Google Sign in is not working as expected in nakama

So i am getting this error in my server console

{“level”:“warn”,“ts”:“2024-11-21T10:52:58.057Z”,“caller”:“social/social.go:974”,“msg”:“error response code from social request”,“provider”:“google play services”,“code”:403,“body”:“{\n “error”: {\n “code”: 403,\n “message”: “Request had insufficient authentication scopes.”,\n “errors”: [\n {\n “message”: “Insufficient Permission”,\n “domain”: “global”,\n “reason”: “insufficientPermissions”\n }\n ],\n “status”: “PERMISSION_DENIED”,\n “details”: [\n {\n “@type”: “type.googleapis.com/google.rpc.ErrorInfo”,\n “reason”: “ACCESS_TOKEN_SCOPE_INSUFFICIENT”,\n “domain”: “googleapis.com”,\n “metadata”: {\n “method”: “google.play.games.games.v1.Players.GetPlayer”,\n “service”: “games.googleapis.com”\n }\n }\n ]\n }\n}\n”}

This is throwing error
Session = await Client.AuthenticateGoogleAsync(token, userName, isCreateNew=false);

This is working fine
Session = await Client.AuthenticateGoogleAsync(token, userName, isCreateNew=true,loginData);

Expected Result

Can’t sign in to old google account when i set the is create new to false

Actual Result

always has to use sign in to old google account when i set the is create new to true

Hello @Rojash,

Something doesn’t quite add up, the token validation with Google should have nothing to do with the create flag, as the validation is always done regardless of create being true or false.

I’m also not sure I understand the expected result - create set to false will ensure that if the account already exists it won’t be created.

Moreover, the error you’re seeing is clear, there’s something wrong with the service account credentials being used in the Nakama config, seems like it requires permissions, please double check.