目标:
使用服务帐户从GAE Standard python应用程序列出Google GSuite中的用户
是:
GAE标准,Python,GSuite
履行的步骤:
https://developers.google.com/admin-sdk/directory/v1/guides/delegation
0.此链接中的所有步骤列表1.Created服务帐户,2。启用DoD OAuth 2.0客户端ID 3.在gSuite安全性中启用API访问4.在gSuite Manage API客户端访问中添加了授权API客户端&范围
代码:
from oauth2client.service_account import ServiceAccountCredentials
import httplib2
from googleapiclient import discovery
import oauth2client
def main():
"""Shows basic usage of the Google Admin SDK Directory API. Creates a Google Admin SDK API service object and outputs a list of first 10 users in the domain."""
credentials = ServiceAccountCredentials.from_json_keyfile_name(‘keys/key.json',
scopes=['https://www.googleapis.com/auth/admin.directory.user'])
credentials = credentials.create_delegated(‘gsuite.admin.email@domian.com’)
http = credentials.authorize(httplib2.Http())
service = discovery.build('admin', 'directory_v1', http=http)
print('Getting the first 10 users in the domain')
results = service.users().list(customer='my_customer', orderBy='email').execute()
错误:
HttpAccessTokenRefreshError: unauthorized_client: Client is unauthorized to retrieve access tokens using this method.
谢谢,感谢任何有效的例子。
解决方案/问题解决方案
确保您在gSuite Manage API客户端中访问授权API客户端&的 EXACT SCOPE 。范围,我有20多个范围,但不知何故没有这个范围。