As I am using service account to share Google Drive documents, it would be nice to get in invitation email a company picture instead of the silhouette.
Is it possible to change somehow Google Service account picture?
I tried using the Google Admin SDK, but I get the following error:
404 OK
- SHOW HEADERS -
{
"error": {
"errors": [
{
"domain": "global",
"reason": "notFound",
"message": "Resource Not Found: userKey"
}
],
"code": 404,
"message": "Resource Not Found: userKey"
}
}
I tried this through the API explorer:
https://developers.google.com/admin-sdk/directory/v1/reference/users/photos/update
EDIT, the userKey is the email address of the account. In the service account case it is in the format:
account-name#project-name.iam.gserviceaccount.com
Get your service account to use delegation to impersonate and use a separate Google Apps account email address to do the document sharing. Set the photo in that Google Apps account.
Related
I am simply trying out curl examples from the GDrive API Explorer, specifically this call:
https://developers.google.com/drive/api/v3/reference/files/list
However when I copy the example and execute it with my API key, I get this error:
curl https://www.googleapis.com/drive/v3/files?key=AIzaSyCQfFNMxHVJRaTvXXXXXXXXXX
{
"error": {
"errors": [
{
"domain": "global",
"reason": "insufficientFilePermissions",
"message": "The user does not have sufficient permissions for this file."
}
],
"code": 403,
"message": "The user does not have sufficient permissions for this file."
}
}
When I try to get a single file using files/{fileId} with the same API key, it works fine and the file metadata is returned.
What is the deal here? Does listing require special permissions, or does API keys have limitations, or..?
Just a hunch, you are trying a file that is not public, that is why you are receiving 403:insufficientFilePermissions. To access this you must authenticate your request using OAuth 2.0.
You can check the documentation About Authorization:
Your application must use OAuth 2.0 to authorize requests. No other
authorization protocols are supported. If your application uses Google
Sign-In, some aspects of authorization are handled for you.
i wrote a project that work well with upload and download objects to/from Google Cloud Storage. I'm able to retrieve the content, the stream, the metadata, but when i get the 'mediaLink' of an object and paste it to the browser, i got this error:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
}
}
the format of mediaLink URL is shown here:
https://content.googleapis.com/storage/v1/b/bucketname/o/folder%2Finsidefolder%2Fexample.txt
I'm authenticated in my website by the OAuth 2.0 flow, and all the objects uploaded on GCS are with a custom AccessControlList which i decided to set into "allAuthenticatedUsers" in order to give access only to user that are authenticated with my website.
Could anyone help me to solve this issue? Thank you so much
The media link is not inherently authorized. You need to authorize a download using the media link in the same way you'd authorize any other request: by including an appropriate "Authorization" header.
Without providing read permission to "AllUsers", the media link will not work in a web browser.
Also, "AllAuthenticatedUsers" does not mean users that are authenticated with your website. It means "anybody with any Google account."
I am using Google Maps APIs for business to get location against Cell IDs and MAC addresses of WiFi access point.
That code was working fine on beta server. Now as I moved to production server, I am getting following response
{ "error": { "errors": [ { "domain": "usageLimits", "reason": "accessNotConfigured", "message": "Access Not Configured. Please use Google Developers Console to activate the API for your project." } ], "code": 403, "message": "Access Not Configured. Please use Google Developers Console to activate the API for your project." } }
In console, Beta server IP was added in allowed IPs. I have added production server IP as well. Still getting above response.
Do I need to generate new key after change in allowed IPs or any other change?
The message is self-explaining activate the API for your project
Go to the console, select the desired project(when you have multiple projects), go to APIs & auth ->API's and activate the service Google Maps Geolocation API
We are using the Google drive API to allow our users to browse and select a file to use in a report. One of our users (the issue is not widespread) is getting an error(below) when attempting to get a list of files.
JSON body returned from Google:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "forbidden",
"message": "Forbidden"
}
],
"code": 403,
"message": "Forbidden"
}
}
Which is a bit confusing as it is not one of the listed errors here: https://developers.google.com/drive/web/handle-errors
Does anyone have any ideas on what might be causing this? Thanks for any insight!
It turned out to be related to this question: Getting a 403 - Forbidden for Google Service Account
This user's company did not have Google Drive as one of their activated apps.
This error also occurs if you disable the Google Drive setting called "Allow users to install Google Drive apps". This might be a good thing to check if you are certain that Google Drive is already enabled.
I have two users: admin#example.com ("Admin") and user#example.com ("User").
"Admin" owns a Google Drive folder (let's say the fileId of the folder is "F1234"). "User" is a member of a Google Group which has read-only ("Viewer") access to the folder.
In the Google Drive Web interface, "User" can open the folder F1234, and "User" can click on the "star" button to put the folder in the "Starred" list. So far, so good.
Now I want to write an application which sets the folder as starred. So, I log in as "User" and I go to the Google Drive API Explorer (https://developers.google.com/drive/v2/reference/files/patch) and I give the API explorer the OAuth token to execute requests on behalf of "User". I send a "patch" request to set the folder as "starred":
PATCH https://www.googleapis.com/drive/v2/files/F1234?fields=labels%2Fstarred&key={YOUR_API_KEY}
Content-Type: application/json
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxx
X-JavaScript-User-Agent: Google APIs Explorer
{
"labels": {
"starred": true
}
}
But this request fails, with a "permission denied" type of error:
403 Forbidden
{
"error": {
"errors": [
{
"domain": "global",
"reason": "userAccess",
"message": "The authenticated user does not have the required access to the file F1234",
"locationType": "header",
"location": "Authorization"
}
],
"code": 403,
"message": "The authenticated user does not have the required access to the file F1234"
}
}
I checked that this very same request works fine with a folder owned by "User", or with a folder not owned by User but where "User" has read-write access. So it really looks like the request fails because of the read-only permission, but this is not consistent with the behavior of the UI ("starring" a file is not a modification, so it should not require write access).
Am I missing something or is this a Google Drive API bug ?
This behavior has been reproduced.
I will report this for you.
Sorry for inconvenience.