I have an application which connects to G Suite via API (Directory API and GMail API).
An Admin has to login into our application once to get an API Access Token. With this Access Token all the following requests to the API are made. Everything works fine.
Problem: One Customer does not want to grant access to the whole Domain but only to some OUs (Organizational Units). Is this possible and if yes, how?
Thanks in advance
Check the Assign Admin Console UI roles. There you will see the roles and privileges that can be assigned to organizational units. You may choose which privilege to use depending on the access type you want for that OU.