Method: accounts.sendOobCode

{
  "requestType": enum (OobReqType),
  "email": string,
  "challenge": string,
  "captchaResp": string,
  "userIp": string,
  "newEmail": string,
  "idToken": string,
  "continueUrl": string,
  "iOSBundleId": string,
  "iOSAppStoreId": string,
  "androidPackageName": string,
  "androidInstallApp": boolean,
  "androidMinimumVersion": string,
  "canHandleCodeInApp": boolean,
  "tenantId": string,
  "targetProjectId": string,
  "dynamicLinkDomain": string,
  "returnOobLink": boolean,
  "clientType": enum (ClientType),
  "recaptchaVersion": enum (RecaptchaVersion)
}

enum (OobReqType)

Required. The type of out-of-band (OOB) code to send. Depending on this value, other fields in this request will be required and/or have different meanings. There are 4 different OOB codes that can be sent: * PASSWORD_RESET * EMAIL_SIGNIN * VERIFY_EMAIL * VERIFY_AND_CHANGE_EMAIL

string

The account's email address to send the OOB code to, and generally the email address of the account that needs to be updated. Required for PASSWORD_RESET, EMAIL_SIGNIN, and VERIFY_EMAIL. Only required for VERIFY_AND_CHANGE_EMAIL requests when returnOobLink is set to true. In this case, it is the original email of the user.

string

string

For a PASSWORD_RESET request, a reCaptcha response is required when the system detects possible abuse activity. In those cases, this is the response from the reCaptcha challenge used to verify the caller.

string

The IP address of the caller. Required only for PASSWORD_RESET requests.

string

The email address the account is being updated to. Required only for VERIFY_AND_CHANGE_EMAIL requests.

string

An ID token for the account. It is required for VERIFY_AND_CHANGE_EMAIL and VERIFY_EMAIL requests unless returnOobLink is set to true.

string

The Url to continue after user clicks the link sent in email. This is the url that will allow the web widget to handle the OOB code.

string

If an associated iOS app can handle the OOB code, the iOS bundle id of this app. This will allow the correct app to open if it is already installed.

string

If an associated iOS app can handle the OOB code, the App Store id of this app. This will allow App Store to open to the correct app if the app is not yet installed.

string

If an associated android app can handle the OOB code, the Android package name of the android app that will handle the callback when this OOB code is used. This will allow the correct app to open if it is already installed, or allow Google Play Store to open to the correct app if it is not yet installed.

boolean

If an associated android app can handle the OOB code, whether or not to install the android app on the device where the link is opened if the app is not already installed.

string

If an associated android app can handle the OOB code, the minimum version of the app. If the version on the device is lower than this version then the user is taken to Google Play Store to upgrade the app.

boolean

When set to true, the OOB code link will be be sent as a Universal Link or an Android App Link and will be opened by the corresponding app if installed. If not set, or set to false, the OOB code will be sent to the web widget first and then on continue will redirect to the app if installed.

string

The tenant ID of the Identity Platform tenant the account belongs to.

string

The Project ID of the Identity Platform project which the account belongs to. To specify this field, it requires a Google OAuth 2.0 credential with proper permissions.

Authorization requires the following IAM permission on the specified resource targetProjectId:

• firebaseauth.users.sendEmail

string

In order to ensure that the url used can be easily opened up in iOS or android, we create a Firebase Dynamic Link. Most Identity Platform projects will only have one Dynamic Link domain enabled, and can leave this field blank. This field contains a specified Dynamic Link domain for projects that have multiple enabled.

boolean

Whether the confirmation link containing the OOB code should be returned in the response (no email is sent). Used when a developer wants to construct the email template and send it on their own. By default this is false; to specify this field, and to set it to true, it requires a Google OAuth 2.0 credential with proper permissions

enum (ClientType)

The client type: web, Android or iOS. Required when reCAPTCHA Enterprise protection is enabled.

enum (RecaptchaVersion)

The reCAPTCHA version of the reCAPTCHA token in the captchaResponse.