Skip to main content

Services

RPC methods exposed by this API.

PrincipalAttributeService

MethodRequestResponseDescription
CreatePrincipalAttributeKeyCreatePrincipalAttributeKeyRequestCreatePrincipalAttributeKeyResponseCreates a principal attribute key.
GetPrincipalAttributeKeyGetPrincipalAttributeKeyRequestGetPrincipalAttributeKeyResponseRetrieves a principal attribute key.
ListPrincipalAttributeKeysListPrincipalAttributeKeysRequestListPrincipalAttributeKeysResponseLists principal attribute keys, respecting the provided filter.
UpdatePrincipalAttributeKeyUpdatePrincipalAttributeKeyRequestUpdatePrincipalAttributeKeyResponseUpdates an existing principal attribute key.
CheckPrincipalAttributeKeyArchiveImpactCheckPrincipalAttributeKeyArchiveImpactRequestCheckPrincipalAttributeKeyArchiveImpactResponse
ArchivePrincipalAttributeKeysArchivePrincipalAttributeKeysRequestArchivePrincipalAttributeKeysResponseBatch archives principal attribute keys AND all their associated principal attribute values.
UnarchivePrincipalAttributeKeysUnarchivePrincipalAttributeKeysRequestUnarchivePrincipalAttributeKeysResponseBatch unarchives principal attribute keys.
BatchCreatePrincipalAttributeValueBatchCreatePrincipalAttributeValueRequestBatchCreatePrincipalAttributeValueResponseCreates a principal attribute value for multiple principals in a single operation.
GetPrincipalAttributeValueGetPrincipalAttributeValueRequestGetPrincipalAttributeValueResponseRetrieves a principal attribute value.
ListPrincipalAttributeKeyValuesListPrincipalAttributeKeyValuesRequestListPrincipalAttributeKeyValuesResponseLists principal attribute values for a given principal attribute key, respecting the provided filter.
ListPrincipalAttributeValuesListPrincipalAttributeValuesRequestListPrincipalAttributeValuesResponseLists principal attribute values, respecting the provided filter.
ArchivePrincipalAttributeValuesArchivePrincipalAttributeValuesRequestArchivePrincipalAttributeValuesResponseBatch archives principal attribute values.
UnarchivePrincipalAttributeValuesUnarchivePrincipalAttributeValuesRequestUnarchivePrincipalAttributeValuesResponseBatch unarchives principal attribute values.
CreatePrincipalAttributeEnumValueCreatePrincipalAttributeEnumValueRequestCreatePrincipalAttributeEnumValueResponseCreates a principal attribute enum value.
GetPrincipalAttributeEnumValueGetPrincipalAttributeEnumValueRequestGetPrincipalAttributeEnumValueResponseRetrieves a principal attribute enum value.
ListPrincipalAttributeEnumValuesListPrincipalAttributeEnumValuesRequestListPrincipalAttributeEnumValuesResponseLists principal attribute enum values for a given principal attribute key.
UpdatePrincipalAttributeEnumValueUpdatePrincipalAttributeEnumValueRequestUpdatePrincipalAttributeEnumValueResponseUpdates an existing principal attribute enum value.
ArchivePrincipalAttributeEnumValueArchivePrincipalAttributeEnumValueRequestArchivePrincipalAttributeEnumValueResponseArchives a principal attribute enum value and migrates all principal attribute values with that enum value to a replacement enum value.
UnarchivePrincipalAttributeEnumValueUnarchivePrincipalAttributeEnumValueRequestUnarchivePrincipalAttributeEnumValueResponseUnarchives a principal attribute enum value BUT DOES NOT migrate principal attribute values with a replacement value back to the original value.
BatchArchivePrincipalAttributeEnumValuesBatchArchivePrincipalAttributeEnumValuesRequestBatchArchivePrincipalAttributeEnumValuesResponseArchives multiple principal attribute enum values and migrates all principal attribute values with those enum values to their respective replacement enum values.
BatchUnarchivePrincipalAttributeEnumValuesBatchUnarchivePrincipalAttributeEnumValuesRequestBatchUnarchivePrincipalAttributeEnumValuesResponseUnarchives multiple principal attribute enum values BUT DOES NOT migrate principal attribute values with a replacement value back to the original value.

Messages

Data models used across requests/responses.

ArchivePrincipalAttributeEnumValueRequest

FieldTypeLabelDescription
archived_enum_value_idstring
replacement_enum_value_idstringWhen the archived_enum_value_id is archived all principal attribute values that reference it will be migrated to the replacement_enum_value_id if provided. Otherwise, user-attributes that reference it will be archived as well.

