Google Admin Api给出HTTP错误403：未授权访问此资源/ api [英] Google Admin Api gives HTTP error 403: Not Authorized to access this resource/api

问题描述

我正在尝试为Directory API创建自动化脚本以创建Apps用户。我想我已经接近了，因为下面的代码在某种程度上可以运行：我可以输入'password'参数，但是在与其他参数一起发送后，它会因以下错误而崩溃：

I'm trying to make an automation script for the Directory API to create Apps Users. I think I'm close because the below code runs to some extent: I can input the 'password' parameter but after that gets sent with the other params it crashes with this error:

提高HttpError（resp，content，uri = self.uri）
apiclient.errors.HttpError：https://www.googleapis.com/admin/directory/v1/users ？alt = json返回了
未授权访问此资源/ api>

raise HttpError(resp, content, uri=self.uri) apiclient.errors.HttpError: https://www.googleapis.com/admin/directory/v1/users?alt=json returned "Not Authorized to access this resource/api">

这是脚本：

import httplib2
import pprint
import sys
import json
import urllib
import urllib2

from apiclient import errors
from apiclient.discovery import build
from oauth2client.client import SignedJwtAssertionCredentials

def main(argv):
  # Load the key in PKCS 12 format that you downloaded from the Google API
  # Console when you created your Service account.
  f = file('key.p12', 'rb')
  key = f.read()
  f.close()

  # Create an httplib2.Http object to handle our HTTP requests and authorize it
  # with the Credentials. Note that the first parameter, service_account_name,
  # is the Email address created for the Service account. It must be the email
  # address associated with the key that was created.
  credentials = SignedJwtAssertionCredentials('CLIENT_EMAIL', 
    key, scope='https://www.googleapis.com/auth/admin.directory.user')
  http = httplib2.Http()
  http = credentials.authorize(http)

  #Parameters for new user
  params = {'name':{'givenName':'John', 'familyName':'Smith'}, \
            'password':raw_input("Enter password "), 'primaryEmail':'jsfake@bn.co'}

  service = build("admin", "directory_v1", http=http)
  insertedUser = service.users().insert(body=params).execute()

if __name__ == '__main__':
  main(sys.argv)

推荐答案

似乎是这个问题与以下主题相关：收到错误未授权访问此资源/ api尝试使用Google Directory API和服务帐户身份验证时

Seems that this issue is related to this topic here: Received error "Not Authorized to access this resource/api" when trying to use Google Directory API and Service Account Authentication

您需要将具有管理员权限的帐户电子邮件传递给以下凭据：

You need to pass account email with admin permissions into credentials like this:

credentials = SignedJwtAssertionCredentials('CLIENT_EMAIL', 
    key, scope='https://www.googleapis.com/auth/admin.directory.user', sub='superadmin@domain.com')

这篇关于Google Admin Api给出HTTP错误403：未授权访问此资源/ api的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！