0

I am building an app for the Google Marketplace and just made the switch to OAuth 2.0 from 1.0 before final deployment.

Before the switch, I was able to use the provisioning API to fetch users in a domain that has installed the app given, appropriate permissions have been granted.

My experience with the Directory API (the OAuth 2 counterpart) requires that i perform a 2-legged OAuth to get an access token which I then uses to perform the Admin action. This only works if the access token belongs to an Administrator user of the subject domain.

There's a section in the app that pulls all users from the domain and I need this to be accessible to all logged in users including non-administrative users of the domain.

Didn't have such problems when I was using the provisioning API using the Zend library

yomexzo
  • 665
  • 1
  • 6
  • 22

1 Answers1

0

Not sure. But the following post might be helpful

Until recently this technique was mostly performed using 2-Legged OAuth 1.0a (2-LO). However, with the deprecation of the OAuth 1.0 protocol and the resulting programmed shutdown of 2-LO, the recommended authorization mechanism is now to use OAuth 2.0 and service accounts.

source - http://googleappsdeveloper.blogspot.com/2012/11/domain-wide-delegation-of-authority-and.html

dev.e.loper
  • 35,446
  • 76
  • 161
  • 247
  • thanks @dev.e.loper but i can't seem to get it to work. keep getting: `Error calling GET https://www.googleapis.com/admin/directory/v1/users?domain=xyz.com: (403) Not Authorized to access this resource/api` – yomexzo Mar 04 '14 at 18:50