I'm using this site for testing: https://developers.google.com/classroom/reference/rest/v1/courses/list
I have a project setup with a service account:
- The account was created with read only domain access.
- A project was setup after the fact.
- I then added the account after the fact.
- I then enabled the Classroom API in that project.
- I added the courses scope at the site linked above to domain wide delegation for the service account.
My admin account gets a 200 response with a full list of courses. My service account gets an empty 200 response. If I grant the service account domain admin it returns a full list of courses. I'm happy to provide sanitized screen shots if needed but does anyone know what rights a service account needs short of domain admin to be able to access Google classroom data through the APIs?