ArchivePrincipalAttributeEnumValueResponse

FieldTypeLabelDescription
principal_attribute_values_migratedint32Total number of principal attribute values migrated or archived by this operation. When a replacement enum value is provided, this represents values migrated to the new value. When no replacement is provided, this represents values that were archived.

ArchivePrincipalAttributeKeysRequest

ArchivePrincipalAttributeKeysRequest is used to batch archive principal attribute keys by id.
FieldTypeLabelDescription
principal_attribute_key_idsstringrepeated

ArchivePrincipalAttributeKeysResponse

This message has no fields.

ArchivePrincipalAttributeValuesRequest

ArchivePrincipalAttributeValuesRequest is used to batch archive principal attribute values by id.
FieldTypeLabelDescription
principal_attribute_value_idsstringrepeated
principal_typePrincipalAttributePrincipalType

ArchivePrincipalAttributeValuesResponse

This message has no fields.

BatchArchivePrincipalAttributeEnumValuesRequest

FieldTypeLabelDescription
archival_requestsBatchArchivePrincipalAttributeEnumValuesRequest.EnumValueArchivalrepeated

BatchArchivePrincipalAttributeEnumValuesRequest.EnumValueArchival

FieldTypeLabelDescription
archived_enum_value_idstringThe enum value ID to archive.
replacement_enum_value_idstringWhen the archived_enum_value_id is archived all principal attribute values that reference it will be migrated to the replacement_enum_value_id if provided. Otherwise, user-attributes that reference it will be archived as well.

BatchArchivePrincipalAttributeEnumValuesResponse

FieldTypeLabelDescription
total_principal_attribute_values_migratedint32Total number of principal attribute values migrated or archived across all enum value operations. This includes both values migrated to replacement values and values archived without replacement.

BatchCreatePrincipalAttributeValueRequest

BatchCreatePrincipalAttributeValueRequest is used to batch create new principal attribute values.
FieldTypeLabelDescription
principal_attribute_key_idstring
principal_idsstringrepeated
principal_typePrincipalAttributePrincipalType
oneof value. principal_attribute_enum_value_idstringFor ENUM type: exactly one enum value ID.
oneof value. principal_attribute_enum_value_idsPrincipalAttributeEnumValueIdListFor SET_OF_ENUM type: one or more enum value IDs representing the complete desired set. Omitted enum values that are currently active for each principal+key will be archived.
oneof value. number_valueint64
oneof value. boolean_valuebool

BatchCreatePrincipalAttributeValueResponse

BatchCreatePrincipalAttributeValueResponse returns the principal attribute values from a BatchCreatePrincipalAttributeValue call.
FieldTypeLabelDescription
principal_attribute_valuesPrincipalAttributeValuerepeated

BatchUnarchivePrincipalAttributeEnumValuesRequest

FieldTypeLabelDescription
principal_attribute_enum_value_idsstringrepeated

BatchUnarchivePrincipalAttributeEnumValuesResponse

This message has no fields.

CheckPrincipalAttributeKeyArchiveImpactRequest

FieldTypeLabelDescription
principal_attribute_key_idstring

CheckPrincipalAttributeKeyArchiveImpactResponse

FieldTypeLabelDescription
active_user_principal_attribute_value_countint64Non-archived user principal-attribute value rows for this key that will be archived with the key (same scope as ArchivePrincipalAttributeKeys; includes multiple rows per principal for SET_OF_ENUM).
active_user_group_principal_attribute_value_countint64Non-archived user_group_attribute_values rows for this key. They are not archived by ArchivePrincipalAttributeKeys, but stop contributing to principal.groupAttributes once the key is archived (evaluation joins active keys only).

CreatePrincipalAttributeEnumValueRequest

Principal Attribute Enum Value RPC messages
FieldTypeLabelDescription
principal_attribute_key_idstring
display_namestring
descriptionstring

CreatePrincipalAttributeEnumValueResponse

FieldTypeLabelDescription
principal_attribute_enum_valuePrincipalAttributeEnumValue

CreatePrincipalAttributeKeyRequest

CreatePrincipalAttributeKeyRequest is used to create a new principal attribute key.
FieldTypeLabelDescription
display_namestring
descriptionstring
typePrincipalAttributeValueType
initial_enum_valuesCreatePrincipalAttributeKeyRequest.InitialEnumValuerepeatedOptional initial enum values to create alongside the key. Only applicable for ENUM type keys.

