I am using GoogleFit Rest API to create a nutrition data source so that I can subsequently store nutrition information. I have done this successfully on Android via the GoogleFit SDK, but because no such SDK is available on iOS, I resorted to using the REST APIs via the link above. When trying to create the data source I am returned the following error:
{
"error": {
"code": 403,
"message": "The caller does not have permission",
"errors": [
{
"message": "The caller does not have permission",
"domain": "global",
"reason": "forbidden"
}
],
"status": "PERMISSION_DENIED"
}
}
and the POST request I am using is:
Endpoint: https://www.googleapis.com/fitness/v1/users/me/dataSources
Body:
{
"application": {
"detailsUrl": "https://strongfoundation.dev",
"name": "Strong Foundation",
"packageName": "com.coding.casa.Strong.Foundation",
"version": "1.0.1"
},
"dataStreamId": "raw:com.google.nutrition:com.coding.casa.Strong.Foundation:Apple:iPad Air (3rd generation):****",
"dataType": {
"name": "com.google.nutrition"
},
"device": {
"manufacturer": "Apple",
"model": "iPad Air (3rd generation)",
"type": "phone",
"uid": "*****",
"version": "15.7"
},
"name": "strong-foundation-food",
"type": "raw"
}
Has anyone seen this error and was able to resolve it? I have tried adding the API Key to the request, but that did not change the error, and I do have the Fitness API enabled on my project.
EDIT:
I am also supplying a Bearer token with the following authorized scopes
"https://www.googleapis.com/auth/fitness.activity.read",
"https://www.googleapis.com/auth/fitness.body.write",
"https://www.googleapis.com/auth/fitness.body.read",
"https://www.googleapis.com/auth/fitness.nutrition.read",
"https://www.googleapis.com/auth/fitness.nutrition.write",
You don't include the others details of the REST method call.
Importantly, HTTP 403 is Forbidden suggesting that you didn't include an Authorization header in your request with value Bearer {TOKEN} where {TOKEN} is an access token for an identity that has suitable scopes to access the API. See authorization
Although Swift is not one of Google's officially supported languages, Google has a Swift REST Client Generator for Google APIs and you should be able to use it to generate a Google client library for Swift for Google Fit.
Did some more playing around with the FitnessAPI (specifically creating data sources) and found the issues was with my request payload.
The payload that worked for me is as follows:
{
"application": {
"detailsUrl": "https://strongfoundation.dev",
"name": "Strong Foundation",
"version": "1.0.1"
},
"dataType": {
"name": "com.google.nutrition"
},
"device": {
"manufacturer": "Apple",
"model": "iPad Air (3rd generation)",
"type": "phone",
"uid": "****",
"version": "15.7"
},
"name": "strong-foundation-food",
"type": "raw"
}
The deltas from the original one are removed the following properties:
application.packageName
dataStreamId
Related
we are using microsoft graph api list and send emails. The new requirement is to search emails. When following URL is tried then we are getting errors. Can someone suggest if this is the right api to search mails messages? or what kind of permissions are missing?
URL : https://graph.microsoft.com/v1.0/search/query (documentation here)
Error using following request body : "Application permission is only supported for the following entity types:site, list, listItem, drive and driveItem."
{
"requests": [
{
"entityTypes": [
"message"
],
"query": {
"queryString": "hello"
},
"region": "NAM",
"from": 0,
"size": 25
}
]
}
Error returned::
"code": "System.UnauthorizedAccessException",
"message": "Application permission is only supported for the following entity types:site, list, listItem, drive and driveItem.",
"target": "",
"httpCode": 403
When tried to change the body to get list, as expected it did not return list, as we have only mail.readwrite permissions.
