firebase-tools 12.4.6 → 12.4.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commands/ext-configure.js +2 -1
- package/lib/commands/functions-secrets-access.js +2 -0
- package/lib/commands/functions-secrets-destroy.js +2 -0
- package/lib/commands/functions-secrets-get.js +2 -0
- package/lib/commands/functions-secrets-prune.js +3 -1
- package/lib/commands/functions-secrets-set.js +2 -0
- package/lib/deploy/lifecycleHooks.js +6 -7
- package/lib/emulator/auth/apiSpec.js +712 -51
- package/lib/emulator/functionsEmulatorRuntime.js +5 -4
- package/lib/emulator/functionsEmulatorShell.js +54 -22
- package/lib/extensions/paramHelper.js +24 -16
- package/lib/frameworks/astro/index.js +1 -5
- package/lib/frameworks/astro/utils.js +22 -4
- package/lib/frameworks/next/index.js +1 -1
- package/lib/frameworks/utils.js +2 -3
- package/lib/functions/secrets.js +1 -1
- package/lib/gcp/frameworks.js +8 -2
- package/lib/gcp/iam.js +6 -1
- package/lib/init/features/frameworks/index.js +52 -8
- package/lib/init/features/frameworks/repo.js +1 -1
- package/lib/init/features/hosting/github.js +9 -0
- package/lib/localFunction.js +27 -9
- package/lib/utils.js +7 -3
- package/package.json +1 -1
|
@@ -20,6 +20,7 @@ exports.default = {
|
|
|
20
20
|
{ name: "projects" },
|
|
21
21
|
{ name: "v1" },
|
|
22
22
|
{ name: "defaultSupportedIdps" },
|
|
23
|
+
{ name: "v2" },
|
|
23
24
|
{ name: "secureToken" },
|
|
24
25
|
{ name: "emulator" },
|
|
25
26
|
],
|
|
@@ -404,7 +405,7 @@ exports.default = {
|
|
|
404
405
|
},
|
|
405
406
|
"/v1/accounts:signInWithGameCenter": {
|
|
406
407
|
post: {
|
|
407
|
-
description: "Signs in or signs up a user with iOS Game Center credentials. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. The bundle ID is required in the request header as `x-ios-bundle-identifier`. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
|
|
408
|
+
description: "Signs in or signs up a user with iOS Game Center credentials. If the sign-in succeeds, a new Identity Platform ID token and refresh token are issued for the authenticated user. The bundle ID is required in the request header as `x-ios-bundle-identifier`. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project. Apple has [deprecated the `playerID` field](https://developer.apple.com/documentation/gamekit/gkplayer/1521127-playerid/). The Apple platform Firebase SDK will use `gamePlayerID` and `teamPlayerID` from version 10.5.0 and onwards. Upgrading to SDK version 10.5.0 or later updates existing integrations that use `playerID` to instead use `gamePlayerID` and `teamPlayerID`. When making calls to `signInWithGameCenter`, you must include `playerID` along with the new fields `gamePlayerID` and `teamPlayerID` to successfully identify all existing users. Upgrading existing Game Center sign in integrations to SDK version 10.5.0 or later is irreversible.",
|
|
408
409
|
operationId: "identitytoolkit.accounts.signInWithGameCenter",
|
|
409
410
|
responses: {
|
|
410
411
|
"200": {
|
|
@@ -1420,7 +1421,7 @@ exports.default = {
|
|
|
1420
1421
|
{
|
|
1421
1422
|
name: "tenantId",
|
|
1422
1423
|
in: "path",
|
|
1423
|
-
description: "If the accounts belong to an Identity Platform tenant, the ID of the tenant. If the accounts belong to
|
|
1424
|
+
description: "If the accounts belong to an Identity Platform tenant, the ID of the tenant. If the accounts belong to a default Identity Platform project, the field is not needed.",
|
|
1424
1425
|
required: true,
|
|
1425
1426
|
schema: { type: "string" },
|
|
1426
1427
|
},
|
|
@@ -1935,6 +1936,50 @@ exports.default = {
|
|
|
1935
1936
|
{ $ref: "#/components/parameters/upload_protocol" },
|
|
1936
1937
|
],
|
|
1937
1938
|
},
|
|
1939
|
+
"/v2/accounts:revokeToken": {
|
|
1940
|
+
post: {
|
|
1941
|
+
description: "Revokes a user's token from an Identity Provider (IdP). This is done by manually providing an IdP credential, and the token types for revocation. An [API key](https://cloud.google.com/docs/authentication/api-keys) is required in the request in order to identify the Google Cloud project.",
|
|
1942
|
+
operationId: "identitytoolkit.accounts.revokeToken",
|
|
1943
|
+
responses: {
|
|
1944
|
+
"200": {
|
|
1945
|
+
description: "Successful response",
|
|
1946
|
+
content: {
|
|
1947
|
+
"*/*": {
|
|
1948
|
+
schema: {
|
|
1949
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitV2RevokeTokenResponse",
|
|
1950
|
+
},
|
|
1951
|
+
},
|
|
1952
|
+
},
|
|
1953
|
+
},
|
|
1954
|
+
},
|
|
1955
|
+
requestBody: {
|
|
1956
|
+
content: {
|
|
1957
|
+
"application/json": {
|
|
1958
|
+
schema: {
|
|
1959
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitV2RevokeTokenRequest",
|
|
1960
|
+
},
|
|
1961
|
+
},
|
|
1962
|
+
},
|
|
1963
|
+
},
|
|
1964
|
+
security: [
