Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

google plus api: "insufficientPermissions" error

I am searching the google plus with api

Here is my Url: https://www.googleapis.com/plus/v1/activities?query=internet%20marketing&access_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

here is response:

{    "error": {      "errors": [       {          "domain": "global",          "reason": "insufficientPermissions",          "message": "Insufficient Permission"       }      ],    "code": 403,    "message": "Insufficient Permission"    } } 

Here is my API CONSOLE screen http://i.stack.imgur.com/jO27J.png

Can Anyone tell what permission I need to setup for my app in api console. ?

like image 542
butanijayanti Avatar asked Jun 07 '13 07:06

butanijayanti


2 Answers

This is a problem with your access token, not with your project configuration.

The insufficient permissions error is returned when you have not requested the scopes you need when you retrieved your access token. At a guess, since you are using the Google+ API and the YouTube API, you may have only requested the YouTube scope and not both, ie:

Check you have requested both:

https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/plus.login 

and not just the first one.

You can check which scopes you have requested by passing your access_token to this endpoint:

https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=ACCESS_TOKEN

I can't check the token in your example because it has expired (access tokens expire after one hour). Also, please do not post access tokens publicly as they allow others access to your data - they should be kept secret and treated with care.

Incidentally, https://www.googleapis.com/plus/v1/activities?query=QUERY is an unauthenticated call, so you could pass your API key for your project rather than an access token. If you make the call with https://www.googleapis.com/plus/v1/activities?query=QUERY&key=API-KEY, then you wouldn't need to request scopes or fetch an access token at all.

If you haven't seen it already, you can try out the API calls you would like to make at the OAuth 2.0 Playground:

https://developers.google.com/oauthplayground/

That's a good place to see what works and what doesn't.

like image 76
Lee Avatar answered Sep 25 '22 17:09

Lee


According to @Lee answer, now the Google V3 OAuth AccessToken validating endpoint is:

https://www.googleapis.com/oauth2/v3/tokeninfo?access_token=<access_token> 

You can refer google document below: (In OAUTH 2.0 ENDPOINTS Tab)

https://developers.google.com/identity/protocols/OAuth2UserAgent#validate-access-token

like image 22
Nick Tsai Avatar answered Sep 24 '22 17:09

Nick Tsai