googleapis

/// <reference types="node" /> import { OAuth2Client, JWT, Compute, UserRefreshClient, BaseExternalAccountClient, GaxiosPromise, GoogleConfigurable, MethodOptions, StreamMethodOptions, GlobalOptions, GoogleAuth, BodyResponseCallback, APIRequestContext } from 'googleapis-common'; import { Readable } from 'stream'; export declare namespace cloudidentity_v1 { export interface Options extends GlobalOptions { version: 'v1'; } interface StandardParameters { /** * Auth client or API Key for the request */ auth?: string | OAuth2Client | JWT | Compute | UserRefreshClient | BaseExternalAccountClient | GoogleAuth; /** * V1 error format. */ '$.xgafv'?: string; /** * OAuth access token. */ access_token?: string; /** * Data format for response. */ alt?: string; /** * JSONP */ callback?: string; /** * Selector specifying which fields to include in a partial response. */ fields?: string; /** * API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** * OAuth 2.0 token for the current user. */ oauth_token?: string; /** * Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** * Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** * Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** * Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; } /** * Cloud Identity API * * API for provisioning and managing identity resources. * * @example * ```js * const {google} = require('googleapis'); * const cloudidentity = google.cloudidentity('v1'); * ``` */ export class Cloudidentity { context: APIRequestContext; devices: Resource$Devices; groups: Resource$Groups; constructor(options: GlobalOptions, google?: GoogleConfigurable); } /** * The response message for MembershipsService.CheckTransitiveMembership. */ export interface Schema$CheckTransitiveMembershipResponse { /** * Response does not include the possible roles of a member since the behavior of this rpc is not all-or-nothing unlike the other rpcs. So, it may not be possible to list all the roles definitively, due to possible lack of authorization in some of the paths. */ hasMembership?: boolean | null; } /** * Dynamic group metadata like queries and status. */ export interface Schema$DynamicGroupMetadata { /** * Memberships will be the union of all queries. Only one entry with USER resource is currently supported. Customers can create up to 100 dynamic groups. */ queries?: Schema$DynamicGroupQuery[]; /** * Output only. Status of the dynamic group. */ status?: Schema$DynamicGroupStatus; } /** * Defines a query on a resource. */ export interface Schema$DynamicGroupQuery { /** * Query that determines the memberships of the dynamic group. Examples: All users with at least one `organizations.department` of engineering. `user.organizations.exists(org, org.department=='engineering')` All users with at least one location that has `area` of `foo` and `building_id` of `bar`. `user.locations.exists(loc, loc.area=='foo' && loc.building_id=='bar')` */ query?: string | null; /** * Resource type for the Dynamic Group Query */ resourceType?: string | null; } /** * The current status of a dynamic group along with timestamp. */ export interface Schema$DynamicGroupStatus { /** * Status of the dynamic group. */ status?: string | null; /** * The latest time at which the dynamic group is guaranteed to be in the given status. If status is `UP_TO_DATE`, the latest time at which the dynamic group was confirmed to be up-to-date. If status is `UPDATING_MEMBERSHIPS`, the time at which dynamic group was created. */ statusTime?: string | null; } /** * A unique identifier for an entity in the Cloud Identity Groups API. An entity can represent either a group with an optional `namespace` or a user without a `namespace`. The combination of `id` and `namespace` must be unique; however, the same `id` can be used with different `namespace`s. */ export interface Schema$EntityKey { /** * The ID of the entity. For Google-managed entities, the `id` should be the email address of an existing group or user. For external-identity-mapped entities, the `id` must be a string conforming to the Identity Source's requirements. Must be unique within a `namespace`. */ id?: string | null; /** * The namespace in which the entity exists. If not specified, the `EntityKey` represents a Google-managed entity such as a Google user or a Google Group. If specified, the `EntityKey` represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source_id\}. */ namespace?: string | null; } /** * The `MembershipRole` expiry details. */ export interface Schema$ExpiryDetail { /** * The time at which the `MembershipRole` will expire. */ expireTime?: string | null; } /** * The response message for MembershipsService.GetMembershipGraph. */ export interface Schema$GetMembershipGraphResponse { /** * The membership graph's path information represented as an adjacency list. */ adjacencyList?: Schema$MembershipAdjacencyList[]; /** * The resources representing each group in the adjacency list. Each group in this list can be correlated to a 'group' of the MembershipAdjacencyList using the 'name' of the Group resource. */ groups?: Schema$Group[]; } /** * Resource representing the Android specific attributes of a Device. */ export interface Schema$GoogleAppsCloudidentityDevicesV1AndroidAttributes { /** * Whether applications from unknown sources can be installed on device. */ enabledUnknownSources?: boolean | null; /** * Whether this account is on an owner/primary profile. For phones, only true for owner profiles. Android 4+ devices can have secondary or restricted user profiles. */ ownerProfileAccount?: boolean | null; /** * Ownership privileges on device. */ ownershipPrivilege?: string | null; /** * Whether device supports Android work profiles. If false, this service will not block access to corp data even if an administrator turns on the "Enforce Work Profile" policy. */ supportsWorkProfile?: boolean | null; } /** * Request message for approving the device to access user data. */ export interface Schema$GoogleAppsCloudidentityDevicesV1ApproveDeviceUserRequest { /** * Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer. If you're using this API for your own organization, use `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer_id\}`, where customer_id is the customer to whom the device belongs. */ customer?: string | null; } /** * Response message for approving the device to access user data. */ export interface Schema$GoogleAppsCloudidentityDevicesV1ApproveDeviceUserResponse { /** * Resultant DeviceUser object for the action. */ deviceUser?: Schema$GoogleAppsCloudidentityDevicesV1DeviceUser; } /** * Request message for blocking account on device. */ export interface Schema$GoogleAppsCloudidentityDevicesV1BlockDeviceUserRequest { /** * Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer. If you're using this API for your own organization, use `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer_id\}`, where customer_id is the customer to whom the device belongs. */ customer?: string | null; } /** * Response message for blocking the device from accessing user data. */ export interface Schema$GoogleAppsCloudidentityDevicesV1BlockDeviceUserResponse { /** * Resultant DeviceUser object for the action. */ deviceUser?: Schema$GoogleAppsCloudidentityDevicesV1DeviceUser; } /** * Request message for cancelling an unfinished device wipe. */ export interface Schema$GoogleAppsCloudidentityDevicesV1CancelWipeDeviceRequest { /** * Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer. If you're using this API for your own organization, use `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer_id\}`, where customer_id is the customer to whom the device belongs. */ customer?: string | null; } /** * Response message for cancelling an unfinished device wipe. */ export interface Schema$GoogleAppsCloudidentityDevicesV1CancelWipeDeviceResponse { /** * Resultant Device object for the action. Note that asset tags will not be returned in the device object. */ device?: Schema$GoogleAppsCloudidentityDevicesV1Device; } /** * Request message for cancelling an unfinished user account wipe. */ export interface Schema$GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserRequest { /** * Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer. If you're using this API for your own organization, use `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer_id\}`, where customer_id is the customer to whom the device belongs. */ customer?: string | null; } /** * Response message for cancelling an unfinished user account wipe. */ export interface Schema$GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserResponse { /** * Resultant DeviceUser object for the action. */ deviceUser?: Schema$GoogleAppsCloudidentityDevicesV1DeviceUser; } /** * Represents the state associated with an API client calling the Devices API. Resource representing ClientState and supports updates from API users */ export interface Schema$GoogleAppsCloudidentityDevicesV1ClientState { /** * The caller can specify asset tags for this resource */ assetTags?: string[] | null; /** * The compliance state of the resource as specified by the API client. */ complianceState?: string | null; /** * Output only. The time the client state data was created. */ createTime?: string | null; /** * This field may be used to store a unique identifier for the API resource within which these CustomAttributes are a field. */ customId?: string | null; /** * The token that needs to be passed back for concurrency control in updates. Token needs to be passed back in UpdateRequest */ etag?: string | null; /** * The Health score of the resource. The Health score is the callers specification