Client is unauthorized to retrieve access tokens using this method Gmail API C#
The service account needs to be authorized or it cant access the emails for the domain.
"Client is unauthorized to retrieve access tokens using this method"
Means that you have not authorized it properly check Delegating domain-wide authority to the service account
Using New Google API Console project getting unauthorized_client ,Client is unauthorized to retrieve access tokens using this method
This is a common error when running an API call with a service account but not properly completing the domain-wide delegation (DWD) or because the authorization in the admin console has not propagated yet.
This article explains in details the process of DWD. If you have done that, wait 24 hours and it should work. If it doesn't work after that, then it must be something else but as far as I can say right now, the DWD process is the issue.
PLEASE NOTE: DWD is available only to G Suite customers. If you are using a consumer gmail.com account, you won't be able to do this. Instead, you'll have to go through the user consent OAuth flow.
client is unauthorized to retrieve access tokens using this method service account error
In google developer console when you create your project and the credentials you must choose which type of client you are going to create for which type of application.
There are several different ways to authenticate to google.
- OAuth2 native
- OAuth2 web
- Mobile
- Service account
The code to use these clients is also different. You cant create a web OAuth2 client and use it for the code meant to be calling a service account.
"client is unauthorized to retrieve access tokens using this method".
Means exactly that. The client you have set up on Google developer console is either not a service account client or the code you are using is not meant for a service account client.
This is my serviceaccount.php sample. If your code needs to look something like this and you need to make sure that the client you created on the google developer console is a service account client.
require_once __DIR__ . '/vendor/autoload.php';
// Use the developers console and download your service account
// credentials in JSON format. Place the file in this directory or
// change the key file location if necessary.
putenv('GOOGLE_APPLICATION_CREDENTIALS='.__DIR__.'/service-account.json');
/**
* Gets the Google client refreshing auth if needed.
* Documentation: https://developers.google.com/identity/protocols/OAuth2ServiceAccount
* Initializes a client object.
* @return A google client object.
*/
function getGoogleClient() {
return getServiceAccountClient();
}
/**
* Builds the Google client object.
* Documentation: https://developers.google.com/api-client-library/php/auth/service-accounts
* Scopes will need to be changed depending upon the API's being accessed.
* array(Google_Service_Analytics::ANALYTICS_READONLY, Google_Service_Analytics::ANALYTICS)
* List of Google Scopes: https://developers.google.com/identity/protocols/googlescopes
* @return A google client object.
*/
function getServiceAccountClient() {
try {
// Create and configure a new client object.
$client = new Google_Client();
$client->useApplicationDefaultCredentials();
$client->addScope([YOUR SCOPES HERE]);
return $client;
} catch (Exception $e) {
print "An error occurred: " . $e->getMessage();
}
}
Developer console
Under clients check that the client you are using is one that can be found under service account keys. If not then it is the wrong client type and will not work with your code. Create a new service account client and set up domain wide delegation with that client id.
Related Topics
C#: Convert Byte Array into a Float
Convert from Scientific Notation String to Float in C#
Center Multiple Rows of Controls in a Flowlayoutpanel
Token Based Authentication in ASP.NET Core (Refreshed)
Async Call with Await in Httpclient Never Returns
What Are the Benefits of Resource(.Resx) Files
Does Mstest Have an Equivalent to Nunit's Testcase
Unzip a Memorystream (Containing the Zip File) and Get the Files
How to Take a Screenshot of a Wpf Control
Hot Unload/Reload of a Dll Used by an Application
A Timeout Occured After 30000Ms Selecting a Server Using Compositeserverselector
An Object Reference Is Required for the Non-Static Field, Method, or Property
Can You Explain Liskov Substitution Principle with a Good C# Example
Best Way to Convert Callback-Based Async Method to Awaitable Task
Binding Objects Defined in Code-Behind