Config

JSON representation
SignInConfig
- JSON representation
Email
- JSON representation
PhoneNumber
- JSON representation
Anonymous
- JSON representation
NotificationConfig
- JSON representation
SendEmail
- JSON representation
Method
Smtp
- JSON representation
SecurityMode
EmailTemplate
- JSON representation
BodyFormat
DnsInfo
- JSON representation
SendSms
- JSON representation
SmsTemplate
- JSON representation
QuotaConfig
- JSON representation
TemporaryQuota
- JSON representation
MultiTenantConfig
- JSON representation
Subtype
ClientConfig
- JSON representation
Permissions
- JSON representation
BlockingFunctionsConfig
- JSON representation
Trigger
- JSON representation
ForwardInboundCredentials
- JSON representation

Represents an Identity Toolkit project.

JSON representation

JSON representation
{ "name": string, "signIn": { object (`SignInConfig`) }, "notification": { object (`NotificationConfig`) }, "quota": { object (`QuotaConfig`) }, "monitoring": { object (`MonitoringConfig`) }, "multiTenant": { object (`MultiTenantConfig`) }, "authorizedDomains": [ string ], "subtype": enum (`Subtype`), "client": { object (`ClientConfig`) }, "mfa": { object (`MultiFactorAuthConfig`) }, "blockingFunctions": { object (`BlockingFunctionsConfig`) }, "recaptchaConfig": { object (`RecaptchaConfig`) }, "smsRegionConfig": { object (`SmsRegionConfig`) }, "autodeleteAnonymousUsers": boolean, "passwordPolicyConfig": { object (`PasswordPolicyConfig`) }, "emailPrivacyConfig": { object (`EmailPrivacyConfig`) }, "mobileLinksConfig": { object (`MobileLinksConfig`) }, "defaultHostingSite": string }

{
  "name": string,
  "signIn": {
    object (SignInConfig)
  },
  "notification": {
    object (NotificationConfig)
  },
  "quota": {
    object (QuotaConfig)
  },
  "monitoring": {
    object (MonitoringConfig)
  },
  "multiTenant": {
    object (MultiTenantConfig)
  },
  "authorizedDomains": [
    string
  ],
  "subtype": enum (Subtype),
  "client": {
    object (ClientConfig)
  },
  "mfa": {
    object (MultiFactorAuthConfig)
  },
  "blockingFunctions": {
    object (BlockingFunctionsConfig)
  },
  "recaptchaConfig": {
    object (RecaptchaConfig)
  },
  "smsRegionConfig": {
    object (SmsRegionConfig)
  },
  "autodeleteAnonymousUsers": boolean,
  "passwordPolicyConfig": {
    object (PasswordPolicyConfig)
  },
  "emailPrivacyConfig": {
    object (EmailPrivacyConfig)
  },
  "mobileLinksConfig": {
    object (MobileLinksConfig)
  },
  "defaultHostingSite": string
}

Fields
`name`	`string` Output only. The name of the Config resource. Example: "projects/my-awesome-project/config"
`signIn`	`object (SignInConfig)` Configuration related to local sign in methods.
`notification`	`object (NotificationConfig)` Configuration related to sending notifications to users.
`quota`	`object (QuotaConfig)` Configuration related to quotas.
`monitoring`	`object (MonitoringConfig)` Configuration related to monitoring project activity.
`multiTenant`	`object (MultiTenantConfig)` Configuration related to multi-tenant functionality.
`authorizedDomains[]`	`string` List of domains authorized for OAuth redirects
`subtype`	`enum (Subtype)` Output only. The subtype of this config.
`client`	`object (ClientConfig)` Options related to how clients making requests on behalf of a project should be configured.
`mfa`	`object (MultiFactorAuthConfig)` Configuration for this project's multi-factor authentication, including whether it is active and what factors can be used for the second factor
`blockingFunctions`	`object (BlockingFunctionsConfig)` Configuration related to blocking functions.
`recaptchaConfig`	`object (RecaptchaConfig)` The project-level reCAPTCHA config.
`smsRegionConfig`	`object (SmsRegionConfig)` Configures which regions are enabled for SMS verification code sending.
`autodeleteAnonymousUsers`	`boolean` Whether anonymous users will be auto-deleted after a period of 30 days.
`passwordPolicyConfig`	`object (PasswordPolicyConfig)` The project level password policy configuration.
`emailPrivacyConfig`	`object (EmailPrivacyConfig)` Configuration for settings related to email privacy and public visibility.
`mobileLinksConfig`	`object (MobileLinksConfig)` Configuration for settings related to univeral links (iOS) and app links (Android).
`defaultHostingSite`	`string` Output only. Default Firebase hosting site name

