Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
HTTP request
POST https://apigeeregistry.googleapis.com/v1/{resource=projects/*/locations/*/apis/*/deployments/*}:testIamPermissions
REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field.
Request body
The request body contains data with the following structure:
JSON representation
{"permissions": [string]}
Fields
permissions[]
string
The set of permissions to check for the resource. Permissions with wildcards (such as * or storage.*) are not allowed. For more information see IAM Overview.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eThis documentation covers the legacy Apigee Registry API's \u003ccode\u003etestIamPermissions\u003c/code\u003e method, which is no longer supported and has been replaced by the Apigee API hub APIs.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003etestIamPermissions\u003c/code\u003e method utilizes a POST HTTP request to a specific URL defined with gRPC Transcoding syntax, using a \u003ccode\u003eresource\u003c/code\u003e parameter in the path to identify the target.\u003c/p\u003e\n"],["\u003cp\u003eThe request body includes a JSON representation specifying an array of \u003ccode\u003epermissions\u003c/code\u003e to be checked against the designated resource.\u003c/p\u003e\n"],["\u003cp\u003eThe response provides details on permissions a caller has on a specified resource, returning an empty set if the resource does not exist.\u003c/p\u003e\n"],["\u003cp\u003eAuthorization for this method requires the \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-platform\u003c/code\u003e OAuth scope.\u003c/p\u003e\n"]]],[],null,["# Method: projects.locations.apis.deployments.testIamPermissions\n\n- [HTTP request](#body.HTTP_TEMPLATE)\n- [Path parameters](#body.PATH_PARAMETERS)\n- [Request body](#body.request_body)\n - [JSON representation](#body.request_body.SCHEMA_REPRESENTATION)\n- [Response body](#body.response_body)\n- [Authorization Scopes](#body.aspect)\n- [Try it!](#try-it)\n\n| **Note:** You are viewing the legacy Apigee Registry API documentation which is no longer supported. For the latest API hub functionality, it's recommended to use the [Apigee API hub APIs](/apigee/docs/reference/apis/apihub/rest).\nReturns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error.\n\nNote: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.\n\n### HTTP request\n\n`POST https://apigeeregistry.googleapis.com/v1/{resource=projects/*/locations/*/apis/*/deployments/*}:testIamPermissions`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n### Request body\n\nThe request body contains data with the following structure:\n\n### Response body\n\nIf successful, the response body contains an instance of [TestIamPermissionsResponse](/apigee/docs/reference/apis/apigeeregistry/rest/v1/TestIamPermissionsResponse).\n\n### Authorization Scopes\n\nRequires the following OAuth scope:\n\n- `https://www.googleapis.com/auth/cloud-platform`"]]
