v1

package
v0.89.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 12, 2025 License: Apache-2.0 Imports: 24 Imported by: 6

Documentation

Overview

Package v1 contains the API of Identity & Access Management services.

Package v1 is a reverse proxy.

It translates gRPC into RESTful JSON APIs.

Index

Constants

View Source 
const (
	// EducationalRoleStudent constant for student role at educational institute
	EducationalRoleStudent = "student"
	// EducationalRoleTeacher constant for teacher role at educational institute
	EducationalRoleTeacher = "teacher"
	// EducationalRoleOther constant for role other than student / teacher at educational institute
	EducationalRoleOther = "other"
)
View Source 
const (

	// EventTypeGroupCreated is the type of event fired after a group has been created
	// SubjectID contains the ID of the group.
	EventTypeGroupCreated = "iam.group.created"
	// EventTypeGroupUpdated is the type of event fired after a group has been updated
	// SubjectID contains the ID of the group.
	EventTypeGroupUpdated = "iam.group.updated"
	// EventTypeGroupDeleted is the type of event fired after a group has been (marked for) deleted
	// SubjectID contains the ID of the group.
	EventTypeGroupDeleted = "iam.group.deleted"

	// EventTypeGroupMemberAdded is the type of event fired after a member has been added to a group.
	// SubjectID contains the ID of the added member.
	EventTypeGroupMemberAdded = "iam.group-member.added"
	// EventTypeGroupMemberRemoved is the type of event fired after a member has been removed from a group.
	// SubjectID contains the ID of the removed member.
	EventTypeGroupMemberRemoved = "iam.group-member.removed"
)
View Source 
const (

	// EventTypeRoleCreated is the type of event fired after a (custom) role has been created
	// SubjectID contains the ID of the role.
	EventTypeRoleCreated = "iam.role.created"
	// EventTypeRoleUpdated is the type of event fired after a (custom) role has been updated
	// SubjectID contains the ID of the role.
	EventTypeRoleUpdated = "iam.role.updated"
	// EventTypeRoleDeleted is the type of event fired after a (custom) role has been (marked for) deleted
	// SubjectID contains the ID of the role.
	EventTypeRoleDeleted = "iam.role.deleted"
)
View Source 
const (

	// EventTypeAPIKeyCreated is the type of event fired after an API key has been created.
	// SubjectID contains the ID of the api key.
	EventTypeAPIKeyCreated = "iam.apikey.created"
	// EventTypeAPIKeyRevoked is the type of event fired after an API key has been revoked.
	// SubjectID contains the ID of the api key.
	EventTypeAPIKeyRevoked = "iam.apikey.revoked"
	// EventTypeAPIKeyDeleted is the type of event fired after an API key has been deleted.
	// SubjectID contains the ID of the api key.
	EventTypeAPIKeyDeleted = "iam.apikey.deleted"
)
View Source 
const (

	// PermissionGroupList is needed for listing groups in an organization
	PermissionGroupList = "iam.group.list"
	// PermissionGroupGet is needed for fetching an individual group in an organization
	PermissionGroupGet = "iam.group.get"
	// PermissionGroupCreate is needed for create a group in an organization
	PermissionGroupCreate = "iam.group.create"
	// PermissionGroupUpdate is needed for updating a group in an organization
	PermissionGroupUpdate = "iam.group.update"
	// PermissionGroupDelete is needed for deleting a group in an organization
	PermissionGroupDelete = "iam.group.delete"
)
View Source 
const (

	// PermissionRoleList is needed for listing roles in an organization
	PermissionRoleList = "iam.role.list"
	// PermissionRoleGet is needed for fetching an individual role in an organization
	PermissionRoleGet = "iam.role.get"
	// PermissionRoleCreate is needed for create a role in an organization
	PermissionRoleCreate = "iam.role.create"
	// PermissionRoleUpdate is needed for updating a role in an organization
	PermissionRoleUpdate = "iam.role.update"
	// PermissionRoleDelete is needed for deleting a role in an organization
	PermissionRoleDelete = "iam.role.delete"
)
View Source 
const (

	// PermissionPolicyGet is needed for fetching an individual policy on a resource
	PermissionPolicyGet = "iam.policy.get"
	// PermissionPolicyUpdate is needed for updating a policy on a resource
	PermissionPolicyUpdate = "iam.policy.update"
)
View Source 
const (

	// PermissionUserGetPersonalData is needed for fetching a personal data such as
	// mobile phone number for a user that is not the currently authenticated user.
	PermissionUserGetPersonalData = "iam.user.get-personal-data"
	// PermissionUserUpdate is needed to update the data of a user (other
	// than the currently authenticated user).
	PermissionUserUpdate = "iam.user.update"
)
View Source 
const (
	// KindGroup is a constants for the kind of Group resources.
	KindGroup = "Group"
	// KindRole is a constants for the kind of Role resources.
	KindRole = "Role"
	// KindAPIKey is a constants for the kind of APIKey resources.
	KindAPIKey = "APIKey"
	// KindUser is a constants for the kind of User resources.
	KindUser = "User"
)
View Source 
const (
	// APIID contains identifier of this API
	APIID = "iam/v1"
	// APIMajorVersion contains major version of this API
	APIMajorVersion = 1
	// APIMinorVersion contains minor version of this API
	APIMinorVersion = 3
	// APIPatchVersion contains patch version of this API
	APIPatchVersion = 0
)
View Source 
const (

	// EventTypePolicyUpdated is the type of event fired after a policy has been updated
	// SubjectID contains the URL of the policy.
	EventTypePolicyUpdated = "iam.policy.updated"
)

Variables

View Source 
var File_iam_proto protoreflect.FileDescriptor

Functions

func APIKeyURL 

func APIKeyURL(userID, apiKeyID string) string

APIKeyURL creates a resource URL for the APIKey with given ID in given context.

func CreateMemberIDFromGroup 

func CreateMemberIDFromGroup(group *Group) string

CreateMemberIDFromGroup creates a member ID from the given group.

func CreateMemberIDFromGroupID 

func CreateMemberIDFromGroupID(groupID string) string

CreateMemberIDFromGroupID creates a member ID from the given group ID.

func CreateMemberIDFromUser 

func CreateMemberIDFromUser(user *User) string

CreateMemberIDFromUser creates a member ID from the given user.

func CreateMemberIDFromUserID 

func CreateMemberIDFromUserID(userID string) string

CreateMemberIDFromUserID creates a member ID from the given user ID.

func ForEachAPIKey 

func ForEachAPIKey(ctx context.Context, listFunc func(ctx context.Context, req *common.ListOptions) (*APIKeyList, error),
	opts *common.ListOptions, cb APIKeyCallback) error

ForEachAPIKey iterates over all API keys of the authenticated user, invoking the given callback for each key.

func ForEachGroup 

func ForEachGroup(ctx context.Context, listFunc func(ctx context.Context, req *common.ListOptions) (*GroupList, error),
	opts *common.ListOptions, cb GroupCallback) error

ForEachGroup iterates over all groups in an organization identified by given context ID, invoking the given callback for each group.

func ForEachGroupMember 

func ForEachGroupMember(ctx context.Context, listFunc func(ctx context.Context, req *common.ListOptions) (*GroupMemberList, error),
	opts *common.ListOptions, cb GroupMemberCallback) error

ForEachGroupMember iterates over all members in the group identified by given context ID, invoking the given callback for each group member ID.

func ForEachRole 

func ForEachRole(ctx context.Context, listFunc func(ctx context.Context, req *common.ListOptions) (*RoleList, error),
	opts *common.ListOptions, cb RoleCallback) error

ForEachRole iterates over all roles in an organization identified by given context ID, invoking the given callback for each role.

func GroupURL 

func GroupURL(organizationID, groupID string) string

GroupURL creates a resource URL for the Group with given ID in given context.

func RegisterIAMServiceHandler 

func RegisterIAMServiceHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error

RegisterIAMServiceHandler registers the http handlers for service IAMService to "mux". The handlers forward requests to the grpc endpoint over "conn".

func RegisterIAMServiceHandlerClient 

func RegisterIAMServiceHandlerClient(ctx context.Context, mux *runtime.ServeMux, client IAMServiceClient) error

RegisterIAMServiceHandlerClient registers the http handlers for service IAMService to "mux". The handlers forward requests to the grpc endpoint over the given implementation of "IAMServiceClient". Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "IAMServiceClient" doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in "IAMServiceClient" to call the correct interceptors.

func RegisterIAMServiceHandlerFromEndpoint 

func RegisterIAMServiceHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)

RegisterIAMServiceHandlerFromEndpoint is same as RegisterIAMServiceHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.

func RegisterIAMServiceHandlerServer 

func RegisterIAMServiceHandlerServer(ctx context.Context, mux *runtime.ServeMux, server IAMServiceServer) error

RegisterIAMServiceHandlerServer registers the http handlers for service IAMService to "mux". UnaryRPC :call IAMServiceServer directly. StreamingRPC :currently unsupported pending https://github.com/grpc/grpc-go/issues/906. Note that using this registration option will cause many gRPC library features to stop working. Consider using RegisterIAMServiceHandlerFromEndpoint instead.

func RegisterIAMServiceServer 

func RegisterIAMServiceServer(s *grpc.Server, srv IAMServiceServer)

func RoleURL 

func RoleURL(organizationID, roleID string) string

RoleURL creates a resource URL for the Role with given ID in given context.

func UserURL 

func UserURL(userID string) string

UserURL creates a resource URL for the User with given ID.

