Google Plus Domains API AccessTokenRefreshError

StackOverflow https://stackoverflow.com/questions/18264100

Question

I'm attempting to use the Google+ Domains API to provision circles for my Google Apps domain. I'm using domain-wide delegation as per https://developers.google.com/+/domains/authentication/delegation which I have already used successfully for group, user and calendar provisioning. In the API console, I've added the Google+ API and Google+ Domains API to the API project. I've tried using both the pre-existing key, and generating a new one. When I attempt to run the following code:

service_account_email='somelongstring@developer.gserviceaccount.com'
key=file("path/to/keyfile","rb").read()
user_email='someroleaccount@mydomain.com'
SCOPES_PLUS = [
  'https://www.googleapis.com/auth/plus.me',
  'https://www.googleapis.com/auth/plus.stream.write',
]
credentials = SignedJwtAssertionCredentials(service_account_email, key,
                                            scope=SCOPES_PLUS, sub=user_email)
http = httplib2.Http()
http = credentials.authorize(http)
plus = build(serviceName='plus', version='v1domains', http=http)

I get

AccessTokenRefreshError: access_denied

when it hits the build() call.

However, the exact same code (with different scopes and services) works for the directory service, groupssettings service and calendar service.

I have tried with both a role account as the sub email address, and as my own (super-admin) account.

Any ideas?

Was it helpful?

Solution

Did you remember to give the service account authorization for the new scopes in the Control Panel for the domain? The process is described in the Drive documentation. Be sure to enter the Google Plus Domains scopes as well as the Directory and Group Settings scopes as any changes overwrite your existing authorizations.

OTHER TIPS

I have written a tutorial to use the new G+ Domains APIs on Google App Engine with Python, it explains each necessary configuration step by step and provides some example code:

https://gist.github.com/vircheck/6292176

also, don't forget the official quick start here but remember that this one does not work on App Engine.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top