API for provisioning and managing identity resources.
Service: cloudidentity.googleapis.com
To call this service, we recommend that you use the Google-provided client libraries. If your application needs to use your own libraries to call this service, use the following information when you make the API requests.
Discovery document
A Discovery Document is a machine-readable specification for describing and consuming REST APIs. It is used to build client libraries, IDE plugins, and other tools that interact with Google APIs. One service may provide multiple discovery documents. This service provides the following discovery documents:
Service endpoint
A service endpoint is a base URL that specifies the network address of an API service. One service might have multiple service endpoints. This service has the following service endpoint and all URIs below are relative to this service endpoint:
https://cloudidentity.googleapis.com
REST Resource: v1beta1.customers.userinvitations
Methods | |
---|---|
cancel |
POST /v1beta1/{name=customers/*/userinvitations/*}:cancel Cancels a UserInvitation that was already sent. |
get |
GET /v1beta1/{name=customers/*/userinvitations/*} Retrieves a UserInvitation resource. |
is |
GET /v1beta1/{name=customers/*/userinvitations/*}:isInvitableUser Verifies whether a user account is eligible to receive a UserInvitation (is an unmanaged account). |
list |
GET /v1beta1/{parent=customers/*}/userinvitations Retrieves a list of UserInvitation resources. |
send |
POST /v1beta1/{name=customers/*/userinvitations/*}:send Sends a UserInvitation to email. |
REST Resource: v1beta1.devices
Methods | |
---|---|
cancel |
POST /v1beta1/{name=devices/*}:cancelWipe Cancels an unfinished device wipe. |
create |
POST /v1beta1/devices Creates a device. |
delete |
DELETE /v1beta1/{name=devices/*} Deletes the specified device. |
get |
GET /v1beta1/{name=devices/*} Retrieves the specified device. |
list |
GET /v1beta1/devices Lists/Searches devices. |
wipe |
POST /v1beta1/{name=devices/*}:wipe Wipes all data on the specified device. |
REST Resource: v1beta1.devices.deviceUsers
Methods | |
---|---|
approve |
POST /v1beta1/{name=devices/*/deviceUsers/*}:approve Approves device to access user data. |
block |
POST /v1beta1/{name=devices/*/deviceUsers/*}:block Blocks device from accessing user data |
cancel |
POST /v1beta1/{name=devices/*/deviceUsers/*}:cancelWipe Cancels an unfinished user account wipe. |
delete |
DELETE /v1beta1/{name=devices/*/deviceUsers/*} Deletes the specified DeviceUser. |
get |
GET /v1beta1/{name=devices/*/deviceUsers/*} Retrieves the specified DeviceUser |
list |
GET /v1beta1/{parent=devices/*}/deviceUsers Lists/Searches DeviceUsers. |
lookup |
GET /v1beta1/{parent=devices/*/deviceUsers}:lookup Looks up resource names of the DeviceUsers associated with the caller's credentials, as well as the properties provided in the request. |
wipe |
POST /v1beta1/{name=devices/*/deviceUsers/*}:wipe Wipes the user's account on a device. |
REST Resource: v1beta1.devices.deviceUsers.clientStates
Methods | |
---|---|
get |
GET /v1beta1/{name=devices/*/deviceUsers/*/clientStates/*} Gets the client state for the device user |
patch |
PATCH /v1beta1/{clientState.name=devices/*/deviceUsers/*/clientStates/*} Updates the client state for the device user Note: This method is available only to customers who have one of the following SKUs: Enterprise Standard, Enterprise Plus, Enterprise for Education, and Cloud Identity Premium |
