Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Using application-default credentials for Google Search Console API does not provide sufficient permissions.
See original GitHub issueAs the title states, using the application default credentials to access Google Search Console data does not seem to work.
Note: My Google Account has delegated ownership of a site.
/**
* Acquires application default settings from Google's Auth library.
*
* @returns {Object} authClient
*/
function _authenticateWithGoogle(){
console.log("Authenticating...");
return new Promise(function(resolve, reject){
google.auth.getApplicationDefault(function(err, authClient) {
if (err) {
console.error('Authentication failed because of ', err);
reject(err);
}
if (authClient.createScopedRequired && authClient.createScopedRequired()) {
const scopes = [
// Needed to read data from google search console.
'https://www.googleapis.com/auth/webmasters.readonly'
];
authClient = authClient.createScoped(scopes);
}
// For debugging purposes.
console.log(JSON.stringify(authClient));
// Resolve authClient obj.
resolve(authClient);
});
});
};
Using the above code to generate an auth client to then run the following:
webmaster.sites.list({auth: authClient}, function(err, resp) {
if (err){
console.error(err);
reject(err);
} else {
console.log(resp);
resolve();
}
});
The above code errors out and returns a not very helpful message:
code: 403,
errors:
[ { domain: 'global',
reason: 'insufficientPermissions',
message: 'Insufficient Permission' } ] }
I spent hours scouring the web trying to find out what might be going wrong, but unfortunately found nothing related to application-default credentials and search console. It seems that the Search Console API just does not work with default-application credentials.
I have since created a new service-account and used JWT based authentication and was able to query the Search Console API successfully.
Considering the webmasters API is part of googleapis, I would have expected that the getApplicationDefault functionality would have been sufficient to create the authClient necessary to access data, but it seems not to be the case.
Anyone attempting to use application-default to access the Search Console API – stick with JWT, save yourself the trouble until they get a fix in.
Issue Analytics
- State:
- Created 6 years ago
- Reactions:4
- Comments:8 (4 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I’m seeing the same exact result FWIW. Digging deeper.
My process was:
https://www.googleapis.com/auth/webmasters.readonlyUse the
require('googleapis').webmasters('v3')client object to query the search console API viawebmaster.searchanalytics.query().