Types

type APIKey 

type APIKey struct {

	// Identifier of this key
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// URL of this key.
	Url string `protobuf:"bytes,2,opt,name=url,proto3" json:"url,omitempty"`
	// User represented by this key
	UserId string `protobuf:"bytes,3,opt,name=user_id,json=userId,proto3" json:"user_id,omitempty"`
	// If set, this key only grants access to this organization.
	OrganizationId string `protobuf:"bytes,4,opt,name=organization_id,json=organizationId,proto3" json:"organization_id,omitempty"`
	// If set, this key only grants access to read-only API's (List..., Get...)
	IsReadonly bool `protobuf:"varint,5,opt,name=is_readonly,json=isReadonly,proto3" json:"is_readonly,omitempty"`
	// The creation timestamp of the key
	CreatedAt *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
	// The expiration timestamp of the key
	ExpiresAt *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"`
	// Set when this key is expired.
	IsExpired bool `protobuf:"varint,8,opt,name=is_expired,json=isExpired,proto3" json:"is_expired,omitempty"`
	// The revocation timestamp of the key (if any)
	RevokedAt *timestamppb.Timestamp `protobuf:"bytes,9,opt,name=revoked_at,json=revokedAt,proto3" json:"revoked_at,omitempty"`
	// Set when this key is explicitly revoked.
	IsRevoked bool `protobuf:"varint,10,opt,name=is_revoked,json=isRevoked,proto3" json:"is_revoked,omitempty"`
	// contains filtered or unexported fields
}

API Keys are authentication "keys" intended to be used for scripting.

func (*APIKey) Descriptor deprecated 

func (*APIKey) Descriptor() ([]byte, []int)

Deprecated: Use APIKey.ProtoReflect.Descriptor instead.

func (*APIKey) GetCreatedAt 

func (x *APIKey) GetCreatedAt() *timestamppb.Timestamp

func (*APIKey) GetExpiresAt 

func (x *APIKey) GetExpiresAt() *timestamppb.Timestamp

func (*APIKey) GetId 

func (x *APIKey) GetId() string

func (*APIKey) GetIsExpired 

func (x *APIKey) GetIsExpired() bool

func (*APIKey) GetIsReadonly 

func (x *APIKey) GetIsReadonly() bool

func (*APIKey) GetIsRevoked 

func (x *APIKey) GetIsRevoked() bool

func (*APIKey) GetOrganizationId 

func (x *APIKey) GetOrganizationId() string

func (*APIKey) GetRevokedAt 

func (x *APIKey) GetRevokedAt() *timestamppb.Timestamp

func (*APIKey) GetUrl 

func (x *APIKey) GetUrl() string

func (*APIKey) GetUserId 

func (x *APIKey) GetUserId() string

func (*APIKey) ProtoMessage 

func (*APIKey) ProtoMessage()

func (*APIKey) ProtoReflect added in v0.89.0 

func (x *APIKey) ProtoReflect() protoreflect.Message

func (*APIKey) Reset 

func (x *APIKey) Reset()

func (*APIKey) String 

func (x *APIKey) String() string

type APIKeyCallback 

type APIKeyCallback func(context.Context, *APIKey) error

APIKeyCallback is a callback for individual API key.

type APIKeyList 

type APIKeyList struct {
	Items []*APIKey `protobuf:"bytes,1,rep,name=items,proto3" json:"items,omitempty"`
	// contains filtered or unexported fields
}

List of APIKey's

func (*APIKeyList) Descriptor deprecated 

func (*APIKeyList) Descriptor() ([]byte, []int)

Deprecated: Use APIKeyList.ProtoReflect.Descriptor instead.

func (*APIKeyList) GetItems 

func (x *APIKeyList) GetItems() []*APIKey

func (*APIKeyList) ProtoMessage 

func (*APIKeyList) ProtoMessage()

func (*APIKeyList) ProtoReflect added in v0.89.0 

func (x *APIKeyList) ProtoReflect() protoreflect.Message

func (*APIKeyList) Reset 

func (x *APIKeyList) Reset()

func (*APIKeyList) String 

func (x *APIKeyList) String() string

type APIKeySecret 

type APIKeySecret struct {

	// ID of the API key
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// Secret of the API key
	Secret string `protobuf:"bytes,2,opt,name=secret,proto3" json:"secret,omitempty"`
	// contains filtered or unexported fields
}

API key secrets are used once to inform the users of the secret for an API key.

func (*APIKeySecret) Descriptor deprecated 

func (*APIKeySecret) Descriptor() ([]byte, []int)

Deprecated: Use APIKeySecret.ProtoReflect.Descriptor instead.

func (*APIKeySecret) GetId 

func (x *APIKeySecret) GetId() string

func (*APIKeySecret) GetSecret 

func (x *APIKeySecret) GetSecret() string

func (*APIKeySecret) ProtoMessage 

func (*APIKeySecret) ProtoMessage()

func (*APIKeySecret) ProtoReflect added in v0.89.0 

func (x *APIKeySecret) ProtoReflect() protoreflect.Message

func (*APIKeySecret) Reset 

func (x *APIKeySecret) Reset()

func (*APIKeySecret) String 

func (x *APIKeySecret) String() string

type AuthenticateAPIKeyRequest 

type AuthenticateAPIKeyRequest struct {

	// API key id
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// Secret of the API key
	Secret string `protobuf:"bytes,2,opt,name=secret,proto3" json:"secret,omitempty"`
	// Life time of the token.
	// If set, then this TTL is used reduce the default TTL
	// of an authentication token. It cannot be used to increase the default
	// lifetime of a token.
	TimeToLive *durationpb.Duration `protobuf:"bytes,3,opt,name=time_to_live,json=timeToLive,proto3" json:"time_to_live,omitempty"`
	// contains filtered or unexported fields
}

Request arguments for AuthenticateAPIKey

func (*AuthenticateAPIKeyRequest) Descriptor deprecated 

func (*AuthenticateAPIKeyRequest) Descriptor() ([]byte, []int)

Deprecated: Use AuthenticateAPIKeyRequest.ProtoReflect.Descriptor instead.

func (*AuthenticateAPIKeyRequest) GetId 

func (x *AuthenticateAPIKeyRequest) GetId() string

func (*AuthenticateAPIKeyRequest) GetSecret 

func (x *AuthenticateAPIKeyRequest) GetSecret() string

func (*AuthenticateAPIKeyRequest) GetTimeToLive 

func (x *AuthenticateAPIKeyRequest) GetTimeToLive() *durationpb.Duration

func (*AuthenticateAPIKeyRequest) ProtoMessage 

func (*AuthenticateAPIKeyRequest) ProtoMessage()

func (*AuthenticateAPIKeyRequest) ProtoReflect added in v0.89.0 

func (x *AuthenticateAPIKeyRequest) ProtoReflect() protoreflect.Message

func (*AuthenticateAPIKeyRequest) Reset 

func (x *AuthenticateAPIKeyRequest) Reset()

func (*AuthenticateAPIKeyRequest) String 

func (x *AuthenticateAPIKeyRequest) String() string

type AuthenticateAPIKeyResponse 

type AuthenticateAPIKeyResponse struct {

	// Bearer token
	Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
	// Actual life time of the token.
	TimeToLive *durationpb.Duration `protobuf:"bytes,2,opt,name=time_to_live,json=timeToLive,proto3" json:"time_to_live,omitempty"`
	// contains filtered or unexported fields
}

Response for AuthenticateAPIKey

func (*AuthenticateAPIKeyResponse) Descriptor deprecated 

func (*AuthenticateAPIKeyResponse) Descriptor() ([]byte, []int)

Deprecated: Use AuthenticateAPIKeyResponse.ProtoReflect.Descriptor instead.

func (*AuthenticateAPIKeyResponse) GetTimeToLive 

func (x *AuthenticateAPIKeyResponse) GetTimeToLive() *durationpb.Duration

func (*AuthenticateAPIKeyResponse) GetToken 

func (x *AuthenticateAPIKeyResponse) GetToken() string

func (*AuthenticateAPIKeyResponse) ProtoMessage 

func (*AuthenticateAPIKeyResponse) ProtoMessage()

func (*AuthenticateAPIKeyResponse) ProtoReflect added in v0.89.0 

func (x *AuthenticateAPIKeyResponse) ProtoReflect() protoreflect.Message

func (*AuthenticateAPIKeyResponse) Reset 

func (x *AuthenticateAPIKeyResponse) Reset()

func (*AuthenticateAPIKeyResponse) String 

func (x *AuthenticateAPIKeyResponse) String() string

type CreateAPIKeyRequest 

type CreateAPIKeyRequest struct {

	// If set, the created key only grants access to this organization.
	OrganizationId string `protobuf:"bytes,1,opt,name=organization_id,json=organizationId,proto3" json:"organization_id,omitempty"`
	// If set, the created key only grants access to read-only API's (List..., Get...).
	// If not set, the created key grants access to all API's (that the user has access to).
	Readonly bool `protobuf:"varint,2,opt,name=readonly,proto3" json:"readonly,omitempty"`
	// Duration between now and the expiration date of the created key.
	// A value of 0 means that the API key will not expire.
	// You can still use RevokeAPIKey to revoke such API keys.
	TimeToLive *durationpb.Duration `protobuf:"bytes,3,opt,name=time_to_live,json=timeToLive,proto3" json:"time_to_live,omitempty"`
	// contains filtered or unexported fields
}

Request arguments for CreateAPIKey.

func (*CreateAPIKeyRequest) Descriptor deprecated 

func (*CreateAPIKeyRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateAPIKeyRequest.ProtoReflect.Descriptor instead.

func (*CreateAPIKeyRequest) GetOrganizationId 

func (x *CreateAPIKeyRequest) GetOrganizationId() string

func (*CreateAPIKeyRequest) GetReadonly 

func (x *CreateAPIKeyRequest) GetReadonly() bool

func (*CreateAPIKeyRequest) GetTimeToLive 

func (x *CreateAPIKeyRequest) GetTimeToLive() *durationpb.Duration

func (*CreateAPIKeyRequest) ProtoMessage 

func (*CreateAPIKeyRequest) ProtoMessage()

func (*CreateAPIKeyRequest) ProtoReflect added in v0.89.0 

func (x *CreateAPIKeyRequest) ProtoReflect() protoreflect.Message

func (*CreateAPIKeyRequest) Reset 

func (x *CreateAPIKeyRequest) Reset()

func (*CreateAPIKeyRequest) String 

func (x *CreateAPIKeyRequest) String() string

type GetMultipleEffectivePermissionsRequest added in v0.73.6 

type GetMultipleEffectivePermissionsRequest struct {

	// URLs of the resources to fetch.
	Urls []string `protobuf:"bytes,1,rep,name=urls,proto3" json:"urls,omitempty"`
	// contains filtered or unexported fields
}