{
"requests": [
{
"entityTypes": [
"listItem"
],
"query": {
"queryString": "contoso"
},
"region": "NAM",
"sharePointOneDriveOptions": {
"includeContent": "privateContent,sharedContent"
}
}
]
}
Error Returned:
"code": "System.UnauthorizedAccessException",
"message": "Access to ListItem in Graph API requires the following permissions: Sites.Read.All or Sites.ReadWrite.All. However, the application only has the following permissions granted: Mail.ReadWrite, Mail.Read",
"target": "",
"httpCode": 403
As per the doc - Known limitation , You can access only the signed-in user’s own mailbox. Searching delegated mailboxes is not supported. try to write query to search your own message.
Hope this helps
Thanks
We're using the client_credentials flow to get access for our application to tenants environments. The application has the correct scopes, and we get an access token that is working for other endpoints like /users but when doing a request like the following we get error messages.
GET https://graph.microsoft.com/beta/me/findRooms
{
"error": {
"code": "ErrorInvalidUser",
"message": "The requested user '{userId}#{tenantId}' is invalid.",
"innerError": {
"request-id": "b72d26a3-d0ad-42eb-a3d3-35951cb42b3d",
"date": "2020-01-21T10:21:28"
}
}
}
I understand that there's no "me" when we're just an application, but how do we access these types of endpoints in that case? Do I have to have a user to act as, as well? That seems to me like it defeats the purpose of a daemon like this. Cannot find any clear documentation on this matter. On this page in the docs on the use a token section they even refer to a /me endpoint, which is incorrect in that case.
I've tried requesting the /users/{id}/findRooms endpoint with all different kinds of ID's I can find in the access token - none of them work.
Other people with the same issue, that have yet to resolve it.
1. Feedback area in docs
2. Github issue
Best regards,
Christopher
Using the /users/{user-id} is the only pattern that will work with client credentials. In your case, this should work, so maybe it's an issue with the id you are using.
To make sure I'm not giving you bad information, I just tested this with an app-only token from the client credentials flow. Parsing that token over at https://jwt.ms, I see the roles claim like so:
"roles": [
"User.Read.All"
]
If first did a GET /users?$select=displayname,id, and this user was included in the response:
{
"displayName": "Adele Vance",
"id": "3103c7b9-cfe6-4cd3-a696-f88909b9a609"
}
This is the id to use in your findRooms call. I did GET /users/3103c7b9-cfe6-4cd3-a696-f88909b9a609/findrooms and got the following response:
{
"#odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.emailAddress)",
"value": [
{
"name": "Conf Room Adams",
"address": "Adams#M365x330971.onmicrosoft.com"
},
{
"name": "Conf Room Baker",
"address": "Baker#M365x330971.onmicrosoft.com"
},
{
"name": "Conf Room Crystal",
"address": "Crystal#M365x330971.onmicrosoft.com"
},
{
"name": "Conf Room Hood",
"address": "Hood#M365x330971.onmicrosoft.com"
},
{
"name": "Conf Room Rainier",
"address": "Rainier#M365x330971.onmicrosoft.com"
},
{
"name": "Conf Room Stevens",
"address": "Stevens#M365x330971.onmicrosoft.com"
}
]
}
I am quite new in using Google APIs. So, the problem is that I am administrator of the YouTube channel (not the owner). And I would like to get the straffic sources that were embedded on external websites. So, I've created new project and formed a request through Google APIs Explorer. Here it is:
https://youtubeanalytics.googleapis.com/v2/reports?dimensions=insightTrafficSourceDetail&endDate=2018-12-12&filters=insightTrafficSourceType%3D%3DEXT_URL&ids=channel%3D%3D{MY_CHANNEL}&maxResults=25&metrics=views&sort=-views&startDate=2014-05-01&key={MY_API_KEY}
Here is the result:
200
- Show headers -
{
"kind": "youtubeAnalytics#resultTable",
"columnHeaders": [
{
"name": "insightTrafficSourceDetail",
"columnType": "DIMENSION",
"dataType": "STRING"
},
{
"name": "views",
"columnType": "METRIC",
"dataType": "INTEGER"
}
],
"rows": [
[
"vk.com",
2399
],
[
"unknown",
872
],
[
"yandex.ru",
23
]
But when I try to write the request into the browser address bar directly, it says:
{
"error": {
"code": 401,
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"errors": [
{
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"domain": "global",
"reason": "unauthorized"
}
],
"status": "UNAUTHENTICATED"
}
}
I pushed into the {API_KEY} field from here
But, unfortunately, the result is such as provided above. What am I doing wrong? Can you provide the step-by-step instruction to get the right HTTP-request for my aim, as I counld'nt find it? Thank you!