|
|
1965
|
+
{ Oauth2: ["https://www.googleapis.com/auth/cloud-platform"] },
|
|
1966
|
+
{ apiKeyQuery: [] },
|
|
1967
|
+
{ apiKeyHeader: [] },
|
|
1968
|
+
],
|
|
1969
|
+
tags: ["accounts"],
|
|
1970
|
+
},
|
|
1971
|
+
parameters: [
|
|
1972
|
+
{ $ref: "#/components/parameters/access_token" },
|
|
1973
|
+
{ $ref: "#/components/parameters/alt" },
|
|
1974
|
+
{ $ref: "#/components/parameters/callback" },
|
|
1975
|
+
{ $ref: "#/components/parameters/fields" },
|
|
1976
|
+
{ $ref: "#/components/parameters/oauth_token" },
|
|
1977
|
+
{ $ref: "#/components/parameters/prettyPrint" },
|
|
1978
|
+
{ $ref: "#/components/parameters/quotaUser" },
|
|
1979
|
+
{ $ref: "#/components/parameters/uploadType" },
|
|
1980
|
+
{ $ref: "#/components/parameters/upload_protocol" },
|
|
1981
|
+
],
|
|
1982
|
+
},
|
|
1938
1983
|
"/v2/accounts/mfaEnrollment:finalize": {
|
|
1939
1984
|
post: {
|
|
1940
1985
|
description: "Finishes enrolling a second factor for the user.",
|
|
@@ -3762,6 +3807,113 @@ exports.default = {
|
|
|
3762
3807
|
{ $ref: "#/components/parameters/upload_protocol" },
|
|
3763
3808
|
],
|
|
3764
3809
|
},
|
|
3810
|
+
"/v2/passwordPolicy": {
|
|
3811
|
+
get: {
|
|
3812
|
+
description: "Gets password policy config set on the project or tenant.",
|
|
3813
|
+
operationId: "identitytoolkit.getPasswordPolicy",
|
|
3814
|
+
responses: {
|
|
3815
|
+
"200": {
|
|
3816
|
+
description: "Successful response",
|
|
3817
|
+
content: {
|
|
3818
|
+
"*/*": {
|
|
3819
|
+
schema: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitV2PasswordPolicy" },
|
|
3820
|
+
},
|
|
3821
|
+
},
|
|
3822
|
+
},
|
|
3823
|
+
},
|
|
3824
|
+
parameters: [
|
|
3825
|
+
{
|
|
3826
|
+
name: "tenantId",
|
|
3827
|
+
in: "query",
|
|
3828
|
+
description: "The id of a tenant.",
|
|
3829
|
+
schema: { type: "string" },
|
|
3830
|
+
},
|
|
3831
|
+
],
|
|
3832
|
+
security: [
|
|
3833
|
+
{ Oauth2: ["https://www.googleapis.com/auth/cloud-platform"] },
|
|
3834
|
+
{ apiKeyQuery: [] },
|
|
3835
|
+
{ apiKeyHeader: [] },
|
|
3836
|
+
],
|
|
3837
|
+
tags: ["v2"],
|
|
3838
|
+
},
|
|
3839
|
+
parameters: [
|
|
3840
|
+
{ $ref: "#/components/parameters/access_token" },
|
|
3841
|
+
{ $ref: "#/components/parameters/alt" },
|
|
3842
|
+
{ $ref: "#/components/parameters/callback" },
|
|
3843
|
+
{ $ref: "#/components/parameters/fields" },
|
|
3844
|
+
{ $ref: "#/components/parameters/oauth_token" },
|
|
3845
|
+
{ $ref: "#/components/parameters/prettyPrint" },
|
|
3846
|
+
{ $ref: "#/components/parameters/quotaUser" },
|
|
3847
|
+
{ $ref: "#/components/parameters/uploadType" },
|
|
3848
|
+
{ $ref: "#/components/parameters/upload_protocol" },
|
|
3849
|
+
],
|
|
3850
|
+
},
|
|
3851
|
+
"/v2/recaptchaConfig": {
|
|
3852
|
+
get: {
|
|
3853
|
+
description: "Gets parameters needed for reCAPTCHA analysis.",
|
|
3854
|
+
operationId: "identitytoolkit.getRecaptchaConfig",
|
|
3855
|
+
responses: {
|
|
3856
|
+
"200": {
|
|
3857
|
+
description: "Successful response",
|
|
3858
|
+
content: {
|
|
3859
|
+
"*/*": {
|
|
3860
|
+
schema: {
|
|
3861
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitV2RecaptchaConfig",
|
|
3862
|
+
},
|
|
3863
|
+
},
|
|
3864
|
+
},
|
|
3865
|
+
},
|
|
3866
|
+
},
|
|
3867
|
+
parameters: [
|
|
3868
|
+
{
|
|
3869
|
+
name: "clientType",
|
|
3870
|
+
in: "query",
|
|
3871
|
+
description: "reCAPTCHA Enterprise uses separate site keys for different client types. Specify the client type to get the corresponding key.",
|
|
3872
|
+
schema: {
|
|
3873
|
+
type: "string",
|
|
3874
|
+
enum: [
|
|
3875
|
+
"CLIENT_TYPE_UNSPECIFIED",
|
|
3876
|
+
"CLIENT_TYPE_WEB",
|
|
3877
|
+
"CLIENT_TYPE_ANDROID",
|
|
3878
|
+
"CLIENT_TYPE_IOS",
|
|
3879
|
+
],
|
|
3880
|
+
},
|
|
3881
|
+
},
|
|
3882
|
+
{
|
|
3883
|
+
name: "tenantId",
|
|
3884
|
+
in: "query",
|
|
3885
|
+
description: "The id of a tenant.",
|
|
3886
|
+
schema: { type: "string" },
|
|
3887
|
+
},
|
|
3888
|
+
{
|
|
3889
|
+
name: "version",
|
|
3890
|
+
in: "query",
|
|
3891
|
+
description: "The reCAPTCHA version.",
|
|
3892
|
+
schema: {
|
|
3893
|
+
type: "string",
|
|
3894
|
+
enum: ["RECAPTCHA_VERSION_UNSPECIFIED", "RECAPTCHA_ENTERPRISE"],
|
|
3895
|
+
},
|
|
3896
|
+
},
|
|
3897
|
+
],
|
|
3898
|
+
security: [
|
|
3899
|
+
{ Oauth2: ["https://www.googleapis.com/auth/cloud-platform"] },
|
|
3900
|
+
{ apiKeyQuery: [] },
|
|
3901
|
+
{ apiKeyHeader: [] },
|
|
3902
|
+
],
|
|
3903
|
+
tags: ["v2"],
|
|
3904
|
+
},
|
|
3905
|
+
parameters: [
|
|
3906
|
+
{ $ref: "#/components/parameters/access_token" },
|
|
3907
|
+
{ $ref: "#/components/parameters/alt" },
|
|
3908
|
+
{ $ref: "#/components/parameters/callback" },
|
|
3909
|
+
{ $ref: "#/components/parameters/fields" },
|
|
3910
|
+
{ $ref: "#/components/parameters/oauth_token" },
