Google Adminsdk目录API访问 [英] Google Adminsdk Directory API access

查看:135
本文介绍了Google Adminsdk目录API访问的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试获取已向指定客户ID注册的chrome设备的列表.

I am trying to get the list of chrome devices registered with the specified customer Id.

我已经完成了以下步骤.

I have done the following Steps.

  1. 启用了Google Admin Directory API
  2. 创建了服务帐户,并下载了jwt.json文件用于 连通性.
  3. 启用了域范围的G-Suite委派特权.

  4. 将此客户端ID注册为授权的API客户端,通过Google 管理员(管理API客户端访问权限)

  1. Enabled Google Admin Directory API
  2. Created Service Account and downloaded the jwt.json file for connectivity.
  3. Enabled the Domain wide G-Suite Delegation previlige.

  4. Registered this client id as authorized API client Thru Google Admin(Manage API client access)

客户ID:我们的客户ID API范围:查看和管理Chrome操作系统设备的元数据 https://www. googleapis.com/auth/admin.directory.device.chromeos 查看您的Chrome操作系统设备的元数据

Client Id : our clientid API Scope: View and manage your Chrome OS devices' metadata https://www.googleapis.com/auth/admin.directory.device.chromeos View your Chrome OS devices' metadata https://www.googleapis.com/auth/admin.directory.device.chromeos.readonly Next I used my Node module to Generate the JWT access

令牌创建成功.

{"access_token":"ya29.c.KpEB****K*********lufaGlx5k********hvAdADxBhOA****8R3rnTPKKnVb97sdPFG66wHy4FPrnx6KskafKXrBBfEgILdDelP-n5irpKm5h8y8oBWHO*******Xg","token_type":"Bearer","expiry_date":1587150649000,"refresh_token":"jwt-placeholder"}

现在,我正尝试使用此Bearer令牌来访问以下API

Now i am trying to use this Bearer toke to access the following API

https://www.googleapis.com/admin /directory/v1/customer/ourcustomerid/devices/chromeos

这总是会出现以下错误.

This is always giving the following error.

{
  "error": {
    "errors": [{
      "domain": "global",
      "reason": "forbidden",
      "message": "Not Authorized to access this resource/api"
    }],

    "code": 403,
    "message": "Not Authorized to access this resource/api"
  }
}

不确定是什么问题.

推荐答案

然后,我已将该主题添加为模拟用户的电子邮件地址.

Then I have added the subject as impersonated users email address. 

const jwtAuth = new google.auth.JWT(
            quickstart.client_email,
            null,
            quickstart.private_key,
            [
                'https://www.googleapis.com/auth/admin.directory.device.chromeos',
                'https://www.googleapis.com/auth/admin.directory.device.chromeos.readonly'
            ],
            'email address of the impersonated user',
);

这篇关于Google Adminsdk目录API访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