IAM REST API
Manage roles and permissions, and manage your service accounts and keys, with the REST API.
IAM RPC API
Manage roles and permissions, and manage your service accounts and keys, with the RPC API.
Security Token Service REST API
Exchange access tokens.
Service Account Credentials REST API
Create short-lived, limited-privilege credentials for service accounts.
Use a client library to integrate your application with IAM.
gcloud iamcommands to work with IAM from the command line.
Resource types that accept allow policies
Learn which resource types accept allow policies.
Basic and predefined roles reference
View IAM basic roles, as well as a complete list of IAM predefined roles and the permissions they contain.
View a complete list of IAM permissions and the roles that grant them.
Support levels for permissions in custom roles
Learn which IAM permissions you can use in custom roles.
Permissions supported in deny policies
Learn which IAM permissions you can use in deny policies.
Get details about the service accounts that Google Cloud services use to access your resources.
Full resource names
Understand the format that IAM uses to identify another service's resources.
Retry failed requests
Find out how to retry failed requests to the IAM API.
Understand the identifiers that you use when listing principals in allow policies and deny policies.
Workforce identity federation: supported products and limitations
Lists Google Cloud products that work with workforce identity federation, and provides associated product limitations.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.