I'm using Google Play Android Developer API. I access it from server with service account. I have private key and got access token with it.
I use scope https://www.googleapis.com/auth/androidpublisher. And when I ask subscription info, I got 401 error:
"error": {
"errors": [
{
"domain": "androidpublisher",
"reason": "permissionDenied",
"message": "The current user has insufficient permissions to perform the requested operation."
}
],
"code": 401,
"message": "The current user has insufficient permissions to perform the requested operation."
}
But when I use other queries with the same token and with the same scope, I got successfull responses. For example, I can successful get voided purchases list or info about inapp product:
200 OK
{
"packageName": "com.myapp.exapmle",
"sku": "subscr_month",
"status": "active",
"purchaseType": "subscription",
"defaultPrice": {
"priceMicros": "149000000",
"currency": "RUB"
}
What could be the cause of the problem? I added this service account to developer console and provided all permissions (administrator access).
Related
Currently i am redirecting order amount to merchant account that is working fine
but now when i perform refund operation getting persmission error
steps i followed :
gettting access token of merchant from his/her refresh token(stored in database) (using https://api-m.sandbox.paypal.com/v1/identity/openidconnect/tokenservice API)
now using above token(from step 1) for refund process in below API
https://api.sandbox.paypal.com/v2/payments/captures/{captureId}/refund where
captureId : got from order details
response of refund api :
{
"name": "NOT_AUTHORIZED",
"message": "Authorization failed due to insufficient permissions.",
"debug_id": "60091a8e09195",
"details": [
{
"issue": "PERMISSION_DENIED",
"field": "capture_id",
"value": "90Y75959CH863854A",
"description": "You do not have permission to access or perform operations on this resource.",
"location": "path"
}
],
"links": [
{
"href": "https://developer.paypal.com/docs/api/payments/v2/#error-PERMISSION_DENIED",
"rel": "information_link"}
]}
can someone help me to find what mistake am i doing ? and how can i resolve this issue ?
To determine which scopes you should try asking for during authorization, do a normal access_token request using your own credentials and look at the scopes variable returned.
https://uri.paypal.com/services/payments/refund seems relevant.
I am trying to programatically access a calendar I own using the Google Calendar API list:
r = requests.get(
url="https://www.googleapis.com/calendar/v3/calendars/<the ID of my calendar which looks like mydomain_randomstuff#group.calendar.google.com>/events",
params={
'key': <the key from the API console>,
'singleEvents': True,
'orderBy': 'startTime'
}
This call fails with a 404:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "notFound",
"message": "Not Found"
}
],
"code": 404,
"message": "Not Found"
}
}
What does that error actually mean, in the context of this API?
Note:
the calendar does exist and it has events
the API limits are not even close to be reached
{
"error": {
"errors": [
{
"domain": "global",
"reason": "notFound",
"message": "Not Found"
}
],
"code": 404,
"message": "Not Found"
}
}
Can mean one of two things. Either the calendar Id you have typed is in correct or the user who you are authenticated with does not have access to that calendar. Make sure you are logging in with the correct user with access to that calendar. Optionally you can do a calendar.list which will return a list of the calendars that the user currently has access to. That way you wont have to worry about possibly miss typing the calendar id.
authorization
The method you are using events.list requires authorization (permission from the user) in order to access their calendar. Which can be seen in the documentation page
You need to authncate your user using Oauth2 and one of the scopes above. You will then have an access token you can use to access this calendar.
apikey
Api keys are used for accessing public data. Unless your calendar is set to public you will not be able to use it to see events. Also remember that api keys do not have access to update public calendars you still need to be authenticated to make changes to them.
Service account
If this is a server to server application you should use a service account not an API key. All you need to do is add the service account as a user on the google calendar like you would any other user. It will then have access to your calendar.
I'm trying to make a call to Google Reports API with a service account.
I follow this code example : https://godoc.org/golang.org/x/oauth2/google#JWTConfigFromJSON
{
"error": {
"errors": [
{
"domain": "global",
"reason": "authError",
"message": "Access denied. You are not authorized to read activity records."
,
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Access denied. You are not authorized to read activity records."
}
}
I'm pretty sure it is on Google configuration side but :
I created the service account
I downloaded the JWT
I authorized the needed scopes
Then I try to call this URL : https://www.googleapis.com/admin/reports/v1/activity/users/all/applications/login
What could I have forget ?
Thanks for helping me.
Fixed it. Needed to explicitly specify the subject value.
I now follow the Service Account example : https://godoc.org/golang.org/x/oauth2/google
I am developing an application for the Google Apps Marketplace.
I use the Licensing API to retrieve the notifications. I need to get the information about admin, who installed the app, but the API doesn't provide me with this.
The solution I found is to use the Directory API to search users, but I get an error
{
"error": {
"errors": [
{
"domain": "global",
"reason": "forbidden",
"message": "Not Authorized to access this resource/api"
}
],
"code": 403,
"message": "Not Authorized to access this resource/api"
}
}
What is wrong with my request?
Are there any other solutions to get the information about admin?
The auth scopes:
- "email"
- "profile"
- "https://www.googleapis.com/auth/drive"
- "https://www.googleapis.com/auth/drive.file"
- "https://www.googleapis.com/auth/admin.directory.user.readonly"
- "https://www.googleapis.com/auth/admin.directory.group.readonly"
Hi am trying to build an app to standardized signatures of all users in my google domain.
For that I have tried with following Google APIs in apis explorer
https://developers.google.com/apis-explorer/?hl=en_US#p/gmail/v1/gmail.users.settings.sendAs.patch
and pass other user's Id and email with custom signature but it's giving me following error
REQUEST
<pre>
PATCH https://www.googleapis.com/gmail/v1/users/[21_DIGIT_USER_ID]/settings/sendAs/[SOME_OTHER_USER#DOMAIN.COM]?fields=signature&key={YOUR_API_KEY}
{
"signature": "my custom signature"
}
</pre>
RESPONSE
<pre>
403 Forbidden
- Show headers -
{
"error": {
"errors": [
{
"domain": "global",
"reason": "forbidden",
"message": "Delegation denied for myemailid#mydomain.com"
}
],
"code": 403,
"message": "Delegation denied for myemailid#mydomain.com"
}
}
</pre>
Although I have delegated admin access and I am able to change my user's signature by passing me in userId field and email id in sendAsEmail.
What's the use of userId field if an delegated admin can't change other user's signature.