Index
ProjectConfigService
(interface)TenantManagementService
(interface)BlockingFunctionsConfig
(message)BlockingFunctionsConfig.Trigger
(message)ClientConfig
(message)ClientConfig.Permissions
(message)Config
(message)Config.Subtype
(enum)CreateDefaultSupportedIdpConfigRequest
(message)CreateInboundSamlConfigRequest
(message)CreateOAuthIdpConfigRequest
(message)CreateTenantRequest
(message)DefaultSupportedIdp
(message)DefaultSupportedIdpConfig
(message)DeleteDefaultSupportedIdpConfigRequest
(message)DeleteInboundSamlConfigRequest
(message)DeleteOAuthIdpConfigRequest
(message)DeleteTenantRequest
(message)EnableCicpRequest
(message)EnableCicpResponse
(message)GetConfigRequest
(message)GetDefaultSupportedIdpConfigRequest
(message)GetInboundSamlConfigRequest
(message)GetOAuthIdpConfigRequest
(message)GetTenantRequest
(message)HashConfig
(message)HashConfig.HashAlgorithm
(enum)IdpCertificate
(message)InboundSamlConfig
(message)InboundSamlConfig.IdpConfig
(message)InboundSamlConfig.SpConfig
(message)ListDefaultSupportedIdpConfigsRequest
(message)ListDefaultSupportedIdpConfigsResponse
(message)ListDefaultSupportedIdpsRequest
(message)ListDefaultSupportedIdpsResponse
(message)ListInboundSamlConfigsRequest
(message)ListInboundSamlConfigsResponse
(message)ListOAuthIdpConfigsRequest
(message)ListOAuthIdpConfigsResponse
(message)ListTenantsRequest
(message)ListTenantsResponse
(message)MonitoringConfig
(message)MonitoringConfig.RequestLogging
(message)MultiFactorAuthConfig
(message)MultiFactorAuthConfig.Provider
(enum)MultiFactorAuthConfig.State
(enum)NotificationConfig
(message)NotificationConfig.SendEmail
(message)NotificationConfig.SendEmail.DnsInfo
(message)NotificationConfig.SendEmail.DnsInfo.VerificationState
(enum)NotificationConfig.SendEmail.EmailTemplate
(message)NotificationConfig.SendEmail.EmailTemplate.BodyFormat
(enum)NotificationConfig.SendEmail.Method
(enum)NotificationConfig.SendEmail.Smtp
(message)NotificationConfig.SendEmail.Smtp.SecurityMode
(enum)NotificationConfig.SendSms
(message)NotificationConfig.SendSms.SmsTemplate
(message)OAuthIdpConfig
(message)OAuthIdpConfig.OAuthResponseType
(message)QuotaConfig
(message)QuotaConfig.TemporaryQuota
(message)SignInConfig
(message)SignInConfig.Anonymous
(message)SignInConfig.Email
(message)SignInConfig.PhoneNumber
(message)SpCertificate
(message)Tenant
(message)UpdateConfigRequest
(message)UpdateDefaultSupportedIdpConfigRequest
(message)UpdateInboundSamlConfigRequest
(message)UpdateOAuthIdpConfigRequest
(message)UpdateTenantRequest
(message)VerifyDomainRequest
(message)VerifyDomainRequest.DomainVerificationAction
(enum)VerifyDomainResponse
(message)
ProjectConfigService
Project configuration for Identity Toolkit
CreateDefaultSupportedIdpConfig |
---|
Create a default supported Idp configuration for an Identity Toolkit project.
|
CreateInboundSamlConfig |
---|
Create an inbound SAML configuration for an Identity Toolkit project.
|
CreateOAuthIdpConfig |
---|
Create an Oidc Idp configuration for an Identity Toolkit project.
|
DeleteDefaultSupportedIdpConfig |
---|
Delete a default supported Idp configuration for an Identity Toolkit project.
|
DeleteInboundSamlConfig |
---|
Delete an inbound SAML configuration for an Identity Toolkit project.
|
DeleteOAuthIdpConfig |
---|
Delete an Oidc Idp configuration for an Identity Toolkit project.