|
|
3911
|
+
{ $ref: "#/components/parameters/prettyPrint" },
|
|
3912
|
+
{ $ref: "#/components/parameters/quotaUser" },
|
|
3913
|
+
{ $ref: "#/components/parameters/uploadType" },
|
|
3914
|
+
{ $ref: "#/components/parameters/upload_protocol" },
|
|
3915
|
+
],
|
|
3916
|
+
},
|
|
3765
3917
|
"/v1/token": {
|
|
3766
3918
|
post: {
|
|
3767
3919
|
description: "The Token Service API lets you exchange either an ID token or a refresh token for an access token and a new refresh token. You can use the access token to securely call APIs that require user authorization.",
|
|
@@ -4095,7 +4247,7 @@ exports.default = {
|
|
|
4095
4247
|
type: "array",
|
|
4096
4248
|
},
|
|
4097
4249
|
tenantId: {
|
|
4098
|
-
description: "If the accounts belong to an Identity Platform tenant, the ID of the tenant. If the accounts belong to
|
|
4250
|
+
description: "If the accounts belong to an Identity Platform tenant, the ID of the tenant. If the accounts belong to a default Identity Platform project, the field is not needed.",
|
|
4099
4251
|
type: "string",
|
|
4100
4252
|
},
|
|
4101
4253
|
},
|
|
@@ -4130,7 +4282,7 @@ exports.default = {
|
|
|
4130
4282
|
GoogleCloudIdentitytoolkitV1CreateAuthUriRequest: {
|
|
4131
4283
|
description: "Request message for CreateAuthUri.",
|
|
4132
4284
|
properties: {
|
|
4133
|
-
appId: { type: "string" },
|
|
4285
|
+
appId: { deprecated: true, type: "string" },
|
|
4134
4286
|
authFlowType: {
|
|
4135
4287
|
description: "Used for the Google provider. The type of the authentication flow to be used. If present, this should be `CODE_FLOW` to specify the authorization code flow. Otherwise, the default ID Token flow will be used.",
|
|
4136
4288
|
type: "string",
|
|
@@ -4156,13 +4308,13 @@ exports.default = {
|
|
|
4156
4308
|
description: "The email identifier of the user account to fetch associated providers for. At least one of the fields `identifier` and `provider_id` must be set. The length of the email address should be less than 256 characters and in the format of `name@domain.tld`. The email address should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production.",
|
|
4157
4309
|
type: "string",
|
|
4158
4310
|
},
|
|
4159
|
-
oauthConsumerKey: { type: "string" },
|
|
4311
|
+
oauthConsumerKey: { deprecated: true, type: "string" },
|
|
4160
4312
|
oauthScope: {
|
|
4161
4313
|
description: "Additional space-delimited OAuth 2.0 scopes specifying the scope of the authentication request with the IdP. Used for OAuth 2.0 IdPs. For the Google provider, the authorization code flow will be used if this field is set.",
|
|
4162
4314
|
type: "string",
|
|
4163
4315
|
},
|
|
4164
|
-
openidRealm: { type: "string" },
|
|
4165
|
-
otaApp: { type: "string" },
|
|
4316
|
+
openidRealm: { deprecated: true, type: "string" },
|
|
4317
|
+
otaApp: { deprecated: true, type: "string" },
|
|
4166
4318
|
providerId: {
|
|
4167
4319
|
description: "The provider ID of the IdP for the user to sign in with. This should be a provider ID enabled for sign-in, which is either from the list of [default supported IdPs](https://cloud.google.com/identity-platform/docs/reference/rest/v2/defaultSupportedIdps/list), or of the format `oidc.*` or `saml.*`. Some examples are `google.com`, `facebook.com`, `oidc.testapp`, and `saml.testapp`. At least one of the fields `identifier` and `provider_id` must be set.",
|
|
4168
4320
|
type: "string",
|
|
@@ -4181,7 +4333,7 @@ exports.default = {
|
|
|
4181
4333
|
GoogleCloudIdentitytoolkitV1CreateAuthUriResponse: {
|
|
4182
4334
|
description: "Response message for CreateAuthUri.",
|
|
4183
4335
|
properties: {
|
|
4184
|
-
allProviders: { items: { type: "string" }, type: "array" },
|
|
4336
|
+
allProviders: { deprecated: true, items: { type: "string" }, type: "array" },
|
|
4185
4337
|
authUri: {
|
|
4186
4338
|
description: "The authorization URI for the requested provider. Present only when a provider ID is set in the request.",
|
|
4187
4339
|
type: "string",
|
|
@@ -4194,7 +4346,7 @@ exports.default = {
|
|
|
4194
4346
|
description: "Whether the user has previously signed in with the provider ID in the request. Present only when a registered email identifier is set in the request.",
|
|
4195
4347
|
type: "boolean",
|
|
4196
4348
|
},
|
|
4197
|
-
kind: { type: "string" },
|
|
4349
|
+
kind: { deprecated: true, type: "string" },
|
|
4198
4350
|
providerId: {
|
|
4199
4351
|
description: "The provider ID from the request, if provided.",
|
|
4200
4352
|
type: "string",
|
|
@@ -4244,7 +4396,7 @@ exports.default = {
|
|
|
4244
4396
|
GoogleCloudIdentitytoolkitV1DeleteAccountRequest: {
|
|
4245
4397
|
description: "Request message for DeleteAccount.",
|
|
4246
4398
|
properties: {
|
|
4247
|
-
