Hi Michael, Thanks for the pointer. I'll see what I can do to get things working with 3-legged for now. Are the plans to eventually make everything available via 2-legged?
Cheers, Rob. On Wed, Mar 2, 2011 at 4:51 PM, Michael Manoochehri <[email protected]>wrote: > Hi Robert: > > Sorry for the confusion about this issue. The Audit API currently does > not allow for authentication using 2-legged OAuth. However, some > Google Apps Domain API do allow either read or full read-write > capabilities using 2-legged OAuth. > > See this page for a list of the APIs, the scopes, and the level of > access available using 2-legged OAuth: > http://www.google.com/support/a/bin/answer.py?hl=en&answer=162105 > > Thanks, > - Michael > > > On Feb 24, 4:54 pm, Robert Norris <[email protected]> wrote: > > I make this request: > > > > POSThttps:// > apps-apis.google.com/a/feeds/compliance/audit/account/domain/... > > Authorization: OAuth > > > oauth_consumer_key="domain",oauth_nonce="...",oauth_signature_method="HMAC- > > SHA1",oauth_timestamp="1298594617",oauth_version="1.0" > > User-Agent: libwww-perl/5.805 > > Content-Type: application/atom+xml > > GData-Version: 2.0 > > > > <atom:entry xmlns:atom='http://www.w3.org/2005/Atom'/> > > > > I get the following response: > > > > HTTP/1.1 401 Unknown authorization header > > Cache-Control: private, max-age=0 > > Connection: close > > Date: Fri, 25 Feb 2011 00:43:38 GMT > > Server: GSE > > WWW-Authenticate: GoogleLogin realm="http://www.google.com/accounts/ > > ClientLogin", service="apps" > > Content-Type: text/html; charset=UTF-8 > > Expires: Fri, 25 Feb 2011 00:43:38 GMT > > Client-Date: Fri, 25 Feb 2011 00:43:38 GMT > > Client-Peer: 74.125.113.118:443 > > Client-Response-Num: 1 > > Client-SSL-Cert-Issuer: /C=US/O=Google Inc/CN=Google Internet > > Authority > > Client-SSL-Cert-Subject: /C=US/ST=California/L=Mountain View/O=Google > > Inc/CN=*.google.com > > Client-SSL-Cipher: RC4-SHA > > Client-SSL-Warning: Peer certificate not verified > > Title: Unknown authorization header > > X-Content-Type-Options: nosniff > > X-Frame-Options: SAMEORIGIN > > X-XSS-Protection: 1; mode=block > > > > The code I use to generate the signatures and make the request (Perl's > > Net::OAuth and a light wrapper around LWP::UserAgent) is working very > > well for 2-legged OAuth against Calendar, Docs, Sites, etc. I've only > > been able to make Audit work with ClientLogin. I've not tried other > > management APIs so this may be a general limitation in these APIs. Is > > 2-legged OAuth supported for the Audit API? > > -- > You received this message because you are subscribed to the Google Groups > "Google Apps Domain Information and Management APIs" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-apps-mgmt-apis?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Google Apps Domain Information and Management APIs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-apps-mgmt-apis?hl=en.