CreatePrincipalAttributeKeyRequest.InitialEnumValue

Nested message for initial enum values in create requests.
FieldTypeLabelDescription
display_namestring
descriptionstring

CreatePrincipalAttributeKeyResponse

CreatePrincipalAttributeKeyResponse returns the principal attribute key from a CreatePrincipalAttributeKey call.
FieldTypeLabelDescription
principal_attribute_keyPrincipalAttributeKey
enum_valuesPrincipalAttributeEnumValuerepeatedThe enum values created alongside the key, if any were provided in the request.

GetPrincipalAttributeEnumValueRequest

FieldTypeLabelDescription
principal_attribute_enum_value_idstring

GetPrincipalAttributeEnumValueResponse

FieldTypeLabelDescription
principal_attribute_enum_valuePrincipalAttributeEnumValue

GetPrincipalAttributeKeyRequest

GetPrincipalAttributeKeyRequest is used to retrieve a principal attribute key.
FieldTypeLabelDescription
principal_attribute_key_idstring

GetPrincipalAttributeKeyResponse

GetPrincipalAttributeKeyResponse returns a principal attribute key from a GetPrincipalAttributeKey call.
FieldTypeLabelDescription
principal_attribute_keyPrincipalAttributeKey

GetPrincipalAttributeValueRequest

GetPrincipalAttributeValueRequest is used to retrieve a principal attribute value.
FieldTypeLabelDescription
principal_attribute_value_idstring
principal_typePrincipalAttributePrincipalType

GetPrincipalAttributeValueResponse

GetPrincipalAttributeValueResponse returns a principal attribute value from a GetPrincipalAttributeValue call.
FieldTypeLabelDescription
principal_attribute_valuePrincipalAttributeValue

ListPrincipalAttributeEnumValuesRequest

FieldTypeLabelDescription
principal_attribute_key_idstring
page_sizeuint32The maximum number of enum values to return. The service may return fewer than this value. If unspecified, at most 50 enum values will be returned. The maximum value is 100; values above 100 will be coerced to 100.
page_tokenstringA page token, received from a previous ListPrincipalAttributeEnumValues call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to ListPrincipalAttributeEnumValues must match the call that provided the page token.
filterstringA Common Expression Language (CEL) filter string. Available fields to filter by are principal_attribute_enum_value_id, name, display_name, description, created_by_user_id, modified_by_user_id, created_date, and modified_date. Archive state is controlled via the include_archived field below, not via filter. For further information about how to use CELs, please refer to this guide.
order_bystringHow to order the retrieved enum values. Formatted as a comma-separated string i.e. “FIELD_NAME[ desc],…”. Available fields to order_by are created_date, modified_date, and display_name. If left empty, items are ordered by created_date in descending order (newest-first). For more information about the format of this field, read this Example: “display_name,created_date desc”
include_archivedboolWhether to include archived enum values. Defaults to false.

ListPrincipalAttributeEnumValuesResponse

FieldTypeLabelDescription
principal_attribute_enum_valuesPrincipalAttributeEnumValuerepeated
next_page_tokenstring

ListPrincipalAttributeKeyValuesRequest

ListPrincipalAttributeKeyValuesRequest is used to list principal attribute values for a given principal attribute key with the provided filter.
FieldTypeLabelDescription
principal_attribute_key_idstringThe id of the principal attribute key to list values for.
principal_typePrincipalAttributePrincipalType
page_sizeuint32The maximum number of principal attribute values to return. The service may return fewer than this value. If unspecified, at most 50 principal attribute values will be returned. The maximum value is 1000. Values above 1000 will be coerced to 1000. Optional.
page_tokenstringA page token, received from a previous ListPrincipalAttributeKeyValues call. Provide this to retrieve a subsequent page of principal attribute values. When paginating, all other parameters provided to ListPrincipalAttributeKeyValues must match the previous call that provided the page token. Optional.
filterstringA Common Expression Language (CEL) filter string. Available fields to filter by are: ‘principal_attribute_value_id’, ‘principal_attribute_key_id’, ‘principal_attribute_enum_value_id’, ‘number_value’, ‘boolean_value’, ‘created_date’, ‘created_by_user_id’, ‘principal_id’, and ‘principal_type’ For further information about how to use CELs, please refer to this guide. For more information about the fields used for filtering, please refer to this definition. Optional.
order_bystringHow to order the retrieved principal attribute values. Formatted as a comma-separated string i.e. “FIELD_NAME[ desc],…”. Available fields to order_by are created_date If left empty, items are ordered by created_date in ascending order (oldest-first). For more information about the format of this field, read this Example: “created_date desc”
include_archivedboolIf true, include archived values. Defaults to false. Optional.

