Google Fit API: "Request had insufficient authentication scopes"

Expo SDK
1

Hello, everyone!

I use Expo Google authentication (not Sign-In) to get accessToken. (clientId is the id of my Android app)

When I get token, I try to make a request to Google Fit API like this:

signIn = async () => {
    try {
      const clientId = '498993178552-h5raqkvmgrmfdd1asni9ppl0cd8m9sif.apps.googleusercontent.com';
      const result = await Google.logInAsync({ clientId })

      if (result.type === "success") {
        console.log(result);

        fetch("https://www.googleapis.com/fitness/v1/users/me/dataset:aggregate", {
          method: "POST",
          contentType: "application/json; charset=utf-8",
          headers:  {
            'Authorization': 'Bearer ' + result.accessToken
          },
          body: JSON.stringify({
            "aggregateBy": [{
              "dataTypeName": "com.google.step_count.delta",
              "dataSourceId": "derived:com.google.step_count.delta:com.google.android.gms:estimated_steps"
            }],
            "bucketByTime": { "durationMillis": 86400000 },
            "startTimeMillis": 1551207600000,
            "endTimeMillis": 1551716025507
          })
        }).then(function(response) {
          console.log(response)
         })
      } 
    } catch (e) {
      return false;
    }
  }

So, the first step of this function works great and I get real proper data about my google account, but when I make second request to Google Fit, which is depicked above, the response is:

Response {
  "_bodyInit": "{
 \"error\": {
  \"errors\": [
   {
    \"domain\": \"global\",
    \"reason\": \"insufficientPermissions\",
    \"message\": \"Insufficient Permission: Request had insufficient authentication scopes.\"
   }
  ],
  \"code\": 403,
  \"message\": \"Insufficient Permission: Request had insufficient authentication scopes.\"
 }
}
",
  "_bodyText": "{
 \"error\": {
  \"errors\": [
   {
    \"domain\": \"global\",
    \"reason\": \"insufficientPermissions\",
    \"message\": \"Insufficient Permission: Request had insufficient authentication scopes.\"
   }
  ],
  \"code\": 403,
  \"message\": \"Insufficient Permission: Request had insufficient authentication scopes.\"
 }
}
",
  "headers": Headers {
    "map": Object {
      "alt-svc": "quic=\":443\"; ma=2592000; v=\"44,43,39\"",
      "cache-control": "public, max-age=0",
      "content-type": "application/json; charset=UTF-8",
      "date": "Mon, 04 Mar 2019 19:12:00 GMT",
      "expires": "Mon, 04 Mar 2019 19:12:00 GMT",
      "server": "GSE",
      "vary": "X-Origin",
      "www-authenticate": "Bearer realm=\"https://accounts.google.com/\", error=insufficient_scope, scope=\"https://www.googleapis.com/auth/fitness\"",
      "x-content-type-options": "nosniff",
      "x-frame-options": "SAMEORIGIN",
      "x-xss-protection": "1; mode=block",
    },
  },
  "ok": false,
  "status": 403,
  "statusText": undefined,
  "type": "default",
  "url": "https://www.googleapis.com/fitness/v1/users/me/dataset:aggregate",
}

I don’t understand, why it tells about insufficient authentication scopes, if these required scopes are included:
Screenshot_1

… and Google Auth is enabled in Firebase app.

Help me please!

2

Hey @rkrkrk,

By ‘first step of the function’, do you mean the call to Google.logInAsync() ?

And then the response you posted is from the fetch response?

3

Hey @charliecruzan, thank you for reply!

Yes, the call of Google.logInAsync() works great and it returns data of my Google account (Name-Surname, accessToken, etc)

image
image1081×513 166 KB

But then fetch response return 403 error which is provided in my entry message in this topic.

4

Do you have any ideas? Really need someone’s help!

5

It doesn’t look like you have actually requested any scopes. If you did they would appear in the config object that you pass to the call to Google.logInAsync along with the clientId.

Hope this helps.

-Mark

6

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.