Reputation: 13
GET list of groups from cloudidentity.googleapis.com returns INVALID_ARGUMENT error
The end goal is to get a list of a user's groups after OAuth Authentication is completed using the supplied access token.
I'm currently having difficulty retrieving a list of groups from the Cloud Identity API after OAuth is completed.
Cloud Identity - Method: groups.list Documentation
Steps:
- Go to OAuth Playground
- Enter your own scope at the bottom of the list using "https://www.googleapis.com/auth/cloud-identity.groups.readonly"
- Click "Authorize APIs" button
- Choose the google account to use
- Allow the "Cloud Identity Groups"
- Click "Exchange authorization code for tokens" button
- Optionally "Auto-refresh the token before it expires."
- Click "List possible operations" Select "List Groups" - This populates the request URI. Click "Send the request"
GET /v1/groups HTTP/1.1
Host: cloudidentity.googleapis.com
Content-length: 0
Authorization: Bearer [TOKEN]
HTTP/1.1 400 Bad Request
Content-length: 127
X-xss-protection: 0
X-content-type-options: nosniff
Transfer-encoding: chunked
Vary: Origin, X-Origin, Referer
Server: ESF
-content-encoding: gzip
Cache-control: private
Date: Fri, 08 Nov 2019 16:12:32 GMT
X-frame-options: SAMEORIGIN
Alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Content-type: application/json; charset=UTF-8
{
"error": {
"status": "INVALID_ARGUMENT",
"message": "Request contains an invalid argument.",
"code": 400
}
}
I've only ever been able to get invalid arguments with a status of INVALID_ARGUMENT. I've tried providing an API key from my own project, adding the parent parameter as required by the documentation.
Can someone please help with a valid request?
I have tried to get this working using the OAuth 2.0 Playground, the 'Try this API' functionality through the documentation and locally using a variety of options, I feel like I'm missing something simple.
Upvotes: 1
Views: 2245
Answers (3)
Reputation: 1
Not sure if this is still relevant to you, first you need to pass parent, and also you need to add the prefix for your customer_id.
Must be of the form identitysources/{identity_source_id} for external- identity-mapped groups or customers/{customer_id} for Google Groups. The customer_id must begin with "C" (for example, 'C046psxkn').
so the url should be really looks like this,
https://cloudidentity.googleapis.com/v1/groups?parent=customers/C<customer_id>&access_token=<oauth_token>
Upvotes: 0
Reputation: 1
You need to make sure you're passing in a valid value in the parent query parameter. The URL should look like:
https://cloudidentity.googleapis.com/v1/groups?parent=customers/**your_customer_id_which_can_be_found_in_the_admin_console**
Upvotes: 0
Reputation: 2805
Currently, the Cloud Identity groups API only provides access to Identity Mapped Groups, which makes it only relevant in the context of Cloud Search.
To access "regular" groups, use the Directory API.
Upvotes: 1
Related Questions
- making a request to find members of a group in GCP
- how to get External group or member from google groups API
- Fetch Google Group members
- How to list group ids in GCP using cli or console
- Google Cloud Identity API group memberships Error 403
- 400 (Bad Request) when calling listGroups() method with Google API PHP client
- Getting all groups an user is a member of through oauth (google)
- How do I find all Google groups I am member of via api?
- Unable to retrieve members of a google group, getting Invalid Input
- Directory Api function to list Groups lacks Permission id