google-cloud-platformpermissionsgoogle-cloud-endpointsapi-key
GCP endpoints: The caller does not have permission after requesting API key in query
Trying to use Google Cloud platform with a GKE deployed backend.
I have a swagger file for the endpoints that works fine when not using security.
I added the api key definition in the swagger file:
paths:
/create:
post:
...
security:
- api_key: []
securityDefinitions:
api_key:
type: "apiKey"
name: "key"
in: "query"
and now if I try to post on I get the expected
{
"code": 16,
"message": "Method doesn't allow unregistered callers (callers without established identity). Please use API Key or other form of API consumer identity to call this API.",
"details": [
{
"@type": "type.googleapis.com/google.rpc.DebugInfo",
"stackEntries": [],
"detail": "service_control"
}
]
}
Good, now I created an API key in the credential sections of GCP
I update the post request to include ?key=API_KEY and get the following error:
{
"code": 13,
"message": "\b#The caller does not have permission",
"details": [
{
"@type": "type.googleapis.com/google.rpc.DebugInfo",
"stackEntries": [],
"detail": "service_control"
}
]
}
I can't find any info about this error, does it mean that my API key has no right for this endpoint? If so how can I fix this?
Solution
Confirm that you have the required services enabled
gcloud services enable servicemanagement.googleapis.com
gcloud services enable servicecontrol.googleapis.com
gcloud services enable endpoints.googleapis.com
Also enable your Endpoint service gcloud services enable ENDPOINTS_SERVICE_NAME
- 403 iam.serviceAccounts.actAs permission error trying to attach a service account to a resource in another project
- Cloud Run: mounting volume timed out: The NFS server may not be reachable or may not exist
- Migration from Container Registry to Artifact Registry for App Engine Standard Deployments
- Google Cloud: Access to image has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource
- Im creating a VM using terraform code in GCP. I would like to inject a script that runs when the vm is created upon startup
- QUOTA_EXCEEDED : Exceeded daily quota for email sign-in in spite of using my SMTP settings
- How do I add share drive access to a google service account
- google.cloud namespace import error in __init__.py
- difference between docker BRIDGE and HOST driver?
- How can I connect an externally hosted MySQL database to BigQuery?
- Issue when trying to register an app for consent screen in google oauth
- Google Cloud Platform Trace from Cloud Function Invocation to Cloud Run HttpRequest
- Google OAuth 2 Error 400: redirect_uri_mismatch but redirect uri is compliant and already registered in Google Cloud Console
- Firebase Firestore timestamp not allowed inside array
- Why am I not able to get the env var values from google secret manager?
- changing image repository from Container Registry to Artifact Registry
- ALS (Alternating Least Square) algorithm in multiple rankings for a user
- Unable to connect to Gemini / Vertex AI
- How can I get Firebase Authentication ID tokens to work with Google Cloud Identity Platform so they get validated?
- How to identify the storage space left in a persistent volume claim?
- Cloud Run container stops processing when running parallel FastAPI background tasks
- GCP Cloud Storage - Golang aws sdk2 - Upload file with s3 INTEROPERABILITY Creds
- Creating folders using GCP PHP Client Libraries
- GKE Fluent bit partial logs
- Data loading and transformation from gcs to bigquery
- How to forcefully stop an operation on GKE cluster and thereby delete GKE cluster?
- Apache Beam with Dataflow: flag 'ignore_unknown_columns' for WriteToBigQuery not working
- Google Speech to Text - Not Getting the transcription | SOLVED
- Deploying firebase cloud fails because of some build errors
- Why does Cloud Deploy not support multiple target types in one pipeline?