Identity Toolkit API (identitytoolkit:v1)

2022-08-17

41 new methods | New API

Additions

    Methods
  • identitytoolkit.accounts.signUp

      Scopes: https://www.googleapis.com/auth/cloud-platform

      HTTP Method: POST

      Description: Signs up a new email and password user or anonymous user, or upgrades an anonymous user to email and password. For an admin request with a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control), creates a new anonymous, email and password, or phone number user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

      Path: v1/accounts:signUp

      Flat Path: v1/accounts:signUp

  • identitytoolkit.accounts.update

      HTTP Method: POST

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Flat Path: v1/accounts:update

      Description: Updates account-related information for the specified user by setting specific fields or applying action codes. Requests from administrators and end users are supported.

      Path: v1/accounts:update

  • identitytoolkit.accounts.sendOobCode

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Description: Sends an out-of-band confirmation code for an account. Requests from a authenticated request can optionally return a link including the OOB code instead of sending it.

      Flat Path: v1/accounts:sendOobCode

      Path: v1/accounts:sendOobCode

      HTTP Method: POST

  • identitytoolkit.accounts.signInWithPassword

      Path: v1/accounts:signInWithPassword

      HTTP Method: POST

      Flat Path: v1/accounts:signInWithPassword

      Description: Signs in a user with email and password. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

      Scopes: https://www.googleapis.com/auth/cloud-platform

  • identitytoolkit.accounts.signInWithGameCenter

      Description: Signs in or signs up a user with iOS Game Center credentials. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. The bundle ID is required in the request header as `x-ios-bundle-identifier`. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

      Flat Path: v1/accounts:signInWithGameCenter

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Path: v1/accounts:signInWithGameCenter

      HTTP Method: POST

  • identitytoolkit.accounts.createAuthUri

      Description: If an email identifier is specified, checks and returns if any user account is registered with the email. If there is a registered account, fetches all providers associated with the account's email. If the provider ID of an Identity Provider (IdP) is specified, creates an authorization URI for the IdP. The user can be directed to this URI to sign in with the IdP. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

      Flat Path: v1/accounts:createAuthUri

      Scopes: https://www.googleapis.com/auth/cloud-platform

      HTTP Method: POST

      Path: v1/accounts:createAuthUri

  • identitytoolkit.accounts.verifyIosClient

      HTTP Method: POST

      Description: Verifies an iOS client is a real iOS device. If the request is valid, a reciept will be sent in the response and a secret will be sent via Apple Push Notification Service. The client should send both of them back to certain Identity Platform APIs in a later call (for example, /accounts:sendVerificationCode), in order to verify the client. The bundle ID is required in the request header as `x-ios-bundle-identifier`. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

      Path: v1/accounts:verifyIosClient

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Flat Path: v1/accounts:verifyIosClient

  • identitytoolkit.accounts.sendVerificationCode

      Description: Sends a SMS verification code for phone number sign-in. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

      Path: v1/accounts:sendVerificationCode

      HTTP Method: POST

      Flat Path: v1/accounts:sendVerificationCode

      Scopes: https://www.googleapis.com/auth/cloud-platform

  • identitytoolkit.accounts.lookup

      Description: Gets account information for all matched accounts. For an end user request, retrieves the account of the end user. For an admin request with Google OAuth 2.0 credential, retrieves one or multiple account(s) with matching criteria.

      HTTP Method: POST

      Path: v1/accounts:lookup

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Flat Path: v1/accounts:lookup

  • identitytoolkit.accounts.issueSamlResponse

  • identitytoolkit.accounts.signInWithCustomToken

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Path: v1/accounts:signInWithCustomToken

      Flat Path: v1/accounts:signInWithCustomToken

      Description: Signs in or signs up a user by exchanging a custom Auth token. Upon a successful sign-in or sign-up, a new Identity Platform ID token and refresh token are issued for the user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

      HTTP Method: POST

  • identitytoolkit.accounts.delete

  • identitytoolkit.accounts.signInWithIdp

      HTTP Method: POST

      Path: v1/accounts:signInWithIdp

      Description: Signs in or signs up a user using credentials from an Identity Provider (IdP). This is done by manually providing an IdP credential, or by providing the authorization response obtained via the authorization request from CreateAuthUri. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. A new Identity Platform user account will be created if the user has not previously signed in to the IdP with the same account. In addition, when the "One account per email address" setting is enabled, there should not be an existing Identity Platform user account with the same email address for a new user account to be created. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