Request arguments for GetMultipleEffectivePermissions

func (*GetMultipleEffectivePermissionsRequest) Descriptor deprecated added in v0.73.6 

func (*GetMultipleEffectivePermissionsRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetMultipleEffectivePermissionsRequest.ProtoReflect.Descriptor instead.

func (*GetMultipleEffectivePermissionsRequest) GetUrls added in v0.73.6 

func (x *GetMultipleEffectivePermissionsRequest) GetUrls() []string

func (*GetMultipleEffectivePermissionsRequest) ProtoMessage added in v0.73.6 

func (*GetMultipleEffectivePermissionsRequest) ProtoMessage()

func (*GetMultipleEffectivePermissionsRequest) ProtoReflect added in v0.89.0 

func (x *GetMultipleEffectivePermissionsRequest) ProtoReflect() protoreflect.Message

func (*GetMultipleEffectivePermissionsRequest) Reset added in v0.73.6 

func (x *GetMultipleEffectivePermissionsRequest) Reset()

func (*GetMultipleEffectivePermissionsRequest) String added in v0.73.6 

func (x *GetMultipleEffectivePermissionsRequest) String() string

type GetPolicyByFilterRequest added in v0.74.7 

type GetPolicyByFilterRequest struct {

	// URL of the resource to which this policy applies.
	// This field is required.
	ResourceUrl string `protobuf:"bytes,1,opt,name=resource_url,json=resourceUrl,proto3" json:"resource_url,omitempty"`
	// common listing options (context field is ignored)
	// used for pagination
	Options *v1.ListOptions `protobuf:"bytes,2,opt,name=options,proto3" json:"options,omitempty"`
	// Filter role bindings based on member identifier
	// Member ID is formatted as:
	// - user:<user_id>
	// - group:<group_id>
	// This field is optional.
	MemberId string `protobuf:"bytes,3,opt,name=member_id,json=memberId,proto3" json:"member_id,omitempty"`
	// Filter based on role identifier
	// This field is optional.
	RoleId string `protobuf:"bytes,4,opt,name=role_id,json=roleId,proto3" json:"role_id,omitempty"`
	// contains filtered or unexported fields
}

Request arguments for GetPolicyByFilter

func (*GetPolicyByFilterRequest) Descriptor deprecated added in v0.74.7 

func (*GetPolicyByFilterRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetPolicyByFilterRequest.ProtoReflect.Descriptor instead.

func (*GetPolicyByFilterRequest) GetMemberId added in v0.74.7 

func (x *GetPolicyByFilterRequest) GetMemberId() string

func (*GetPolicyByFilterRequest) GetOptions added in v0.74.7 

func (x *GetPolicyByFilterRequest) GetOptions() *v1.ListOptions

func (*GetPolicyByFilterRequest) GetResourceUrl added in v0.74.7 

func (x *GetPolicyByFilterRequest) GetResourceUrl() string

func (*GetPolicyByFilterRequest) GetRoleId added in v0.74.7 

func (x *GetPolicyByFilterRequest) GetRoleId() string

func (*GetPolicyByFilterRequest) ProtoMessage added in v0.74.7 

func (*GetPolicyByFilterRequest) ProtoMessage()

func (*GetPolicyByFilterRequest) ProtoReflect added in v0.89.0 

func (x *GetPolicyByFilterRequest) ProtoReflect() protoreflect.Message

func (*GetPolicyByFilterRequest) Reset added in v0.74.7 

func (x *GetPolicyByFilterRequest) Reset()

func (*GetPolicyByFilterRequest) String added in v0.74.7 

func (x *GetPolicyByFilterRequest) String() string

type Group 

type Group struct {

	// System identifier of the group.
	// This is a read-only value.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// Identifier of the organization that owns this group.
	OrganizationId string `protobuf:"bytes,2,opt,name=organization_id,json=organizationId,proto3" json:"organization_id,omitempty"`
	// Name of the group
	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
	// Description of the group
	Description string `protobuf:"bytes,4,opt,name=description,proto3" json:"description,omitempty"`
	// The creation timestamp of the group
	CreatedAt *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
	// The deletion timestamp of the group
	DeletedAt *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
	// Set when this organization is deleted.
	// This is a read-only value.
	IsDeleted bool `protobuf:"varint,7,opt,name=is_deleted,json=isDeleted,proto3" json:"is_deleted,omitempty"`
	// URL of this resource
	// This is a read-only value and cannot be initialized.
	Url string `protobuf:"bytes,8,opt,name=url,proto3" json:"url,omitempty"`
	// Set if this group is virtual and managed by the system.
	// This is a read-only value.
	IsVirtual bool `protobuf:"varint,9,opt,name=is_virtual,json=isVirtual,proto3" json:"is_virtual,omitempty"`
	// If set, new users are automatically added to this group.
	// If there are multiple default groups, new users are added to all of them.
	IsDefault bool `protobuf:"varint,10,opt,name=is_default,json=isDefault,proto3" json:"is_default,omitempty"`
	// contains filtered or unexported fields
}

Group of user accounts.

func (*Group) Descriptor deprecated 

func (*Group) Descriptor() ([]byte, []int)

Deprecated: Use Group.ProtoReflect.Descriptor instead.

func (*Group) GetCreatedAt 

func (x *Group) GetCreatedAt() *timestamppb.Timestamp

func (*Group) GetDeletedAt 

func (x *Group) GetDeletedAt() *timestamppb.Timestamp

func (*Group) GetDescription 

func (x *Group) GetDescription() string

func (*Group) GetId 

func (x *Group) GetId() string

func (*Group) GetIsDefault added in v0.79.29 

func (x *Group) GetIsDefault() bool

func (*Group) GetIsDeleted 

func (x *Group) GetIsDeleted() bool

func (*Group) GetIsVirtual 

func (x *Group) GetIsVirtual() bool

func (*Group) GetName 

func (x *Group) GetName() string

func (*Group) GetOrganizationId 

func (x *Group) GetOrganizationId() string

func (*Group) GetUrl 

func (x *Group) GetUrl() string

func (*Group) ProtoMessage 

func (*Group) ProtoMessage()

func (*Group) ProtoReflect added in v0.89.0 

func (x *Group) ProtoReflect() protoreflect.Message

func (*Group) Reset 

func (x *Group) Reset()

func (*Group) String 

func (x *Group) String() string

type GroupCallback 

type GroupCallback func(context.Context, *Group) error

GroupCallback is a callback for individual groups.

type GroupList 

type GroupList struct {
	Items []*Group `protobuf:"bytes,1,rep,name=items,proto3" json:"items,omitempty"`
	// contains filtered or unexported fields
}

List of groups.

func (*GroupList) Descriptor deprecated 

func (*GroupList) Descriptor() ([]byte, []int)

Deprecated: Use GroupList.ProtoReflect.Descriptor instead.

func (*GroupList) GetItems 

func (x *GroupList) GetItems() []*Group

func (*GroupList) ProtoMessage 

func (*GroupList) ProtoMessage()

func (*GroupList) ProtoReflect added in v0.89.0 

func (x *GroupList) ProtoReflect() protoreflect.Message

func (*GroupList) Reset 

func (x *GroupList) Reset()

func (*GroupList) String 

func (x *GroupList) String() string

type GroupMemberCallback 

type GroupMemberCallback func(context.Context, string) error

GroupMemberCallback is a callback for individual group member IDs.

type GroupMemberList 

type GroupMemberList struct {

	// List of ID's of users that are member of the group.
	Items []string `protobuf:"bytes,1,rep,name=items,proto3" json:"items,omitempty"`
	// List of users that are member of the group.
	Users []*User `protobuf:"bytes,2,rep,name=users,proto3" json:"users,omitempty"`
	// contains filtered or unexported fields
}

List of group members (user ID's)

func (*GroupMemberList) Descriptor deprecated 

func (*GroupMemberList) Descriptor() ([]byte, []int)

Deprecated: Use GroupMemberList.ProtoReflect.Descriptor instead.

func (*GroupMemberList) GetItems 

func (x *GroupMemberList) GetItems() []string

func (*GroupMemberList) GetUsers added in v0.63.8 

func (x *GroupMemberList) GetUsers() []*User

func (*GroupMemberList) ProtoMessage 

func (*GroupMemberList) ProtoMessage()

func (*GroupMemberList) ProtoReflect added in v0.89.0 

func (x *GroupMemberList) ProtoReflect() protoreflect.Message

func (*GroupMemberList) Reset 

func (x *GroupMemberList) Reset()

func (*GroupMemberList) String 

func (x *GroupMemberList) String() string

type GroupMembersRequest 

type GroupMembersRequest struct {

	// ID of the group to add/remove members to/from.
	GroupId string `protobuf:"bytes,1,opt,name=group_id,json=groupId,proto3" json:"group_id,omitempty"`
	// ID's of users to add/remove to/from the group.
	UserIds []string `protobuf:"bytes,2,rep,name=user_ids,json=userIds,proto3" json:"user_ids,omitempty"`
	// contains filtered or unexported fields
}

Request arguments for Add/DeleteGroupMembers.

func (*GroupMembersRequest) Descriptor deprecated 

func (*GroupMembersRequest) Descriptor() ([]byte, []int)

Deprecated: Use GroupMembersRequest.ProtoReflect.Descriptor instead.

func (*GroupMembersRequest) GetGroupId 

func (x *GroupMembersRequest) GetGroupId() string

func (*GroupMembersRequest) GetUserIds 

func (x *GroupMembersRequest) GetUserIds() []string

func (*GroupMembersRequest) ProtoMessage 

func (*GroupMembersRequest) ProtoMessage()

func (*GroupMembersRequest) ProtoReflect added in v0.89.0 

func (x *GroupMembersRequest) ProtoReflect() protoreflect.Message

func (*GroupMembersRequest) Reset 

func (x *GroupMembersRequest) Reset()

func (*GroupMembersRequest) String 

func (x *GroupMembersRequest) String() string

type HasPermissionsRequest 

type HasPermissionsRequest struct {

	// URL of the resource to query permissions for.
	Url string `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"`
	// The list of permissions that are required.
	Permissions []string `protobuf:"bytes,2,rep,name=permissions,proto3" json:"permissions,omitempty"`
	// contains filtered or unexported fields
}

