Google Calendar API and Service Account permission error
Question
I'm trying to integrate the Google Calendar API in my app. So far i've managed to do this:
- Created a new project on Cloud Platform
- Enabled Calendar API
- Added a new service account with role: Owner
- Generated jwt.json
- Granted domain-wide for that service account
- Shared a calendar with that service account (modify rights)
- Enabled in the GSuite the option for everyone out of the organisation to modify the events
Now, my code on node.js looks like this:
const { JWT } = require('google-auth-library'); const client = new JWT( keys.client_email, null, keys.private_key, ['https://www.googleapis.com/auth/calendar'] ); const url = `https://dns.googleapis.com/dns/v1/projects/${keys.project_id}`; const rest = await client.request({url}); console.log(rest);
The error I get is:
Sending 500 ("Server Error") response: Error: Insufficient Permission
Anyone has any ideea? This gets frustrating.
1 answers
solution1
1 ACCPTED 2020-03-22 22:38:19
How about this modification?
I think that in your script, the endpoint and/or scope might be not correct.
Pattern 1:
In this pattern, your endpoint of https://dns.googleapis.com/dns/v1/projects/${keys.project_id} is used.
Modified script:
const { JWT } = require("google-auth-library");
const keys = require("###"); // Please set the filename of credential file of the service account.
async function main() {
const calendarId = "ip15lduoirvpitbgc4ppm777ag@group.calendar.google.com";
const client = new JWT(keys.client_email, null, keys.private_key, [
'https://www.googleapis.com/auth/cloud-platform' // <--- Modified
]);
const url = `https://dns.googleapis.com/dns/v1/projects/${keys.project_id}`;
const res = await client.request({ url });
console.log(res.data);
}
main().catch(console.error);
- In this case, it is required to enable Cloud DNS API at API console. And it is required to pay. Please be careful this.
- I thought that the reason of your error message of
Insufficient Permissionmight be this.
- I thought that the reason of your error message of
Pattern 2:
In this pattern, as a sample situation, the event list is retrieved from the calendar shared with the service account. If the calendar can be used with the service account, the event list is returned. By this, I think that you can confirm whether the script works.
Modified script:
const { JWT } = require("google-auth-library");
const keys = require("###"); // Please set the filename of credential file of the service account.
async function main() {
const calendarId = "###"; // Please set the calendar ID.
const client = new JWT(keys.client_email, null, keys.private_key, [
"https://www.googleapis.com/auth/calendar"
]);
const url = `https://www.googleapis.com/calendar/v3/calendars/${calendarId}/events`; // <--- Modified
const res = await client.request({ url });
console.log(res.data);
}
main().catch(console.error);
Note:
- This modified script supposes that you are using
google-auth-library-nodejsof the latest version.
Reference:
If I misunderstood your question and this was not the direction you want, I apologize.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.