0

I have started learning to implement google APIs to android apps. Currently exploring the update method in the directory API. There is an option to try it, before actually implementing and this is the point where I'm getting code 403 after posting an update query, instead of allowing the required permissions. Here are the snapshots:

posting the request The error message

I have put the email-id, (through which permissions are granted) as the userKey

Akeshwar Jha
  • 4,516
  • 8
  • 52
  • 91
  • Are you an administrator of the domain where the user belongs to? – Gerardo Nov 16 '15 at 20:29
  • Yes and no. No because I want to make the app such that a user under this domain can update only his contact and not others. And every user under that domain could use the app. Do I need to be an admin to implement this feature? Yes, because I have the credentials for the admin. – Akeshwar Jha Nov 17 '15 at 02:04
  • Only administrators can use directory API. so, no regular users will be able to call any of the resources in this api. Except of the resources users.get and users.list with the parameter viewType=PUBLIC_DOMAIN and only if the contact sharing is allowed. – Gerardo Nov 17 '15 at 17:54
  • Ah, that's bit of a problem. So, how may I proceed if I need to implement the update feature for non-admin users? I just need the privilege of updating a user's own contact details. Is there a way out? – Akeshwar Jha Nov 18 '15 at 06:47
  • A possible solution would be to use a service account with domain wide delegation. In this scenario the user would update the information, but the service account then would impersonate the admin and acting as the admin it would make the actual update with the new information. Check this documentation https://developers.google.com/drive/web/delegation – Gerardo Nov 18 '15 at 19:25
  • @Gerardo, we tried applying the domain wide delegation, but still a non-admin is getting the 403 forbidden response. Superadmin can do it though. We also tried implementing the same API in a sample app. But there too, even after domain-wide delegation for updating, no one (including the superuser) could update the details. We're using the same method - users.update(). Any thoughts? – Akeshwar Jha Dec 16 '15 at 16:11
  • While using the service account, did you impersonate the admin of the domain? Could you update the code you are using for the service account credentials? – Gerardo Dec 16 '15 at 17:35
  • mCredential = new GoogleCredential.Builder() .setTransport(httpTransport) .setJsonFactory(JSON_FACTORY) .setServiceAccountId() .setServiceAccountScopes(scopeList) .setServiceAccountUser() .setServiceAccountPrivateKeyFromP12File(file) .build(); I used this code for service account credentials – Akeshwar Jha Dec 16 '15 at 17:44
  • could you also share the call to the api? I just noticed that in the example above you just tried to update the phone. When updating you will have to send the complete object (even if the only change was in phone). If you don't want to send the complete object, you should use 'PATCH'. then you can just send the field that needs to be updated. – Gerardo Dec 16 '15 at 18:07
  • response = mService.users().patch(email, updatedUser).execute(); Yeah, so i tried using this code for updating user – Akeshwar Jha Dec 16 '15 at 18:13
  • Can you call any other method? like users.list? Did you authorize your app in Admin Console? – Gerardo Dec 16 '15 at 18:18
  • Yes i did authorized my app, n othr method i used is : Users result = mService.users().list() .setCustomer("my_customer") .setProjection("full") .setOrderBy("email") .setViewType("domain_public") .execute(); Its working fine – Akeshwar Jha Dec 16 '15 at 18:19
  • @Gerardo.. I tried using this for updation: response = mService.users().patch(email, updatedUser) .setOauthToken(accessToken) .execute(); This worked gave me updated response, but then changes aren't getting reflected neither in app nor in google directory. Am I missing any thing? – Akeshwar Jha Dec 16 '15 at 18:31
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/98156/discussion-between-gerardo-and-akeshwar). – Gerardo Dec 16 '15 at 18:51
  • @Gerardo even when i tried doing in try it: https://developers.google.com/admin-sdk/directory/v1/reference/users/update#try-it It gave 200 OK response, but changes didnt got reflected in feed. Am I missing anything? – Akeshwar Jha Dec 18 '15 at 12:10

0 Answers0