Index
ProjectConfigService(interface)TenantManagementService(interface)BlockingFunctionsConfig(message)BlockingFunctionsConfig.Trigger(message)ClientConfig(message)ClientConfig.Permissions(message)Config(message)Config.Subtype(enum)CreateDefaultSupportedIdpConfigRequest(message)CreateInboundSamlConfigRequest(message)CreateOAuthIdpConfigRequest(message)CreateTenantRequest(message)DefaultSupportedIdp(message)DefaultSupportedIdpConfig(message)DeleteDefaultSupportedIdpConfigRequest(message)DeleteInboundSamlConfigRequest(message)DeleteOAuthIdpConfigRequest(message)DeleteTenantRequest(message)EnableCicpRequest(message)EnableCicpResponse(message)GetConfigRequest(message)GetDefaultSupportedIdpConfigRequest(message)GetInboundSamlConfigRequest(message)GetOAuthIdpConfigRequest(message)GetTenantRequest(message)HashConfig(message)HashConfig.HashAlgorithm(enum)IdpCertificate(message)InboundSamlConfig(message)InboundSamlConfig.IdpConfig(message)InboundSamlConfig.SpConfig(message)ListDefaultSupportedIdpConfigsRequest(message)ListDefaultSupportedIdpConfigsResponse(message)ListDefaultSupportedIdpsRequest(message)ListDefaultSupportedIdpsResponse(message)ListInboundSamlConfigsRequest(message)ListInboundSamlConfigsResponse(message)ListOAuthIdpConfigsRequest(message)ListOAuthIdpConfigsResponse(message)ListTenantsRequest(message)ListTenantsResponse(message)MonitoringConfig(message)MonitoringConfig.RequestLogging(message)MultiFactorAuthConfig(message)MultiFactorAuthConfig.Provider(enum)MultiFactorAuthConfig.State(enum)NotificationConfig(message)NotificationConfig.SendEmail(message)NotificationConfig.SendEmail.DnsInfo(message)NotificationConfig.SendEmail.DnsInfo.VerificationState(enum)NotificationConfig.SendEmail.EmailTemplate(message)NotificationConfig.SendEmail.EmailTemplate.BodyFormat(enum)NotificationConfig.SendEmail.Method(enum)NotificationConfig.SendEmail.Smtp(message)NotificationConfig.SendEmail.Smtp.SecurityMode(enum)NotificationConfig.SendSms(message)NotificationConfig.SendSms.SmsTemplate(message)OAuthIdpConfig(message)OAuthIdpConfig.OAuthResponseType(message)QuotaConfig(message)QuotaConfig.TemporaryQuota(message)SignInConfig(message)SignInConfig.Anonymous(message)SignInConfig.Email(message)SignInConfig.PhoneNumber(message)SpCertificate(message)Tenant(message)UpdateConfigRequest(message)UpdateDefaultSupportedIdpConfigRequest(message)UpdateInboundSamlConfigRequest(message)UpdateOAuthIdpConfigRequest(message)UpdateTenantRequest(message)VerifyDomainRequest(message)VerifyDomainRequest.DomainVerificationAction(enum)VerifyDomainResponse(message)
ProjectConfigService
Project configuration for Identity Toolkit
| CreateDefaultSupportedIdpConfig |
|---|
|
Create a default supported Idp configuration for an Identity Toolkit project.
|
| CreateInboundSamlConfig |
|---|
|
Create an inbound SAML configuration for an Identity Toolkit project.
|
| CreateOAuthIdpConfig |
|---|
|
Create an Oidc Idp configuration for an Identity Toolkit project.
|
| DeleteDefaultSupportedIdpConfig |
|---|
|
Delete a default supported Idp configuration for an Identity Toolkit project.
|
| DeleteInboundSamlConfig |
|---|
|
Delete an inbound SAML configuration for an Identity Toolkit project.
|
| DeleteOAuthIdpConfig |
|---|
|
Delete an Oidc Idp configuration for an Identity Toolkit project.
