- HTTP request
- Path parameters
- Request body
- Response body
- Authorization scopes
- IAM Permissions
- Try it!
Returns permissions that a caller has on the Identity-Aware Proxy protected resource. More information about managing access via IAP can be found at: https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api
HTTP request
POST https://iap.googleapis.com/v1/{resource=**}:testIamPermissions
The URL uses gRPC Transcoding syntax.
Path parameters
| Parameters | |
|---|---|
resource |
REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field. |
Request body
The request body contains data with the following structure:
| JSON representation |
|---|
{ "permissions": [ string ] } |
| Fields | |
|---|---|
permissions[] |
The set of permissions to check for the |
Response body
If successful, the response body contains an instance of TestIamPermissionsResponse.
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
IAM Permissions
Requires one of the following IAM permissions on the resource resource, depending on the resource type:
iap.gateway.getIamPolicyiap.tunnel.getIamPolicyiap.tunnelDestGroups.getIamPolicyiap.tunnelInstances.getIamPolicyiap.tunnelLocations.getIamPolicyiap.tunnelZones.getIamPolicyiap.web.getIamPolicyiap.webServices.getIamPolicyiap.webServiceVersions.getIamPolicyiap.webTypes.getIamPolicy
For more information, see the IAM documentation.