I got this error when I create new client secret in new project.
That’s an error.
Error: restricted_client
Unregistered scope(s) in the request: https://www.googleapis.com/auth/youtube.readonly
Request Details
access_type=offline
response_type=code
client_id=487794563386-mujtj6b5iatnmvdailldn468gg028p8g.apps.googleusercontent.com
redirect_uri=http://localhost:61515/authorize/
scope=https://www.googleapis.com/auth/youtube.readonly
That’s all we know.
How could I fix that ?
403 errors are errors with the users access. The user you are currently authenticated with does not have permission to do what you are trying to do in your case it appears to have something to do with the following scope.
https://www.googleapis.com/auth/youtube.readonly
Its hard to know what you are doing without seeing your code. I suggest you attempted to authenticate your user again. IF you changed the secret then its not going to work with a refresh token generated by another secret.
I am going to contact Google to be sure that there hasnt been any changes recently. I cant see anything in the change logs myself. There may have been a stealth change that they didnt release.
Status
Related
I have GSuite Service Account and My app uses following scopes (these are working fine) :
https://www.googleapis.com/auth/admin.directory.customer.readonly,https://www.googleapis.com/auth/admin.directory.user.readonly,https://www.googleapis.com/auth/admin.directory.domain.readonly,https://www.googleapis.com/auth/drive.readonly,https://www.googleapis.com/auth/drive.metadata.readonly,https://www.googleapis.com/auth/drive.photos.readonly
Now I Have to access gsuite groups, As mentioned here in api documentation : https://developers.google.com/admin-sdk/directory/v1/reference/groups/list
I Added these two scopes :
https://www.googleapis.com/auth/admin.directory.group.readonly,
https://www.googleapis.com/auth/admin.directory.group
in my already existing scopes, and I'm unable to authorise my application now.
When I try to check this via api explorer in the above link, It throws an error : 400 - Bad Request. But the strangest thing happen, it returned 200 ONCE only while trying and returned the group I created, But I'm unable to make successful call again and keeps getting error.
Is there anything I'm missing here? Any help will be really appreciated.
Thanks.
NOTE: I can access gsuite users with above scopes as well, the issue is only with the groups.
As is mentioned on the documentation, 400 error is not related to the scopes that you are using. However the explorer API information is not correct as the "Customer" field is required, You can try it typing my_customer on that field and you should get a 200 if your user has the proper permissions.
I have submitted a request to update the current documentation.
I am deploying an app on Heroku that uses Google OAuth2. When I test the app, I go to the auth url (/auth/google) and I see the following error message (note that I replaced domain name with *** just for posting here:
That’s an error.
Error: invalid_client
The OAuth client was not found.
Request Details response_type=code
redirect_uri=https://****.com/auth/google/callback scope=profile email
client_id=process.env.GOOGLE_CLIENT_ID That’s all we know.
I have looked at the following questions before posting and have been trying to debug for several hours:
Error: invalid_client with Google Apps API OAuth2
invalid_client in google oauth2
I have tried to do the following:
Ensure there are no spaces before and after the values in Heroku
The consent screen in Google Console has the name and email address completed
I have renamed the app within Google Console
I have deleted the key/value from Heroku and re-created
Despite all this, I am unable to fix this. Any ideas on what I maybe missing?
The answer is in the question.
Google can't find any reference to your client, which is identified by the client_id in the URL. Instead of a valid client_id (which looks something like "40740878192.apps.googleusercontent.com") you have given a client_id of "process.env.GOOGLE_CLIENT_ID". It looks like a bug in your code that instead of using process.env.GOOGLE_CLIENT_ID as a variable, you have used it as a literal.
I have been using the OAuth approach to upload,update and delete videos on YouTube. That all has been working fine until about February 12th where all of those processes stopped working. Now when I go to delete a YouTube video I get the following error:
"code": 403,
"message": "The video that you are trying to delete cannot be deleted. The request might not be properly authorized."
I know that the OAuth process is working because I can get the token and refresh the token if it has expired. I'm using the latest PHP library that Google have provided (installed using composer). And I can get information about a valid YouTube video by making the following call:
$videoId = "xxxxxxx"; //id of video on YouTube
$youtube->videos->listVideos("snippet", array('id' => $videoId));
But then the delete call gives that error above.
$youtube->videos->delete($videoId);
Since the listVideos works, that confirms that the client_id, secret key and token is correct. I also am setting the scopes to be the following
$client->setScopes(array('https://www.googleapis.com/auth/youtube',
'https://www.googleapis.com/auth/youtube.upload',
'https://www.googleapis.com/auth/youtubepartner'));
I also checked that the credentials and quotas set in the Google APIs are ok. I thought that maybe the quota had been reached but that doesn't appear to be the case. I did see an email from YouTube in early february saying that they have a new terms of service and a developer policies. I reviewed all that but nothing in there appears to point to the issue I am having?
Not sure what else to try?
Try to check my answer here in this SO question that focus on how to Refresh Token with the Google API.
Your error usually caused by:
When the token expires
The token’s scope (this is important)
If the token is invalid
If the token is invalid you can troubleshoot like this:
Remove the access token from your datastore or database.
Use the refresh token to acquire a new access token (if you are using a refresh token)
Try to make the API call again. If it works, you’re good! If not …
Check the access token against the tokenInfo API
If it’s still invalid, do a full reauth
Hope this helps!
im am experiencing problems with the email validation in the appcelerator platform. I have everything configured right and the email arrive in my inbox when a new user is created, but, for some reason, the link to activate the account returns: Fail to confirm user. 400 Bad Request - Invalid app key
I checked in the tiapp.xml and checked if the api keys are properly configured and everything is alright. I have no idea of how appcelerator generate this link to verify what happen. In my template uses the link below:
https://cloud.appcelerator.com/users/confirmation?key={{key}}&confirmation_token={{confirmation_token}}
What im doing wrong? =[
Seems that the documentation is wrong. Only works if the link in the template is https://platform.appcelerator.com/#/users/confirmation/{{key}}/{{confirmation_token}}
I just encountered the same issue and can confirm the bug in the documentation. The correct url is indeed
https://platform.appcelerator.com/#/users/confirmation/{{key}}/{{confirmation_token}}
I'd like to add that there is probably a similar defect in the following documentation for password reset url:
http://docs.appcelerator.com/arrowdb/latest/#!/api/Users-method-request_reset_password
The documentation says the password reset url (if using Appcelerator instead of custom website) should be
https://dashboard.appcelerator.com/#/users/confirmation/{{key}}/{{confirmation_token}}
It seems wrong (copy-paste from email confirmation url perhaps).
I was able to successfully log in using Google Classroom and pull the course data during the trial. This was on my local machine. Now I have moved to my test server. I can still log in via google but can no longer pull the course data. I have already updated my client_secret file (updated the appropriate endpoints) but i get the following error after calling classroom.courses.list
Error: No access or refresh token is set.
Would appreciate anyone's help. I do have Google Classroom API as one of my APIs. Not sure if it's because i'm now on a domain instead of my localhost.
Sadly, I was doing a 2 part registration. The first past, I was setting the token. When the page was submitted again with new details from the user, when I was making the call to google, I hadn't set the token.