Google calendar v3 returns 403 Insufficient Permission

7
votes

I've been trying to access Calendar v3 API with a service account. I have already added the scope https://www.googleapis.com/auth/calendar from the admin console and shared my calendar with that service account's email address.

I have also been accessing https://www.googleapis.com/auth/coordinate scope with the very same service account and it works fine.

Also, tried revoking access as said here: Why is Google Calendar API (oauth2) responding with 'Insufficient Permission'?

All that, and I am still getting;

{"error"=>
  {"errors"=>
    [{"domain"=>"global",
      "reason"=>"insufficientPermissions",
      "message"=>"Insufficient Permission"}],
   "code"=>403,
   "message"=>"Insufficient Permission"}}

Am i missing something?

4
ruby-on-railsgoogle-apigoogle-calendar-apihttp-status-code-403google-api-client

4 Answers

4
votes

Try to add to you scope 'userinfo.email' and enable in Developers console "Contacts API" and "Google+ API". I've spent 2 weeks searching for answer to this question, and this trick has worked for me.

0
votes

Did you have any joy with this? I've hit the same brick wall.

UPDATE:

$key = file_get_contents($key_file_location);
$scopes = array('https://www.googleapis.com/auth/calendar');
$cred = new Google_Auth_AssertionCredentials(
    $service_account_name,
    $scopes,
    $key
);

This worked for my authorization, after sharing the calendar with the service email account.

0
votes

I think if you use Google Calendar Quickstart for Ruby, I think you should delete your credentials in the specified path...I try it and it works well... You can see where the credentials is put in here

CREDENTIALS_PATH = File.join(Dir.home, '.credentials',
                             "calendar-ruby-quickstart.yaml")

In your home dir, you may find a dir which Google store your credentials after you approve Google request to access your data.

0
votes

first of all change 

static string[] Scopes = { CalendarService.Scope.CalendarReadonly };

to 

static string[] Scopes = { CalendarService.Scope.Calendar };

and then in your documents folder delete .credentials folder

and run again.

this worked for me!