Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
HTTP request
POST https://apigateway.googleapis.com/v1beta/{resource=projects/*/locations/*/apis/*/configs/*}:testIamPermissions
REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
Request body
The request body contains data with the following structure:
JSON representation
{"permissions": [string]}
Fields
permissions[]
string
The set of permissions to check for the resource. Permissions with wildcards (such as '*' or 'storage.*') are not allowed. For more information see IAM Overview.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-07-28 UTC."],[[["\u003cp\u003eThis endpoint (\u003ccode\u003ePOST https://apigateway.googleapis.com/v1beta/{resource=projects/*/locations/*/apis/*/configs/*}:testIamPermissions\u003c/code\u003e) is used to retrieve the permissions a caller has on a specific resource, returning an empty set if the resource is not found.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eresource\u003c/code\u003e path parameter, which is a string, is required to specify the target resource for permission checking.\u003c/p\u003e\n"],["\u003cp\u003eThe request body requires a JSON payload containing a list of \u003ccode\u003epermissions\u003c/code\u003e strings to check against the specified resource, and wildcard permissions are not allowed.\u003c/p\u003e\n"],["\u003cp\u003eA successful response will contain an instance of \u003ccode\u003eTestIamPermissionsResponse\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eAuthorization for this endpoint requires the \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-platform\u003c/code\u003e OAuth scope.\u003c/p\u003e\n"]]],[],null,[]]