Uploads multiple accounts into the Google Cloud project. If there is a problem uploading one or more of the accounts, the rest will be uploaded, and a list of the errors will be returned. To use this method requires a Google OAuth 2.0 credential with proper permissions.
HTTP request
POST https://identitytoolkit.googleapis.com/v1/projects/{targetProjectId}/tenants/{tenantId}/accounts:batchCreate
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
targetProjectId |
The Project ID of the Identity Platform project which the account belongs to. Authorization requires the following IAM permission on the specified resource
|
tenantId |
The ID of the Identity Platform tenant the account belongs to. |
Request body
The request body contains data with the following structure:
JSON representation |
---|
{ "hashAlgorithm": string, "signerKey": string, "saltSeparator": string, "rounds": integer, "memoryCost": integer, "users": [ { object ( |
Fields | |
---|---|
hashAlgorithm |
Required. The hashing function used to hash the account passwords. Must be one of the following: * HMAC_SHA256 * HMAC_SHA1 * HMAC_MD5 * SCRYPT * PBKDF_SHA1 * MD5 * HMAC_SHA512 * SHA1 * BCRYPT * PBKDF2_SHA256 * SHA256 * SHA512 * STANDARD_SCRYPT * ARGON2 |
signerKey |
The signer key used to hash the password. Required for the following hashing functions: * SCRYPT, * HMAC_MD5, * HMAC_SHA1, * HMAC_SHA256, * HMAC_SHA512 A base64-encoded string. |
saltSeparator |
One or more bytes to be inserted between the salt and plain text password. For stronger security, this should be a single non-printable character. A base64-encoded string. |
rounds |
The number of rounds used for hash calculation. Only required for the following hashing functions: * MD5 * SHA1 * SHA256 * SHA512 * PBKDF_SHA1 * PBKDF2_SHA256 * SCRYPT |
memoryCost |
Memory cost for hash calculation. Only required when the hashing function is SCRYPT. |
users[] |
A list of accounts to upload. |
delegatedProjectNumber |
|
sanityCheck |
If true, the service will do the following list of checks before an account is uploaded: * Duplicate emails * Duplicate federated IDs * Federated ID provider validation If the duplication exists within the list of accounts to be uploaded, it will prevent the entire list from being uploaded. If the email or federated ID is a duplicate of a user already within the project/tenant, the account will not be uploaded, but the rest of the accounts will be unaffected. If false, these checks will be skipped. |
allowOverwrite |
Whether to overwrite an existing account in Identity Platform with a matching |
cpuMemCost |
The CPU memory cost parameter to be used by the STANDARD_SCRYPT hashing function. This parameter, along with blockSize and cpuMemCost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance. |
parallelization |
The parallelization cost parameter to be used by the STANDARD_SCRYPT hashing function. This parameter, along with blockSize and cpuMemCost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance. |
blockSize |
The block size parameter used by the STANDARD_SCRYPT hashing function. This parameter, along with parallelization and cpuMemCost help tune the resources needed to hash a password, and should be tuned as processor speeds and memory technologies advance. |
dkLen |
The desired key length for the STANDARD_SCRYPT hashing function. Must be at least 1. |
passwordHashOrder |
Password and salt order when verify password. |
argon2Parameters |
The parameters for Argon2 hashing algorithm. |
Response body
If successful, the response body contains an instance of UploadAccountResponse
.
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/identitytoolkit
https://www.googleapis.com/auth/firebase
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.