delegatedProjectNumber: { format: "int64", type: "string" },
|
|
4399
|
+
delegatedProjectNumber: { deprecated: true, format: "int64", type: "string" },
|
|
4248
4400
|
idToken: {
|
|
4249
4401
|
description: "The Identity Platform ID token of the account to delete. Require to be specified for requests from end users that lack Google OAuth 2.0 credential. Authenticated requests bearing a Google OAuth2 credential with proper permissions may pass local_id to specify the account to delete alternatively.",
|
|
4250
4402
|
type: "string",
|
|
@@ -4266,13 +4418,13 @@ exports.default = {
|
|
|
4266
4418
|
},
|
|
4267
4419
|
GoogleCloudIdentitytoolkitV1DeleteAccountResponse: {
|
|
4268
4420
|
description: "Response message for DeleteAccount.",
|
|
4269
|
-
properties: { kind: { type: "string" } },
|
|
4421
|
+
properties: { kind: { deprecated: true, type: "string" } },
|
|
4270
4422
|
type: "object",
|
|
4271
4423
|
},
|
|
4272
4424
|
GoogleCloudIdentitytoolkitV1DownloadAccountResponse: {
|
|
4273
4425
|
description: "Response message for DownloadAccount.",
|
|
4274
4426
|
properties: {
|
|
4275
|
-
kind: { type: "string" },
|
|
4427
|
+
kind: { deprecated: true, type: "string" },
|
|
4276
4428
|
nextPageToken: {
|
|
4277
4429
|
description: "If there are more accounts to be downloaded, a token that can be passed back to DownloadAccount to get more accounts. Otherwise, this is blank.",
|
|
4278
4430
|
type: "string",
|
|
@@ -4285,6 +4437,16 @@ exports.default = {
|
|
|
4285
4437
|
},
|
|
4286
4438
|
type: "object",
|
|
4287
4439
|
},
|
|
4440
|
+
GoogleCloudIdentitytoolkitV1EmailInfo: {
|
|
4441
|
+
description: "Information about email MFA.",
|
|
4442
|
+
properties: {
|
|
4443
|
+
emailAddress: {
|
|
4444
|
+
description: "Email address that a MFA verification should be sent to.",
|
|
4445
|
+
type: "string",
|
|
4446
|
+
},
|
|
4447
|
+
},
|
|
4448
|
+
type: "object",
|
|
4449
|
+
},
|
|
4288
4450
|
GoogleCloudIdentitytoolkitV1EmailTemplate: {
|
|
4289
4451
|
description: "Email template",
|
|
4290
4452
|
properties: {
|
|
@@ -4343,7 +4505,7 @@ exports.default = {
|
|
|
4343
4505
|
GoogleCloudIdentitytoolkitV1GetAccountInfoRequest: {
|
|
4344
4506
|
description: "Request message for GetAccountInfo.",
|
|
4345
4507
|
properties: {
|
|
4346
|
-
delegatedProjectNumber: { format: "int64", type: "string" },
|
|
4508
|
+
delegatedProjectNumber: { deprecated: true, format: "int64", type: "string" },
|
|
4347
4509
|
email: {
|
|
4348
4510
|
description: "The email address of one or more accounts to fetch. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production. Should only be specified by authenticated requests from a developer.",
|
|
4349
4511
|
items: { type: "string" },
|
|
@@ -4389,7 +4551,7 @@ exports.default = {
|
|
|
4389
4551
|
GoogleCloudIdentitytoolkitV1GetAccountInfoResponse: {
|
|
4390
4552
|
description: "Response message for GetAccountInfo.",
|
|
4391
4553
|
properties: {
|
|
4392
|
-
kind: { type: "string" },
|
|
4554
|
+
kind: { deprecated: true, type: "string" },
|
|
4393
4555
|
users: {
|
|
4394
4556
|
description: "The information of specific user account(s) matching the parameters in the request.",
|
|
4395
4557
|
items: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitV1UserInfo" },
|
|
@@ -4421,7 +4583,17 @@ exports.default = {
|
|
|
4421
4583
|
description: "For a PASSWORD_RESET request, a reCaptcha response is required when the system detects possible abuse activity. In those cases, this is the response from the reCaptcha challenge used to verify the caller.",
|
|
4422
4584
|
type: "string",
|
|
4423
4585
|
},
|
|
4424
|
-
challenge: { type: "string" },
|
|
4586
|
+
challenge: { deprecated: true, type: "string" },
|
|
4587
|
+
clientType: {
|
|
4588
|
+
description: "The client type: web, Android or iOS. Required when reCAPTCHA Enterprise protection is enabled.",
|
|
4589
|
+
enum: [
|
|
4590
|
+
"CLIENT_TYPE_UNSPECIFIED",
|
|
4591
|
+
"CLIENT_TYPE_WEB",
|
|
4592
|
+
"CLIENT_TYPE_ANDROID",
|
|
4593
|
+
"CLIENT_TYPE_IOS",
|
|
4594
|
+
],
|
|
4595
|
+
type: "string",
|
|
4596
|
+
},
|
|
4425
4597
|
continueUrl: {
|
|
4426
4598
|
description: "The Url to continue after user clicks the link sent in email. This is the url that will allow the web widget to handle the OOB code.",
|
|
4427
4599
|
type: "string",
|
|
@@ -4450,6 +4622,11 @@ exports.default = {
|
|
|
4450
4622
|
description: "The email address the account is being updated to. Required only for VERIFY_AND_CHANGE_EMAIL requests.",
|
|
4451
4623
|
type: "string",
|
|
4452
4624
|
},
|
|
4625
|
+
recaptchaVersion: {
|
|
4626
|
+
description: "The reCAPTCHA version of the reCAPTCHA token in the captcha_response.",
|
|
4627
|
+
enum: ["RECAPTCHA_VERSION_UNSPECIFIED", "RECAPTCHA_ENTERPRISE"],
|
|
4628
|
+
