Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.5k views
in Technique[技术] by (71.8m points)

google plus api: "insufficientPermissions" error

I am searching the google plus with api

Here is my Url: https://www.googleapis.com/plus/v1/activities?query=internet%20marketing&access_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

here is response:

{
   "error": {
     "errors": [
      {
         "domain": "global",
         "reason": "insufficientPermissions",
         "message": "Insufficient Permission"
      }
     ],
   "code": 403,
   "message": "Insufficient Permission"
   }
}

Here is my API CONSOLE screen http://i.stack.imgur.com/jO27J.png

Can Anyone tell what permission I need to setup for my app in api console. ?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

This is a problem with your access token, not with your project configuration.

The insufficient permissions error is returned when you have not requested the scopes you need when you retrieved your access token. At a guess, since you are using the Google+ API and the YouTube API, you may have only requested the YouTube scope and not both, ie:

Check you have requested both:

https://www.googleapis.com/auth/youtube
https://www.googleapis.com/auth/plus.login

and not just the first one.

You can check which scopes you have requested by passing your access_token to this endpoint:

https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=ACCESS_TOKEN

I can't check the token in your example because it has expired (access tokens expire after one hour). Also, please do not post access tokens publicly as they allow others access to your data - they should be kept secret and treated with care.

Incidentally, https://www.googleapis.com/plus/v1/activities?query=QUERY is an unauthenticated call, so you could pass your API key for your project rather than an access token. If you make the call with https://www.googleapis.com/plus/v1/activities?query=QUERY&key=API-KEY, then you wouldn't need to request scopes or fetch an access token at all.

If you haven't seen it already, you can try out the API calls you would like to make at the OAuth 2.0 Playground:

https://developers.google.com/oauthplayground/

That's a good place to see what works and what doesn't.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...