REST Resource: v1beta1.groups
Methods | |
---|---|
create |
POST /v1beta1/groups Creates a Group . |
delete |
DELETE /v1beta1/{name=groups/*} Deletes a Group . |
get |
GET /v1beta1/{name=groups/*} Retrieves a Group . |
get |
GET /v1beta1/{name=groups/*/securitySettings} Get Security Settings |
list |
GET /v1beta1/groups Lists the Group resources under a customer or namespace. |
lookup |
GET /v1beta1/groups:lookup Looks up the resource name of a Group by its EntityKey . |
patch |
PATCH /v1beta1/{resource.name=groups/*} Updates a Group . |
search |
GET /v1beta1/groups:search Searches for Group resources matching a specified query. |
update |
PATCH /v1beta1/{securitySettings.name=groups/*/securitySettings} Update Security Settings |
REST Resource: v1beta1.groups.memberships
Methods | |
---|---|
check |
GET /v1beta1/{parent=groups/*}/memberships:checkTransitiveMembership Check a potential member for membership in a group. |
create |
POST /v1beta1/{parent=groups/*}/memberships Creates a Membership . |
delete |
DELETE /v1beta1/{name=groups/*/memberships/*} Deletes a Membership . |
get |
GET /v1beta1/{name=groups/*/memberships/*} Retrieves a Membership . |
get |
GET /v1beta1/{parent=groups/*}/memberships:getMembershipGraph Get a membership graph of just a member or both a member and a group. |
list |
GET /v1beta1/{parent=groups/*}/memberships Lists the Membership s within a Group . |
lookup |
GET /v1beta1/{parent=groups/*}/memberships:lookup Looks up the resource name of a Membership by its EntityKey . |
modify |
POST /v1beta1/{name=groups/*/memberships/*}:modifyMembershipRoles Modifies the MembershipRole s of a Membership . |
search |
GET /v1beta1/{parent=groups/*}/memberships:searchDirectGroups Searches direct groups of a member. |
search |
GET /v1beta1/{parent=groups/*}/memberships:searchTransitiveGroups Search transitive groups of a member. |
search |
GET /v1beta1/{parent=groups/*}/memberships:searchTransitiveMemberships Search transitive memberships of a group. |
REST Resource: v1beta1.inboundSamlSsoProfiles
Methods | |
---|---|
create |
POST /v1beta1/inboundSamlSsoProfiles Creates an InboundSamlSsoProfile for a customer. |
delete |
DELETE /v1beta1/{name=inboundSamlSsoProfiles/*} Deletes an InboundSamlSsoProfile . |
get |
GET /v1beta1/{name=inboundSamlSsoProfiles/*} Gets an InboundSamlSsoProfile . |
list |
GET /v1beta1/inboundSamlSsoProfiles Lists InboundSamlSsoProfile s for a customer. |
patch |
PATCH /v1beta1/{inboundSamlSsoProfile.name=inboundSamlSsoProfiles/*} Updates an InboundSamlSsoProfile . |
REST Resource: v1beta1.inboundSamlSsoProfiles.idpCredentials
Methods | |
---|---|
add |
POST /v1beta1/{parent=inboundSamlSsoProfiles/*}/idpCredentials:add Adds an IdpCredential . |
delete |
DELETE /v1beta1/{name=inboundSamlSsoProfiles/*/idpCredentials/*} Deletes an IdpCredential . |
get |
GET /v1beta1/{name=inboundSamlSsoProfiles/*/idpCredentials/*} Gets an IdpCredential . |
list |
GET /v1beta1/{parent=inboundSamlSsoProfiles/*}/idpCredentials Returns a list of IdpCredential s in an InboundSamlSsoProfile . |
REST Resource: v1beta1.inboundSsoAssignments
Methods | |
---|---|
create |
POST /v1beta1/inboundSsoAssignments Creates an InboundSsoAssignment for users and devices in a Customer under a given Group or OrgUnit . |
delete |
