0

We have been using OAuth 2.0 for authenticating google search console webmasters API. we are mainly hitting two endpoints /sites and /searchAnalytics/query to fetch sites and sitemaps data. Interestingly, the access_token which got generated using refresh_token is able to retrieve data for sites but not for sitemaps. For sitemaps it's throwing error:

HTTP-error-code: 403, Error: User does not have sufficient permission for site https://www.example.com See also: https://support.google.com/webmasters/answer/2451999

This behaviour has started since June 4, 2022. Prior to that it's been working perfectly fine.

Linda Lawton - DaImTo
  • 106,405
  • 32
  • 180
  • 449
ck22
  • 264
  • 3
  • 16
  • Sometimes the API key you're using in order to generate these tokens for your client have a TTL (Time To Live) mechanism set in place (not referring specifically to OAuth 2.0), I'd suggest to refresh your API key for OAuth 2.0, other than that, try to provide more details in your question. – Holdsworth Jul 20 '22 at 10:39
  • @Holdsworth I believe its not the case of TTL. since the refresh token is able to generate access_token and generated access_token is able to retrieve data for /sites – ck22 Jul 20 '22 at 10:40
  • Did you overview if there were any changes in permissions given to users/roles? – Holdsworth Jul 20 '22 at 10:44
  • Please edit your question and include [example] – Linda Lawton - DaImTo Jul 20 '22 at 10:51

1 Answers1

0

User does not have sufficient permission for site

This error means that the currently authenticated user does not have permission to access the site you are trying to retrieve data for.

For example the sitesmaps.list method will return a list of all sites that the currently authenticated user has access to.

While a sitesmaps.get method requires that you send a url of the site you would like to retrieve information for.

If the user who is currently authenticated does not have access to that site then you will get the error you are getting.

The solution would be to authorize your application with a user who has access. Or use a service account and configure delegation Managing owners, users, and permissions

Linda Lawton - DaImTo
  • 106,405
  • 32
  • 180
  • 449