Unable to update password - GoogleApiException - Not Authorized to access this resource

Question

I am trying to update users password in GSuite using OAuth 2.0

I am encountering the following exception:

UpdateEmailUserPassword Google returned an error against this user. Please check Google exception details and make sure this is a valid existing user

UpdateEmailUserPassword Google Exception Details : The service admin has thrown an exception: Google.GoogleApiException: Google.Apis.Requests.RequestError Not Authorized to access this resource/api [403] Errors [Message[Not Authorized to access this resource/api] Location[ - ] Reason[forbidden] Domain[global]

I can confirm that the admin account used is a super admin account with all API Scopes allowed for the ClientID and Service Account. Am I missing something?

score 0 · Answer 1 · edited May 23 '17 at 10:30

Based from this thread, you need to create a service object authorized with the service account that will acts on behalf of the given user. Try adding the User member to the ServiceAccountCredential.Initializer.

Sample:

ServiceAccountCredential credential = new ServiceAccountCredential(
  new ServiceAccountCredential.Initializer(serviceAccountEmail) 

  {
   Scopes = new[] { DirectoryService.Scope.AdminDirectoryUser },
   User = "admin@mydomain.com"  <-------- Added ADMIN User to fix
  }.FromCertificate(certificate));

Unable to update password - GoogleApiException - Not Authorized to access this resource

1 Answers1