I'm trying to use the Google Cloud Storage API from angular uploading some files. I've craeted a browser key on the API & Credentials console menu. But when I perform a GET on the URL https://www.googleapis.com/storage/v1/b/[PROJECT_ID].appspot.com/o?key=[API_KEY], I receive this
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "accessNotConfigured",
"message": "Access Not Configured. The API (Cloud Storage API) is not enabled for your project. Please use the Google Developers Console to update your configuration.",
"extendedHelp": "https://console.developers.google.com"
}
],
"code": 403,
"message": "Access Not Configured. The API (Cloud Storage API) is not enabled for your project. Please use the Google Developers Console to update your configuration."
}
}
When I go to the Google's console to configure that on the Storage > Cloud Storage > Storage settings it gives me this error at the top of the page
Can anybody help me on this goal? It is important to me that the API is consumed from the font-end only, because it is a Apache Cordova app with angular, trying to upload files (Media) to the Cloud.
Related
I am trying to call GCP App Engine REST API- https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps/get from API explorer as well as postman . This gives http code 403 . I am able to deploy service from my local using cloud sdk with same user account. Not sure why only REST API is not working. Any body else faced this issue.
Request - GET https://appengine.googleapis.com/v1/apps/test?key=[YOUR_API_KEY] HTTP/1.1
Authorization: Bearer [YOUR_ACCESS_TOKEN]
Accept: application/json
Response-
{
"error": {
"code": 403,
"message": "The caller does not have permission",
"status": "PERMISSION_DENIED"
}
}
roles added to my principle-
App Engine Admin,
App Engine Code Viewer,
App Engine Deployer,
App Engine Service Admin,
App Engine Viewer,
Owner
It should work with project ID
I'm using google cloud app engine. I'm trying to programatically create new version of a service in google app engine. I tried creating IAM Service account at https://console.cloud.google.com/iam-admin/serviceaccounts with all the permissions for Google App Engine.
Result:
403 Forbidden
{
"error": {
"code": 403,
"message": "The caller does not have permission",
"status": "PERMISSION_DENIED"
}
}
I couldn't make it work both on googleapis SDK and the online version.
https://developers.google.com/apis-explorer/#p/appengine/v1/appengine.apps.services.versions.create?appsId=default&servicesId=test-11111&_h=14&resource=%257B%250A++%2522id%2522%253A+%252220191003t225144%2522%250A%257D&
tl;dr
What permissions are needed for appengine.apps.services.versions.create endpoint
It looks like you've assigned the correct roles, because all of these roles contain the appengine.versions.create permission:
Owner (roles/owner)
Editor (roles/editor)
App Engine Admin (roles/appengine.appAdmin)
App Engine Deployer (roles/appengine.deployer)
If you've already assigned those Roles to your service account, check your credentials that you're using to make the API call, and make sure you're authenticating with the right service account.
See also:
IAM Permissions Reference
Granting Roles to Service Accounts
Appengine uses the Appengine default service account, just configure your app that way and customize permissions accordingly.
I needed to have all of these 3 scopes to make it work
'https://www.googleapis.com/auth/appengine.admin',
'https://www.googleapis.com/auth/cloud-platform',
'https://www.googleapis.com/auth/cloud-platform.read-only',
Please can anyone help with config/troubleshooting for Firebase authentication with GAE Python apps.
I've tried to get the Firenotes app working (https://cloud.google.com/appengine/docs/python/authenticating-users-firebase-appengine) but when the app loads there's a popup with the error: The operation has timed out. Dismiss.
The email authentication works fine, all OK: can login, save notes, logout.
The problem is with the Google OAuth login.
Clicking on the Google sign button gives an error:
This site can’t provide a secure connection.
firebaseapp.com didn’t accept your login certificate, or your login certificate may have expired.
ERR_BAD_SSL_CLIENT_AUTH_CERT
The project was imported into the firebase project and as far as I can tell the config of main.js and app.yaml is correct.
The GAE .appspot.com has been added to the OAuth authorized doamins
The same error is if running local or deployed to GAE.
If you go to the 'Overview' section of your firebase console. You can select to "add firebase to your web app". A screen pops up with the config information for the frontend main.js file.
Mind you, the apiKey in the client config needs to be set to the google cloud platform api key for the app engine project your using.
This will enable the login.
I am working on a chrome app which is using an appengine app as a backend. Usually it is possible to use the Google OAuth or the deprecated Google ClientLogin to obtain the ACSID token. The chrome app API provides identity to support oauth2 in chrome apps.
I am able to get an auth token, but am failing in converting it into a valid ACSID token. I have done successfully something similar on android. The key was that when asking for the auth token, I had to specify the specific service ("ah" for the appengine). Could anyone point me out what should be the scope and how to configure the outh2 params in the manifest file?!
Thanks in advance for any help.
I am trying to use Google Apps Script in Google Spreadsheet and have an OAuth issues.
The Spreadsheet and Google App application are both protected by Oauth provided by Google as I am using Google Apps for Business.
Below is the script I am using. It gives me the oauth dance but fails to invoke the URL and retruns with a 302 response.
Not sure what to do next. have tried setting auth callback hadler and everything but did not get far. I also have ScriptProperties being set for key and secret (not seen below). Also the scope is not set as App Engine indicates that OAuth is for the entire app.
I get a 302 response at the end of this, after Google App Engine telling me that an app is requesting access. It also indicates that appspot.com is an external provider
var oAuthConfig = UrlFetchApp.addOAuthService("google");
oAuthConfig.setAccessTokenUrl("https://<blah>.appspot.com/_ah/OAuthGetAccessToken");
oAuthConfig.setRequestTokenUrl("https://<blah>.appspot.com/_ah/OAuthGetRequestToken");
oAuthConfig.setAuthorizationUrl("https://<blah>.appspot.com/_ah/OAuthAuthorizeToken?hd=<blah.com>");
oAuthConfig.setConsumerKey(consumer_key);
oAuthConfig.setConsumerSecret(consumer_secret);
var requestData = {
"method": "GET",
"oAuthServiceName": "google",
"oAuthUseToken": "always"
};
var response = UrlFetchApp.fetch(url, requestData);
You can't use the consumerKey and consumerSecret on AppEngine api's. AppEngine is not part of the authorization/configuration used for Google Apps for Business. Try without them and revoke the permissions granted already or change the name (from "google") to something else.