Google Workspace Service Account Credential setup for automated sending of emails and calendar automation with the .NET API Library
I have a Google Workspace with a few users in the directory, including a couple of Super Admins and regular users. I have set up a service account, created an API Client with Domain-wide Delegation.
In code, I have the following for setting up the credential:
GoogleCredential credential = GoogleCredential
.FromFile(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "my-project-112233445566.json"))
.CreateScoped("https://mail.google.com/")
.CreateWithUser("account@mydomain.com");
Note that the email address in CreateWithUser is a regular user in the directory. I have NOT set up Gmail Delegation for any users. I enabled Email Delegation in the Admin Console, but the section in the users Gmail Settings page has not appeared that would allow me to add a delegate. That shouldn't matter since I have done the Domain-wide Delegation, right?
After creating that credential above and trying to send a mail message, I receive the following error message:
The service gmail has thrown an exception. HttpStatusCode is Forbidden. Delegation denied for account@mydomain.com
In addition to Domain-wide Delegation do I need to explicitly delegate authority to the service account on a per-user basis? According to the documentation I don't.
If I DO need explicit email delegation, why have I not seen the "Grant access to your account" section on the Accounts page of the Gmail Settings?
Service Account Setup
Google Cloud => IAM & Admin => Service Accounts setting page
Google Workspace => Security => API Controls => Domain-wide Delegation
Is there something else that I need to do to make impersonation happen?
I'm posting the answer here for visibility since it was resolved in the chat
It seems that the issue was not in the impersonation but by changing the userId="me".
We also created a new project, services account, key, and domain-wide delegation following the steps in the Google Documentation here.
- How memory address for pointer to arrays is same as an element in 2D array?
- How to use ellipsis in c's case statement?
- Fast & accurate atan/arctan approximation algorithm
- How can I exclude non-numeric keys? CS50 Caesar Pset2
- Fast ceiling of an integer division in C / C++
- Is there an invalid pthread_t id?
- How does SIMD (avx) processing work? for example, if I want 10 32 bit floats how do i fit in a 256 bit avx vector?
- FDCAN problems on STM32G4
- How does the call macro enable mutual recursion between functions f and g in this Hanoi Tower implementation?
- Running test on Rocket core CPU - global variable initialized to 0 is unsuccessful, output wrong value instead
- Interacting with C arrays without knowing the size
- Combination of two strings
- Avoiding strcpy overflow destination warning
- carriage return by fgets
- How to use special characters in C?
- Why does 1.0/100.0 == 0.1/10.0 give True?
- Is it correct to compare pointers in C?
- Force free() to return malloc memory back to OS
- How can I print to standard error in C with 'printf'?
- What is the standard behavior of fread in C on Windows?
- How is strtok removing lines it shouldn't have access to?
- Using array as smart point in C
- Assigning string to malloced 2d char array not working as intended
- How to refactor repetition inside a Makefile?
- Why does an empty preprocessor command still evaluate to something?
- How to implement variable sized array within C struct
- Character array typecasting to integer
- Handling HTTP Headers in a Minimal C HTTP Server
- How to get the sign, mantissa and exponent of a floating point number
- Why do MCU libraries use logic operations instead of bitfield structs?