Reputation: 25
Google Bussiness Messaging OAuth incorrect scope
I want my backend through OAuth to gain access to the Google My Business API of clients (other businesses) who have set up business messaging. The idea is for my backend to reply to business messaging, and when the user sends a message, my backend should mark the message as read. The marking of a message as read is documented here - https://developers.google.com/business-communications/business-messages/guides/how-to/message/receipts#receipts_from_agents
When I looked through the documentation, I saw that there is a scope - https://www.googleapis.com/auth/businessmessages
But when I try to add it to the OAuth consent settings, I get that it's invalid.
At this stage, I have these scopes in my OAuth access token:
https://www.googleapis.com/auth/businesscommunications
https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/userinfo.profile
https://www.googleapis.com/auth/business.manage
{
"error": {
"code": 403,
"message": "Request had insufficient authentication scopes.",
"status": "PERMISSION_DENIED",
"details": [
{
"@type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "ACCESS_TOKEN_SCOPE_INSUFFICIENT",
"domain": "googleapis.com",
"metadata": {
"method": "google.communications.businessmessages.v1.BusinessMessagesService.UpdateReceipt",
"service": "businessmessages.googleapis.com"
}
}
]
}
}
Consent screen image:
The code for generating the OAuth Consent Screen URL:
const { google } = require("googleapis");
const oauth2Client = new google.auth.OAuth2(
"clientId",
"clientSecret,
"http://127.0.0.1"
);
const scopes = [
"https://www.googleapis.com/auth/business.manage",
"https://www.googleapis.com/auth/businesscommunications",
"https://www.googleapis.com/auth/businessmessages",
"https://www.googleapis.com/auth/userinfo.email",
"https://www.googleapis.com/auth/userinfo.profile",
];
const authorizationUrl = oauth2Client.generateAuthUrl({
access_type: "offline",
scope: scopes,
include_granted_scopes: true,
});
You can see that in the scopes array the https://www.googleapis.com/auth/businessmessages is not included because the generated url returns an error for invalid scope
The code for marking a message as read:
async function initAuth() {
const oauth2Client = new google.auth.OAuth2(
"clientId", // data from our GCP, not the client's
"clientSecret", // data from our GCP, not the client's
"http://127.0.0.1"
);
oauth2Client.setCredentials({
access_token: 'token', // token obtained from the consent screen
scope: 'https://www.googleapis.com/auth/businessmessages',
});
return oauth2Client;
}
async function sendReadReceipt(conversationId, messageId) {
const auth = await initAuth();
let apiParams = {
auth: auth,
name: 'conversations/' + conversationId + '/messages/' + messageId + '/receipt',
resource: {
receiptType:'READ'
}
};
bmApi.conversations.messages.updateReceipt(apiParams,
{auth: auth}, (err, response) => {
console.log(err);
console.log(response);
});
}
Upvotes: 0
Views: 252
Answers (1)
Reputation: 1325
All the documentation you have linked to (for example: [1]) points to that scope being only used for service accounts. The user authentication component does not require using that scope.
Upvotes: 0
Related Questions
- React Google OAuth 2.0: Some requested scopes were invalid
- Google API Scope Changed
- OAuth consent screen not showing for Google
- Difference between profile and email scope in Google OAuth 2 flow
- Google OAuth Returning Additional Scopes Without Requesting
- GSuite OAuth 2.0 Invalid Scopes Grafana
- Retrieving date of birth and marital status with Google OAuth API
- Will the openid scope "https://www.googleapis.com/auth/plus.me" be affected by the Google+ shutdown?
- iOS Parse User Information from Google + OAuth Data