Go quickstart

Complete the steps described in the rest of this page to create a simple Go command-line application that makes requests to the Admin SDK API.

Prerequisites

To run this quickstart, you need the following prerequisites:

Go, latest version recommended.
Git, latest version recommended.
A Google Cloud Platform project with the API enabled. To create a project and enable an API, refer to Create a project and enable the API

Authorization credentials for a desktop application. To learn how to create credentials for a desktop application, refer to Create credentials.

A Google Workspace domain with API access enabled.
A Google account in that domain with administrator privileges.

Step 1: Prepare the workspace

Set the GOPATH environment variable to your working directory.
Get the Admin SDK API Go client library and OAuth2 package using the following commands:

go get -u google.golang.org/api/admin/reports/v1
go get -u golang.org/x/oauth2/google

Step 2: Set up the sample

Create a file named quickstart.go in your working directory and copy in the following code:

admin_sdk/reports/quickstart.go

View on GitHub

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
	"os"
	"time"

	"golang.org/x/oauth2"
	"golang.org/x/oauth2/google"
	admin "google.golang.org/api/admin/reports/v1"
	"google.golang.org/api/option"
)

// Retrieve a token, saves the token, then returns the generated client.
func getClient(config *oauth2.Config) *http.Client {
	// The file token.json stores the user's access and refresh tokens, and is
	// created automatically when the authorization flow completes for the first
	// time.
	tokFile := "token.json"
	tok, err := tokenFromFile(tokFile)
	if err != nil {
		tok = getTokenFromWeb(config)
		saveToken(tokFile, tok)
	}
	return config.Client(context.Background(), tok)
}

// Request a token from the web, then returns the retrieved token.
func getTokenFromWeb(config *oauth2.Config) *oauth2.Token {
	authURL := config.AuthCodeURL("state-token", oauth2.AccessTypeOffline)
	fmt.Printf("Go to the following link in your browser then type the "+
		"authorization code: \n%v\n", authURL)

	var authCode string
	if _, err := fmt.Scan(&authCode); err != nil {
		log.Fatalf("Unable to read authorization code: %v", err)
	}

	tok, err := config.Exchange(context.TODO(), authCode)
	if err != nil {
		log.Fatalf("Unable to retrieve token from web: %v", err)
	}
	return tok
}

// Retrieves a token from a local file.
func tokenFromFile(file string) (*oauth2.Token, error) {
	f, err := os.Open(file)
	if err != nil {
		return nil, err
	}
	defer f.Close()
	tok := &oauth2.Token{}
	err = json.NewDecoder(f).Decode(tok)
	return tok, err
}

// Saves a token to a file path.
func saveToken(path string, token *oauth2.Token) {
	fmt.Printf("Saving credential file to: %s\n", path)
	f, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
	if err != nil {
		log.Fatalf("Unable to cache oauth token: %v", err)
	}
	defer f.Close()
	json.NewEncoder(f).Encode(token)
}

func main() {
	ctx := context.Background()
	b, err := ioutil.ReadFile("credentials.json")
	if err != nil {
		log.Fatalf("Unable to read client secret file: %v", err)
	}

	// If modifying these scopes, delete your previously saved token.json.
	config, err := google.ConfigFromJSON(b, admin.AdminReportsAuditReadonlyScope)
	if err != nil {
		log.Fatalf("Unable to parse client secret file to config: %v", err)
	}
	client := getClient(config)

	srv, err := admin.NewService(ctx, option.WithHTTPClient(client))
	if err != nil {
		log.Fatalf("Unable to retrieve reports Client %v", err)
	}

	r, err := srv.Activities.List("all", "login").MaxResults(10).Do()
	if err != nil {
		log.Fatalf("Unable to retrieve logins to domain. %v", err)
	}

	if len(r.Items) == 0 {
		fmt.Println("No logins found.")
	} else {
		fmt.Println("Logins:")
		for _, a := range r.Items {
			t, err := time.Parse(time.RFC3339Nano, a.Id.Time)
			if err != nil {
				fmt.Println("Unable to parse login time.")
				// Set time to zero.
				t = time.Time{}
			}
			fmt.Printf("%s: %s %s\n", t.Format(time.RFC822), a.Actor.Email,
				a.Events[0].Name)
		}
	}
}

Step 3: Run the sample

Build and run the sample using the following command from your working directory:

go run quickstart.go

The first time you run the sample, it prompts you to authorize access:

Browse to the provided URL in your web browser.

If you're not already signed in to your Google account, you're prompted to sign in. If you're signed in to multiple Google accounts, you are asked to select one account to use for authorization.
Click the Accept button.
Copy the code you're given, paste it into the command-line prompt, and press Enter.

Notes

Authorization information is stored on the file system, so subsequent executions don't prompt for authorization.
The authorization flow in this example is designed for a command-line application. For information on how to perform authorization in a web application, see Using OAuth 2.0 for Web Server Applications .

Troubleshooting

This section describes some common issues that you may encounter while attempting to run this quickstart and suggests possible solutions.

`This app isn't verified`

If the OAuth consent screen displays the warning "This app isn't verified," your app is requesting scopes that provide access to sensitive user data. If your application uses sensitive scopes, your your app must go through the verification process to remove that warning and other limitations. During the development phase you can continue past this warning by clicking Advanced > Go to {Project Name} (unsafe).

`File not found error for credentials.json`

When running the sample, you might receive a file not found or no such file error regarding credentials.json.

This error occurs when you have not authorized the desktop application credentials as detailed in the Prerequisites section above. To learn how to create credentials for a desktop application, go to Create credentials.

Once you create the credentials, make sure the downloaded JSON file is saved as credentials.json. Then move the file to your working directory with the rest of the sample quickstart code.