Method: projects.locations.workloadIdentityPools.providers.create

Creates a new WorkloadIdentityPoolProvider in a WorkloadIdentityPool.

You cannot reuse the name of a deleted provider until 30 days after deletion.

HTTP request


The URL uses gRPC Transcoding syntax.

Path parameters



Required. The pool to create this provider in.

Query parameters



Required. The ID for the provider, which becomes the final component of the resource name. This value must be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix gcp- is reserved for use by Google, and may not be specified.

Request body

The request body contains an instance of WorkloadIdentityPoolProvider.

Response body

If successful, the response body contains a newly created instance of Operation.

Authorization scopes

Requires one of the following OAuth scopes:


For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the parent resource:

  • iam.workloadIdentityPoolProviders.create

For more information, see the IAM documentation.