      Flat Path: v1/accounts:signInWithIdp

      Scopes: https://www.googleapis.com/auth/cloud-platform

  • identitytoolkit.accounts.signInWithPhoneNumber

      HTTP Method: POST

      Path: v1/accounts:signInWithPhoneNumber

      Description: Completes a phone number authentication attempt. If a user already exists with the given phone number, an ID token is minted for that user. Otherwise, a new user is created and associated with the phone number. This method may also be used to link a phone number to an existing user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Flat Path: v1/accounts:signInWithPhoneNumber

  • identitytoolkit.accounts.resetPassword

      Path: v1/accounts:resetPassword

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Flat Path: v1/accounts:resetPassword

      Description: Resets the password of an account either using an out-of-band code generated by sendOobCode or by specifying the email and password of the account to be modified. Can also check the purpose of an out-of-band code without consuming it.

      HTTP Method: POST

  • identitytoolkit.accounts.signInWithEmailLink

      Flat Path: v1/accounts:signInWithEmailLink

      Description: Signs in or signs up a user with a out-of-band code from an email link. If a user does not exist with the given email address, a user record will be created. If the sign-in succeeds, an Identity Platform ID and refresh token are issued for the authenticated user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Path: v1/accounts:signInWithEmailLink

      HTTP Method: POST

  • identitytoolkit.getSessionCookiePublicKeys

      Path: v1/sessionCookiePublicKeys

      Description: Retrieves the set of public keys of the session cookie JSON Web Token (JWT) signer that can be used to validate the session cookie created through createSessionCookie.

      Flat Path: v1/sessionCookiePublicKeys

      HTTP Method: GET

  • identitytoolkit.getPublicKeys

      HTTP Method: GET

      Flat Path: v1/publicKeys

      Description: Retrieves public keys of the legacy Identity Toolkit token signer to enable third parties to verify the legacy ID token. For now the X509 pem cert is the only format supported.

      Path: v1/publicKeys

      Scopes: https://www.googleapis.com/auth/cloud-platform

  • identitytoolkit.getProjects

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Description: Gets a project's public Identity Toolkit configuration. (Legacy) This method also supports authenticated calls from a developer to retrieve non-public configuration.

      Path: v1/projects

      HTTP Method: GET

      Parameters:

        clientId

          Type: string

          Description: The RP OAuth client ID. If set, a check will be performed to ensure that the OAuth client is valid for the retrieved project and the request rejected with a client error if not valid.

          Location: query

        returnDynamicLink

          Location: query

          Description: Whether dynamic link should be returned.

          Type: boolean

        sha1Cert

          Description: SHA-1 Android application cert hash. If set, a check will be performed to ensure that the cert hash is valid for the retrieved project and android_package_name.

          Type: string

          Location: query

        projectNumber

          Format: int64

          Type: string

          Location: query

          Description: Project number of the configuration to retrieve. This field is deprecated and should not be used by new integrations.

        firebaseAppId

          Type: string

          Description: The Firebase app ID, for applications that use Firebase. This can be found in the Firebase console for your project. If set, a check will be performed to ensure that the app ID is valid for the retrieved project. If not valid, the request will be rejected with a client error.

          Location: query

        iosBundleId

          Type: string

          Location: query

          Description: iOS bundle id to check against the real ios bundle id. If this field is provided, the action will throw an error if this does not match the real iOS bundle id.

        androidPackageName

          Description: Android package name to check against the real android package name. If this field is provided, and sha1_cert_hash is not provided, the action will throw an error if this does not match the real android package name.

          Location: query

          Type: string

        delegatedProjectNumber

          Format: int64

          Location: query

          Type: string

          Description: Project Number of the delegated project request. This field should only be used as part of the Firebase V1 migration.

      Flat Path: v1/projects

  • identitytoolkit.getRecaptchaParams

  • identitytoolkit.projects.accounts.batchCreate

      HTTP Method: POST

      Parameters:

        targetProjectId

          Description: The Project ID of the Identity Platform project which the account belongs to.

          Type: string

          Pattern: ^[^/]+$

          Required: Yes

          Location: path

      Scopes:

    • https://www.googleapis.com/auth/cloud-platform
    • https://www.googleapis.com/auth/firebase
    • Flat Path: v1/projects/{projectsId}/accounts:batchCreate

      Path: v1/projects/{+targetProjectId}/accounts:batchCreate

      Parameter Order: targetProjectId

      Description: Uploads multiple accounts into the Google Cloud project. If there is a problem uploading one or more of the accounts, the rest will be uploaded, and a list of the errors will be returned. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).

