Method: projects.serviceAccounts.patch

HTTP request
Path parameters
Request body
- JSON representation
Response body
Authorization scopes
Examples
Try it!

Patches a ServiceAccount.

HTTP request

PATCH https://iam.googleapis.com/v1/{serviceAccount.name=projects/*/serviceAccounts/*}

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters

Parameters
`serviceAccount.name`	`string` The resource name of the service account. Use one of the following formats: `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you can use the `-` wildcard character instead of the project ID: `projects/-/serviceAccounts/{EMAIL_ADDRESS}` `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the `-` wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account `projects/-/serviceAccounts/fake@example.com`, which does not exist, the response contains an HTTP `403 Forbidden` error instead of a `404 Not Found` error.

serviceAccount.name

string

The resource name of the service account.

Use one of the following formats:

projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}
projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}

As an alternative, you can use the - wildcard character instead of the project ID:

projects/-/serviceAccounts/{EMAIL_ADDRESS}
projects/-/serviceAccounts/{UNIQUE_ID}

When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account projects/-/serviceAccounts/fake@example.com, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

Request body

The request body contains data with the following structure:

JSON representation
{ "serviceAccount": { "name": string, "projectId": string, "uniqueId": string, "email": string, "displayName": string, "etag": string, "description": string, "oauth2ClientId": string, "disabled": boolean }, "updateMask": string }

JSON representation

{
  "serviceAccount": {
    "name": string,
    "projectId": string,
    "uniqueId": string,
    "email": string,
    "displayName": string,
    "etag": string,
    "description": string,
    "oauth2ClientId": string,
    "disabled": boolean
  },
  "updateMask": string
}

Fields
`serviceAccount.projectId`	`string` Output only. The ID of the project that owns the service account.
`serviceAccount.uniqueId`	`string` Output only. The unique, stable numeric ID for the service account. Each service account retains its unique ID even if you delete the service account. For example, if you delete a service account, then create a new service account with the same name, the new service account has a different unique ID than the deleted service account.
`serviceAccount.email`	`string` Output only. The email address of the service account.
`serviceAccount.displayName`	`string` Optional. A user-specified, human-readable name for the service account. The maximum length is 100 UTF-8 bytes.
`serviceAccount.etag (deprecated)`	`string (bytes format)` Deprecated. Do not use. A base64-encoded string.
`serviceAccount.description`	`string` Optional. A user-specified, human-readable description of the service account. The maximum length is 256 UTF-8 bytes.
`serviceAccount.oauth2ClientId`	`string` Output only. The OAuth 2.0 client ID for the service account.
`serviceAccount.disabled`	`boolean` Output only. Whether the service account is disabled.
`updateMask`	`string (FieldMask format)` This is a comma-separated list of fully qualified names of fields. Example: `"user.displayName,photo"`.

Response body

If successful, the response body contains an instance of ServiceAccount.

Authorization scopes

Requires one of the following OAuth scopes:

https://www.googleapis.com/auth/iam
https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.