I created a script that connects with the Gmail API using OAuth 2.0. It works perfectly, and I am able to send email from the authenticated account.
However, I can't send email from any of the account's aliases. If I try to do so I get the following error message:
"error": {
"errors": [
{
"domain": "global",
"reason": "forbidden",
"message": "[ACCOUNT] does not have privileges to [ALIAS] mailbox."
}
],
"code": 403,
"message": "[ACOUNT] does not have privileges to [ALIAS] mailbox."
}
}
I have verified that the alias is setup in Gmail and Google Apps.
Anyone have any ideas?
Don't try to make the call as the alias (e.g. alias shouldn't be in the URL as the user ID), just put the alias email address in the "From" header in your sent message.
so in python would be something like:
email = "To: someone#example.com\r\nFrom: myalias#gmail.com\r\nSubject: blah\r\n\r\nbody goes here"
gmail.users().messages().send(userId="me", body={'raw': base64.urlsafe_b64encode(email)})
i found same error..
when i add user i use for sendmail on https://www.google.com/webmasters on domain i used, and on https://admin.google.com for API access
and now it's work..
hope this help..
Related
I'm trying to get data with SharePoint REST API but stucking with "System.UnauthorizedAccessException" error.
How can I fix this?
What I did is...
I got access token.
POST https://login.microsoftonline.com/{{tenantName}}/oauth2/v2.0/token
I tried to get sharepoint list items with the access token I got.
GET https://{{xxx.sharepoint.com}}/sites/{{sitename}}/_api/web/lists/GetByTitle('CSV')/items
With the 2nd command, I got error message like below.
"odata.error": {
"code": "-2147024891, System.UnauthorizedAccessException",
"message": {
"lang": "en-US",
"value": "Access denied. You do not have permission to perform this action or access this resource."
}
Check whether the site you requested matches the scope set by app permission xml.It is possible that the scope does not match and the requested site fails to authenticate the request.
I deployed my microservice over master tenant and subscript it onlty to subtenant.
If I call:
GET https://subtenant.cumulocity.com/service/mymicroservice/health i get Status Code 200 and UP
However if I call:
GET https://subtenant.cumulocity.com/service/mymicroservice/myendpoint/data
I get Status Code 500 and
{
"timestamp": 1534235792950,
"status": 500,
"error": "Internal Server Error",
"exception": "com.cumulocity.sdk.client.SDKException",
"message": "Http status code: 403\n{error=\"security/Forbidden\",message=\"Access is denied\",info=\"https://www.cumulocity.com/guides/reference-guide/#error_reporting\",details=\"null\"}",
"path": "/ mymicroservice /data"
}
When I subscribe to the master tenant, the microservice is working fine! It seems that the user of subtenant is not allowed to access the Cumulocity APIā¦ I also checked the user and the role. The access rights are all granted. How can i access my microservice at subtenants?
I solved the problem by my self. I made a mistake; i forgot to add a role to the manifest to requiredRoles. It was also not working in master tenant.
I've set up a Google Compute Engine Instance and I want to be able to turn it on and off using a script on my home computer. I see that there's an API that lets me do that by sending a POST request like this:
curl --data '' https://www.googleapis.com/compute/v1/projects/my-project/zones/asia-east1-a/instances/my-instance/stop
but the response I get from that is this:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
}
}
So I'm trying to see how I can allow my script authorisation to use the API on the compute engine without having user interaction. How do I do this?
It looks like Google requires OAuth 2.0 authentication, but it seems really complex.
The closest thing I can find in Google's docs is this page but I can't work out how to make it a bunch of curl statements.
This SO thread gets closer, but glancing over the scripts there - it looks like they need user interaction.
I think you need Application Default Credentials. Have you seen this page?
https://developers.google.com/identity/protocols/application-default-credentials
When I try to authenticate against the Zendesk API as an end-user, and then list tickets, it always responds with 403 Forbidden:
e.g.
GET
https://mysite.zendesk.com/api/v2/requested.json
Basic Authorization
returns with a 403
{
"error": {
"title": "Forbidden",
"message": "You do not have access to this page. Please contact the account owner of this help desk for further help."
}
}
It appears that the "tickets" API (like above) is not for end-users. Instead they must use the "requests" API .
So use: https://mysite.zendesk.com/api/v2/requests.json instead...
I was able to retrieve access-token using Google Service account but when I tried to use the same access-token to retrieve GooglePlus User Profile API I'm getting the error mentioned below:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "notFound",
"message": "Not Found"
}
],
"code": 404,
"message": "Not Found"
}
}
I used scope value as https://www.googleapis.com/auth/plus.me while retrieving access-token using Google service account and I was able to fetch access-token, but then if I try to use the same access-token to request User profile API- I.e
https://www.googleapis.com/plus/v1/people/me?prettyprint=true I get the error above.
Can anyone help me on this?
This is most likely because the account that has done the authentication does not have a Google+ account/profile. For testing, you may wish to replace the "me" with the profile ID in question to verify this. In production, of course, you should catch this error and indicate that they don't have a Google+ profile.
If you need to check for a Google login, even if they don't have a Google+ profile, you can use the https://www.googleapis.com/auth/userinfo.profile scope. See https://developers.google.com/accounts/docs/OAuth2Login for more details.