I'm seeing a 403 "Access to the webpage was denied" error on one specific file being accessed via the Drive SDK. It was working earlier, the app permissions are set correctly, and we're having success with other files using different tokens against the same app.
We're getting the downloadUrl from the SDK successfully, then seeing the error message only after users are redirected to the downloadUrl. Because of that it's hard to track, but we've confirmed that it's working for some, but not for others — it hasn't fully stopped.
The full error text is:
Access to the webpage was denied
You are not authorized to access the webpage at [...] You may need to sign in.
HTTP Error 403 (Forbidden): The server refused to fulfill the request.
We're including the GET download and (valid) access_token parameters, all that.
My question is this: could this be related to the reported Google Drive outage that's currently happening, or is there some sort of throttle/limit to access of a single file over the drive API? I've never seen this behavior before, and this response isn't listed among the standard 403 responses.
I have just seen something similar. I was using a freshly acquired access token, so I don't think it's oauth related. My working theory is that the downloadUrl link was stale. When I got fresh meta data, which had a different value in downloadUrl, it worked using the same access token that had previously failed.
This is only a theory since it isn't documented anywhere, and I would actually expect 410 (or even 301) as a much more appropriate status than 403.
Related
We recently signed up for the tool Oribi. For some reason the Oribi platform is returning the following error and can't connect to our Analytics accounts via the API.
Forbidden: status 403 reading GoogleClient#getWebPropertyProfiles
We've been trying to solve this for weeks now and got the following message from them today - any advice or possible solutions to explore?
While the error we receive from Google indicates that there are insufficient permissions to access the Properties, when looking at your account, everything seems to be properly set.
The next step would be reaching out to Google to inquire about this.
While we won't be able to do this on your behalf, I'll be happy to assist with providing all the relevant information to make sure everything is clear so they can take a look into it.
The situation is as follows: When sending Google the API request to connect the Web Property, the following error is thrown back: Forbidden: status 403 reading GoogleClient#getWebPropertyProfiles.
The user connected to Google has Admin permissions on the account.
We are occasionally seeing an issue with some projects where, when we try to do a GetPublishJob on a BIM360 model, we get back a 403 error, like this:
{"jsonapi":{"version":"1.0"},"errors":[{"id":"ad23cbc6-dc82-4dfd-83f9-6acd14bac6d2","status":"403","code":"C4R","detail":"Failed to get publish model job"}]}
In the docs, it says it could be whitelisting or permissions. We know our app is whitelisted, because we would not have made it this far if it wasn't. We're using 3-legged OAuth, and we believe that the user is able to manually perform the Publish. Can you tell us what specific other permissions might need to be investigated?
I am not typing answer, while I want to check some information with you:
if what you are using is this endpoint, it is public, so it does not need whitelisted. https://forge.autodesk.com/en/docs/data/v2/reference/http/GetPublishModelJob/ .
Since you are using 3 legged token, I doubt it may due to the expired token, while normally it should be 401 error.
With the same token, can your code perform Publish Model?
https://forge.autodesk.com/en/docs/data/v2/reference/http/PublishModel/
was this workflow working well in the past? or just failed recently?
To use this endpoint, the logged user (for 3 legged token) should have access with the folder.
I am using ExactOnline API to fetch the transactions, my API is working fine, but suddenly the Error 403: Forbidden - The division is blocked error occurs and API return the empty result.
Please help.
Thanks.
An HTTP 403 with reason "The division is blocked" typically means the administration is temporarily blocked by a process that needs exclusive access to the administration. Examples are:
One of the company's users is creating or restoring a backup of the administration.
Exact is moving the administration to a different database. (After office hours; users are notified in advance through Exact Online's workflow system.)
API clients should be able to handle this situation. The typical solution is to try again at a later time.
You can find a full list of response codes here:
https://support.exactonline.com/community/s/knowledge-base#All-All-DNO-Content-respcodeserrorhandling
Anybody can help or enlighten me with my issue:
I'm a Java developer and I have an existing smart printer app called GDrive App. It uses Google Drive API (oauth 2.0, gdata-version 2.0 and 3.0 for download-print file) .
This has been working for months until now. Actually, only the download-printing part is no longer working this time, I can still access the app (retrieve files, create folder, search and delete files).
