ACCESS_TOKEN_SCOPE_INSUFFICIENT 403 Request had insufficient authentication scopes domain global

Question

to check inapp purchase i have used this api https://androidpublisher.googleapis.com/androidpublisher/v3/applications/{packageName}/purchases/products/{productId}/tokens/{token} and got this response.

{
    "error": {
        "code": 403,
        "message": "Request had insufficient authentication scopes.",
        "errors": [
            {
                "message": "Insufficient Permission",
                "domain": "global",
                "reason": "insufficientPermissions"
            }
        ],
        "status": "PERMISSION_DENIED",
        "details": [
            {
                "@type": "type.googleapis.com/google.rpc.ErrorInfo",
                "reason": "ACCESS_TOKEN_SCOPE_INSUFFICIENT",
                "domain": "googleapis.com",
                "metadata": {
                    "method": "androidpublisher.ProductPurchasesService.Get",
                    "service": "androidpublisher.googleapis.com"
                }
            }
        ]
    }
}

Answer 1

By any chance, have you been invoking this from a GCE VM? If so, you might want to:

1. Stop the VM

2. Go to the GCE VM instances in the cloud console

3. Click edit on the machine

4. Go to scopes

5. Edit the scopes as desired (preferably adding the scope just to a particular API or if you are OK with it - to all APIs, depending on context and risk)

6. Restart the machine and make the API call again

Some useful references can be found here and here.

Answer 2

By chance are you missing full user name in you Authorisation flow AuthorizationCodeInstalledApp(flow, receiver).authorize(_USER_ID + "@gmail.com");