I’m having trouble with the Google Classroom API in my C# project. It works fine when I use a super admin account, but I get a ‘forbidden’ error with a delegated admin. The error message says ‘Current user cannot create courses.’
Here’s a simplified version of my code:
var scopes = new[] { ClassroomScope.CoursesManage };
var cred = await GoogleCredential.FromFileAsync("admin_creds.json", CancellationToken.None);
var service = new ClassroomService(new BaseClientService.Initializer
{
HttpClientInitializer = cred,
ApplicationName = "ClassroomTest"
});
var newCourse = new Course
{
Name = "Programming 101",
OwnerId = "admin@myschool.edu"
};
var result = await service.Courses.Create(newCourse).ExecuteAsync();
I’ve set up the project in Google Cloud Console and verified it. The scopes include classroom courses and rosters. I created the delegated admin in Google Admin Console with a custom role. Any ideas why this isn’t working?
I’ve dealt with this issue before, and it can be frustrating. One key thing to check is the impersonation setup. If you’re using a service account, you need to explicitly set the user to impersonate. Try modifying your credential creation like this:
var cred = await GoogleCredential.FromFileAsync("admin_creds.json", CancellationToken.None)
.CreateWithUserToImpersonate("admin@myschool.edu");
Also, make sure the delegated admin actually has the ‘Create course’ permission in Google Admin Console. Sometimes it’s not included in custom roles by default.
Lastly, double-check that the Google Classroom API is enabled in your Google Cloud Console project. It’s an easy thing to overlook.
If none of these solve it, you might need to review the audit logs in Google Admin Console to see exactly why the request is being denied. Good luck!
Hey Hugo_Storm, I feel your pain! Google Classroom API can be a real head-scratcher sometimes. 
Have you considered the possibility that your delegated admin might not have the necessary privileges to create courses? It’s a common oversight. Maybe try checking the Admin Console to see if the ‘Create course’ permission is explicitly granted?
Also, I’m curious - are you using a service account for this? If so, you might need to set up impersonation. It’s a bit tricky, but basically, you tell the API to act on behalf of a specific user. Something like this might help:
var cred = await GoogleCredential.FromFileAsync("admin_creds.json", CancellationToken.None)
.CreateWithUserToImpersonate("admin@myschool.edu");
Oh, and one more thing - have you double-checked that the Classroom API is actually enabled in your Google Cloud Console project? It’s such a small detail, but I’ve been caught out by that before!
Let me know if any of this helps or if you need more ideas. Debugging these API issues can be quite the adventure! 
hey Hugo, i’ve run into this before. make sure ur delegated admin has the right permissions in Google Admin Console. sometimes the custom roles miss stuff. also, double-check if ur using a service account - u might need to set up impersonation. it’s a pain, but once u get it right, it works like a charm!