Google Apps Script API - Permissions for my Python script to execute an Apps Script function

Question

this is my first contribution here.

I'm trying to access Gmail through a python script. To do so, I've created a Google Apps Script function and used the Apps Script API between the 2. (This doc displays what I'm trying to do)

So the python script correctly accesses the API, but fails to execute the function. While it works in the Script Editor, in Python it raises a permissions issue:

'errorMessage': 'Exception: The script does not have permission to perform that action.
Required permissions: (
https://www.googleapis.com/auth/gmail.labels ||
https://www.googleapis.com/auth/gmail.metadata ||
https://www.googleapis.com/auth/gmail.readonly ||
https://www.googleapis.com/auth/gmail.modify ||
https://mail.google.com/
)',
'errorType': 'ScriptError'

I guess it is related to the Client ID OAuth, since I was not able to find where to grant it permissions. I've just :

• created the credentials in Google Cloud Platform,
• exported it as creds.json in my python script folder.

Here is my code, almost copy pasted from a tutorial:

import pickle
import os.path
from googleapiclient import errors
from googleapiclient.discovery import build
from google_auth_oauthlib.flow import InstalledAppFlow
from google.auth.transport.requests import Request

# Here I've edited the scopes of authorizations required
SCOPES = [
    "https://www.googleapis.com/auth/gmail.labels",
    "https://www.googleapis.com/auth/gmail.metadata",
    "https://www.googleapis.com/auth/gmail.readonly",
    "https://www.googleapis.com/auth/gmail.modify",
    "https://mail.google.com/"
  ]
    
def get_scripts_service():
    creds = None
    # The file token.pickle stores the user's access and refresh tokens, and is
    # created automatically when the authorization flow completes for the first
    # time.
    if os.path.exists('token.pickle'):
        with open('token.pickle', 'rb') as token:
            creds = pickle.load(token)
    if not creds or not creds.valid:
        if creds and creds.expired and creds.refresh_token:
            creds.refresh(Request())
        else:
            # Here I've placed the downloaded credentials .json file
            flow = InstalledAppFlow.from_client_secrets_file(
                'creds.json', SCOPES)  
            creds = flow.run_local_server(port=0)
        with open('token.pickle', 'wb') as token:
            pickle.dump(creds, token)

    return build('script', 'v1', credentials=creds)


service = get_scripts_service()

API_ID = # Here i've pasted my API_ID

request = {"function": # Here i've pasted my functionName} 

try:
    response = service.scripts().run(body=request, scriptId=API_ID).execute()

    print (response)
except errors.HttpError as error:
    # The API encountered a problem.
    print(error.content)

How do I grant permissions to my script?

Answer 1

Simple as Aerials said! Thanks. It was because the Client ID was created before I edited the scopes. I've deleted the token and created a new one.