- Cloud project ID:
reviewautomation
What is working
- Both My Business Business Information API and My Business Account Management API
are enabled for the project. Quota pages show non-zero limits. - With my owner OAuth token I can list accounts and see both Location Groups:
curl -s -H “Authorization: Bearer $OWNER_TOKEN”
-H “x-goog-user-project: reviewautomation”
“https://mybusinessaccountmanagement.googleapis.com/v1/accounts” | jq ‘.accounts.name’
=> accounts/xxxxxx
I invited the service account as Owner to each Location Group via the GBP UI
Problem
When I switch to the service-account token I cannot access the invitations:
gcloud auth activate-service-account --key-file=“$SA_JSON”
SA_TOKEN=$(gcloud auth print-access-token
–scopes=https://www.googleapis.com/auth/business.manage)
curl -s -H “Authorization: Bearer $SA_TOKEN”
-H “x-goog-user-project: reviewautomation”
“https://mybusinessaccountmanagement.googleapis.com/v1/accounts/xxxxxx/invitations”
{
“error”: { “code”: 404, “message”: “Requested entity was not found.”, “status”: “NOT_FOUND” }
}
So accounts.invitations.list and :accept both return 404 NOT_FOUND.
Consequently the SA never moves past “Invited” in the UI.
Things I’ve already tried / verified
Added x-goog-user-project header on every request 
Waited 24 h for invitation to propagate (404 persists)
Re-invited SA (remove → invite again)
Tested with a brand-new Location Group same issue
SA can access other Google APIs (Drive, etc.)
It feels like the SA lacks a hidden permission inside GBP (not Cloud IAM), but the docs only mention being invited as Owner, which I did.
Question
What step is still missing so that
accounts/…/invitations.list and …:accept work from the service-account?
Is there an additional role or UI toggle required for service-accounts that isn’t documented? Please help and I can provide any other information as needed. Thank you