Vault OIDC Gsuite

Hello,

Getting the following error with gsuite oidc, has anyone had this issue before ?

failed to fetch groups: Get “https://www.googleapis.com/admin/directory/v1/groups?alt=json&fields=nextPageToken%2Cgroups(email)&prettyPrint=false&userKey=user%40example.com”: oauth2: cannot fetch token: 401 Unauthorized Response: { “error”: “unauthorized_client”, “error_description”: “Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested.” }

Thanks

is your vault infrastructure running on google ?

you have to delegate access to service account you use to run vault