service-accounts

问题 My Python script retrieves infos about users and groups from a G Suite (testing, for now, with the 14 days free account). I'm using domain-wide delegation and OAuth 2.0 for server to server applications because I don't want to display a pop window where users from hosted domains would allow me to see their groups and users. These are the steps I followed in order to get users and groups: create and download all the necessary credentials, such as Client ID; from my G Suite admin console, allow

问题 My team is currently developing an application to list my company's domain users in GCP, using the Admin SDK, for onboarding and offboarding purposes. We're using a service account to do this and we've have added the admin.directory.user.readonly scope, in the Google Admin's advanced settings, to it. The Admin SDK API is activated and we can see the service account in the Credentials area. When we invoke the https://www.googleapis.com/admin/directory/v1/users endpoint with the parameters

问题 I am developing an Android app (Java) that uses Firebase authentication and GCP Pubsub. To connect to Pubsub I currently use a service account key that is stored in a JSON file in my project. But this is not something that seems secure in a production environment since it exposes my key. So what would the best practice in that case ? I though about having something like a token linked to the Firebase user account but I don't see how to do this, and this documentation from Google indicates

问题 I've exported MySQL Database following the MySQL Export Guide successfully. Now, I'm trying to import MySQL Database following the MySQL Import Guide. I've checked the permissions for the service_account_email I'm using, and I have allowed both Admin SQL and Admin Storage permissions. I was able to successfully activate my service account using this command locally: gcloud auth activate-service-account <service_account_email> --key-file=<service_account_json_file> After I ran the command:

问题 I am writing a Python 3.7 script that needs to read data from a Google Spreadsheet. The spreadsheet in question belongs to an Organization that my work Google Account is part of: let's just call it "Organization". The spreadsheet permissions are set as "Anyone at Organization with the link can view". This detail has been preventing my application from working. I went to the credentials dashboard at https://console.cloud.google.com/apis/credentials while being authenticated with my account in

问题 We are trying to create an integration with the Google Admin SDK in order to be able to retrieve, update and create accounts within our domain. However, we keep receiving a 403 error indicating that we are not authorized to access the resource/api. We are using the credentials obtained from a service account which has Domain-wide Delegation of Authority enabled and the following two scopes: https://www.googleapis.com/auth/admin.directory.user.readonly, https://www.googleapis.com/auth/admin

问题 Initial situation: In one of our services, we use a service account to call Google Calendar API. User can share their calendars with this technical account via its technical emailaddress (@.iam.gserviceaccount.com). As calendars are shared, we can query them via API (CalendarList/List: https://developers.google.com/calendar/v3/reference/calendarList/list) All this was working fine for several years without problem. Current issue: As we have discovered recently, newly shared calendars are not

问题 I'm trying to upload a file to my Google Drive using a service account. When I deploy this code, I don't want the user to give authorization, I want them to upload to my account. I'm using this via PHP, and below is where I am so far. This code is based on the examples given by the official documentation. When I run the php script, I get no errors, and I print_r the result variable. It has multiple URLs, when I go to it with the same account I created all this with, it says I need to request

问题 I'm trying to upload a file to my Google Drive using a service account. When I deploy this code, I don't want the user to give authorization, I want them to upload to my account. I'm using this via PHP, and below is where I am so far. This code is based on the examples given by the official documentation. When I run the php script, I get no errors, and I print_r the result variable. It has multiple URLs, when I go to it with the same account I created all this with, it says I need to request

问题 I have spent the entire day today reading documentations and questions on stackexchange on trying to use service account to logon to a compute engine but have got no where. I am new to google cloud, so pardon my knowledge. We are trying to setup a long running service on a google compute engine. We want the service to be run as a system account but not on individual account so as to allow troubleshooting privileges across the team but not specific users. We thought that service account of GCP