SignInConfig

Configuration related to local sign in methods.

JSON representation
{ "email": { object (`Email`) }, "phoneNumber": { object (`PhoneNumber`) }, "anonymous": { object (`Anonymous`) }, "allowDuplicateEmails": boolean, "hashConfig": { object (`HashConfig`) } }

Fields
`email`	`object (Email)` Configuration options related to authenticating a user by their email address.
`phoneNumber`	`object (PhoneNumber)` Configuration options related to authenticated a user by their phone number.
`anonymous`	`object (Anonymous)` Configuration options related to authenticating an anonymous user.
`allowDuplicateEmails`	`boolean` Whether to allow more than one account to have the same email.
`hashConfig`	`object (HashConfig)` Output only. Hash config information.

Email

Configuration options related to authenticating a user by their email address.

JSON representation
{ "enabled": boolean, "passwordRequired": boolean }

Fields

Fields
`enabled`	`boolean` Whether email auth is enabled for the project or not.
`passwordRequired`	`boolean` Whether a password is required for email auth or not. If true, both an email and password must be provided to sign in. If false, a user may sign in via either email/password or email link.

enabled

boolean

Whether email auth is enabled for the project or not.

passwordRequired

boolean

Whether a password is required for email auth or not. If true, both an email and password must be provided to sign in. If false, a user may sign in via either email/password or email link.

PhoneNumber

Configuration options related to authenticated a user by their phone number.

JSON representation
{ "enabled": boolean, "testPhoneNumbers": { string: string, ... } }

Fields

Fields
`enabled`	`boolean` Whether phone number auth is enabled for the project or not.
`testPhoneNumbers`	`map (key: string, value: string)` A map of <test phone number, fake code> that can be used for phone auth testing. An object containing a list of `"key": value` pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.

enabled

boolean

Whether phone number auth is enabled for the project or not.

testPhoneNumbers

map (key: string, value: string)

A map of <test phone number, fake code> that can be used for phone auth testing.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

Anonymous

Configuration options related to authenticating an anonymous user.

JSON representation
{ "enabled": boolean }

Fields

Fields
`enabled`	`boolean` Whether anonymous user auth is enabled for the project or not.

enabled

boolean

Whether anonymous user auth is enabled for the project or not.

NotificationConfig

Configuration related to sending notifications to users.

JSON representation
{ "sendEmail": { object (`SendEmail`) }, "sendSms": { object (`SendSms`) }, "defaultLocale": string }

Fields

Fields
`sendEmail`	`object (SendEmail)` Options for email sending.
`sendSms`	`object (SendSms)` Options for SMS sending.
`defaultLocale`	`string` Default locale used for email and SMS in IETF BCP 47 format.

sendEmail

object (SendEmail)

Options for email sending.

sendSms

object (SendSms)

Options for SMS sending.

defaultLocale

string

Default locale used for email and SMS in IETF BCP 47 format.

SendEmail

Options for email sending.

