Google admin directory add user

Question

Google admin directory add user

I am trying to insert a user account via https://www.googleapis.com/auth/admin.directory.user . I am using the following gem 'google-api-client', '0.11.1'

.

I have enabled the following: 1, api access enabled 2, domain maintenance domain domain domain 3, resolved realm urls for this service account client id

the code works with a different domain, but for a different account it throws an error.

{
 "error": "unauthorized_client",
 "error_description": "Client is unauthorized to retrieve access tokens using this method."
}

code:

SCOPES = ['https://www.googleapis.com/auth/admin.directory.user'
, 'https://www.googleapis.com/auth/admin.directory.group.readonly']
    ENV['GOOGLE_APPLICATION_CREDENTIALS'] = 'expa-email-c2938bce41f9.json'
 service = Google::Apis::AdminDirectoryV1::DirectoryService.new
  authorization = Google::Auth.get_application_default(SCOPES)
  authorization.sub = user_email
  authorization.fetch_access_token!
  service.authorization = authorization
  service

+3

google-app-engine ruby-on-rails ruby-on-rails-4 google-api google-admin-sdk

Anbazhagan p May 25 '17 at 10:32

source to share

1 answer

abielita · Answer 1 · 2017-05-25T16:44:53+0000

Based on this thread , the service account is a dummy user. For a service account to have access to your account, it must be pre-authorized. You will authorize the service account just like any other user. You can check this sample code .

Additional link:

Client is unauthorized to obtain access tokens using this method of Gmail API C #

The service account must be authorized or cannot access emails for the domain.

"Client is not authorized to obtain access tokens using this method"

Means that you did not authorize it correctly, check the Delegation of domain authority in the service account

Google admin directory add user

More articles: