0

to check inapp purchase i have used this api https://androidpublisher.googleapis.com/androidpublisher/v3/applications/{packageName}/purchases/products/{productId}/tokens/{token} and got this response.

{
    "error": {
        "code": 403,
        "message": "Request had insufficient authentication scopes.",
        "errors": [
            {
                "message": "Insufficient Permission",
                "domain": "global",
                "reason": "insufficientPermissions"
            }
        ],
        "status": "PERMISSION_DENIED",
        "details": [
            {
                "@type": "type.googleapis.com/google.rpc.ErrorInfo",
                "reason": "ACCESS_TOKEN_SCOPE_INSUFFICIENT",
                "domain": "googleapis.com",
                "metadata": {
                    "method": "androidpublisher.ProductPurchasesService.Get",
                    "service": "androidpublisher.googleapis.com"
                }
            }
        ]
    }
}
Mahmudul Hasan
  • 1
  • 1
  • 1
  • Please edit your question and include your code – DaImTo Nov 24 '21 at 18:01
  • Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking. – Community Nov 30 '21 at 08:15

2 Answers2

1

The Method: purchases.products.get operates on private user data.

Because of that it requires authorization specifically it requires that the user be authorized using the following scope

enter image description here

The error message "ACCESS_TOKEN_SCOPE_INSUFFICIENT", means that while you have authorized a user you have not authorized them with the above scope so you do not have permission to access this method.

Makes sure that you change the scope in your code then force your app to reauthorize the user. THe user needs to see the consent screen again or you will be running on the old authorization.

DaImTo
  • 88,623
  • 26
  • 153
  • 389
  • Hi. I have a similar problem in a Java desktop app using Google People API. I changed the scope in my code and then got that error. How do I force my app to reauthorize the user so I can see the consent screen again? – Eric S Jan 03 '22 at 01:37
  • That deepens upon your code java client library normal has a data store attached. Open a question with your code i will have a look. – DaImTo Jan 03 '22 at 06:31
  • @DalmTo I opened a new question: [link](https://stackoverflow.com/questions/70569649/get-access-token-scope-insufficient-error-migrating-to-people-api). I got one answer that wasn't helpful. I'd appreciate your input on it. Thanks. – Eric S Jan 04 '22 at 21:18
0

By any chance, have you been invoking this from a GCE VM? If so, you might want to:

  1. Stop the VM

  2. Go to the GCE VM instances in the cloud console

  3. Click edit on the machine

  4. Go to scopes enter image description here

  5. Edit the scopes as desired (preferably adding the scope just to a particular API or if you are OK with it - to all APIs, depending on context and risk)

  6. Restart the machine and make the API call again

Some useful references can be found here and here.

Kiril
  • 66
  • 5