Overview of API Access

This page describes the API access control options available to you in Google Cloud Endpoints.

Overview

In Cloud Endpoints, API access control can be configured at the project level and at the individual API level. For example, you can:

Grant access on a per-API basis, rather than for the whole Cloud project.
Grant access to your API users so they can enable the API in their own Cloud project.
Grant access to all Cloud Endpoints APIs within a project to a group of developers.

For a detailed description of IAM and its features, see the Google Cloud Identity and Access Management Documentation.

The following roles can be granted for an API.

IAM Role Name	Role Title	Description
roles/servicemanagement.serviceConsumer	Service Consumer	Permissions for a non-project member to view and enable the API in API Manager in the Cloud Platform Console in their own project.
roles/servicemanagement.serviceController	Service Controller	Permissions to make check and report calls to Service Control during runtime. This is usually given to Service Accounts.
roles/viewer	Viewer	Permissions for a project member to view the service configuration.
roles/editor	Editor	All viewer permissions and permissions for a project member to deploy the service configuration.
roles/owner	Owner	All editor permissions and permissions for a project member to manage access.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 3.0 License, and code samples are licensed under the Apache 2.0 License. For details, see our Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated August 9, 2017.