go - googleapi: Error 403: Request had insufficient authentication scopes. More details: Reason: insufficientPermissions, Message: Insufficient Permission

Question

I am trying to send an email with Gmail API. But I get this error

googleapi: Error 403: Request had insufficient authentication scopes. More details: Reason: insufficientPermissions, Message: Insufficient Permission

I think it might bee related to config, I also followed google's quickstart for Go here is the getClient func:

func getClient(config *oauth2.Config) *http.Client {
    // The file token.json stores the user's access and refresh tokens, and is
    // created automatically when the authorization flow completes for the first
    // time.
    tokFile := "token.json"
    tok, err := tokenFromFile(tokFile)

    if err != nil {
            tok = getTokenFromWeb(config)
            saveToken(tokFile, tok)
    }
    return config.Client(context.Background(), tok)
}

here is the code send:

case "pass":
    
    templateData := struct {
        VerPass string
        
    }{
        VerPass: cont1,
        
    }

    emailBody, err := parseTemplate("ver.html", templateData)
    if err != nil {
        fmt.Println("Parse Err")
        return false, err
     }
     
    var message gmail.Message
 
    emailTo := "To: " + to + "
"
    subject := "Subject: " + sub + "
"
    mime := "MIME-version: 1.0;
Content-Type: text/html; charset="UTF-8";

"
    msg := []byte(emailTo + subject + mime + "
" + emailBody)
 
    message.Raw = base64.URLEncoding.EncodeToString(msg)
 
    // Send the message
    fmt.Println("OOOOOYYYYY")
    //here is the problem
    b, err := ioutil.ReadFile("credentials.json")
if err != nil {
        log.Fatalf("Unable to read client secret file: %v", err)
}

// If modifying these scopes, delete your previously saved token.json.
config, err := google.ConfigFromJSON(b, gmail.MailGoogleComScope)

if err != nil {
        log.Fatalf("Unable to parse client secret file to config: %v", err)
}
    client := getClient(config)

srv, err := gmail.New(client)
if err != nil {
        log.Fatalf("Unable to retrieve Gmail client: %v", err)
}
//GmailService
    res, err := srv.Users.Messages.Send("me", &message).Do() // change me
    if err != nil {
        fmt.Println("Res Err")
        fmt.Println(err)
       return false, err
    }
    fmt.Println(res)

I tried for config, err := google.ConfigFromJSON(b, gmail.MailGoogleComScope), I tried using GmailReadonlyScope and gmail.GmailSendScope, but I got the same error.

question from:https://stackoverflow.com/questions/65946707/googleapi-error-403-request-had-insufficient-authentication-scopes-more-detai

Answer 1

Request had insufficient authentication scopes.

Means that the user who has authorized your application to access their data has not granted your application enough permissions in order to do what you are trying to do.

You apear to be using the user.message.send method. If you check the documentation you will find that that method requires that the user be authorized with one of the following scopes.

If you did follow Googles quick start for go then you used gmail.GmailReadonlyScope as a scope which will only give you read only access. However your code now apears to contain the mail.MailGoogleComScope scope which should work however i am guessing you neglected to reauthorize the application. And didn't see the comment in the tutorial

// If modifying these scopes, delete your previously saved token.json.

I suggest you deleted token.json and then the application will require that you authorize it again and your code should work with the elevated permissions.