I've been tasked to write a short script that will add a user to a group in google workspace. However, I'm really new to the documentation and its not making any sense to me.
I created a new account on google workspace, added my domain and confirmed it, then went to the admin console and created a new user and then a new group.
Then, I went to cloud console, created a new project, enabled and created a new service account, enabled Admin SDK API and associated the service account with that API. I also downloaded the service account credentials to run with the script, and I even added "domain wide delegation from what I could find in a github link but it doesn't seem to work.
I just simply want to add my user2@example.com to testgroup@example.com. Can anyone point me to the right direction? Thanks.
This is the python script:
from google.oauth2 import service_account
from googleapiclient.discovery import build
# Define your service account credentials and group email
credentials = service_account.Credentials.from_service_account_file('service_account_credentials.json')
group_email = 'testgroup@example.com'
user_email = 'user2@example.com'
# Build the service client
service = build('admin', 'directory_v1', credentials=credentials)
# Add the user to the group
service.members().insert(groupKey=group_email, body={'email': user_email}).execute()
This returns the following error:
<HttpError 403 when requesting https://admin.googleapis.com/admin/directory/v1/groups/testgroup%40example.com/members?alt=json returned "Not Authorized to access this resource/api". Details: "[{'message': 'Not Authorized to access this resource/api', 'domain': 'global', 'reason': 'forbidden'}]">
