Hey everyone! I’m having trouble with the Google Drive API. I set up a service account with Domain-Wide Delegation (DWD) to get all files in our company domain. But it’s not working as expected.
I’m using this API call:
GET https://www.googleapis.com/drive/v3/files
?includeItemsFromAllDrives=true
&corpora=domain
&supportsAllDrives=true
The good news is I can get files for one user by impersonating them. But I can’t get ALL files across the domain.
I’ve already:
Enabled DWD for the service account
Added the right scopes for the Drive API
Am I missing something? Do I need extra permissions? Any help would be awesome!
I’ve dealt with this exact problem in my previous job. One thing that’s not immediately obvious is that the service account needs to be added to the Google Groups for Business API client access list. This is separate from the regular API access settings.
To do this, go to the Google Workspace Admin console, then to Security > API Controls > Domain-wide Delegation. Add your service account’s client ID there and make sure to include the https://www.googleapis.com/auth/drive.readonly scope.
Also, don’t forget to check your quotas. If you’re hitting API limits, you might not see all the files. You can increase these in the Google Cloud Console under the Quotas section.
Lastly, be patient. Depending on the size of your domain, it might take a while for all files to be returned. Consider implementing pagination in your code to handle large result sets.
hey jack, i ran into smth similar. make sure ur admin acct has full access to all files in the domain. also, check if the api call is using the right credentials (service acct). sometimes its tricky to spot. good luck man!
I’ve encountered this issue before when working with the Google Drive API for enterprise-level access. One crucial step that’s often overlooked is ensuring the service account has the necessary admin privileges within your Google Workspace domain. Specifically, you need to grant it the ‘View and manage the files of all users in your organization’ scope in the Admin console. Additionally, verify that the ‘teamDriveId’ parameter is not inadvertently set in your API request, as this can limit the results to a specific shared drive. Lastly, double-check that the API is enabled for your project in the Google Cloud Console. These steps should help you retrieve all domain files successfully.