2024-10-15
▼ ▲ cloudidentity.devices.create
Path: v1beta1/devices
Flat Path: v1beta1/devices
HTTP Method: POST
Scopes: https://www.googleapis.com/auth/cloud-identity.devices
Description: Creates a device. Only company-owned device may be created. **Note**: This method is available only to customers who have one of the following SKUs: Enterprise Standard, Enterprise Plus, Enterprise for Education, and Cloud Identity Premium
▼ ▲ cloudidentity.devices.get
Path: v1beta1/{+name}
Flat Path: v1beta1/devices/{devicesId}
HTTP Method: GET
Parameters:
name
Description: Required. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Device in format: `devices/{device_id}`, where device_id is the unique ID assigned to the Device.
Pattern: ^devices/[^/]+$
Location: path
Required: Yes
Type: string
customer
Description: Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Customer in format: `customers/{customer_id}`, where customer_id is the customer to whom the device belongs.
Location: query
Type: string
Parameter Order: name
Scopes:
Description: Retrieves the specified device.
▼ ▲ cloudidentity.devices.list
Path: v1beta1/devices
Flat Path: v1beta1/devices
HTTP Method: GET
Parameters:
customer
Description: Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer.
Location: query
Type: string
filter
Description: Optional. Additional restrictions when fetching list of devices. For a list of search fields, refer to [Mobile device search fields](https://developers.google.com/admin-sdk/directory/v1/search-operators). Multiple search fields are separated by the space character.
Location: query
Type: string
pageSize
Description: Optional. The maximum number of Devices to return. If unspecified, at most 20 Devices will be returned. The maximum value is 100; values above 100 will be coerced to 100.
Location: query
Type: integer
Format: int32
pageToken
Description: Optional. A page token, received from a previous `ListDevices` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListDevices` must match the call that provided the page token.
Location: query
Type: string
orderBy
Description: Optional. Order specification for devices in the response. Only one of the following field names may be used to specify the order: `create_time`, `last_sync_time`, `model`, `os_version`, `device_type` and `serial_number`. `desc` may be specified optionally to specify results to be sorted in descending order. Default order is ascending.
Location: query
Type: string
view
Description: Optional. The view to use for the List request.
Location: query
Type: string
Enum Descriptions:
Enum:
Scopes:
Description: Lists/Searches devices.
▼ ▲ cloudidentity.devices.delete
Path: v1beta1/{+name}
Flat Path: v1beta1/devices/{devicesId}
HTTP Method: DELETE
Parameters:
name
Description: Required. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Device in format: `devices/{device_id}`, where device_id is the unique ID assigned to the Device.
Pattern: ^devices/[^/]+$
Location: path
Required: Yes
Type: string
customer
Description: Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer. If you're using this API for your own organization, use `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer_id}`, where customer_id is the customer to whom the device belongs.
Location: query
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-identity.devices
Description: Deletes the specified device.
▼ ▲ cloudidentity.devices.wipe
Path: v1beta1/{+name}:wipe
Flat Path: v1beta1/devices/{devicesId}:wipe
HTTP Method: POST
Parameters:
name
Description: Required. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Device in format: `devices/{device_id}/deviceUsers/{device_user_id}`, where device_id is the unique ID assigned to the Device, and device_user_id is the unique ID assigned to the User.
Pattern: ^devices/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-identity.devices
Description: Wipes all data on the specified device.
▼ ▲ cloudidentity.devices.cancelWipe
Path: v1beta1/{+name}:cancelWipe
Flat Path: v1beta1/devices/{devicesId}:cancelWipe
HTTP Method: POST
Parameters:
name
Description: Required. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Device in format: `devices/{device_id}`, where device_id is the unique ID assigned to the Device.
Pattern: ^devices/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-identity.devices
Description: Cancels an unfinished device wipe. This operation can be used to cancel device wipe in the gap between the wipe operation returning success and the device being wiped.
▼ ▲ cloudidentity.devices.deviceUsers.get
Path: v1beta1/{+name}
Flat Path: v1beta1/devices/{devicesId}/deviceUsers/{deviceUsersId}
HTTP Method: GET
Parameters:
name
Description: Required. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Device in format: `devices/{device_id}/deviceUsers/{device_user_id}`, where device_id is the unique ID assigned to the Device, and device_user_id is the unique ID assigned to the User.
Pattern: ^devices/[^/]+/deviceUsers/[^/]+$
Location: path
Required: Yes
Type: string
customer
Description: Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer. If you're using this API for your own organization, use `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer_id}`, where customer_id is the customer to whom the device belongs.
Location: query
Type: string
Parameter Order: name
Scopes:
Description: Retrieves the specified DeviceUser
▼ ▲ cloudidentity.devices.deviceUsers.list
Path: v1beta1/{+parent}/deviceUsers
Flat Path: v1beta1/devices/{devicesId}/deviceUsers
HTTP Method: GET
Parameters:
parent
Description: Required. To list all DeviceUsers, set this to "devices/-". To list all DeviceUsers owned by a device, set this to the resource name of the device. Format: devices/{device}
Pattern: ^devices/[^/]+$
Location: path
Required: Yes
Type: string
customer
Description: Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer. If you're using this API for your own organization, use `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer_id}`, where customer_id is the customer to whom the device belongs.
Location: query
Type: string
filter
Description: Optional. Additional restrictions when fetching list of devices. For a list of search fields, refer to [Mobile device search fields](https://developers.google.com/admin-sdk/directory/v1/search-operators). Multiple search fields are separated by the space character.
Location: query
Type: string
pageSize
Description: Optional. The maximum number of DeviceUsers to return. If unspecified, at most 5 DeviceUsers will be returned. The maximum value is 20; values above 20 will be coerced to 20.
Location: query
Type: integer
Format: int32
pageToken
Description: Optional. A page token, received from a previous `ListDeviceUsers` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListBooks` must match the call that provided the page token.
Location: query
Type: string
orderBy
Description: Optional. Order specification for devices in the response.
Location: query
Type: string
Parameter Order: parent
Scopes:
Description: Lists/Searches DeviceUsers.