  • identitytoolkit.projects.accounts.delete

      Parameters:

        targetProjectId

          Required: Yes

          Pattern: ^[^/]+$

          Description: The ID of the project which the account belongs to. Should only be specified in authenticated requests that specify local_id of an account.

          Location: path

          Type: string

      Parameter Order: targetProjectId

      HTTP Method: POST

      Path: v1/projects/{+targetProjectId}/accounts:delete

      Description: Deletes a user's account.

      Flat Path: v1/projects/{projectsId}/accounts:delete

      Scopes: https://www.googleapis.com/auth/cloud-platform

  • identitytoolkit.projects.accounts.batchGet

      Scopes:

    • https://www.googleapis.com/auth/cloud-platform
    • https://www.googleapis.com/auth/firebase
    • Path: v1/projects/{+targetProjectId}/accounts:batchGet

      Description: Download account information for all accounts on the project in a paginated manner. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).. Furthermore, additional permissions are needed to get password hash, password salt, and password version from accounts; otherwise these fields are redacted.

      Parameter Order: targetProjectId

      Parameters:

        tenantId

          Description: The ID of the Identity Platform tenant the accounts belongs to. If not specified, accounts on the Identity Platform project are returned.

          Location: query

          Type: string

        targetProjectId

          Required: Yes

          Description: If `tenant_id` is specified, the ID of the Google Cloud project that the Identity Platform tenant belongs to. Otherwise, the ID of the Google Cloud project that the accounts belong to.

          Location: path

          Type: string

          Pattern: ^[^/]+$

        nextPageToken

          Type: string

          Description: The pagination token from the response of a previous request.

          Location: query

        delegatedProjectNumber

          Type: string

          Location: query

          Format: int64

        maxResults

          Description: The maximum number of results to return. Must be at least 1 and no greater than 1000. By default, it is 20.

          Type: integer

          Location: query

          Format: int32

      HTTP Method: GET

      Flat Path: v1/projects/{projectsId}/accounts:batchGet

  • identitytoolkit.projects.accounts.batchDelete

      Parameter Order: targetProjectId

      Parameters:

        targetProjectId

          Description: If `tenant_id` is specified, the ID of the Google Cloud project that the Identity Platform tenant belongs to. Otherwise, the ID of the Google Cloud project that accounts belong to.

          Pattern: ^[^/]+$

          Type: string

          Required: Yes

          Location: path

      Flat Path: v1/projects/{projectsId}/accounts:batchDelete

      HTTP Method: POST

      Description: Batch deletes multiple accounts. For accounts that fail to be deleted, error info is contained in the response. The method ignores accounts that do not exist or are duplicated in the request. This method requires a Google OAuth 2.0 credential with proper permissions. (https://cloud.google.com/identity-platform/docs/access-control)

      Path: v1/projects/{+targetProjectId}/accounts:batchDelete

      Scopes:

    • https://www.googleapis.com/auth/cloud-platform
    • https://www.googleapis.com/auth/firebase
  • identitytoolkit.projects.accounts.lookup

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Flat Path: v1/projects/{projectsId}/accounts:lookup

      Parameters:

        targetProjectId

          Description: The ID of the Google Cloud project that the account or the Identity Platform tenant specified by `tenant_id` belongs to. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).

          Type: string

          Pattern: ^[^/]+$

          Location: path

          Required: Yes

      Parameter Order: targetProjectId

      Description: Gets account information for all matched accounts. For an end user request, retrieves the account of the end user. For an admin request with Google OAuth 2.0 credential, retrieves one or multiple account(s) with matching criteria.

      HTTP Method: POST

      Path: v1/projects/{+targetProjectId}/accounts:lookup

  • identitytoolkit.projects.accounts.sendOobCode

      Parameter Order: targetProjectId

      Parameters:

        targetProjectId

          Description: The Project ID of the Identity Platform project which the account belongs to. To specify this field, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).

          Pattern: ^[^/]+$

          Type: string

          Required: Yes

          Location: path

      Path: v1/projects/{+targetProjectId}/accounts:sendOobCode

      HTTP Method: POST

      Flat Path: v1/projects/{projectsId}/accounts:sendOobCode

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Description: Sends an out-of-band confirmation code for an account. Requests from a authenticated request can optionally return a link including the OOB code instead of sending it.

