Namespace Google.Apis.CloudIdentity.v1
Classes
CloudIdentityBaseServiceRequest<TResponse>
A base abstract class for CloudIdentity requests.
CloudIdentityService
The CloudIdentity Service.
CloudIdentityService.Scope
Available OAuth 2.0 scopes for use with the Cloud Identity API.
CloudIdentityService.ScopeConstants
Available OAuth 2.0 scope constants for use with the Cloud Identity API.
CustomersResource
The "customers" collection of methods.
CustomersResource.UserinvitationsResource
The "userinvitations" collection of methods.
CustomersResource.UserinvitationsResource.CancelRequest
Cancels a UserInvitation that was already sent.
CustomersResource.UserinvitationsResource.GetRequest
Retrieves a UserInvitation resource. Note: New consumer accounts with the customer's verified domain created within the previous 48 hours will not appear in the result. This delay also applies to newly-verified domains.
CustomersResource.UserinvitationsResource.IsInvitableUserRequest
Verifies whether a user account is eligible to receive a UserInvitation (is an unmanaged account). Eligibility is based on the following criteria: * the email address is a consumer account and it's the primary email address of the account, and * the domain of the email address matches an existing verified Google Workspace or Cloud Identity domain If both conditions are met, the user is eligible. Note: This method is not supported for Workspace Essentials customers.
CustomersResource.UserinvitationsResource.ListRequest
Retrieves a list of UserInvitation resources. Note: New consumer accounts with the customer's verified domain created within the previous 48 hours will not appear in the result. This delay also applies to newly-verified domains.
CustomersResource.UserinvitationsResource.SendRequest
Sends a UserInvitation to email. If the UserInvitation
does not exist for this request and it is a
valid request, the request creates a UserInvitation
. Note: The get
and list
methods have a
48-hour delay where newly-created consumer accounts will not appear in the results. You can still send a
UserInvitation
to those accounts if you know the unmanaged email address and IsInvitableUser==True.
DevicesResource
The "devices" collection of methods.
DevicesResource.CancelWipeRequest
Cancels an unfinished device wipe. This operation can be used to cancel device wipe in the gap between the wipe operation returning success and the device being wiped. This operation is possible when the device is in a "pending wipe" state. The device enters the "pending wipe" state when a wipe device command is issued, but has not yet been sent to the device. The cancel wipe will fail if the wipe command has already been issued to the device.
DevicesResource.CreateRequest
Creates a device. Only company-owned device may be created. Note: This method is available only to customers who have one of the following SKUs: Enterprise Standard, Enterprise Plus, Enterprise for Education, and Cloud Identity Premium
DevicesResource.DeleteRequest
Deletes the specified device.
DevicesResource.DeviceUsersResource
The "deviceUsers" collection of methods.
DevicesResource.DeviceUsersResource.ApproveRequest
Approves device to access user data.
DevicesResource.DeviceUsersResource.BlockRequest
Blocks device from accessing user data
DevicesResource.DeviceUsersResource.CancelWipeRequest
Cancels an unfinished user account wipe. This operation can be used to cancel device wipe in the gap between the wipe operation returning success and the device being wiped.
DevicesResource.DeviceUsersResource.ClientStatesResource
The "clientStates" collection of methods.
DevicesResource.DeviceUsersResource.ClientStatesResource.GetRequest
Gets the client state for the device user
DevicesResource.DeviceUsersResource.ClientStatesResource.ListRequest
Lists the client states for the given search query.
DevicesResource.DeviceUsersResource.ClientStatesResource.PatchRequest
Updates the client state for the device user Note: This method is available only to customers who have one of the following SKUs: Enterprise Standard, Enterprise Plus, Enterprise for Education, and Cloud Identity Premium
DevicesResource.DeviceUsersResource.DeleteRequest
Deletes the specified DeviceUser. This also revokes the user's access to device data.
DevicesResource.DeviceUsersResource.GetRequest
Retrieves the specified DeviceUser
DevicesResource.DeviceUsersResource.ListRequest
Lists/Searches DeviceUsers.
DevicesResource.DeviceUsersResource.LookupRequest
Looks up resource names of the DeviceUsers associated with the caller's credentials, as well as the properties provided in the request. This method must be called with end-user credentials with the scope: https://www.googleapis.com/auth/cloud-identity.devices.lookup If multiple properties are provided, only DeviceUsers having all of these properties are considered as matches - i.e. the query behaves like an AND. Different platforms require different amounts of information from the caller to ensure that the DeviceUser is uniquely identified. - iOS: No properties need to be passed, the caller's credentials are sufficient to identify the corresponding DeviceUser. - Android: Specifying the 'android_id' field is required. - Desktop: Specifying the 'raw_resource_id' field is required.
DevicesResource.DeviceUsersResource.WipeRequest
Wipes the user's account on a device. Other data on the device that is not associated with the user's work account is not affected. For example, if a Gmail app is installed on a device that is used for personal and work purposes, and the user is logged in to the Gmail app with their personal account as well as their work account, wiping the "deviceUser" by their work administrator will not affect their personal account within Gmail or other apps such as Photos.
DevicesResource.GetRequest
Retrieves the specified device.
DevicesResource.ListRequest
Lists/Searches devices.
DevicesResource.WipeRequest
Wipes all data on the specified device.
GroupsResource
The "groups" collection of methods.
GroupsResource.CreateRequest
Creates a Group.
GroupsResource.DeleteRequest
Deletes a Group
.
GroupsResource.GetRequest
Retrieves a Group
.
GroupsResource.GetSecuritySettingsRequest
Get Security Settings
GroupsResource.ListRequest
Lists the Group
resources under a customer or namespace.
GroupsResource.LookupRequest
Looks up the resource name of a Group
by its
EntityKey
.
