Google Apps Admin Settings API - 401

0
votes

I'm trying to get the Organization name for a Google Apps domain. For this, I'm using the Google Apps Admin Settings API. I saw that it required 3-Legged OAuth. I try to implement OAuth 2.0 because OAuth 1 is deprecated. I try many thing to get this work but I'm always getting a 401 unautorized.

I request a token for the scope : https://apps-apis.google.com/a/feeds/domain/

Here is my code:

// ClientID & ClientSecret values
var requestFactory = GDAPI.GoogleApps.GetAuthRequestFactory();

string organizationName = String.Empty;

 Google.GData.Apps.AdminSettings.AdminSettingsService service = 
            new Google.GData.Apps.AdminSettings.AdminSettingsService(auth.Domain, Excendia.Mobility.Utilities1.BLL.WebConfig.ExcendiaAppName);
 service.RequestFactory = requestFactory;
 service.SetAuthenticationToken(token);

 try
 {
     var result = service.GetOrganizationName(); // throw exception here...
 }
 catch (Exception ex)
 {
     log.Error(ex);
 }

What am I doing wrong? Is this compatible with OAuth 2?

I also want to ask if there is another way to get organization name because GData library is supposed to be obsolete and replaced by new Google.Apis...

Resolved!

Thanks Jay. It works on OAuth 2.0 playground. Something on my side was not set correctly.

Using Fiddler I saw the Authorization header being set by my application. It was set to OAuth v1 instead of v2. So I found out I was using the wrong RequestFactory class. Need to use GOAuth2RequestFactory instead of GOAuthRequestFactory...

So this is now working:

string organizationName = String.Empty;

Google.GData.Apps.AdminSettings.AdminSettingsService service = 
            new Google.GData.Apps.AdminSettings.AdminSettingsService(auth.Domain, "myAppName");

service.RequestFactory = 
            new Google.GData.Client.GOAuth2RequestFactory("cl", "MyAppName",
            new Google.GData.Client.OAuth2Parameters()
            { ClientId = ClientID, 
              ClientSecret = ClientSecret, 
              AccessToken = token });

try
{

    var result = service.GetOrganizationName();

    if (result != null)
    {
        organizationName = result.OrganizationName;
    }
}
catch (Exception ex)
{
    log.Error(ex);
}

return organizationName;
1
asp.netgoogle-apioauth-2.0google-appsgoogle-oauth
Have you registered your app for that particular scope? You cannot ask for access tokens for scope that your app isn't registered for. - divyanshm

1 Answers

0
votes

You are using the correct API. Though GData is being replaced by the new Google APIs, Admin Settings API still uses the old GData format for now.

Are you using a super administrator account to authenticate with? Can you try the operation on the OAuth 2.0 playground and see if it works for the account there?

You can also take a look at how Dito GAM, an open source Google Apps tool implements this call. If you create a file named debug.gam in the same path as GAM, GAM will print out all the raw HTTP calls and responses it's making/getting.