▼ ▲ cloudidentity.devices.deviceUsers.delete
Path: v1beta1/{+name}
Flat Path: v1beta1/devices/{devicesId}/deviceUsers/{deviceUsersId}
HTTP Method: DELETE
Parameters:
name
Description: Required. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Device in format: `devices/{device_id}/deviceUsers/{device_user_id}`, where device_id is the unique ID assigned to the Device, and device_user_id is the unique ID assigned to the User.
Pattern: ^devices/[^/]+/deviceUsers/[^/]+$
Location: path
Required: Yes
Type: string
customer
Description: Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer. If you're using this API for your own organization, use `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer_id}`, where customer_id is the customer to whom the device belongs.
Location: query
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-identity.devices
Description: Deletes the specified DeviceUser. This also revokes the user's access to device data.
▼ ▲ cloudidentity.devices.deviceUsers.lookup
Path: v1beta1/{+parent}:lookup
Flat Path: v1beta1/devices/{devicesId}/deviceUsers:lookup
HTTP Method: GET
Parameters:
parent
Description: Must be set to "devices/-/deviceUsers" to search across all DeviceUser belonging to the user.
Pattern: ^devices/[^/]+/deviceUsers$
Location: path
Required: Yes
Type: string
pageSize
Description: The maximum number of DeviceUsers to return. If unspecified, at most 20 DeviceUsers will be returned. The maximum value is 20; values above 20 will be coerced to 20.
Location: query
Type: integer
Format: int32
pageToken
Description: A page token, received from a previous `LookupDeviceUsers` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `LookupDeviceUsers` must match the call that provided the page token.
Location: query
Type: string
androidId
Description: Android Id returned by [Settings.Secure#ANDROID_ID](https://developer.android.com/reference/android/provider/Settings.Secure.html#ANDROID_ID).
Location: query
Type: string
rawResourceId
Description: Raw Resource Id used by Google Endpoint Verification. If the user is enrolled into Google Endpoint Verification, this id will be saved as the 'device_resource_id' field in the following platform dependent files. Mac: ~/.secureConnect/context_aware_config.json Windows: C:\Users\%USERPROFILE%\.secureConnect\context_aware_config.json Linux: ~/.secureConnect/context_aware_config.json
Location: query
Type: string
userId
Description: The user whose DeviceUser's resource name will be fetched. Must be set to 'me' to fetch the DeviceUser's resource name for the calling user.
Location: query
Type: string
Parameter Order: parent
Scopes: https://www.googleapis.com/auth/cloud-identity.devices.lookup
Description: Looks up resource names of the DeviceUsers associated with the caller's credentials, as well as the properties provided in the request. This method must be called with end-user credentials with the scope: https://www.googleapis.com/auth/cloud-identity.devices.lookup If multiple properties are provided, only DeviceUsers having all of these properties are considered as matches - i.e. the query behaves like an AND. Different platforms require different amounts of information from the caller to ensure that the DeviceUser is uniquely identified. - iOS: No properties need to be passed, the caller's credentials are sufficient to identify the corresponding DeviceUser. - Android: Specifying the 'android_id' field is required. - Desktop: Specifying the 'raw_resource_id' field is required.
▼ ▲ cloudidentity.devices.deviceUsers.approve
Path: v1beta1/{+name}:approve
Flat Path: v1beta1/devices/{devicesId}/deviceUsers/{deviceUsersId}:approve
HTTP Method: POST
Parameters:
name
Description: Required. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Device in format: `devices/{device_id}/deviceUsers/{device_user_id}`, where device_id is the unique ID assigned to the Device, and device_user_id is the unique ID assigned to the User.
Pattern: ^devices/[^/]+/deviceUsers/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-identity.devices
Description: Approves device to access user data.
▼ ▲ cloudidentity.devices.deviceUsers.block
Path: v1beta1/{+name}:block
Flat Path: v1beta1/devices/{devicesId}/deviceUsers/{deviceUsersId}:block
HTTP Method: POST
Parameters:
name
Description: Required. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Device in format: `devices/{device_id}/deviceUsers/{device_user_id}`, where device_id is the unique ID assigned to the Device, and device_user_id is the unique ID assigned to the User.
Pattern: ^devices/[^/]+/deviceUsers/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-identity.devices
Description: Blocks device from accessing user data
▼ ▲ cloudidentity.devices.deviceUsers.wipe
Path: v1beta1/{+name}:wipe
Flat Path: v1beta1/devices/{devicesId}/deviceUsers/{deviceUsersId}:wipe
HTTP Method: POST
Parameters:
name
Description: Required. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Device in format: `devices/{device_id}/deviceUsers/{device_user_id}`, where device_id is the unique ID assigned to the Device, and device_user_id is the unique ID assigned to the User.
Pattern: ^devices/[^/]+/deviceUsers/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-identity.devices
Description: Wipes the user's account on a device.
▼ ▲ cloudidentity.devices.deviceUsers.cancelWipe
Path: v1beta1/{+name}:cancelWipe
Flat Path: v1beta1/devices/{devicesId}/deviceUsers/{deviceUsersId}:cancelWipe
HTTP Method: POST
Parameters:
name
Description: Required. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Device in format: `devices/{device_id}/deviceUsers/{device_user_id}`, where device_id is the unique ID assigned to the Device, and device_user_id is the unique ID assigned to the User.
Pattern: ^devices/[^/]+/deviceUsers/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-identity.devices
Description: Cancels an unfinished user account wipe. This operation can be used to cancel device wipe in the gap between the wipe operation returning success and the device being wiped.
▼ ▲ cloudidentity.devices.deviceUsers.clientStates.get
Path: v1beta1/{+name}
Flat Path: v1beta1/devices/{devicesId}/deviceUsers/{deviceUsersId}/clientStates/{clientStatesId}
HTTP Method: GET
Parameters:
name
Description: Required. [Resource name](https://cloud.google.com/apis/design/resource_names) of the ClientState in format: `devices/{device_id}/deviceUsers/{device_user_id}/clientStates/{partner_id}`, where `device_id` is the unique ID assigned to the Device, `device_user_id` is the unique ID assigned to the User and `partner_id` identifies the partner storing the data. To get the client state for devices belonging to your own organization, the `partnerId` is in the format: `customerId-*anystring*`. Where the `customerId` is your organization's customer ID and `anystring` is any suffix. This suffix is used in setting up Custom Access Levels in Context-Aware Access. You may use `my_customer` instead of the customer ID for devices managed by your own organization. You may specify `-` in place of the `{device_id}`, so the ClientState resource name can be: `devices/-/deviceUsers/{device_user_resource_id}/clientStates/{partner_id}`.