of the condition of the device from a usability point of view. For example, a third-party device management provider may specify a health score based on its compliance with organizational policies. */ healthScore?: string | null; /** * The map of key-value attributes stored by callers specific to a device. The total serialized length of this map may not exceed 10KB. No limit is placed on the number of attributes in a map. */ keyValuePairs?: { [key: string]: Schema$GoogleAppsCloudidentityDevicesV1CustomAttributeValue; } | null; /** * Output only. The time the client state data was last updated. */ lastUpdateTime?: string | null; /** * The management state of the resource as specified by the API client. */ managed?: string | null; /** * Output only. [Resource name](https://cloud.google.com/apis/design/resource_names) of the ClientState in format: `devices/{device_id\}/deviceUsers/{device_user_id\}/clientState/{partner_id\}`, where partner_id corresponds to the partner storing the data. For partners belonging to the "BeyondCorp Alliance", this is the partner ID specified to you by Google. For all other callers, this is a string of the form: `{customer_id\}-suffix`, where `customer_id` is your customer ID. The *suffix* is any string the caller specifies. This string will be displayed verbatim in the administration console. This suffix is used in setting up Custom Access Levels in Context-Aware Access. Your organization's customer ID can be obtained from the URL: `GET https://www.googleapis.com/admin/directory/v1/customers/my_customer` The `id` field in the response contains the customer ID starting with the letter 'C'. The customer ID to be used in this API is the string after the letter 'C' (not including 'C') */ name?: string | null; /** * Output only. The owner of the ClientState */ ownerType?: string | null; /** * A descriptive cause of the health score. */ scoreReason?: string | null; } /** * Additional custom attribute values may be one of these types */ export interface Schema$GoogleAppsCloudidentityDevicesV1CustomAttributeValue { /** * Represents a boolean value. */ boolValue?: boolean | null; /** * Represents a double value. */ numberValue?: number | null; /** * Represents a string value. */ stringValue?: string | null; } /** * A Device within the Cloud Identity Devices API. Represents a Device known to Google Cloud, independent of the device ownership, type, and whether it is assigned or in use by a user. */ export interface Schema$GoogleAppsCloudidentityDevicesV1Device { /** * Output only. Attributes specific to Android devices. */ androidSpecificAttributes?: Schema$GoogleAppsCloudidentityDevicesV1AndroidAttributes; /** * Asset tag of the device. */ assetTag?: string | null; /** * Output only. Baseband version of the device. */ basebandVersion?: string | null; /** * Output only. Device bootloader version. Example: 0.6.7. */ bootloaderVersion?: string | null; /** * Output only. Device brand. Example: Samsung. */ brand?: string | null; /** * Output only. Build number of the device. */ buildNumber?: string | null; /** * Output only. Represents whether the Device is compromised. */ compromisedState?: string | null; /** * Output only. When the Company-Owned device was imported. This field is empty for BYOD devices. */ createTime?: string | null; /** * Output only. Type of device. */ deviceType?: string | null; /** * Output only. Whether developer options is enabled on device. */ enabledDeveloperOptions?: boolean | null; /** * Output only. Whether USB debugging is enabled on device. */ enabledUsbDebugging?: boolean | null; /** * Output only. Device encryption state. */ encryptionState?: string | null; /** * Output only. IMEI number of device if GSM device; empty otherwise. */ imei?: string | null; /** * Output only. Kernel version of the device. */ kernelVersion?: string | null; /** * Most recent time when device synced with this service. */ lastSyncTime?: string | null; /** * Output only. Management state of the device */ managementState?: string | null; /** * Output only. Device manufacturer. Example: Motorola. */ manufacturer?: string | null; /** * Output only. MEID number of device if CDMA device; empty otherwise. */ meid?: string | null; /** * Output only. Model name of device. Example: Pixel 3. */ model?: string | null; /** * Output only. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Device in format: `devices/{device_id\}`, where device_id is the unique id assigned to the Device. */ name?: string | null; /** * Output only. Mobile or network operator of device, if available. */ networkOperator?: string | null; /** * Output only. OS version of the device. Example: Android 8.1.0. */ osVersion?: string | null; /** * Output only. Domain name for Google accounts on device. Type for other accounts on device. On Android, will only be populated if |ownership_privilege| is |PROFILE_OWNER| or |DEVICE_OWNER|. Does not include the account signed in to the device policy app if that account's domain has only one account. Examples: "com.example", "xyz.com". */ otherAccounts?: string[] | null; /** * Output only. Whether the device is owned by the company or an individual */ ownerType?: string | null; /** * Output only. OS release version. Example: 6.0. */ releaseVersion?: string | null; /** * Output only. OS security patch update time on device. */ securityPatchTime?: string | null; /** * Serial Number of device. Example: HT82V1A01076. */ serialNumber?: string | null; /** * WiFi MAC addresses of device. */ wifiMacAddresses?: string[] | null; } /** * Represents a user's use of a Device in the Cloud Identity Devices API. A DeviceUser is a resource representing a user's use of a Device */ export interface Schema$GoogleAppsCloudidentityDevicesV1DeviceUser { /** * Compromised State of the DeviceUser object */ compromisedState?: string | null; /** * When the user first signed in to the device */ createTime?: string | null; /** * Output only. Most recent time when user registered with this service. */ firstSyncTime?: string | null; /** * Output only. Default locale used on device, in IETF BCP-47 format. */ languageCode?: string | null; /** * Output only. Last time when user synced with policies. */ lastSyncTime?: string | null; /** * Output only. Management state of the user on the device. */ managementState?: string | null; /** * Output only. [Resource name](https://cloud.google.com/apis/design/resource_names) of the DeviceUser in format: `devices/{device_id\}/deviceUsers/{user_id\}`, where user_id is the ID of the user associated with the user session. */ name?: string | null; /** * Password state of the DeviceUser object */ passwordState?: string | null; /** * Output only. User agent on the device for this specific user */ userAgent?: string | null; /** * Email address of the user registered on the device. */ userEmail?: string | null; } /** * Response message that is returned in ListClientStates. */ export interface Schema$GoogleAppsCloudidentityDevicesV1ListClientStatesResponse { /** * Client states meeting the list restrictions. */ clientStates?: Schema$GoogleAppsCloudidentityDevicesV1ClientState[]; /** * Token to retrieve the next page of results. Empty if there are no more results. */ nextPageToken?: string | null; } /** * Response message that is returned from the ListDevices method. */ export interface Schema$GoogleAppsCloudidentityDevicesV1ListDevicesResponse { /** * Devices meeting the list restrictions. */ devices?: Schema$GoogleAppsCloudidentityDevicesV1Device[]; /** * Token to retrieve the next page of results. Empty if there are no more results. */ nextPageToken?: string | null; } /** * Response message that is returned from the ListDeviceUsers method. */ export interface Schema$GoogleAppsCloudidentityDevicesV1ListDeviceUsersResponse { /** * Devices meeting the list restrictions. */ deviceUsers?: Schema$GoogleAppsCloudidentityDevicesV1DeviceUser[]; /** * Token to retrieve the next page of results. Empty if there are no more results. */ nextPageToken?: string | null; } /** * Response containing resource names of the DeviceUsers associated with the caller's credentials. */ export interface Schema$GoogleAppsCloudidentityDevicesV1LookupSelfDeviceUsersResponse { /** * The obfuscated customer Id that may be passed back to other Devices API methods such as List, Get, etc. */ customer?: string | null; /** * [Resource names](https://cloud.google.com/apis/design/resource_names) of the DeviceUsers in the format: `devices/{device_id\}/deviceUsers/{user_resource_id\}`, where device_id is the unique ID assigned to a Device and user_resource_id is the unique user ID */ names?: string[] | null; /** * Token to retrieve the next page of results. Empty if there are no more results. */ nextPageToken?: string | null; } /** * Request message for wiping all data on the device. */ export interface Schema$GoogleAppsCloudidentityDevicesV1WipeDeviceRequest { /** * Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer. If you're using this API for your own organization, use `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer_id\}`, where customer_id is the customer to whom the device belongs. */ customer?: string | null; } /** * Response message for wiping all data on the device. */ export interface Schema$GoogleAppsCloudidentityDevicesV1WipeDeviceResponse { /** * Resultant Device object for the action. Note that asset tags will not be returned in the device object. */ device?: Schema$GoogleAppsCloudidentityDevicesV1Device; } /** * Request message for starting an account wipe on device. */ export interface Schema$GoogleAppsCloudidentityDevicesV1WipeDeviceUserRequest { /** * Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer. If you're using this API for your own organization, use `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer_id\}`, where customer_id is the customer to whom the device belongs. */ customer?: string | null; } /** * Response message for wiping the user's account from the device. */ export interface Schema$GoogleAppsCloudidentityDevicesV1WipeDeviceUserResponse { /** * Resultant DeviceUser object for the action. */ deviceUser?: Schema$GoogleAppsCloudidentityDevicesV1DeviceUser; } /** * A group within the Cloud Identity Groups API. A `Group` is a collection of entities, where each entity is either a user, another group, or a service account. */ export interface Schema$Group { /** * Output only. The time when the `Group` was created. */ createTime?: string | null; /** * An extended description to help users determine the purpose of a `Group`. Must not be longer than 4,096 characters. */ description?: string | null; /** * The display name of the `Group`. */ displayName?: string | null; /** * Optional. Dynamic group metadata like queries and status. */ dynamicGroupMetadata?: Schema$DynamicGroupMetadata; /** * Required. Immutable. The `EntityKey` of the `Group`. */ groupKey?: Schema$EntityKey; /** * Required. One or more label entries that apply to the Group. Currently supported labels contain a key with an empty value. Google Groups are the default type of group and have a label with a key of `cloudidentity.googleapis.com/groups.discussion_forum` and an empty value. Existing Google Groups can have an additional label with a key of `cloudidentity.googleapis.com/groups.security` and an empty value added to them. **This is an immutable change and the security label cannot be removed once added.** Dynamic groups have a label with a key of `cloudidentity.googleapis.com/groups.dynamic`. Identity-mapped groups for Cloud Search have a label with a key of `system/groups/external` and an empty value. Examples: {"cloudidentity.googleapis.com/groups.discussion_forum": ""\} or {"system/groups/external": ""\}. */ labels?: { [key: string]: string; } | null; /** * Output only. The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Group`. Shall be of the form `groups/{group_id\}`. */ name?: string | null; /** * Required. Immutable. The resource name of the entity under which this `Group` resides in the Cloud Identity resource hierarchy. Must be of the form `identitysources/{identity_source_id\}` for external- identity-mapped groups or `customers/{customer_id\}` for Google Groups. */ parent?: string | null; /** * Output only. The time when the `Group` was last updated. */ updateTime?: string | null; } /** * Message representing a transitive group of a user or a group. */ export interface Schema$GroupRelation { /** * Display name for this group. */ displayName?: string | null; /** * Resource name for this group. */ group?: string | null; /** * Entity key has an id and a namespace. In case of discussion forums, the id will be an email address without a namespace. */ groupKey?: Schema$EntityKey; /** * Labels for Group resource. */ labels?: { [key: string]: string; } | null; /** * The relation between the member and the transitive group. */ relationType?: string | null; /** * Membership roles of the member for the group. */ roles?: Schema$TransitiveMembershipRole[]; } /** * Response message for ListGroups operation. */ export interface Schema$ListGroupsResponse { /** * Groups returned in response to list request. The results are not sorted. */ groups?: Schema$Group[]; /** * Token to retrieve the next page of results, or empty if there are no more results available for listing. */ nextPageToken?: string | null; } /** * The response message for MembershipsService.ListMemberships. */ export interface Schema$ListMembershipsResponse { /** * The `Membership`s under the specified `parent`. */ memberships?: Schema$Membership[]; /** * A continuation token to retrieve the next page of results, or empty if there are no more results available. */ nextPageToken?: string | null; } /** * The response message for GroupsService.LookupGroupName. */ export interface Schema$LookupGroupNameResponse { /** * The [resource name](https://cloud.google.com/apis/design/resource_names) of the looked-up `Group`. */ name?: string | null; } /** * The response message for MembershipsService.LookupMembershipName. */ export interface Schema$LookupMembershipNameResponse { /** * The [resource name](https://cloud.google.com/apis/design/resource_names) of the looked-up `Membership`. Must be of the form `groups/{group_id\}/memberships/{membership_id\}`. */ name?: string | null; } /** * Message representing a transitive membership of a group. */ export interface Schema$MemberRelation { /** * Resource name for this member if member is a GROUP, otherwise it is