google-oauthscopesgoogle-play-integrity-api

How to get Integrity Verdict Response of Google Play Integrity API


I want to access the decrypted and verified Integrity Verdict Response using the Integrity Token. I am trying to access using POSTMAN but getting some error, unable to get the possible solution.

I created the account on google play console and used the android project to access the integrity token as mentioned in the google documentation. https://developer.android.com/google/play/integrity/standard#request-integrity

As mentioned in the google documentation found the google API that needs to be used to decrypt and verify the integrity token and get the Integrity Verdict. https://i.sstatic.net/5AGK9.png

I tried calling this api in POSTMAN with the help of few research but getting error with the scopes "Request has insufficient authentication scopes". Having such error as shown in image Also tried to search in OAuth 2.0 scopes https://developers.google.com/identity/protocols/oauth2/scopes of Google APIs but unable to find the Google Play Integrity API scopes. Please help with the solution that how can we access the integrity verdict via Postman or any other way.


Solution

  • You need to authenticate with a service account that has the basic service account permissions. See the 'Decrypt and verify the integrity verdict' section.

    Create a service account within the Google Cloud project that's linked to your app. During this account creation process, you need to grant your service account the roles of Service Account User and Service Usage Consumer.

    This blog post should get you started if you've not done this before on Postman: Using Postman to access a Google API

    Also make sure you request the integrity token using the correct Google Cloud project ID that's linked to the project where you enabled the Integrity API. I made that mistake and also received the 'insufficient authentication scopes' error until I used the correct ID.