|
| EnableCicp |
|---|
|
Enable CICP for a Cloud project. Cloud Identity for Customers and Partners (or CICP), is an end-to-end authentication system for third-party users to access your apps and services. These could include Mobile/Web Apps, Games, API's and beyond.
|
| GetConfig |
|---|
|
Retrieve an Identity Toolkit project configuration.
|
| GetDefaultSupportedIdpConfig |
|---|
|
Retrieve a default supported Idp configuration for an Identity Toolkit project.
|
| GetInboundSamlConfig |
|---|
|
Retrieve an inbound SAML configuration for an Identity Toolkit project.
|
| GetOAuthIdpConfig |
|---|
|
Retrieve an Oidc Idp configuration for an Identity Toolkit project.
|
| ListDefaultSupportedIdpConfigs |
|---|
|
List all default supported Idp configurations for an Identity Toolkit project.
|
| ListDefaultSupportedIdps |
|---|
|
List all default supported Idps.
|
| ListInboundSamlConfigs |
|---|
|
List all inbound SAML configurations for an Identity Toolkit project.
|
| ListOAuthIdpConfigs |
|---|
|
List all Oidc Idp configurations for an Identity Toolkit project.
|
| UpdateConfig |
|---|
|
Update an Identity Toolkit project configuration.
|
| UpdateDefaultSupportedIdpConfig |
|---|
|
Update a default supported Idp configuration for an Identity Toolkit project.
|
| UpdateInboundSamlConfig |
|---|
|
Update an inbound SAML configuration for an Identity Toolkit project.
|
| UpdateOAuthIdpConfig |
|---|
|
Update an Oidc Idp configuration for an Identity Toolkit project.
|
| VerifyDomain |
|---|
|
Verify the requested custom domain has required DNS records.
|
TenantManagementService
Tenant management service for GCIP.
| CreateTenant |
|---|
|
Create a tenant. Requires write permission on the Agent project.
|
| DeleteTenant |
|---|
|
Delete a tenant. Requires write permission on the Agent project.
|
| GetTenant |
|---|
|
Get a tenant. Requires read permission on the Tenant resource.
|
| ListTenants |
|---|
|
List tenants under the given agent project. Requires read permission on the Agent project.
|
| UpdateTenant |
|---|
|
Update a tenant. Requires write permission on the Tenant resource.
|
BlockingFunctionsConfig
Configuration related to blocking functions.
| Fields | |
|---|---|
triggers |
Map of Trigger to event type. Key should be one of the supported event types: "beforeCreate", "beforeSignIn" |
Trigger
Synchronous Cloud Function with HTTP Trigger
| Fields | |
|---|---|
function_uri |
HTTP URI trigger for the Cloud Function. |
update_time |
When the trigger was changed. |
ClientConfig
Options related to how clients making requests on behalf of a project should be configured.
| Fields | |
|---|---|
api_key |
Output only. API key that can be used when making requests for this project. |
permissions |
Configuration related to restricting a user's ability to affect their account. |
firebase_subdomain |
Output only. Firebase subdomain. |
Permissions
Configuration related to restricting a user's ability to affect their account.
| Fields | |
|---|---|
disabled_user_signup |
When true, end users cannot sign up for a new account on the associated project through any of our API methods |
disabled_user_deletion |
When true, end users cannot delete their account on the associated project through any of our API methods |
Config
Represents an Identity Toolkit project.
| Fields | |
|---|---|
name |
Output only. The name of the Config resource. Example: "projects/my-awesome-project/config" |
sign_in |
Configuration related to local sign in methods. |
notification |
Configuration related to sending notifications to users. |
quota |
Configuration related to quotas. |
monitoring |
Configuration related to monitoring project activity. |
authorized_domains[] |
List of domains authorized for OAuth redirects |
subtype |
Output only. The subtype of this config. |
client |
Options related to how clients making requests on behalf of a project should be configured. |
mfa |
Configuration for this project's multi-factor authentication, including whether it is active and what factors can be used for the second factor |
blocking_functions |
Configuration related to blocking functions. |
Subtype
The subtype of this config.
