Hi Michael, thanks for your answer. That's really surprising and unfortunate news :-(. I was under the assumption that 2-legged OAuth should be supporting the provisioning api too (I believe I was told this a VERY long time ago in a previous incarnation of this forum/mailing list), and I was just planning to move to it from ClientLogin. My webapp (not a Marketplace app at this point, only installable as a plugin to another application (a course management system), and with a Google Apps admin's blessing) uses 2-legged Oauth for everything else, so why not expect it to be the same with provisioning features? (otherwise it means that basically you cannot create an administrative-level webapp for Google Apps for Education, correct? ). I imagine this is not a limitation for Premier versions, as there are some commercial offerings in the Marketplace under the category of administrative tools. -Patricia
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Michael Manoochehri Sent: Monday, January 31, 2011 11:21 PM To: Google Apps Domain Information and Management APIs Subject: [google-apps-apis] Re: 2-legged Oauth and the provisioning api: please clarify Hey Patricia: Sorry for the confusion. Actually, 2-legged Oauth is currently not enabled for write access with the Provisioning API. In other words, Marketplace Apps cannot use the Provisioning API for writes, nor can installed applications. It is possible to use 2LO for reads in either case. By the way, when using the Provisioning API with 2-legged OAuth (for read functions), you shouldn't use the xoauth_requestor_id parameter. See this thread on our old forum for more info: http://www.google.com/support/forum/p/apps-apis/thread?tid=169e78f776d3e0b5&; hl=en The Provisioning API can be used for Create, Retrieval, Updates, and Delete functions using 3-legged OAuth: http://code.google.com/googleapps/domain/gdata_provisioning_api_v2.0_develop ers_protocol.html#3LO_Tokens Thanks, - Michael On Jan 31, 8:23 am, "Patricia Goldweic" <[email protected]> wrote: > I need to understand better what are the limitations of using 2-legged > authentication with the provisioning apis, both within Marketplace > *and* non-marketplace applications. Are these statements true? > > - Marketplace apps are not allowed to do any 'write' access > to the provisioning apis (in other words, they can't do anything like > creating or modifying groups, provisioning accounts, etc.) > > - Two-legged Oauth *is* still enabled for read/write access > to the provisioning apis by non-Marketplace apps > > Thanks in advance, > > -Patricia -- You received this message because you are subscribed to the Google Groups "Google Apps Domain Information and Management APIs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-apps-mgmt-apis?hl=en. -- You received this message because you are subscribed to the Google Groups "Google Apps Domain Information and Management APIs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-apps-mgmt-apis?hl=en.
