Userinfo.Email Authorization Returns Access Denied

  • 1
  • Question
  • Updated 3 years ago
  • Answered
  • (Edited)
Hi Everybody,

I have been trying to get started using the Core API, but I've never used any of Google's authentication before. I am looking at Rodrigo's dashboard example (which is great), but I can't recreate the authorization call on my own server. 

    var config = {   
        'client_id': 'xxxxxx.apps.googleusercontent.com',
        'scope': 'https://www.googleapis.com/auth/userinfo.email',
        'immediate': true,
        'cookie_policy': 'single_host_origin'
    };
    gapi.auth.authorize(config, handleAuth);

...then the returned object looks like this....

    client_id: "xxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com"
    cookie_policy: "single_host_origin"
    error: "immediate_failed"
    error_subtype: "access_denied"
    expires_at: "1438179723"
    expires_in: "86400"
    g_user_cookie_policy: "single_host_origin"
    issued_at: "1438093323"
    response_type: "token"
    scope: "https://www.googleapis.com/auth/userinfo.email"
    state: ""

If I use https://www.googleapis.com/auth/userinfo.profile, Google will return succesfully, but that doesn't successfully authorize the Rise API. I have been searching for something in Google's developer console to turn on the email scope authorization, but I haven't found anything yet. Any ideas?

My code is hosted here too, if it helps....http://45.55.74.55/Rise/ ....I am outputting the returned object to the console
Photo of Stephen Garrett

Stephen Garrett, Champion

  • 2,674 Points 2k badge 2x thumb
  • like I am about to figure this out

Posted 3 years ago

  • 1
Photo of Justin

Justin, Employee

  • 2,526 Points 2k badge 2x thumb
Stephen,

I spoke with Rodrigo, and his recommendation is:

Change immediate: false to get to the google authentication page. Also, look at this code https://github.com/Rise-Vision/core-api/blob/gh-pages/javascript/auth.js;
and make sure you have registered your apps client id on the Developer hub.

Justin
Photo of Stephen Garrett

Stephen Garrett, Champion

  • 2,674 Points 2k badge 2x thumb
Hey Justin,

I could have sworn that I tried that before, but it's working now. Thanks!

So now that we have the authentication pop up, any google account I authenticate with seems like it will let me access all of the Core API data. Is that right? So then, I would need to look at the email my user logs in with, and direct them to the appropriate content based on that?
Photo of Stephen Garrett

Stephen Garrett, Champion

  • 2,674 Points 2k badge 2x thumb
Ignore my last question. After doing some more examples I realized that the data returned does correspond to the Google account you log in with.