Pattern: ^devices/[^/]+/deviceUsers/[^/]+/clientStates/[^/]+$
Location: path
Required: Yes
Type: string
customer
Description: Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer. If you're using this API for your own organization, use `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer_id}`, where customer_id is the customer to whom the device belongs.
Location: query
Type: string
Parameter Order: name
Scopes:
Description: Gets the client state for the device user
▼ ▲ cloudidentity.devices.deviceUsers.clientStates.patch
Path: v1beta1/{+name}
Flat Path: v1beta1/devices/{devicesId}/deviceUsers/{deviceUsersId}/clientStates/{clientStatesId}
HTTP Method: PATCH
Parameters:
name
Description: Output only. [Resource name](https://cloud.google.com/apis/design/resource_names) of the ClientState in format: `devices/{device_id}/deviceUsers/{device_user_id}/clientState/{partner_id}`, where partner_id corresponds to the partner storing the data.
Pattern: ^devices/[^/]+/deviceUsers/[^/]+/clientStates/[^/]+$
Location: path
Required: Yes
Type: string
customer
Description: Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer. If you're using this API for your own organization, use `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer_id}`, where customer_id is the customer to whom the device belongs.
Location: query
Type: string
updateMask
Description: Optional. Comma-separated list of fully qualified names of fields to be updated. If not specified, all updatable fields in ClientState are updated.
Location: query
Type: string
Format: google-fieldmask
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-identity.devices
Description: Updates the client state for the device user **Note**: This method is available only to customers who have one of the following SKUs: Enterprise Standard, Enterprise Plus, Enterprise for Education, and Cloud Identity Premium
▼ ▲ cloudidentity.groups.create
Path: v1beta1/groups
Flat Path: v1beta1/groups
HTTP Method: POST
Parameters:
initialGroupConfig
Description: Required. The initial configuration option for the `Group`.
Location: query
Type: string
Enum Descriptions:
Enum:
Scopes:
Description: Creates a `Group`.
▼ ▲ cloudidentity.groups.get
Path: v1beta1/{+name}
Flat Path: v1beta1/groups/{groupsId}
HTTP Method: GET
Parameters:
name
Description: Required. The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Group` to retrieve. Must be of the form `groups/{group_id}`.
Pattern: ^groups/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes:
Description: Retrieves a `Group`.
▼ ▲ cloudidentity.groups.getSecuritySettings
Path: v1beta1/{+name}
Flat Path: v1beta1/groups/{groupsId}/securitySettings
HTTP Method: GET
Parameters:
name
Description: Required. The security settings to retrieve. Format: `groups/{group_id}/securitySettings`
Pattern: ^groups/[^/]+/securitySettings$
Location: path
Required: Yes
Type: string
readMask
Description: Field-level read mask of which fields to return. "*" returns all fields. If not specified, all fields will be returned. May only contain the following field: `member_restriction`.
Location: query
Type: string
Format: google-fieldmask
Parameter Order: name
Scopes:
Description: Get Security Settings
▼ ▲ cloudidentity.groups.updateSecuritySettings
Path: v1beta1/{+name}
Flat Path: v1beta1/groups/{groupsId}/securitySettings
HTTP Method: PATCH
Parameters:
name
Description: Output only. The resource name of the security settings. Shall be of the form `groups/{group_id}/securitySettings`.
Pattern: ^groups/[^/]+/securitySettings$
Location: path
Required: Yes
Type: string
updateMask
Description: Required. The fully-qualified names of fields to update. May only contain the following field: `member_restriction.query`.
Location: query
Type: string
Format: google-fieldmask
Parameter Order: name
Scopes:
Description: Update Security Settings
▼ ▲ cloudidentity.groups.patch
Path: v1beta1/{+name}
Flat Path: v1beta1/groups/{groupsId}
HTTP Method: PATCH
Parameters:
name
Description: Output only. The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Group`. Shall be of the form `groups/{group_id}`.
Pattern: ^groups/[^/]+$
Location: path
Required: Yes
Type: string
updateMask
Description: Required. The names of fields to update. May only contain the following field names: `display_name`, `description`, `labels`, `dynamic_group_metadata`, `posix_groups`.
Location: query
Type: string
Format: google-fieldmask
Parameter Order: name
Scopes:
Description: Updates a `Group`.
▼ ▲ cloudidentity.groups.delete
Path: v1beta1/{+name}
Flat Path: v1beta1/groups/{groupsId}
HTTP Method: DELETE
Parameters:
name
Description: Required. The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Group` to retrieve. Must be of the form `groups/{group_id}`.
Pattern: ^groups/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes:
Description: Deletes a `Group`.
▼ ▲ cloudidentity.groups.lookup
Path: v1beta1/groups:lookup
Flat Path: v1beta1/groups:lookup
HTTP Method: GET
Parameters:
groupKey.id
Description: The ID of the entity. For Google-managed entities, the `id` must be the email address of an existing group or user. For external-identity-mapped entities, the `id` must be a string conforming to the Identity Source's requirements. Must be unique within a `namespace`.
Location: query
Type: string
groupKey.namespace
Description: The namespace in which the entity exists. If not specified, the `EntityKey` represents a Google-managed entity such as a Google user or a Google Group. If specified, the `EntityKey` represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source_id}`.
Location: query
Type: string
Scopes:
Description: Looks up the [resource name](https://cloud.google.com/apis/design/resource_names) of a `Group` by its `EntityKey`.