JSON representation

JSON representation
{ "method": enum (`Method`), "resetPasswordTemplate": { object (`EmailTemplate`) }, "verifyEmailTemplate": { object (`EmailTemplate`) }, "changeEmailTemplate": { object (`EmailTemplate`) }, "legacyResetPasswordTemplate": { object (`EmailTemplate`) }, "callbackUri": string, "dnsInfo": { object (`DnsInfo`) }, "revertSecondFactorAdditionTemplate": { object (`EmailTemplate`) }, // Union field `email_provider_config` can be only one of the following: "smtp": { object (`Smtp`) } // End of list of possible types for union field `email_provider_config`. }

{
  "method": enum (Method),
  "resetPasswordTemplate": {
    object (EmailTemplate)
  },
  "verifyEmailTemplate": {
    object (EmailTemplate)
  },
  "changeEmailTemplate": {
    object (EmailTemplate)
  },
  "legacyResetPasswordTemplate": {
    object (EmailTemplate)
  },
  "callbackUri": string,
  "dnsInfo": {
    object (DnsInfo)
  },
  "revertSecondFactorAdditionTemplate": {
    object (EmailTemplate)
  },

  // Union field email_provider_config can be only one of the following:
  "smtp": {
    object (Smtp)
  }
  // End of list of possible types for union field email_provider_config.
}

Fields
`method`	`enum (Method)` The method used for sending an email.
`resetPasswordTemplate`	`object (EmailTemplate)` Email template for reset password
`verifyEmailTemplate`	`object (EmailTemplate)` Email template for verify email
`changeEmailTemplate`	`object (EmailTemplate)` Email template for change email
`legacyResetPasswordTemplate`	`object (EmailTemplate)` Reset password email template for legacy Firebase V1 app.
`callbackUri`	`string` action url in email template.
`dnsInfo`	`object (DnsInfo)` Information of custom domain DNS verification.
`revertSecondFactorAdditionTemplate`	`object (EmailTemplate)` Email template for reverting second factor addition emails
Union field `email_provider_config`. Email provider configuration used to send emails `email_provider_config` can be only one of the following:
`smtp`	`object (Smtp)` Use a custom SMTP relay

Method

The method used for sending an email.

Enums
`METHOD_UNSPECIFIED`	Email method unspecified.
`DEFAULT`	Sending email on behalf of developer.
`CUSTOM_SMTP`	Sending email using SMTP configuration provided by developers.

Smtp

Configuration for SMTP relay

JSON representation
{ "senderEmail": string, "host": string, "port": integer, "username": string, "password": string, "securityMode": enum (`SecurityMode`) }

Fields
`senderEmail`	`string` Sender email for the SMTP relay
`host`	`string` SMTP relay host
`port`	`integer` SMTP relay port
`username`	`string` SMTP relay username
`password`	`string` SMTP relay password
`securityMode`	`enum (SecurityMode)` SMTP security mode.

SecurityMode

SMTP security mode.

Enums
`SECURITY_MODE_UNSPECIFIED`	Default value. Do not use.
`SSL`	SSL mode
`START_TLS`	START_TLS mode

EmailTemplate

Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The Google Cloud project's display name. %DISPLAY_NAME% - The user's display name.

JSON representation
{ "senderLocalPart": string, "subject": string, "senderDisplayName": string, "body": string, "bodyFormat": enum (`BodyFormat`), "replyTo": string, "customized": boolean }

Fields
`senderLocalPart`	`string` Local part of From address
`subject`	`string` Subject of the email
`senderDisplayName`	`string` Sender display name
`body`	`string` Email body
`bodyFormat`	`enum (BodyFormat)` Email body format
`replyTo`	`string` Reply-to address
`customized`	`boolean` Output only. Whether the body or subject of the email is customized.

BodyFormat

Email body format

Enums
`BODY_FORMAT_UNSPECIFIED`	Default value. Do not use.
`PLAIN_TEXT`	Plain text
`HTML`	HTML

DnsInfo

Information of custom domain DNS verification. By default, default_domain will be used. A custom domain can be configured using VerifyCustomDomain.

