This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

ACCESS_TOKEN_SCOPE_INSUFFICIENT error comes for GenerativeAI with ADC Key

Posted 2 weeks ago
sivapuppala75
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

 I am using the ADC Key Method to authenticate the Google Generative AI api in Node JS. But getting the below error
Code: 

 

 

 

const ai = new GoogleGenAI({
    keyFile: process.env.GOOGLE_APPLICATION_CREDENTIALS,
    scopes: [
        'https://www.googleapis.com/auth/generative-language'
    ]
})
const response = await ai.models.generateContent({
     model: 'gemini-2.5-pro',
     contents: prompt
})

 

 

Response:

 

 

{
  "error": {
    "code": 403,
    "message": "Request had insufficient authentication scopes.",
    "status": "PERMISSION_DENIED",
    "details": [
      {
        "@type": "type.googleapis.com/google.rpc.ErrorInfo",
        "reason": "ACCESS_TOKEN_SCOPE_INSUFFICIENT",
        "domain": "googleapis.com",
        "metadata": {
          "service": "generativelanguage.googleapis.com",
          "method": "google.ai.generativelanguage.v1beta.GenerativeService.GenerateContent"
        }
      }
    ]
  }
}

 

 

I have given Owner & Editor Roles to the Service Account. But still facing the issue

 

0 2 190
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
caryna
Staff
Reply posted on --/--/---- --:-- AM

Hi @sivapuppala75,

Welcome to Google Cloud Community!

You can review this developers guide  which provides detailed information on how to set up authentication for the Gemini API using ADC method.

To gain further insight, refer to this documentation  that explains how Application Default Credentials works. Also try checking this related discussion  from Google Cloud Community, there are mentioned links that might be helpful based on your case scenario and possible reason why you’ve encountered this error. 

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.

0 Likes

Posted on --/--/---- --:-- AM
ericdong
Staff
Reply posted on --/--/---- --:-- AM

Please try authenticating including the correspondent API scope, e.g: generative-language.retriever allows SDK usage, for example:

scopes='https://www.googleapis.com/auth/cloud-platform,https://www.googleapis.com/auth/generative-language.retriever'



0 Likes
Top Solution Authors
View all