This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

DNS API is not accessible from a cloud function

Posted on 04-15-2023 06:48 AM
mohitsolanki02
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi,

I am trying to access DNS API of google project 1 from cloud function Node.js code which is deployed on project 2

For credentials, I am using service account key, The service account holds DNS Admin Role on project 1.

mohitsolanki02_0-1681566329616.png

mohitsolanki02_1-1681566393354.png

 

 

Solved Solved
0 5 519
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
kolban
Staff
In response to mohitsolanki02
Reply posted on --/--/---- --:-- AM

I'll make a guess ... 

If we look at the API call you are making which I believe is documented here:

https://cloud.google.com/dns/docs/reference/v1/projects/get

We see under the "Authorization" section a list of "scopes" that the request can be made under.  The most common one that I use is "https://www.googleapis.com/auth/cloud-platform".  If I am reading your code correctly, in your code you have requested just one scope which is "https://www.googleapis.com/auth/firebase.messaging" and if I am interpreting that correctly, by not including one of the documented required scopes, your request will fail.  See what happens if you use one of the documented scopes.

View solution in original post

Jump to Solution
0 Likes
5 REPLIES 5

Posted on --/--/---- --:-- AM
kolban
Staff
Reply posted on --/--/---- --:-- AM

I think I am hearing that you have a NodeJS application that is attempting to make Google Cloud API calls to the DNS API.  That application is coded as a Cloud Function and when the function runs, the Cloud Function fails and throws an exception when the DNS API is invoked.  What exactly does the invocation / code of the DNS API look like?  Which specific API with parameters is being invoked?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
mohitsolanki02
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi ,

Attaching the Screenshot containing the code and DNS API Endpoint

mohitsolanki02_0-1681797469983.png

 

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
kolban
Staff
In response to mohitsolanki02
Reply posted on --/--/---- --:-- AM

I'll make a guess ... 

If we look at the API call you are making which I believe is documented here:

https://cloud.google.com/dns/docs/reference/v1/projects/get

We see under the "Authorization" section a list of "scopes" that the request can be made under.  The most common one that I use is "https://www.googleapis.com/auth/cloud-platform".  If I am reading your code correctly, in your code you have requested just one scope which is "https://www.googleapis.com/auth/firebase.messaging" and if I am interpreting that correctly, by not including one of the documented required scopes, your request will fail.  See what happens if you use one of the documented scopes.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
mohitsolanki02
Bronze 1
Bronze 1
In response to kolban
Reply posted on --/--/---- --:-- AM

We tested the https://www.googleapis.com/auth/cloud-platform". this scope, getting insufficient permission ERR,
I need to use "https://www.googleapis.com/auth/firebase.messaging" this scope to collect the access token.

mohitsolanki02_0-1681907197406.png

 

 

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
mohitsolanki02
Bronze 1
Bronze 1
In response to kolban
Reply posted on --/--/---- --:-- AM

Hi,

Changing the scope "https://www.googleapis.com/auth/cloud-platform" works for me.

Thankyou.

Jump to Solution