Google Drive API - We're sorry...... but your computer or network may be sending automated queries

Question

We have a Google Drive Oauth2 App integration. We are using Google Drive API export and get endpoints in order to read data from our customers within their Google Drive Folder. Our app was published by the Google Oauth Verification Team, but we are unable to read files that are not(csv, xls, xlsx) a Google Docs file.

This is an API request sample: URL:

"https://www.googleapis.com/drive/v3/files/1874uz4MTNer4IszgWG_3pH6VEH2AWJPd?alt=media&access_token=ACCESS_TOKEN"

Response:

"<html><head><meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\"/><title>Sorry...</title><style> body { font-family: verdana, arial, sans-serif; background-color: #fff; color: #000; }</style></head><body><div><table><tr><td><b><font face=sans-serif size=10><font color=#4285f4>G</font><font color=#ea4335>o</font><font color=#fbbc05>o</font><font color=#4285f4>g</font><font color=#34a853>l</font><font color=#ea4335>e</font></font></b></td><td style=\"text-align: left; vertical-align: bottom; padding-bottom: 15px; width: 50%\"><div style=\"border-bottom: 1px solid #dfdfdf;\">Sorry...</div></td></tr></table></div><div style=\"margin-left: 4em;\"><h1>We're sorry...</h1><p>... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.</p></div><div style=\"margin-left: 4em;\">See <a href=\"https://support.google.com/websearch/answer/86640\">Google Help</a> for more information.<br/><br/></div><div style=\"text-align: center; border-top: 1px solid #dfdfdf;\"><a href=\"https://www.google.com\">Google Home</a></div></body></html>"

This same kind of request was working fine until Feb 7, 2020.

Using the export endpoint that exports the Google Doc file, works fine.

In the first moment, we found this link describing some changes: https://support.google.com/cloud/answer/9110914 We applied for Oauth Verification, we have passed but we still see the same issue, even if we redo the Oauth2 authentication flow generating new Access/Refresh Token. We already tried to reach out to Google about this on Both Issue Tracker and Oauth Team but both couldn't help. We do not have any kind of malware, VPN on the production server, or anything like that we could find in some related questions.

Does anyone have any suggestions on how to solve this problem?

Thank you.

Answer 1

We managed to make it work again. We've found this: https://cloud.google.com/blog/products/application-development/upcoming-changes-to-the-google-drive-api-and-google-picker-api

Google didn't update their Drive API document, so we didn't know about this change.

Basically we have to switch from the access_token URL parameter to the Authorization Header. This is, to authenticate the API you should use the Header like this:

"Authorization" : "Bearer ACCESS_TOKEN"

This worked for us.

Thank you everyone for the help.