Request arguments for HasPermissionsRequest.

func (*HasPermissionsRequest) Descriptor deprecated 

func (*HasPermissionsRequest) Descriptor() ([]byte, []int)

Deprecated: Use HasPermissionsRequest.ProtoReflect.Descriptor instead.

func (*HasPermissionsRequest) GetPermissions 

func (x *HasPermissionsRequest) GetPermissions() []string

func (*HasPermissionsRequest) GetUrl 

func (x *HasPermissionsRequest) GetUrl() string

func (*HasPermissionsRequest) ProtoMessage 

func (*HasPermissionsRequest) ProtoMessage()

func (*HasPermissionsRequest) ProtoReflect added in v0.89.0 

func (x *HasPermissionsRequest) ProtoReflect() protoreflect.Message

func (*HasPermissionsRequest) Reset 

func (x *HasPermissionsRequest) Reset()

func (*HasPermissionsRequest) String 

func (x *HasPermissionsRequest) String() string

type IAMServiceClient 

type IAMServiceClient interface {
	// Get the current API version of this service.
	// Required permissions:
	// - None
	GetAPIVersion(ctx context.Context, in *v1.Empty, opts ...grpc.CallOption) (*v1.Version, error)
	// Fetch all available information of the currently authenticated user.
	// Required permissions:
	// - None
	GetThisUser(ctx context.Context, in *v1.Empty, opts ...grpc.CallOption) (*User, error)
	// Fetch all available information of the user identified by the given ID.
	// Required permissions:
	// - resourcemanager.organization.get on one of the organizations that the requested user and authenticated user are both a member of
	GetUser(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*User, error)
	// Update a user
	// Required permissions:
	// - None if the given user is the authenticated user.
	// or
	// - resourcemanager.organization.get on one of the organizations that the requested user and authenticated user are both a member of and
	// - iam.user.update on organization on one of the organizations that the requested user and authenticated user are both a member of
	UpdateUser(ctx context.Context, in *User, opts ...grpc.CallOption) (*User, error)
	// Verify the mobile phone number of a user, by provided the unique
	// code that was send to the number.
	// If the code is valid an empty result is returned, otherwise an InvalidArgument error is returned.
	// The authenticated user is always the subject of this request.
	// Required permissions:
	// - None (since the subject is always the authenticated user).
	VerifyUserMobilePhone(ctx context.Context, in *VerifyUserMobilePhoneRequest, opts ...grpc.CallOption) (*v1.Empty, error)
	// Resend a verification code to the mobile phone number listed for the
	// authenticated user.
	// Required permissions:
	// - None (since the subject is always the authenticated user).
	ResendUserMobilePhoneVerification(ctx context.Context, in *v1.Empty, opts ...grpc.CallOption) (*v1.Empty, error)
	// Fetch all groups of the organization identified by the given context ID.
	// Required permissions:
	// - iam.group.list on organization identified by given context ID.
	ListGroups(ctx context.Context, in *v1.ListOptions, opts ...grpc.CallOption) (*GroupList, error)
	// Fetch a group by its id.
	// Required permissions:
	// - iam.group.get on organization that owns the group
	GetGroup(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*Group, error)
	// Create a group
	// Required permissions:
	// - iam.group.create on organization that owns the group
	CreateGroup(ctx context.Context, in *Group, opts ...grpc.CallOption) (*Group, error)
	// Update a group
	// Required permissions:
	// - iam.group.update on organization that owns the group
	UpdateGroup(ctx context.Context, in *Group, opts ...grpc.CallOption) (*Group, error)
	// Delete a group
	// Required permissions:
	// - iam.group.delete on organization that owns the group
	DeleteGroup(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*v1.Empty, error)
	// List of members of the group identified by the given context ID.
	// Required permissions:
	// - iam.group.get on organization that owns the group
	ListGroupMembers(ctx context.Context, in *v1.ListOptions, opts ...grpc.CallOption) (*GroupMemberList, error)
	// Add one or more members to the group identified by given ID.
	// Required permissions:
	// - iam.group.update on organization that owns the group
	AddGroupMembers(ctx context.Context, in *GroupMembersRequest, opts ...grpc.CallOption) (*v1.Empty, error)
	// Remove one or more members from the group identified by given ID.
	// Required permissions:
	// - iam.group.update on organization that owns the group
	DeleteGroupMembers(ctx context.Context, in *GroupMembersRequest, opts ...grpc.CallOption) (*v1.Empty, error)
	// Is the user identified by the given user ID a member of the group identified by the given group ID.
	// Required permissions:
	// - iam.group.get on organization that owns the group, unless the requested user is identical to the authenticated user.
	// Note that if the identified group does not exist, no is returned.
	IsMemberOfGroup(ctx context.Context, in *IsMemberOfGroupRequest, opts ...grpc.CallOption) (*v1.YesOrNo, error)
	// Fetch all roles in the organization identified by the given context ID.
	// Required permissions:
	// - iam.role.list on organization identified by given context ID.
	ListRoles(ctx context.Context, in *v1.ListOptions, opts ...grpc.CallOption) (*RoleList, error)
	// Fetch a role by its id.
	// Required permissions:
	// - iam.role.get on organization that owns the role
	GetRole(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*Role, error)
	// Create a custom role
	// Required permissions:
	// - iam.role.create on organization that owns the role
	CreateRole(ctx context.Context, in *Role, opts ...grpc.CallOption) (*Role, error)
	// Update a custom role
	// Required permissions:
	// - iam.role.update on organization that owns the role
	UpdateRole(ctx context.Context, in *Role, opts ...grpc.CallOption) (*Role, error)
	// Delete a custom role
	// Required permissions:
	// - iam.role.delete on organization that owns the role
	DeleteRole(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*v1.Empty, error)
	// Get the policy for a resource identified by given URL.
	// Required permissions:
	// - iam.policy.get on resource identified by the url
	GetPolicy(ctx context.Context, in *v1.URLOptions, opts ...grpc.CallOption) (*Policy, error)
	// Get the policies based on given filters.
	// Required permissions:
	// - iam.policy.get on resource identified by the url
	GetPolicyByFilter(ctx context.Context, in *GetPolicyByFilterRequest, opts ...grpc.CallOption) (*Policy, error)
	// Add one or more RoleBindings to the policy of a resource identified by given URL.
	// Required permissions:
	// - iam.policy.update on resource identified by the url
	AddRoleBindings(ctx context.Context, in *RoleBindingsRequest, opts ...grpc.CallOption) (*Policy, error)
	// Remove one or more RoleBindings from the policy of a resource identified by given URL.
	// Required permissions:
	// - iam.policy.update on resource identified by the url
	DeleteRoleBindings(ctx context.Context, in *RoleBindingsRequest, opts ...grpc.CallOption) (*Policy, error)
	// Return the list of permissions that are available to the currently authenticated
	// used for actions on the resource identified by the given URL.
	// Required permissions:
	// - None
	GetEffectivePermissions(ctx context.Context, in *v1.URLOptions, opts ...grpc.CallOption) (*PermissionList, error)
	// Return the lists of permissions that are available to the currently authenticated
	// used for actions on the resources identified by the given URLs.
	// This method can replace multiple GetEffectivePermissions calls into a single roundtrip.
	// Required permissions:
	// - None
	GetMultipleEffectivePermissions(ctx context.Context, in *GetMultipleEffectivePermissionsRequest, opts ...grpc.CallOption) (*MultiplePermissionLists, error)
	// Does the authenticated user have all of the requested permissions for the resource
	// identified by the given URL?
	// Required permissions:
	// - None
	HasPermissions(ctx context.Context, in *HasPermissionsRequest, opts ...grpc.CallOption) (*v1.YesOrNo, error)
	// List all known permissions.
	// Required permissions:
	// - None
	ListPermissions(ctx context.Context, in *v1.Empty, opts ...grpc.CallOption) (*PermissionList, error)
	// Fetch all API keys owned by the authenticated caller.
	// Required permissions:
	// - None
	ListAPIKeys(ctx context.Context, in *v1.ListOptions, opts ...grpc.CallOption) (*APIKeyList, error)
	// Fetch an API key by its id.
	// The API key must be owned by the authenticated caller.
	// Required permissions:
	// - None
	GetAPIKey(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*APIKey, error)
	// Create a new API key.
	// The API key will be owned by the authenticated caller.
	// Required permissions:
	// - None
	CreateAPIKey(ctx context.Context, in *CreateAPIKeyRequest, opts ...grpc.CallOption) (*APIKeySecret, error)
	// Ensure that the expiration date of the API key identified by given ID
	// is either in the past or set to now.
	// The API key must be owned by the authenticated caller.
	// Required permissions:
	// - None
	RevokeAPIKey(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*v1.Empty, error)
	// Delete the API key identified by given ID
	// The API key must be owned by the authenticated caller.
	// Required permissions:
	// - None
	DeleteAPIKey(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*v1.Empty, error)
	// Authenticate using an API key.
	// If authentication succeeds, this function returns a bearer token.
	// That token must be used to authenticate all other API requests.
	// If the given API key identifier is invalid or expired, or an incorrect secret
	// is given, this function will return an unauthenticated error.
	// Required permissions:
	// - None
	AuthenticateAPIKey(ctx context.Context, in *AuthenticateAPIKeyRequest, opts ...grpc.CallOption) (*AuthenticateAPIKeyResponse, error)
	// Renew a non-expired API key authentication token.
	// This allows to extend the lifetime of a token created by AuthenticateAPIKey.
	// If the given token is invalid or expired, or the underlying API key is expired
	// this function will return an unauthenticated error.
	// Required permissions:
	// - None
	RenewAPIKeyToken(ctx context.Context, in *RenewAPIKeyTokenRequest, opts ...grpc.CallOption) (*RenewAPIKeyTokenResponse, error)
	// Revoke an API key authentication token.
	// This function will return a non-error response, even if the given token
	// is invalid or already expired.
	// Required permissions:
	// - None
	RevokeAPIKeyToken(ctx context.Context, in *RevokeAPIKeyTokenRequest, opts ...grpc.CallOption) (*v1.Empty, error)
}

