The APIs for Identity and Access Management (IAM) are built on HTTP and JSON, so any standard HTTP client can send requests to it and parse the responses.
However, the Google API Client Libraries provide better language integration, improved security, and support for authentication. The client libraries are available in a number of programming languages; they handle all communication with IAM.
Many Google Cloud services also offer Google Cloud Client Libraries, which you can use to manage the allow policies for each service's resources. The Google Cloud Client Libraries offer the same benefits as the Google API Client Libraries, along with a more idiomatic API for each programming language. To learn more, see Client libraries explained.
IAM v1 API
Use the IAM v1 API to manage custom roles, service accounts, and service account keys.
To grant and revoke access to a specific resource, use the getIamPolicy and
setIamPolicy methods in that resource's API to update its allow policy. For a
list of resource types that accept allow policies, see
Resource types that accept allow policies.
To manage deny policies, use the IAM v2 API.
Install the client library
C++
To install the C++ client library, follow the instructions in Setting up a C++ development environment.
C#
For more information, see Setting up a C# development environment.
install-package Google.Apis.Iam.v1Go
For more information, see Setting up a Go development environment.
go get google.golang.org/api/iam/v1
Java
For more information, see Setting up a Java development environment.
If you are using Maven, add this to your pom.xml file.
Node.js
For more information, see Setting up a Node.js development environment.
npm install googleapis
PHP
For more information, see Using PHP on Google Cloud.
Add the library as a dependency to your composer.json file:
"require": { "google/apiclient": "^2.0" }
Alternatively, you can download the package locally.
Python
For more information, see Setting up a Python development environment.
pip install --upgrade google-api-python-client
Ruby
For more information, see Setting up a Ruby development environment.
gem install google-api-client
Additional resources
C++
For more information about how to use this client library, see the following resources:
- API reference documentation: C++ IAM client library reference
- Source code: C++ IAM client library source code
- Issue tracker: Google Cloud Client Library for C++ issue tracker
- Stack Overflow: Stack Overflow for IAM in C++
C#
For more information about how to use this client library, see the following resources:
- API reference documentation: C# IAM client library reference
- Source code: C# IAM client library source code
- Issue tracker: Google API Client Library for C# issue tracker
- Stack Overflow: Stack Overflow for IAM in C#
Go
For more information about how to use this client library, see the following resources:
- API reference documentation: Go IAM client library reference
- Source code: Go IAM client library source code
- Issue tracker: Google API Client Library for Go issue tracker
- Stack Overflow: Stack Overflow for IAM in Go
Java
For more information about how to use this client library, see the following resources:
- API reference documentation: IAM client library for Java reference
- Source code:
- Issue tracker: Google API Client Library for Java issue tracker
- Stack Overflow: Stack Overflow for IAM in Java
Node.js
For more information about how to use this client library, see the following resources:
- API reference documentation: Node.js IAM client library reference
- Source code: Node.js IAM client library source code
- Issue tracker: Google API Client Library for Node.js issue tracker
- Stack Overflow: Stack Overflow for IAM in Node.js
PHP
For more information about how to use this client library, see the following resources:
- Source code:
- Issue tracker: Google API Client Library for PHP issue tracker
- Stack Overflow: Stack Overflow for IAM in PHP
Python
For more information about how to use this client library, see the following resources:
- API reference documentation: Python IAM client library reference
- Source code: Google API Client Library for Python
- Issue tracker: Google API Client Library for Python issue tracker
- Stack Overflow: Stack Overflow for IAM in Python
Ruby
For more information about how to use this client library, see the following resources:
- API reference documentation: Ruby IAM client library reference
- Source code: Google API Client Library for Ruby
- Issue tracker: Google API Client Library for Ruby issue tracker
- Stack Overflow: Stack Overflow
IAM v2 API
Use the IAM v2 API to manage deny policies.
To manage custom roles, service accounts, and service account keys, use the IAM v1 API.
Install the client library
C++
To install the C++ client library, follow the instructions in Setting up a C++ development environment.
C#
For more information, see Setting up a C# development environment.
install-package Google.Cloud.Iam.V2Go
For more information, see Setting up a Go development environment.
go get cloud.google.com/go/iam
Java
For more information, see Setting up a Java development environment.
If you are using Maven, add this to your pom.xml file.
Node.js
For more information, see Setting up a Node.js development environment.
npm install @google-cloud/iam
PHP
For more information, see Using PHP on Google Cloud.
