I tried to create Schema for the google workspace directory with golang client, with this code:
config, err := google.ConfigFromJSON(b, admin.AdminDirectoryUserReadonlyScope, admin.AdminDirectoryUserScope,
admin.AdminDirectoryCustomerScope, admin.AdminDirectoryCustomerReadonlyScope)
if err != nil {
log.Fatalf("Unable to parse client secret file to config: %v", err)
}
srv, err := admin.NewService(ctx, option.WithHTTPClient(client))
if err != nil {
log.Fatalf("Unable to retrieve directory Client %v", err)
}
schemaCall := srv.Schemas.Insert("C03uwpzz5", &admin.Schema{
Fields: []*admin.SchemaFieldSpec{
{
DisplayName: "Display Name",
FieldName: "EmployeeNumber",
FieldType: "STRING",
MultiValued: false,
},
},
})
_, errDo := schemaCall.Do()
if errDo != nil {
log.Fatalf("Unable to retrieve directory Client %v", errDo)
}
the reference of this code are these topics:
https://developers.google.com/admin-sdk/directory/v1/guides/manage-schemas#create_schema
https://developers.google.com/admin-sdk/directory/v1/quickstart/go
but each time I'm receiving this error
2023/02/16 00:38:11 Unable to retrieve directory Client googleapi: Error 403: Request had insufficient authentication scopes.
Details:
[
{
"@type": "type.googleapis.com/google.rpc.ErrorInfo",
"domain": "googleapis.com",
"metadata": {
"method": "ccc.hosted.frontend.directory.v1.DirectorySchemas.Insert",
"service": "admin.googleapis.com"
},
"reason": "ACCESS_TOKEN_SCOPE_INSUFFICIENT"
}
]
More details:
Reason: insufficientPermissions, Message: Insufficient Permission
I tried all related scopes and unfortunately I could not fin the right one.
I found the correct scope.
It's https://www.googleapis.com/auth/admin.directory.userschema