|
EnableCicp |
---|
Enable CICP for a Cloud project. Cloud Identity for Customers and Partners (or CICP), is an end-to-end authentication system for third-party users to access your apps and services. These could include Mobile/Web Apps, Games, API's and beyond.
|
GetConfig |
---|
Retrieve an Identity Toolkit project configuration.
|
GetDefaultSupportedIdpConfig |
---|
Retrieve a default supported Idp configuration for an Identity Toolkit project.
|
GetInboundSamlConfig |
---|
Retrieve an inbound SAML configuration for an Identity Toolkit project.
|
GetOAuthIdpConfig |
---|
Retrieve an Oidc Idp configuration for an Identity Toolkit project.
|
ListDefaultSupportedIdpConfigs |
---|
List all default supported Idp configurations for an Identity Toolkit project.
|
ListDefaultSupportedIdps |
---|
List all default supported Idps.
|
ListInboundSamlConfigs |
---|
List all inbound SAML configurations for an Identity Toolkit project.
|
ListOAuthIdpConfigs |
---|
List all Oidc Idp configurations for an Identity Toolkit project.
|
UpdateConfig |
---|
Update an Identity Toolkit project configuration.
|
UpdateDefaultSupportedIdpConfig |
---|
Update a default supported Idp configuration for an Identity Toolkit project.
|
UpdateInboundSamlConfig |
---|
Update an inbound SAML configuration for an Identity Toolkit project.
|
UpdateOAuthIdpConfig |
---|
Update an Oidc Idp configuration for an Identity Toolkit project.
|
VerifyDomain |
---|
Verify the requested custom domain has required DNS records.
|
TenantManagementService
Tenant management service for GCIP.
CreateTenant |
---|
Create a tenant. Requires write permission on the Agent project.
|
DeleteTenant |
---|
Delete a tenant. Requires write permission on the Agent project.
|
GetTenant |
---|
Get a tenant. Requires read permission on the Tenant resource.
|
ListTenants |
---|
List tenants under the given agent project. Requires read permission on the Agent project.
|
UpdateTenant |
---|
Update a tenant. Requires write permission on the Tenant resource.
|
BlockingFunctionsConfig
Configuration related to blocking functions.
Fields | |
---|---|
triggers |
Map of Trigger to event type. Key should be one of the supported event types: "beforeCreate", "beforeSignIn" |
Trigger
Synchronous Cloud Function with HTTP Trigger
Fields | |
---|---|
function_uri |
HTTP URI trigger for the Cloud Function. |
update_time |
When the trigger was changed. |
ClientConfig
Options related to how clients making requests on behalf of a project should be configured.
Fields | |
---|---|
api_key |
Output only. API key that can be used when making requests for this project. |
permissions |
Configuration related to restricting a user's ability to affect their account. |
firebase_subdomain |
Output only. Firebase subdomain. |
Permissions
Configuration related to restricting a user's ability to affect their account.
Fields | |
---|---|
disabled_user_signup |
When true, end users cannot sign up for a new account on the associated project through any of our API methods |
disabled_user_deletion |
When true, end users cannot delete their account on the associated project through any of our API methods |
Config
Represents an Identity Toolkit project.
Fields | |
---|---|
name |
Output only. The name of the Config resource. Example: "projects/my-awesome-project/config" |
sign_in |
Configuration related to local sign in methods. |
notification |
Configuration related to sending notifications to users. |
quota |
Configuration related to quotas. |
monitoring |
Configuration related to monitoring project activity. |
authorized_domains[] |
List of domains authorized for OAuth redirects |
subtype |
Output only. The subtype of this config. |
client |
Options related to how clients making requests on behalf of a project should be configured. |
mfa |
Configuration for this project's multi-factor authentication, including whether it is active and what factors can be used for the second factor |
blocking_functions |
Configuration related to blocking functions. |
Subtype
The subtype of this config.
