Search code examples
google-apioauth-2.0youtube-apigoogle-oauth

403 Forbidden error when deleting YouTube video

I have been using the OAuth approach to upload,update and delete videos on YouTube. That all has been working fine until about February 12th where all of those processes stopped working. Now when I go to delete a YouTube video I get the following error:

"code": 403, "message": "The video that you are trying to delete cannot be deleted. The request might not be properly authorized."

I know that the OAuth process is working because I can get the token and refresh the token if it has expired. I'm using the latest PHP library that Google have provided (installed using composer). And I can get information about a valid YouTube video by making the following call:

$videoId = "xxxxxxx"; //id of video on YouTube
$youtube->videos->listVideos("snippet", array('id' => $videoId));

But then the delete call gives that error above.

$youtube->videos->delete($videoId);

Since the listVideos works, that confirms that the client_id, secret key and token is correct. I also am setting the scopes to be the following

$client->setScopes(array('https://www.googleapis.com/auth/youtube',
'https://www.googleapis.com/auth/youtube.upload',
'https://www.googleapis.com/auth/youtubepartner'));

I also checked that the credentials and quotas set in the Google APIs are ok. I thought that maybe the quota had been reached but that doesn't appear to be the case. I did see an email from YouTube in early february saying that they have a new terms of service and a developer policies. I reviewed all that but nothing in there appears to point to the issue I am having?

Not sure what else to try?

Solution

  • Try to check my answer here in this SO question that focus on how to Refresh Token with the Google API.

    Your error usually caused by:

    • When the token expires
    • The token’s scope (this is important)
    • If the token is invalid

    If the token is invalid you can troubleshoot like this:

    • Remove the access token from your datastore or database.

    • Use the refresh token to acquire a new access token (if you are using a refresh token)

    • Try to make the API call again. If it works, you’re good! If not …

    • Check the access token against the tokenInfo API

    • If it’s still invalid, do a full reauth

    Hope this helps!