Reference documentation and code samples for the IAM Service Account Credentials V1 API class Google::Iam::Credentials::V1::GenerateIdTokenRequest.
Inherits
- Object
Extended By
- Google::Protobuf::MessageExts::ClassMethods
Includes
- Google::Protobuf::MessageExts
Methods
#audience
def audience() -> ::String
- (::String) — Required. The audience for the token, such as the API or account that this token grants access to.
#audience=
def audience=(value) -> ::String
- value (::String) — Required. The audience for the token, such as the API or account that this token grants access to.
- (::String) — Required. The audience for the token, such as the API or account that this token grants access to.
#delegates
def delegates() -> ::Array<::String>
-
(::Array<::String>) — The sequence of service accounts in a delegation chain. Each service
account must be granted the
roles/iam.serviceAccountTokenCreator
role on its next service account in the chain. The last service account in the chain must be granted theroles/iam.serviceAccountTokenCreator
role on the service account that is specified in thename
field of the request.The delegates must have the following format:
projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}
. The-
wildcard character is required; replacing it with a project ID is invalid.
#delegates=
def delegates=(value) -> ::Array<::String>
-
value (::Array<::String>) — The sequence of service accounts in a delegation chain. Each service
account must be granted the
roles/iam.serviceAccountTokenCreator
role on its next service account in the chain. The last service account in the chain must be granted theroles/iam.serviceAccountTokenCreator
role on the service account that is specified in thename
field of the request.The delegates must have the following format:
projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}
. The-
wildcard character is required; replacing it with a project ID is invalid.
-
(::Array<::String>) — The sequence of service accounts in a delegation chain. Each service
account must be granted the
roles/iam.serviceAccountTokenCreator
role on its next service account in the chain. The last service account in the chain must be granted theroles/iam.serviceAccountTokenCreator
role on the service account that is specified in thename
field of the request.The delegates must have the following format:
projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}
. The-
wildcard character is required; replacing it with a project ID is invalid.
#include_email
def include_email() -> ::Boolean
-
(::Boolean) — Include the service account email in the token. If set to
true
, the token will containemail
andemail_verified
claims.
#include_email=
def include_email=(value) -> ::Boolean
-
value (::Boolean) — Include the service account email in the token. If set to
true
, the token will containemail
andemail_verified
claims.
-
(::Boolean) — Include the service account email in the token. If set to
true
, the token will containemail
andemail_verified
claims.
#name
def name() -> ::String
-
(::String) — Required. The resource name of the service account for which the credentials
are requested, in the following format:
projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}
. The-
wildcard character is required; replacing it with a project ID is invalid.
#name=
def name=(value) -> ::String
-
value (::String) — Required. The resource name of the service account for which the credentials
are requested, in the following format:
projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}
. The-
wildcard character is required; replacing it with a project ID is invalid.
-
(::String) — Required. The resource name of the service account for which the credentials
are requested, in the following format:
projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}
. The-
wildcard character is required; replacing it with a project ID is invalid.