When using the Google Apps User Provisioning and Synch utility, administrators occasionally receive a 500 Error during the import process. This occurs after an admin has successfully established an OAuth connection and attempts to import users.
Cause:
The most prevalent cause of this is the Google Apps account itself not having API Access enabled under admin.google.com > Security > API Reference > API access.
Resolution:
We recommend that you enable the API access setting and re-attempt to import users.
When a new user is created in JumpCloud, their account is not synchronized to and does not appear in Google Workspace list of users. Existing users will synchronize without issue.
Cause:
The Google Workspace instance has run out of available license seats.
Resolution:
You'll need to increase the number of seats in your Google Workspace instance.
When you attempt to authorize the Google Workspace Directory integration using a Super Administrator account, you can receive an “Error 400: admin_policy_enforced” error message.
There are three common causes for the "Error 400: admin_policy_enforced" message:
Cause 1:
API Access is Restricted.
To fix this and Enable API Access:
- Log in to the Google Workspace Admin Console.
- Go to Security > API Controls > Manage Google Services
- FindGoogle Workspace Admin and select Change Access
- Select Unrestricted: Any user-approved app can access a service to enable API Access
Cause 2:
One of the systems is disabled.
To fix this and enable systems:
- Log in to the Google Workspace Admin Console.
- Go to Security > API Permissions.
- Enable any disabled systems:
Cause 3:
URL Blocking is blocking necessary URLs like the GAM client_id.
To fix this and unblock necessary URLs:
- Log in to the Google Workspace Admin Console.
- Go to Devices > Chrome Settings > User Settings.
- Confirm that necessary URLs aren’t blocked.