获取403 - 禁止Google服务帐户 [英] Getting a 403 - Forbidden for Google Service Account
问题描述
我正尝试为Google服务帐户获取访问令牌。以下是我的代码 -
I am trying to get an access token for Google Service Account. Following is my code -
String SERVICE_ACCOUNT_EMAIL = "edited@developer.gserviceaccount.com";
List scope = new ArrayList();
scope.add("https://www.googleapis.com/auth/admin.directory.user");
String keyFile = "C:\\edited-privatekey.p12";
HttpTransport HTTP_TRANSPORT = new NetHttpTransport();
JsonFactory JSON_FACTORY = new JacksonFactory();
GoogleCredential credential = new GoogleCredential.Builder()
.setTransport(HTTP_TRANSPORT)
.setJsonFactory(JSON_FACTORY)
.setServiceAccountId(SERVICE_ACCOUNT_EMAIL)
.setServiceAccountScopes(scope)
.setServiceAccountPrivateKeyFromP12File(new java.io.File(keyFile))
.build();
credential.refreshToken();
String accessTokens = credential.getAccessToken();
尽管代码工作正常,我确实得到了一个访问令牌,当我尝试使用它来'使用Google Directory API GET'Google Apps用户,我收到403 - Forbidden响应代码。有人可以帮忙吗?
我知道GET用户的代码是正确的,因为它可以与Google Apps管理员生成的访问令牌一起使用。
Although the code works fine and I do get an access token, when I try to use it to 'GET' a Google Apps User using the Google Directory APIs, I get a 403 - Forbidden response code. Could someone please help?
I know the code for GET user is correct because it works fine with the access token generated by Google Apps Admin.
推荐答案
您需要设置一个管理帐户:
You need to set an admin account with:
.setServiceAccountUser(some_admin_email)
并确保您的应用程序(具有正确的作用域)在cPanel中被授予访问权。
And make sure your App (with the correct scopes) is granted access in the cpanel.
这篇关于获取403 - 禁止Google服务帐户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!