Using Google Directory API to fetch all users in a domain

0
votes

I am building an app for the Google Marketplace and just made the switch to OAuth 2.0 from 1.0 before final deployment.

Before the switch, I was able to use the provisioning API to fetch users in a domain that has installed the app given, appropriate permissions have been granted.

My experience with the Directory API (the OAuth 2 counterpart) requires that i perform a 2-legged OAuth to get an access token which I then uses to perform the Admin action. This only works if the access token belongs to an Administrator user of the subject domain.

There's a section in the app that pulls all users from the domain and I need this to be accessible to all logged in users including non-administrative users of the domain.

Didn't have such problems when I was using the provisioning API using the Zend library

1
phpgoogle-appsgoogle-api-php-clientgoogle-apps-marketplacegoogle-provisioning-api

1 Answers

0
votes

Not sure. But the following post might be helpful

Until recently this technique was mostly performed using 2-Legged OAuth 1.0a (2-LO). However, with the deprecation of the OAuth 1.0 protocol and the resulting programmed shutdown of 2-LO, the recommended authorization mechanism is now to use OAuth 2.0 and service accounts.

source - http://googleappsdeveloper.blogspot.com/2012/11/domain-wide-delegation-of-authority-and.html