Method: projects.tenants.testIamPermissions

Returns the caller's permissions on a resource. An error is returned if the resource does not exist. A caller is not required to have Google IAM permission to make this request.

HTTP request

POST https://identitytoolkit.googleapis.com/admin/v2/{resource=projects/*/tenants/*}:testIamPermissions

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
resource

string

REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field.

Request body

The request body contains data with the following structure:

JSON representation
{
  "permissions": [
    string
  ]
}
Fields
permissions[]

string

The set of permissions to check for the resource. Permissions with wildcards (such as * or storage.*) are not allowed. For more information see IAM Overview.

Response body

Response message for tenants.testIamPermissions method.

If successful, the response body contains data with the following structure:

JSON representation
{
  "permissions": [
    string
  ]
}
Fields
permissions[]

string

A subset of TestPermissionsRequest.permissions that the caller is allowed.

Authorization scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/identitytoolkit
  • https://www.googleapis.com/auth/firebase
  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.