  • identitytoolkit.projects.accounts.update

      HTTP Method: POST

      Path: v1/projects/{+targetProjectId}/accounts:update

      Parameter Order: targetProjectId

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Parameters:

        targetProjectId

          Type: string

          Description: The project ID for the project that the account belongs to. Specifying this field requires Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). Requests from end users should pass an Identity Platform ID token instead.

          Pattern: ^[^/]+$

          Location: path

          Required: Yes

      Description: Updates account-related information for the specified user by setting specific fields or applying action codes. Requests from administrators and end users are supported.

      Flat Path: v1/projects/{projectsId}/accounts:update

  • identitytoolkit.projects.accounts.query

      Description: Looks up user accounts within a project or a tenant based on conditions in the request.

      Parameters:

        targetProjectId

          Description: The ID of the project to which the result is scoped.

          Location: path

          Pattern: ^[^/]+$

          Required: Yes

          Type: string

      Path: v1/projects/{+targetProjectId}/accounts:query

      Flat Path: v1/projects/{projectsId}/accounts:query

      Scopes:

    • https://www.googleapis.com/auth/cloud-platform
    • https://www.googleapis.com/auth/firebase
    • HTTP Method: POST

      Parameter Order: targetProjectId

  • identitytoolkit.projects.tenants.accounts

      Parameters:

        targetProjectId

          Type: string

          Pattern: ^[^/]+$

          Required: Yes

          Location: path

          Description: The project ID of the project which the user should belong to. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). If this is not set, the target project is inferred from the scope associated to the Bearer access token.

        tenantId

          Description: The ID of the Identity Platform tenant to create a user under. If not set, the user will be created under the default Identity Platform project.

          Required: Yes

          Pattern: ^[^/]+$

          Type: string

          Location: path

      Parameter Order:

    • targetProjectId
    • tenantId
    • HTTP Method: POST

      Flat Path: v1/projects/{projectsId}/tenants/{tenantsId}/accounts

      Path: v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts

      Description: Signs up a new email and password user or anonymous user, or upgrades an anonymous user to email and password. For an admin request with a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control), creates a new anonymous, email and password, or phone number user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

      Scopes: https://www.googleapis.com/auth/cloud-platform

  • identitytoolkit.projects.tenants.createSessionCookie

      HTTP Method: POST

      Path: v1/projects/{+targetProjectId}/tenants/{+tenantId}:createSessionCookie

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Parameters:

        targetProjectId

          Required: Yes

          Location: path

          Description: The ID of the project that the account belongs to.

          Pattern: ^[^/]+$

          Type: string

        tenantId

          Type: string

          Location: path

          Pattern: ^[^/]+$

          Required: Yes

          Description: The tenant ID of the Identity Platform tenant the account belongs to.

      Flat Path: v1/projects/{projectsId}/tenants/{tenantsId}:createSessionCookie

      Parameter Order:

    • targetProjectId
    • tenantId
    • Description: Creates a session cookie for the given Identity Platform ID token. The session cookie is used by the client to preserve the user's login state.

  • identitytoolkit.projects.tenants.accounts.query

      Description: Looks up user accounts within a project or a tenant based on conditions in the request.

      Parameters:

        targetProjectId

          Type: string

          Location: path

          Required: Yes

          Pattern: ^[^/]+$

          Description: The ID of the project to which the result is scoped.

        tenantId

          Required: Yes

          Location: path

          Description: The ID of the tenant to which the result is scoped.

          Type: string

          Pattern: ^[^/]+$

      HTTP Method: POST

      Flat Path: v1/projects/{projectsId}/tenants/{tenantsId}/accounts:query

      Path: v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:query

      Scopes:

    • https://www.googleapis.com/auth/cloud-platform
    • https://www.googleapis.com/auth/firebase
    • Parameter Order:

    • targetProjectId
    • tenantId
  • identitytoolkit.projects.tenants.accounts.batchCreate

      Path: v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:batchCreate

      Parameter Order:

    • targetProjectId
    • tenantId
    • Parameters:

        targetProjectId

          Required: Yes

          Location: path

          Pattern: ^[^/]+$

          Type: string

          Description: The Project ID of the Identity Platform project which the account belongs to.

        tenantId

          Description: The ID of the Identity Platform tenant the account belongs to.