Enums | |
---|---|
SUBTYPE_UNSPECIFIED |
Default value. Do not use. |
CUSTOMER_IDENTITY |
A Customer Identity project. |
FIREBASE_AUTH |
A Firebase Authentication project. |
CreateDefaultSupportedIdpConfigRequest
Request for CreateDefaultSupportedIdpConfig
Fields | |
---|---|
parent |
The parent resource name where the config to be created, for example: "projects/my-awesome-project" Authorization requires the following IAM permission on the specified resource
|
idp_id |
The id of the Idp to create a config for. Call ListDefaultSupportedIdps for list of all default supported Idps. |
default_supported_idp_config |
The config resource which replaces the resource on the server. |
CreateInboundSamlConfigRequest
Request for CreateInboundSamlConfig
Fields | |
---|---|
parent |
The parent resource name where the config to be created, for example: "projects/my-awesome-project" Authorization requires the following IAM permission on the specified resource
|
inbound_saml_config_id |
The id to use for this config. |
inbound_saml_config |
The config resource to create. Client must not set the |
CreateOAuthIdpConfigRequest
Request for CreateOAuthIdpConfig
Fields | |
---|---|
parent |
The parent resource name where the config to be created, for example: "projects/my-awesome-project" Authorization requires the following IAM permission on the specified resource
|
oauth_idp_config_id |
The id to use for this config. |
oauth_idp_config |
The config resource to create. Client must not set the |
CreateTenantRequest
Request message for CreateTenant.
Fields | |
---|---|
parent |
The parent resource name where the tenant will be created. For example, "projects/project1". Authorization requires the following IAM permission on the specified resource
|
tenant |
Required. Tenant to be created. |
DefaultSupportedIdp
Standard Identity Toolkit-trusted IDPs.
Fields | |
---|---|
idp_id |
Id the of Idp |
description |
Description of the Idp |
DefaultSupportedIdpConfig
Configurations options for authenticating with a the standard set of Identity Toolkit-trusted IDPs.
Fields | |
---|---|
name |
The name of the DefaultSupportedIdpConfig resource, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com" |
enabled |
True if allows the user to sign in with the provider. |
client_id |
OAuth client ID. |
client_secret |
OAuth client secret. |
display_on_cloud_console |
Output only. Whether to show the IdP config on pantheon if the IdP is in disabled state. |
DeleteDefaultSupportedIdpConfigRequest
Request for DeleteDefaultSupportedIdpConfig
Fields | |
---|---|
name |
The resource name of the config, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com" Authorization requires the following IAM permission on the specified resource
|
DeleteInboundSamlConfigRequest
Request for DeleteInboundSamlConfig
Fields | |
---|---|
name |
The resource name of the config to be deleted, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Authorization requires the following IAM permission on the specified resource
|
DeleteOAuthIdpConfigRequest
Request for DeleteOAuthIdpConfig
Fields | |
---|---|
name |
The resource name of the config to be deleted, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Authorization requires the following IAM permission on the specified resource
|
DeleteTenantRequest
Request message for DeleteTenant.
Fields | |
---|---|
name |
Resource name of the tenant to delete. Authorization requires the following IAM permission on the specified resource
|
EnableCicpRequest
Request for EnableCicp.
Fields | |
---|---|
project |
The resource name of the target project the developer wants to enable CICP for. Authorization requires the following IAM permission on the specified resource
|
EnableCicpResponse
This type has no fields.
Response for EnableCicp. Empty for now.
GetConfigRequest
Request for GetConfig
Fields | |
---|---|
name |
The resource name of the config, for example: "projects/my-awesome-project/config" Authorization requires the following IAM permission on the specified resource
|
GetDefaultSupportedIdpConfigRequest
Request for GetDefaultSupportedIdpConfig
Fields | |
---|---|
name |
The resource name of the config, for example: "projects/my-awesome-project/defaultSupportedIdpConfigs/google.com" Authorization requires the following IAM permission on the specified resource
|
GetInboundSamlConfigRequest
Request for GetInboundSamlConfig
Fields | |
---|---|
name |
The resource name of the config, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Authorization requires the following IAM permission on the specified resource
|
GetOAuthIdpConfigRequest
Requesst for GetOAuthIdpConfig
Fields | |
---|---|
name |
The resource name of the config, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Authorization requires the following IAM permission on the specified resource
|
GetTenantRequest
Request message for GetTenant.
