I am attempting to use the Gmail API to import messages to a user. https://developers.google.com/gmail/api/v1/reference/users/messages/import
I can do this successfully for most users using the following request. The bearer token is generated using a service account p12 certificate/key file. The scopes listed in the documentation have been setup.
POST https://www.googleapis.com/upload/gmail/v1/users/my.destination@domain.com/messages/import?uploadType=multipart&deleted=true HTTP/1.1
Authorization: Bearer ya29.mytoken
{"labelIds":[]}
However, when I try to use this endpoint for a user flagged as archived, then I receive the following response.
HTTP/1.1 403 Forbidden
{
"error": {
"code": 403,
"message": "The request is missing a valid API key.",
"errors": [
{
"message": "The request is missing a valid API key.",
"domain": "global",
"reason": "forbidden"
}
],
"status": "PERMISSION_DENIED"
}
}
Is it possible to import messages to an archived user? Are there additional steps needed to authenticate this request?
Archived users are just accounts that have data retained. Importing messages is not possible as their Gmail is put on hold.
As per the documentation on Preserving data for users who leave your organization:
If a user leaves your organization and you want to continue to retain or hold that user's data with Google Vault, a G Suite administrator should use Archived User (AU) to preserve the user’s data.
Data is also preserved for a suspended account, but the account can receive no new messages.
Archiving a user places their Google Chat and Gmail on hold, as per this documentaiton on managing for employee data. The process of placing Gmail messages on hold is detailed here