▼ ▲ cloudidentity.groups.search
Path: v1beta1/groups:search
Flat Path: v1beta1/groups:search
HTTP Method: GET
Parameters:
query
Description: Required. The search query. * Must be specified in [Common Expression Language](https://opensource.google/projects/cel). * Must contain equality operators on the parent, e.g. `parent == 'customers/{customer_id}'`. The `customer_id` must begin with "C" (for example, 'C046psxkn'). [Find your customer ID.] (https://support.google.com/cloudidentity/answer/10070793) * Can contain optional inclusion operators on `labels` such as `'cloudidentity.googleapis.com/groups.discussion_forum' in labels`). * Can contain an optional equality operator on `domain_name`. e.g. `domain_name == 'examplepetstore.com'` * Can contain optional `startsWith/contains/equality` operators on `group_key`, e.g. `group_key.startsWith('dev')`, `group_key.contains('dev'), group_key == 'dev@examplepetstore.com'` * Can contain optional `startsWith/contains/equality` operators on `display_name`, such as `display_name.startsWith('dev')` , `display_name.contains('dev')`, `display_name == 'dev'`
Location: query
Type: string
view
Description: The level of detail to be returned. If unspecified, defaults to `View.BASIC`.
Location: query
Type: string
Enum Descriptions:
Enum:
pageSize
Description: The maximum number of results to return. Note that the number of results returned may be less than this value even if there are more available results. To fetch all results, clients must continue calling this method repeatedly until the response no longer contains a `next_page_token`. If unspecified, defaults to 200 for `GroupView.BASIC` and to 50 for `GroupView.FULL`. Must not be greater than 1000 for `GroupView.BASIC` or 500 for `GroupView.FULL`.
Location: query
Type: integer
Format: int32
pageToken
Description: The `next_page_token` value returned from a previous search request, if any.
Location: query
Type: string
orderBy
Description: The ordering of groups for the display name or email in the search groups response. The syntax for this field can be found at https://cloud.google.com/apis/design/design_patterns#sorting_order. Example: Sort by the ascending name: order_by="display_name" Sort by the descending group key email: order_by="group_key desc"
Location: query
Type: string
Scopes:
Description: Searches for `Group` resources matching a specified query.
▼ ▲ cloudidentity.groups.list
Path: v1beta1/groups
Flat Path: v1beta1/groups
HTTP Method: GET
Parameters:
parent
Description: Required. The parent resource under which to list all `Group` resources. Must be of the form `identitysources/{identity_source_id}` for external- identity-mapped groups or `customers/{customer_id}` for Google Groups. The `customer_id` must begin with "C" (for example, 'C046psxkn'). [Find your customer ID.] (https://support.google.com/cloudidentity/answer/10070793)
Location: query
Type: string
view
Description: The level of detail to be returned. If unspecified, defaults to `View.BASIC`.
Location: query
Type: string
Enum Descriptions:
Enum:
pageSize
Description: The maximum number of results to return. Note that the number of results returned may be less than this value even if there are more available results. To fetch all results, clients must continue calling this method repeatedly until the response no longer contains a `next_page_token`. If unspecified, defaults to 200 for `View.BASIC` and to 50 for `View.FULL`. Must not be greater than 1000 for `View.BASIC` or 500 for `View.FULL`.
Location: query
Type: integer
Format: int32
pageToken
Description: The `next_page_token` value returned from a previous list request, if any.
Location: query
Type: string
Scopes:
Description: Lists the `Group` resources under a customer or namespace.
▼ ▲ cloudidentity.groups.memberships.create
Path: v1beta1/{+parent}/memberships
Flat Path: v1beta1/groups/{groupsId}/memberships
HTTP Method: POST
Parameters:
parent
Description: Required. The parent `Group` resource under which to create the `Membership`. Must be of the form `groups/{group_id}`.
Pattern: ^groups/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: parent
Scopes:
Description: Creates a `Membership`.
▼ ▲ cloudidentity.groups.memberships.get
Path: v1beta1/{+name}
Flat Path: v1beta1/groups/{groupsId}/memberships/{membershipsId}
HTTP Method: GET
Parameters:
name
Description: Required. The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Membership` to retrieve. Must be of the form `groups/{group_id}/memberships/{membership_id}`.
Pattern: ^groups/[^/]+/memberships/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes:
Description: Retrieves a `Membership`.
▼ ▲ cloudidentity.groups.memberships.delete
Path: v1beta1/{+name}
Flat Path: v1beta1/groups/{groupsId}/memberships/{membershipsId}
HTTP Method: DELETE
Parameters:
name
Description: Required. The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Membership` to delete. Must be of the form `groups/{group_id}/memberships/{membership_id}`.
Pattern: ^groups/[^/]+/memberships/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes:
Description: Deletes a `Membership`.
▼ ▲ cloudidentity.groups.memberships.lookup
Path: v1beta1/{+parent}/memberships:lookup
Flat Path: v1beta1/groups/{groupsId}/memberships:lookup
HTTP Method: GET
Parameters:
parent
Description: Required. The parent `Group` resource under which to lookup the `Membership` name. Must be of the form `groups/{group_id}`.
Pattern: ^groups/[^/]+$
Location: path
Required: Yes
Type: string
memberKey.id
Description: The ID of the entity. For Google-managed entities, the `id` must be the email address of an existing group or user. For external-identity-mapped entities, the `id` must be a string conforming to the Identity Source's requirements. Must be unique within a `namespace`.
Location: query
Type: string
memberKey.namespace
Description: The namespace in which the entity exists. If not specified, the `EntityKey` represents a Google-managed entity such as a Google user or a Google Group. If specified, the `EntityKey` represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source_id}`.
Location: query
Type: string
Parameter Order: parent
Scopes:
Description: Looks up the [resource name](https://cloud.google.com/apis/design/resource_names) of a `Membership` by its `EntityKey`.
▼ ▲ cloudidentity.groups.memberships.list
Path: v1beta1/{+parent}/memberships
Flat Path: v1beta1/groups/{groupsId}/memberships
HTTP Method: GET
Parameters:
parent
Description: Required. The parent `Group` resource under which to lookup the `Membership` name. Must be of the form `groups/{group_id}`.
Pattern: ^groups/[^/]+$
Location: path
Required: Yes
Type: string
view
Description: The level of detail to be returned. If unspecified, defaults to `MembershipView.BASIC`.
Location: query
Type: string
Enum Descriptions:
Enum:
pageSize
Description: The maximum number of results to return. Note that the number of results returned may be less than this value even if there are more available results. To fetch all results, clients must continue calling this method repeatedly until the response no longer contains a `next_page_token`. If unspecified, defaults to 200 for `GroupView.BASIC` and to 50 for `GroupView.FULL`. Must not be greater than 1000 for `GroupView.BASIC` or 500 for `GroupView.FULL`.
