I am trying to do the drive ownership transfer using API from the suspended user account to the manager email using a workflow automation tool called n8n and I am getting the error code 403 no matter.

test Use case:

1. Tried to achieve using service account & Oauth as well but none worked

Allowed the following scopes:

1. https://www.googleapis.com/auth/drive

2. https://www.googleapis.com/auth/admin.directory.user

JSON Body:

{
    "newOwnerUserId": "{{ $json.id }}",
    "oldOwnerUserId": "{{ $json.id }}",
    "applicationDataTransfers": [
        {
            "applicationTransferParams": [
                {
                    "key": "PRIVACY_LEVEL",
                    "value": ["SHARED", "PRIVATE"]
                }
            ],
            "applicationId": ["553547912911"]
        }
    ]
}

Error:

{

 "errorMessage": "Forbidden - perhaps check your credentials?",

 "errorDescription": "Request had insufficient authentication scopes.",

 "errorDetails": {

  "rawErrorMessage": [

   "403 - \"{\\n \\\"error\\\": {\\n  \\\"code\\\": 403,\\n  \\\"message\\\": \\\"Request had insufficient authentication scopes.\\\",\\n  \\\"errors\\\": [\\n   {\\n    \\\"message\\\": \\\"Insufficient Permission\\\",\\n    \\\"domain\\\": \\\"global\\\",\\n    \\\"reason\\\": \\\"insufficientPermissions\\\"\\n   }\\n  ],\\n  \\\"status\\\": \\\"PERMISSION_DENIED\\\",\\n  \\\"details\\\": [\\n   {\\n    \\\"@type\\\": \\\"type.googleapis.com/google.rpc.ErrorInfo\\\",\\n    \\\"reason\\\": \\\"ACCESS_TOKEN_SCOPE_INSUFFICIENT\\\",\\n    \\\"domain\\\": \\\"googleapis.com\\\",\\n    \\\"metadata\\\": {\\n     \\\"service\\\": \\\"admin.googleapis.com\\\",\\n     \\\"method\\\": \\\"ccc.hosted.frontend.datatransfer.v1.DatatransferTransfers.Insert\\\"\\n    }\\n   }\\n  ]\\n }\\n}\\n\""

  ],

  "httpCode": "403"

 },

 "n8nDetails": {

  "nodeName": "HTTP Request3",

  "nodeType": "n8n-nodes-base.httpRequest",

  "nodeVersion": 4.2,

  "itemIndex": 0,

  "time": "2/28/2025, 11:32:54 AM",

  "n8nVersion": "1.66.0 (Self Hosted)",

  "binaryDataMode": "default",

  "stackTrace": [

   "NodeApiError: Forbidden - perhaps check your credentials?",

   "  at Object.requestWithAuthentication (/usr/lib/node_modules/n8n/node_modules/n8n-core/src/NodeExecuteFunctions.ts:2000:10)",

   "  at processTicksAndRejections (node:internal/process/task_queues:95:5)",

   "  at Object.requestWithAuthentication (/usr/lib/node_modules/n8n/node_modules/n8n-core/src/NodeExecuteFunctions.ts:3302:11)"

  ]

 }

}

Images attached to the case show the error message and Client ID, Service Account used also and Drive API scopes currently used.

Look forward to your assistance with the correct scope for Drive.