I saw some of the posts to get directory contacts using contacts API implemented under GData that is deprecated. So is there any other way to get organization contacts via People API or Directory API for user?
I tried to get Organization contacts for user using Directory API based on the link. Retrieve a user as a non-administrator
I have done the steps mentioned in the below link :
Turn the global Directory on or off
Still i am getting following error.
{
"code" : 403,
"errors" : [ {
"domain" : "global",
"message" : "Not Authorized to access this resource/api",
"reason" : "forbidden"
} ],
"message" : "Not Authorized to access this resource/api"
}
My Questions:
Can user get organization contacts under directory?
If yes, what Api need to use ?
Related
I need to access all files of an organisation in TeamDrives via a server-to-server app. All users that have access to the files have emails username#organisation-domain.
I created a service account and see it listed in the Google Console (Oganisation -> Project -> IAM Admin -> IAM) together with the currently logged user (username#organisation-domain) that has the admin role and the full access to the files in TeamDrives.
Via this service account I make request "/drive/v3/files?corpora=domain" which returns:
"domain": "global",
"reason": "invalid",
"message": "Invalid Value",
"locationType": "parameter",
"location": "q"
though there's no "q"-parameter.
If I remove "corpora=domain" part, I get all files that belong the service account.
I tried to add any q-parameter just to try, e.g. "q=name+contains+'text'". Without corpora everything is ok - I get the filtered files (belonging the service account of course). If I add corpora=domain, I get the same error about invalid parameter.
I tried corpus=domain, corpora=DOMAIN etc. from other answers, no result. corpus=domain and corpus=DOMAIN give the same error. corpora=DOMAIN and corpora=default give "Invalid Value" error (without location).
No matter what I try I just keep getting this strange error - invalid value in the q even if there's no q-parameter.
I tried also
corpora: "teamDrive",
includeTeamDriveItems: true,
supportsTeamDrives: true,
teamDriveId: 'XXX',
The service account (via email name#id.iam.gserviceaccount.com) has been added to the members of the TeamDrive ID in the request, but I get:
"domain": "global",
"reason": "teamDriveMembershipRequired",
"message": "The attempted action requires Team Drive membership."
Any ideas what do I do wrong?
I want to make Google receipt validation. I set everything by Marc Greenstock. When I try verified purchase I get response permissionDenied. For me is everything correct and I don't know how to find a mistake. The user has administrator role in Google Play Developer console.
Google developer console:
I enabled "Google Play Android Developer API"
I created service account keys with role Owner
I downloaded JSON file
Google play Developer console:
Link correct project
For correct user set administrator role. The same user is in the file.
Response:
{
"code" : 401,
"errors" : [ {
"domain" : "androidpublisher",
"message" : "The current user has insufficient permissions to perform the requested operation.",
"reason" : "permissionDenied"
} ],
"message" : "The current user has insufficient permissions to perform the requested operation."
}
I tried friend private_key, client_id and client_email and everything works fine. Code is good. I something forgot during configuration but I don't know what.
I forgot to add scope ".../auth/androidpublisher" in Google developer console.
After you add scope you should save credentials at the bottom of page.
I am trying to use the Google Cloud Resource Manager API to test whether the authenticated user has permissions to a given project. I have read the [Google Cloud Resource Manager API documentation][1] and have tried sending requests, all which fail with the following error:
{ "error": { "code": 400, "message": "Request contains an invalid argument.", "status": "INVALID_ARGUMENT" } }
The POST request is:
https://cloudresourcemanager.googleapis.com/v1/projects/{projectId}:testIamPermissions
where {projectId} is a defined projectId from the Google Cloud Developer Console. I am aware that I can use the project.list method and determine if the given projectId is present in the list of projects for the user. I want to understand how to use the project.testIamPermissions request and determine which permission the user has on the project. [1]: https://cloud.google.com/resource-manager/reference/rest/v1/projects/testIamPermissions
In order to use the Cloud Resource Manager API methods organizations.testIamPermissions or projects.testIamPermissions, you need to provide the resource you'd like to check in the URL and then the permissions you'd like to check in the body.
So, for example, if I want to test if I, the authenticated user, have access to a particular permission (ex. compute.instances.create) on a particular project (ex. my-project) then, I would POST this:
{
"permissions": [
"compute.instances.create"
]
}
to the URL:
https://cloudresourcemanager.googleapis.com/v1/projects/my-project:testIamPermissions
which would give me the following response:
{
"permissions": [
"compute.instances.create"
]
}
because I do in fact have permissions to create new instances in my-project.
However, if I did not have permission to create new instances, the response would look like:
{
}
Try it here via the API Explorer.
If your goal is to find the test of all permissions that the user has on the project, then you have to provide the full list of all project level permissions in your request body and the response will include the subset of those permissions that the user has.
Hope this helps!
I recieve This a google error when using the url directly along with a newly created project (with no other projects listed) I continously get the below error....
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "accessNotConfigured",
"message": "Access Not Configured. Please use Google Developers Console to activate the API for your project."
}
],
"code": 403,
"message": "Access Not Configured. Please use Google Developers Console to activate the API for your project."
}
}
I know there have seen a few posts on this subject. and I have followed the instructions listed. I even created new project...
turned on fusion table in console (tried with both only fusion api on and nothering else & standard api
generated public key with the referers *
Consent screen filled out
fusion table Download allowed checked
shared with permission for "anyone with link" is selected
url = https://www.googleapis.com/fusiontables/v1/tables/105Otxh5ltQsKBr-ABqYJ8vBuB6E9Ped2MfXj3AZy/templates?&key=AIzaSyCr_wIc0aEHUG6Pl08kHDYLqWRB_PqZsE0
docid = 105Otxh5ltQsKBr-ABqYJ8vBuB6E9Ped2MfXj3AZy
key = AIzaSyCr_wIc0aEHUG6Pl08kHDYLqWRB_PqZsE0
Just what am I missing. I have the google php api client to use a service account.. but if I cant pull up the tables, query or anything via the base api url then i can move forward... untill then Im stuck. Thank in advance anyone!
Our customers are getting errors trying to import users from their Google Apps domain into our application using users.list in the Directory API (Admin SDK). This was previously working, but for the past few days we've been seeing the following errors.
OAuth users.list.execute error: com.google.api.client.googleapis.json.GoogleJsonResponseException: 503 OK { "code" : 503, "errors" : [ { "domain" : "global", "message" : "Service unavailable. Please try again", "reason" : "backendError" } ], "message" : "Service unavailable. Please try again" }
Does the Apps Marketplace app have to be enabled for the entire domain, or should this still work if it's enabled for a specific OU?