Hey,
I am trying to properly create the GSuite project/app for using with rclone.
What I mean by properly:
I need to access a single gsuite users team drive/shared drive with rclone, using a service account. I dont want to create a absolute security disaster by allowing domain wide delegation, so I need to make the project a internal marketplace app for my gsuite, and then allow the app to access that users data.
Ive done all this.
Ive created the project, made it into the internal marketplace, added the app to the user I am looking to use rclone on. Created my rclone config, by adding the marketplace client id ad the rclone config client id, created a API Key and made it as the client secret for rclone. Ive also added the appropriate google drive permissions to my oauth popup. (But whats weird is that when I look at the user that I accepted it on, it says the app can access basic account information, and nothing about the GDrive permissions I set, and I have uninstalled and reinstalled the app on the user multiple times.)
I used impersonate option on config, to impersonate this user.
I am getting the client_unauthorized error when trying to access via RClone(Got it when I set the team drive on the config, ive tried copying files, it seems ok, but the files dont appear in GDrive, so im still getting it).
How do I properly set this up, what am I missing?
I am using the latest rclone for amd64 on Ubuntu.
EDIT: I ran the command wrong, when I run a copy command to the drive properly, it now fails 3 times with client_unauthorized error(The same one ive been getting all along ofcourse), the error description is: "Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested".
EDIT (A day later): I gave up trying to use the stupid service accounts and just made oauth tokens and a project on each user, and then verified it via webbrowser. works. Case closed.