I want to make Google receipt validation. I set everything by Marc Greenstock. When I try verified purchase I get response permissionDenied. For me is everything correct and I don't know how to find a mistake. The user has administrator role in Google Play Developer console.
Google developer console:
I enabled "Google Play Android Developer API"
I created service account keys with role Owner
I downloaded JSON file
Google play Developer console:
Link correct project
For correct user set administrator role. The same user is in the file.
Response:
{
"code" : 401,
"errors" : [ {
"domain" : "androidpublisher",
"message" : "The current user has insufficient permissions to perform the requested operation.",
"reason" : "permissionDenied"
} ],
"message" : "The current user has insufficient permissions to perform the requested operation."
}
I tried friend private_key, client_id and client_email and everything works fine. Code is good. I something forgot during configuration but I don't know what.
I forgot to add scope ".../auth/androidpublisher" in Google developer console.
After you add scope you should save credentials at the bottom of page.
Related
We are using Azure AD B2C Custom policies with Microsoft Azure Active Directory to authenticate users. We implemented the password change policy as given in the example below.
https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/tree/main/scenarios/password-change
We created a link the user can visit and change his password. Once the password is changed, the user is redirected to the application again.
However, in some cases, we get the following error when the user is redirected to the application after changing the password.
{
"error": "invalid_grant",
"error_description": "AADB2C90088: The provided grant has not been issued for this endpoint. Actual Value : B2C_1A_Dev_SignupSignin and Expected Value : B2C_1A_Dev_PasswordChange\r\nCorrelation ID: b3a2fdd5-df58-4aa1-8eca-d91503ebb75a\r\nTimestamp: 2022-08-31 12:23:48Z\r\n"
}
This error does not happen to all users. But for some users, it happens always.
We use MSAL Angular library with the following versions.
azure/msal-angular": "^2.1.1"
azure/msal-browser": "^2.22.0"
We appreciate any help to resolve this issue.
Purchases.products: get had been working well till 2 weeks ago. However, it starts returning Error suddenly. (I didn't change any options)
It can still refresh token through POST request to https://accounts.google.com/o/oauth2/token with (grant_type, client_id, client_secret, refresh_token) but with the access-token returned, 403 Error happen like the below.
{
"error": {
"errors": [
{
"domain": "androidpublisher",
"reason": "permissionDenied",
"message": "The current user has insufficient permissions to perform the requested operation."
}
],
"code": 401,
"message": "The current user has insufficient permissions to perform the requested operation."
}
}
This is google dashboard representing error rate for Purchases.products: get
I found the question but it is still not working.
---------- EDIT ----------
I want to describe more detail. I don't know if it is right way because I am actually just fixing Legacy system someone did.
The process above(refreshing token and requesting purchase info) is done in server-side. It is for server-side to verify if the purchase-information APP send is correct.
When APP send purchase-information, server-side just call HTTP request(POST and GET) with pre-defined attributes(client_id, client_secret, grant_type).
It means there is no login process anywhere.
In addition, the client_id and client_secret I use seemed created in google-developer-console by create-credentials in below image but not when registering APP.
---------- Edit ----------
I tried to recreate client_id with an owner account. the screenshot is from google developer console->IAM&Admin->IAM
However, it is still the same error.
"The current user has insufficient permissions to perform the requested operation."
The user you have currently authenticated with no longer has access to the data you are trying to access. Either give the user access again or login with a user that does have access.
ClientId
When you wish to work with a Google API you must register your application. When you do so google gives you a client id. This identities your application to google when ever it runs.
Accessing User data
To access private user data you must have permission of the person who owns the data to access it. Your application runs (Denoted by the Client id) the user is prompted to login to google and grant your application consent to access their data.
If the user looses access to the data that they have granted your application access to your application will loose its access.
We're getting the following error when attempting to get an authentication code when the user is not already logged into Pinterest:
{"status": "failure", "message": "Authentication failed.", "code": 2, "data": null}
Example of url we are using to authenticate:
https://api.pinterest.com/oauth/?client_id=1234567891011121314&redirect_uri=https://www.foobar.com/app/influencers/channels/callback/pinterest&scope=read_relationships,read_public&response_type=code&state=cc0c4fbbf2c5058df1932cb561e4494baaef595a
This URL works fine if the user is already logged into Pinterest, it displays the app confirmation and returns a code as expected. However it responds with an error if the user isn't logged in.
The documentation we are following is here:
https://developers.pinterest.com/docs/api/overview/?
I was experiencing this issue with a few accounts on my app. Turns out they had an old set of permissions associated with their account that needed to be flushed. I did the following:
I went into the "problematic accounts" on Pinterest and went to the settings.
From there, I went to the bottom section where "Apps" are listed and revoked access to my app.
Once I tried to re-auth, everything worked fine from there on.
Hopefully, this is similar to your situation and can resolve it.
I'm trying to delete a photo in Arrowdb using the REST API.
I'm sending in both "id" and "su_id" (of the user who uploaded it). And I am currently logged in as an admin with admin rights.
I keep getting the following response:
{ ["meta"]=> object(stdClass)#2 (3) { ["status"]=> string(4) "fail" ["code"]=> int(400) ["message"]=> string(27) "Failed to authenticate user" }
Anyone have any idea what to do?
Was using curl and PHP, forgot to add the CURLOPT_COOKIEJAR and CURLOPT_COOKIEFILE to the curl call, which meant the session did not get through and no user was logged in at arrowdb. With those parameters added it worked correctly.
I am trying to fetch user events from facebook but I am having some problem witht he request. I can access their profile image and their UID but for some reason when I try to access the events I get the following error:
{
"error": {
"type": "QueryParseException",
"message": "An active access token must be used to query information about the current user."
}
}
I have an active access token, that's what I am using to access the UID and profile pic but for some reason the events do not show up.
This is my call:
events
my login button looks like this:
<fb:login-button perms="user_events"></fb:login-button>
It also throws an error after login in.
The error is this:
The application must ask for a valid extended permission.
The invalid permissions requested were: .
I think your call url should look like this:
http://graph.facebook.com/me/events?access_token=[Your oAuth token]