Fields | |
---|---|
name |
Resource name of the tenant to retrieve. Authorization requires the following IAM permission on the specified resource
|
HashConfig
History information of the hash algorithm and key. Different accounts' passwords may be generated by different version.
Fields | |
---|---|
algorithm |
Output only. Different password hash algorithms used in Identity Toolkit. |
signer_key |
Output only. Signer key in base64. |
salt_separator |
Output only. Non-printable character to be inserted between the salt and plain text password in base64. |
rounds |
Output only. How many rounds for hash calculation. Used by scrypt and other similar password derivation algorithms. |
memory_cost |
Output only. Memory cost for hash calculation. Used by scrypt and other similar password derivation algorithms. See https://tools.ietf.org/html/rfc7914 for explanation of field. |
HashAlgorithm
Different password hash algorithms used in Identity Toolkit.
Enums | |
---|---|
HASH_ALGORITHM_UNSPECIFIED |
Default value. Do not use. |
HMAC_SHA256 |
HMAC_SHA256 |
HMAC_SHA1 |
HMAC_SHA1 |
HMAC_MD5 |
HMAC_MD5 |
SCRYPT |
SCRYPT |
PBKDF_SHA1 |
PBKDF_SHA1 |
MD5 |
MD5 |
HMAC_SHA512 |
HMAC_SHA512 |
SHA1 |
SHA1 |
BCRYPT |
BCRYPT |
PBKDF2_SHA256 |
PBKDF2_SHA256 |
SHA256 |
SHA256 |
SHA512 |
SHA512 |
STANDARD_SCRYPT |
STANDARD_SCRYPT |
IdpCertificate
The proto for the IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
Fields | |
---|---|
x509_certificate |
The x509 certificate |
InboundSamlConfig
The proto for storing a pair of SAML RP-IDP configurations when the project acts as the relying party.
Fields | |
---|---|
name |
The name of the InboundSamlConfig resource, for example: 'projects/my-awesome-project/inboundSamlConfigs/my-config-id'. Ignored during create requests. |
idp_config |
The proto for storing SAML IdP (Identity Provider) configuration when the project acts as the relying party. |
sp_config |
The proto for storing SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider. |
display_name |
The config's display name set by developers. |
enabled |
True if allows the user to sign in with the provider. |
IdpConfig
The proto for storing SAML IdP (Identity Provider) configuration when the project acts as the relying party.
Fields | |
---|---|
idp_entity_id |
Unique identifier for all SAML entities. |
sso_url |
URL to send Authentication request to. |
idp_certificates[] |
IDP's public keys for verifying signature in the assertions. |
sign_request |
Indicates if outbounding SAMLRequest should be signed. |
SpConfig
The proto for storing SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
Fields | |
---|---|
sp_entity_id |
Unique identifier for all SAML entities. |
callback_uri |
Callback URI where responses from IDP are handled. |
sp_certificates[] |
Output only. Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow. |
ListDefaultSupportedIdpConfigsRequest
Request for ListDefaultSupportedIdpConfigs
Fields | |
---|---|
parent |
The parent resource name, for example, "projects/my-awesome-project". Authorization requires the following IAM permission on the specified resource
|
page_size |
The maximum number of items to return. |
page_token |
The next_page_token value returned from a previous List request, if any. |
ListDefaultSupportedIdpConfigsResponse
Response for ListDefaultSupportedIdpConfigs
Fields | |
---|---|
default_supported_idp_configs[] |
The set of configs. |
next_page_token |
Token to retrieve the next page of results, or empty if there are no more results in the list. |
ListDefaultSupportedIdpsRequest
Request for ListDefaultSupportedIdps
Fields | |
---|---|
page_size |
The maximum number of items to return. |
page_token |
The next_page_token value returned from a previous List request, if any. |
ListDefaultSupportedIdpsResponse
Response for ListDefaultSupportedIdps
Fields | |
---|---|
default_supported_idps[] |
The set of configs. |
next_page_token |
Token to retrieve the next page of results, or empty if there are no more results in the list. |
ListInboundSamlConfigsRequest
Request for ListInboundSamlConfigs
Fields | |
---|---|
parent |
The parent resource name, for example, "projects/my-awesome-project". Authorization requires the following IAM permission on the specified resource
|
page_size |
The maximum number of items to return. |
page_token |
The next_page_token value returned from a previous List request, if any. |
ListInboundSamlConfigsResponse
Response for ListInboundSamlConfigs
Fields | |
---|---|
inbound_saml_configs[] |
The set of configs. |
next_page_token |
Token to retrieve the next page of results, or empty if there are no more results in the list. |
ListOAuthIdpConfigsRequest
Request for ListOAuthIdpConfigs
Fields | |
---|---|
parent |
The parent resource name, for example, "projects/my-awesome-project". Authorization requires the following IAM permission on the specified resource
|
page_size |
The maximum number of items to return. |
page_token |
The next_page_token value returned from a previous List request, if any. |
ListOAuthIdpConfigsResponse
Response for ListOAuthIdpConfigs
Fields | |
---|---|
oauth_idp_configs[] |
The set of configs. |
next_page_token |
Token to retrieve the next page of results, or empty if there are no more results in the list. |
ListTenantsRequest
Request message for ListTenants.