type: "string",
|
|
4629
|
+
},
|
|
4453
4630
|
requestType: {
|
|
4454
4631
|
description: "Required. The type of out-of-band (OOB) code to send. Depending on this value, other fields in this request will be required and/or have different meanings. There are 4 different OOB codes that can be sent: * PASSWORD_RESET * EMAIL_SIGNIN * VERIFY_EMAIL * VERIFY_AND_CHANGE_EMAIL",
|
|
4455
4632
|
enum: [
|
|
@@ -4463,6 +4640,7 @@ exports.default = {
|
|
|
4463
4640
|
"VERIFY_AND_CHANGE_EMAIL",
|
|
4464
4641
|
"REVERT_SECOND_FACTOR_ADDITION",
|
|
4465
4642
|
],
|
|
4643
|
+
enumDeprecated: [false, false, true, true, false, true, false, false, true],
|
|
4466
4644
|
type: "string",
|
|
4467
4645
|
},
|
|
4468
4646
|
returnOobLink: {
|
|
@@ -4491,7 +4669,7 @@ exports.default = {
|
|
|
4491
4669
|
description: "If return_oob_link is false in the request, the email address the verification was sent to.",
|
|
4492
4670
|
type: "string",
|
|
4493
4671
|
},
|
|
4494
|
-
kind: { type: "string" },
|
|
4672
|
+
kind: { deprecated: true, type: "string" },
|
|
4495
4673
|
oobCode: {
|
|
4496
4674
|
description: "If return_oob_link is true in the request, the OOB code to send.",
|
|
4497
4675
|
type: "string",
|
|
@@ -4561,7 +4739,7 @@ exports.default = {
|
|
|
4561
4739
|
GoogleCloudIdentitytoolkitV1GetRecaptchaParamResponse: {
|
|
4562
4740
|
description: "Response message for GetRecaptchaParam.",
|
|
4563
4741
|
properties: {
|
|
4564
|
-
kind: { type: "string" },
|
|
4742
|
+
kind: { deprecated: true, type: "string" },
|
|
4565
4743
|
producerProjectNumber: {
|
|
4566
4744
|
description: "The producer project number used to generate PIA tokens",
|
|
4567
4745
|
type: "string",
|
|
@@ -4570,7 +4748,7 @@ exports.default = {
|
|
|
4570
4748
|
description: "The reCAPTCHA v2 site key used to invoke the reCAPTCHA service. Always present.",
|
|
4571
4749
|
type: "string",
|
|
4572
4750
|
},
|
|
4573
|
-
recaptchaStoken: { type: "string" },
|
|
4751
|
+
recaptchaStoken: { deprecated: true, type: "string" },
|
|
4574
4752
|
},
|
|
4575
4753
|
type: "object",
|
|
4576
4754
|
},
|
|
@@ -4672,6 +4850,7 @@ exports.default = {
|
|
|
4672
4850
|
description: 'Display name for this mfa option e.g. "corp cell phone".',
|
|
4673
4851
|
type: "string",
|
|
4674
4852
|
},
|
|
4853
|
+
emailInfo: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitV1EmailInfo" },
|
|
4675
4854
|
enrolledAt: {
|
|
4676
4855
|
description: "Timestamp when the account enrolled this second factor.",
|
|
4677
4856
|
format: "google-datetime",
|
|
@@ -4682,6 +4861,7 @@ exports.default = {
|
|
|
4682
4861
|
description: "Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.",
|
|
4683
4862
|
type: "string",
|
|
4684
4863
|
},
|
|
4864
|
+
totpInfo: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitV1TotpInfo" },
|
|
4685
4865
|
unobfuscatedPhoneInfo: {
|
|
4686
4866
|
description: "Output only. Unobfuscated phone_info.",
|
|
4687
4867
|
readOnly: true,
|
|
@@ -4859,7 +5039,7 @@ exports.default = {
|
|
|
4859
5039
|
description: "The email associated with the out-of-band code that was used.",
|
|
4860
5040
|
type: "string",
|
|
4861
5041
|
},
|
|
4862
|
-
kind: { type: "string" },
|
|
5042
|
+
kind: { deprecated: true, type: "string" },
|
|
4863
5043
|
mfaInfo: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitV1MfaEnrollment" },
|
|
4864
5044
|
newEmail: { type: "string" },
|
|
4865
5045
|
requestType: {
|
|
@@ -4874,6 +5054,7 @@ exports.default = {
|
|
|
4874
5054
|
"VERIFY_AND_CHANGE_EMAIL",
|
|
4875
5055
|
"REVERT_SECOND_FACTOR_ADDITION",
|
|
4876
5056
|
],
|
|
5057
|
+
enumDeprecated: [false, false, true, true, false, true, false, false, true],
|
|
4877
5058
|
type: "string",
|
|
4878
5059
|
},
|
|
4879
5060
|
},
|
|
@@ -4897,6 +5078,10 @@ exports.default = {
|
|
|
4897
5078
|
description: "The phone number to send the verification code to in E.164 format.",
|
|
4898
5079
|
type: "string",
|
|
4899
5080
|
},
|
|
5081
|
+
playIntegrityToken: {
|
|
5082
|
+
description: "Android only. Used to assert application identity in place of a recaptcha token (and safety_net_token). At least one of (`ios_receipt` and `ios_secret`), `recaptcha_token`, , or `play_integrity_token` must be specified to verify the verification code is being sent on behalf of a real app and not an emulator. A Play Integrity Token can be generated via the [PlayIntegrity API](https://developer.android.com/google/play/integrity) with applying SHA256 to the `phone_number` field as the nonce.",
|
|
5083
|
+
type: "string",
|
|
5084
|
+
},
|
|
4900
5085
|
recaptchaToken: {
|
|
4901
5086
|