IAMServiceClient is the client API for IAMService service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewIAMServiceClient 

func NewIAMServiceClient(cc grpc.ClientConnInterface) IAMServiceClient

type IAMServiceServer 

type IAMServiceServer interface {
	// Get the current API version of this service.
	// Required permissions:
	// - None
	GetAPIVersion(context.Context, *v1.Empty) (*v1.Version, error)
	// Fetch all available information of the currently authenticated user.
	// Required permissions:
	// - None
	GetThisUser(context.Context, *v1.Empty) (*User, error)
	// Fetch all available information of the user identified by the given ID.
	// Required permissions:
	// - resourcemanager.organization.get on one of the organizations that the requested user and authenticated user are both a member of
	GetUser(context.Context, *v1.IDOptions) (*User, error)
	// Update a user
	// Required permissions:
	// - None if the given user is the authenticated user.
	// or
	// - resourcemanager.organization.get on one of the organizations that the requested user and authenticated user are both a member of and
	// - iam.user.update on organization on one of the organizations that the requested user and authenticated user are both a member of
	UpdateUser(context.Context, *User) (*User, error)
	// Verify the mobile phone number of a user, by provided the unique
	// code that was send to the number.
	// If the code is valid an empty result is returned, otherwise an InvalidArgument error is returned.
	// The authenticated user is always the subject of this request.
	// Required permissions:
	// - None (since the subject is always the authenticated user).
	VerifyUserMobilePhone(context.Context, *VerifyUserMobilePhoneRequest) (*v1.Empty, error)
	// Resend a verification code to the mobile phone number listed for the
	// authenticated user.
	// Required permissions:
	// - None (since the subject is always the authenticated user).
	ResendUserMobilePhoneVerification(context.Context, *v1.Empty) (*v1.Empty, error)
	// Fetch all groups of the organization identified by the given context ID.
	// Required permissions:
	// - iam.group.list on organization identified by given context ID.
	ListGroups(context.Context, *v1.ListOptions) (*GroupList, error)
	// Fetch a group by its id.
	// Required permissions:
	// - iam.group.get on organization that owns the group
	GetGroup(context.Context, *v1.IDOptions) (*Group, error)
	// Create a group
	// Required permissions:
	// - iam.group.create on organization that owns the group
	CreateGroup(context.Context, *Group) (*Group, error)
	// Update a group
	// Required permissions:
	// - iam.group.update on organization that owns the group
	UpdateGroup(context.Context, *Group) (*Group, error)
	// Delete a group
	// Required permissions:
	// - iam.group.delete on organization that owns the group
	DeleteGroup(context.Context, *v1.IDOptions) (*v1.Empty, error)
	// List of members of the group identified by the given context ID.
	// Required permissions:
	// - iam.group.get on organization that owns the group
	ListGroupMembers(context.Context, *v1.ListOptions) (*GroupMemberList, error)
	// Add one or more members to the group identified by given ID.
	// Required permissions:
	// - iam.group.update on organization that owns the group
	AddGroupMembers(context.Context, *GroupMembersRequest) (*v1.Empty, error)
	// Remove one or more members from the group identified by given ID.
	// Required permissions:
	// - iam.group.update on organization that owns the group
	DeleteGroupMembers(context.Context, *GroupMembersRequest) (*v1.Empty, error)
	// Is the user identified by the given user ID a member of the group identified by the given group ID.
	// Required permissions:
	// - iam.group.get on organization that owns the group, unless the requested user is identical to the authenticated user.
	// Note that if the identified group does not exist, no is returned.
	IsMemberOfGroup(context.Context, *IsMemberOfGroupRequest) (*v1.YesOrNo, error)
	// Fetch all roles in the organization identified by the given context ID.
	// Required permissions:
	// - iam.role.list on organization identified by given context ID.
	ListRoles(context.Context, *v1.ListOptions) (*RoleList, error)
	// Fetch a role by its id.
	// Required permissions:
	// - iam.role.get on organization that owns the role
	GetRole(context.Context, *v1.IDOptions) (*Role, error)
	// Create a custom role
	// Required permissions:
	// - iam.role.create on organization that owns the role
	CreateRole(context.Context, *Role) (*Role, error)
	// Update a custom role
	// Required permissions:
	// - iam.role.update on organization that owns the role
	UpdateRole(context.Context, *Role) (*Role, error)
	// Delete a custom role
	// Required permissions:
	// - iam.role.delete on organization that owns the role
	DeleteRole(context.Context, *v1.IDOptions) (*v1.Empty, error)
	// Get the policy for a resource identified by given URL.
	// Required permissions:
	// - iam.policy.get on resource identified by the url
	GetPolicy(context.Context, *v1.URLOptions) (*Policy, error)
	// Get the policies based on given filters.
	// Required permissions:
	// - iam.policy.get on resource identified by the url
	GetPolicyByFilter(context.Context, *GetPolicyByFilterRequest) (*Policy, error)
	// Add one or more RoleBindings to the policy of a resource identified by given URL.
	// Required permissions:
	// - iam.policy.update on resource identified by the url
	AddRoleBindings(context.Context, *RoleBindingsRequest) (*Policy, error)
	// Remove one or more RoleBindings from the policy of a resource identified by given URL.
	// Required permissions:
	// - iam.policy.update on resource identified by the url
	DeleteRoleBindings(context.Context, *RoleBindingsRequest) (*Policy, error)
	// Return the list of permissions that are available to the currently authenticated
	// used for actions on the resource identified by the given URL.
	// Required permissions:
	// - None
	GetEffectivePermissions(context.Context, *v1.URLOptions) (*PermissionList, error)
	// Return the lists of permissions that are available to the currently authenticated
	// used for actions on the resources identified by the given URLs.
	// This method can replace multiple GetEffectivePermissions calls into a single roundtrip.
	// Required permissions:
	// - None
	GetMultipleEffectivePermissions(context.Context, *GetMultipleEffectivePermissionsRequest) (*MultiplePermissionLists, error)
	// Does the authenticated user have all of the requested permissions for the resource
	// identified by the given URL?
	// Required permissions:
	// - None
	HasPermissions(context.Context, *HasPermissionsRequest) (*v1.YesOrNo, error)
	// List all known permissions.
	// Required permissions:
	// - None
	ListPermissions(context.Context, *v1.Empty) (*PermissionList, error)
	// Fetch all API keys owned by the authenticated caller.
	// Required permissions:
	// - None
	ListAPIKeys(context.Context, *v1.ListOptions) (*APIKeyList, error)
	// Fetch an API key by its id.
	// The API key must be owned by the authenticated caller.
	// Required permissions:
	// - None
	GetAPIKey(context.Context, *v1.IDOptions) (*APIKey, error)
	// Create a new API key.
	// The API key will be owned by the authenticated caller.
	// Required permissions:
	// - None
	CreateAPIKey(context.Context, *CreateAPIKeyRequest) (*APIKeySecret, error)
	// Ensure that the expiration date of the API key identified by given ID
	// is either in the past or set to now.
	// The API key must be owned by the authenticated caller.
	// Required permissions:
	// - None
	RevokeAPIKey(context.Context, *v1.IDOptions) (*v1.Empty, error)
	// Delete the API key identified by given ID
	// The API key must be owned by the authenticated caller.
	// Required permissions:
	// - None
	DeleteAPIKey(context.Context, *v1.IDOptions) (*v1.Empty, error)
	// Authenticate using an API key.
	// If authentication succeeds, this function returns a bearer token.
	// That token must be used to authenticate all other API requests.
	// If the given API key identifier is invalid or expired, or an incorrect secret
	// is given, this function will return an unauthenticated error.
	// Required permissions:
	// - None
	AuthenticateAPIKey(context.Context, *AuthenticateAPIKeyRequest) (*AuthenticateAPIKeyResponse, error)
	// Renew a non-expired API key authentication token.
	// This allows to extend the lifetime of a token created by AuthenticateAPIKey.
	// If the given token is invalid or expired, or the underlying API key is expired
	// this function will return an unauthenticated error.
	// Required permissions:
	// - None
	RenewAPIKeyToken(context.Context, *RenewAPIKeyTokenRequest) (*RenewAPIKeyTokenResponse, error)
	// Revoke an API key authentication token.
	// This function will return a non-error response, even if the given token
	// is invalid or already expired.
	// Required permissions:
	// - None
	RevokeAPIKeyToken(context.Context, *RevokeAPIKeyTokenRequest) (*v1.Empty, error)
}

IAMServiceServer is the server API for IAMService service.

type IsMemberOfGroupRequest 

type IsMemberOfGroupRequest struct {

	// Identifier of the user
	UserId string `protobuf:"bytes,1,opt,name=user_id,json=userId,proto3" json:"user_id,omitempty"`
	// Identifier of the group
	GroupId string `protobuf:"bytes,2,opt,name=group_id,json=groupId,proto3" json:"group_id,omitempty"`
	// contains filtered or unexported fields
}

Request arguments for IsMemberOfGroup.

func (*IsMemberOfGroupRequest) Descriptor deprecated 

func (*IsMemberOfGroupRequest) Descriptor() ([]byte, []int)

Deprecated: Use IsMemberOfGroupRequest.ProtoReflect.Descriptor instead.

func (*IsMemberOfGroupRequest) GetGroupId 

func (x *IsMemberOfGroupRequest) GetGroupId() string

func (*IsMemberOfGroupRequest) GetUserId 

func (x *IsMemberOfGroupRequest) GetUserId() string

func (*IsMemberOfGroupRequest) ProtoMessage 

func (*IsMemberOfGroupRequest) ProtoMessage()

func (*IsMemberOfGroupRequest) ProtoReflect added in v0.89.0 

func (x *IsMemberOfGroupRequest) ProtoReflect() protoreflect.Message

func (*IsMemberOfGroupRequest) Reset 

func (x *IsMemberOfGroupRequest) Reset()

func (*IsMemberOfGroupRequest) String 

func (x *IsMemberOfGroupRequest) String() string

type MultiplePermissionLists added in v0.73.6 

type MultiplePermissionLists struct {
	Items []*PermissionList `protobuf:"bytes,1,rep,name=items,proto3" json:"items,omitempty"`
	// contains filtered or unexported fields
}