| Enums | |
|---|---|
SUBTYPE_UNSPECIFIED |
Default value. Do not use. |
CUSTOMER_IDENTITY |
A Customer Identity project. |
FIREBASE_AUTH |
A Firebase Authentication project. |
CreateDefaultSupportedIdpConfigRequest
Request for CreateDefaultSupportedIdpConfig
| Fields | |
|---|---|
parent |
The parent resource name where the config to be created, for example: "projects/my-awesome-project" Authorization requires the following IAM permission on the specified resource
|
idp_id |
The id of the Idp to create a config for. Call ListDefaultSupportedIdps for list of all default supported Idps. |
default_supported_idp_config |
The config resource which replaces the resource on the server. |
CreateInboundSamlConfigRequest
Request for CreateInboundSamlConfig
| Fields | |
|---|---|
parent |
The parent resource name where the config to be created, for example: "projects/my-awesome-project" Authorization requires the following IAM permission on the specified resource
|
inbound_saml_config_id |
The id to use for this config. |
inbound_saml_config |
The config resource to create. Client must not set the |
CreateOAuthIdpConfigRequest
Request for CreateOAuthIdpConfig
| Fields | |
|---|---|
parent |
The parent resource name where the config to be created, for example: "projects/my-awesome-project" Authorization requires the following IAM permission on the specified resource
|
oauth_idp_config_id |
The id to use for this config. |
oauth_idp_config |
The config resource to create. Client must not set the |
CreateTenantRequest
Request message for CreateTenant.
| Fields | |
|---|---|
parent |
The parent resource name where the tenant will be created. For example, "projects/project1". Authorization requires the following IAM permission on the specified resource
|
tenant |
Required. Tenant to be created. |
DefaultSupportedIdp
Standard Identity Toolkit-trusted IDPs.
| Fields | |
|---|---|
idp_id |
Id the of Idp |
description |
Description of the Idp |
DefaultSupportedIdpConfig
Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
| Fields | |
|---|---|
name |
The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com" |
enabled |
True if allows the user to sign in with the provider. |
client_id |
OAuth client ID. |
client_secret |
OAuth client secret. |
display_on_cloud_console |
Output only. Whether to show the IdP config on pantheon if the IdP is in disabled state. |
DeleteDefaultSupportedIdpConfigRequest
Request for DeleteDefaultSupportedIdpConfig
| Fields | |
|---|---|
name |
The resource name of the config, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com" Authorization requires the following IAM permission on the specified resource
|
DeleteInboundSamlConfigRequest
Request for DeleteInboundSamlConfig
| Fields | |
|---|---|
name |
The resource name of the config to be deleted, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Authorization requires the following IAM permission on the specified resource
|
DeleteOAuthIdpConfigRequest
Request for DeleteOAuthIdpConfig
| Fields | |
|---|---|
name |
The resource name of the config to be deleted, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Authorization requires the following IAM permission on the specified resource
|
DeleteTenantRequest
Request message for DeleteTenant.
| Fields | |
|---|---|
name |
Resource name of the tenant to delete. Authorization requires the following IAM permission on the specified resource
|
EnableCicpRequest
Request for EnableCicp.
| Fields | |
|---|---|
project |
The resource name of the target project the developer wants to enable CICP for. Authorization requires the following IAM permission on the specified resource
|
EnableCicpResponse
This type has no fields.
Response for EnableCicp. Empty for now.
GetConfigRequest
Request for GetConfig
| Fields | |
|---|---|
name |
The resource name of the config, for example: "projects/my-awesome-project/config" Authorization requires the following IAM permission on the specified resource
|
GetDefaultSupportedIdpConfigRequest
Request for GetDefaultSupportedIdpConfig
| Fields | |
|---|---|
name |
The resource name of the config, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com" Authorization requires the following IAM permission on the specified resource
|
GetInboundSamlConfigRequest
Request for GetInboundSamlConfig
| Fields | |
|---|---|
name |
The resource name of the config, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Authorization requires the following IAM permission on the specified resource
|
GetOAuthIdpConfigRequest
Requesst for GetOAuthIdpConfig
| Fields | |
|---|---|
name |
The resource name of the config, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Authorization requires the following IAM permission on the specified resource
|
GetTenantRequest
Request message for GetTenant.
