Stay organized with collections
Save and categorize content based on your preferences.
This page contains troubleshooting information for each version of the following
Service Infrastructure APIs:
The Service Management API
The Service Control API
The Service Consumer Management API
How do I handle Service Control API errors in general?
The Service Control API provides control plane functionality, such as
logging, monitoring, to managed services. Therefore, the callers of the
Service Control API typically are server applications. Here are general
recommendations on how to handle errors at the REST/RPC API level:
Your server should log all errors returned by the Service Control API
and you can use the data to toubleshoot your
managed service.
If your server receives 429 errors from the Service Control API, it
should return 429 errors to its clients.
If your server cannot access the Service Control API, it can choose to
either fail-open (ignore the error) or fail-close (return 503 to its
client).
If your server receives 500 errors from the Service Control API, it
should return 500 error to its clients. Such errors typically mean bugs
within the Service Control API.
If your server receives other errors from the Service Control API, it
should return 500 error to its clients. Such errors typically mean bugs
within your managed service.
What does the "service not enabled" error mean?
To use any Google API service, you need to have a Google Cloud project,
enable the service for that project, and pass an API key or an OAuth access
token associated with the project for each API request. See
Auth Guide for details. To fix this error, you need
to enable the service for your project using the Google Cloud console,
Google Cloud CLI, or Service Usage API. To learn how to enable a service, see
Enabling and Disabling Services.
How do I fix permission denied errors?
Such errors typically mean the caller doesn't have the right
Identity and Access Management permission on certain resources. For information on the
required permissions for each of the following Service Infrastructure APIs, see the
respective Access Control page:
It is recommended to perform a retry with exponential intervals plus randomness.
The minimum retry interval should be 30s for 429 quota errors; 1s for 500
and 503 server errors. For other errors, retry should only be performed based
on additional error information. See
google.rpc.Code
for more details.
How do I request higher API quota?
To learn how to apply for higher quota for each of the following
Service Infrastructure APIs, visit the respective section of the
Quotas and Limits page:
How do I fix "Ownership for domain name cannot be verified" errors?
This error indicates the caller does not have the ownership of the domain
name used for the managed service name
specified in a
service configuration.
Follow the guide to use a valid domain.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[],[],null,["# Troubleshooting\n\nThis page contains troubleshooting information for each version of the following\nService Infrastructure APIs:\n\n- The Service Management API\n- The Service Control API\n- The Service Consumer Management API\n\n| **Note:** For Service Infrastructure troubleshooting information for the Service Usage API, see [Troubleshooting](/service-usage/docs/troubleshooting).\n\n### How do I handle Service Control API errors in general?\n\nThe Service Control API provides control plane functionality, such as\nlogging, monitoring, to managed services. Therefore, the callers of the\nService Control API typically are server applications. Here are general\nrecommendations on how to handle errors at the REST/RPC API level:\n\n- Your server should log all errors returned by the Service Control API and you can use the data to toubleshoot your [managed service](/service-infrastructure/docs/glossary#managed).\n- If your server receives `429` errors from the Service Control API, it should return `429` errors to its clients.\n- If your server cannot access the Service Control API, it can choose to either fail-open (ignore the error) or fail-close (return `503` to its client).\n- If your server receives `500` errors from the Service Control API, it should return `500` error to its clients. Such errors typically mean bugs within the Service Control API.\n- If your server receives other errors from the Service Control API, it should return `500` error to its clients. Such errors typically mean bugs within your managed service.\n\n### What does the \"service not enabled\" error mean?\n\nTo use any Google API service, you need to have a Google Cloud project,\nenable the service for that project, and pass an API key or an OAuth access\ntoken associated with the project for each API request. See\n[Auth Guide](/docs/authentication) for details. To fix this error, you need\nto enable the service for your project using the Google Cloud console,\nGoogle Cloud CLI, or Service Usage API. To learn how to enable a service, see\n[Enabling and Disabling Services](/service-usage/docs/enable-disable).\n\n### How do I fix permission denied errors?\n\nSuch errors typically mean the caller doesn't have the right\n[Identity and Access Management](/iam) permission on certain resources. For information on the\nrequired permissions for each of the following Service Infrastructure APIs, see the\nrespective Access Control page:\n\n- [Service Control API Access Control](/service-infrastructure/docs/service-control/access-control)\n- [Service Management API Access Control](/service-infrastructure/docs/service-management/access-control)\n\n### How do I perform a retry on API errors?\n\nIt is recommended to perform a retry with exponential intervals plus randomness.\nThe minimum retry interval should be 30s for `429` quota errors; 1s for `500`\nand `503` server errors. For other errors, retry should only be performed based\non additional error information. See\n[`google.rpc.Code`](https://github.com/googleapis/googleapis/blob/master/google/rpc/code.proto)\nfor more details.\n\n### How do I request higher API quota?\n\nTo learn how to apply for higher quota for each of the following\nService Infrastructure APIs, visit the respective section of the\n[Quotas and Limits](/service-infrastructure/docs/quotas) page:\n\n- [Service Control API Quota](/service-infrastructure/docs/quotas#control)\n- [Service Consumer Management API Quota](/service-infrastructure/docs/quotas#consumer)\n- [Service Management API Quota](/service-infrastructure/docs/quotas#management)\n\n### How do I fix \"Ownership for domain name cannot be verified\" errors?\n\nThis error indicates the caller does not have the ownership of the domain\nname used for the [managed service](/service-infrastructure/docs/glossary#managed) name\nspecified in a\n[service configuration](/service-infrastructure/docs/service-management/reference/rpc/google.api#google.api.Service).\nFollow the [guide](/endpoints/docs/custom-domain) to use a valid domain."]]
