Thanks Jay. I was hoping to get an answer from Google but nobody replied yet. Anyone?
On Friday, September 7, 2012 9:37:17 AM UTC-3, Jay Lee wrote: > > @PeterB: OAuth2 doesn't support 2-legged yet which is why he needs to use > 1.0a > > @Matias: You'd need to speak to Google as to when 2-legged OAuth 1.0a will > be deprecated but being that it's the only solution available for their > marketplace apps today, I can't see them deprecating it very quickly. > > Jay > > On Friday, September 7, 2012 4:43:04 AM UTC-4, PeterB wrote: >> >> The Provisioning API Scopes are fully supported by oAuth 2.0. Since oAuth >> 1.0 is on its way out, I'd advise to migrate as soon as you can >> >> On Friday, September 7, 2012 1:17:09 AM UTC+2, woloski wrote: >>> >>> Thanks Jay. That still puts the burden on the administrator though. In >>> my scenario I sell an application that integrates with Google Apps. I want >>> the admin to do the least amount of things to be up and running quickly. If >>> I ask him/her to create a special role and assign all its users to that >>> role just because I want to get the groups each user belong to it sounds to >>> me very intrusive. Instead if I could say "Give permission to this app XXX >>> to the following scopes YYY" like you can do today through the control >>> panel, that sounds like a better way to give permissions. >>> >>> I managed to do it using OAuth 1.0a 2-legged auth but could not do it >>> with Service Accounts and OAuth2. Seems like the Google Api console does >>> not support the provisioning API yet. >>> >>> I am wondering, if OAuth 1.0a is deprecated my app won't work anymore >>> and I have to move to OAuth2. Someone from Google knows when this will >>> happen? When will OAuth 1.0a be retired? >>> >>> Thanks >>> Matias >>> >>> On Thursday, September 6, 2012 6:05:59 PM UTC-3, Jay Lee wrote: >>>> >>>> Hi woloski, >>>> >>>> You can create delegated administrator accounts that only have rights >>>> to perform read operations against users using the Provisioning API. See >>>> below. >>>> >>>> http://support.google.com/a/bin/answer.py?hl=en&answer=2406043 >>>> >>>> Jay >>>> >>>> On Sunday, August 26, 2012 2:49:12 PM UTC-4, woloski wrote: >>>>> >>>>> It seems the only way to know if a user is a Google Apps administrator >>>>> is by using the Provisioning API >>>>> >>>>> >>>>> https://developers.google.com/google-apps/provisioning/#retrieving_user_accounts >>>>> >>>>> Asking a user to enable the Provisioning API and allow access to >>>>> everything seems a bit too much just to get read-only information about >>>>> him/her. Ideally, this information should come as part of the user >>>>> profile, >>>>> together with the groups he belongs to. >>>>> >>>>> Is there another way to get the information? I want just read-only >>>>> access. Another option would be to use Service Accounts through Google >>>>> API >>>>> Console so that the end user doesn't have to give consent to access such >>>>> APIs and it's a one-time thing. Is that possible? >>>>> >>>>> Thanks, >>>>> Matias >>>>> >>>> -- You received this message because you are subscribed to the Google Groups "Google Apps Domain Information and Management APIs" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-apps-mgmt-apis/-/6YOwiBn02sEJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-apps-mgmt-apis?hl=en.
