My Business
5.1K members online now
5.1K members online now
For developers who are using the Google My Business API to manage locations
Guide Me

C# Client Library Error unauthorized_client

[ Edited ]
Visitor ✭ ✭ ✭
# 1
Visitor ✭ ✭ ✭

Hi GMB Team,


Currently facing a problem authorizing an account using the service account option on C# Library. I've already had the application allowed on the account I'm using it.






string MybusinessServiceScope = "";
            string serviceAccountEmail = "";

            var certificate = new X509Certificate2(@"pkey.p12", "notasecret", X509KeyStorageFlags.Exportable);

            ServiceAccountCredential credential = new ServiceAccountCredential(
              new ServiceAccountCredential.Initializer(serviceAccountEmail)
                  Scopes = new[] { MybusinessServiceScope },
                  User = ""

            var service = new MyBusinessService(new BaseClientService.Initializer()
                HttpClientInitializer = credential,
                ApplicationName = "Apollo Motorhomes Holiday",
            var accountsListRequest = service.Accounts.List();
            ListAccountsResponse accountsResult = accountsListRequest.Execute();

That's the code I was using, and the response I got is:


Google.Apis.Auth.OAuth2.Responses.TokenResponseException: Error:"unauthorized_client", Description:"Client is unauthorized to retrieve access tokens using this method.", Uri:""


Any hints on how I can authorize the account properly? If you could just provide on how I can use the library properly or authorize the account used, it will be much appreciated.



Apollo Motorhome Holidays

1 Expert replyverified_user

Re: C# Client Library Error unauthorized_client

Google Employee
# 2
Google Employee

Hi @amh g,


Since you are building a service account application, please make sure you are requesting user consent involving human interaction for each Google Account that you need to access the Google My Business data from and manually authorize your app during OAuth 2.0 flow at least once prior to authenticating with the public/private key pair. You can request user consent using OAuth 2.0 installed applications flow, OAuth 2.0 web server applications flow. However, you don’t have to save your retrieved refresh tokens for a service account application. Instead, you specify the user to impersonate by specifying the email address of the user account for access to their Google My Business data when you prepare to make authorized API calls. This is because a service account is an account that belongs to your application instead of an individual end user with a Google Account.


Please check out this Accepted Solution for requesting user consent for a service account application.



The Google My Business API Team