empty. */ member?: string | null; /** * Entity key has an id and a namespace. In case of discussion forums, the id will be an email address without a namespace. */ preferredMemberKey?: Schema$EntityKey[]; /** * The relation between the group and the transitive member. */ relationType?: string | null; /** * The membership role details (i.e name of role and expiry time). */ roles?: Schema$TransitiveMembershipRole[]; } /** * A membership within the Cloud Identity Groups API. A `Membership` defines a relationship between a `Group` and an entity belonging to that `Group`, referred to as a "member". */ export interface Schema$Membership { /** * Output only. The time when the `Membership` was created. */ createTime?: string | null; /** * Output only. The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Membership`. Shall be of the form `groups/{group_id\}/memberships/{membership_id\}`. */ name?: string | null; /** * Required. Immutable. The `EntityKey` of the member. */ preferredMemberKey?: Schema$EntityKey; /** * The `MembershipRole`s that apply to the `Membership`. If unspecified, defaults to a single `MembershipRole` with `name` `MEMBER`. Must not contain duplicate `MembershipRole`s with the same `name`. */ roles?: Schema$MembershipRole[]; /** * Output only. The type of the membership. */ type?: string | null; /** * Output only. The time when the `Membership` was last updated. */ updateTime?: string | null; } /** * Membership graph's path information as an adjacency list. */ export interface Schema$MembershipAdjacencyList { /** * Each edge contains information about the member that belongs to this group. Note: Fields returned here will help identify the specific Membership resource (e.g name, preferred_member_key and role), but may not be a comprehensive list of all fields. */ edges?: Schema$Membership[]; /** * Resource name of the group that the members belong to. */ group?: string | null; } /** * A membership role within the Cloud Identity Groups API. A `MembershipRole` defines the privileges granted to a `Membership`. */ export interface Schema$MembershipRole { /** * The expiry details of the `MembershipRole`. Expiry details are only supported for `MEMBER` `MembershipRoles`. May be set if `name` is `MEMBER`. Must not be set if `name` is any other value. */ expiryDetail?: Schema$ExpiryDetail; /** * The name of the `MembershipRole`. Must be one of `OWNER`, `MANAGER`, `MEMBER`. */ name?: string | null; } /** * The request message for MembershipsService.ModifyMembershipRoles. */ export interface Schema$ModifyMembershipRolesRequest { /** * The `MembershipRole`s to be added. Adding or removing roles in the same request as updating roles is not supported. Must not be set if `update_roles_params` is set. */ addRoles?: Schema$MembershipRole[]; /** * The `name`s of the `MembershipRole`s to be removed. Adding or removing roles in the same request as updating roles is not supported. It is not possible to remove the `MEMBER` `MembershipRole`. If you wish to delete a `Membership`, call MembershipsService.DeleteMembership instead. Must not contain `MEMBER`. Must not be set if `update_roles_params` is set. */ removeRoles?: string[] | null; /** * The `MembershipRole`s to be updated. Updating roles in the same request as adding or removing roles is not supported. Must not be set if either `add_roles` or `remove_roles` is set. */ updateRolesParams?: Schema$UpdateMembershipRolesParams[]; } /** * The response message for MembershipsService.ModifyMembershipRoles. */ export interface Schema$ModifyMembershipRolesResponse { /** * The `Membership` resource after modifying its `MembershipRole`s. */ membership?: Schema$Membership; } /** * This resource represents a long-running operation that is the result of a network API call. */ export interface Schema$Operation { /** * If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. */ done?: boolean | null; /** * The error result of the operation in case of failure or cancellation. */ error?: Schema$Status; /** * Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. */ metadata?: { [key: string]: any; } | null; /** * The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id\}`. */ name?: string | null; /** * The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. */ response?: { [key: string]: any; } | null; } /** * The response message for GroupsService.SearchGroups. */ export interface Schema$SearchGroupsResponse { /** * The `Group`s that match the search query. */ groups?: Schema$Group[]; /** * A continuation token to retrieve the next page of results, or empty if there are no more results available. */ nextPageToken?: string | null; } /** * The response message for MembershipsService.SearchTransitiveGroups. */ export interface Schema$SearchTransitiveGroupsResponse { /** * List of transitive groups satisfying the