JSON representation
{ "customDomain": string, "useCustomDomain": boolean, "pendingCustomDomain": string, "customDomainState": enum (`VerificationState`), "domainVerificationRequestTime": string }

Fields
`customDomain`	`string` Output only. The applied verified custom domain.
`useCustomDomain`	`boolean` Whether to use custom domain.
`pendingCustomDomain`	`string` Output only. The custom domain that's to be verified.
`customDomainState`	`enum (VerificationState)` Output only. The current verification state of the custom domain. The custom domain will only be used once the domain verification is successful.
`domainVerificationRequestTime`	`string (Timestamp format)` Output only. The timestamp of initial request for the current domain verification. Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: `"2014-10-02T15:01:23Z"`, `"2014-10-02T15:01:23.045123456Z"` or `"2014-10-02T15:01:23+05:30"`.

SendSms

Options for SMS sending.

JSON representation
{ "useDeviceLocale": boolean, "smsTemplate": { object (`SmsTemplate`) } }

Fields

Fields
`useDeviceLocale`	`boolean` Whether to use the accept_language header for SMS.
`smsTemplate`	`object (SmsTemplate)` Output only. The template to use when sending an SMS.

useDeviceLocale

boolean

Whether to use the accept_language header for SMS.

smsTemplate

object (SmsTemplate)

Output only. The template to use when sending an SMS.

SmsTemplate

The template to use when sending an SMS.

JSON representation
{ "content": string }

Fields

Fields
`content`	`string` Output only. The SMS's content. Can contain the following placeholders which will be replaced with the appropriate values: %APP_NAME% - For Android or iOS apps, the app's display name. For web apps, the domain hosting the application. %LOGIN_CODE% - The OOB code being sent in the SMS.

content

string

Output only. The SMS's content. Can contain the following placeholders which will be replaced with the appropriate values: %APP_NAME% - For Android or iOS apps, the app's display name. For web apps, the domain hosting the application. %LOGIN_CODE% - The OOB code being sent in the SMS.

QuotaConfig

Configuration related to quotas.

JSON representation
{ "signUpQuotaConfig": { object (`TemporaryQuota`) } }

Fields

Fields
`signUpQuotaConfig`	`object (TemporaryQuota)` Quota for the Signup endpoint, if overwritten. Signup quota is measured in sign ups per project per hour per IP.

signUpQuotaConfig

object (TemporaryQuota)

Quota for the Signup endpoint, if overwritten. Signup quota is measured in sign ups per project per hour per IP.

TemporaryQuota

Temporary quota increase / decrease

JSON representation
{ "quota": string, "startTime": string, "quotaDuration": string }

Fields

Fields
`quota`	`string (int64 format)` Corresponds to the 'refill_token_count' field in QuotaServer config
`startTime`	`string (Timestamp format)` When this quota will take effect Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: `"2014-10-02T15:01:23Z"`, `"2014-10-02T15:01:23.045123456Z"` or `"2014-10-02T15:01:23+05:30"`.
`quotaDuration`	`string (Duration format)` How long this quota will be active for A duration in seconds with up to nine fractional digits, ending with '`s`'. Example: `"3.5s"`.

quota

string (int64 format)

Corresponds to the 'refill_token_count' field in QuotaServer config

startTime

string (Timestamp format)

When this quota will take effect

Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".

quotaDuration

string (Duration format)

How long this quota will be active for

A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s".

MultiTenantConfig

Configuration related to multi-tenant functionality.

JSON representation
{ "allowTenants": boolean, "defaultTenantLocation": string }

Fields

Fields
`allowTenants`	`boolean` Whether this project can have tenants or not.
`defaultTenantLocation`	`string` The default cloud parent org or folder that the tenant project should be created under. The parent resource name should be in the format of "/", such as "folders/123" or "organizations/456". If the value is not set, the tenant will be created under the same organization or folder as the agent project.

allowTenants

boolean

Whether this project can have tenants or not.

defaultTenantLocation

string

The default cloud parent org or folder that the tenant project should be created under. The parent resource name should be in the format of "/", such as "folders/123" or "organizations/456". If the value is not set, the tenant will be created under the same organization or folder as the agent project.