I am unable to provision users to a federated domain, say example.org, with Microsoft Graph API.
The url I am sending the POST to is:
https://graph.microsoft.com/v1.0/users
json payload is:
{
"accountEnabled": true,
"city": "Seattle",
"country": "United States",
"department": "Sales & Marketing",
"displayName": "Melissa Darrow",
"givenName": "Melissa",
"jobTitle": "Marketing Director",
"mailNickname": "MelissaD",
"passwordPolicies": "DisablePasswordExpiration",
"passwordProfile": {
"password": "Test1234",
"forceChangePasswordNextSignIn": false
},
"officeLocation": "131/1105",
"postalCode": "98052",
"preferredLanguage": "en-US",
"state": "WA",
"streetAddress": "9256 Towne Center Dr., Suite 400",
"surname": "Darrow",
"mobilePhone": "+1 206 555 0110",
"usageLocation": "US",
"immutableID": "melissab",
"userPrincipalName": "melissab#example.org"
}
What I receive is:
{
"error": {
"code": "Request_BadRequest",
"message": "One or more properties contains invalid values.",
"innerError": {
"request-id": "9e8af7a6-fba2-4a66-8421-19dbfd2c36f1",
"date": "2017-05-12T12:13:22"
}
}
}
please note immutableId can be found in the payload.
Is it possibile to provision such users with the given REST framework?
immutableID must be Base64 encoded (byte[])
Ex:
String immutableId = new String(Base64.encodeBase64("someText".getBytes()));
This is expected behavior. The Graph API does not handle the user sync part. User can be synced using Microsoft Azure Active Directory Sync Tool.
Using graph api you can sync the user from azure to our application.
ex : USER_SYNC_QUERY = "https://graph.microsoft.com/v1.0/users?$top=100&$count=true";
1) On each request graph api will send you a #odata.nextLink parameter i.e the skip token for getting next users if more than requested user is present in your azure.
2) By passing the skip token with each request you can sync all the users form azure to your application
I've upgraded to Cloud Endpoints 2.0 which no longer supports RPC. Therefore, I generated a new discovery document and used the service generator with the REST discovery doc as input in order to generate the client library for my iOS app.
Using the new REST discovery doc I am getting the following error when trying to generate the library:
~/workspace/google-api-objectivec-client-for-rest/Source/Tools/ServiceGenerator/build/Release/ServiceGenerator discovery/servUsApi-v1-rest.discovery --outputDir GTLAPI --gtlrFrameworkName GoogleAPIClientForREST
ERROR: Failure, exception: Looking at parameter 'creditKickbackKash:creditAmount', found a type/format pair of 'number/(null)', and don't how to map that to Objective-C
I was able to manually fix this by adding (in numerous places) in the discovery doc, the "format": "double" key and value for all double parameters. Notice creditAmount below is missing a format, like all other doubles.
The generated discovery doc looks like this:
"creditKickbackKash": {
"httpMethod": "PUT",
"id": "servUsApi.admin.creditKickbackKash",
"parameterOrder": [
"userId",
"creditAmount"
],
"parameters": {
"userId": {
"format": "int64",
"location": "path",
"required": true,
"type": "string"
},
"creditAmount": {
"location": "path",
"required": true,
"type": "number"
}
},
"path": "creditKickbackKash/{userId}/{creditAmount}",
"response": {
"$ref": "ResultDTO"
},
"scopes": [
"https://www.googleapis.com/auth/userinfo.email"
]
}
Is anyone else having this issue? How can I get the discovery document generation to properly format the document including double number types?
I had the same problem. I rolled back from 1.9.50 to 1.9.48 and the problem is gone.