Removing 2 Step Verification via Google Admin API Call

Questions & Answers
, , ,
1

Hello,

So I’m trying to set up a step wherein I use a Google Admin Workspace module to make an arbritary API call. Specifically I’m interested in removing/turning off a user’s 2 step verification as part of an off-boarding process. Unfortunately I’m running into a “[403] Request had insufficient authentication scopes.” error.

image
image452×666 36.9 KB

For my authentication: This is using custom Google user credentials (client ID/secret) with a created project on Google Cloud. The Oauth consent screen is setup and myself (a super admin within Google Workspace) is added as a test user to use it. The Admin SDK API is enabled and I have enabled two scopes:
/auth/admin.directory.user
/auth/admin.directory.user.security

For the API Call: I’m trying to use the twoStepVerification.turnOff function as explained here:
https://developers.google.com/admin-sdk/directory/reference/rest/v1/twoStepVerification/turnOff
My current setup looks like the below on Make:

image
image451×623 31.6 KB

Of course, the “10. Created” value will be the user’s email address.

I have tried reauthorising the credentials in Make.com and I have also tried turning on “domain wide delegation” for the oauth credentials but this didn’t make a difference.

Thanks!

3

For future reference if anyone has trouble with this, the fix was two things:

1st was manually including the scope:
https://www.googleapis.com/auth/admin.directory.user.security
in advanced settings when setting up the Connection:

image
image495×718 42.6 KB

The next step was setting the body of the API call. In the documentation it calls for an empty body, but you do have to add an open and close curly brackets for this:

image
image691×912 63.2 KB

3 Likes
4

Hey there @crusher4904 :wave:

Congrats on solving this problem on your own. Thank you for sharing your solution with us! :pray:

FYI: I marked your last comment as a solution so other users find it easily while searching for advice.