Google drive upload error - Oauth2: cannot fetch token: 400 Bad Request


I've been using rclone to upload files to a list of Google Drive accounts, which was working perfectly and then just stopped working throwing the following error:

ERROR : : error reading destination directory: couldn't list directory: Get
d5Checksum%2Ctrashed%2CmodifiedTime%2CcreatedTime%2CmimeType%2Cparents%2CwebViewLink%29%2CnextPageToken&pageSize=1000&prettyPrint=false&q=trashed%3Dfalse+and+%28%27root%27+in+parents%29+and+% oauth2: cannot fetch token: 400 Bad Request
At C:\RClone\CSVCopy.ps1:11 char:1

  • rclone -v --drive-impersonate $userName copy $path gdrive:Test --filter-from "C: ...
  •   + CategoryInfo          : NotSpecified: (2019/08/02 11:4...400 Bad Request:String) [], RemoteException
      + FullyQualifiedErrorId : NativeCommandError

Response: {
"error": "invalid_request",
"error_description": "Invalid impersonation \u0026quot;sub\u0026quot; field."

I've tried re-creating the remote using the same service account file and also creating a new service account file, both of which haven't done the trick.

Any help would be much appreciated, rclone has been an invaluable tool recently!

Many thanks in advance


A 400 bad request typically occurs when either there is something malformed in the syntax or something is "not within spec" so to speak - leading to a refusal. This should indicate a client-side problem in most cases.

It seems unlikely the syntax would be wrong given it has been working and Gdrive is popular and well-tested in rclone, and if google changed the interface we probably would have had more reports on it.
I would however check just to make certain if the problem occurs when using regular non-service accounts just to see if that's directly related. It's not impossible they put in a new restriction of some sort.

In any case I would highly recommend you make an error log using "--dump headers" so we can see the actual formatting of the request that fails. Given that this triggers the error it will no doubt be invaluable. I probably won't be able to interpret it well enough, but others here probably can.

rclone version shows what?

Can you run the same command with -vv on it and share the full command you are running without all the variables in it?

So this is something to do with refreshing the token...

Response: {
"error": "invalid_request",
"error_description": "Invalid impersonation \u0026quot;sub\u0026quot; field."

I'm not sure what that means...

A log with -vv --dump bodies of that error would be very useful plus a note of your command line.

Turned out to be an error in the csv being used. I had checked this in the first place but there turned out to be a copy that had been changed.

Apologies if this has wasted any time and thank you all.

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.