| Fields | |
|---|---|
name |
Resource name of the tenant to retrieve. Authorization requires the following IAM permission on the specified resource
|
HashConfig
History information of the hash algorithm and key. Different accounts' passwords may be generated by different version.
| Fields | |
|---|---|
algorithm |
Output only. Different password hash algorithms used in Identity Toolkit. |
signer_key |
Output only. Signer key in base64. |
salt_separator |
Output only. Non-printable character to be inserted between the salt and plain text password in base64. |
rounds |
Output only. How many rounds for hash calculation. Used by scrypt and other similar password derivation algorithms. |
memory_cost |
Output only. Memory cost for hash calculation. Used by scrypt and other similar password derivation algorithms. See https://tools.ietf.org/html/rfc7914 for explanation of field. |
HashAlgorithm
Different password hash algorithms used in Identity Toolkit.
| Enums | |
|---|---|
HASH_ALGORITHM_UNSPECIFIED |
Default value. Do not use. |
HMAC_SHA256 |
HMAC_SHA256 |
HMAC_SHA1 |
HMAC_SHA1 |
HMAC_MD5 |
HMAC_MD5 |
SCRYPT |
SCRYPT |
PBKDF_SHA1 |
PBKDF_SHA1 |
MD5 |
MD5 |
HMAC_SHA512 |
HMAC_SHA512 |
SHA1 |
SHA1 |
BCRYPT |
BCRYPT |
PBKDF2_SHA256 |
PBKDF2_SHA256 |
SHA256 |
SHA256 |
SHA512 |
SHA512 |
STANDARD_SCRYPT |
STANDARD_SCRYPT |
IdpCertificate
The proto for the IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
| Fields | |
|---|---|
x509_certificate |
The x509 certificate |
InboundSamlConfig
The proto for storing a pair of SAML RP-IDP configurations when the project acts as the relying party.
| Fields | |
|---|---|
name |
The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests. |
idp_config |
The proto for storing SAML IdP (Identity Provider) configuration when the project acts as the relying party. |
sp_config |
The proto for storing SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. |
display_name |
The config's display name set by developers. |
enabled |
True if allows the user to sign in with the provider. |
IdpConfig
The proto for storing SAML IdP (Identity Provider) configuration when the project acts as the relying party.
| Fields | |
|---|---|
idp_entity_id |
Unique identifier for all SAML entities. |
sso_url |
URL to send Authentication request to. |
idp_certificates[] |
IDP's public keys for verifying signature in the assertions. |
sign_request |
Indicates if outbounding SAMLRequest should be signed. |
SpConfig
The proto for storing SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
| Fields | |
|---|---|
sp_entity_id |
Unique identifier for all SAML entities. |
callback_uri |
Callback URI where responses from IDP are handled. |
sp_certificates[] |
Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow. |
ListDefaultSupportedIdpConfigsRequest
Request for ListDefaultSupportedIdpConfigs
| Fields | |
|---|---|
parent |
The parent resource name, for example, "projects/my-awesome-project". Authorization requires the following IAM permission on the specified resource
|
page_size |
The maximum number of items to return. |
page_token |
The next_page_token value returned from a previous List request, if any. |
ListDefaultSupportedIdpConfigsResponse
Response for ListDefaultSupportedIdpConfigs
| Fields | |
|---|---|
default_supported_idp_configs[] |
The set of configs. |
next_page_token |
Token to retrieve the next page of results, or empty if there are no more results in the list. |
ListDefaultSupportedIdpsRequest
Request for ListDefaultSupportedIdps
| Fields | |
|---|---|
page_size |
The maximum number of items to return. |
page_token |
The next_page_token value returned from a previous List request, if any. |
ListDefaultSupportedIdpsResponse
Response for ListDefaultSupportedIdps
| Fields | |
|---|---|
default_supported_idps[] |
The set of configs. |
next_page_token |
Token to retrieve the next page of results, or empty if there are no more results in the list. |
ListInboundSamlConfigsRequest
Request for ListInboundSamlConfigs
| Fields | |
|---|---|
parent |
The parent resource name, for example, "projects/my-awesome-project". Authorization requires the following IAM permission on the specified resource
|
page_size |
The maximum number of items to return. |
page_token |
The next_page_token value returned from a previous List request, if any. |
ListInboundSamlConfigsResponse
Response for ListInboundSamlConfigs
| Fields | |
|---|---|
inbound_saml_configs[] |
The set of configs. |
next_page_token |
Token to retrieve the next page of results, or empty if there are no more results in the list. |
ListOAuthIdpConfigsRequest
Request for ListOAuthIdpConfigs
| Fields | |
|---|---|
parent |
The parent resource name, for example, "projects/my-awesome-project". Authorization requires the following IAM permission on the specified resource
|
page_size |
The maximum number of items to return. |
page_token |
The next_page_token value returned from a previous List request, if any. |
ListOAuthIdpConfigsResponse
Response for ListOAuthIdpConfigs
| Fields | |
|---|---|
oauth_idp_configs[] |
The set of configs. |
next_page_token |
Token to retrieve the next page of results, or empty if there are no more results in the list. |
ListTenantsRequest
Request message for ListTenants.