ListPrincipalAttributeKeyValuesResponse

ListPrincipalAttributeKeyValuesResponse returns the list of principal attribute values from a ListPrincipalAttributeKeyValues call.
FieldTypeLabelDescription
principal_attribute_valuesPrincipalAttributeValuerepeated
next_page_tokenstring

ListPrincipalAttributeKeysRequest

ListPrincipalAttributeKeysRequest is used to list principal attribute keys with the provided filter.
FieldTypeLabelDescription
page_sizeuint32The maximum number of principal attribute keys to return. The service may return fewer than this value. If unspecified, at most 50 principal attribute keys will be returned. The maximum value is 1000. Values above 1000 will be coerced to 1000. Optional.
page_tokenstringA page token, received from a previous ListPrincipalAttributeKeys call. Provide this to retrieve a subsequent page of principal attribute keys. When paginating, all other parameters provided to ListPrincipalAttributeKeys must match the previous call that provided the page token. Optional.
filterstringA Common Expression Language (CEL) filter string. Available fields to filter by are: ‘principal_attribute_key_id’, ‘display_name’, ‘value_type’, ‘created_by_user_id’, ‘created_date’, ‘modified_by_user_id, ‘modified_date’ For further information about how to use CELs, please refer to this guide. For more information about the fields used for filtering, please refer to this definition. Optional.
order_bystringHow to order the retrieved principal attribute keys. Formatted as a comma-separated string i.e. “FIELD_NAME[ desc],…”. Available fields to order_by are created_date, ‘modified_date’, ‘display_name’, ‘principal_attribute_key_id’, ‘value_type’, ‘description’ If left empty, items are ordered by created_date in ascending order (oldest-first). For more information about the format of this field, read this Example: “created_date desc,modified_date”
organization_idstring
include_archivedboolIf true, includes archived keys. Defaulta to false. Optional.

ListPrincipalAttributeKeysResponse

ListPrincipalAttributeKeysResponse returns the list of principal attribute keys from a ListPrincipalAttributeKeys call.
FieldTypeLabelDescription
principal_attribute_keysPrincipalAttributeKeyrepeated
next_page_tokenstring

ListPrincipalAttributeValuesRequest

ListPrincipalAttributeValuesRequest is used to list principal attribute values with the provided filter.
FieldTypeLabelDescription
principal_typePrincipalAttributePrincipalType
page_sizeuint32The maximum number of principal attribute values to return. The service may return fewer than this value. If unspecified, at most 50 principal attribute values will be returned. The maximum value is 1000. Values above 1000 will be coerced to 1000. Optional.
page_tokenstringA page token, received from a previous ListPrincipalAttributeValues call. Provide this to retrieve a subsequent page of principal attribute values. When paginating, all other parameters provided to ListPrincipalAttributeValues must match the previous call that provided the page token. Optional.
filterstringA Common Expression Language (CEL) filter string. Available fields to filter by are: ‘principal_attribute_value_id’, ‘principal_attribute_key_id’, ‘principal_attribute_enum_value_id’, ‘number_value’, ‘boolean_value’, ‘created_date’, ‘created_by_user_id’, ‘principal_id’, and ‘principal_type’. Archive state is controlled via the include_archived field below, not via filter. For further information about how to use CELs, please refer to this guide. For more information about the fields used for filtering, please refer to this definition. Optional.
order_bystringHow to order the retrieved principal attribute values. Formatted as a comma-separated string i.e. “FIELD_NAME[ desc],…”. Available fields to order_by are created_date If left empty, items are ordered by created_date in ascending order (oldest-first). For more information about the format of this field, read this Example: “created_date desc”
include_archivedboolIf true, include archived values. Defaults to false. Optional.

ListPrincipalAttributeValuesResponse

ListPrincipalAttributeValuesResponse returns the list of principal attribute values from a ListPrincipalAttributeValues call.
FieldTypeLabelDescription
principal_attribute_valuesPrincipalAttributeValuerepeated
next_page_tokenstring

PrincipalAttributeEnumValue

Represents a possible enumerable value for ENUM type principal attribute keys. Users can add new enum values as needed.
FieldTypeLabelDescription
principal_attribute_enum_value_idstring
principal_attribute_key_idstring
display_namestring
descriptionstring
created_dategoogle.protobuf.Timestamp
created_by_user_idstring
modified_dategoogle.protobuf.Timestamp
modified_by_user_idstring
archived_dategoogle.protobuf.Timestamp
is_archivedboolWhether or not the principal attribute enum value is archived. This is inferred from whether archived_date is set.

