I was working on migration and when I tried to create an endpoint I got:
"Error creating endpoint. Looks like you do not have permission".
I tested the communication using the Test-MigrationServerAvailability cmdlets and I got access denied.
Command:
>Test-MigrationServerAvailability -Gmail -ServiceAccountKeyFileData $([System.IO.File]::ReadAllBytes("C:\\Users\\Maykon\\Downloads\\office365migration.json")) -EmailAddress yourgmailsuperuse@contoso.com
The problem was related to the Domain-wide delegation, I added this to the API Scope:
https://mail.google.com/https://www.google.com/m8/feeds,https://www.googleapis.com/auth/contacts.readonly,https://www.googleapis.com/auth/calendar.readonly,https://www.googleapis.com/auth/admin.directory.group.readonly,https://www.googleapis.com/auth/admin.directory.user.readonly,https://www.googleapis.com/auth/drive,https://sites.google.com/feeds/,https://www.googleapis.com/auth/gmail.settings.sharing,https://www.googleapis.com/auth/gmail.settings.basic,https://www.googleapis.com/auth/contacts.other.readonly,https://www.googleapis.com/auth/calendar,https://www.google.com/m8/feeds/,https://www.googleapis.com/auth/contacts
After that, the Endpoint was created with success.
Source:
Migration from google g suite to office 365 - Error: MigrationPermanentException: The call to https://www.googleapis.com/oauth2/v4/token returned with status code Unauthorized: - Microsoft Q&A