Directory API

domains.list

403:domainCannotUseApis

Cause
Customer has disabled reseller access to the Admin SDK as detailed in this support article.
Recommendation
Message customer to re-enable if access to the Admin SDK is critical for management of customer.

403:forbidden

Cause
Either Reseller does not own customer, or customer has disabled reseller access to their admin console as detailed in this support article.
Recommendation
Either call customers.get before making these calls to verify reseller ownership of customer, or message customer to re-enable reseller access to their Admin console if it is critical for management of customer.

users.get

400:badRequest

Cause
Incorrect parameter value was passed into method. Most common parameter at fault is userKey.
Recommendation
Verify that the value passed into the userKey parameter is either the user's primary email address, alias email address, or unique user ID.

403:forbidden

Cause
Either reseller does not own customer, or customer has disabled reseller access to their admin console as detailed in this support article.
Recommendation
Either call customers.get before making these calls to verify reseller ownership of customer, or message customer to re-enable reseller access to their Admin console if it is critical for management of customer.

403:usageLimits.accessNotConfigured

Cause
API is not enabled in the cloud project.
Recommendation
Go to cloud console and enable respective API in cloud project.

users.insert

403:forbidden

Cause
Either reseller does not own customer, or customer has disabled reseller access to their admin console as detailed in this support article.
Recommendation
Either call customers.get before making these calls to verify reseller ownership of customer, or message customer to re-enable reseller access to their Admin console if it is critical for management of customer.

403:usageLimits.accessNotConfigured

Cause
API is not enabled in the cloud project.
Recommendation
Go to cloud console and enable respective API in cloud project.

409:duplicate

Cause
Primary email (username@domain) already exists within:
  • Current G Suite account being created/managed
  • Another Google product (not G Suite)
Recommendation
Call users.get and if you get a successful 200 response then the user already exists in the customer's G Suite Account.

If users.get returns 403 forbidden, then either:
  • Primary email has been used previously for a different Google product and the customer domain must first be verified before this user can successfully be added.
  • Domain in primary email parameter is not a resold customer of reseller

If you have the ability to verify the customer domain:
  • Create a temporary admin user (e.g. temp@domain.com) using users.insert and continue provisioning to final domain verification step
  • When verifying domain, add the temporary user into the owners[] parameter of the request body for the webResource.insert call. Make this call until 200 response received.
  • Once verified, rename temporary username to original desired name using either users.patch or users.update

If you don't have the ability to verify the customer domain:
  • Insert a temporary user (e.g. temp@domain.com)
  • Have your customer sign in using the temporary user and verify their domain through the admin console
  • Once domain is verified, customer may rename to original desired name OR you may rename on their behalf

412:limitExceeded

Cause
The customer has reached their maximum seat limit.
Recommendation
Use subscriptions.changeSeats to increase customer seat limit:
  • For FLEXIBLE, increase maximumNumberOfSeats
  • For ANNUAL, increase numberOfSeats

users.list

400:badRequest

Cause
Incorrect parameter value was passed into method. Most common parameters at fault:
  • customer
  • domain
Recommendation
Verify the following parameters:
  • customer - Only pass the customerId that was generated by Google into this parameter.. Do not pass the actual customer domain into this parameter.
  • domain - Only pass the actual customer domain into this parameter. Do not pass the customerId that was generated by Google into this parameter.
Resellers are encouraged to use the customer parameter when calling this method because if a customer has secondary domains, calling users.list with the domain parameter will only return users with email addresses on that particular domain.

403:domainCannotUseApis

Cause
Customer has disabled reseller access to the Admin SDK as detailed in this support article.
Recommendation
To get the count of current licensed users, instead of calling the users.list method, use the licensedNumberOfSeats field from the subscription resource, as the access to the Reseller API cannot be restricted by the customer.

If it is critical to get more details on users, communicate with the customer so they re-enable the API access using the process described in this support article.

403:forbidden

Cause
Either reseller does not own customer, or customer has disabled reseller access to their admin console as detailed in this support article.
Recommendation
Either call customers.get before making these calls to verify reseller ownership of customer, or message customer to re-enable reseller access to their Admin console if it is critical for management of customer.

403:usageLimits.accessNotConfigured

Cause
API is not enabled in the cloud project.
Recommendation
Go to cloud console and enable Directory API in cloud project.

Invia feedback per...

G Suite Reseller API
G Suite Reseller API
Hai bisogno di assistenza? Visita la nostra pagina di assistenza.