Search code examples
phpgmailgmail-apisignature

Gmail API Signature Server Side

I want to change all signatures from my Gmail domain. This domain has many accounts, and I need to change it from server-side.

I'm using php, and I started my project with: php composer.phar require google/apiclient:2.0

I wrote one code, but when I try to update one email (like [email protected]), I receive:

{ "error": { "errors": [ { "domain": "global", "reason": "insufficientPermissions", "message": "Insufficient Permission" } ], "code": 403, "message": "Insufficient Permission" } }

My code (using API client library) is something like:

<?php

// initialize gmail
function getService() {
    try {
        include_once __DIR__ . '/vendor/autoload.php';

        $client = new Google_Client();

        $credentials_file = __DIR__ . '/credentials/gmailAPI.json';

        // set the location manually. Credential server-side
        $client->setAuthConfig($credentials_file);

        $client->setApplicationName("GmailAPI");
        $client->setScopes(['https://apps-apis.google.com/a/feeds/emailsettings/2.0/']);

        $gmail = new Google_Service_Gmail($client);

        return $gmail;
    } catch (Exception $e) {
        throw new Exception($e->getMessage());
    }
}

function updateSignature(&$gmail) {
    try {
        // Start sendAs
        $signature = new Google_Service_Gmail_SendAs();
        // Configure Signature
        $signature->setSignature("Any HTML text here.");

        // Update account and print answer
        var_dump($gmail->users_settings_sendAs->update("[email protected]","[email protected]",$signature));
    } catch (Exception $e) {
        throw new Exception($e->getMessage());
    }

}

try {
    $gmail = getService();
    updateSignature($gmail);
} catch (Exception $e) {
    echo $e->getMessage();
}

?>

My credential file (gmailAPI.json) is one service account key, and I'm using Google for Work.

I created this credential using one administrator account from this domain.

My credential file is:

{
  "type": "service_account",
  "project_id": "myProjectId",
  "private_key_id": "myPrivateKeyid",
  "private_key": "myPrivateKey",
  "client_email": "[email protected]",
  "client_id": "myId",
  "auth_uri": "url",
  "token_uri": "url",
  "auth_provider_x509_cert_url": "url",
  "client_x509_cert_url": "url"
}

Edit 1

I changed the scopes as instructed, and now my scopes are:

$client->setScopes(['https://www.googleapis.com/auth/gmail.settings.basic','https://www.googleapis.com/auth/gmail.settings.sharing']);

I also added permision on Google (/AdminHome?chromeless=1#OGX:ManageOauthClients) to my service account key.

I tried API explorer and it works. When i changed the scopes, the error changed to:

{ "error": { "errors": [ { "domain": "global", "reason": "failedPrecondition", "message": "Bad Request" } ], "code": 400, "message": "Bad Request" } }

I'm using this command:

var_dump($gmail->users_settings_sendAs->update("[email protected]","[email protected]",$signature));

I tried also

var_dump($gmail->users_settings_sendAs->get("[email protected]","[email protected]"));

But I received same error.

Solution

  • Thank You everyone.

    I tried a lot of codes, and finally found one that works.

    include_once __DIR__ . '/vendor/autoload.php';
// credential file (service account)
$credentials_file = __DIR__ . '/credentials/gmailAPI.json';
putenv('GOOGLE_APPLICATION_CREDENTIALS='.$credentials_file);
// Initialize Google Client
$client = new Google_Client();
$client->useApplicationDefaultCredentials();
// scopes to change signature
$client->setScopes(['https://www.googleapis.com/auth/gmail.settings.basic','https://www.googleapis.com/auth/gmail.settings.sharing']);
// *important* -> Probably because delegated domain-wide access.
$client->setSubject("[email protected]");
// Initialize Gmail
$gmail = new Google_Service_Gmail($client);
// set signature
$signature = new Google_Service_Gmail_SendAs();
$signature->setSignature("HTML code here.");
// update signature
$response = $gmail->users_settings_sendAs->update("[email protected]","[email protected]",$signature)->setSignature();
// get signature
$response = $gmail->users_settings_sendAs->get("[email protected]","[email protected]")->getSignature();
echo json_encode($response);

    I commented all code, and I used https://developers.google.com/api-client-library/php/auth/service-accounts to create it.

    Atention -> You need to give permission on Gmail, and create server key (with domain-wide access).