我正在尝试为Directory API创建自动化脚本来创建Apps用户。我认为我很接近,因为下面的代码在某种程度上运行:我可以输入'password'参数,但之后与其他参数一起发送它会崩溃并出现此错误:
引发HttpError(resp,content,uri = self.uri) apiclient.errors.HttpError:https://www.googleapis.com/admin/directory/v1/users?alt=json返回 “未授权访问此资源/ api”>
以下是剧本:
import httplib2
import pprint
import sys
import json
import urllib
import urllib2
from apiclient import errors
from apiclient.discovery import build
from oauth2client.client import SignedJwtAssertionCredentials
def main(argv):
# Load the key in PKCS 12 format that you downloaded from the Google API
# Console when you created your Service account.
f = file('key.p12', 'rb')
key = f.read()
f.close()
# Create an httplib2.Http object to handle our HTTP requests and authorize it
# with the Credentials. Note that the first parameter, service_account_name,
# is the Email address created for the Service account. It must be the email
# address associated with the key that was created.
credentials = SignedJwtAssertionCredentials('CLIENT_EMAIL',
key, scope='https://www.googleapis.com/auth/admin.directory.user')
http = httplib2.Http()
http = credentials.authorize(http)
#Parameters for new user
params = {'name':{'givenName':'John', 'familyName':'Smith'}, \
'password':raw_input("Enter password "), 'primaryEmail':'jsfake@bn.co'}
service = build("admin", "directory_v1", http=http)
insertedUser = service.users().insert(body=params).execute()
if __name__ == '__main__':
main(sys.argv)
答案 0 :(得分:0)
您需要将具有管理员权限的帐户电子邮件传递到以下凭据:
credentials = SignedJwtAssertionCredentials('CLIENT_EMAIL',
key, scope='https://www.googleapis.com/auth/admin.directory.user', sub='superadmin@domain.com')