Fields | |
---|---|
parent |
Required. The parent resource name to list tenants for. Authorization requires the following IAM permission on the specified resource
|
page_token |
The pagination token from the response of a previous request. |
page_size |
The maximum number of results to return, capped at 1000. If not specified, the default value is 20. |
ListTenantsResponse
Response message for ListTenants.
Fields | |
---|---|
tenants[] |
A list of tenants under the given agent project. |
next_page_token |
The token to get the next page of results. |
MonitoringConfig
Configuration related to monitoring project activity.
Fields | |
---|---|
request_logging |
Configuration for logging requests made to this project to Stackdriver Logging |
RequestLogging
Configuration for logging requests made to this project to Stackdriver Logging
Fields | |
---|---|
enabled |
Whether logging is enabled for this project or not. |
MultiFactorAuthConfig
Options related to MultiFactor Authentication for the project.
Fields | |
---|---|
state |
Whether MultiFactor Authentication has been enabled for this project. |
enabled_providers[] |
A list of usable second factors for this project. |
Provider
A list of usable second factors for this project.
Enums | |
---|---|
PROVIDER_UNSPECIFIED |
Illegal Provider, should not be used |
PHONE_SMS |
SMS is enabled as a second factor for this project. |
State
Whether MultiFactor Authentication has been enabled for this project.
Enums | |
---|---|
STATE_UNSPECIFIED |
Illegal State, should not be used. |
DISABLED |
Multi-factor authentication cannot be used for this project |
ENABLED |
Multi-factor authentication can be used for this project |
ADMIN_ENABLED |
Multi-factor authentication can be used for this project, but can only be set up by project administrators |
NotificationConfig
Configuration related to sending notifications to users.
Fields | |
---|---|
send_email |
Options for email sending. |
send_sms |
Options for SMS sending. |
default_locale |
Default locale used for email and SMS in IETF BCP 47 format. |
SendEmail
Options for email sending.
Fields | |
---|---|
method |
The method used for sending an email. |
reset_password_template |
Email template for reset password |
verify_email_template |
Email template for verify email |
change_email_template |
Email template for change email |
legacy_reset_password_template |
Reset password email template for legacy Firebase V1 app. |
callback_uri |
action url in email template. |
dns_info |
Information of custom domain DNS verification. |
Union field email_provider_config . Email provider configuration used to send emails email_provider_config can be only one of the following: |
|
smtp |
Use a custom SMTP relay |
DnsInfo
Information of custom domain DNS verification. By default, default_domain will be used. A custom domain can be configured using VerifyCustomDomain.
Fields | |
---|---|
custom_domain |
Output only. The applied verified custom domain. |
use_custom_domain |
Whether to use custom domain. |
pending_custom_domain |
Output only. The custom domain that's to be verified. |
custom_domain_state |
Output only. The current verification state of the custom domain. The custom domain will only be used once the domain verification is successful. |
domain_verification_request_time |
Output only. The timestamp of initial request for the current domain verification. |
VerificationState
The current verification state of the custom domain.
