GCP endpoints: The caller does not have permission after requesting API key in query

Question

Trying to use Google Cloud platform with a GKE deployed backend.

I have a swagger file for the endpoints that works fine when not using security.

I added the api key definition in the swagger file:

paths:
  /create:
    post:
      ...
      security:
        - api_key: []
      
securityDefinitions:
  api_key:
    type: "apiKey"
    name: "key"
    in: "query"

and now if I try to post on I get the expected

{
    "code": 16,
    "message": "Method doesn't allow unregistered callers (callers without established identity). Please use API Key or other form of API consumer identity to call this API.",
    "details": [
        {
            "@type": "type.googleapis.com/google.rpc.DebugInfo",
            "stackEntries": [],
            "detail": "service_control"
        }
    ]
}

Good, now I created an API key in the credential sections of GCP

I update the post request to include ?key=API_KEY and get the following error:

{
    "code": 13,
    "message": "\b#The caller does not have permission",
    "details": [
        {
            "@type": "type.googleapis.com/google.rpc.DebugInfo",
            "stackEntries": [],
            "detail": "service_control"
        }
    ]
}

I can't find any info about this error, does it mean that my API key has no right for this endpoint? If so how can I fix this?

Answer 1

Confirm that you have the required services enabled

gcloud services enable servicemanagement.googleapis.com
gcloud services enable servicecontrol.googleapis.com
gcloud services enable endpoints.googleapis.com

Also enable your Endpoint service gcloud services enable ENDPOINTS_SERVICE_NAME