description: "Recaptcha token for app verification. At least one of (`ios_receipt` and `ios_secret`), `recaptcha_token`, or `safety_net_token` must be specified to verify the verification code is being sent on behalf of a real app and not an emulator. The recaptcha should be generated by calling getRecaptchaParams and the recaptcha token will be generated on user completion of the recaptcha challenge.",
|
|
4902
5087
|
type: "string",
|
|
@@ -4925,7 +5110,7 @@ exports.default = {
|
|
|
4925
5110
|
GoogleCloudIdentitytoolkitV1SetAccountInfoRequest: {
|
|
4926
5111
|
description: "Request message for SetAccountInfo.",
|
|
4927
5112
|
properties: {
|
|
4928
|
-
captchaChallenge: { type: "string" },
|
|
5113
|
+
captchaChallenge: { deprecated: true, type: "string" },
|
|
4929
5114
|
captchaResponse: {
|
|
4930
5115
|
description: "The response from reCaptcha challenge. This is required when the system detects possible abuse activities.",
|
|
4931
5116
|
type: "string",
|
|
@@ -4939,7 +5124,7 @@ exports.default = {
|
|
|
4939
5124
|
description: "JSON formatted custom attributes to be stored in the Identity Platform ID token. Specifying this field requires a Google OAuth 2.0 credential with proper [permissions] (https://cloud.google.com/identity-platform/docs/access-control).",
|
|
4940
5125
|
type: "string",
|
|
4941
5126
|
},
|
|
4942
|
-
delegatedProjectNumber: { format: "int64", type: "string" },
|
|
5127
|
+
delegatedProjectNumber: { deprecated: true, format: "int64", type: "string" },
|
|
4943
5128
|
deleteAttribute: {
|
|
4944
5129
|
description: "The account's attributes to be deleted.",
|
|
4945
5130
|
items: {
|
|
@@ -4981,7 +5166,7 @@ exports.default = {
|
|
|
4981
5166
|
description: "A valid Identity Platform ID token. Required when attempting to change user-related information.",
|
|
4982
5167
|
type: "string",
|
|
4983
5168
|
},
|
|
4984
|
-
instanceId: { type: "string" },
|
|
5169
|
+
instanceId: { deprecated: true, type: "string" },
|
|
4985
5170
|
lastLoginAt: {
|
|
4986
5171
|
description: "The timestamp in milliseconds when the account last logged in.",
|
|
4987
5172
|
format: "int64",
|
|
@@ -5043,8 +5228,12 @@ exports.default = {
|
|
|
5043
5228
|
GoogleCloudIdentitytoolkitV1SetAccountInfoResponse: {
|
|
5044
5229
|
description: "Response message for SetAccountInfo",
|
|
5045
5230
|
properties: {
|
|
5046
|
-
displayName: {
|
|
5047
|
-
|
|
5231
|
+
displayName: {
|
|
5232
|
+
deprecated: true,
|
|
5233
|
+
description: "The account's display name.",
|
|
5234
|
+
type: "string",
|
|
5235
|
+
},
|
|
5236
|
+
email: { deprecated: true, description: "The account's email address.", type: "string" },
|
|
5048
5237
|
emailVerified: {
|
|
5049
5238
|
description: "Whether the account's email has been verified.",
|
|
5050
5239
|
type: "boolean",
|
|
@@ -5058,17 +5247,19 @@ exports.default = {
|
|
|
5058
5247
|
description: "An Identity Platform ID token for the account. This is used for legacy user sign up.",
|
|
5059
5248
|
type: "string",
|
|
5060
5249
|
},
|
|
5061
|
-
kind: { type: "string" },
|
|
5250
|
+
kind: { deprecated: true, type: "string" },
|
|
5062
5251
|
localId: { description: "The ID of the authenticated user.", type: "string" },
|
|
5063
5252
|
newEmail: {
|
|
5064
5253
|
description: "The new email that has been set on the user's account attributes.",
|
|
5065
5254
|
type: "string",
|
|
5066
5255
|
},
|
|
5067
5256
|
passwordHash: {
|
|
5257
|
+
deprecated: true,
|
|
5068
5258
|
description: "Deprecated. No actual password hash is currently returned.",
|
|
5069
5259
|
type: "string",
|
|
5070
5260
|
},
|
|
5071
5261
|
photoUrl: {
|
|
5262
|
+
deprecated: true,
|
|
5072
5263
|
description: "The user's photo URL for the account's profile photo.",
|
|
5073
5264
|
type: "string",
|
|
5074
5265
|
},
|
|
@@ -5087,8 +5278,8 @@ exports.default = {
|
|
|
5087
5278
|
GoogleCloudIdentitytoolkitV1SignInWithCustomTokenRequest: {
|
|
5088
5279
|
description: "Request message for SignInWithCustomToken.",
|
|
5089
5280
|
properties: {
|
|
5090
|
-
delegatedProjectNumber: { format: "int64", type: "string" },
|
|
5091
|
-
instanceId: { type: "string" },
|
|
5281
|
+
delegatedProjectNumber: { deprecated: true, format: "int64", type: "string" },
|
|
5282
|
+
instanceId: { deprecated: true, type: "string" },
|
|
5092
5283
|
returnSecureToken: { description: "Should always be true.", type: "boolean" },
|
|
5093
5284
|
tenantId: {
|
|
5094
5285
|
description: "The ID of the Identity Platform tenant the user is signing in to. If present, the ID should match the tenant_id in the token.",
|
|
@@ -5117,7 +5308,7 @@ exports.default = {
|
|
|
5117
5308
|
description: "Whether the authenticated user was created by this request.",
|
|
5118
5309
|
type: "boolean",
|
|
5119
5310
|
},
|
|
5120
|
-
kind: { type: "string" },
|
|
5311
|
+
kind: { deprecated: true, type: "string" },
|
|
5121
5312
|
refreshToken: {
|
|
5122
5313
|