Subtype

The subtype of this config.

Enums
`SUBTYPE_UNSPECIFIED`	Default value. Do not use.
`IDENTITY_PLATFORM`	An Identity Platform project.
`FIREBASE_AUTH`	A Firebase Authentication project.

ClientConfig

Options related to how clients making requests on behalf of a project should be configured.

JSON representation
{ "apiKey": string, "permissions": { object (`Permissions`) }, "firebaseSubdomain": string }

Fields

Fields
`apiKey`	`string` Output only. API key that can be used when making requests for this project.
`permissions`	`object (Permissions)` Configuration related to restricting a user's ability to affect their account.
`firebaseSubdomain`	`string` Output only. Firebase subdomain.

apiKey

string

Output only. API key that can be used when making requests for this project.

permissions

object (Permissions)

Configuration related to restricting a user's ability to affect their account.

firebaseSubdomain

string

Output only. Firebase subdomain.

Permissions

Configuration related to restricting a user's ability to affect their account.

JSON representation
{ "disabledUserSignup": boolean, "disabledUserDeletion": boolean }

Fields

Fields
`disabledUserSignup`	`boolean` When true, end users cannot sign up for a new account on the associated project through any of our API methods
`disabledUserDeletion`	`boolean` When true, end users cannot delete their account on the associated project through any of our API methods

disabledUserSignup

boolean

When true, end users cannot sign up for a new account on the associated project through any of our API methods

disabledUserDeletion

boolean

When true, end users cannot delete their account on the associated project through any of our API methods

BlockingFunctionsConfig

Configuration related to Blocking Functions.

JSON representation
{ "triggers": { string: { object (`Trigger`) }, ... }, "forwardInboundCredentials": { object (`ForwardInboundCredentials`) } }

Fields

Fields
`triggers`	`map (key: string, value: object (Trigger))` Map of Trigger to event type. Key should be one of the supported event types: "beforeCreate", "beforeSignIn" An object containing a list of `"key": value` pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
`forwardInboundCredentials`	`object (ForwardInboundCredentials)` The user credentials to include in the JWT payload that is sent to the registered Blocking Functions.

triggers

map (key: string, value: object (Trigger))

Map of Trigger to event type. Key should be one of the supported event types: "beforeCreate", "beforeSignIn"

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

forwardInboundCredentials

object (ForwardInboundCredentials)

The user credentials to include in the JWT payload that is sent to the registered Blocking Functions.

Trigger

Synchronous Cloud Function with HTTP Trigger

JSON representation
{ "functionUri": string, "updateTime": string }

Fields

Fields
`functionUri`	`string` HTTP URI trigger for the Cloud Function.
`updateTime`	`string (Timestamp format)` When the trigger was changed. Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: `"2014-10-02T15:01:23Z"`, `"2014-10-02T15:01:23.045123456Z"` or `"2014-10-02T15:01:23+05:30"`.

functionUri

string

HTTP URI trigger for the Cloud Function.

updateTime

string (Timestamp format)

When the trigger was changed.

ForwardInboundCredentials

Indicates which credentials to pass to the registered Blocking Functions.

JSON representation
{ "idToken": boolean, "accessToken": boolean, "refreshToken": boolean }

Fields

Fields
`idToken`	`boolean` Whether to pass the user's OIDC identity provider's ID token.
`accessToken`	`boolean` Whether to pass the user's OAuth identity provider's access token.
`refreshToken`	`boolean` Whether to pass the user's OAuth identity provider's refresh token.

idToken

boolean

Whether to pass the user's OIDC identity provider's ID token.

accessToken

boolean

Whether to pass the user's OAuth identity provider's access token.

refreshToken

boolean

Whether to pass the user's OAuth identity provider's refresh token.