Develop Reference

What permissions are needed for appengine.apps.services.versions.create

I'm using google cloud app engine. I'm trying to programatically create new version of a service in google app engine. I tried creating IAM Service account at https://console.cloud.google.com/iam-admin/serviceaccounts with all the permissions for Google App Engine.
Result:
403 Forbidden
{
"error": {
"code": 403,
"message": "The caller does not have permission",
"status": "PERMISSION_DENIED"
}
}
I couldn't make it work both on googleapis SDK and the online version.
https://developers.google.com/apis-explorer/#p/appengine/v1/appengine.apps.services.versions.create?appsId=default&servicesId=test-11111&_h=14&resource=%257B%250A++%2522id%2522%253A+%252220191003t225144%2522%250A%257D&
tl;dr
What permissions are needed for appengine.apps.services.versions.create endpoint

It looks like you've assigned the correct roles, because all of these roles contain the appengine.versions.create permission:
Owner (roles/owner)
Editor (roles/editor)
App Engine Admin (roles/appengine.appAdmin)
App Engine Deployer (roles/appengine.deployer)
If you've already assigned those Roles to your service account, check your credentials that you're using to make the API call, and make sure you're authenticating with the right service account.
See also:
IAM Permissions Reference
Granting Roles to Service Accounts

Appengine uses the Appengine default service account, just configure your app that way and customize permissions accordingly.

I needed to have all of these 3 scopes to make it work
'https://www.googleapis.com/auth/appengine.admin',
'https://www.googleapis.com/auth/cloud-platform',
'https://www.googleapis.com/auth/cloud-platform.read-only',

How to get permission for Google cloud API

I tried to deploy my app to google app engine. My IAM role is "owner" so I think I should have full access to any gcloud API.
Following is the error:
ERROR: (gcloud.app.deploy) Error Response: [13] Unable to get quota for "snap-media", "us-central1". Error: <HttpError 403 when requesting https://www.googleapis.com/compute/v1/projects/snap-media/regions/us-central1?alt=json returned "Required 'compute.regions.get' permission for 'projects/snap-media/regions/us-central1'">

Not the Google APIs service account.. All GAE has their own default service account. you need to give that permission. Search the following service account in your IAM page.. And you need to give this service account the permission.
App Engine default service account
yourprojectName#appspot.gserviceaccount.com

Google API Error: redirect_uri_mismatch

I have registered my application's client ID and client secret
for my web application running on GoogleAppEngine.
My app uses the Directory API to sync user info with Google Apps.
Sending API request and response works OK,
but some users can't get a response from the server.
API's response is:
redirect_uri_mismatch
Is there a restriction on the number of users when using Directory API ?
The user has an administrator role in the Google Apps domain.

You have to enter the scheme for URIs: http or https

Google Cloud Storage API Settings gives me Failed to load

I'm trying to use the Google Cloud Storage API from angular uploading some files. I've craeted a browser key on the API & Credentials console menu. But when I perform a GET on the URL https://www.googleapis.com/storage/v1/b/[PROJECT_ID].appspot.com/o?key=[API_KEY], I receive this
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "accessNotConfigured",
"message": "Access Not Configured. The API (Cloud Storage API) is not enabled for your project. Please use the Google Developers Console to update your configuration.",
"extendedHelp": "https://console.developers.google.com"
}
],
"code": 403,
"message": "Access Not Configured. The API (Cloud Storage API) is not enabled for your project. Please use the Google Developers Console to update your configuration."
}
}
When I go to the Google's console to configure that on the Storage > Cloud Storage > Storage settings it gives me this error at the top of the page
Can anybody help me on this goal? It is important to me that the API is consumed from the font-end only, because it is a Apache Cordova app with angular, trying to upload files (Media) to the Cloud.

OAuth issues with Google App Engine And Google Apps Script integration

I am trying to use Google Apps Script in Google Spreadsheet and have an OAuth issues.
The Spreadsheet and Google App application are both protected by Oauth provided by Google as I am using Google Apps for Business.
Below is the script I am using. It gives me the oauth dance but fails to invoke the URL and retruns with a 302 response.
Not sure what to do next. have tried setting auth callback hadler and everything but did not get far. I also have ScriptProperties being set for key and secret (not seen below). Also the scope is not set as App Engine indicates that OAuth is for the entire app.
I get a 302 response at the end of this, after Google App Engine telling me that an app is requesting access. It also indicates that appspot.com is an external provider
var oAuthConfig = UrlFetchApp.addOAuthService("google");
oAuthConfig.setAccessTokenUrl("https://<blah>.appspot.com/_ah/OAuthGetAccessToken");
oAuthConfig.setRequestTokenUrl("https://<blah>.appspot.com/_ah/OAuthGetRequestToken");
oAuthConfig.setAuthorizationUrl("https://<blah>.appspot.com/_ah/OAuthAuthorizeToken?hd=<blah.com>");
oAuthConfig.setConsumerKey(consumer_key);
oAuthConfig.setConsumerSecret(consumer_secret);
var requestData = {
"method": "GET",
"oAuthServiceName": "google",
"oAuthUseToken": "always"
};
var response = UrlFetchApp.fetch(url, requestData);

You can't use the consumerKey and consumerSecret on AppEngine api's. AppEngine is not part of the authorization/configuration used for Google Apps for Business. Try without them and revoke the permissions granted already or change the name (from "google") to something else.