Method: projects.tenants.accounts.batchCreate

Uploads multiple accounts into the Google Cloud project. If there is a problem uploading one or more of the accounts, the rest will be uploaded, and a list of the errors will be returned. To use this method requires a Google OAuth 2.0 credential with proper permissions.

HTTP request

POST https://identitytoolkit.googleapis.com/v1/projects/{targetProjectId}/tenants/{tenantId}/accounts:batchCreate

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
targetProjectId

string

The Project ID of the Identity Platform project which the account belongs to.

Authorization requires the following IAM permission on the specified resource targetProjectId:

  • firebaseauth.users.create
tenantId

string

The ID of the Identity Platform tenant the account belongs to.

Request body

The request body contains data with the following structure:

JSON representation
{
  "hashAlgorithm": string,
  "signerKey": string,
  "saltSeparator": string,
  "rounds": integer,
  "memoryCost": integer,
  "users": [
    {
      object (UserInfo)
    }
  ],
  "sanityCheck": boolean,
  "allowOverwrite": boolean,
  "cpuMemCost": integer,
  "parallelization": integer,
  "blockSize": integer,
  "dkLen": integer,
  "passwordHashOrder": enum (PasswordHashOrder)
}
Fields
hashAlgorithm

string

Required. The hashing function used to hash the account passwords. Must be one of the following: * HMAC_SHA256 * HMAC_SHA1 * HMAC_MD5 * SCRYPT * PBKDF_SHA1 * MD5 * HMAC_SHA512 * SHA1 * BCRYPT * PBKDF2_SHA256 * SHA256 * SHA512 * STANDARD_SCRYPT

signerKey

string (bytes format)

The signer key used to hash the password. Required for the following hashing functions: * SCRYPT, * HMAC_MD5, * HMAC_SHA1, * HMAC_SHA256, * HMAC_SHA512

A base64-encoded string.

saltSeparator

string (bytes format)

One or more bytes to be inserted between the salt and plain text password. For stronger security, this should be a single non-printable character.

A base64-encoded string.

rounds

integer

The number of rounds used for hash calculation. Only required for the following hashing functions: * MD5 * SHA1 * SHA256 * SHA512 * PBKDF_SHA1 * PBKDF2_SHA256 * SCRYPT

memoryCost

integer

Memory cost for hash calculation. Only required when the hashing function is SCRYPT.

users[]

object (UserInfo)

A list of accounts to upload.

sanityCheck

boolean

allowOverwrite

boolean

Whether to overwrite an existing account in Identity Platform with a matching localId in the request. If true, the existing account will be overwritten. If false, an error will be returned.

cpuMemCost

integer

The CPU memory cost parameter to be used by the STANDARD_SCRYPT hashing function. This parameter, along with blockSize and cpuMemCost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance.

parallelization

integer

The parallelization cost parameter to be used by the STANDARD_SCRYPT hashing function. This parameter, along with blockSize and cpuMemCost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance.

blockSize

integer

The block size parameter used by the STANDARD_SCRYPT hashing function. This parameter, along with parallelization and cpuMemCost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance.

dkLen

integer

The desired key length for the STANDARD_SCRYPT hashing function. Must be at least 1.

passwordHashOrder

enum (PasswordHashOrder)

Password and salt order when verify password.

Response body

If successful, the response body contains an instance of UploadAccountResponse.

Authorization Scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/identitytoolkit
  • https://www.googleapis.com/auth/firebase
  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.