I want to set up a push notification watch but I receive an error response. What authorization I need?
Request:
// Google API
$client = getClient();
// POST request
$ch = curl_init('https://www.googleapis.com/gmail/v1/users/me/watch');
curl_setopt_array($ch, array(
CURLOPT_POST => TRUE,
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer ' . $client->getAccessToken()['access_token'],
'Content-Type: application/json'
),
CURLOPT_POSTFIELDS => json_encode(array(
'topicName' => 'projects/xxxx/topics/xxxx',
'labelIds' => ["INBOX"]
))
));
Response:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "forbidden",
"message": "Error sending test message to Cloud PubSub projects/xxxx/topics/xxxx : User not authorized to perform this action."
}
],
"code": 403,
"message": "Error sending test message to Cloud PubSub projects/xxxx/topics/xxxx : User not authorized to perform this action."
}
}
More details:
GMAIL_READONLY
.From the page: https://developers.google.com/gmail/api/guides/push#grant_publish_rights_on_your_topic
Cloud Pub/Sub requires that you grant Gmail privileges to publish notifications to your topic.
To do this, you need to grant publish privileges to serviceAccount:gmail-api-push@system.gserviceaccount.com. You can do this using the Cloud Pub/Sub Developer Console permissions interface following the resource-level access control instructions.
(emphasis added)
You have to grant permission to topics. Go to your topics list Or click on the below link https://console.cloud.google.com/cloudpubsub/topic .
Then in right side permission tab, click on the ADD MEMBER button
Then enter the new member email or If your App have multiple user then you can enter allUsers . Then Select the role Pub/Sub Publisher and click on the Save button.
Note: This will make your topic public.
dont add allAuthenticatedUsers
or allUsers
, that will make your topic public. You might have seen this warning
This resource is public and can be accessed by anyone on the internet. To remove public access, remove "allUsers" and "allAuthenticatedUsers" from the resource's members.
Instead add gmail-api-push@system.gserviceaccount.com
. this will work. Reference : https://developers.google.com/gmail/api/guides/push#grant_publish_rights_on_your_topic
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.