Google People API throwing 403 error about scope -

i trying use google people api, allows me retrieve user's contacts. here's code:

$scripturi = "http://".$_server["http_host"].$_server['php_self']; $client = new google_client(); $client->setclientid('omitted'); $client->setclientsecret('omitted'); $client->setredirecturi($scripturi); //$client->setaccesstype('offline');  $client->setscopes(array('https://www.googleapis.com/auth/plus.login', 'https://www.googleapis.com/auth/contacts.readonly', 'profile'));  if (isset($_get['oauth'])) {   // start auth flow redirecting google's auth server   $auth_url = $client->createauthurl();   header('location: ' . filter_var($auth_url, filter_sanitize_url)); } else if (isset($_get['code'])) {   // receive auth code google, exchange access token, ,   // redirect base url   $client->authenticate($_get['code']);   $_session['access_token'] = $client->getaccesstoken();   $redirect_uri = 'http://' . $_server['http_host'] . '/';   header('location: ' . filter_var($redirect_uri, filter_sanitize_url)); } else if (isset($_session['access_token']) && $_session['access_token']) {   // have access token; use call people api   $client->setaccesstoken($_session['access_token']);   $people_service = new google_service_people($client);   $connections = $people_service->people->get('people/me');   // todo: use service object request people data } else {   $redirect_uri = 'http://' . $_server['http_host'] . '/?oauth';   header('location: ' . filter_var($redirect_uri, filter_sanitize_url)); } 

when $connections line called, following error thrown:

uncaught exception 'google_service_exception' message 'error calling https://people.googleapis.com/v1/people/me: (403) caller not have permission request "people/me". request requires 1 of following scopes: [profile, https://www.googleapis.com/auth/plus.login].

i can't figure out why error occurring since scope set above.

all appreciated!

i used code without issue. guess $_session['access_token'] contains access token doesn't have correct scopes authorized. go through auth flow again make sure you new access token correct scopes authorized.