User was managed by G Suite, I login chrome book with the user, in a chrome extension/app, I can get the email/ID of current login user, how can I retrieve organizational unit info for current user?
I tried googleapis which I found cannot be used in chrome extension.
edit:
I don't want the end user view the login page, so I used google service account with Domain-wide delegation enabled; I also created a G Suite user which only have get user permission, with Nodejs googleapis and service account, I can retrieve org unit for user who has no user permission, Perform G Suite Domain-Wide Delegation of Authority is about how to use the service account. BUT this will not work in my extension.
If you request an ID token, consider using the hd parameter [1]. You could also try to use the cloud organizations search API [2].
[1] https://developers.google.com/identity/protocols/OpenIDConnect#id_token-hd [2] https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#body.request_body.FIELDS.filter