googleapis.iap.v1 library

Classes

AccessDeniedPageSettings
Custom content configuration for access denied page. IAP allows customers to define a custom URI to use as the error page when access is denied to users. If IAP prevents access to this page, the default IAP error page will be displayed instead.
AccessSettings
Access related settings for IAP protected apps.
ApplicationSettings
Wrapper over application specific settings for IAP.
Binding
Associates members with a role.
Brand
OAuth brand data. NOTE: Only contains a portion of the data that describes a brand.
CorsSettings
Allows customers to configure HTTP request paths that'll allow HTTP OPTIONS call to bypass authentication and authorization.
CsmSettings
Configuration for RCTokens generated for CSM workloads protected by IAP. RCTokens are IAP generated JWTs that can be verified at the application. The RCToken is primarily used for ISTIO deployments, and can be scoped to a single mesh by configuring the audience field accordingly
Empty
A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}.
Expr
Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
GcipSettings
Allows customers to configure tenant_id for GCIP instance per-app.
GetIamPolicyRequest
Request message for GetIamPolicy method.
GetPolicyOptions
Encapsulates settings provided to GetIamPolicy.
IapApi
Controls access to cloud applications running on Google Cloud Platform.
IapSettings
The IAP configurable settings.
IdentityAwareProxyClient
Contains the data that describes an Identity Aware Proxy owned client.
ListBrandsResponse
Response message for ListBrands.
ListIdentityAwareProxyClientsResponse
Response message for ListIdentityAwareProxyClients.
OAuthSettings
Configuration for OAuth login&consent flow behavior as well as for OAuth Credentials.
Policy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members to a single role. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the IAM documentation. JSON example: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" }, { "role": "roles/resourcemanager.organizationViewer", "members": "user:eve@example.com" , "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } YAML example: bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the IAM documentation.
PolicyDelegationSettings
PolicyDelegationConfig allows google-internal teams to use IAP for apps hosted in a tenant project. Using these settings, the app can delegate permission check to happen against the linked customer project. This is only ever supposed to be used by google internal teams, hence the restriction on the proto.
PolicyName
ProjectsBrandsIdentityAwareProxyClientsResourceApi
ProjectsBrandsResourceApi
ProjectsResourceApi
ResetIdentityAwareProxyClientSecretRequest
The request sent to ResetIdentityAwareProxyClientSecret.
Resource
SetIamPolicyRequest
Request message for SetIamPolicy method.
TestIamPermissionsRequest
Request message for TestIamPermissions method.
TestIamPermissionsResponse
Response message for TestIamPermissions method.
V1ResourceApi

Constants

USER_AGENT → const String
'dart-api-client iap/v1'

Exceptions / Errors

ApiRequestError
Represents a general error reported by the API endpoint.
DetailedApiRequestError
Represents a specific error reported by the API endpoint.