Install the component with Composer:
composer require google/cloud-iam
Python
For more information, see Setting up a Python development environment.
pip install --upgrade google-cloud-iam
Ruby
For more information, see Setting up a Ruby development environment.
gem install google-iam-v2
Additional resources
C++
For more information about how to use this client library, see the following resources:
- API reference documentation: C++ IAM client library reference
- Source code: C++ IAM client library source code
- Issue tracker: Google Cloud Client Library for C++ issue tracker
- Stack Overflow: Stack Overflow for IAM in C++
C#
For more information about how to use this client library, see the following resources:
- API reference documentation: .NET IAM v2 client library reference
- Source code: .NET IAM v2 client library source code
- Issue tracker: Cloud Client Libraries for .NET issue tracker
- Stack Overflow: Stack Overflow for IAM in C#
Go
For more information about how to use this client library, see the following resources:
- API reference documentation: Go IAM v2 client library reference
- Source code: Go IAM v2 client library source code
- Issue tracker: Cloud Client Libraries for Go issue tracker
- Stack Overflow: Stack Overflow for IAM in Go
Java
For more information about how to use this client library, see the following resources:
- API reference documentation: IAM v2 client library for Java reference
- Source code: IAM v2 client library for Java source code
- Issue tracker: Cloud Client Libraries for Java issue tracker
- Stack Overflow: Stack Overflow for IAM in Java
Node.js
For more information about how to use this client library, see the following resources:
- API reference documentation: Node.js IAM v2 client library reference
- Source code: Cloud Client Libraries for Node.js source code
- Issue tracker: Cloud Client Libraries for Node.js issue tracker
- Stack Overflow: Stack Overflow for IAM in Node.js
PHP
For more information about how to use this client library, see the following resources:
- API reference documentation: PHP IAM v2 client library reference
- Source code: Cloud Client Libraries for PHP source code
- Issue tracker: Cloud Client Libraries for PHP issue tracker
- Stack Overflow: Stack Overflow for IAM in PHP
Python
For more information about how to use this client library, see the following resources:
- API reference documentation: Python IAM v2 client library reference
- Source code: Cloud Client Libraries for Python source code
- Issue tracker: Cloud Client Libraries for Python issue tracker
- Stack Overflow: Stack Overflow for IAM in Python
Ruby
For more information about how to use this client library, see the following resources:
- API reference documentation: Ruby IAM v2 client library reference
- Source code: Cloud Client Libraries for Ruby source code
- Issue tracker: Cloud Client Libraries for Ruby issue tracker
- Stack Overflow: Stack Overflow
Service Account Credentials API
Use the Service Account Credentials API to create short-lived, limited-privilege credentials for service accounts.
Install the client library
C++
To install the C++ client library, follow the instructions in Setting up a C++ development environment.
C#
For more information, see Setting up a C# development environment.
install-package Google.Apis.IAMCredentials.v1Go
For more information, see Setting up a Go development environment.
go get google.golang.org/api/iamcredentials/v1
Java
For more information, see Setting up a Java development environment.
If you are using Maven, add this to your pom.xml file.
Node.js
For more information, see Setting up a Node.js development environment.
npm install googleapis
PHP
For more information, see Using PHP on Google Cloud.
Add the library as a dependency to your composer.json file:
"require": { "google/apiclient": "^2.0" }
Alternatively, you can download the package locally.
Python
For more information, see Setting up a Python development environment.
pip install --upgrade google-cloud-iam
Ruby
For more information, see Setting up a Ruby development environment.
gem install google-api-client
Additional resources
C++
For more information about how to use this client library, see the following resources:
- API reference documentation: C++ IAM client library reference
- Source code: C++ IAM client library source code
- Issue tracker: Google Cloud Client Library for C++ issue tracker
- Stack Overflow: Stack Overflow for IAM in C++
C#
For more information about how to use this client library, see the following resources:
- API reference documentation: C# Service Account Credentials client library reference
- Source code: C# Service Account Credentials client library source code
- Issue tracker: Google API Client Library for C# issue tracker
- Stack Overflow: Stack Overflow for IAM in C#
Go
For more information about how to use this client library, see the following resources:
- API reference documentation: Go Service Account Credentials client library reference
- Source code: Go Service Account Credentials client library source code
- Issue tracker: Google API Client Library for Go issue tracker
- Stack Overflow: Stack Overflow for IAM in Go
Java
For more information about how to use this client library, see the following resources:
- API reference documentation: Service Account Credentials client library for Java reference
- Source code:
- Issue tracker: Google API Client Library for Java issue tracker
- Stack Overflow: Stack Overflow for IAM in Java
Node.js
For more information about how to use this client library, see the following resources:
- API reference documentation: Node.js IAM client library reference
- Source code: Node.js Service Account Credentials client library source code
- Issue tracker: Google API Client Library for Node.js issue tracker
- Stack Overflow: Stack Overflow for IAM in Node.js
PHP
For more information about how to use this client library, see the following resources:
- Source code:
- Issue tracker: Google API Client Library for PHP issue tracker
- Stack Overflow: Stack Overflow for IAM in PHP
Python
For more information about how to use this client library, see the following resources:
- API reference documentation: Python Service Account Credentials client library reference
- Source code: Cloud Client Libraries for Python
- Issue tracker: Google API Client Library for Python issue tracker
- Stack Overflow: Stack Overflow for IAM in Python
Ruby
For more information about how to use this client library, see the following resources:
- API documentation reference: Ruby Service Account Credentials client library reference
- Source code: Google API Client Library for Ruby
- Issue tracker: Google API Client Library for Ruby issue tracker
- Stack Overflow: Stack Overflow