tokens in the background, and lets you switch between blogs you own without re-authorizing.

Prerequisites

  • A Google account that owns at least one Blogger blog. If you have multiple blogs on the same Google account, Articfly fetches the full list and lets you pick which one to publish to.
  • Testing-mode limits apply right now. Articfly's Google OAuth app is currently in Google's "Testing" status while we go through the CASA Tier 2/3 security audit needed for the restricted auth/blogger scope. In practice this means: maximum 100 connected users at any time, and your refresh token expires every 7 days so you re-connect once a week. The integration page shows a banner with both limits. Production status (no caps) lands once the audit clears.
  • Active Articfly account, sign up at app.articfly.com.

Connecting Your Blogger Account

Two clicks. No copy-pasting API keys.

01

Click "Connect with Google"

In the Articfly dashboard, go to Integrations → Blogger. Click Connect with Google. Articfly generates a one-time CSRF nonce and sends you to Google's OAuth consent screen. The requested scopes are auth/blogger, openid, and email. Articfly always passes prompt=consent and access_type=offline so Google issues a refresh token every time.

02

Approve and pick a blog

Review the requested permissions and click Allow. Google sends you back to Articfly with an auth code, Articfly verifies the CSRF state nonce, exchanges the code for an access token plus refresh token, encrypts both, and fetches your list of Blogger blogs. The first blog is selected by default. If you own more than one, the integration page shows a blog switcher dropdown, change it any time without re-running OAuth.

What the Integration Does

One-Click Google OAuth

Full Google OAuth 2.0 flow, no API keys to copy. Articfly handles state CSRF, code exchange, and token encryption end to end. Disconnect from the Articfly dashboard or revoke at myaccount.google.com/permissions.

Auto Token Refresh

Access tokens expire every hour. Articfly checks every outbound API call, if the token is within 60 seconds of expiry it refreshes silently using the stored refresh token. You only re-authorize if the refresh token itself dies.

Multi-Blog Switching

Own more than one Blogger blog on the same Google account? Pick which one Articfly publishes to from a dropdown on the integration page. Switching blogs does NOT require re-OAuth, it just updates the stored blog ID.

Articfly-Hosted Images

Blogger has no image upload endpoint (Picasa was retired in 2016). Articfly hosts every image generated by the article pipeline on its own CDN before sending the post, so images Just Work. Hotlinked images from third-party domains may break if those domains block hotlinking.

Re-Auth On Token Expiry

If Google returns invalid_grant on a refresh (refresh token expired or user revoked access), Articfly marks the installation as disconnected and the dashboard shows a one-click Re-connect CTA. Click it, run OAuth once, you're back.

Encrypted Token Storage

Access tokens and refresh tokens are encrypted at rest using AES-256-GCM. Articfly only decrypts them server-side at the moment of an API call. The raw tokens never appear in logs.

Security Notes

  • OAuth state nonce is stored in a short-lived oauth_states table and claimed atomically on callback to block CSRF. A nonce can be used exactly once.
  • Articfly requests openid email alongside auth/blogger so the backend can detect a multi-account hijack at re-connect time (different Google email = different installation).
  • To fully revoke access, disconnect from Articfly AND remove Articfly from myaccount.google.com/permissions. Disconnecting in Articfly alone clears the local copy of the tokens, the Google grant stays alive until you revoke it on Google's side.
  • All API calls go to www.googleapis.com/blogger/v3 over HTTPS with a strict timeout. Articfly never logs the raw access token or refresh token.

Troubleshooting

"Articfly has not completed the Google verification process" screen

That's the expected screen while Articfly is in Google's Testing status. Click Advanced, then Go to Articfly (unsafe), and continue. The warning is Google's default copy for any app pending the CASA security audit. We'll remove this banner from the docs the moment the audit clears.

Re-auth CTA appeared after about a week of working fine

Google expires refresh tokens after 7 days while the app is in Testing status. This is a Google policy, not an Articfly bug. Click Re-connect with Google on the integration page, approve, and you're back. The 7-day clock resets. Once Articfly clears the CASA audit and moves to Production status, refresh tokens stop expiring on this schedule.

I published from Articfly but the post is on the wrong blog

Articfly defaults to the first blog returned by Google's API at connect time. If you own multiple blogs on the same Google account, open the integration page and use the blog switcher dropdown to point Articfly at the right one. No re-OAuth needed. Future publishes will land on the new blog. Already-published posts stay where they were sent, you'll need to delete or move them manually in Blogger.

Images are broken on the published post

Almost always means the image URL is hotlinked from a third party that blocks external loading. Articfly hosts every image generated by its own pipeline on its CDN, so AI-generated posts work out of the box. If you imported a draft with pasted <img src> tags pointing at someone else's server, swap them for Articfly-hosted images or upload them to Blogger's editor by hand. Blogger's API has no upload endpoint so Articfly cannot do this for you.

BeehiivCustom API