| Fields | |
|---|---|
parent |
Required. The parent resource name to list tenants for. Authorization requires the following IAM permission on the specified resource
|
page_token |
The pagination token from the response of a previous request. |
page_size |
The maximum number of results to return, capped at 1000. If not specified, the default value is 20. |
ListTenantsResponse
Response message for ListTenants.
| Fields | |
|---|---|
tenants[] |
A list of tenants under the given agent project. |
next_page_token |
The token to get the next page of results. |
MonitoringConfig
Configuration related to monitoring project activity.
| Fields | |
|---|---|
request_logging |
Configuration for logging requests made to this project to Stackdriver Logging |
RequestLogging
Configuration for logging requests made to this project to Stackdriver Logging
| Fields | |
|---|---|
enabled |
Whether logging is enabled for this project or not. |
MultiFactorAuthConfig
Options related to MultiFactor Authentication for the project.
| Fields | |
|---|---|
state |
Whether MultiFactor Authentication has been enabled for this project. |
enabled_providers[] |
A list of usable second factors for this project. |
Provider
A list of usable second factors for this project.
| Enums | |
|---|---|
PROVIDER_UNSPECIFIED |
Illegal Provider, should not be used |
PHONE_SMS |
SMS is enabled as a second factor for this project. |
State
Whether MultiFactor Authentication has been enabled for this project.
| Enums | |
|---|---|
STATE_UNSPECIFIED |
Illegal State, should not be used. |
DISABLED |
Multi-factor authentication cannot be used for this project |
ENABLED |
Multi-factor authentication can be used for this project |
ADMIN_ENABLED |
Multi-factor authentication can be used for this project, but can only be set up by project administrators |
NotificationConfig
Configuration related to sending notifications to users.
| Fields | |
|---|---|
send_email |
Options for email sending. |
send_sms |
Options for SMS sending. |
default_locale |
Default locale used for email and SMS in IETF BCP 47 format. |
SendEmail
Options for email sending.
| Fields | |
|---|---|
method |
The method used for sending an email. |
reset_password_template |
Email template for reset password |
verify_email_template |
Email template for verify email |
change_email_template |
Email template for change email |
legacy_reset_password_template |
Reset password email template for legacy Firebase V1 app. |
callback_uri |
action url in email template. |
dns_info |
Information of custom domain DNS verification. |
Union field email_provider_config. Email provider configuration used to send emails email_provider_config can be only one of the following: |
|
smtp |
Use a custom SMTP relay |
DnsInfo
Information of custom domain DNS verification. By default, default_domain will be used. A custom domain can be configured using VerifyCustomDomain.
| Fields | |
|---|---|
custom_domain |
Output only. The applied verified custom domain. |
use_custom_domain |
Whether to use custom domain. |
pending_custom_domain |
Output only. The custom domain that's to be verified. |
custom_domain_state |
Output only. The current verification state of the custom domain. The custom domain will only be used once the domain verification is successful. |
domain_verification_request_time |
Output only. The timestamp of initial request for the current domain verification. |
VerificationState
The current verification state of the custom domain.
