0
显然 - 和请纠正我,如果我错了 - 要正确使用Google API /授权,您需要指定以“@ developer.gserviceaccount.com”结尾的服务帐户电子邮件。Google Directory API:未获得授权
但是,此帐户将无法访问我要添加/列出/删除用户的域。我认为这是我的“未经授权”请求的原因。
您如何将此帐户的权限授予要影响更改的域?或者 - 我应该在授权期间列出不同的帐户?如果是这样,我该怎么做 - 因为当我指定一个确实有权限的域帐户时,我会得到“invalid_grant”。
任何帮助,将不胜感激。谢谢。
这是代码:
String szDomainName = "testdomainname.com";
String szServiceAccount = "[email protected]";
var certificate = new X509Certificate2(@"Google_Key.p12", "notasecret", X509KeyStorageFlags.Exportable);
ServiceAccountCredential.Initializer ServiceAccountCredentialInitializer = new ServiceAccountCredential.Initializer(szServiceAccount);
ServiceAccountCredentialInitializer.FromCertificate(certificate);
ServiceAccountCredentialInitializer.Scopes = new[] { DirectoryService.Scope.AdminDirectoryUser };
ServiceAccountCredential credential = new ServiceAccountCredential(ServiceAccountCredentialInitializer);
// Create the service.
BaseClientService.Initializer ServiceInitializer = new BaseClientService.Initializer();
ServiceInitializer.HttpClientInitializer = credential;
ServiceInitializer.ApplicationName = "List Users";
var service = new DirectoryService(ServiceInitializer);
var listReq = service.Users.List();
listReq.Domain = szDomainName;