query. */ memberships?: Schema$GroupRelation[]; /** * Token to retrieve the next page of results, or empty if there are no more results available for listing. */ nextPageToken?: string | null; } /** * The response message for MembershipsService.SearchTransitiveMemberships. */ export interface Schema$SearchTransitiveMembershipsResponse { /** * List of transitive members satisfying the query. */ memberships?: Schema$MemberRelation[]; /** * Token to retrieve the next page of results, or empty if there are no more results. */ nextPageToken?: string | null; } /** * The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). */ export interface Schema$Status { /** * The status code, which should be an enum value of google.rpc.Code. */ code?: number | null; /** * A list of messages that carry the error details. There is a common set of message types for APIs to use. */ details?: Array<{ [key: string]: any; }> | null; /** * A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. */ message?: string | null; } /** * Message representing the role of a TransitiveMembership. */ export interface Schema$TransitiveMembershipRole { /** * TransitiveMembershipRole in string format. Currently supported TransitiveMembershipRoles: `"MEMBER"`, `"OWNER"`, and `"MANAGER"`. */ role?: string | null; } /** * The details of an update to a `MembershipRole`. */ export interface Schema$UpdateMembershipRolesParams { /** * The fully-qualified names of fields to update. May only contain the field `expiry_detail`. */ fieldMask?: string | null; /** * The `MembershipRole`s to be updated. Only `MEMBER` `MembershipRole` can currently be updated. */ membershipRole?: Schema$MembershipRole; } /** * The `UserInvitation` resource represents an email that can be sent to an unmanaged user account inviting them to join the customer’s Google Workspace or Cloud Identity account. An unmanaged account shares an email address domain with the Google Workspace or Cloud Identity account but is not managed by it yet. If the user accepts the `UserInvitation`, the user account will become managed. */ export interface Schema$UserInvitation { /** * Number of invitation emails sent to the user. */ mailsSentCount?: string | null; /** * Shall be of the form `customers/{customer\}/userinvitations/{user_email_address\}`. */ name?: string | null; /** * State of the `UserInvitation`. */ state?: string | null; /** * Time when the `UserInvitation` was last updated. */ updateTime?: string | null; } export class Resource$Devices { context: APIRequestContext; deviceUsers: Resource$Devices$Deviceusers; constructor(context: APIRequestContext); /** * Cancels an unfinished device wipe. This operation can be used to cancel device wipe in the gap between the wipe operation returning success and the device being wiped. This operation is possible when the device is in a "pending wipe" state. The device enters the "pending wipe" state when a wipe device command is issued, but has not yet been sent to the device. The cancel wipe will fail if the wipe command has already been issued to the device. * @example * ```js * // Before running the sample: * // - Enable the API at: * // https://console.developers.google.com/apis/api/cloudidentity.googleapis.com * // - Login into gcloud by running: * // `$ gcloud auth application-default login` * // - Install the npm module by running: * // `$ npm install googleapis` * * const {google} = require('googleapis'); * const cloudidentity = google.cloudidentity('v1'); * * async function main() { * const auth = new google.auth.GoogleAuth({ * // Scopes can be specified either as an array or as a single, space-delimited string. * scopes: [], * }); * * // Acquire an auth client, and bind it to all future calls * const authClient = await auth.getClient(); * google.options({auth: authClient}); * * // Do the magic * const res = await cloudidentity.devices.cancelWipe({ * // Required. [Resource name](https://cloud.google.com/apis/design/resource_names) of the Device in format: `devices/{device_id\}`, where device_id is the unique ID assigned to the Device. * name: 'devices/my-device', * * // Request body metadata * requestBody: { * // request body parameters * // { * // "customer": "my_customer" * // } * }, * }); * console.log(res.data); * * // Example response * // { * // "done": false, * // "error": {}, * // "metadata": {}, * // "name": "my_name", * // "response": {} * // } * } * * main().catch(e => { * console.error(e); * throw e; * }); * * ``` * * @param params - Parameters for request * @param options - Optionally override request options, such as `url`, `method`, and `encoding`. * @param callback - Optional callback that handles the response. * @returns A promise if used with async/await, or void if used with a callback. */ cancelWipe(params: Params$Resource$Devices$Cancelwipe, options: StreamMethodOptions): GaxiosPromise<Readable>; cancelWipe(params?: Params$Resource$Devices$Cancelwipe, options?: MethodOptions): GaxiosPromise<Schema$Operation>; cancelWipe(params: Params$Resource$Devices$Cancelwipe, options: StreamMethodOptions | BodyResponseCallback<Readable>, callback: BodyResponseCallback<Readable>): void; cancelWipe(params: Params$Resource$Devices$Cancelwipe, options: MethodOptions | BodyResponseCallback<Schema$Operation>, callback: BodyResponseCallback<Schema$Operation>): void; cancelWipe(params: Params$Resource$Devices$Cancelwipe, callback: BodyResponseCallback<Schema$Operation>): void; cancelWipe(callback: BodyResponseCallback<Schema$Operation>): void; /** * Creates a device. Only company-owned device may be created. **Note**: This method is available only to customers who have one of the following SKUs: Enterprise Standard, Enterprise Plus, Enterprise for Education, and Cloud Identity Premium * @example * ```js * // Before running the sample: * // - Enable the API at: * // https://console.developers.google.com/apis/api/cloudidentity.googleapis.com * // - Login into gcloud by running: * // `$ gcloud auth application-default login` * // - Install the npm module by running: * // `$ npm install googleapis` * * const {google} = require('googleapis'); * const cloudidentity = google.cloudidentity('v1'); * * async function main() { * const auth = new google.auth.GoogleAuth({ * // Scopes can be specified either as an array or as a single, space-delimited string. * scopes: [], * }); * * // Acquire an auth client, and bind it to all future calls * const authClient = await auth.getClient(); * google.options({auth: authClient}); * * // Do the magic * const res = await cloudidentity.devices.create({ * // Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the customer. If you're using this API for your own organization, use `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer_id\}`, where customer_id is the customer to whom the device belongs. * customer: 'placeholder-value', * * // Request body metadata * requestBody: { * // request body parameters * // { * // "androidSpecificAttributes": {}, * // "assetTag": "my_assetTag", * // "basebandVersion": "my_basebandVersion", * // "bootloaderVersion": "my_bootloaderVersion", * // "brand": "my_brand", * // "buildNumber": "my_buildNumber", * // "compromisedState": "my_compromisedState", * // "createTime": "my_createTime", * // "deviceType": "my_deviceType", * // "enabledDeveloperOptions": false, * // "enabledUsbDebugging": false, * // "encryptionState": "my_encryptionState", * // "imei": "my_imei", * // "kernelVersion": "my_kernelVersion", * // "lastSyncTime": "my_lastSyncTime", * // "managementState": "my_managementState", * // "manufacturer": "my_manufacturer", * // "meid": "my_meid", * // "model": "my_model", * // "name": "my_name", * // "networkOperator": "my_networkOperator", * // "osVersion": "my_osVersion", * // "otherAccounts": [], * // "ownerType": "my_ownerType", * // "releaseVersion": "my_releaseVersion", * // "securityPatchTime": "my_securityPatchTime", * // "serialNumber": "my_serialNumber", * // "wifiMacAddresses": [] * // } * }, * }); * console.log(res.data); * * // Example response * // { * // "done": false, * // "error": {}, * // "metadata": {}, * // "name": "my_name", * // "response": {} * // } * } * * main().catch(e => { * console.error(e); * throw e; * }); * * ``` * * @param params - Parameters for request * @param options - Optionally override request options, such as `url`, `method`, and `encoding`. * @param callback - Optional callback that handles the response. * @returns A promise if used with async/await, or void if used with a callback. */ create(params: Params$Resource$Devices$Create, options: StreamMethodOptions): GaxiosPromise<Readable>; create(params?: Params$Resource$Devices$Create, options?: MethodOptions): GaxiosPromise<Schema$Operation>; create(params: Params$Resource$Devices$Create, options: StreamMethodOptions | BodyResponseCallback<Readable>, callback: BodyResponseCallback<Readable>): void; create(params: Params$Resource$Devices$Create, options: MethodOptions | BodyResponseCallback<Schema$Operation>, callback: BodyResponseCallback<Schema$Operation>): void; create(params: Params$Resource$Devices$Create, callback: BodyResponseCallback<Schema$Operation>): void; create(callback: BodyResponseCallback<Schema$Operation>): void; /** * Deletes the specified device. * @example * ```js * // Before running the sample: * // - Enable the API at: * // https://console.developers.google.com/apis/api/cloudidentity.googleapis.com * // - Login into gcloud by running: * // `$ gcloud auth application-default login` * // - Install the npm module by running: * // `$ npm install googleapis` * * const {google} = require('googleapis'); * const cloudidentity = google.cloudidentit