Policy API overview

The Cloud Identity Policy API is a read-only API that can be used to programmatically view the settings that administrators can configure through the Admin console for a Google Workspace domain.

The Cloud Identity Policy API provides a different view of policies than the Admin console. For a given setting, the Admin console displays a reduced setting value for an organization unit or group, while the Cloud Identity Policy API provide the underlying source of truth policies where a value has been explicitly set.

Only a super administrator can use the Cloud Identity Policy API.

What's next

To set up Cloud Identity, see Setting up Cloud Identity.
To set up the Policy API, see Setting up the Policy API.
To list and get policies, see Listing and getting policies.
To learn more about which settings are supported by the Policy API, see Policy API supported settings.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-09-16 UTC.