Hitting Google Play Android Developer API through Google Cloud sdk

Question

I am trying to set priority for an app-update using Google Play Developer Publishing API. As per documentation,I need to call androidpublisher.googleapis.com services. I installed Cloud SDK in my Linux device to make service call.Also i have performed all steps and able to initialize sdk using gcloud init.

But when i try to perform Edits using below command

curl -X POST -H "Authorization: Bearer [oauth2_client_id]" -H "Content-Type: application/json" https://androidpublisher.googleapis.com/androidpublisher/v3/applications/com.xyz.abc/edits -d'{"id": "20","expiryTimeSeconds": "180}'

I get below error-

{ "error": { "code": 401, "message": "Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.", "status": "UNAUTHENTICATED" } }

I have already provided oauth client id in request!How to resolve this?If OAuth 2 access token is needed , how will i get that using gcloud?

UPDATE

Based on answer i sent token inside authorization and got error-

{
  "error": {
    "code": 403,
    "message": "Request had insufficient authentication scopes.",
    "status": "PERMISSION_DENIED"
  }
}

why i am still getting error?

UPDATE2

Now I am able to get code/token (not sure if it is access token) with required scopes using following URL- https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/androidpublisher&response_type=code&access_type=offline&redirect_uri={your redirect url}&client_id={your client ID})

Below are the details of steps i performed but couldn't make it work-

1.Open Terminal and move to google cloud sdk bin folder using command- cd /home/bhuvnesh.varma/Downloads/google-cloud-sdk/bin

2.Run command - gcloud init After selecting configuration,account and project i get message- Your Google Cloud SDK is configured and ready to use!

3.I hit this URL on browser replacing client id and redirect url- https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/androidpublisher&response_type=code&access_type=offline&redirect_uri={your redirect url}&client_id={your client ID})

I got the message-

"Please copy this code, switch to your application and paste it there: 4/AX4XfWgUvVTE0VknkW0R35rUOsNZ7IVmMCebiV3yyyKxP4c7y0jjZxxcF0TQg"

4.Then i performed Edits command on terminal using generated token/code-

curl -X POST -H "Authorization: Bearer 4/AX4XfWgUvVTE0VknkW0R35rUOsNZ7IVmMCebiV3yyyKxP4c7y0jjZxxcF0TQg" -H "Content-Type: application/json" https://androidpublisher.googleapis.com/androidpublisher/v3/applications/com.xyz.abc/edits -d'{"id": "20","expiryTimeSeconds": "180}'

Still i received below error- { "error": { "code": 401, "message": "Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.", "status": "UNAUTHENTICATED" } }

Answer 1

The Bearer value should be an OAuth access token.

I'm unfamiliar with this API. Is it operating on behalf of a specific (individual) user? Corollary: does it require user-specific information? If so, you should be able to authenticate using the account that you used to gcloud auth login. You can get an access token for it using:

TOKEN=$(gcloud auth print-access-token)

curl ... --header "Authorization: Bearer ${TOKEN}" ...

If not (that doesn't work) you should create a service account to authenticate the call. This process is more involved as you'll also need to create a key for that account and authenticate using it with gcloud auth activate-service-account. You can then resume the gcloud auth print-access-token above.

NOTE It is almost always best practice to use Google's client SDKs for interacting with its services. Using these, auth is handled -- mostly transparently -- for you.