Google API authentication: Not valid origin for the client

问题

When making an auth request to the Google API (gapi), it's returning false on the checkOrigin.

I have removed any client id's or anything that would link directly to my account and replaced it with a regex indicating what the data is for reference.

Url: https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Flocal.tools&client_id=(\d{21})

My origin url is a local url, which is https://local.tools

Result: {valid: false}

I'm using the example found here without deviation (except for replacing clientid with my 21 digit clientid): https://ga-dev-tools.appspot.com/embed-api/third-party-visualizations/

The items I'm trying to display show up nicely on the demo site, but aren't getting past the Not valid origin for the client error on my local.tools site.

回答1:

I received the same console error message when working with this example: https://developers.google.com/analytics/devguides/reporting/embed/v1/getting-started

The documentation says not to overlook two critical steps ("As you go through the instructions, it's important that you not overlook these two critical steps: Enable the Analytics API [&] Set the correct origins"), but does not clearly state WHERE to set the correct origins.

Since the client ID I had was not working, I created a new project and a new client ID. The new project may not have been necessary, but I'm retaining (and using) it.

Here's what worked:

Create a new project
Add and Enable the Analytics API
Create a new credential - ensure that it is an OAUTH credential (scroll to the bottom of this page for instructions https://developers.google.com/api-client-library/javascript/start/start-js#Setup).

During creation of the credentials, you will see a section called "Restrictions Enter JavaScript origins, redirect URIs, or both". This is where you can enter your origins.

Save and copy your client ID (and secret).

My script worked after I created the new OAUTH credential, assigned the origin, and used the newly generated client ID following this process.

回答2:

Clear your browser cache. Started getting this error in Chrome and then I created a new client id and was still getting the issue. Opened firefox and it worked, so I cleared the cache on Chrome and it started working.

回答3:

Credentials do not work if API is not enabled. In my case the next steps was needed:

Go to https://console.developers.google.com/apis/library
Enter 'People'
From the result choose 'Google People API'
Click 'Enable'

回答4:

try clear caches and then hard reload, i had same error but when i tried to run on incognito browser in chrome it worked.

回答5:

For me - I just went here:

https://console.developers.google.com/apis/credentials

Then chose the right project; then choose the credential with the same ID shown in your console error message. When editing the credentials you can add multiple origins to the white list.