Location: query
Type: integer
Format: int32
pageToken
Description: The `next_page_token` value returned from a previous search request, if any.
Location: query
Type: string
Parameter Order: parent
Scopes:
Description: Lists the `Membership`s within a `Group`.
▼ ▲ cloudidentity.groups.memberships.modifyMembershipRoles
Path: v1beta1/{+name}:modifyMembershipRoles
Flat Path: v1beta1/groups/{groupsId}/memberships/{membershipsId}:modifyMembershipRoles
HTTP Method: POST
Parameters:
name
Description: Required. The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Membership` whose roles are to be modified. Must be of the form `groups/{group_id}/memberships/{membership_id}`.
Pattern: ^groups/[^/]+/memberships/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes:
Description: Modifies the `MembershipRole`s of a `Membership`.
▼ ▲ cloudidentity.groups.memberships.searchTransitiveMemberships
Path: v1beta1/{+parent}/memberships:searchTransitiveMemberships
Flat Path: v1beta1/groups/{groupsId}/memberships:searchTransitiveMemberships
HTTP Method: GET
Parameters:
parent
Description: [Resource name](https://cloud.google.com/apis/design/resource_names) of the group to search transitive memberships in. Format: `groups/{group_id}`, where `group_id` is the unique ID assigned to the Group.
Pattern: ^groups/[^/]+$
Location: path
Required: Yes
Type: string
pageSize
Description: The default page size is 200 (max 1000).
Location: query
Type: integer
Format: int32
pageToken
Description: The next_page_token value returned from a previous list request, if any.
Location: query
Type: string
Parameter Order: parent
Scopes:
Description: Search transitive memberships of a group. **Note:** This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. A transitive membership is any direct or indirect membership of a group. Actor must have view permissions to all transitive memberships.
▼ ▲ cloudidentity.groups.memberships.searchTransitiveGroups
Path: v1beta1/{+parent}/memberships:searchTransitiveGroups
Flat Path: v1beta1/groups/{groupsId}/memberships:searchTransitiveGroups
HTTP Method: GET
Parameters:
parent
Description: [Resource name](https://cloud.google.com/apis/design/resource_names) of the group to search transitive memberships in. Format: `groups/{group_id}`, where `group_id` is always '-' as this API will search across all groups for a given member.
Pattern: ^groups/[^/]+$
Location: path
Required: Yes
Type: string
query
Description: Required. A CEL expression that MUST include member specification AND label(s). This is a `required` field. Users can search on label attributes of groups. CONTAINS match ('in') is supported on labels. Identity-mapped groups are uniquely identified by both a `member_key_id` and a `member_key_namespace`, which requires an additional query input: `member_key_namespace`. Example query: `member_key_id == 'member_key_id_value' && in labels` Query may optionally contain equality operators on the parent of the group restricting the search within a particular customer, e.g. `parent == 'customers/{customer_id}'`. The `customer_id` must begin with "C" (for example, 'C046psxkn'). This filtering is only supported for Admins with groups read permissons on the input customer. Example query: `member_key_id == 'member_key_id_value' && in labels && parent == 'customers/C046psxkn'`
Location: query
Type: string
pageSize
Description: The default page size is 200 (max 1000).
Location: query
Type: integer
Format: int32
pageToken
Description: The next_page_token value returned from a previous list request, if any.
Location: query
Type: string
Parameter Order: parent
Scopes:
Description: Search transitive groups of a member. **Note:** This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. A transitive group is any group that has a direct or indirect membership to the member. Actor must have view permissions all transitive groups.
▼ ▲ cloudidentity.groups.memberships.checkTransitiveMembership
Path: v1beta1/{+parent}/memberships:checkTransitiveMembership
Flat Path: v1beta1/groups/{groupsId}/memberships:checkTransitiveMembership
HTTP Method: GET
Parameters:
parent
Description: [Resource name](https://cloud.google.com/apis/design/resource_names) of the group to check the transitive membership in. Format: `groups/{group_id}`, where `group_id` is the unique id assigned to the Group to which the Membership belongs to.
Pattern: ^groups/[^/]+$
Location: path
Required: Yes
Type: string
query
Description: Required. A CEL expression that MUST include member specification. This is a `required` field. Certain groups are uniquely identified by both a 'member_key_id' and a 'member_key_namespace', which requires an additional query input: 'member_key_namespace'. Example query: `member_key_id == 'member_key_id_value'`
Location: query
Type: string
Parameter Order: parent
Scopes:
Description: Check a potential member for membership in a group. **Note:** This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. A member has membership to a group as long as there is a single viewable transitive membership between the group and the member. The actor must have view permissions to at least one transitive membership between the member and group.
▼ ▲ cloudidentity.groups.memberships.getMembershipGraph
Path: v1beta1/{+parent}/memberships:getMembershipGraph
Flat Path: v1beta1/groups/{groupsId}/memberships:getMembershipGraph
HTTP Method: GET
Parameters:
parent
Description: Required. [Resource name](https://cloud.google.com/apis/design/resource_names) of the group to search transitive memberships in. Format: `groups/{group_id}`, where `group_id` is the unique ID assigned to the Group to which the Membership belongs to. group_id can be a wildcard collection id "-". When a group_id is specified, the membership graph will be constrained to paths between the member (defined in the query) and the parent. If a wildcard collection is provided, all membership paths connected to the member will be returned.
Pattern: ^groups/[^/]+$
Location: path
Required: Yes
Type: string
query
Description: Required. A CEL expression that MUST include member specification AND label(s). Certain groups are uniquely identified by both a 'member_key_id' and a 'member_key_namespace', which requires an additional query input: 'member_key_namespace'. Example query: `member_key_id == 'member_key_id_value' && in labels`
Location: query
Type: string
Parameter Order: parent
Scopes:
Description: Get a membership graph of just a member or both a member and a group. **Note:** This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. Given a member, the response will contain all membership paths from the member. Given both a group and a member, the response will contain all membership paths between the group and the member.
▼ ▲ cloudidentity.groups.memberships.searchDirectGroups
Path: v1beta1/{+parent}/memberships:searchDirectGroups
Flat Path: v1beta1/groups/{groupsId}/memberships:searchDirectGroups
HTTP Method: GET
Parameters:
parent
Description: [Resource name](https://cloud.google.com/apis/design/resource_names) of the group to search transitive memberships in. Format: groups/{group_id}, where group_id is always '-' as this API will search across all groups for a given member.