Multiple Lists of permissions.

func (*MultiplePermissionLists) Descriptor deprecated added in v0.73.6 

func (*MultiplePermissionLists) Descriptor() ([]byte, []int)

Deprecated: Use MultiplePermissionLists.ProtoReflect.Descriptor instead.

func (*MultiplePermissionLists) GetItems added in v0.73.6 

func (x *MultiplePermissionLists) GetItems() []*PermissionList

func (*MultiplePermissionLists) ProtoMessage added in v0.73.6 

func (*MultiplePermissionLists) ProtoMessage()

func (*MultiplePermissionLists) ProtoReflect added in v0.89.0 

func (x *MultiplePermissionLists) ProtoReflect() protoreflect.Message

func (*MultiplePermissionLists) Reset added in v0.73.6 

func (x *MultiplePermissionLists) Reset()

func (*MultiplePermissionLists) String added in v0.73.6 

func (x *MultiplePermissionLists) String() string

type PermissionList 

type PermissionList struct {

	// The permissions
	Items []string `protobuf:"bytes,1,rep,name=items,proto3" json:"items,omitempty"`
	// URL of the resource (filled out when GetMultipleEffectivePermissions was called).
	Url string `protobuf:"bytes,2,opt,name=url,proto3" json:"url,omitempty"`
	// contains filtered or unexported fields
}

List of permissions.

func (*PermissionList) Descriptor deprecated 

func (*PermissionList) Descriptor() ([]byte, []int)

Deprecated: Use PermissionList.ProtoReflect.Descriptor instead.

func (*PermissionList) GetItems 

func (x *PermissionList) GetItems() []string

func (*PermissionList) GetUrl added in v0.73.6 

func (x *PermissionList) GetUrl() string

func (*PermissionList) ProtoMessage 

func (*PermissionList) ProtoMessage()

func (*PermissionList) ProtoReflect added in v0.89.0 

func (x *PermissionList) ProtoReflect() protoreflect.Message

func (*PermissionList) Reset 

func (x *PermissionList) Reset()

func (*PermissionList) String 

func (x *PermissionList) String() string

type Policy 

type Policy struct {

	// URL of the resource to which this policy applies.
	ResourceUrl string `protobuf:"bytes,1,opt,name=resource_url,json=resourceUrl,proto3" json:"resource_url,omitempty"`
	// Role bindings to apply to the resource.
	Bindings []*RoleBinding `protobuf:"bytes,2,rep,name=bindings,proto3" json:"bindings,omitempty"`
	// contains filtered or unexported fields
}

Policy bindings members to roles for access to a resource.

func (*Policy) Descriptor deprecated 

func (*Policy) Descriptor() ([]byte, []int)

Deprecated: Use Policy.ProtoReflect.Descriptor instead.

func (*Policy) GetBindings 

func (x *Policy) GetBindings() []*RoleBinding

func (*Policy) GetResourceUrl 

func (x *Policy) GetResourceUrl() string

func (*Policy) ProtoMessage 

func (*Policy) ProtoMessage()

func (*Policy) ProtoReflect added in v0.89.0 

func (x *Policy) ProtoReflect() protoreflect.Message

func (*Policy) Reset 

func (x *Policy) Reset()

func (*Policy) String 

func (x *Policy) String() string

type RenewAPIKeyTokenRequest 

type RenewAPIKeyTokenRequest struct {

	// Bearer token
	Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
	// Extended life time of the token.
	// By default, a renewed token will have a default lifetime from the moment
	// of the renew call.
	// If this field is set, then this TTL is used reduce the default TTL
	// of the renewed token. It cannot be used to increase the default
	// lifetime of the renewed token.
	TimeToLive *durationpb.Duration `protobuf:"bytes,2,opt,name=time_to_live,json=timeToLive,proto3" json:"time_to_live,omitempty"`
	// contains filtered or unexported fields
}

Request arguments for RenewAPIKeyToken.

func (*RenewAPIKeyTokenRequest) Descriptor deprecated 

func (*RenewAPIKeyTokenRequest) Descriptor() ([]byte, []int)

Deprecated: Use RenewAPIKeyTokenRequest.ProtoReflect.Descriptor instead.

func (*RenewAPIKeyTokenRequest) GetTimeToLive 

func (x *RenewAPIKeyTokenRequest) GetTimeToLive() *durationpb.Duration

func (*RenewAPIKeyTokenRequest) GetToken 

func (x *RenewAPIKeyTokenRequest) GetToken() string

func (*RenewAPIKeyTokenRequest) ProtoMessage 

func (*RenewAPIKeyTokenRequest) ProtoMessage()

func (*RenewAPIKeyTokenRequest) ProtoReflect added in v0.89.0 

func (x *RenewAPIKeyTokenRequest) ProtoReflect() protoreflect.Message

func (*RenewAPIKeyTokenRequest) Reset 

func (x *RenewAPIKeyTokenRequest) Reset()

func (*RenewAPIKeyTokenRequest) String 

func (x *RenewAPIKeyTokenRequest) String() string

type RenewAPIKeyTokenResponse 

type RenewAPIKeyTokenResponse struct {

	// Actual life time of the token.
	TimeToLive *durationpb.Duration `protobuf:"bytes,1,opt,name=time_to_live,json=timeToLive,proto3" json:"time_to_live,omitempty"`
	// contains filtered or unexported fields
}

Response for RenewAPIKeyToken.

func (*RenewAPIKeyTokenResponse) Descriptor deprecated 

func (*RenewAPIKeyTokenResponse) Descriptor() ([]byte, []int)

Deprecated: Use RenewAPIKeyTokenResponse.ProtoReflect.Descriptor instead.

func (*RenewAPIKeyTokenResponse) GetTimeToLive 

func (x *RenewAPIKeyTokenResponse) GetTimeToLive() *durationpb.Duration

func (*RenewAPIKeyTokenResponse) ProtoMessage 

func (*RenewAPIKeyTokenResponse) ProtoMessage()

func (*RenewAPIKeyTokenResponse) ProtoReflect added in v0.89.0 

func (x *RenewAPIKeyTokenResponse) ProtoReflect() protoreflect.Message

func (*RenewAPIKeyTokenResponse) Reset 

func (x *RenewAPIKeyTokenResponse) Reset()

func (*RenewAPIKeyTokenResponse) String 

func (x *RenewAPIKeyTokenResponse) String() string

type RevokeAPIKeyTokenRequest 

type RevokeAPIKeyTokenRequest struct {

	// Bearer token
	Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
	// contains filtered or unexported fields
}

Request arguments for RevokeAPIKeyToken.

func (*RevokeAPIKeyTokenRequest) Descriptor deprecated 

func (*RevokeAPIKeyTokenRequest) Descriptor() ([]byte, []int)

Deprecated: Use RevokeAPIKeyTokenRequest.ProtoReflect.Descriptor instead.

func (*RevokeAPIKeyTokenRequest) GetToken 

func (x *RevokeAPIKeyTokenRequest) GetToken() string

func (*RevokeAPIKeyTokenRequest) ProtoMessage 

func (*RevokeAPIKeyTokenRequest) ProtoMessage()

func (*RevokeAPIKeyTokenRequest) ProtoReflect added in v0.89.0 

func (x *RevokeAPIKeyTokenRequest) ProtoReflect() protoreflect.Message

func (*RevokeAPIKeyTokenRequest) Reset 

func (x *RevokeAPIKeyTokenRequest) Reset()

func (*RevokeAPIKeyTokenRequest) String 

func (x *RevokeAPIKeyTokenRequest) String() string

type Role 

type Role struct {

	// System identifier of the role.
	// This is a read-only value.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// Identifier of the organization that owns this role.
	// This value is undefined for predefined roles.
	OrganizationId string `protobuf:"bytes,2,opt,name=organization_id,json=organizationId,proto3" json:"organization_id,omitempty"`
	// Name of the role
	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
	// Description of the role
	Description string `protobuf:"bytes,4,opt,name=description,proto3" json:"description,omitempty"`
	// Permissions to grant when this role is bound.
	Permissions []string `protobuf:"bytes,5,rep,name=permissions,proto3" json:"permissions,omitempty"`
	// Set if this role is predefined.
	// This is a read-only value.
	IsPredefined bool `protobuf:"varint,6,opt,name=is_predefined,json=isPredefined,proto3" json:"is_predefined,omitempty"`
	// The creation timestamp of the role
	CreatedAt *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
	// The deletion timestamp of the role
	DeletedAt *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
	// Set when this organization is deleted.
	// This is a read-only value.
	IsDeleted bool `protobuf:"varint,9,opt,name=is_deleted,json=isDeleted,proto3" json:"is_deleted,omitempty"`
	// URL of this resource
	// This is a read-only value and cannot be initialized.
	Url string `protobuf:"bytes,10,opt,name=url,proto3" json:"url,omitempty"`
	// contains filtered or unexported fields
}

A role is a list of permissions. Roles can be bound to resources for members.

func (*Role) Descriptor deprecated 

func (*Role) Descriptor() ([]byte, []int)

Deprecated: Use Role.ProtoReflect.Descriptor instead.

