After following the docs here, I am getting the below error. This error does not make sense as I am using the exact same access token creation process as I am for GIP tenant creation and it works just fine there.
Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential.
My body looks like this
def build_body(params)
{
:idToken => params[:id_token],
:tenantId => ::ENV.fetch("DEFAULT_SHARED_GIP_TENANT"),
:phoneEnrollmentInfo => {
:phoneNumber => params[:phone_number],
:recaptchaToken => params[:recaptcha_token]
}
}.to_json
end
My enroll call:
def enroll(body)
access_token = ::Actions::Gip::AccessToken.new.call.success
::Net::HTTP.post(
URI("https://identitytoolkit.googleapis.com/v2/accounts/mfaEnrollment:start"),
body,
{ :Authorization => "Bearer #{access_token}", "Content-Type" => "application/json" }
)
end
My access token action:
def fetch_token(json_string)
::Rails.cache.fetch("portal.gip.access_token", :expires_in => 55.minutes) do
scope = ["https://www.googleapis.com/auth/identitytoolkit", "https://www.googleapis.com/auth/cloud-platform"]
authorizer = Google::Auth::ServiceAccountCredentials.make_creds(
:json_key_io => StringIO.new(json_string), # Service account creds
:scope => scope
)
token = authorizer.fetch_access_token!
token["access_token"]
end
end
The service account has the roles Firebase Admin, Identity Platform Admin, and Identity Toolkit Admin
Hello @matt_hadley,
Welcome to Google Cloud Community!
The error message you posted means that the request you made to a GCP service or API endpoint is missing the necessary authentication credentials. Most APIs require proper authentication to ensure that only authorized users and applications can access the resources and services.
This link might be useful for you in resolving this issue.
Thanks