I'm developing RoR application, which allows user to login with google account and download/upload report data from one of his analytics account. I use omniauth-google-oauth2 gem for authorization with google account and google-api-client for interaction with Google Analytics. The problem is that when I try to get accounts list with analytics.management.accounts.list method, passing google token as one of authorization parameters, GA responds with 403 Insufficient permissions error.

I suppose, I have to make user to give permission for reading Analytics data in process of authorization. How can I do this?

I've read a lot of related questions, but didn't find solution to my exact problem.

Here is the code:

require 'google/api_client'

client = Google::APIClient.new(:application_name => 'something you like', :application_version => '1')

client.authorization.access_token = 'HERE_GOES_TOKEN'

ga = client.discovered_api('analytics', 'v3')

client.execute(:api_method => ga.management.accounts.list)

Solved the problem! I had to write proper scopes in OAuth configs.

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :google_oauth2, PROVIDER_KEY, PROVIDER_SECRET,
  {
    :scope => "email, profile, https://www.googleapis.com/auth/analytics, https://www.googleapis.com/auth/analytics.edit, https://www.googleapis.com/auth/analytics.manage.users, https://www.googleapis.com/auth/analytics.readonly",
  }
end