의견 보내기
컬렉션을 사용해 정리하기
내 환경설정을 기준으로 콘텐츠를 저장하고 분류하세요.
IAM으로 액세스 제어
Identity Platform은 사용자 및 인증 토큰을 관리하기 위한 Admin API를 제공합니다.
Identity Platform은 이 API를 통해 사용자 및 토큰에 대한 무단 액세스를 방지하기 위해 IAM을 사용하여 특정 Identity Platform API에 대한 권한을 관리합니다.
IAM 역할을 사용자나 서비스 계정에 할당하는 방법을 알아보려면 IAM 문서의 정책 관리 를 참조하세요.
API 권한
다음 표는 호출자가 Identity Platform API에서 각 메서드를 호출해야 하는 권한을 나열합니다.
참고: firebaseauth.configs.getSecret은 클라이언트 보안 비밀번호 기반 정보를 처리하는 경우에만 필요합니다. 이 권한이 없어도 API 호출이 성공할 수 있습니다.
서비스
메서드
필수 권한
google.cloud.identitytoolkit.v1.AccountManagementService
GetOobCode
firebaseauth.users.sendEmail
SetAccountInfo
firebaseauth.users.update
UploadAccount
firebaseauth.users.create
DeleteAccount
firebaseauth.users.delete
DownloadAccount
firebaseauth.users.get
GetAccountInfo
firebaseauth.users.get
QueryUserInfo
firebaseauth.users.get
google.cloud.identitytoolkit.v1.AuthenticationService
SignUp
firebaseauth.users.create
google.cloud.identitytoolkit.v1.ProjectConfigService
GetProjectConfig
firebaseauth.configs.get
SetProjectConfig
firebaseauth.configs.update
google.cloud.identitytoolkit.v1.SessionManagementService
CreateSessionCookie
firebaseauth.users.createSession
google.cloud.identitytoolkit.v2.ProjectConfigService
CreateConfig
firebaseauth.configs.create
CreateDefaultSupportedIdpConfig
firebaseauth.configs.update
firebaseauth.configs.getSecret
CreateInboundSamlConfig
firebaseauth.configs.update
CreateOAuthIdpConfig
firebaseauth.configs.update
firebaseauth.configs.getSecret
CreateOutboundSamlConfig
firebaseauth.configs.update
DeleteDefaultSupportedIdpConfig
firebaseauth.configs.update
DeleteInboundSamlConfig
firebaseauth.configs.update
DeleteOAuthIdpConfig
firebaseauth.configs.update
DeleteOutboundSamlConfig
firebaseauth.configs.update
EnableCicp
firebaseauth.configs.create
GetConfig
firebaseauth.configs.get
GetDefaultSupportedIdpConfig
firebaseauth.configs.get
firebaseauth.configs.getSecret
GetInboundSamlConfig
firebaseauth.configs.get
GetOAuthIdpConfig
firebaseauth.configs.get
firebaseauth.configs.getSecret
GetOutboundSamlConfig
firebaseauth.configs.get
ListDefaultSupportedIdpConfigs
firebaseauth.configs.get
firebaseauth.configs.getSecret
ListInboundSamlConfigs
firebaseauth.configs.get
ListOAuthIdpConfigs
firebaseauth.configs.get
firebaseauth.configs.getSecret
ListOutboundSamlConfigs
firebaseauth.configs.get
UpdateConfig
firebaseauth.configs.update
UpdateDefaultSupportedIdpConfig
firebaseauth.configs.update
firebaseauth.configs.getSecret
UpdateInboundSamlConfig
firebaseauth.configs.update
UpdateOAuthIdpConfig
firebaseauth.configs.update
firebaseauth.configs.getSecret
UpdateOutboundSamlConfig
firebaseauth.configs.update
VerifyDomain
firebaseauth.configs.update
SetIamPolicy
identitytoolkit.tenants.setIamPolicy
GetIamPolicy
identitytoolkit.tenants.getIamPolicy
google.cloud.identitytoolkit.v2.TenantManagementService
CreateTenant
identitytoolkit.tenants.create
DeleteTenant
identitytoolkit.tenants.delete
GetTenant
identitytoolkit.tenants.get
ListTenants
identitytoolkit.tenants.list
UpdateTenant
identitytoolkit.tenants.update
의견 보내기
달리 명시되지 않는 한 이 페이지의 콘텐츠에는 Creative Commons Attribution 4.0 라이선스 에 따라 라이선스가 부여되며, 코드 샘플에는 Apache 2.0 라이선스 에 따라 라이선스가 부여됩니다. 자세한 내용은 Google Developers 사이트 정책 을 참조하세요. 자바는 Oracle 및/또는 Oracle 계열사의 등록 상표입니다.
최종 업데이트: 2025-09-04(UTC)
의견을 전달하고 싶나요?