func (*Role) GetCreatedAt 

func (x *Role) GetCreatedAt() *timestamppb.Timestamp

func (*Role) GetDeletedAt 

func (x *Role) GetDeletedAt() *timestamppb.Timestamp

func (*Role) GetDescription 

func (x *Role) GetDescription() string

func (*Role) GetId 

func (x *Role) GetId() string

func (*Role) GetIsDeleted 

func (x *Role) GetIsDeleted() bool

func (*Role) GetIsPredefined 

func (x *Role) GetIsPredefined() bool

func (*Role) GetName 

func (x *Role) GetName() string

func (*Role) GetOrganizationId 

func (x *Role) GetOrganizationId() string

func (*Role) GetPermissions 

func (x *Role) GetPermissions() []string

func (*Role) GetUrl 

func (x *Role) GetUrl() string

func (*Role) ProtoMessage 

func (*Role) ProtoMessage()

func (*Role) ProtoReflect added in v0.89.0 

func (x *Role) ProtoReflect() protoreflect.Message

func (*Role) Reset 

func (x *Role) Reset()

func (*Role) String 

func (x *Role) String() string

type RoleBinding 

type RoleBinding struct {

	// System identifier of the role-binding.
	// This is a read-only value.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// Identifier of the member to bind a role to.
	// Member ID is formatted as:
	// - user:<user_id>
	// - group:<group_id>
	MemberId string `protobuf:"bytes,2,opt,name=member_id,json=memberId,proto3" json:"member_id,omitempty"`
	// Identifier of the Role to grant to member
	RoleId string `protobuf:"bytes,3,opt,name=role_id,json=roleId,proto3" json:"role_id,omitempty"`
	// If set, this this role-binding cannot be deleted
	// This is a read-only value.
	DeleteNotAllowed bool `protobuf:"varint,4,opt,name=delete_not_allowed,json=deleteNotAllowed,proto3" json:"delete_not_allowed,omitempty"`
	// contains filtered or unexported fields
}

RoleBinding binds a Role to a member.

func (*RoleBinding) Descriptor deprecated 

func (*RoleBinding) Descriptor() ([]byte, []int)

Deprecated: Use RoleBinding.ProtoReflect.Descriptor instead.

func (*RoleBinding) GetDeleteNotAllowed 

func (x *RoleBinding) GetDeleteNotAllowed() bool

func (*RoleBinding) GetId 

func (x *RoleBinding) GetId() string

func (*RoleBinding) GetMemberId 

func (x *RoleBinding) GetMemberId() string

func (*RoleBinding) GetRoleId 

func (x *RoleBinding) GetRoleId() string

func (*RoleBinding) ProtoMessage 

func (*RoleBinding) ProtoMessage()

func (*RoleBinding) ProtoReflect added in v0.89.0 

func (x *RoleBinding) ProtoReflect() protoreflect.Message

func (*RoleBinding) Reset 

func (x *RoleBinding) Reset()

func (*RoleBinding) String 

func (x *RoleBinding) String() string

type RoleBindingsRequest 

type RoleBindingsRequest struct {

	// URL of the resource to add/remove policy binding to/from.
	ResourceUrl string `protobuf:"bytes,1,opt,name=resource_url,json=resourceUrl,proto3" json:"resource_url,omitempty"`
	// Role bindings to add/remove to the policy.
	Bindings []*RoleBinding `protobuf:"bytes,2,rep,name=bindings,proto3" json:"bindings,omitempty"`
	// contains filtered or unexported fields
}

Request arguments for Add/DeleteRoleBindings.

func (*RoleBindingsRequest) Descriptor deprecated 

func (*RoleBindingsRequest) Descriptor() ([]byte, []int)

Deprecated: Use RoleBindingsRequest.ProtoReflect.Descriptor instead.

func (*RoleBindingsRequest) GetBindings 

func (x *RoleBindingsRequest) GetBindings() []*RoleBinding

func (*RoleBindingsRequest) GetResourceUrl 

func (x *RoleBindingsRequest) GetResourceUrl() string

func (*RoleBindingsRequest) ProtoMessage 

func (*RoleBindingsRequest) ProtoMessage()

func (*RoleBindingsRequest) ProtoReflect added in v0.89.0 

func (x *RoleBindingsRequest) ProtoReflect() protoreflect.Message

func (*RoleBindingsRequest) Reset 

func (x *RoleBindingsRequest) Reset()

func (*RoleBindingsRequest) String 

func (x *RoleBindingsRequest) String() string

type RoleCallback 

type RoleCallback func(context.Context, *Role) error

RoleCallback is a callback for individual roles.

type RoleList 

type RoleList struct {
	Items []*Role `protobuf:"bytes,1,rep,name=items,proto3" json:"items,omitempty"`
	// contains filtered or unexported fields
}

List of roles.

func (*RoleList) Descriptor deprecated 

func (*RoleList) Descriptor() ([]byte, []int)

Deprecated: Use RoleList.ProtoReflect.Descriptor instead.

func (*RoleList) GetItems 

func (x *RoleList) GetItems() []*Role

func (*RoleList) ProtoMessage 

func (*RoleList) ProtoMessage()

func (*RoleList) ProtoReflect added in v0.89.0 

func (x *RoleList) ProtoReflect() protoreflect.Message

func (*RoleList) Reset 

func (x *RoleList) Reset()

func (*RoleList) String 

func (x *RoleList) String() string

type UnimplementedIAMServiceServer 

type UnimplementedIAMServiceServer struct {
}

UnimplementedIAMServiceServer can be embedded to have forward compatible implementations.

func (*UnimplementedIAMServiceServer) AddGroupMembers 

func (*UnimplementedIAMServiceServer) AddGroupMembers(context.Context, *GroupMembersRequest) (*v1.Empty, error)

func (*UnimplementedIAMServiceServer) AddRoleBindings 

func (*UnimplementedIAMServiceServer) AddRoleBindings(context.Context, *RoleBindingsRequest) (*Policy, error)

func (*UnimplementedIAMServiceServer) AuthenticateAPIKey 

func (*UnimplementedIAMServiceServer) AuthenticateAPIKey(context.Context, *AuthenticateAPIKeyRequest) (*AuthenticateAPIKeyResponse, error)

func (*UnimplementedIAMServiceServer) CreateAPIKey 

func (*UnimplementedIAMServiceServer) CreateAPIKey(context.Context, *CreateAPIKeyRequest) (*APIKeySecret, error)

func (*UnimplementedIAMServiceServer) CreateGroup 

func (*UnimplementedIAMServiceServer) CreateGroup(context.Context, *Group) (*Group, error)

func (*UnimplementedIAMServiceServer) CreateRole 

func (*UnimplementedIAMServiceServer) CreateRole(context.Context, *Role) (*Role, error)

func (*UnimplementedIAMServiceServer) DeleteAPIKey 

func (*UnimplementedIAMServiceServer) DeleteAPIKey(context.Context, *v1.IDOptions) (*v1.Empty, error)

func (*UnimplementedIAMServiceServer) DeleteGroup 

func (*UnimplementedIAMServiceServer) DeleteGroup(context.Context, *v1.IDOptions) (*v1.Empty, error)

func (*UnimplementedIAMServiceServer) DeleteGroupMembers 

func (*UnimplementedIAMServiceServer) DeleteGroupMembers(context.Context, *GroupMembersRequest) (*v1.Empty, error)

func (*UnimplementedIAMServiceServer) DeleteRole 

func (*UnimplementedIAMServiceServer) DeleteRole(context.Context, *v1.IDOptions) (*v1.Empty, error)

func (*UnimplementedIAMServiceServer) DeleteRoleBindings 

func (*UnimplementedIAMServiceServer) DeleteRoleBindings(context.Context, *RoleBindingsRequest) (*Policy, error)

func (*UnimplementedIAMServiceServer) GetAPIKey 

func (*UnimplementedIAMServiceServer) GetAPIKey(context.Context, *v1.IDOptions) (*APIKey, error)

func (*UnimplementedIAMServiceServer) GetAPIVersion 

func (*UnimplementedIAMServiceServer) GetAPIVersion(context.Context, *v1.Empty) (*v1.Version, error)

func (*UnimplementedIAMServiceServer) GetEffectivePermissions 

func (*UnimplementedIAMServiceServer) GetEffectivePermissions(context.Context, *v1.URLOptions) (*PermissionList, error)

func (*UnimplementedIAMServiceServer) GetGroup 

func (*UnimplementedIAMServiceServer) GetGroup(context.Context, *v1.IDOptions) (*Group, error)

func (*UnimplementedIAMServiceServer) GetMultipleEffectivePermissions added in v0.73.6 

func (*UnimplementedIAMServiceServer) GetMultipleEffectivePermissions(context.Context, *GetMultipleEffectivePermissionsRequest) (*MultiplePermissionLists, error)

func (*UnimplementedIAMServiceServer) GetPolicy 

func (*UnimplementedIAMServiceServer) GetPolicy(context.Context, *v1.URLOptions) (*Policy, error)

func (*UnimplementedIAMServiceServer) GetPolicyByFilter added in v0.74.7 

func (*UnimplementedIAMServiceServer) GetPolicyByFilter(context.Context, *GetPolicyByFilterRequest) (*Policy, error)

func (*UnimplementedIAMServiceServer) GetRole 

func (*UnimplementedIAMServiceServer) GetRole(context.Context, *v1.IDOptions) (*Role, error)

func (*UnimplementedIAMServiceServer) GetThisUser 

func (*UnimplementedIAMServiceServer) GetThisUser(context.Context, *v1.Empty) (*User, error)

func (*UnimplementedIAMServiceServer) GetUser 

func (*UnimplementedIAMServiceServer) GetUser(context.Context, *v1.IDOptions) (*User, error)

func (*UnimplementedIAMServiceServer) HasPermissions 

func (*UnimplementedIAMServiceServer) HasPermissions(context.Context, *HasPermissionsRequest) (*v1.YesOrNo, error)

func (*UnimplementedIAMServiceServer) IsMemberOfGroup 

func (*UnimplementedIAMServiceServer) IsMemberOfGroup(context.Context, *IsMemberOfGroupRequest) (*v1.YesOrNo, error)

func (*UnimplementedIAMServiceServer) ListAPIKeys 

func (*UnimplementedIAMServiceServer) ListAPIKeys(context.Context, *v1.ListOptions) (*APIKeyList, error)

func (*UnimplementedIAMServiceServer) ListGroupMembers 

func (*UnimplementedIAMServiceServer) ListGroupMembers(context.Context, *v1.ListOptions) (*GroupMemberList, error)

func (*UnimplementedIAMServiceServer) ListGroups 

func (*UnimplementedIAMServiceServer) ListGroups(context.Context, *v1.ListOptions) (*GroupList, error)

func (*UnimplementedIAMServiceServer) ListPermissions 

func (*UnimplementedIAMServiceServer) ListPermissions(context.Context, *v1.Empty) (*PermissionList, error)

