[google-api] Google API authentication: Not valid origin for the client

When making an auth request to the Google API (gapi), it's returning false on the checkOrigin.

I have removed any client id's or anything that would link directly to my account and replaced it with a regex indicating what the data is for reference.

Url: https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Flocal.tools&client_id=(\d{21})

My origin url is a local url, which is https://local.tools

Result: {valid: false}

I'm using the example found here without deviation (except for replacing clientid with my 21 digit clientid): https://ga-dev-tools.appspot.com/embed-api/third-party-visualizations/

The items I'm trying to display show up nicely on the demo site, but aren't getting past the Not valid origin for the client error on my local.tools site.

The answer is


If you are running it on localhost change the port to 5000 and it will fix it


Credentials do not work if API is not enabled. In my case the next steps were needed:

  1. Go to https://console.developers.google.com/apis/library
  2. Enter 'People'
  3. From the result choose 'Google People API'
  4. Click 'Enable'

try clear caches and then hard reload, i had same error but when i tried to run on incognito browser in chrome it worked.


Trying on a different browser(chrome) worked for me and clearing cache on firefox cleared the issue.

(PS: Not add the hosting URIs to Authorized JavaScript origins in API credentials would give you Error:redirect_uri_mismatch)


Key Point: Add both http://localhost and http://localhost:port_number to the Authorized JavaScript origins box for local tests or development.


clearing the cache works for me.

for React developers try to restart the project otherwise it will show the same error again and again.


For me - I just went here:

https://console.developers.google.com/apis/credentials

Then chose the right project; then choose the credential with the same ID shown in your console error message. When editing the credentials you can add multiple origins to the white list.


Clear your browser cache. Started getting this error in Chrome and then I created a new client id and was still getting the issue. Opened firefox and it worked, so I cleared the cache on Chrome and it started working.


I got the error because of Allow-Control-Allow-Origin: * browser extension.


Creating new oauth credentials worked for me


Examples related to google-api

Google API authentication: Not valid origin for the client Using Postman to access OAuth 2.0 Google APIs How can I validate google reCAPTCHA v2 using javascript/jQuery? This IP, site or mobile application is not authorized to use this API key Is there a Google Keep API? OAuth2 and Google API: access token expiration time? invalid_grant trying to get oAuth token from google Alternative to google finance api How do I access (read, write) Google Sheets spreadsheets with Python? How to refresh token with Google API client?

Examples related to google-oauth

Google API authentication: Not valid origin for the client Using Postman to access OAuth 2.0 Google APIs Google OAUTH: The redirect URI in the request did not match a registered redirect URI Refused to display in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN' invalid_client in google oauth2 OAuth2 and Google API: access token expiration time? Where can I get Google developer key Why do access tokens expire? Google Authenticator available as a public service? How can I verify a Google authentication API access token?

Examples related to google-analytics-api

Google API authentication: Not valid origin for the client Number of visitors on a specific page How to refresh token with Google API client?

Examples related to google-api-js-client

Google API authentication: Not valid origin for the client How can I access Google Sheet spreadsheets only with Javascript?