This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Invalid Scope Error

Posted on 10-04-2023 10:53 AM
jmodottid
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

I have created an API Product through the gcp console and set the "Allowed OAuth scopes" as "courses:read,modules:read".

I am attempting to create a developer app using the management API. I am sending this as my request body:

const body = {
    name: "redacted",
    scopes: ["courses:read", "modules:read"],
    status: "approved",
    apiProducts: ["redacted"],
};

I am getting the following error as my response. Is there some nuance I am missing or is this a known apigee management api bug? I am passing valid scopes.

 

error: {
  code: 400,
  message: "Invalid scopes. Scopes must be contained in [modules:read, courses:read]",
  status: "INVALID_ARGUMENT",
  details: [
    {
       "@type": "type.googleapis.com/google.rpc.PreconditionFailure",
       violations: [
         {
            type: "keymanagement.service.InvalidScopes",
            subject: "[2002:a17:531:99cc::]:4116:gece10-20020a057110324a00b0021a50681eb5:9805:349579:99732193",
            description: "Invalid scopes. Scopes must be contained in [modules:read, courses:read]"
         }
       ]
    }, {
       "@type": "type.googleapis.com/google.rpc.RequestInfo",
       requestId: "4204281115099135940"
    }
 ]
}
0 2 402
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
jmodottid
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I created a duplicate API product with the same scopes and the bug could not be reproduced. The issue seems to be updating the scopes on an existing API product through the console.

0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

Hmmm - it just works for me. And I don't see a problem when updating scopes through the console. 

I  tried this:

  1. configuring an API product to have scopes "courses:read,modules:read" . Tried to create a dev app with "courses:read,modules:read" scopes. Success.
  2. updated the existing API product, changed the scopes to "A,B". Tried to create a dev app with "courses:read,modules:read" scopes.  Got the expected error "Invalid scopes", citing "[A,B]"
  3. updated the API product again.  reverted scopes to "courses:read,modules:read". Again tried to create another dev app with "courses:read,modules:read" scopes. Success.

So all of it just works, for me. 

Sorry you're having trouble. But glad to hear you sorted it out for yourself. 

If you feel like investigating this situation further, and care to share the "1,2,3" steps that would allow me to reliably reproduce the error you saw, I'll file a bug on your behalf.

0 Likes
Top Solution Authors
View all