The caller does not have permission firebase REST api to get statistics of programmatic created dynamic short link
Question
{ "error": { "code": 403, "message": "The caller does not have permission", "status": "PERMISSION_DENIED" } }
I got above response when using node js below code :
var admin = require("firebase-admin"); var serviceAccount = require("/var/www/html/work/vinandwine-api/vino-veritas-firebase-adminsdk-fq90e-6c5811b088.json"); admin.initializeApp({ credential: admin.credential.cert(serviceAccount), databaseURL: "https://vino-veritas.firebaseio.com" }); var { google } = require("googleapis"); // Load the service account key JSON file. // Specify the required scope. var scopes = [ "https://www.googleapis.com/auth/firebase" ]; // Authenticate a JWT client with the service account. var jwtClient = new google.auth.JWT( serviceAccount.client_email, null, serviceAccount.private_key, scopes ); // Use the JWT client to generate an access token. jwtClient.authorize(function(error, tokens) { if (error) { console.log("Error making request to generate access token:", error); } else if (tokens.access_token === null) { console.log("Provided service account does not have permission to generate access tokens"); } else { var accessToken = tokens.access_token; console.log(accessToken); // Include the access token in the Authorization header. const request = require('request'); request({ url: 'https://firebasedynamiclinks.googleapis.com/v1/https%3A%2F%2Fvinoveritas.page.link%2Fmi2e/linkStats?durationDays=7', headers: { 'Authorization': 'Bearer '+accessToken }, rejectUnauthorized: false },function(err, res) { if(err) { console.error("Error",err); } else { console.log("SUCCESS",res.body); } }); } });
I am checking with all newly created public key but it still not working.
2 answers
solution1
0 2020-01-29 13:04:33
{ "error": { "code": 403, "message": "The caller does not have permission", "status": "PERMISSION_DENIED" } }
Means exactly that the user you are authenticated with doesn't have permission to do what you are trying to do.
First off you are using a service account. A service account is not you, a service account needs to be preauthorized. To do that you would need to login to the system you are trying to access and add the service account as a user to it.
You appear to be trying to access a firebase api of some kind. I suggest you check the documentation of how this is supposed to be connected. I cant really tell which api you are trying to connect to.
solution2
0 2021-01-29 08:26:56
Adding "Firebase Grow Viewer" role to the service account which you are using in the code, in the IAM dashboard made my error go away.
All of these service accounts are role based and by default it does not has access to the firebase dynamicurls apis.
You can try the above and check.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.