The code that you wrote to calling to google API worked perfectly before but one day it suddenly return the error like below:
{ "error": "unauthorized_client", "error_description": "Client is unauthorized to retrieve access tokens using this method." }
This is because you might miss the authorization scopes in the Google Service Account that you are using for your application.
This issue would be fixed by doing the following instructions. These steps must be performed by an administrator of the Google Apps domain:
- Go to your Google Apps domain’s Admin console.
- Select Security from the list of controls. If you don’t see Security listed, select More controls from the gray bar at the bottom of the page, then select Security from the list of controls. If you can’t see the controls, make sure you’re signed in as an administrator for the domain.
- Select Advanced settings from the list of options.
- Select Manage third party OAuth Client access in the Authentication section.
- In the Client name field enter the service account’s Client ID.
- In the One or More API Scopes field enter the list of scopes that your application should be granted access to. For example, if your application needs domain-wide access to the Google Drive API and the Google Calendar API, enter: https://www.googleapis.com/auth/drive, https://www.googleapis.com/auth/calendar.
The scopes are coma-delimited. - Click Authorize.
When you are done, you should see the Authorized API Clients