GroupsResource.MembershipsResource
The "memberships" collection of methods.
GroupsResource.MembershipsResource.CheckTransitiveMembershipRequest
Check a potential member for membership in a group. Note: This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. If the account of the member is not one of these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. A member has membership to a group as long as there is a single viewable transitive membership between the group and the member. The actor must have view permissions to at least one transitive membership between the member and group.
GroupsResource.MembershipsResource.CreateRequest
Creates a Membership
.
GroupsResource.MembershipsResource.DeleteRequest
Deletes a Membership
.
GroupsResource.MembershipsResource.GetMembershipGraphRequest
Get a membership graph of just a member or both a member and a group. Note: This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. If the account of the member is not one of these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. Given a member, the response will contain all membership paths from the member. Given both a group and a member, the response will contain all membership paths between the group and the member.
GroupsResource.MembershipsResource.GetRequest
Retrieves a Membership
.
GroupsResource.MembershipsResource.ListRequest
Lists the Membership
s within a Group
.
GroupsResource.MembershipsResource.LookupRequest
Looks up the resource name of a Membership
by
its EntityKey
.
GroupsResource.MembershipsResource.ModifyMembershipRolesRequest
Modifies the MembershipRole
s of a Membership
.
GroupsResource.MembershipsResource.SearchDirectGroupsRequest
Searches direct groups of a member.
GroupsResource.MembershipsResource.SearchTransitiveGroupsRequest
Search transitive groups of a member. Note: This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. If the account of the member is not one of these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. A transitive group is any group that has a direct or indirect membership to the member. Actor must have view permissions all transitive groups.
GroupsResource.MembershipsResource.SearchTransitiveMembershipsRequest
Search transitive memberships of a group. Note: This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. If the account of the group is not one of these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. A transitive membership is any direct or indirect membership of a group. Actor must have view permissions to all transitive memberships.
GroupsResource.PatchRequest
Updates a Group
.
GroupsResource.SearchRequest
Searches for Group
resources matching a specified query.
GroupsResource.UpdateSecuritySettingsRequest
Update Security Settings
InboundSamlSsoProfilesResource
The "inboundSamlSsoProfiles" collection of methods.
InboundSamlSsoProfilesResource.CreateRequest
Creates an InboundSamlSsoProfile for a customer. When the target customer has enabled Multi-party approval
for sensitive actions, the Operation
in the response will
have "done": false
, it will not have a response, and the metadata will have "state": "awaiting-multi-party-approval"
.
InboundSamlSsoProfilesResource.DeleteRequest
Deletes an InboundSamlSsoProfile.
InboundSamlSsoProfilesResource.GetRequest
Gets an InboundSamlSsoProfile.
InboundSamlSsoProfilesResource.IdpCredentialsResource
The "idpCredentials" collection of methods.
InboundSamlSsoProfilesResource.IdpCredentialsResource.AddRequest
Adds an IdpCredential. Up to 2 credentials are allowed. When the target customer has enabled
Multi-party approval for sensitive actions, the
Operation
in the response will have "done": false
, it will not have a response, and the metadata
will have "state": "awaiting-multi-party-approval"
.
InboundSamlSsoProfilesResource.IdpCredentialsResource.DeleteRequest
Deletes an IdpCredential.
InboundSamlSsoProfilesResource.IdpCredentialsResource.GetRequest
Gets an IdpCredential.
InboundSamlSsoProfilesResource.IdpCredentialsResource.ListRequest
Returns a list of IdpCredentials in an InboundSamlSsoProfile.
InboundSamlSsoProfilesResource.ListRequest
Lists InboundSamlSsoProfiles for a customer.
InboundSamlSsoProfilesResource.PatchRequest
Updates an InboundSamlSsoProfile. When the target customer has enabled Multi-party approval for sensitive
actions, the Operation
in the response will have "done": false
, it will not have a response, and the metadata will have "state": "awaiting-multi-party-approval"
.
InboundSsoAssignmentsResource
The "inboundSsoAssignments" collection of methods.
InboundSsoAssignmentsResource.CreateRequest
Creates an InboundSsoAssignment for users and devices in a Customer
under a given Group
or OrgUnit
.
InboundSsoAssignmentsResource.DeleteRequest
Deletes an InboundSsoAssignment. To disable SSO, Create (or Update) an assignment that has sso_mode
==
SSO_OFF
.
InboundSsoAssignmentsResource.GetRequest
Gets an InboundSsoAssignment.
InboundSsoAssignmentsResource.ListRequest
Lists the InboundSsoAssignments for a Customer
.
InboundSsoAssignmentsResource.PatchRequest
Updates an InboundSsoAssignment. The body of this request is the inbound_sso_assignment
field and the
update_mask
is relative to that. For example: a PATCH to
/v1/inboundSsoAssignments/0abcdefg1234567&update_mask=rank
with a body of { "rank": 1 }
moves
that (presumably group-targeted) SSO assignment to the highest priority and shifts any other group-targeted
assignments down in priority.
Enums
CloudIdentityBaseServiceRequest<TResponse>.AltEnum
Data format for response.
CloudIdentityBaseServiceRequest<TResponse>.XgafvEnum
V1 error format.
DevicesResource.ListRequest.ViewEnum
Optional. The view to use for the List request.
GroupsResource.CreateRequest.InitialGroupConfigEnum
Optional. The initial configuration option for the Group
.
GroupsResource.ListRequest.ViewEnum
The level of detail to be returned. If unspecified, defaults to View.BASIC
.
GroupsResource.MembershipsResource.ListRequest.ViewEnum
The level of detail to be returned. If unspecified, defaults to View.BASIC
.
GroupsResource.SearchRequest.ViewEnum
The level of detail to be returned. If unspecified, defaults to View.BASIC
.