Updating the client state
The following examples shows you how to update the client state for the API client calling the Devices API.
REST
To update the client state, call
devices.clientStates.patch()
with a customer name and
ClientState object.
Python HTTP
The following example shows a helper function to update the client state using the Python HTTP library:
"""Sample script to demonstrate the use of the Update method in the Devices API."""
import json
import pprint
from six.moves import urllib
import google.auth.transport.requests
from google.oauth2 import service_account
SCOPES = ['https://www.googleapis.com/auth/cloud-identity.devices']
BASE_URL = 'https://cloudidentity.googleapis.com/v1/'
# Change this to the location of the service account key
SA_FILE = ''
# Enter the administrator to call as here.
ADMIN_EMAIL = ''
# Enter the Device User Resource Name. You can get this from the value
# of the name field in the results of a List method call
RESOURCE_NAME = ''
# Enter the Client ID, which is in the format <customer-id>-<somestring>
# Where 'customer-id' is your customer id.
CLIENT_ID = ''
if not SA_FILE:
print('Please specify the location of the service account key file')
if not ADMIN_EMAIL:
print('Please specify the email of the administrator to call as')
if not RESOURCE_NAME:
print('Please specify the Device User Resource Name to be approved')
if not CLIENT_ID:
print('Please specify your client id, which is your customer-id, followed by'
' a hyphen, folowed by any string')
if not SA_FILE or not ADMIN_EMAIL or not RESOURCE_NAME or not CLIENT_ID:
exit(-1)
def create_delegated_credentials(user_email):
credentials = service_account.Credentials.from_service_account_file(
SA_FILE,
scopes=['https://www.googleapis.com/auth/cloud-identity.devices'])
delegated_credentials = credentials.with_subject(user_email)
return delegated_credentials
######################################################################
# AUTHENTICATE the service account and retrieve an oauth2 access token
request = google.auth.transport.requests.Request()
dc = create_delegated_credentials(ADMIN_EMAIL)
dc.refresh(request)
print('Access token: ' + dc.token + '\n')
###############################
# Update the client state
header = {
'authorization': 'Bearer ' + dc.token,
'Content-Type': 'application/json'
}
body = {
'customId': 'abcd',
'assetTags': ['efgh', 'ijkl'],
'healthScore': 'GOOD',
'scoreReason': 'all ok',
'managed': 'MANAGED',
'complianceState': 'COMPLIANT'
}
update_clientstate_url = BASE_URL + RESOURCE_NAME + '/clientStates/' + CLIENT_ID + '?updateMask=' +
'customId,assetTags,healthScore,scoreReason,managed,complianceState'
serialized_body = json.dumps(body, separators=(',', ':'))
request = urllib.request.Request(
update_clientstate_url, serialized_body, headers=header)
request.get_method = lambda: 'PATCH'
try:
contents = urllib.request.urlopen(request)
except urllib.error.HTTPError as e:
if e.code == 404:
print('The resource was not found')
else:
print('Permission denied. Did you provide the correct client id?')
exit(-1)
update_response = json.loads(contents.read())
pp = pprint.PrettyPrinter(indent=4)
pp.pprint(update_response['response'])
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-08-07 UTC.