I am trying to test https://admin.googleapis.com/admin/reports/v1/activity/users/{userKey or all}/applications/{applicationName} in the browser using the API explorer utility but I am getting below error.
{
"error": {
"code": 401,
"message": "Access denied. You are not authorized to read activity records.",
"errors": [
{
"message": "Access denied. You are not authorized to read activity records.",
"domain": "global",
"reason": "authError",
"location": "Authorization",
"locationType": "header"
}
]
}
}
I have enabled all the necessary API scopes for the OAuth client. below is the screenshot of the scopes that I have enabled for my client.
The user which I was using along with the service account didn't have proper permission to access some of these APIs. I switched to a subject user with all necessary permissions and it started working fine for me.
Related
I'm trying to read members of a google group using the following api:
https://developers.google.com/admin-sdk/directory/reference/rest/v1/members/list
but in response I get
{
"error": {
"code": 403,
"message": "Not Authorized to access this resource/api",
"errors": [
{
"message": "Not Authorized to access this resource/api",
"domain": "global",
"reason": "forbidden"
}
]
}
}
I'm a member of the group, but it seems that I need something more to be able to read the other member. Anyone know what are the required permissions to do that?
I have deployed WSo2 API Manager 4.1.0 on a Debian 10 machine using the ZIP archive.
I have configured my Keyrock instance as an external identity provider in the Management Console.
When I log in with the Keyrock admin account, I can access the Publisher of the API Manager.
However, with any other account, I get the following error:
Error 403 : Forbidden - The server could not verify that you are authorized to access the requested resource.
After many verifications, I think I have correctly configured WSo2:
WSo2 API Manager configuration:
Basic Claim Configuration
Role Configuration (I also tried to give all roles to the user)
Federated Authenticators / OAuth2/OpenID Connect Configuration
Just-in-Time Provisioning
Keyrock configuration:
Application configuration
Users authorization
I have no log for WSo2 when the error is displayed.
Here is the content of the JWT token that Keyrock sends back to WSo2:
{
"organizations": [],
"displayName": "",
"roles": [
{
"id": "1a209432-7bfe-4055-9028-a42524fc5418",
"name": "publisher"
},
{
"id": "8192fef7-d77d-4389-a618-082ccddd33ad",
"name": "apim_publisher"
}
],
"app_id": "babab169-10ea-4283-a64a-7fba4aca6ce9",
"trusted_apps": [],
"isGravatarEnabled": false,
"id": "1a8f660f-d32f-46c1-a5f5-80a5cbffd219",
"authorization_decision": "",
"app_azf_domain": "",
"eidas_profile": {},
"attributes": {},
"shared_attributes": "",
"username": "pierre.josselin",
"email": "email#example.com",
"image": "",
"gravatar": "",
"extra": "",
"iss": "http://localhost:3000",
"sub": "1a8f660f-d32f-46c1-a5f5-80a5cbffd219",
"aud": "babab169-10ea-4283-a64a-7fba4aca6ce9",
"exp": 1657904225,
"iat": 1657900625,
"at_hash": "9zTg2zPtFlbJpLmKE8Izsg=="
}
Thank you very much
I tried to create new dialogflow intent through postman. It is working in API Explorer but I can't able to connect dialogflow with postman. For doing this I have created some credentials,
New API key in GCP project
Oauth credentials in GCP project
Bearer token from google cloud SDK shell
Here I have used same API in postman but can't able to connect. How can I troubleshoot this?
{
"error": {
"code": 400,
"message": "API key not valid. Please pass a valid API key.",
"status": "INVALID_ARGUMENT",
"details": [
{
"#type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "API_KEY_INVALID",
"domain": "googleapis.com",
"metadata": {
"service": "dialogflow.googleapis.com"
}
}
]
}
}
I am trying to upload files to google cloud bucket through google cloud console, but I am getting 'Something went wrong' error on UI. Following is the response error I am receiving:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "notFound",
"message": "No such object: thesis_experience/Abdul Hameed-61058 a.f lecturer.txt"
}
],
"code": 404,
"message": "No such object: thesis_experience/Abdul Hameed-61058 a.f lecturer.txt"
}
}
I have uploaded many files earlier as well, but I have no clue why is this happening to me now. I tried to create new buckets and upload files there too, but receiving the same error.
While trying to fetch a delegation token from Auth0 to access S3 bucket on AWS I am getting this error:
{
"error": "invalid_request",
"error_description": "Missing principal parameter"
}
Here is the body of the request:
{
"client_id": "HIDDEN CLIENT ID",
"grant_type": "urn:ietf:params:oauth:grant-type:jwt-bearer",
"id_token": "HIDDEN ID TOKEN",
"target": "HIDDEN TARGET",
"api_type": "aws",
"role": "HIDDEN ROLE ARN"
}
There could be other solutions but how I got it to work was to:
Replace,
"api_type": "aws"
With:
"api_type": "aws:s3"
OR:
"api_type": "aws:x" (where x is any AWS service code that you are trying to access!)