Actual problem:
I keep on getting 401 error when I try to download file (to input stream) for printing. It's confusing because I already provided all the necessary information during the request. And it has been working for many months. No changes of the code. Weird.
I have this for headers:
[Authorization: Bearer ya29.CjAkA8uPBUsKWYMSEDpPxUbP_vtQJOKfCZ7O8I4GkpUkN70bGgnDTAVYiVW2m353H2Y
, GData-Version: 3.0
]
While executing this URL to download and print resource, I couldn't access this.
https://doc-0o-7o-docs.googleusercontent.com/docs/securesc/l9c2gms12ko7qqfc58putbb2v38kkvmm/dp5l9kmpu48kdi8mp2rvtmc1dm1f41tk/1468828800000/09859633411849852329/09859633411849852329/0ByU-nFK_03gtZGhBZkxCYmExeGc?e=download&gd=true
Error 401 means that you aren't authorized properly. Most likely the ya29.CjAkA8uPBUsKWYMSEDpPxUbP_vtQJOKfCZ7O8I4GkpUkN70bGgnDTAVYiVW2m353H2Y access token you are using expired and you have to request another.
You should write your code to anticipate the possibility that a granted token might no longer work. A token might stop working for one of these reasons:
The user has revoked access.
The token has not been used for six months.
The user changed passwords and the token contains Gmail, Calendar,
Contacts, or Hangouts scopes.
The user account has exceeded a certain number of token requests.
source
You can use GoogleAuthorizationCodeTokenRequest to request an access token and possibly a refresh token.
I am getting an error message when trying to use the Google Drive API to get a file. Using Python, the line that causes error is:
file = service.files().get(fileId=googleDriveFileId).execute()
The error message is:
HttpError: <HttpError 404 when requesting
https://www.googleapis.com/drive/v2/files/0B6Cpn8NXwgGPSE8zQW10XzJMc0k?alt=json returned
"File not found: 0B6Cpn8NXwgGPSE8zQW10XzJMc0k">
Basically saying "File not found"
However, if I put the URL being requested into browser, I get a different error message:
https://www.googleapis.com/drive/v2/files/0B6Cpn8NXwgGPSE8zQW10XzJMc0k
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "dailyLimitExceededUnreg",
"message": "Daily Limit Exceeded. Please sign up",
"extendedHelp": "https://code.google.com/apis/console"
}
],
"code": 403,
"message": "Daily Limit Exceeded. Please sign up"
}
}
Neither of these error messages seem correct to me. I know the file is there. Here is a working link to the same file retrieved from "Share Link" in the Google Drive UI:
https://docs.google.com/file/d/0B6Cpn8NXwgGPSE8zQW10XzJMc0k
I have also checked the Quota reports in the api console, and we are at 0% usage.
Any ideas what is going on here?
Thanks
I had similar errors following the python quickstart.
It turned out I had correctly created an API key etc, however had missed step 2:
Select the Services tab in your API project, and enable the Drive API.
Having used the API before I skipped along and missed this crucial point.
Both of the error messages did not have accurate info. The problem was related to permissions. I was using Google Picker to upload the files in question, but these files were not automatically available to the API because of permissions. I thought they would be according to documentation.
I solved problem by setting the permissions for the folder the images are being uploaded to for "Public" using the Google Drive UI. Now my app has permission to access the uploaded files.
While setting files permission to "Public" is okay in my case, as these files are meant to be public, I know this would not be acceptable in all cases. Can someone please shed light on how to handle this problem.... so that files uploaded with Google Picker automatically have the permission to be accessed by the API without setting folder permissions to "Public"?
The messages were accurate.
In the first case, because you don't have permission, Google gives a file not found. This is a standard security measure, rather than leak information by confirming the file exists.
In the second case, you called the API without an Authentication Header, so Google treats you as an unregistered and unauthorised app, which for some Google APIs is OK, up to a a daily quota. In the case of Drive, that daily quota is zero.
I agree it's not intuitive, and I'm sure many developer man years have been wasted (mine included), but it is accurate.
To answer your question about why the uploaded file is inaccessible, check that you have requested the correct scope, and that you are using the correct client id and mime type when doing the upload.