Reputation: 1027
How do I create a Google Oauth2 client_id that doesn't just return "Forbidden"?
I'm trying to use p2/OAuth2 to access my documents on Google Drive.
I downloaded the sample Mac app and ran it, and it shows a Google "OAuth consent screen", and I click the "Allow" button, and it all works. So I think the sample code is good.
Then I logged into the Google APIs console, and:
- enabled all the APIs that seemed like they might be relevant to this test (getting my name and user info): "Google Drive API", "Contacts API", "People API", "Google IAM API", etc.
- created a "project" for my application
- created a new "OAuth client ID" (credentials) for my app
I pasted my client_id into the OAuth2App sample, in place of the demo client_id/client_secret, and it fails. It shows the "OAuth consent screen" in a sheet, with the name of my application, but when I click "Allow", it just says "Forbidden".
Things I've tried that didn't help:
I've found this page which says creating a client ID of type "Other" in Google doesn't work, and I need to choose iOS. I've tried both "Other" and "iOS" types, and both give me "Forbidden".
With type "Other", it gives me a client_secret, as well. I don't want or need that, because this is a local app, but I found this question which suggests it doesn't matter to Google. I tried every way:
- With the correct client_secret, I get "Forbidden".
- With an incorrect client_secret, I get "Unauthorized".
- With no client_secret, I get "client_secret is missing".
So I know it's checking that for type="Other", and doesn't seem to care that it's absent for type="iOS". In any event, since it's a different error when that's wrong/missing, that doesn't seem to be my problem here.
I turned on
oauth.verboseto see if there's anything useful, but the logs are identical to the successful case (stock IDs), except for the values of some of the IDs/tokens.
How did p2/OAuth2 create a client_id for Google that works? Why is mine only returning "Forbidden"?
Upvotes: 2
Views: 438
Answers (1)
Reputation: 1213
If it is your Local app, You'll need to select the installed option while selecting the type, and use Web Athorization Broker
this link might be helpful, its unsolved but has solution for the point you are stuck.
1.) ClientID and ClientSecret both are necessary while using installed application.
--> Also check your network rights if it is allowing the Drive api, that can also give Forbidden Error
Upvotes: 1
Related Questions
- Google OAuth 2.0 failing with Error 400: invalid_request for some client_id, but works well for others in the same project
- I cannot create OAuth 2.0 client ID on google cloud platform
- Exposing oAuth 2.0 client ID and API key for Google API
- IAP_CLIENT_ID on GCP
- how to create a oauth client id for gcp programmatically
- OAuth 2.0 Playground: unauthorized_client
- Google OAuth token request returns "invalid_client": "Unauthorized"
- Google oauth2 returns no id_token
- How to programmatically obtain OAuth2 client credentials for Google API
- Unable to create oauth client ID (google developer console)