I'm trying to create an app where a user can log in using their google account, and I request the scope for forms access, so that if they have a google form they put out, they can give me the formId..

and I will be able to get access to the forms responses via the forms API.

I got the google sign on working with the correct scopes being requested. I got the access token. But when I pass it to my backend server and make a request using it I get:

{
  code: 401,
  message: 'Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.',
  status: 'UNAUTHENTICATED'
}
ERR_BAD_REQUEST
Request failed with status code 401

This is definitely the right token being passed through.

my code looks like:

 this.http
      .get(`https://forms.googleapis.com/v1/forms/${formId}/responses`, {
        headers: {
          Authorization: `Bearer ${key}`,
        },
      })
      .toPromise()
      .then((response) => {
        console.log(response.data);
      })
      .catch((error) => {
        console.log(error.response.data.error);
        console.error(error.code);
        console.error(error.message);
      });

The user that logged in (me) definitely has access to the form requested (the form created by me).

access token is the varialbe 'key'.. and is of the form:

4/0AVHEtk6Kalxxxxxx7gFlvJwQiscKC2qoVDxxxxxxjRe068Nxxxx-xxxxxx929PPHxxxxxx

Where x's are obviously, hidden for this post's sake.

Form ID i copy-pasted from the URL when i access the google form:

1YADM_5W6I7A22GtxWS1BF2ibWpwCRFuZd4zxxxxxxxx

Anyone run into this issue?

I don't have a verified clientId yet on google cloud, but I've set it to non-production and "testing", and I've added my current user to the list of test users so I expect that it should work for local testing with that particular user even IF it's not a verified app yet.