0
顯然 - 和請糾正我,如果我錯了 - 要正確使用Google API /授權,您需要指定以「@ developer.gserviceaccount.com」結尾的服務帳戶電子郵件。Google Directory API:未獲得授權
但是,此帳戶將無法訪問我要添加/列出/刪除用戶的域。我認爲這是我的「未經授權」請求的原因。
您如何將此帳戶的權限授予要影響更改的域?或者 - 我應該在授權期間列出不同的帳戶?如果是這樣,我該怎麼做 - 因爲當我指定一個確實有權限的域帳戶時,我會得到「invalid_grant」。
任何幫助,將不勝感激。謝謝。
這是代碼:
String szDomainName = "testdomainname.com";
String szServiceAccount = "[email protected]";
var certificate = new X509Certificate2(@"Google_Key.p12", "notasecret", X509KeyStorageFlags.Exportable);
ServiceAccountCredential.Initializer ServiceAccountCredentialInitializer = new ServiceAccountCredential.Initializer(szServiceAccount);
ServiceAccountCredentialInitializer.FromCertificate(certificate);
ServiceAccountCredentialInitializer.Scopes = new[] { DirectoryService.Scope.AdminDirectoryUser };
ServiceAccountCredential credential = new ServiceAccountCredential(ServiceAccountCredentialInitializer);
// Create the service.
BaseClientService.Initializer ServiceInitializer = new BaseClientService.Initializer();
ServiceInitializer.HttpClientInitializer = credential;
ServiceInitializer.ApplicationName = "List Users";
var service = new DirectoryService(ServiceInitializer);
var listReq = service.Users.List();
listReq.Domain = szDomainName;