Stay organized with collections Save and categorize content based on your preferences.

Managing identity-mapped group memberships

After a group exists, you can create memberships for it. This page explains how to perform some fundamental membership operations with the Cloud Identity Groups API.

Before you begin

Set up authentication and install the client libraries. See Setting up the Cloud Identity Groups API to learn how.

Adding a membership to an identity-mapped group

REST

To add a member to an identity-mapped group, call groups.memberships.create() with the ID of the parent group and a memberships resource.

Python

The following code shows you how to associate a member with a group:

def create_identity_group_membership(service, identity_source_id, group_id, member_key):
  param = "&groupKey.id=" + group_id + "&groupKey.namespace=identitysources/" + identity_source_id
  try:
    lookupGroupNameRequest = service.groups().lookup()
    lookupGroupNameRequest.uri += param
    lookupGroupNameResponse = lookupGroupNameRequest.execute()
    groupName = lookupGroupNameResponse.get("name")
    membership = {
      "memberKey": member_key,
      "roles" : {
        "name" : "MEMBER"
      }
    }
    # Create a membership using the ID for the parent group and a membership object
    response = service.groups().memberships().create(parent=groupName, body=membership).execute()
    print response
  except Exception, e:
    print e

Listing memberships for an identity-mapped group

REST

To list memberships in an identity-mapped group, call groups.memberships.list() with the ID of the parent group and a memberships resource.

Python

The following code lists the memberships for a group:

def list_identity_group_membership(service, identity_source_id, group_id):
  param = "&groupKey.id=" + group_id + "&groupKey.namespace=identitysources/" + identity_source_id
  try:
    lookup_group_name_request = service.groups().lookup()
    lookup_group_name_request.uri += param
    lookup_group_name_response = lookup_group_name_request.execute()
    group_name = lookup_group_name_response.get("name")
    # List memberships
    response = service.groups().memberships().list(parent=group_name).execute()
    print response
  except Exception, e:
    print e