Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Creating and setting custom attributes for Google Admin SDK

I've been reading this documentation on how to update custom attributes for users. From how this is written, it seems as though I would be able to do the following:

    email = "[email protected]"
    results = service.users().list(domain="a.com",projection="full",query='email={0}'.format(email)).execute()

    if len(results["users"]) == 1:
        user = results["users"][0]
        user["customSchemas"]["TEST"] = "TEST"
        try:
            userResponse = service.users().update(userKey=email, body=user).execute()
        except HttpError, e:
            print(e)

However, I am thrown the error:

https://www.googleapis.com/admin/directory/v1/users/test%40test.com?alt=json returned "Not Authorized to access this resource/api">

I'm not sure if the error is because I am trying to update the fields incorrectly, if the escaping of the @ in the url is causing issues, or if I don't have the proper scopes (I am using https://www.googleapis.com/auth/admin.directory.user, https://www.googleapis.com/auth/admin.directory.domain, https://www.googleapis.com/auth/admin.directory.userschema).

How can I create custom attributes (for everyone) and update them for a user using the python SDK?

like image 434
user25093 Avatar asked Aug 03 '18 21:08

user25093


People also ask

How do I create a custom attribute in Active Directory?

To create a new Attribute:Choose File > Add or Remove Snap-ins then select the Active Directory Schema option. Double-click or click Add then click OK to load the Snap-in. Once the Snap-in has been loaded, expand this out, right-click on the Attributes entry then select Create Attribute... to continue.

What are custom attributes?

A custom attribute is an additional property that you can define to help describe business glossary assets. Labels are keywords that you can define to help describe any type of asset in the metadata repository. Users can use both custom attributes and labels to refine a search in the business glossary.

Which API can you use to list create and modify Google workspace users?

The Directory API is used to create and manage resources attached to your Google Workspace domain, such as users, org charts, and groups.


1 Answers

I suggest that you refer to the following documentation:

  • Create a Custom Schema
  • Set Custom Schema fields for a given user

Below you can find an example of how to create a custom schema and use it for users

# third parties imports
from googleapiclient.discovery import build
from httplib2 import Http
from oauth2client.service_account import ServiceAccountCredentials

# modify according to your requirements
CLIENT_SECRET = 'client.json'  # the credentials downloaded from the GCP Console
ADMIN_USER = '[email protected]'  # The admin user used by the service account
SCHEMA_USER = '[email protected]'  # The user for which the custom schema will be set
SCHEMA_NAME = 'TestSchema'  # the name of the schema we want to work with

# Scopes
SCOPES = ['https://www.googleapis.com/auth/admin.directory.userschema',  # to create the schema
          'https://www.googleapis.com/auth/admin.directory.user', ]  # to manage users

# service account initialization
credentials = ServiceAccountCredentials.from_json_keyfile_name(CLIENT_SECRET, scopes=SCOPES)
delegated_admin = credentials.create_delegated(ADMIN_USER)
admin_http_auth = delegated_admin.authorize(Http())

admin_sdk = build('admin', 'directory_v1', http=admin_http_auth)  # Admin SDK service

# we list all the schemas...
schema_list_params = {
    'customerId': 'my_customer',
    'fields': 'schemas/schemaName',
}
schema_list = admin_sdk.schemas().list(**schema_list_params).execute()

# ... And we create a set with the names of the custom schemas
unique_schemas = set()
for schema in schema_list['schemas']:
    unique_schemas.add(schema['schemaName'])

# if the schema we want to work with is not there, we create it
if SCHEMA_NAME not in unique_schemas:
    schema_insert_params = {
        'customerId': 'my_customer',
        'body': {
            'schemaName': SCHEMA_NAME,
            'displayName': 'Test Schema',
            'fields': [
                {
                    'fieldName': 'TestField',
                    'fieldType': 'STRING',
                    'displayName': 'Test Field',
                    'multiValued': False,
                }
            ]
        },
    }
    schema_insert = admin_sdk.schemas().insert(**schema_insert_params).execute()

# we set a value for our custom schema on the desired user
user_patch_params = {
    'userKey': SCHEMA_USER,
    'body': {
        'customSchemas': {
            SCHEMA_NAME: {
                'TestField': 'My cool test value!'
            },
        },
    },
}
user_patch = admin_sdk.users().patch(**user_patch_params).execute()
like image 113
Lorenzo Persichetti Avatar answered Sep 28 '22 05:09

Lorenzo Persichetti