I’m building a Chrome extension that integrates with Google Photos API, but I keep hitting a 403 PERMISSION_DENIED error with the message: "Request had insufficient authentication scopes"
What Works
What I’ve Tried
Manifest.json Configuration:
"scopes": [
"https://www.googleapis.com/auth/calendar.readonly",
"https://www.googleapis.com/auth/photoslibrary.readonly",
"https://www.googleapis.com/auth/photoslibrary"
]
API Endpoints Tested:
Screenshots:
Why does the same token work for Calendar API but fail for Photos API?
Why does the Photos API claim "insufficient scopes" when the token includes them?
Has anyone successfully used Google Photos API in a Chrome extension? Are there hidden requirements or quota limits I’m missing?
the scope photoslibrary.readonly
、photoslibrary
has been deprecated and will be removed after March 31, 2025.
After this date, any API calls using only this scope will return a 403 PERMISSION_DENIED error.
What should you do?
For reading photos, use the https://www.googleapis.com/auth/photoslibrary.readonly.appcreateddata scope.
For other use cases, review the latest Google Photos API documentation for supported scopes and migration instructions.
Reference:
https://developers.google.com/photos/support/updates#affected-scopes-methods