Pattern: ^groups/[^/]+$
Location: path
Required: Yes
Type: string
query
Description: Required. A CEL expression that MUST include member specification AND label(s). Users can search on label attributes of groups. CONTAINS match ('in') is supported on labels. Identity-mapped groups are uniquely identified by both a `member_key_id` and a `member_key_namespace`, which requires an additional query input: `member_key_namespace`. Example query: `member_key_id == 'member_key_id_value' && 'label_value' in labels`
Location: query
Type: string
pageSize
Description: The default page size is 200 (max 1000).
Location: query
Type: integer
Format: int32
pageToken
Description: The next_page_token value returned from a previous list request, if any
Location: query
Type: string
orderBy
Description: The ordering of membership relation for the display name or email in the response. The syntax for this field can be found at https://cloud.google.com/apis/design/design_patterns#sorting_order. Example: Sort by the ascending display name: order_by="group_name" or order_by="group_name asc". Sort by the descending display name: order_by="group_name desc". Sort by the ascending group key: order_by="group_key" or order_by="group_key asc". Sort by the descending group key: order_by="group_key desc".
Location: query
Type: string
Parameter Order: parent
Scopes:
Description: Searches direct groups of a member.
▼ ▲ cloudidentity.inboundSamlSsoProfiles.create
Path: v1beta1/inboundSamlSsoProfiles
Flat Path: v1beta1/inboundSamlSsoProfiles
HTTP Method: POST
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Creates an InboundSamlSsoProfile for a customer. When the target customer has enabled [Multi-party approval for sensitive actions](https://support.google.com/a/answer/13790448), the `Operation` in the response will have `"done": false`, it will not have a response, and the metadata will have `"state": "awaiting-multi-party-approval"`.
▼ ▲ cloudidentity.inboundSamlSsoProfiles.patch
Path: v1beta1/{+name}
Flat Path: v1beta1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}
HTTP Method: PATCH
Parameters:
name
Description: Output only. [Resource name](https://cloud.google.com/apis/design/resource_names) of the SAML SSO profile.
Pattern: ^inboundSamlSsoProfiles/[^/]+$
Location: path
Required: Yes
Type: string
updateMask
Description: Required. The list of fields to be updated.
Location: query
Type: string
Format: google-fieldmask
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Updates an InboundSamlSsoProfile. When the target customer has enabled [Multi-party approval for sensitive actions](https://support.google.com/a/answer/13790448), the `Operation` in the response will have `"done": false`, it will not have a response, and the metadata will have `"state": "awaiting-multi-party-approval"`.
▼ ▲ cloudidentity.inboundSamlSsoProfiles.delete
Path: v1beta1/{+name}
Flat Path: v1beta1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}
HTTP Method: DELETE
Parameters:
name
Description: Required. The [resource name](https://cloud.google.com/apis/design/resource_names) of the InboundSamlSsoProfile to delete. Format: `inboundSamlSsoProfiles/{sso_profile_id}`
Pattern: ^inboundSamlSsoProfiles/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Deletes an InboundSamlSsoProfile.
▼ ▲ cloudidentity.inboundSamlSsoProfiles.get
Path: v1beta1/{+name}
Flat Path: v1beta1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}
HTTP Method: GET
Parameters:
name
Description: Required. The [resource name](https://cloud.google.com/apis/design/resource_names) of the InboundSamlSsoProfile to get. Format: `inboundSamlSsoProfiles/{sso_profile_id}`
Pattern: ^inboundSamlSsoProfiles/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Gets an InboundSamlSsoProfile.
▼ ▲ cloudidentity.inboundSamlSsoProfiles.list
Path: v1beta1/inboundSamlSsoProfiles
Flat Path: v1beta1/inboundSamlSsoProfiles
HTTP Method: GET
Parameters:
filter
Description: A [Common Expression Language](https://github.com/google/cel-spec) expression to filter the results. The only supported filter is filtering by customer. For example: `customer=="customers/C0123abc"`. Omitting the filter or specifying a filter of `customer=="customers/my_customer"` will return the profiles for the customer that the caller (authenticated user) belongs to.
Location: query
Type: string
pageSize
Description: The maximum number of InboundSamlSsoProfiles to return. The service may return fewer than this value. If omitted (or defaulted to zero) the server will use a sensible default. This default may change over time. The maximum allowed value is 100. Requests with page_size greater than that will be silently interpreted as having this maximum value.
Location: query
Type: integer
Format: int32
pageToken
Description: A page token, received from a previous `ListInboundSamlSsoProfiles` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListInboundSamlSsoProfiles` must match the call that provided the page token.
Location: query
Type: string
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Lists InboundSamlSsoProfiles for a customer.
▼ ▲ cloudidentity.inboundSamlSsoProfiles.idpCredentials.delete
Path: v1beta1/{+name}
Flat Path: v1beta1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}/idpCredentials/{idpCredentialsId}
HTTP Method: DELETE
Parameters:
name
Description: Required. The [resource name](https://cloud.google.com/apis/design/resource_names) of the IdpCredential to delete. Format: `inboundSamlSsoProfiles/{sso_profile_id}/idpCredentials/{idp_credential_id}`
Pattern: ^inboundSamlSsoProfiles/[^/]+/idpCredentials/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Deletes an IdpCredential.
▼ ▲ cloudidentity.inboundSamlSsoProfiles.idpCredentials.get
Path: v1beta1/{+name}
Flat Path: v1beta1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}/idpCredentials/{idpCredentialsId}
HTTP Method: GET
Parameters:
name
Description: Required. The [resource name](https://cloud.google.com/apis/design/resource_names) of the IdpCredential to retrieve. Format: `inboundSamlSsoProfiles/{sso_profile_id}/idpCredentials/{idp_credential_id}`
Pattern: ^inboundSamlSsoProfiles/[^/]+/idpCredentials/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Gets an IdpCredential.