          Required: Yes

          Type: string

          Pattern: ^[^/]+$

          Location: path

      Flat Path: v1/projects/{projectsId}/tenants/{tenantsId}/accounts:batchCreate

      HTTP Method: POST

      Description: Uploads multiple accounts into the Google Cloud project. If there is a problem uploading one or more of the accounts, the rest will be uploaded, and a list of the errors will be returned. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).

      Scopes:

    • https://www.googleapis.com/auth/cloud-platform
    • https://www.googleapis.com/auth/firebase
  • identitytoolkit.projects.tenants.accounts.batchDelete

      Parameter Order:

    • targetProjectId
    • tenantId
    • Path: v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:batchDelete

      HTTP Method: POST

      Flat Path: v1/projects/{projectsId}/tenants/{tenantsId}/accounts:batchDelete

      Parameters:

        targetProjectId

          Pattern: ^[^/]+$

          Description: If `tenant_id` is specified, the ID of the Google Cloud project that the Identity Platform tenant belongs to. Otherwise, the ID of the Google Cloud project that accounts belong to.

          Location: path

          Required: Yes

          Type: string

        tenantId

          Type: string

          Location: path

          Required: Yes

          Description: If the accounts belong to an Identity Platform tenant, the ID of the tenant. If the accounts belong to an default Identity Platform project, the field is not needed.

          Pattern: ^[^/]+$

      Description: Batch deletes multiple accounts. For accounts that fail to be deleted, error info is contained in the response. The method ignores accounts that do not exist or are duplicated in the request. This method requires a Google OAuth 2.0 credential with proper permissions. (https://cloud.google.com/identity-platform/docs/access-control)

      Scopes:

    • https://www.googleapis.com/auth/cloud-platform
    • https://www.googleapis.com/auth/firebase
  • identitytoolkit.projects.tenants.accounts.batchGet

      Scopes:

    • https://www.googleapis.com/auth/cloud-platform
    • https://www.googleapis.com/auth/firebase
    • Parameters:

        targetProjectId

          Required: Yes

          Location: path

          Description: If `tenant_id` is specified, the ID of the Google Cloud project that the Identity Platform tenant belongs to. Otherwise, the ID of the Google Cloud project that the accounts belong to.

          Pattern: ^[^/]+$

          Type: string

        nextPageToken

          Type: string

          Location: query

          Description: The pagination token from the response of a previous request.

        tenantId

          Description: The ID of the Identity Platform tenant the accounts belongs to. If not specified, accounts on the Identity Platform project are returned.

          Type: string

          Pattern: ^[^/]+$

          Location: path

          Required: Yes

        delegatedProjectNumber

          Format: int64

          Location: query

          Type: string

        maxResults

          Description: The maximum number of results to return. Must be at least 1 and no greater than 1000. By default, it is 20.

          Type: integer

          Format: int32

          Location: query

      Path: v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:batchGet

      Description: Download account information for all accounts on the project in a paginated manner. To use this method requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).. Furthermore, additional permissions are needed to get password hash, password salt, and password version from accounts; otherwise these fields are redacted.

      Parameter Order:

    • targetProjectId
    • tenantId
    • HTTP Method: GET

      Flat Path: v1/projects/{projectsId}/tenants/{tenantsId}/accounts:batchGet

  • identitytoolkit.projects.tenants.accounts.sendOobCode

      Parameters:

        targetProjectId

          Type: string

          Location: path

          Description: The Project ID of the Identity Platform project which the account belongs to. To specify this field, it requires a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).

          Required: Yes

          Pattern: ^[^/]+$

        tenantId

          Pattern: ^[^/]+$

          Required: Yes

          Type: string

          Description: The tenant ID of the Identity Platform tenant the account belongs to.

          Location: path

      Parameter Order:

    • targetProjectId
    • tenantId
    • Flat Path: v1/projects/{projectsId}/tenants/{tenantsId}/accounts:sendOobCode

      Path: v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:sendOobCode

      HTTP Method: POST

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Description: Sends an out-of-band confirmation code for an account. Requests from a authenticated request can optionally return a link including the OOB code instead of sending it.

  • identitytoolkit.projects.tenants.accounts.lookup

      Description: Gets account information for all matched accounts. For an end user request, retrieves the account of the end user. For an admin request with Google OAuth 2.0 credential, retrieves one or multiple account(s) with matching criteria.