DELETE /v1beta1/{name=inboundSsoAssignments/*} Deletes an InboundSsoAssignment . |
get |
GET /v1beta1/{name=inboundSsoAssignments/*} Gets an InboundSsoAssignment . |
list |
GET /v1beta1/inboundSsoAssignments Lists the InboundSsoAssignment s for a Customer . |
patch |
PATCH /v1beta1/{inboundSsoAssignment.name=inboundSsoAssignments/*} Updates an InboundSsoAssignment . |
REST Resource: v1beta1.orgUnits.memberships
Methods | |
---|---|
list |
GET /v1beta1/{parent=orgUnits/*}/memberships List OrgMembership resources in an OrgUnit treated as 'parent'. |
move |
POST /v1beta1/{name=orgUnits/*/memberships/*}:move Move an OrgMembership to a new OrgUnit. |
REST Resource: v1beta1.policies
Methods | |
---|---|
get |
GET /v1beta1/{name=policies/*} Get a Policy |
list |
GET /v1beta1/policies List Policies |
REST Resource: v1.customers.userinvitations
Methods | |
---|---|
cancel |
POST /v1/{name=customers/*/userinvitations/*}:cancel Cancels a UserInvitation that was already sent. |
get |
GET /v1/{name=customers/*/userinvitations/*} Retrieves a UserInvitation resource. |
is |
GET /v1/{name=customers/*/userinvitations/*}:isInvitableUser Verifies whether a user account is eligible to receive a UserInvitation (is an unmanaged account). |
list |
GET /v1/{parent=customers/*}/userinvitations Retrieves a list of UserInvitation resources. |
send |
POST /v1/{name=customers/*/userinvitations/*}:send Sends a UserInvitation to email. |
REST Resource: v1.devices
Methods | |
---|---|
cancel |
POST /v1/{name=devices/*}:cancelWipe Cancels an unfinished device wipe. |
create |
POST /v1/devices Creates a device. |
delete |
DELETE /v1/{name=devices/*} Deletes the specified device. |
get |
GET /v1/{name=devices/*} Retrieves the specified device. |
list |
GET /v1/devices Lists/Searches devices. |
wipe |
POST /v1/{name=devices/*}:wipe Wipes all data on the specified device. |
REST Resource: v1.devices.deviceUsers
Methods | |
---|---|
approve |
POST /v1/{name=devices/*/deviceUsers/*}:approve Approves device to access user data. |
block |
POST /v1/{name=devices/*/deviceUsers/*}:block Blocks device from accessing user data |
cancel |
POST /v1/{name=devices/*/deviceUsers/*}:cancelWipe Cancels an unfinished user account wipe. |
delete |
DELETE /v1/{name=devices/*/deviceUsers/*} Deletes the specified DeviceUser. |
get |
GET /v1/{name=devices/*/deviceUsers/*} Retrieves the specified DeviceUser |
list |
GET /v1/{parent=devices/*}/deviceUsers Lists/Searches DeviceUsers. |
lookup |
GET /v1/{parent=devices/*/deviceUsers}:lookup Looks up resource names of the DeviceUsers associated with the caller's credentials, as well as the properties provided in the request. |
wipe |
POST /v1/{name=devices/*/deviceUsers/*}:wipe Wipes the user's account on a device. |
REST Resource: v1.devices.deviceUsers.clientStates
Methods | |
---|---|
get |
GET /v1/{name=devices/*/deviceUsers/*/clientStates/*} Gets the client state for the device user |
list |
GET /v1/{parent=devices/*/deviceUsers/*}/clientStates Lists the client states for the given search query. |
patch |
PATCH /v1/{clientState.name=devices/*/deviceUsers/*/clientStates/*} Updates the client state for the device user Note: This method is available only to customers who have one of the following SKUs: Enterprise Standard, Enterprise Plus, Enterprise for Education, and Cloud Identity Premium |
REST Resource: v1.groups
Methods | |
---|---|
create |