▼ ▲ cloudidentity.inboundSamlSsoProfiles.idpCredentials.list
Path: v1beta1/{+parent}/idpCredentials
Flat Path: v1beta1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}/idpCredentials
HTTP Method: GET
Parameters:
parent
Description: Required. The parent, which owns this collection of `IdpCredential`s. Format: `inboundSamlSsoProfiles/{sso_profile_id}`
Pattern: ^inboundSamlSsoProfiles/[^/]+$
Location: path
Required: Yes
Type: string
pageSize
Description: The maximum number of `IdpCredential`s to return. The service may return fewer than this value.
Location: query
Type: integer
Format: int32
pageToken
Description: A page token, received from a previous `ListIdpCredentials` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListIdpCredentials` must match the call that provided the page token.
Location: query
Type: string
Parameter Order: parent
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Returns a list of IdpCredentials in an InboundSamlSsoProfile.
▼ ▲ cloudidentity.inboundSamlSsoProfiles.idpCredentials.add
Path: v1beta1/{+parent}/idpCredentials:add
Flat Path: v1beta1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}/idpCredentials:add
HTTP Method: POST
Parameters:
parent
Description: Required. The InboundSamlSsoProfile that owns the IdpCredential. Format: `inboundSamlSsoProfiles/{sso_profile_id}`
Pattern: ^inboundSamlSsoProfiles/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: parent
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Adds an IdpCredential. Up to 2 credentials are allowed. When the target customer has enabled [Multi-party approval for sensitive actions](https://support.google.com/a/answer/13790448), the `Operation` in the response will have `"done": false`, it will not have a response, and the metadata will have `"state": "awaiting-multi-party-approval"`.
▼ ▲ cloudidentity.inboundSsoAssignments.get
Path: v1beta1/{+name}
Flat Path: v1beta1/inboundSsoAssignments/{inboundSsoAssignmentsId}
HTTP Method: GET
Parameters:
name
Description: Required. The [resource name](https://cloud.google.com/apis/design/resource_names) of the InboundSsoAssignment to fetch. Format: `inboundSsoAssignments/{assignment}`
Pattern: ^inboundSsoAssignments/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Gets an InboundSsoAssignment.
▼ ▲ cloudidentity.inboundSsoAssignments.create
Path: v1beta1/inboundSsoAssignments
Flat Path: v1beta1/inboundSsoAssignments
HTTP Method: POST
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Creates an InboundSsoAssignment for users and devices in a `Customer` under a given `Group` or `OrgUnit`.
▼ ▲ cloudidentity.inboundSsoAssignments.patch
Path: v1beta1/{+name}
Flat Path: v1beta1/inboundSsoAssignments/{inboundSsoAssignmentsId}
HTTP Method: PATCH
Parameters:
name
Description: Output only. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Inbound SSO Assignment.
Pattern: ^inboundSsoAssignments/[^/]+$
Location: path
Required: Yes
Type: string
updateMask
Description: Required. The list of fields to be updated.
Location: query
Type: string
Format: google-fieldmask
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Updates an InboundSsoAssignment. The body of this request is the `inbound_sso_assignment` field and the `update_mask` is relative to that. For example: a PATCH to `/v1beta1/inboundSsoAssignments/0abcdefg1234567&update_mask=rank` with a body of `{ "rank": 1 }` moves that (presumably group-targeted) SSO assignment to the highest priority and shifts any other group-targeted assignments down in priority.
▼ ▲ cloudidentity.inboundSsoAssignments.delete
Path: v1beta1/{+name}
Flat Path: v1beta1/inboundSsoAssignments/{inboundSsoAssignmentsId}
HTTP Method: DELETE
Parameters:
name
Description: Required. The [resource name](https://cloud.google.com/apis/design/resource_names) of the InboundSsoAssignment to delete. Format: `inboundSsoAssignments/{assignment}`
Pattern: ^inboundSsoAssignments/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Deletes an InboundSsoAssignment. To disable SSO, Create (or Update) an assignment that has `sso_mode` == `SSO_OFF`.
▼ ▲ cloudidentity.inboundSsoAssignments.list
Path: v1beta1/inboundSsoAssignments
Flat Path: v1beta1/inboundSsoAssignments
HTTP Method: GET
Parameters:
filter
Description: A CEL expression to filter the results. The only supported filter is filtering by customer. For example: `customer==customers/C0123abc`. Omitting the filter or specifying a filter of `customer==customers/my_customer` will return the assignments for the customer that the caller (authenticated user) belongs to.
Location: query
Type: string
pageSize
Description: The maximum number of assignments to return. The service may return fewer than this value. If omitted (or defaulted to zero) the server will use a sensible default. This default may change over time. The maximum allowed value is 100, though requests with page_size greater than that will be silently interpreted as having this maximum value. This may increase in the futue.
Location: query
Type: integer
Format: int32
pageToken
Description: A page token, received from a previous `ListInboundSsoAssignments` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListInboundSsoAssignments` must match the call that provided the page token.
Location: query
Type: string
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Lists the InboundSsoAssignments for a `Customer`.
▼ ▲ cloudidentity.orgUnits.memberships.list
Path: v1beta1/{+parent}/memberships
Flat Path: v1beta1/orgUnits/{orgUnitsId}/memberships
HTTP Method: GET
Parameters:
parent
Description: Required. Immutable. OrgUnit which is queried for a list of memberships. Format: orgUnits/{$orgUnitId} where `$orgUnitId` is the `orgUnitId` from the [Admin SDK `OrgUnit` resource](https://developers.google.com/admin-sdk/directory/reference/rest/v1/orgunits).
Pattern: ^orgUnits/[^/]+$
Location: path
Required: Yes
Type: string
customer
Description: Required. Immutable. Customer that this OrgMembership belongs to. All authorization will happen on the role assignments of this customer. Format: customers/{$customerId} where `$customerId` is the `id` from the [Admin SDK `Customer` resource](https://developers.google.com/admin-sdk/directory/reference/rest/v1/customers). You may also use `customers/my_customer` to specify your own organization.
Location: query
Type: string
filter
Description: The search query. Must be specified in [Common Expression Language](https://opensource.google/projects/cel). May only contain equality operators on the `type` (e.g., `type == 'shared_drive'`).
Location: query
Type: string
pageSize
Description: The maximum number of results to return. The service may return fewer than this value. If omitted (or defaulted to zero) the server will default to 50. The maximum allowed value is 100, though requests with page_size greater than that will be silently interpreted as 100.
