REST Resource: locations.workforcePools.providers.keys

Resource: WorkforcePoolProviderKey

Represents a public key configuration for a Workforce Pool Provider. The key can be configured in your identity provider to encrypt SAML assertions. Google holds the corresponding private key, which it uses to decrypt encrypted tokens.

JSON representation
{
  "name": string,
  "keyData": {
    object (KeyData)
  },
  "state": enum (State),
  "use": enum (KeyUse),
  "expireTime": string
}
Fields
name

string

Output only. The resource name of the key.

keyData

object (KeyData)

Immutable. Public half of the asymmetric key.

state

enum (State)

Output only. The state of the key.

use

enum (KeyUse)

Required. The purpose of the key.

expireTime

string (Timestamp format)

Output only. The time after which the key will be permanently deleted and cannot be recovered. Note that the key may get purged before this time if the total limit of keys per provider is exceeded.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

State

The current state of the key.

Enums
STATE_UNSPECIFIED State unspecified.
ACTIVE The key is active.
DELETED The key is soft-deleted. Soft-deleted keys are permanently deleted after approximately 30 days. You can restore a soft-deleted key using keys.undelete.

KeyUse

The purpose of the key.

Enums
KEY_USE_UNSPECIFIED KeyUse unspecified.
ENCRYPTION The key is used for encryption.

Methods

create

Creates a new WorkforcePoolProviderKey in a WorkforcePoolProvider.

delete

Deletes a WorkforcePoolProviderKey.

get

Gets a WorkforcePoolProviderKey.

list

Lists all non-deleted WorkforcePoolProviderKeys in a WorkforcePoolProvider.

undelete

Undeletes a WorkforcePoolProviderKey, as long as it was deleted fewer than 30 days ago.