Enums | |
---|---|
VERIFICATION_STATE_UNSPECIFIED |
Default value. Do not use. |
NOT_STARTED |
The verification has not started. |
IN_PROGRESS |
The verification is in progress. |
FAILED |
The verification failed. |
SUCCEEDED |
The verification succeeded and is ready to be applied. |
EmailTemplate
Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The Google Cloud project's display name. %DISPLAY_NAME% - The user's display name.
Fields | |
---|---|
sender_local_part |
Local part of From address |
subject |
Subject of the email |
sender_display_name |
Sender display name |
body |
Email body |
body_format |
Email body format |
reply_to |
Reply-to address |
customized |
Output only. Whether the body or subject of the email is customized. |
BodyFormat
Email body format
Enums | |
---|---|
BODY_FORMAT_UNSPECIFIED |
Default value. Do not use. |
PLAIN_TEXT |
Plain text |
HTML |
HTML |
Method
The method used for sending an email.
Enums | |
---|---|
METHOD_UNSPECIFIED |
Email method unspecified. |
DEFAULT |
Sending email on behalf of developer. |
CUSTOM_SMTP |
Sending email using SMTP configuration provided by developers. |
Smtp
Configuration for SMTP relay
Fields | |
---|---|
sender_email |
Sender email for the SMTP relay |
host |
SMTP relay host |
port |
SMTP relay port |
username |
SMTP relay username |
password |
SMTP relay password |
security_mode |
SMTP security mode. |
SecurityMode
SMTP security mode.
Enums | |
---|---|
SECURITY_MODE_UNSPECIFIED |
Default value. Do not use. |
SSL |
SSL mode |
START_TLS |
START_TLS mode |
SendSms
Options for SMS sending.
Fields | |
---|---|
use_device_locale |
Whether to use the accept_language header for SMS. |
sms_template |
Output only. The template to use when sending an SMS. |
SmsTemplate
The template to use when sending an SMS.
Fields | |
---|---|
content |
Output only. The SMS's content. Can contain the following placeholders which will be replaced with the appropriate values: %APP_NAME% - For Android or iOS apps, the app's display name. For web apps, the domain hosting the application. %LOGIN_CODE% - The OOB code being sent in the SMS. |
OAuthIdpConfig
Configuration options for authenticating with an OAuth IDP.
Fields | |
---|---|
name |
The name of the OAuthIdpConfig resource, for example: 'projects/my-awesome-project/oauthIdpConfigs/oauth-config-id'. Ignored during create requests. |
client_id |
The client id of an OAuth client. |
issuer |
For OIDC Idps, the issuer identifier. |
display_name |
The config's display name set by developers. |
enabled |
True if allows the user to sign in with the provider. |
client_secret |
The client secret of the OAuth client, to enable OIDC code flow. |
response_type |
The response type to request for in the OAuth authorization flow. You can set either |
OAuthResponseType
The response type to request for in the OAuth authorization flow. You can set either id_token
or code
to true, but not both. Setting both types to be simultaneously true ({code: true, id_token: true}
) is not yet supported.
See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow.
Fields | |
---|---|
id_token |
If true, ID token is returned from IdP's authorization endpoint. |
code |
If true, authorization code is returned from IdP's authorization endpoint. |
token |
Do not use. The |
QuotaConfig
Configuration related to quotas.
Fields | |
---|---|
sign_up_quota_config |
Quota for the Signup endpoint, if overwritten. Signup quota is measured in sign ups per project per hour per IP. |
TemporaryQuota
Temporary quota increase / decrease
Fields | |
---|---|
quota |
Corresponds to the 'refill_token_count' field in QuotaServer config |
start_time |
When this quota will take effect |
quota_duration |
How long this quota will be active for |
SignInConfig
Configuration related to local sign in methods.
Fields | |
---|---|
email |
Configuration options related to authenticating a user by their email address. |
phone_number |
Configuration options related to authenticated a user by their phone number. |
anonymous |
Configuration options related to authenticating an anonymous user. |
allow_duplicate_emails |
Whether to allow more than one account to have the same email. |
hash_config |
Output only. Hash config information. |
Anonymous
Configuration options related to authenticating an anonymous user.
