google-cloud-platformgoogle-oauthgoogle-geminigoogle-generativeai

Google generativeai 403 Request had insufficient authentication scopes. [reason: "ACCESS_TOKEN_SCOPE_INSUFFICIENT"


I have tried the simple POC for generativeai on its own to do 'generate_content' and it works. Now I am trying to integrate the generativeai to existing project and just trying to get the model only and it is throwing this.

import google.generativeai as genai

genai.configure(api_key=GOOGLE_GEMINI_API)
model_name = "gemini-1.5-flash"
model = genai.GenerativeModel(model_name=model_name)
response = model.generate_content('Hello there.')


# Error
google.api_core.exceptions.PermissionDenied: 403 Request had insufficient authentication scopes. [reason: "ACCESS_TOKEN_SCOPE_INSUFFICIENT"
domain: "googleapis.com"
metadata {
  key: "service"
  value: "generativelanguage.googleapis.com"
}
metadata {
  key: "method"
  value: "google.ai.generativelanguage.v1beta.GenerativeService.GenerateContent"
}

I am suspecting that there is a conflict of ADC (Application Default Credential) issue. Cause the existing project is configured with ADC. However I want to leave it alone and I want google gemini API key to be a separate module and I don't want it tied to existing project. (Nor I want yet another google cloud project to manage at this point.) Still, getting google gemini key, it has created google cloud project nonetheless. Are there a way to make generativeai API not picking up the credential from the existing ADC ? I am using the Python library. I need help from google cloud platform oauth credential expert on this infamous area, I think.

Here is the google generativeai code on github

https://github.com/google-gemini/generative-ai-python/blob/v0.7.0/google/generativeai/client.py#L272-L311


Solution

  • Every time i have seen "ACCESS_TOKEN_SCOPE_INSUFFICIENT" error it has been due to the fact that i wasn't not sending an api key or that the env far that I was sending was null.

    genai.configure(api_key=GOOGLE_GEMINI_API)
    

    Personally i normal use a .env file for my env vars and use pip python-dotenv

    I believe though that if you are loading from a linux environment you can use

    my_var = os.environ.get('MY_ENV_VAR')
    

    As I have personally had this issue before. I have submitted a feature request to the client library #450