APIs and reference
General API reference documentation
REST API reference documentation
RPC API reference documentation
IAM Conditions reference documentation
Conditions reference documentation
Roles and permissions reference documentation
Other reference documentation
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],[],[[["\u003cp\u003eThis page provides comprehensive API reference documentation for Identity and Access Management (IAM), covering authentication, request retries, and client library usage.\u003c/p\u003e\n"],["\u003cp\u003eThe REST API section allows for managing roles, permissions, service accounts, keys, just-in-time role grants, token exchanges, and service account credentials.\u003c/p\u003e\n"],["\u003cp\u003eThe RPC API documentation details how to manage roles, permissions, service accounts, and keys, including just-in-time role grant management.\u003c/p\u003e\n"],["\u003cp\u003eThe IAM Conditions reference explains how to conditionally grant or deny access using various attributes, including access to specific Google Cloud resources.\u003c/p\u003e\n"],["\u003cp\u003eAdditional documentation covers basic and predefined roles, resource names, identity federation, permissions, principal identifiers, service agents, and supported resource types.\u003c/p\u003e\n"]]],[],null,["# APIs and reference\n\nGeneral API reference documentation\n-----------------------------------\n\n- [### Authenticate to IAM\n Authenticate to IAM programmatically so that you can access\n the IAM API.](/iam/docs/authentication)\n- [### Retry failed requests\n Find out how to retry failed requests to the IAM API.](/iam/docs/retry-strategy)\n- [### Client libraries\n Use a client library to integrate your application with\n IAM.](/iam/docs/reference/libraries)\n- [### `gcloud iam` commands\n Use the `gcloud iam` commands to work with IAM\nfrom the command line.](/sdk/gcloud/reference/iam) \n\nREST API reference documentation\n--------------------------------\n\n- [### IAM REST API\n Manage roles and permissions, and manage your service accounts and keys,\n with the REST API.](/iam/docs/reference/rest)\n- [### Privileged Access Manager REST API\n Manage just-in-time temporary role grants with the REST API.](/iam/docs/reference/pam/rest)\n- [### Security Token Service REST API\n Exchange access tokens.](/iam/docs/reference/sts/rest)\n- [### Service Account Credentials REST API\nCreate short-lived, limited-privilege credentials for service accounts.](/iam/docs/reference/credentials/rest) \n\nRPC API reference documentation\n-------------------------------\n\n- [### IAM RPC API\n Manage roles and permissions, and manage your service accounts and keys,\n with the RPC API.](/iam/docs/reference/rpc)\n- [### Privileged Access Manager RPC API\nManage just-in-time temporary role grants with the RPC API.](/iam/docs/reference/pam/rpc) \n\nIAM Conditions reference documentation\n--------------------------------------\n\n- [### Conditions attribute reference\n Learn about attributes that you can use to conditionally grant or deny\n access.](/iam/docs/conditions-attribute-reference)\n- [### Conditions resource attribute value reference\n Grant access to specific Google Cloud services, resource types, and\n resource names.](/iam/docs/conditions-resource-attributes)\n- [### Services that allow conditional role bindings\n Find out which resource types let you add conditional role bindings to their\nallow policies.](/iam/docs/resource-types-with-conditional-roles) \n\nConditions reference documentation\n----------------------------------\n\n- [### Conditions attribute reference\n Learn about attributes that you can use to conditionally grant or deny\n access.](/iam/docs/conditions-attribute-reference)\n- [### Conditions resource attribute value reference\n Grant access to specific Google Cloud services, resource types, and\n resource names.](/iam/docs/conditions-resource-attributes)\n- [### Services that allow conditional role bindings\n Find out which resource types let you add conditional role bindings to their\nallow policies.](/iam/docs/resource-types-with-conditional-roles) \n\nRoles and permissions reference documentation\n---------------------------------------------\n\n- [### Roles and permissions index\n Filter and browse the available IAM roles and permissions for\nall Google Cloud services.](/iam/docs/roles-permissions) \n\nOther reference documentation\n-----------------------------\n\n- [### Basic and predefined roles reference\n View IAM basic roles, as well as a complete list of\n IAM predefined roles and the permissions they contain.](/iam/docs/understanding-roles)\n- [### Full resource names\n Understand the format that IAM uses to identify another\n service's resources.](/iam/docs/full-resource-names)\n- [### Identity federation: supported products and limitations\n Lists Google Cloud products that work with workforce identity\n federation, and provides associated product limitations.](/iam/docs/federated-identity-supported-services)\n- [### Permissions reference\n View a complete list of IAM permissions and the roles\n that grant them.](/iam/docs/permissions-reference)\n- [### Permissions supported in deny policies\n Learn which IAM permissions you can use in deny policies.](/iam/docs/deny-permissions-support)\n- [### Permissions that principal access boundary policies can block\n Learn which IAM permissions each version of principal access boundary\n policies can block.](/iam/docs/pab-blocked-permissions)\n- [### Principal identifiers\n Understand the identifiers that you use when listing principals in allow\n policies and deny policies.](/iam/docs/principal-identifiers)\n- [### Resource types that accept allow policies\n Learn which resource types accept allow policies.](/iam/docs/resource-types-with-policies)\n- [### Resource types with built-in identities\n Learn which resource have built-in identities and what the principal\n identifiers for those built-in identities are.](/iam/docs/resources-with-built-in-identities)\n- [### Service agents\n Get details about the service accounts that Google Cloud services use\n to access your resources.](/iam/docs/service-agents)\n- [### Support levels for permissions in custom roles\n Learn which IAM permissions you can use in custom roles.](/iam/docs/custom-roles-permissions-support)"]]
