My Business
2.2K members online now
2.2K members online now
For developers who are using the Google My Business API to manage locations
Guide Me

401 - "message": "Request had invalid authentication credentials." -- it was working though

[ Edited ]
Visitor ✭ ✭ ✭
# 1
Visitor ✭ ✭ ✭

 So this has happened to me twice now. I downloaded the php client code. 


I converted the multi-api.php code to work with GMB and it was fine. Until I started getting this message an hour or so into working with it. 


So I couldn't figure it out, thought I would convert a different file and I did. I started working with the url-shortner.php example and that started working. I had locations showing up, I reviews being listed out and I started to display them in nice tables.... and it stopped workng again. I thought maybe I was hitting some quotas but it's been two days now and I still can't have it list my account out. I just get this error: 


PHP Fatal error:  Uncaught Google_Service_Exception: {
"error": {
"code": 401,
"message": "Request had invalid authentication credentials.",
"errors": [
"message": "Request had invalid authentication credentials.",
"domain": "global",
"reason": "unauthorized"


If I use the oauthplayground that works fine...


Here is the php code any insight would be very helpful .

* Copyright 2011 Google Inc.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* See the License for the specific language governing permissions and
* limitations under the License.

include_once __DIR__ . '/../vendor/autoload.php';
include_once "templates/base.php";

echo pageHeader('User Query - URL Shortener');

* Ensure you've downloaded your oauth credentials
if (!$oauth_credentials = getOAuthCredentialsFile()) {
echo missingOAuth2CredentialsWarning();

* Make an API request on behalf of a user. In
* this case we need to have a valid OAuth 2.0
* token for the user, so we need to send them
* through a login flow. To do this we need some
* information from our API console project.
* The redirect URI is to this page, e.g:
* http://localhost:8080/simplefileupload.php
$redirect_uri = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
echo "<br>$redirect_uri</br>";
$client = new Google_Client();

* When we create the service here, we pass the
* client to it. The client then queries the service
* for the required scopes, and uses that when
* generating the authentication URL later.
$service = new Google_Service_Urlshortener($client);
$bus_service = new Google_Service_Mybusiness($client);

* If we're logging out we just need to clear our
* local access token in this case
if (isset($_REQUEST['logout'])) {

* If we have a code back from the OAuth 2.0 flow,
* we need to exchange that with the
* Google_Client::fetchAccessTokenWithAuthCode()
* function. We store the resultant access token
* bundle in the session, and redirect to ourself.
if (isset($_GET['code'])) {
$token = $client->fetchAccessTokenWithAuthCode($_GET['code']);

// store in the session also
$_SESSION['access_token'] = $token;

// redirect back to the example
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));

if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
} else {
$authUrl = $client->createAuthUrl();

if ($client->getAccessToken() ) {
$_SESSION['access_token'] = $client->getAccessToken();
if ($client->isAccessTokenExpired()) {
echo "access token expired!<br>";

echo "Wooo!";

<?php if (isset($authUrl)):

<div class="request">
<a class='login' href='<?= $authUrl ?>'>Connect Me!</a>
<?php elseif (empty($short)):

$accounts = $bus_service->accounts;
$accountsList = $accounts->listAccounts()->getAccounts();


<a class='logout' href='?logout'>Logout</a>

<?php endif ?>




So I am using

along with the mybusiness php sample code one can download from the developer page for GMB. 



 Edit 1:



I added this to the scopes and it seemed to fix the issue for now:



Edit 2: 


Issue is back. I pressed logout, which essentially unset the token from the session and now when I log back in, it gives me the same 401 error. I tried to do what I did before. Added a new scope but that does not seem to work. 


1 Expert replyverified_user

Re: 401 - "message": "Request had invalid authentication credentials." -- it

Google Employee
# 2
Google Employee

Hi @Mubashshir Z,


The scope variable parameter controls the set of resources and operations permitted by an OAuth 2.0 access token which you obtain for authentication via the API. It is generally a best practice to request scopes incrementally, at the time access is required, rather than up front.


Please make sure that you’re using the v1-branch of the repository on GitHub as instructed on the Installation page of the Google API Client Library for PHP.


We highly recommend using the OAuth 2.0 client ID for an installed app or web app flow and persisting the refresh token so that your application will always be able to request a new access token when necessary. This process requires a user to manually authorize the application during the OAuth 2.0 flow only once.


You can find the code snippet for using the OAuth 2.0 client ID and persisting the refresh token as well as the code snippet for using a service account, both via the v1-branch of the Google API Client Library for PHP, in this thread.


For more information about using a service account with the Google API Client Library for PHP, please check out this Accepted Solution.