"Error 403: access_denied" from Google authentication web api despite google account being owner

Question

I'm using the default code provided from google here, and I don't quite understand why its not working. The code outputs the prompt Please visit this URL to authorize this application: [google login URL]. When attempting to log in with the account designated as owner of the script under the google developers console I get a Error 403: access_denied error with the message The developer hasn’t given you access to this app. It’s currently being tested and it hasn’t been verified by Google. If you think you should have access, contact the developer [the email I just tried to log in with].

from __future__ import print_function import pickle import os.path from googleapiclient.discovery import build from google_auth_oauthlib.flow import InstalledAppFlow from google.auth.transport.requests import Request  # If modifying these scopes, delete the file token.pickle. SCOPES = ['https://www.googleapis.com/auth/spreadsheets.readonly']  # The ID and range of a sample spreadsheet. SAMPLE_SPREADSHEET_ID = '1vrZpCGW58qCCEfVXoJYlwlulraIlfWI2SmFXa1iPtuU' SAMPLE_RANGE_NAME = 'Class Data!A2:E'  def main():     """Shows basic usage of the Sheets API.     Prints values from a sample spreadsheet.     """     creds = None     # The file token.pickle stores the user's access and refresh tokens, and is     # created automatically when the authorization flow completes for the first     # time.     if os.path.exists('token.pickle'):         with open('token.pickle', 'rb') as token:             creds = pickle.load(token)     # If there are no (valid) credentials available, let the user log in.     if not creds or not creds.valid:         if creds and creds.expired and creds.refresh_token:             creds.refresh(Request())         else:             flow = InstalledAppFlow.from_client_secrets_file(                 'Google_API_Key.json', SCOPES)             creds = flow.run_local_server(port=0)         # Save the credentials for the next run         with open('token.pickle', 'wb') as token:             pickle.dump(creds, token)      service = build('sheets', 'v4', credentials=creds)      # Call the Sheets API     sheet = service.spreadsheets()     result = sheet.values().get(spreadsheetId=SAMPLE_SPREADSHEET_ID,                                 range=SAMPLE_RANGE_NAME).execute()     values = result.get('values', [])      if not values:         print('No data found.')     else:         print('Name, Major:')         for row in values:             # Print columns A and E, which correspond to indices 0 and 4.             print('%s, %s' % (row[0], row[4]))  def PrintToSheets():     main() 

Answer 1

To fix this issue for me was this simple:

1. Go to https://console.developers.google.com/
2. On the top left beside the words "Google APIs" click the project dropdown on the right
3. Ensure that your correct project is selected
4. Click "OAuth consent screen" on the left side of the screen (below "Credentials")
5. If you have not created a consent screen, do that first
6. Under "Test users" there is a button called "+ ADD USERS"
7. Type the email of the account you will be testing with, press enter, then click save.
8. It should work now!

It seems like they updated this recently because last year I did not have to do this.

Answer 2

The error message you are getting is related to the fact that your application has not been verified yet.

As mentioned in that link all applications that access google APIs using sensitive scopes need to go though googles verification process. Normal you are given a grace period of 100 users accessing your application before your application will be locked down and you wont be able to authorize anymore users until you verify your application it sounds like you may have hit that point.

Your only options would be to go though the verification process or to create a whole new project on Google developer console and use that client id instead as the one you are using is currently locked for additional users.

Update Change

A change has been implemented on Google Developer console. You must now authorize users / testers to access your application before it has gone through the verification process. If you go to the Google developer console for your project, under consent screen you will find the following section

You can add tests users here, however you can not remove them and you can only add 100 of them so use it wisely.