I make the following API call once I configure my project and necessary roles and it doesn't work.
-X GET \ -H "Authorization Bearer $(gcloud auth print-access-tokem --impersonate.service.account=<PII removed by staff>)" \ "https://cloudresourcemanager.googleapis.com/v3/projects/project2-419814"
curl: (3) URL rejected: Bad hostname
curl: (3) URL rejected: Bad hostname
{
"error": {
"code": 401,
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"status": "UNAUTHENTICATED",
"details": [
{
"@type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "CREDENTIALS_MISSING",
"domain": "googleapis.com",
"metadata": {
"method": "google.cloud.resourcemanager.v3.Projects.GetProject",
"service": "cloudresourcemanager.googleapis.com"
}
}
]
}
}
The "UNAUTHENTICATED" error code (401) from the Google Cloud Platform (GCP) API, means that the API call couldn't find a valid authentication token.
Check if the gcloud auth print-access-token command is generating a valid access token.
Make sure the Authorization header in your API call is formatted correctly. It should be:
Authorization: Bearer <access_token>
You can refer to these documentation for more information:
https://cloud.google.com/docs/authentication
https://cloud.google.com/docs/authentication/use-service-account-impersonation
https://cloud.google.com/sdk/gcloud/reference/auth/print-access-token
The error message you're getting indicates two potential issues with your API call:
Bad Hostname: The curl command is rejecting the URL "https://cloudresourcemanager.googleapis.com/v3/projects/project2-419814" with a "Bad hostname" error. This could be a typo or an issue with how you're constructing the URL.
Missing Authentication: The response from the server indicates a 401 error ("UNAUTHENTICATED"). This means the API call is missing the required authentication credentials. While you've included the Authorization header with a bearer token, there might be an issue with the token itself or how it's being obtained.
Here's how to troubleshoot these issues:
1. Double-check the URL:
2. Verify Authentication:
Additional Tips:
By addressing these points, you should be able to fix the authentication error and successfully make the API call to get project details.