java - TokenResponseException: 401 Unauthorized Exception when trying to access Admin SDK Google API. -

i trying extract of users in domain accessing google admin sdk api. given 401 unauthorized exception. code below settings class contains method call api.

 package com.brookfieldres.operations;     import java.io.file;    import java.io.ioexception;    import java.security.generalsecurityexception;    import java.util.arraylist;    import java.util.resourcebundle;     import org.apache.log4j.logger;     import com.brookfieldres.common.constants;    import com.google.api.client.googleapis.auth.oauth2.googlecredential;    import com.google.api.client.googleapis.auth.oauth2.googlecredential.builder;    import com.google.api.services.admin.directory.directory;    import com.google.api.services.admin.directory.directoryscopes;      public class gcauthentication {          private static final logger _log =      logger.getlogger(gcauthentication.class.getname());       static resourcebundle resources =  resourcebundle.getbundle("resources");   //  public static string serviceacc = resources.getstring("service_acc_email");  //  public static string privkeypath = resources.getstring("private_key_path");  //  public static string useremail = resources.getstring("admin_acc");         public static directory getdirectoryservice(string serviceacc, string privkeypath, string useremail) throws ioexception, generalsecurityexception, nullpointerexception {      //  final arraylist<string> dirscopes = new arraylist<string>();      //      dirscopes.add(directoryscopes.admin_directory_user);            constants.dirscopes = new arraylist<string>();          constants.dirscopes.add(directoryscopes.admin_directory_user);          constants.dirscopes.add(directoryscopes.admin_directory_customer);          constants.dirscopes.add(directoryscopes.admin_directory_orgunit);          googlecredential gcreds = new googlecredential.builder()         .setjsonfactory(constants.json_factory)         .settransport(constants.http_transport)         .setserviceaccountid(serviceacc)         .setserviceaccountuser(useremail)         .setserviceaccountprivatekeyfromp12file(new file(privkeypath))         .setserviceaccountscopes(constants.dirscopes)         .build();           directory directory = new directory.builder(constants.http_transport, constants.json_factory, gcreds).setapplicationname(constants.application_name).build();           return directory;       }   } 

the code below test case using pull users domain:

package com.brookfieldres.library.test;  import org.junit.before; import org.junit.test;  import static org.junit.assert.assertfalse;  import java.io.ioexception; import java.security.generalsecurityexception; import org.junit.after;  import com.brookfieldres.operations.gcauthentication; import com.google.api.client.repackaged.com.google.common.base.strings; import com.google.api.services.admin.directory.directory; import com.google.api.services.admin.directory.model.customer; import com.google.api.services.admin.directory.model.user;  public class extractiontest {   @before      public void setup(){}  @test     public void getemails() throws ioexception, nullpointerexception, generalsecurityexception{           try {              directory directory = gcauthentication.getdirectoryservice("xxxxxxx", "xxxxxxxx", "xxxxxxx");              system.out.println("the connection google established");              user user1 = directory.users().get("xxxxxxxx@xxxx.ca").execute();              system.out.println("user pulled.");       //      assertfalse(user1 == null);       //      if(user1 != null){      //          system.out.println("name= " + user1.getname());     //      }          }catch(nullpointerexception e) {              e.printstacktrace();         }catch (ioexception e){              e.printstacktrace();         }catch (generalsecurityexception e) {              e.printstacktrace();         }       }  @after     public void teardown(){ }  } 

and here exception faced with.

the connection google established com.google.api.client.auth.oauth2.tokenresponseexception: 401 unauthorized     @ com.google.api.client.auth.oauth2.tokenresponseexception.from(tokenresponseexception.java:105)     @ com.google.api.client.auth.oauth2.tokenrequest.executeunparsed(tokenrequest.java:287)     @ com.google.api.client.auth.oauth2.tokenrequest.execute(tokenrequest.java:307)     @ com.google.api.client.googleapis.auth.oauth2.googlecredential.executerefreshtoken(googlecredential.java:384)     @ com.google.api.client.auth.oauth2.credential.refreshtoken(credential.java:489)     @ com.google.api.client.auth.oauth2.credential.intercept(credential.java:217)     @ com.google.api.client.http.httprequest.execute(httprequest.java:868)     @ com.google.api.client.googleapis.services.abstractgoogleclientrequest.executeunparsed(abstractgoogleclientrequest.java:419)     @ com.google.api.client.googleapis.services.abstractgoogleclientrequest.executeunparsed(abstractgoogleclientrequest.java:352)     @ com.google.api.client.googleapis.services.abstractgoogleclientrequest.execute(abstractgoogleclientrequest.java:469)     @ com.brookfieldres.library.test.extractiontest.getemails(extractiontest.java:36)     @ sun.reflect.nativemethodaccessorimpl.invoke0(native method)     @ sun.reflect.nativemethodaccessorimpl.invoke(unknown source)     @ sun.reflect.delegatingmethodaccessorimpl.invoke(unknown source)     @ java.lang.reflect.method.invoke(unknown source)     @ org.junit.runners.model.frameworkmethod$1.runreflectivecall(frameworkmethod.java:50)     @ org.junit.internal.runners.model.reflectivecallable.run(reflectivecallable.java:12)     @ org.junit.runners.model.frameworkmethod.invokeexplosively(frameworkmethod.java:47)     @ org.junit.internal.runners.statements.invokemethod.evaluate(invokemethod.java:17)     @ org.junit.internal.runners.statements.runbefores.evaluate(runbefores.java:26)     @ org.junit.internal.runners.statements.runafters.evaluate(runafters.java:27)     @ org.junit.runners.parentrunner.runleaf(parentrunner.java:325)     @ org.junit.runners.blockjunit4classrunner.runchild(blockjunit4classrunner.java:78)     @ org.junit.runners.blockjunit4classrunner.runchild(blockjunit4classrunner.java:57)     @ org.junit.runners.parentrunner$3.run(parentrunner.java:290)     @ org.junit.runners.parentrunner$1.schedule(parentrunner.java:71)     @ org.junit.runners.parentrunner.runchildren(parentrunner.java:288)     @ org.junit.runners.parentrunner.access$000(parentrunner.java:58)     @ org.junit.runners.parentrunner$2.evaluate(parentrunner.java:268)     @ org.junit.runners.parentrunner.run(parentrunner.java:363)     @ org.eclipse.jdt.internal.junit4.runner.junit4testreference.run(junit4testreference.java:50)     @ org.eclipse.jdt.internal.junit.runner.testexecution.run(testexecution.java:38)     @ org.eclipse.jdt.internal.junit.runner.remotetestrunner.runtests(remotetestrunner.java:467)     @ org.eclipse.jdt.internal.junit.runner.remotetestrunner.runtests(remotetestrunner.java:683)     @ org.eclipse.jdt.internal.junit.runner.remotetestrunner.run(remotetestrunner.java:390)     @ org.eclipse.jdt.internal.junit.runner.remotetestrunner.main(remotetestrunner.java:197) 

any gladly appreciated!!!

based thread, tokenresponseexception: 401 unauthorized occurs when having invalid client id, client secret or scopes. due refresh token overuse. refresh access token, if necessary since have limited lifetimes. if application needs access google api beyond lifetime of single access token, can obtain refresh token. refresh token allows application obtain new access tokens.

check these related threads:

• java google contacts api access service account authentication states possible source "401 unauthorized" exception leaving credential.refreshtoken() away. call necessary write access-code reference.
• always tokenresponseexception: 401 unauthorized.

hope helps!