Google::Apis::ClientError: forbiddenForServiceAccounts: Service accounts cannot invite attendees without Domain-Wide Delegation of Authority
RabeyaMuna opened this issue · 1 comments
PLEASE READ: If you have a support contract with Google, please create an issue in the support console instead of filing on GitHub. This will ensure a timely response.
I have integrated Google Calander API to generate a meet link and send the invitation to the attendees which requires domain and enable of Domain-Wide Delegation. For that, we need to have an administrative account to enable it.
is there anyone who can provide me administrative account?
Is there any other of testing it rather than creating an administrative account to enable the Domain?
credentials.json
{
"type": "",
"project_id": "",
"private_key_id": "",
"private_key": "",
"client_email": "",
"client_id": "",
"auth_uri": "",
"token_uri": "",
"auth_provider_x509_cert_url": "",
"client_x509_cert_url": ""
}
google_calendar.rb
require 'google/apis/calendar_v3'
require 'googleauth'
require 'googleauth/stores/file_token_store'
require 'fileutils'
class GoogleCalendar
def get_calendar_client
scope = 'https://www.googleapis.com/auth/calendar'
# privatekey = ENV.fetch('privatekey')
# signing_key = OpenSSL::PKey::RSA.new(privatekey.gsub('\\n', "\n"), 'notasecret')
# authorizer = Signet::OAuth2::Client.new(
# {
# signing_key: signing_key,
# token_credential_uri: 'https://oauth2.googleapis.com/token',
# # json_key_io: File.open('credentials.json'),
# audience: 'https://oauth2.googleapis.com/token',
# issuer: ENV.fetch('service_account_email', nil),
# person: 'munarabeya18@gmail.com',
# scope: scope
# }
# )
authorizer = Google::Auth::ServiceAccountCredentials.make_creds(
json_key_io: File.open('credentials.json'),
scope: scope
)
authorizer.fetch_access_token!
client = Google::Apis::CalendarV3::CalendarService.new
client.authorization = authorizer
client
end
def create_event(_current_user, _summary, _start_time, _end_time, _attendee_emails)
calendar_client = get_calendar_client
# create an event
event = Google::Apis::CalendarV3::Event.new(
summary: 'My Meeting',
start: Google::Apis::CalendarV3::EventDateTime.new(
date_time: _start_time,
time_zone: 'UTC'
),
end: Google::Apis::CalendarV3::EventDateTime.new(
date_time: _end_time,
time_zone: 'UTC'
),
attendees: _attendee_emails.map { |email| Google::Apis::CalendarV3::EventAttendee.new(email: email) },
conference_data: {
create_request: {
request_id: 'random-request-id'
}
}
)
result = calendar_client.insert_event('primary', event)
end
end
The error is:
calendar_client.insert_event('primary', event)
Google::Apis::ClientError: forbiddenForServiceAccounts: Service accounts cannot invite attendees without Domain-Wide Delegation of Authority.
from /Users/rabeyakhatunmuna/.rbenv/versions/3.1.2/lib/ruby/gems/3.1.0/gems/google-apis-core-0.11.0/lib/google/apis/core/http_command.rb:239:in `check_status'