Permissions error in sandbox mode - facebook-graph-api

I created a sandbox ad account as described in https://developers.facebook.com/ads/blog/post/2016/10/19/sandbox-ad-accounts/. I have generated an access token in the same section that lists my sandbox ad account.
I'm getting a permissions error when I request ad labels for the ad account. Anybody know where I'm going wrong?
Request:
https://graph.facebook.com/v2.8/act_{{adAccountId}}/adlabels?access_token={{accessToken}}
Response:
{
"error": {
"message": "(#200) Permissions error",
"type": "OAuthException",
"code": 200,
"fbtrace_id": "FUB5kNhmuyX"
}
}

Related

Google workspace ADMIN SDK Directory API returns 403

I am trying to access below API (in browser Try this API) and after entering valid group key, I am getting below error message:
API
https://developers.google.com/admin-sdk/directory/reference/rest/v1/members/list
RESPONSE
{
"error": {
"code": 403,
"message": "Not Authorized to access this resource/api",
"errors": [
{
"message": "Not Authorized to access this resource/api",
"domain": "global",
"reason": "forbidden"
}
]
}
}
Only domain admins have access to most methods of the Admin SDK
If you authenticate as a domain user without admin rights or a consumer (Gmail) user, you will get the Not Authorized to access this resource/api error when trying to use the members.list.
Same applies to most other methods of the Admin SDK with the excepption of the ones that return only publicly accessable information.

Java - Getting "Not authorized to access the application ID" error in Google Workspace Marketplace API

I have a Google Workspace Marketplace app and want to determine which domains have installed or uninstalled it from my web app (written in Java, deployed on GAE).
I've enabled both GSuite Marketplace API and Google Workspace Marketplace SDK from the console. I'm using the same GCP project I've used to list my marketplace app while calling the relevant google service. But I keep getting the "Not authorized to access the application ID" 403 error. Here is the code:
GoogleCredential googleCredential = new GoogleCredential.Builder()
.setTransport(httpTransport)
.setJsonFactory(jsonFactory)
.setServiceAccountPrivateKey(SA_PRIVATE_KEY)
.setServiceAccountId(SA_ID)
.setServiceAccountScopes(Collections.singletonList("https://www.googleapis.com/auth/appsmarketplace.license"))
.build();
GenericUrl url = new GenericUrl("https://appsmarket.googleapis.com/appsmarket/v2/licenseNotification/" + MY_APPLICATION_ID);
HttpRequestFactory httpRequestFactory = httpTransport.createRequestFactory(googleCredential);
HttpResponse httpResponse = httpRequestFactory.buildGetRequest(url).execute();
return httpResponse.parseAsString();
I tried using the default service account with no luck. The documentation doesn't explain much either. What am I missing? Can anyone point me in the right direction?
error:
{
"error": {
"code": 403,
"message": "Not authorized to access the application ID",
"errors": [
{
"message": "Not authorized to access the application ID",
"domain": "global",
"reason": "forbidden"
}
]
}
}

azure ad user provisioning with g suite

We have integrated G suite with Azure AD as an enterprise app and which supports SAML. We are also enabling auto user provisioning means If a user is added on the Azure enterprise app then it should be provisioned on google suite app via auto user provisioned. Now we have added many groups and users but few of them facing this issue. It seems to me azure ad sending the user to google app however when the request reaches to Google suite app they reject it although we have checked request and found it did not reach to google app and throwing an error ?
"Not Authorized to access this resource/api" } ], "code": 403, "message": "Not Authorized to access this resource/api" } } Web Response: { "error": { "errors": [ { "domain": "global", "reason": "forbidden", "message": "Not Authorized to access this resource/api" } ], "code": 403, "message": "Not Authorized to access this resource/api" } } . This operation was retried 0 times. It will be retried again after this date:

User has insufficient privileges on the page on facebook even if login through admin

{ "error": {
"message": "(#10) User has insufficient privileges on the page.",
"type": "OAuthException",
"code": 10,
"fbtrace_id": "GoRNu/X/zoq" } }
You ask for permissions with the scope parameter. It is a comma separated list of permissions. Visit the below url to get more information.
https://developers.facebook.com/docs/facebook-login/web#login
https://developers.facebook.com/docs/facebook-login/permissions

Can't access Facebook campaigns

I'm unable to get a list of my campaigns using Facebook Graph API
Response for /me/adaccounts
{
"data": [
{
"account_id": "123456789000001234",
"id": "act_123456789000001234"
}
],
"paging": {
"cursors": {
"before": "AAAAaaaBBBBcccc",
"after": "AAAAaaaBBBBdddd"
}
}
}
/123456789000001234/campaigns returns
{
"error": {
"message": "Unsupported get request. Object with ID '123456789000001234' does not exist, cannot be loaded due to missing permissions, or does not support this operation. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api",
"type": "GraphMethodException",
"code": 100,
"fbtrace_id": "EilRrOk1CEb"
}
}
Note that id's have been changed to dummy-values.
The token is for a system user and the ad account have been assigned to the user (role: admin). Token contains following scopes: read_page_mailboxes, rsvp_event, ads_management, ads_read, read_insights, manage_pages, publish_pages, pages_show_list, pages_manage_cta, pages_manage_instant_articles, business_management, publish_actions
What am I doing wrong?
Had to use id: act_123456789000001234 instead of account_id: 123456789000001234 so the request becomes /act_123456789000001234/campaigns. Also had to create a Facebook App, add Marketing API and assign to that an Ad Account, then create a token via the app instead of creating a token from the Business Manager.