Some accounts authInfo requests return HTTP 403

90 views
Skip to first unread message

Tyler

unread,
Nov 10, 2021, 6:34:35 PM11/10/21
to Google Content API for Shopping
Hi Content API Team,

When calling GET https://shoppingcontent.googleapis.com/content/v2.1/accounts/authinfo, some requests are returning HTTP 403 with the following response:
Request had insufficient authentication scopes. [403] Errors [ Message[Insufficient Permission] Location[ - ] Reason[insufficientPermissions] Domain[global] ]

Users of the app I'm building are experiencing this issue where their first request is hitting this HTTP 403 issue, but their second request is returning correctly. Both the requests have the same information (e.g. same merchant ID) except that they have a different authorization code. In my app, the user will log in and then the backend will call accounts.authInfo, this is why we see 2 different auth codes. We also see that users are logging in with the same email between their first and second request.

According to https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/403, re-authenticating should not fix this issue, but looks like it does in this case.

I wonder, does this error mean that the user did not accept the authorization scope for Content API in the Google login popup? In my testing of Google API Explorer, it looks like the users would get HTTP 401 instead under that circumstance. Can we get this HTTP 403 error for any other reason?

Please let me know why my users are seeing this issue and if there's anything that can be done to fix this. Is this a transient issue on Google's side, a user error, or something else? I am also happy to reply privately to give more information for debugging purposes.

Thanks,
Tyler

Shopping API Forum Advisor

unread,
Nov 11, 2021, 1:55:44 AM11/11/21
to tyad....@gmail.com, google-content-...@googlegroups.com

Hello Tyler,

 

I’m James from the Content API Team. Thank you for reaching out to us.

 

For our team to further investigate, can you please provide us with the following items below?

  • Affected Merchant account IDs.
  • Complete API request and response logs in JSON format when you encountered the error.
  • Sample of successful API request and response logs in JSON format.
  • Email account that you’re using to make an API call to accounts.authinfo method.

 

Kindly provide the requested items above via ‘Reply privately to author’ option, if the private option is not available on your end, then please send it over through this email <shopping-a...@google.com> instead.

 

Regards,

Google Logo
James Howell Abarsoza
Content API for Shopping Team
 


ref:_00D1U1174p._5004Q2R86Xh:ref
Reply all
Reply to author
Forward
0 new messages