PrincipalAttributeEnumValueIdList

FieldTypeLabelDescription
idsstringrepeated

PrincipalAttributeKey

FieldTypeLabelDescription
principal_attribute_key_idstring
organization_idstring
display_namestring
descriptionstring
typePrincipalAttributeValueType
created_dategoogle.protobuf.Timestamp
created_by_user_idstring
modified_dategoogle.protobuf.Timestamp
modified_by_user_idstring
archived_dategoogle.protobuf.Timestamp
is_archivedboolWhether or not the principal attribute key is archived. This is inferred from whether archived_date is set.

PrincipalAttributeValue

FieldTypeLabelDescription
principal_attribute_value_idstring
principal_attribute_key_idstring
principal_idstringThe ID of the user or user group this value is assigned to.
principal_typePrincipalAttributePrincipalType
organization_idstring
oneof value. principal_attribute_enum_value_idstring
oneof value. number_valueint64
oneof value. boolean_valuebool
created_by_user_idstring
created_dategoogle.protobuf.Timestamp
archived_dategoogle.protobuf.Timestamp
is_archivedboolWhether or not the principal attribute value is archived. This is inferred from whether archived_date is set.
keyPrincipalAttributeKeyThe full principal attribute key is populated in the response.
enum_value_detailsPrincipalAttributeEnumValuePopulated in responses with full enum value details.

UnarchivePrincipalAttributeEnumValueRequest

FieldTypeLabelDescription
principal_attribute_enum_value_idstring

UnarchivePrincipalAttributeEnumValueResponse

This message has no fields.

UnarchivePrincipalAttributeKeysRequest

UnarchivePrincipalAttributeKeysRequest is used to batch unarchive principal attribute keys by id.
FieldTypeLabelDescription
principal_attribute_key_idsstringrepeated

UnarchivePrincipalAttributeKeysResponse

This message has no fields.

UnarchivePrincipalAttributeValuesRequest

UnarchivePrincipalAttributeValuesRequest is used to batch unarchive principal attribute values by id.
FieldTypeLabelDescription
principal_attribute_value_idsstringrepeated
principal_typePrincipalAttributePrincipalType

UnarchivePrincipalAttributeValuesResponse

This message has no fields.

UpdatePrincipalAttributeEnumValueRequest

FieldTypeLabelDescription
principal_attribute_enum_value_idstring
display_namestring
descriptionstring
update_maskgoogle.protobuf.FieldMaskThe list of fields to be updated. The fields available to be updated are description and archived_date.

UpdatePrincipalAttributeEnumValueResponse

FieldTypeLabelDescription
principal_attribute_enum_valuePrincipalAttributeEnumValue

UpdatePrincipalAttributeKeyRequest

UpdatePrincipalAttributeKeyRequest is used to update an existing principal attribute key.
FieldTypeLabelDescription
principal_attribute_key_idstring
display_namestring
descriptionstring
update_maskgoogle.protobuf.FieldMaskThe list of fields to be updated. The fields available to be updated are ‘description’.

UpdatePrincipalAttributeKeyResponse

UpdatePrincipalAttributeKeyResponse returns the principal attribute key from a UpdatePrincipalAttributeKey call.
FieldTypeLabelDescription
principal_attribute_keyPrincipalAttributeKey

Enums

Allowed constant values used in message fields.

PrincipalAttributePrincipalType

PrincipalAttributePrincipalType enumerates the supported principal types for principal attribute values.
NameNumberDescription
PRINCIPAL_ATTRIBUTE_PRINCIPAL_TYPE_UNSPECIFIED0
PRINCIPAL_ATTRIBUTE_PRINCIPAL_TYPE_USER1
PRINCIPAL_ATTRIBUTE_PRINCIPAL_TYPE_USER_GROUP2

PrincipalAttributeValueType

PrincipalAttributeValueType enumerates the supported value types for a principal attribute key.
NameNumberDescription
PRINCIPAL_ATTRIBUTE_VALUE_TYPE_UNSPECIFIED0
PRINCIPAL_ATTRIBUTE_VALUE_TYPE_ENUM1
PRINCIPAL_ATTRIBUTE_VALUE_TYPE_BOOLEAN2
PRINCIPAL_ATTRIBUTE_VALUE_TYPE_NUMBER3
PRINCIPAL_ATTRIBUTE_VALUE_TYPE_SET_OF_ENUM4