| Enums | |
|---|---|
VERIFICATION_STATE_UNSPECIFIED |
Default value. Do not use. |
NOT_STARTED |
The verification has not started. |
IN_PROGRESS |
The verification is in progress. |
FAILED |
The verification failed. |
SUCCEEDED |
The verification succeeded and is ready to be applied. |
EmailTemplate
Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The Google Cloud project's display name. %DISPLAY_NAME% - The user's display name.
| Fields | |
|---|---|
sender_local_part |
Local part of From address |
subject |
Subject of the email |
sender_display_name |
Sender display name |
body |
Email body |
body_format |
Email body format |
reply_to |
Reply-to address |
customized |
Output only. Whether the body or subject of the email is customized. |
BodyFormat
Email body format
| Enums | |
|---|---|
BODY_FORMAT_UNSPECIFIED |
Default value. Do not use. |
PLAIN_TEXT |
Plain text |
HTML |
HTML |
Method
The method used for sending an email.
| Enums | |
|---|---|
METHOD_UNSPECIFIED |
Email method unspecified. |
DEFAULT |
Sending email on behalf of developer. |
CUSTOM_SMTP |
Sending email using SMTP configuration provided by developers. |
Smtp
Configuration for SMTP relay
| Fields | |
|---|---|
sender_email |
Sender email for the SMTP relay |
host |
SMTP relay host |
port |
SMTP relay port |
username |
SMTP relay username |
password |
SMTP relay password |
security_mode |
SMTP security mode. |
SecurityMode
SMTP security mode.
| Enums | |
|---|---|
SECURITY_MODE_UNSPECIFIED |
Default value. Do not use. |
SSL |
SSL mode |
START_TLS |
START_TLS mode |
SendSms
Options for SMS sending.
| Fields | |
|---|---|
use_device_locale |
Whether to use the accept_language header for SMS. |
sms_template |
Output only. The template to use when sending an SMS. |
SmsTemplate
The template to use when sending an SMS.
| Fields | |
|---|---|
content |
Output only. The SMS's content. Can contain the following placeholders which will be replaced with the appropriate values: %APP_NAME% - For Android or iOS apps, the app's display name. For web apps, the domain hosting the application. %LOGIN_CODE% - The OOB code being sent in the SMS. |
OAuthIdpConfig
Configuration options for authenticating with an OAuth IDP.
| Fields | |
|---|---|
name |
The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests. |
client_id |
The client id of an OAuth client. |
issuer |
For OIDC Idps, the issuer identifier. |
display_name |
The config's display name set by developers. |
enabled |
True if allows the user to sign in with the provider. |
client_secret |
The client secret of the OAuth client, to enable OIDC code flow. |
response_type |
The response type to request for in the OAuth authorization flow. You can set either |
OAuthResponseType
The response type to request for in the OAuth authorization flow. You can set either id_token or code to true, but not both. Setting both types to be simultaneously true ({code: true, id_token: true}) is not yet supported.
See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow.
| Fields | |
|---|---|
id_token |
If true, ID token is returned from IdP's authorization endpoint. |
code |
If true, authorization code is returned from IdP's authorization endpoint. |
token |
Do not use. The |
QuotaConfig
Configuration related to quotas.
| Fields | |
|---|---|
sign_up_quota_config |
Quota for the Signup endpoint, if overwritten. Signup quota is measured in sign ups per project per hour per IP. |
TemporaryQuota
Temporary quota increase / decrease
| Fields | |
|---|---|
quota |
Corresponds to the 'refill_token_count' field in QuotaServer config |
start_time |
When this quota will take effect |
quota_duration |
How long this quota will be active for |
SignInConfig
Configuration related to local sign in methods.
| Fields | |
|---|---|
email |
Configuration options related to authenticating a user by their email address. |
phone_number |
Configuration options related to authenticated a user by their phone number. |
anonymous |
Configuration options related to authenticating an anonymous user. |
allow_duplicate_emails |
Whether to allow more than one account to have the same email. |
hash_config |
Output only. Hash config information. |
Anonymous
Configuration options related to authenticating an anonymous user.
