Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
HTTP request
POST https://apigateway.googleapis.com/v1beta/{resource=projects/*/locations/*/apis/*/configs/*}:testIamPermissions
REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
Request body
The request body contains data with the following structure:
JSON representation
{"permissions": [string]}
Fields
permissions[]
string
The set of permissions to check for the resource. Permissions with wildcards (such as '*' or 'storage.*') are not allowed. For more information see IAM Overview.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-07-28 UTC."],[[["This endpoint (`POST https://apigateway.googleapis.com/v1beta/{resource=projects/*/locations/*/apis/*/configs/*}:testIamPermissions`) is used to retrieve the permissions a caller has on a specific resource, returning an empty set if the resource is not found."],["The `resource` path parameter, which is a string, is required to specify the target resource for permission checking."],["The request body requires a JSON payload containing a list of `permissions` strings to check against the specified resource, and wildcard permissions are not allowed."],["A successful response will contain an instance of `TestIamPermissionsResponse`."],["Authorization for this endpoint requires the `https://www.googleapis.com/auth/cloud-platform` OAuth scope."]]],[]]