[[["이해하기 쉬움","easyToUnderstand","thumb-up"],["문제가 해결됨","solvedMyProblem","thumb-up"],["기타","otherUp","thumb-up"]],[["이해하기 어려움","hardToUnderstand","thumb-down"],["잘못된 정보 또는 샘플 코드","incorrectInformationOrSampleCode","thumb-down"],["필요한 정보/샘플이 없음","missingTheInformationSamplesINeed","thumb-down"],["번역 문제","translationIssue","thumb-down"],["기타","otherDown","thumb-down"]],["최종 업데이트: 2025-09-04(UTC)"],[[["\u003cp\u003eIdentity Platform uses IAM to manage permissions for its Admin APIs, ensuring secure access to user data and authentication tokens.\u003c/p\u003e\n"],["\u003cp\u003eSpecific IAM permissions are required to execute different methods within the Identity Platform API, such as creating, updating, deleting, or retrieving user accounts and configurations.\u003c/p\u003e\n"],["\u003cp\u003eDifferent methods require different permissions, such as \u003ccode\u003efirebaseauth.users.create\u003c/code\u003e for creating a user or \u003ccode\u003efirebaseauth.configs.get\u003c/code\u003e for retrieving project configurations.\u003c/p\u003e\n"],["\u003cp\u003e\u003ccode\u003efirebaseauth.configs.getSecret\u003c/code\u003e permission is only necessary when dealing with client secret based information and that API calls may succeed without it.\u003c/p\u003e\n"],["\u003cp\u003eThere are various methods for tenant management, requiring permissions like \u003ccode\u003eidentitytoolkit.tenants.create\u003c/code\u003e to create tenants or \u003ccode\u003eidentitytoolkit.tenants.getIamPolicy\u003c/code\u003e to get tenant IAM policy.\u003c/p\u003e\n"]]],[],null,["Access control with IAM\n\nIdentity Platform provides Admin APIs to manage your users and authentication\ntokens.\nTo prevent unwanted access to your users and tokens through these APIs,\nIdentity Platform leverages IAM\nto manage permission to specific Identity Platform APIs.\n\nTo learn how to assign IAM roles to a user or service account,\nsee [Managing Policies](/iam/docs/managing-policies) in the IAM\ndocumentation.\n\nAPI permissions\n\nThe following table lists the permissions that the caller must have to call each\nmethod in the Identity Platform API:\n| **Note:** firebaseauth.configs.getSecret is only required when dealing with client secret based information. API calls can succeed without this permission.\n\n\u003cbr /\u003e\n\n| Service | Method | Required Permission(s) |\n|----------------------------------------------------------|---------------------------------|--------------------------------------|\n| google.cloud.identitytoolkit.v1.AccountManagementService | GetOobCode | firebaseauth.users.sendEmail |\n| google.cloud.identitytoolkit.v1.AccountManagementService | SetAccountInfo | firebaseauth.users.update |\n| google.cloud.identitytoolkit.v1.AccountManagementService | UploadAccount | firebaseauth.users.create |\n| google.cloud.identitytoolkit.v1.AccountManagementService | DeleteAccount | firebaseauth.users.delete |\n| google.cloud.identitytoolkit.v1.AccountManagementService | DownloadAccount | firebaseauth.users.get |\n| google.cloud.identitytoolkit.v1.AccountManagementService | GetAccountInfo | firebaseauth.users.get |\n| google.cloud.identitytoolkit.v1.AccountManagementService | QueryUserInfo | firebaseauth.users.get |\n| google.cloud.identitytoolkit.v1.AuthenticationService | SignUp | firebaseauth.users.create |\n| google.cloud.identitytoolkit.v1.ProjectConfigService | GetProjectConfig | firebaseauth.configs.get |\n| google.cloud.identitytoolkit.v1.ProjectConfigService | SetProjectConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v1.SessionManagementService | CreateSessionCookie | firebaseauth.users.createSession |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | CreateConfig | firebaseauth.configs.create |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | CreateDefaultSupportedIdpConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | CreateDefaultSupportedIdpConfig | firebaseauth.configs.getSecret |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | CreateInboundSamlConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | CreateOAuthIdpConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | CreateOAuthIdpConfig | firebaseauth.configs.getSecret |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | CreateOutboundSamlConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | DeleteDefaultSupportedIdpConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | DeleteInboundSamlConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | DeleteOAuthIdpConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | DeleteOutboundSamlConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | EnableCicp | firebaseauth.configs.create |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | GetConfig | firebaseauth.configs.get |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | GetDefaultSupportedIdpConfig | firebaseauth.configs.get |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | GetDefaultSupportedIdpConfig | firebaseauth.configs.getSecret |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | GetInboundSamlConfig | firebaseauth.configs.get |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | GetOAuthIdpConfig | firebaseauth.configs.get |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | GetOAuthIdpConfig | firebaseauth.configs.getSecret |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | GetOutboundSamlConfig | firebaseauth.configs.get |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | HashConfig | firebaseauth.configs.getHashConfig |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | ListDefaultSupportedIdpConfigs | firebaseauth.configs.get |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | ListDefaultSupportedIdpConfigs | firebaseauth.configs.getSecret |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | ListInboundSamlConfigs | firebaseauth.configs.get |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | ListOAuthIdpConfigs | firebaseauth.configs.get |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | ListOAuthIdpConfigs | firebaseauth.configs.getSecret |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | ListOutboundSamlConfigs | firebaseauth.configs.get |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | UpdateConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | UpdateDefaultSupportedIdpConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | UpdateDefaultSupportedIdpConfig | firebaseauth.configs.getSecret |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | UpdateInboundSamlConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | UpdateOAuthIdpConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | UpdateOAuthIdpConfig | firebaseauth.configs.getSecret |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | UpdateOutboundSamlConfig | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | VerifyDomain | firebaseauth.configs.update |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | SetIamPolicy | identitytoolkit.tenants.setIamPolicy |\n| google.cloud.identitytoolkit.v2.ProjectConfigService | GetIamPolicy | identitytoolkit.tenants.getIamPolicy |\n| google.cloud.identitytoolkit.v2.TenantManagementService | CreateTenant | identitytoolkit.tenants.create |\n| google.cloud.identitytoolkit.v2.TenantManagementService | DeleteTenant | identitytoolkit.tenants.delete |\n| google.cloud.identitytoolkit.v2.TenantManagementService | GetTenant | identitytoolkit.tenants.get |\n| google.cloud.identitytoolkit.v2.TenantManagementService | ListTenants | identitytoolkit.tenants.list |\n| google.cloud.identitytoolkit.v2.TenantManagementService | UpdateTenant | identitytoolkit.tenants.update |"]]