| Fields | |
|---|---|
enabled |
Whether anonymous user auth is enabled for the project or not. |
Configuration options related to authenticating a user by their email address.
| Fields | |
|---|---|
enabled |
Whether email auth is enabled for the project or not. |
password_required |
Whether a password is required for email auth or not. If true, both an email and password must be provided to sign in. If false, a user may sign in via either email/password or email link. |
hash_config |
Output only. Hash config information. |
PhoneNumber
Configuration options related to authenticated a user by their phone number.
| Fields | |
|---|---|
enabled |
Whether phone number auth is enabled for the project or not. |
test_phone_numbers |
A map of <test phone number, fake code> that can be used for phone auth testing. |
SpCertificate
The proto for the SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
| Fields | |
|---|---|
x509_certificate |
Self-signed public certificate. |
expires_at |
Timestamp of the cert expiration instance. |
Tenant
A Tenant contains configuration for the tenant in a multi-tenant project.
| Fields | |
|---|---|
name |
Resource name of a tenant. For example: "projects/project1/tenants/tenant1" |
display_name |
Display name of the tenant. |
saml_configs[] |
SAML configurations requested. |
idp_configs[] |
IDP configurations requested. |
allow_password_signup |
Whether to allow email/password sign up. |
enable_email_link_signin |
Whether to enable email link sign up. |
disable_auth |
Whether the tenant is disabled for authentication. The users under the disabled tenant are not allowed to sign-in. Admins of the disabled tenant are not able to manage its users. |
UpdateConfigRequest
Request for UpdateConfig
| Fields | |
|---|---|
config |
The config resource which replaces the resource on the server. Authorization requires the following IAM permission on the specified resource
|
update_mask |
The update mask applies to the resource. Fields set in the config but not included in this update mask will be ignored. For the |
UpdateDefaultSupportedIdpConfigRequest
Request for UpdateDefaultSupportedIdpConfig
| Fields | |
|---|---|
default_supported_idp_config |
The config resource which replaces the resource on the server. Authorization requires the following IAM permission on the specified resource
|
update_mask |
The update mask applies to the resource. For the |
UpdateInboundSamlConfigRequest
Request for UpdateInboundSamlConfig
| Fields | |
|---|---|
inbound_saml_config |
The config resource which replaces the resource on the server. Authorization requires the following IAM permission on the specified resource
|
update_mask |
The update mask applies to the resource. Empty update mask will result in updating nothing. For the |
UpdateOAuthIdpConfigRequest
Request for UpdateOAuthIdpConfig
| Fields | |
|---|---|
oauth_idp_config |
The config resource which replaces the resource on the server. Authorization requires the following IAM permission on the specified resource
|
update_mask |
The update mask applies to the resource. Empty update mask will result in updating nothing. For the |
UpdateTenantRequest
Request message for UpdateTenant.
| Fields | |
|---|---|
tenant |
Required. Tenant to be updated. Authorization requires the following IAM permission on the specified resource
|
update_mask |
The update mask applies to the resource. For the |
VerifyDomainRequest
Request message to verify the requested custom domain has required DNS records.
| Fields | |
|---|---|
resource |
The name of the resource to verify the domain of. This method currently accepts verifying domains for either projects (example 'projects/my-awesome-project') or tenants (example 'projects/my-awesome-project/tenants/my-awesome-tenant'). Authorization requires the following IAM permission on the specified resource
|
domain |
The target domain of this request. |
action |
The action being attempted on the given domain. |
DomainVerificationAction
The action being attempted on the given domain.
| Enums | |
|---|---|
DOMAIN_VERIFICATION_ACTION_UNSPECIFIED |
Default value. Do not use. |
VERIFY |
Verify the domain in request. |
CANCEL |
Cancel the current verification process. |
APPLY |
Apply the custom domain in email sending. |
VerifyDomainResponse
Response for VerifyDomain request.
| Fields | |
|---|---|
verification_state |
The resulting state for the given domain after this request is processed. |
verification_error |
When applicable, a textual explanation for why the domain wasn't enable to be verified. |