is there any API to check if someone owns an Account. This is needed to sync a Account on my website with the Ubi Account, so his stats/rank can be shown on site automatically.
Related
I had a Google account based on not-GMail-account. I had another email company's email as a login to my Google Account (myemailhere#ukr.net). And I used this Google account to login the dialogflow.cloud.google.com.
Today Google suggested me to create a #gmail.com account and attcach it to my myemailhere#ukr.net Google Account. I have confirmed and created the myemailhere#gmail.com.
Using both of this logins (myemailhere#gmail.com and myemailhere#ukr.net) I am still able to login my cloud.google.com Profile. But when I try to login the Dialogflow Profile (dialogflow.cloud.google.com) - I see the eternal loading animation (or a totally blank page). There is no errors about password or something like this. Just login process after I submit the password and then white page. This behavior I see on all my devices, while I trying to login with myemailhere#gmail.com or myemailhere#ukr.net
And I see some 400 errors in web console (if it matters).
Could you please help me to fix this and get access to DialogFlow?
Screen that I see after the login and password entering
Do you have the project owner role for the mentioned username that is registered on your project in the GCP console (not Dalogflow Console)? Here is a list of roles related to Dialogflow that grant access to its Console.
Note that some of these roles give full access or edit access while other roles have permissions that simply gives view access to the Dialogflow Console.
If you are missing any of these then simply assign on your GCP project's console.
Assigning roles as described above did not work for me. Solution was to delete gmail email service from the account.
Instructions here
If you would like to use gmail, do NOT add gmail to your existing google account. You should instead create a seperate google account and use gmail from this seperate account
Does Google Pay use Google Account's session cookies to figure out which payment method user can use?
Google Pay payment methods are attached to a Google profile and available when logged in.
On the web, if the user is NOT logged into a Google account when initiating a Google Pay payment, the user will be prompted to log in.
Cookies are involved in maintaining authenticated user state.
I am using Google OAuth2.0, the requirement is only let G suite for Education account login, so I want to know what type of account user is using during the authentication.
The login part is finished, I get access token and refresh token, I asked for two scopes https://www.googleapis.com/auth/userinfo.profile, https://www.googleapis.com/auth/userinfo.email
I checked the user profile, which can't help me to identify the type of account.
Can I differentiate these two type of account by only require above two scopes? if not, what other scopes I need to require and what API I need to use?
I found one example online, https://www.brainpop.com/ which supports what I mentioned.
The website only asks for Basic account info such as View your basic profile info and View your email address. When I log in using my personal Google account, then the login will be denied and tell me it's not G-suite education account.
Appreciate anyone's help.
check email
https://www.googleapis.com/auth/userinfo.email
IF EMAIL HAS CUSTOM DOMAIN LIKE ABC.COM then its gsuite
if it is just gmail.com its not gsuite
What I did do when I needed to know if the user was a G suite for education user was to also request the scope 'https://www.googleapis.com/auth/classroom.profile.photos'. If I remember correctly only users with a for education account would be asked for giving that permission. You can probably use any scope from the classroom API to (https://developers.google.com/classroom/reference/rest/).
I don't have this integration with Google anymore, so haven't tested it in about a year.
As part of our "off-boarding" process for employees leaving the company, as super admins we use the Google Apps Admin SDK Directory API to change the user's password so that they can no longer access their account. Then we log in to do a Google Takeout, reset passwords for their other accounts, etc.
However, we recently decided to enforce 2-Step Verification for all of our users. So now when we go to log in to their account, it sends a code to their phone.
Since 2-Step is enforced for their SubOrg, we can't even turn it off through the admin console. So all I can do now is to have the API move the user to a different SubOrg where the 2-Step enforcement setting is turned off, and then manually turn off 2-Step.
Is there any way to programmatically turn off 2-Step verification for an account?
I looked in the Google Apps Admin SDK Directory API Users:update documentation, but it doesn't seem to have anything to do with 2-Step.
The Reports API can find out the user's enrollment status, but it's read-only for reporting purposes.
What you are doing is the correct way to remove the 2-Step verification. As you mentioned if it is enforced under a Organization Unit, removing it would get against that rule and that's why you are not able to do it unless you move the user to another OU where this is not enforced.
I was not able to find some way to do this programmatically. However, you could Suspend the user. After that, the user won't be able to access to that account. The account will still be visible in your Admin Console and all the information in the different Google services will remain attached to that account until you finally delete the account.
While the user is suspended, as admin, you can use service account to impersonate that user. By doing so you can act as that user and edit permissions or transfer the ownership of the files contained in Drive to a different account so those files won't get lost.
I hope this helps.
The easiest way to do this is to create a Group for which 2FA is exempt (see here: https://support.google.com/a/answer/2370108). Then add the user to that group, then you can click "Disable 2FA" on the user page in the admin console. I'm assuming you can do the same through the API.
The only downside is that this means you'll have a group through which it is possible to exempt users from the 2FA enforcement option. So that's a risk you'll have to accept and a policy you have to carefully check.
I'm developing an application for a seller at Amazon, using Marketplace Web Service API (MWS).
The seller has created an account for managing his inventory, and says that he assigned the necessary permissions.
However, clicking "Sign up for MWS" button on https://developer.amazonservices.com/ results in permission error: "Insufficient user rights."
Can anyone clear up what permission(s) Amazon Marketplace requires for accessing their API, or at least provide a list of all possible permissions?
I found the answer. It has actually turned out that you can't sign up for Amazon MWS from a sub-account. No such permission exists, so this must be done by the owner.