ObjectAccessControls: get

Returns the ACL entry for the specified entity on the specified object.

Important: This method fails with a 400 Bad Request response for buckets with uniform bucket-level access enabled. Use storage.buckets.getIamPolicy and storage.buckets.setIamPolicy to control access instead.

Required permissions

The authenticated user must have one of the following permissions to use this method:

The storage.objects.getIamPolicy IAM permission for the bucket containing the object
The OWNER ACL permission for the object

Request

HTTP request

GET https://storage.googleapis.com/storage/v1/b/bucket/o/object/acl/entity

In addition to standard query parameters, the following query parameters apply to this method.

To see an example of how to include query parameters in a request, see the JSON API Overview page.

Parameters

Parameter name	Value	Description
Path parameters
`bucket`	`string`	Name of a bucket.
`entity`	`string`	The entity holding the permission. Can be `user-emailAddress`, `group-groupId`, `group-emailAddress`, `allUsers`, or `allAuthenticatedUsers`.
`object`	`string`	Name of the object. For information about how to URL encode object names to be path safe, see Encoding URI path parts.
Optional query parameters
`generation`	`long`	If present, selects a specific revision of this object (as opposed to the latest version, the default).

Request body

Do not supply a request body with this method.

Response

If successful, this method returns an ObjectAccessControls resource in the response body.

Try it!

Use the APIs Explorer below to call this method on live data and see the response.