Hello Make Community,
I am working on an automation and trying to create an API Call to Google Photos to move photos from one album to another after certain actions are taken within my automation. I have setup my Google Photos connection and have confirmed I have proper permissions: https://www.make.com/en/help/app/google-photos?_gl=1*1nt7aa1*_ga*MTY3OTY2ODQ0OS4xNzEwNDUzMDE1*_ga_MY0CJTCDSF*MTcxNDcxMDU3NC4xNDQuMS4xNzE0NzE3MDkwLjU2LjAuMA…
However, when I use the Make an API Call module for Google Photos on my album, I am getting the following error: The operation failed with an error. 403: PERMISSION_DENIED - Request had insufficient authentication scopes.
I have checked the scopes and they are giving correct access per the Google Photos API. The specific call I am trying to do is “AddMediaItems”:
Here is the Google Photo API library:
Can anyone help with this? Anyone else experiencing issues with Google Photos and Making an API call?
Thank you,
John
How to create an OAuth app in GCP: https://www.make.com/en/help/tutorials/calling-google-apis-via-the--http-make-a-oauth-2-0-request--module ← FOLLOW THIS
1a. Enable the relevant API
Find the relevant API here: Google Cloud console
Go to API page, end click “Enable”
1b. Add the relevant scopes
Direct Link: https://console.cloud.google.com/apis/credentials/consent/edit
2. Insert all the known Google Redirect URIs for your app
Direct Link: https://console.cloud.google.com/apis/credentials
Here are some known redirect URIs you need for your Google Cloud Console OAuth app. If you set these up, you can reuse the same GCP app for other Google apps and modules on Make.
Once you’ve set these up, you can use/reuse the same Make connection for all the supported Google apps & modules on Make - you’ll only have to enable the APIs for your custom app.
3. Publish your GCP OAuth2 app
Direct Link: https://console.cloud.google.com/apis/credentials/consent
You might need to set your OAuth application to “Production”, otherwise the credentials expire very frequently.
1. To do this, go to menu item “OAuth consent screen”
or click here https://console.cloud.google.com/apis/credentials/consent
2. Then click the button below if the Publishing status is not “In production”
4. Set up connection (HTTP OAuth, or respective Google App)
A. HTTP OAuth2
You need a “Authorize parameters” key of redirect_uri with the above Make OAuth2 callback URL.
You can find the Client ID and Client Secret in the OAuth2 app you created in GCP, on the right-hand side of where you inserted the 8 callback URLs in step 2:
B. Google App
Insert the GCP app client ID and secret here BEFORE clicking “Sign in”
Gmail example:
samliew – request private consultation
Join the Make unofficial Discord server!
1 Like
Hi Samliew,
Thank you for your post. I am still experiencing an issue. Please see this:
https://www.loom.com/share/dcba5cb1928d4b4595fa1e9aa42ff13e
** Steps to Reproduce**
- List the media items
- Get the media item
- Get a specific album
- Perform an action to move a photo to the album ID and move to trash through HTTP Post
** Success Would Be **
- User should be able to successfully move a photo to a specific album without encountering an insufficient scope error
==========
{
“error”: {
“code”: 403,
“message”: “Request had insufficient authentication scopes.”,
“status”: “PERMISSION_DENIED”,
“details”: [
{
“@type”: “type.googleapis.com/google.rpc.ErrorInfo”,
“reason”: “ACCESS_TOKEN_SCOPE_INSUFFICIENT”,
“domain”: “googleapis.com”,
“metadata”: {
“method”: “google.photos.library.v1.PhotosLibrary.CreateAlbum”,
“service”: “photoslibrary.googleapis.com”
}
}
]
}
}
Here is the Google Photos API call I am using:
Further thoughts?
Thank you!
John
What was the scope you used when setting up the OAuth connection?
Perhaps you can also try the Photos “Make an API Call” module instead of the HTTP OAuth module, which might be simpler to set up?
1 Like