description: "An Identity Platform refresh token for the authenticated user.",
|
|
5123
5314
|
type: "string",
|
|
@@ -5167,7 +5358,7 @@ exports.default = {
|
|
|
5167
5358
|
description: "Whether the authenticated user was created by this request.",
|
|
5168
5359
|
type: "boolean",
|
|
5169
5360
|
},
|
|
5170
|
-
kind: { type: "string" },
|
|
5361
|
+
kind: { deprecated: true, type: "string" },
|
|
5171
5362
|
localId: {
|
|
5172
5363
|
description: "The ID of the authenticated user. Always present in the response.",
|
|
5173
5364
|
type: "string",
|
|
@@ -5200,7 +5391,10 @@ exports.default = {
|
|
|
5200
5391
|
description: "A valid ID token for an Identity Platform account. If present, this request will link the Game Center player ID to the account represented by this ID token.",
|
|
5201
5392
|
type: "string",
|
|
5202
5393
|
},
|
|
5203
|
-
playerId: {
|
|
5394
|
+
playerId: {
|
|
5395
|
+
description: "Required. The user's Game Center player ID. Deprecated by Apple. Pass `playerID` along with `gamePlayerID` and `teamPlayerID` to initiate the migration of a user's Game Center player ID to `gamePlayerID`.",
|
|
5396
|
+
type: "string",
|
|
5397
|
+
},
|
|
5204
5398
|
publicKeyUrl: {
|
|
5205
5399
|
description: "Required. The URL to fetch the Apple public key in order to verify the given signature is signed by Apple.",
|
|
5206
5400
|
type: "string",
|
|
@@ -5254,7 +5448,10 @@ exports.default = {
|
|
|
5254
5448
|
description: "The ID of the authenticated user. Always present in the response.",
|
|
5255
5449
|
type: "string",
|
|
5256
5450
|
},
|
|
5257
|
-
playerId: {
|
|
5451
|
+
playerId: {
|
|
5452
|
+
description: "The user's Game Center player ID. Pass `playerID` along with `gamePlayerID` and `teamPlayerID` to initiate the migration of a user's Game Center player ID to `gamePlayerID`.",
|
|
5453
|
+
type: "string",
|
|
5454
|
+
},
|
|
5258
5455
|
refreshToken: {
|
|
5259
5456
|
description: "An Identity Platform refresh token for the authenticated user.",
|
|
5260
5457
|
type: "string",
|
|
@@ -5269,19 +5466,19 @@ exports.default = {
|
|
|
5269
5466
|
GoogleCloudIdentitytoolkitV1SignInWithIdpRequest: {
|
|
5270
5467
|
description: "Request message for SignInWithIdp.",
|
|
5271
5468
|
properties: {
|
|
5272
|
-
autoCreate: { type: "boolean" },
|
|
5273
|
-
delegatedProjectNumber: { format: "int64", type: "string" },
|
|
5469
|
+
autoCreate: { deprecated: true, type: "boolean" },
|
|
5470
|
+
delegatedProjectNumber: { deprecated: true, format: "int64", type: "string" },
|
|
5274
5471
|
idToken: {
|
|
5275
5472
|
description: "A valid Identity Platform ID token. If passed, the user's account at the IdP will be linked to the account represented by this ID token.",
|
|
5276
5473
|
type: "string",
|
|
5277
5474
|
},
|
|
5278
|
-
pendingIdToken: { type: "string" },
|
|
5475
|
+
pendingIdToken: { deprecated: true, type: "string" },
|
|
5279
5476
|
pendingToken: {
|
|
5280
|
-
description: "An opaque string from a previous SignInWithIdp response. If set, it can be used to repeat the sign-in operation from the previous SignInWithIdp operation.",
|
|
5477
|
+
description: "An opaque string from a previous SignInWithIdp response. If set, it can be used to repeat the sign-in operation from the previous SignInWithIdp operation. This may be present if the user needs to confirm their account information as part of a previous federated login attempt, or perform account linking.",
|
|
5281
5478
|
type: "string",
|
|
5282
5479
|
},
|
|
5283
5480
|
postBody: {
|
|
5284
|
-
description: "If the user is signing in with an authorization response obtained via a previous CreateAuthUri authorization request, this is the body of the HTTP POST callback from the IdP, if present. Otherwise, if the user is signing in with a manually provided IdP credential, this should be a URL-encoded form that contains the credential (e.g. an ID token or access token for OAuth 2.0 IdPs) and the provider ID of the IdP that issued the credential. For example, if the user is signing in to the Google provider using a Google ID token, this should be set to
|
|
5481
|
+