Fields | |
---|---|
enabled |
Whether anonymous user auth is enabled for the project or not. |
Configuration options related to authenticating a user by their email address.
Fields | |
---|---|
enabled |
Whether email auth is enabled for the project or not. |
password_required |
Whether a password is required for email auth or not. If true, both an email and password must be provided to sign in. If false, a user may sign in via either email/password or email link. |
hash_config |
Output only. Hash config information. |
PhoneNumber
Configuration options related to authenticated a user by their phone number.
Fields | |
---|---|
enabled |
Whether phone number auth is enabled for the project or not. |
test_phone_numbers |
A map of <test phone number, fake code> that can be used for phone auth testing. |
SpCertificate
The proto for the SP's certificate data for IDP to verify the SAMLRequest generated by the SP.
Fields | |
---|---|
x509_certificate |
Self-signed public certificate. |
expires_at |
Timestamp of the cert expiration instance. |
Tenant
A Tenant contains configuration for the tenant in a multi-tenant project.
Fields | |
---|---|
name |
Resource name of a tenant. For example: "projects/project1/tenants/tenant1" |
display_name |
Display name of the tenant. |
saml_configs[] |
SAML configurations requested. |
idp_configs[] |
IDP configurations requested. |
allow_password_signup |
Whether to allow email/password sign up. |
enable_email_link_signin |
Whether to enable email link sign up. |
disable_auth |
Whether the tenant is disabled for authentication. The users under the disabled tenant are not allowed to sign-in. Admins of the disabled tenant are not able to manage its users. |
UpdateConfigRequest
Request for UpdateConfig
Fields | |
---|---|
config |
The config resource which replaces the resource on the server. Authorization requires the following IAM permission on the specified resource
|
update_mask |
The update mask applies to the resource. Fields set in the config but not included in this update mask will be ignored. For the |
UpdateDefaultSupportedIdpConfigRequest
Request for UpdateDefaultSupportedIdpConfig
Fields | |
---|---|
default_supported_idp_config |
The config resource which replaces the resource on the server. Authorization requires the following IAM permission on the specified resource
|
update_mask |
The update mask applies to the resource. For the |
UpdateInboundSamlConfigRequest
Request for UpdateInboundSamlConfig
Fields | |
---|---|
inbound_saml_config |
The config resource which replaces the resource on the server. Authorization requires the following IAM permission on the specified resource
|
update_mask |
The update mask applies to the resource. Empty update mask will result in updating nothing. For the |
UpdateOAuthIdpConfigRequest
Request for UpdateOAuthIdpConfig
Fields | |
---|---|
oauth_idp_config |
The config resource which replaces the resource on the server. Authorization requires the following IAM permission on the specified resource
|
update_mask |
The update mask applies to the resource. Empty update mask will result in updating nothing. For the |
UpdateTenantRequest
Request message for UpdateTenant.
Fields | |
---|---|
tenant |
Required. Tenant to be updated. Authorization requires the following IAM permission on the specified resource
|
update_mask |
The update mask applies to the resource. For the |
VerifyDomainRequest
Request message to verify the requested custom domain has required DNS records.
Fields | |
---|---|
resource |
The name of the resource to verify the domain of. This method currently accepts verifying domains for either projects (example 'projects/my-awesome-project') or tenants (example 'projects/my-awesome-project/tenants/my-awesome-tenant'). Authorization requires the following IAM permission on the specified resource
|
domain |
The target domain of this request. |
action |
The action being attempted on the given domain. |
DomainVerificationAction
The action being attempted on the given domain.
Enums | |
---|---|
DOMAIN_VERIFICATION_ACTION_UNSPECIFIED |
Default value. Do not use. |
VERIFY |
Verify the domain in request. |
CANCEL |
Cancel the current verification process. |
APPLY |
Apply the custom domain in email sending. |
VerifyDomainResponse
Response for VerifyDomain request.
Fields | |
---|---|
verification_state |
The resulting state for the given domain after this request is processed. |
verification_error |
When applicable, a textual explanation for why the domain wasn't enable to be verified. |