I'm trying to access the new Android Management API for our organization but I run into problems accessing the API. Everything runs fine when accessing the API through the API explorer. To run this on our server, I have created a new project in the Google cloud console and created a service account there. I downloaded the key and use this for local testing on my machine. However, upon the first signupUrl call, I get a 403 error, stating: "Caller is not authorized to manage project.". The service account I'm using has the "Project Owner" role, I don't see how I can give it even more privileges...
The code I'm using:
def initial_enterprise_user(request):
enterprise_token = request.GET.get('enterpriseToken')
usr = request.user
scopes = ['https://www.googleapis.com/auth/androidmanagement']
credentials = ServiceAccountCredentials.from_json_keyfile_name(settings.SERVICE_ACCOUNT, scopes=scopes)
if enterprise_token is None:
androidmanagement = build('androidmanagement', 'v1', credentials=credentials)
resp = androidmanagement.signupUrls().create(projectId=settings.ANDROID_MGMT_PROJECTID).execute()
if resp.status_code == 200:
usr.signup_url_name = resp.json()['name']
usr.save()
return render(request, 'initial_login.html', {'response_url': resp.json()['url']})
else:
return HttpResponse('Failed to get signup url')
else:
# handle token present
I created a new project in the system, creating the service account before enabling the Android management API. The service account was created with the "Owner" role selected. This seems to have enabled the right sequence in the app, as it is now working. Previously, I had added the API to the project and then created my service accounts, linking it to the API afterward