Skip to main content

How can we help you?

Search

Google Workspace API Channel Error 401

Updated: Jesse Garcia Edited:

Error 401 Access Denied

 

In enterprise applications, you may want to programmatically access a user's data without any manual authorization on their part.

In Google Workspace domains, the domain administrator can grant third-party applications with domain-wide access to its users' data.  This is referred to as a domain-wide delegation.  To delegate authority this way, domain administrators can use service accounts with OAuth 2.0.

 

Remediation Process

  1. Log into the Google Workspace Admin Portal Here.

  2. On the left side of the window select Security, Access and data control, then select API controls.

  3. If you don't see Security listed, select "Show More" in the bottom-left section of the window, then select Security, Access and data control, then select API controls.
  4. You may need to scroll down to see "MANAGE DOMAIN WIDE DELEGATION"

google_admin_manage_domain_wide_delegation.gif

 

 

        5. Select "Add new"

google_admin_domain_wide_delegation1.gif

 

 

      6. Enter the service account's Client ID.

      7. Click on "Authorize"

google_admin_manage_domain_wide_delegation_new_client_id.gif

 

     8. In the "OAuth scopes" field enter the list of scopes that your application should be granted access to.

Reports

If you need domain-wide access to activity reports please follow the steps below:

  1. Head over to Reports, then click on Accounts.
  2. Click on API controls
  3. Look for High-risk Oauth Scopes

mceclip0.png

 

 

 

 

Also see Error 400 KB which may also be present

Was this article helpful?
0 out of 0 found this helpful
Return to top

Related articles

Comments

0 comments

Please sign in to leave a comment.