ManageOauthClients from CLI

[benj...@gridworxwalls.com]

So, this happened:

(some time ago)

1- Created Service Account in Cloud Platform Project from https://console.cloud.google.com/iam-admin/serviceaccounts

2- Enabled multiple APIs from https://console.developers.google.com/apis/

3- Registered multiple API scopes using Service Account ID from https://admin.google.com/ManageOauthClients

4- Deployed mulitple scripts using some scopes from previous step to call APIs to act on Cloud Platform Project

...

(present day)

5- Enabled one additional API from https://console.developers.google.com/apis/

6- Registered one single API scope using Service Account ID from https://admin.google.com/ManageOauthClients

7- Deployed one script using single scope from previous step to call API to act on Cloud Platform Project

Unless I'm mistaken, step 6 overwrote step 3, and all of the scopes which were previously registered for the Service Account are no longer. As a result, all of the code deployed in step 4 is now raising "unauthorized client" exceptions. I believe one way to resolve these errors would be to concatenate the scope from step 6 with the scopes from step 3 in a single, comma-separated list. The problem is, I have no record of the original values registered in step 3.

Going forward, I could plan to create a new service account for every round of additions, but I don't want to do that. What I want is command line access to Admin-Security-Advanced-Authentication-ApiClientAccess, similar to `gcloud iam service-accounts list` or `gcloud services list --enabled` so that I can get a plain-text record of all my Cloud Platform Project settings under version control. Is this available? Is there another way to avoid the pitfall I encountered?

Any feedback is appreciated.

Benjamin

[Jordan (Cloud Platform Support)]

This looks like a limitation or issue with the G Suit Admin Dashboard, and not Google Cloud specifically. It is therefore recommended to report your findings directly to the G Suit team via the 'Contact Us' button in the top right of the associated help page.  

- Note that Google Groups is reserved for general product discussions, and not for reporting Google-end issues. All further communications should occur with G Suit support as mentioned above.