Google API authentication: Not valid origin for the client
Google ApiGoogle OauthGoogle Analytics-ApiGoogle Api-Js-ClientGoogle Api Problem Overview
When making an auth request to the Google API (gapi), it's returning false on the checkOrigin.
I have removed any client id's or anything that would link directly to my account and replaced it with a regex indicating what the data is for reference.
Url: https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Flocal.tools&client_id=(\d{21})
My origin url is a local url, which is https://local.tools
Result: {valid: false}
I'm using the example found here without deviation (except for replacing clientid with my 21 digit clientid): https://ga-dev-tools.appspot.com/embed-api/third-party-visualizations/
The items I'm trying to display show up nicely on the demo site, but aren't getting past the Not valid origin for the client error on my local.tools site.
Google Api Solutions
Solution 1 - Google Api
Clear your browser cache. Started getting this error in Chrome and then I created a new client id and was still getting the issue. Opened firefox and it worked, so I cleared the cache on Chrome and it started working.
Solution 2 - Google Api
I received the same console error message when working with this example: https://developers.google.com/analytics/devguides/reporting/embed/v1/getting-started
The documentation says not to overlook two critical steps ("As you go through the instructions, it's important that you not overlook these two critical steps: Enable the Analytics API [&] Set the correct origins"), but does not clearly state WHERE to set the correct origins.
Since the client ID I had was not working, I created a new project and a new client ID. The new project may not have been necessary, but I'm retaining (and using) it.
Here's what worked:
- Create a new project
- Add and Enable the Analytics API
- Create a new credential - ensure that it is an OAUTH credential (scroll to the bottom of this page for instructions https://developers.google.com/api-client-library/javascript/start/start-js#Setup).
During creation of the credentials, you will see a section called "Restrictions Enter JavaScript origins, redirect URIs, or both". This is where you can enter your origins.
Save and copy your client ID (and secret).
My script worked after I created the new OAUTH credential, assigned the origin, and used the newly generated client ID following this process.
Solution 3 - Google Api
try clear caches and then hard reload, i had same error but when i tried to run on incognito browser in chrome it worked.
Solution 4 - Google Api
Credentials do not work if API is not enabled. In my case the next steps were needed:
- Go to https://console.developers.google.com/apis/library
- Enter 'People'
- From the result choose 'Google People API'
- Click 'Enable'
Solution 5 - Google Api
Key Point: Add both http://localhost and http://localhost:port_number to the Authorized JavaScript origins box for local tests or development.
Solution 6 - Google Api
Creating new oauth credentials worked for me
Solution 7 - Google Api
For me - I just went here:
https://console.developers.google.com/apis/credentials
Then chose the right project; then choose the credential with the same ID shown in your console error message. When editing the credentials you can add multiple origins to the white list.
Solution 8 - Google Api
You probably use Client ID like this:
Make sure your client ID is without ".apps.google.com"
Solution 9 - Google Api
After updated Authorized JavaScript origins browser still caching old data, so I need to Empty cache and hard reload then it works
1. Change Authorized origins
2. Open Dev Tool (F12) then right-click into reload button
Solution 10 - Google Api
Clearing the cache on chrome works!
Please find the steps below to clear the cache.
- Open dev tools (Right-click on the page and select inspect/ press F12)
- Right-click on the chrome reload button while the dev tool is opened. (You will find the option to clear the cache and reload the site)
Solution 11 - Google Api
clearing the cache works for me.
for React developers try to restart the project otherwise it will show the same error again and again.
Solution 12 - Google Api
It was a referrer-policy problem.
This has been such a pain for a long time to me too...
> Found the issue, my website instance had a referrer policy set to > no-referrer. After setting it to no-referrer-when-downgrade, the One > Tap prompt showed up as expected.
https://stackoverflow.com/a/63039142/15565029
If you are using Django, SECURE_REFERRER_POLICY is 'same-origin' by default. Change it by adding the below code in your settings file.
# settings.py
SECURE_REFERRER_POLICY = 'no-referrer-when-downgrade'
https://docs.djangoproject.com/en/3.2/ref/settings/#std:setting-SECURE_REFERRER_POLICY
Solution 13 - Google Api
Similar to few answers at above but with screenshots. If you created project for Firebase, may also use the same steps to configure at Google Cloud Platform console.
- Select the project at https://console.cloud.google.com/
- Navigate to Credentials
- Click Edit button for the related OAuth 2.0 Client ID
- Add URI into Authorized JavaScript origins
- Don't forget to Save
Solution 14 - Google Api
I got the error because of Allow-Control-Allow-Origin: * browser extension.
Solution 15 - Google Api
Trying on a different browser(chrome) worked for me and clearing cache on firefox cleared the issue.
(PS: Not add the hosting URIs to Authorized JavaScript origins in API credentials would give you Error:redirect_uri_mismatch)
Solution 16 - Google Api
That worked for me after trying for an hour:
On https://console.cloud.google.com/apis/credentials :
- Edit Client Outh (mine was: Web Client (Auto Created by Google Service), which was created by my Firebase Web Project)
- Enter JavaScript Origin for the Client ID (mine was: localhost:NNNN) and don't forget to Save.
- Try google login for half an hour: didn't work
- Enabled Google Analytics as suggested above
- Empty Chrome cache and hard reload as suggested above
- Try google login for half an hour: didn't work
- Sign Out from https://console.cloud.google.com, and sign in again
- Empty Chrome cache and hard reload
- Now it worked
I don't know which one of the above fixed the problem. May be it was just a matter of time for cloud.google to recognize my new JavaScript Origin.
Solution 17 - Google Api
If you are running it on localhost change the port to 5000 and it will fix it