      Parameter Order:

    • targetProjectId
    • tenantId
    • Path: v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:lookup

      HTTP Method: POST

      Flat Path: v1/projects/{projectsId}/tenants/{tenantsId}/accounts:lookup

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Parameters:

        tenantId

          Required: Yes

          Pattern: ^[^/]+$

          Description: The ID of the tenant that the account belongs to. Should only be specified by authenticated requests from a developer.

          Type: string

          Location: path

        targetProjectId

          Location: path

          Type: string

          Required: Yes

          Description: The ID of the Google Cloud project that the account or the Identity Platform tenant specified by `tenant_id` belongs to. Should only be specified by authenticated requests bearing a Google OAuth 2.0 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).

          Pattern: ^[^/]+$

  • identitytoolkit.projects.tenants.accounts.update

      Flat Path: v1/projects/{projectsId}/tenants/{tenantsId}/accounts:update

      Parameters:

        targetProjectId

          Location: path

          Pattern: ^[^/]+$

          Description: The project ID for the project that the account belongs to. Specifying this field requires Google OAuth 2.0 credential with proper permissions (https://cloud.google.com/identity-platform/docs/access-control). Requests from end users should pass an Identity Platform ID token instead.

          Type: string

          Required: Yes

        tenantId

          Location: path

          Description: The tenant ID of the Identity Platform tenant that the account belongs to. Requests from end users should pass an Identity Platform ID token rather than setting this field.

          Required: Yes

          Pattern: ^[^/]+$

          Type: string

      Parameter Order:

    • targetProjectId
    • tenantId
    • Scopes: https://www.googleapis.com/auth/cloud-platform

      Description: Updates account-related information for the specified user by setting specific fields or applying action codes. Requests from administrators and end users are supported.

      Path: v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:update

      HTTP Method: POST

  • identitytoolkit.projects.tenants.accounts.delete

      Parameters:

        targetProjectId

          Type: string

          Required: Yes

          Description: The ID of the project which the account belongs to. Should only be specified in authenticated requests that specify local_id of an account.

          Location: path

          Pattern: ^[^/]+$

        tenantId

          Location: path

          Pattern: ^[^/]+$

          Description: The ID of the tenant that the account belongs to, if applicable. Only require to be specified for authenticated requests bearing a Google OAuth 2.0 credential that specify local_id of an account that belongs to an Identity Platform tenant.

          Type: string

          Required: Yes

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Description: Deletes a user's account.

      HTTP Method: POST

      Parameter Order:

    • targetProjectId
    • tenantId
    • Path: v1/projects/{+targetProjectId}/tenants/{+tenantId}/accounts:delete

      Flat Path: v1/projects/{projectsId}/tenants/{tenantsId}/accounts:delete

  • identitytoolkit.projects.queryAccounts

      HTTP Method: POST

      Description: Looks up user accounts within a project or a tenant based on conditions in the request.

      Scopes:

    • https://www.googleapis.com/auth/cloud-platform
    • https://www.googleapis.com/auth/firebase
    • Path: v1/projects/{+targetProjectId}:queryAccounts

      Flat Path: v1/projects/{projectsId}:queryAccounts

      Parameters:

        targetProjectId

          Location: path

          Type: string

          Required: Yes

          Description: The ID of the project to which the result is scoped.

          Pattern: ^[^/]+$

      Parameter Order: targetProjectId

  • identitytoolkit.projects.accounts

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Parameters:

        targetProjectId

          Location: path

          Type: string

          Description: The project ID of the project which the user should belong to. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). If this is not set, the target project is inferred from the scope associated to the Bearer access token.

          Pattern: ^[^/]+$

          Required: Yes

      HTTP Method: POST

      Flat Path: v1/projects/{projectsId}/accounts

      Parameter Order: targetProjectId

      Description: Signs up a new email and password user or anonymous user, or upgrades an anonymous user to email and password. For an admin request with a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control), creates a new anonymous, email and password, or phone number user. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.

      Path: v1/projects/{+targetProjectId}/accounts

  • identitytoolkit.projects.createSessionCookie

      Parameter Order: targetProjectId

      Description: Creates a session cookie for the given Identity Platform ID token. The session cookie is used by the client to preserve the user's login state.

      HTTP Method: POST

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Path: v1/projects/{+targetProjectId}:createSessionCookie

      Flat Path: v1/projects/{projectsId}:createSessionCookie

      Parameters:

        targetProjectId

          Pattern: ^[^/]+$

          Description: The ID of the project that the account belongs to.

          Required: Yes

          Location: path

          Type: string