Login/Register
Google Directory API returns 403 for user_list with showDeleted=true
Asked Answered
google-admin-sdk
B

1

0

I thought I had applied all of the necessary scopes / requested the necessary authorizations with the following:

"https://www.googleapis.com/auth/admin.directory.customer.readonly",
"https://www.googleapis.com/auth/admin.directory.domain.readonly",
"https://www.googleapis.com/auth/admin.directory.user.readonly"

I am able to query the Google Directory for a user list successfully, but as soon as I start passing show_deleted: "true" I get the following: 

Caught error forbidden: Not Authorized to access this resource/api
Error - #<Google::Apis::ClientError: forbidden: Not Authorized to access this resource/api>

Google::Apis::ClientError: forbidden: Not Authorized to access this resource/api

I cannot find anything in the API documentation that suggests I needed to request a different authorization type to get deleted users.

Bereniceberenson answered 21/9, 2017 at 18:32 Comment(1)
can you provide code snippet where you are setting showDeleted as true?Fingerstall
B
0

Looking at the same link you've provided, the mentioned scopes are:

https://www.googleapis.com/auth/admin.directory.user.readonly
https://www.googleapis.com/auth/admin.directory.user

Try using that instead.

Note:

admin.directory.user

and not 

admin.directory.user.readonly
Bernetta answered 22/9, 2017 at 8:47 Comment(2)
Unfortunately that does not work either. I tried requesting/granting every scope offered by the API, but it did not change the result. My hunch is that it has to do with the permissions of the Google account who is granting the authorization on the scopes.Bereniceberenson
is this service account related?Bernetta

© 2022 - 2024 — McMap. All rights reserved.