Location: query
Type: integer
Format: int32
pageToken
Description: A page token, received from a previous `OrgMembershipsService.ListOrgMemberships` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListOrgMembershipsRequest` must match the call that provided the page token.
Location: query
Type: string
Parameter Order: parent
Description: List OrgMembership resources in an OrgUnit treated as 'parent'. Parent format: orgUnits/{$orgUnitId} where `$orgUnitId` is the `orgUnitId` from the [Admin SDK `OrgUnit` resource](https://developers.google.com/admin-sdk/directory/reference/rest/v1/orgunits)
▼ ▲ cloudidentity.orgUnits.memberships.move
Path: v1beta1/{+name}:move
Flat Path: v1beta1/orgUnits/{orgUnitsId}/memberships/{membershipsId}:move
HTTP Method: POST
Parameters:
name
Description: Required. Immutable. The [resource name](https://cloud.google.com/apis/design/resource_names) of the OrgMembership. Format: orgUnits/{$orgUnitId}/memberships/{$membership} The `$orgUnitId` is the `orgUnitId` from the [Admin SDK `OrgUnit` resource](https://developers.google.com/admin-sdk/directory/reference/rest/v1/orgunits). To manage a Membership without specifying source `orgUnitId`, this API also supports the wildcard character '-' for `$orgUnitId` per https://google.aip.dev/159. The `$membership` shall be of the form `{$entityType};{$memberId}`, where `$entityType` is the enum value of OrgMembership.EntityType, and `memberId` is the `id` from [Drive API (V3) `Drive` resource](https://developers.google.com/drive/api/v3/reference/drives#resource) for OrgMembership.EntityType.SHARED_DRIVE.
Pattern: ^orgUnits/[^/]+/memberships/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Description: Move an OrgMembership to a new OrgUnit. NOTE: This is an atomic copy-and-delete. The resource will have a new copy under the destination OrgUnit and be deleted from the source OrgUnit. The resource can only be searched under the destination OrgUnit afterwards.
▼ ▲ cloudidentity.customers.userinvitations.get
Path: v1beta1/{+name}
Flat Path: v1beta1/customers/{customersId}/userinvitations/{userinvitationsId}
HTTP Method: GET
Parameters:
name
Description: Required. `UserInvitation` name in the format `customers/{customer}/userinvitations/{user_email_address}`
Pattern: ^customers/[^/]+/userinvitations/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Description: Retrieves a UserInvitation resource. **Note:** New consumer accounts with the customer's verified domain created within the previous 48 hours will not appear in the result. This delay also applies to newly-verified domains.
▼ ▲ cloudidentity.customers.userinvitations.list
Path: v1beta1/{+parent}/userinvitations
Flat Path: v1beta1/customers/{customersId}/userinvitations
HTTP Method: GET
Parameters:
parent
Description: Required. The customer ID of the Google Workspace or Cloud Identity account the UserInvitation resources are associated with.
Pattern: ^customers/[^/]+$
Location: path
Required: Yes
Type: string
pageSize
Description: Optional. The maximum number of UserInvitation resources to return. If unspecified, at most 100 resources will be returned. The maximum value is 200; values above 200 will be set to 200.
Location: query
Type: integer
Format: int32
pageToken
Description: Optional. A page token, received from a previous `ListUserInvitations` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListBooks` must match the call that provided the page token.
Location: query
Type: string
filter
Description: Optional. A query string for filtering `UserInvitation` results by their current state, in the format: `"state=='invited'"`.
Location: query
Type: string
orderBy
Description: Optional. The sort order of the list results. You can sort the results in descending order based on either email or last update timestamp but not both, using `order_by="email desc"`. Currently, sorting is supported for `update_time asc`, `update_time desc`, `email asc`, and `email desc`. If not specified, results will be returned based on `email asc` order.
Location: query
Type: string
Parameter Order: parent
Description: Retrieves a list of UserInvitation resources. **Note:** New consumer accounts with the customer's verified domain created within the previous 48 hours will not appear in the result. This delay also applies to newly-verified domains.
▼ ▲ cloudidentity.customers.userinvitations.send
Path: v1beta1/{+name}:send
Flat Path: v1beta1/customers/{customersId}/userinvitations/{userinvitationsId}:send
HTTP Method: POST
Parameters:
name
Description: Required. `UserInvitation` name in the format `customers/{customer}/userinvitations/{user_email_address}`
Pattern: ^customers/[^/]+/userinvitations/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Description: Sends a UserInvitation to email. If the `UserInvitation` does not exist for this request and it is a valid request, the request creates a `UserInvitation`. **Note:** The `get` and `list` methods have a 48-hour delay where newly-created consumer accounts will not appear in the results. You can still send a `UserInvitation` to those accounts if you know the unmanaged email address and IsInvitableUser==True.
▼ ▲ cloudidentity.customers.userinvitations.cancel
Path: v1beta1/{+name}:cancel
Flat Path: v1beta1/customers/{customersId}/userinvitations/{userinvitationsId}:cancel
HTTP Method: POST
Parameters:
name
Description: Required. `UserInvitation` name in the format `customers/{customer}/userinvitations/{user_email_address}`
Pattern: ^customers/[^/]+/userinvitations/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Description: Cancels a UserInvitation that was already sent.
▼ ▲ cloudidentity.customers.userinvitations.isInvitableUser
Path: v1beta1/{+name}:isInvitableUser
Flat Path: v1beta1/customers/{customersId}/userinvitations/{userinvitationsId}:isInvitableUser
HTTP Method: GET
Parameters:
name
Description: Required. `UserInvitation` name in the format `customers/{customer}/userinvitations/{user_email_address}`
Pattern: ^customers/[^/]+/userinvitations/[^/]+$
Location: path
Required: Yes
Type: string
Parameter Order: name
Description: Verifies whether a user account is eligible to receive a UserInvitation (is an unmanaged account). Eligibility is based on the following criteria: * the email address is a consumer account and it's the primary email address of the account, and * the domain of the email address matches an existing verified Google Workspace or Cloud Identity domain If both conditions are met, the user is eligible. **Note:** This method is not supported for Workspace Essentials customers.