func (*UnimplementedIAMServiceServer) ListRoles 

func (*UnimplementedIAMServiceServer) ListRoles(context.Context, *v1.ListOptions) (*RoleList, error)

func (*UnimplementedIAMServiceServer) RenewAPIKeyToken 

func (*UnimplementedIAMServiceServer) RenewAPIKeyToken(context.Context, *RenewAPIKeyTokenRequest) (*RenewAPIKeyTokenResponse, error)

func (*UnimplementedIAMServiceServer) ResendUserMobilePhoneVerification 

func (*UnimplementedIAMServiceServer) ResendUserMobilePhoneVerification(context.Context, *v1.Empty) (*v1.Empty, error)

func (*UnimplementedIAMServiceServer) RevokeAPIKey 

func (*UnimplementedIAMServiceServer) RevokeAPIKey(context.Context, *v1.IDOptions) (*v1.Empty, error)

func (*UnimplementedIAMServiceServer) RevokeAPIKeyToken 

func (*UnimplementedIAMServiceServer) RevokeAPIKeyToken(context.Context, *RevokeAPIKeyTokenRequest) (*v1.Empty, error)

func (*UnimplementedIAMServiceServer) UpdateGroup 

func (*UnimplementedIAMServiceServer) UpdateGroup(context.Context, *Group) (*Group, error)

func (*UnimplementedIAMServiceServer) UpdateRole 

func (*UnimplementedIAMServiceServer) UpdateRole(context.Context, *Role) (*Role, error)

func (*UnimplementedIAMServiceServer) UpdateUser 

func (*UnimplementedIAMServiceServer) UpdateUser(context.Context, *User) (*User, error)

func (*UnimplementedIAMServiceServer) VerifyUserMobilePhone 

func (*UnimplementedIAMServiceServer) VerifyUserMobilePhone(context.Context, *VerifyUserMobilePhoneRequest) (*v1.Empty, error)

type User 

type User struct {

	// Identifier of the user.
	// This is a read-only value.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// Primary email address of the user.
	// All emails send to this user will use this address.
	// This is a read-only value.
	Email string `protobuf:"bytes,2,opt,name=email,proto3" json:"email,omitempty"`
	// Name of the user.
	// This may be empty if not filled out by the user.
	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
	// Given name of the user.
	// This may be empty if not filled out by the user.
	GivenName string `protobuf:"bytes,4,opt,name=given_name,json=givenName,proto3" json:"given_name,omitempty"`
	// Family name of the user.
	// This may be empty if not filled out by the user.
	FamilyName string `protobuf:"bytes,5,opt,name=family_name,json=familyName,proto3" json:"family_name,omitempty"`
	// The creation timestamp of the user.
	// This is a read-only value.
	CreatedAt *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
	// Additional email addresses of the user.
	// This will be filled in when the authentication provided
	// knows multiple email addresses for the user.
	// This is a read-only value.
	AdditionalEmails []string `protobuf:"bytes,7,rep,name=additional_emails,json=additionalEmails,proto3" json:"additional_emails,omitempty"`
	// Mobile phone number of the user.
	// This value must be unique globally.
	//
	// This field will not be filled, unless:
	//   - The currently authenticated user is this user
	//   - The currently authenticated user has `iam.user.get-personal-data` permission
	//     on the organization that user is a member of.
	//
	// This value can only be changed to a non-empty value.
	// If changed, the new number has to be verified again.
	MobilePhone string `protobuf:"bytes,8,opt,name=mobile_phone,json=mobilePhone,proto3" json:"mobile_phone,omitempty"`
	// Set when the mobile phone number has been successfully verified.
	// This is a read-only value.
	MobilePhoneVerified bool `protobuf:"varint,9,opt,name=mobile_phone_verified,json=mobilePhoneVerified,proto3" json:"mobile_phone_verified,omitempty"`
	// Company name of the user
	// This may be empty if not filled out by the user.
	CompanyName string `protobuf:"bytes,10,opt,name=company_name,json=companyName,proto3" json:"company_name,omitempty"`
	// If set, this user is denied access to the dashboard.
	// This is a read-only value.
	DashboardAccessDenied bool `` /* 128-byte string literal not displayed */
	// If set, this field describes the reason why this user is denied access to the dashboard.
	// This is a read-only value.
	DashboardAccessDeniedReason string `` /* 147-byte string literal not displayed */
	// If set, this user is currently being authenticated using an API key (identified by this ID)
	ApikeyId string `protobuf:"bytes,13,opt,name=apikey_id,json=apikeyId,proto3" json:"apikey_id,omitempty"`
	// If set, contains Slack name of this user in the arangodb-community slack.
	SlackName string `protobuf:"bytes,14,opt,name=slack_name,json=slackName,proto3" json:"slack_name,omitempty"`
	// The timestamp of the last login of the user.
	// This is a read-only value.
	LastLoginAt *timestamppb.Timestamp `protobuf:"bytes,15,opt,name=last_login_at,json=lastLoginAt,proto3" json:"last_login_at,omitempty"`
	// If set, contains IP address from which the user last logged in.
	LastIp string `protobuf:"bytes,16,opt,name=last_ip,json=lastIp,proto3" json:"last_ip,omitempty"`
	// Defines if a user's mobile phone number needs verification based on email root domain address.
	MobilePhoneNeedsVerification bool `` /* 151-byte string literal not displayed */
	// If set, this user belongs to an educational institute.
	HasEducationalStatus bool `protobuf:"varint,18,opt,name=has_educational_status,json=hasEducationalStatus,proto3" json:"has_educational_status,omitempty"`
	// Defines the role of user at educational institute.
	// Possible values are student | teacher | other
	EducationalRole string `protobuf:"bytes,19,opt,name=educational_role,json=educationalRole,proto3" json:"educational_role,omitempty"`
	// Defines the user's experience with graph
	Experience string `protobuf:"bytes,20,opt,name=experience,proto3" json:"experience,omitempty"`
	// Defines other DBs that the user has used
	OtherDbs []string `protobuf:"bytes,21,rep,name=other_dbs,json=otherDbs,proto3" json:"other_dbs,omitempty"`
	// Defines if the user has opted out of enhanced troubleshooting
	DisableEnhancedTroubleshooting bool `` /* 155-byte string literal not displayed */
	// contains filtered or unexported fields
}

User represents an actual person.

func (*User) Descriptor deprecated 

func (*User) Descriptor() ([]byte, []int)

Deprecated: Use User.ProtoReflect.Descriptor instead.

func (*User) GetAdditionalEmails 

func (x *User) GetAdditionalEmails() []string

func (*User) GetAllEmails 

func (u *User) GetAllEmails() []string

GetAllEmails returns all email addresses of the given user.

func (*User) GetApikeyId 

func (x *User) GetApikeyId() string

func (*User) GetCompanyName 

func (x *User) GetCompanyName() string

func (*User) GetCreatedAt 

func (x *User) GetCreatedAt() *timestamppb.Timestamp

func (*User) GetDashboardAccessDenied 

func (x *User) GetDashboardAccessDenied() bool

func (*User) GetDashboardAccessDeniedReason 

func (x *User) GetDashboardAccessDeniedReason() string

func (*User) GetDisableEnhancedTroubleshooting added in v0.81.9 

func (x *User) GetDisableEnhancedTroubleshooting() bool

func (*User) GetEducationalRole added in v0.74.8 

func (x *User) GetEducationalRole() string

func (*User) GetEmail 

func (x *User) GetEmail() string

func (*User) GetExperience added in v0.77.9 

func (x *User) GetExperience() string

func (*User) GetFamilyName 

func (x *User) GetFamilyName() string

func (*User) GetGivenName 

func (x *User) GetGivenName() string

func (*User) GetHasEducationalStatus added in v0.74.8 

func (x *User) GetHasEducationalStatus() bool

func (*User) GetId 

func (x *User) GetId() string

func (*User) GetLastIp 

func (x *User) GetLastIp() string

func (*User) GetLastLoginAt 

func (x *User) GetLastLoginAt() *timestamppb.Timestamp

func (*User) GetMobilePhone 

func (x *User) GetMobilePhone() string

func (*User) GetMobilePhoneNeedsVerification 

func (x *User) GetMobilePhoneNeedsVerification() bool

func (*User) GetMobilePhoneVerified 

func (x *User) GetMobilePhoneVerified() bool

func (*User) GetName 

func (x *User) GetName() string

func (*User) GetOtherDbs added in v0.77.9 

func (x *User) GetOtherDbs() []string

func (*User) GetSlackName 

func (x *User) GetSlackName() string

func (*User) ProtoMessage 

func (*User) ProtoMessage()

func (*User) ProtoReflect added in v0.89.0 

func (x *User) ProtoReflect() protoreflect.Message

func (*User) Reset 

func (x *User) Reset()

func (*User) String 

func (x *User) String() string

type VerifyUserMobilePhoneRequest 

type VerifyUserMobilePhoneRequest struct {

	// Code that was send to the mobile phone number.
	Code string `protobuf:"bytes,1,opt,name=code,proto3" json:"code,omitempty"`
	// contains filtered or unexported fields
}

Request arguments for VerifyUserMobilePhone

func (*VerifyUserMobilePhoneRequest) Descriptor deprecated 

func (*VerifyUserMobilePhoneRequest) Descriptor() ([]byte, []int)

Deprecated: Use VerifyUserMobilePhoneRequest.ProtoReflect.Descriptor instead.

func (*VerifyUserMobilePhoneRequest) GetCode 

func (x *VerifyUserMobilePhoneRequest) GetCode() string

func (*VerifyUserMobilePhoneRequest) ProtoMessage 

func (*VerifyUserMobilePhoneRequest) ProtoMessage()

func (*VerifyUserMobilePhoneRequest) ProtoReflect added in v0.89.0 

func (x *VerifyUserMobilePhoneRequest) ProtoReflect() protoreflect.Message

func (*VerifyUserMobilePhoneRequest) Reset 

func (x *VerifyUserMobilePhoneRequest) Reset()

func (*VerifyUserMobilePhoneRequest) String 

func (x *VerifyUserMobilePhoneRequest) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.