Policy API overview

The Cloud Identity Policy API is a read-only API that can be used to programmatically view the settings that administrators can configure through the Admin console for a Google Workspace domain.

The Cloud Identity Policy API provides a different view of policies than the Admin console. For a given setting, the Admin console displays a reduced setting value for an organization unit or group, while the Cloud Identity Policy API provide the underlying source of truth policies where a value has been explicitly set.

Only a super administrator can use the Cloud Identity Policy API.

What's next

• To set up Cloud Identity, see Setting up Cloud Identity.
• To set up the Policy API, see Setting up the Policy API.
• To list and get policies, see Listing and getting policies.
• To learn more about which settings are supported by the Policy API, see Policy API supported settings.