POST /v1/groups Creates a Group. |
delete |
DELETE /v1/{name=groups/*} Deletes a Group . |
get |
GET /v1/{name=groups/*} Retrieves a Group . |
get |
GET /v1/{name=groups/*/securitySettings} Get Security Settings |
list |
GET /v1/groups Lists the Group resources under a customer or namespace. |
lookup |
GET /v1/groups:lookup Looks up the resource name of a Group by its EntityKey . |
patch |
PATCH /v1/{resource.name=groups/*} Updates a Group . |
search |
GET /v1/groups:search Searches for Group resources matching a specified query. |
update |
PATCH /v1/{securitySettings.name=groups/*/securitySettings} Update Security Settings |
REST Resource: v1.groups.memberships
Methods | |
---|---|
check |
GET /v1/{parent=groups/*}/memberships:checkTransitiveMembership Check a potential member for membership in a group. |
create |
POST /v1/{parent=groups/*}/memberships Creates a Membership . |
delete |
DELETE /v1/{name=groups/*/memberships/*} Deletes a Membership . |
get |
GET /v1/{name=groups/*/memberships/*} Retrieves a Membership . |
get |
GET /v1/{parent=groups/*}/memberships:getMembershipGraph Get a membership graph of just a member or both a member and a group. |
list |
GET /v1/{parent=groups/*}/memberships Lists the Membership s within a Group . |
lookup |
GET /v1/{parent=groups/*}/memberships:lookup Looks up the resource name of a Membership by its EntityKey . |
modify |
POST /v1/{name=groups/*/memberships/*}:modifyMembershipRoles Modifies the MembershipRole s of a Membership . |
search |
GET /v1/{parent=groups/*}/memberships:searchDirectGroups Searches direct groups of a member. |
search |
GET /v1/{parent=groups/*}/memberships:searchTransitiveGroups Search transitive groups of a member. |
search |
GET /v1/{parent=groups/*}/memberships:searchTransitiveMemberships Search transitive memberships of a group. |
REST Resource: v1.inboundSamlSsoProfiles
Methods | |
---|---|
create |
POST /v1/inboundSamlSsoProfiles Creates an InboundSamlSsoProfile for a customer. |
delete |
DELETE /v1/{name=inboundSamlSsoProfiles/*} Deletes an InboundSamlSsoProfile . |
get |
GET /v1/{name=inboundSamlSsoProfiles/*} Gets an InboundSamlSsoProfile . |
list |
GET /v1/inboundSamlSsoProfiles Lists InboundSamlSsoProfile s for a customer. |
patch |
PATCH /v1/{inboundSamlSsoProfile.name=inboundSamlSsoProfiles/*} Updates an InboundSamlSsoProfile . |
REST Resource: v1.inboundSamlSsoProfiles.idpCredentials
Methods | |
---|---|
add |
POST /v1/{parent=inboundSamlSsoProfiles/*}/idpCredentials:add Adds an IdpCredential . |
delete |
DELETE /v1/{name=inboundSamlSsoProfiles/*/idpCredentials/*} Deletes an IdpCredential . |
get |
GET /v1/{name=inboundSamlSsoProfiles/*/idpCredentials/*} Gets an IdpCredential . |
list |
GET /v1/{parent=inboundSamlSsoProfiles/*}/idpCredentials Returns a list of IdpCredential s in an InboundSamlSsoProfile . |
REST Resource: v1.inboundSsoAssignments
Methods | |
---|---|
create |
POST /v1/inboundSsoAssignments Creates an InboundSsoAssignment for users and devices in a Customer under a given Group or OrgUnit . |
delete |
DELETE /v1/{name=inboundSsoAssignments/*} Deletes an InboundSsoAssignment . |
get |
GET /v1/{name=inboundSsoAssignments/*} Gets an InboundSsoAssignment . |
list |
GET /v1/inboundSsoAssignments Lists the InboundSsoAssignment s for a Customer . |
patch |
PATCH /v1/{inboundSsoAssignment.name=inboundSsoAssignments/*} Updates an InboundSsoAssignment . |