Core Reporting API v3.0 Returning 401 Unauthorized - using OAuth 2.0

[Junior]

Hi,

Our application is configured on the console and we are able to obtain an access_token from a refresh_token we generated this morning, but when we try to query the API we get 401 Unauthorized. We believe the problem is with authentication, not data access restriction as we are able to obtain data with the old version of the API using AuthSub.

Can you guys spot anything wrong with my request?

https://www.googleapis.com/analytics/v3/data/ga?ids=ga:********&dimensions=ga:keyword,ga:medium,ga:source,ga:searchKeyword&metrics=ga:bounces,ga:visits,ga:goal2Completions,ga:goal3Completions,ga:goal4Completions,ga:goal5Completions,ga:goalCompletionsAll&max-results=10000&prettyPrint=true&start-date=2011-12-15&end-date=2011-12-15&start-index=1&access_token=ya29**********************

ga:******** replaces a valid ga id (works well on the old version

ya29********************** represents a fresh access token we obtained by successfully querying https://accounts.google.com/o/oauth2/token with our refresh_token

The problem happens either when we pass the access token on the query string or as an "Authorization" header.

We would heartily appreciate any help on this issue,

Junior

[Junior]

this is the error response we are getting:

{
 "error": {
  "errors": [
   {
    "domain": "global",
    "reason": "authError",
    "message": "Invalid Credentials",
    "locationType": "header",
    "location": "Authorization"
   }
  ],
  "code": 401,
  "message": "Invalid Credentials"
 }
}

which doesn't make sense as we are able to obtain the access token without any problem.

[Nick]

We need more infoz.

Are you using a client library?
Are you passing the access token in the header? What does the http
request look like?
How have you configured acc, for a web app or an installed app?
Does the access token not work when you grant access or when you use
the refresh token to get a new access token?
Does everything work through the OAuth 2.0 playground:
https://code.google.com/oauthplayground/
There was a bug with the APIs console when creating a project. This
was fixed. Have you tried creating a new project and using new client
ID / secret?

-Nick

[Junior]

Hi Nick,

Thanks for your reply and please accept my apologies for taking so long to get back to you.

We are not using the client library. We are creating the request from our code using C#.

The request looks like this:

GET /analytics/v3/data/ga?ids=ga%3A1234&dimensions=ga%3Akeyword&metrics=ga%3Avisits&max-results=10000&prettyPrint=true&start-date=2012-01-03&end-date=2012-01-03&start-index=1&access_token={our_access_token} HTTP/1.1[CRLF]

Host: www.googleapis.com[CRLF]

Connection: close[CRLF]

We have configured our application as a web app.

We can successfully obtain an access token using the refresh token.

It does not work through the OAuth 2.0 playground either, but it works when I past the following URL in the browser:

https://www.google.com/analytics/feeds/accounts/default?access_token={our_access_token}

And yes, we tried deleting/recreating the project today to make sure it was not affected by the API console bug.

Do you have any idea of what we might be doing wrong?

Because it is not working on the playground either, we think we must be doing some very silly mistake that is keeping it from working.

By the way, we tried to use the access token both in the URL, and in the authorization header.

In the Authorization header we tried both:

Authorization: Bearer {access_token}

Authorization: Bearer={access_token} 

Authorization: OAuth {access_token} 

Authorization: OAuth={access_token} 

Without the braces "{" and "}"

Many thanks for your help so far.

Junior

[Nick]

The OAuth 2.0 playground displays the HTTP headers being sent to
Google Analytics.

I recommend getting the query to work there, then comparing the
headers / request of the successful API request to the request /
headers of the failing request.

-Nick

On Jan 4, 3:53 am, Junior <analyt...@periscopix.com> wrote:
> Hi Nick,
>
> Thanks for your reply and please accept my apologies for taking so long to
> get back to you.
>
> We are not using the client library. We are creating the request from our
> code using C#.
>
> The request looks like this:
>
> GET

> /analytics/v3/data/ga?ids=ga%3A1234&dimensions=ga%3Akeyword&metrics=ga%3Avi sits&max-results=10000&prettyPrint=true&start-date=2012-01-03&end-date=2012 -01-03&start-index=1&access_token={our_access_token}

> HTTP/1.1[CRLF]
> Host:www.googleapis.com[CRLF]
> Connection: close[CRLF]
>
> We have configured our application as a web app.
>
> We can successfully obtain an access token using the refresh token.
>
> It does not work through the OAuth 2.0 playground either, but it works when
> I past the following URL in the browser:
>

> https://www.google.com/analytics/feeds/accounts/default?access_token=<https://www.google.com/analytics/feeds/accounts/default?access_token=...>

[chris@shufflepoint]

Hi Nick,
I still get this error supriously with some customers. Any ideas?
 - Chris

[Cristian Rusu]

Hello

Did you find any solution for this, I had the code working a week ago and now it doesn't while refresh token is fine

thanks

[Vlada Petrović]

I have the same problem with some of my customers. For some reason access retrieved using refresh_token stop working! 

Response I get from Google is:

{

  "error": {

    "errors": [

      {

        "domain": "global",

        "reason": "authError",

        "message": "Invalid Credentials",

        "locationType": "header",

        "location": "Authorization"

      }

    ],

    "code": 401,

    "message": "Invalid Credentials"

  }

}

Please let me know how can I help to resolve this issue.

Vlada

[Jesus Lizama]

I'm using a PHP client and was able to fix this problem by calling session_destroy() upon logoff.