description: "If the user is signing in with an authorization response obtained via a previous CreateAuthUri authorization request, this is the body of the HTTP POST callback from the IdP, if present. Otherwise, if the user is signing in with a manually provided IdP credential, this should be a URL-encoded form that contains the credential (e.g. an ID token or access token for OAuth 2.0 IdPs) and the provider ID of the IdP that issued the credential. For example, if the user is signing in to the Google provider using a Google ID token, this should be set to id_token`=[GOOGLE_ID_TOKEN]&providerId=google.com`, where `[GOOGLE_ID_TOKEN]` should be replaced with the Google ID token. If the user is signing in to the Facebook provider using a Facebook authentication token, this should be set to id_token`=[FACEBOOK_AUTHENTICATION_TOKEN]&providerId=facebook. com&nonce= [NONCE]`, where `[FACEBOOK_AUTHENTICATION_TOKEN]` should be replaced with the Facebook authentication token. Nonce is required for validating the token. The request will fail if no nonce is provided. If the user is signing in to the Facebook provider using a Facebook access token, this should be set to access_token`=[FACEBOOK_ACCESS_TOKEN]&providerId=facebook. com`, where `[FACEBOOK_ACCESS_TOKEN]` should be replaced with the Facebook access token. If the user is signing in to the Twitter provider using a Twitter OAuth 1.0 credential, this should be set to access_token`=[TWITTER_ACCESS_TOKEN]&oauth_token_secret= [TWITTER_TOKEN_SECRET]&providerId=twitter.com`, where `[TWITTER_ACCESS_TOKEN]` and `[TWITTER_TOKEN_SECRET]` should be replaced with the Twitter OAuth access token and Twitter OAuth token secret respectively.",
|
|
5285
5482
|
type: "string",
|
|
5286
5483
|
},
|
|
5287
5484
|
requestUri: {
|
|
@@ -5360,12 +5557,12 @@ exports.default = {
|
|
|
5360
5557
|
description: "An Identity Platform ID token for the authenticated user.",
|
|
5361
5558
|
type: "string",
|
|
5362
5559
|
},
|
|
5363
|
-
inputEmail: { type: "string" },
|
|
5560
|
+
inputEmail: { deprecated: true, type: "string" },
|
|
5364
5561
|
isNewUser: {
|
|
5365
5562
|
description: "Whether or not a new Identity Platform account was created for the authenticated user.",
|
|
5366
5563
|
type: "boolean",
|
|
5367
5564
|
},
|
|
5368
|
-
kind: { type: "string" },
|
|
5565
|
+
kind: { deprecated: true, type: "string" },
|
|
5369
5566
|
language: {
|
|
5370
5567
|
description: "The language preference for the user's account at the IdP.",
|
|
5371
5568
|
type: "string",
|
|
@@ -5391,7 +5588,7 @@ exports.default = {
|
|
|
5391
5588
|
description: 'Whether or not there is an existing Identity Platform user account with the same email address as the current account signed in at the IdP, and the account\'s email addresss is not verified at the IdP. The user will need to sign in to the existing Identity Platform account and then link the current credential from the IdP to it. Only present if the "One account per email address" setting is enabled.',
|
|
5392
5589
|
type: "boolean",
|
|
5393
5590
|
},
|
|
5394
|
-
needEmail: { type: "boolean" },
|
|
5591
|
+
needEmail: { deprecated: true, type: "boolean" },
|
|
5395
5592
|
nickName: {
|
|
5396
5593
|
description: "The nickname for the user's account at the IdP.",
|
|
5397
5594
|
type: "string",
|
|
@@ -5468,23 +5665,38 @@ exports.default = {
|
|
|
5468
5665
|
GoogleCloudIdentitytoolkitV1SignInWithPasswordRequest: {
|
|
5469
5666
|
description: "Request message for SignInWithPassword.",
|
|
5470
5667
|
properties: {
|
|
5471
|
-
captchaChallenge: { type: "string" },
|
|
5668
|
+
captchaChallenge: { deprecated: true, type: "string" },
|
|
5472
5669
|
captchaResponse: {
|
|
5473
5670
|
description: "The reCAPTCHA token provided by the reCAPTCHA client-side integration. reCAPTCHA Enterprise uses it for risk assessment. Required when reCAPTCHA Enterprise is enabled.",
|
|
5474
5671
|
type: "string",
|
|
5475
5672
|
},
|
|
5476
|
-
|
|
5673
|
+
clientType: {
|
|
5674
|
+
description: "The client type, web, android or ios. Required when reCAPTCHA Enterprise is enabled.",
|
|
5675
|
+
enum: [
|
|
5676
|
+
"CLIENT_TYPE_UNSPECIFIED",
|
|
5677
|
+
"CLIENT_TYPE_WEB",
|
|
5678
|
+
"CLIENT_TYPE_ANDROID",
|
|
5679
|
+
"CLIENT_TYPE_IOS",
|
|
5680
|
+
],
|
|
5681
|
+
type: "string",
|
|
5682
|
+
},
|
|
5683
|
+
delegatedProjectNumber: { deprecated: true, format: "int64", type: "string" },
|
|
5477
5684
|
email: {
|
|
5478
5685
|
description: "Required. The email the user is signing in with. The length of email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec production.",
|
|
5479
5686
|
type: "string",
|
|
5480
5687
|
},
|
|
5481
|
-
idToken: { type: "string" },
|
|
5482
|
-
instanceId: { type: "string" },
|
|
5688
|
+
idToken: { deprecated: true, type: "string" },
|
|
5689
|
+
instanceId: { deprecated: true, type: "string" },
|
|
5483
5690
|
password: {
|
|
5484
5691
|
description: "Required. The password the user provides to sign in to the account.",
|
|
5485
5692
|
type: "string",
|
|
5486
5693
|
},
|
|
5487
|
-
pendingIdToken: { type: "string" },
|
|
5694
|
+
pendingIdToken: { deprecated: true, type: "string" },
|
|
5695
|
+
recaptchaVersion: {
|
|
5696
|
+
description: "The reCAPTCHA version of the reCAPTCHA token in the captcha_response.",
|
|
5697
|
+
enum: ["RECAPTCHA_VERSION_UNSPECIFIED", "RECAPTCHA_ENTERPRISE"],
|
|
5698
|
+
type: "string",
|
|
5699
|
+
},
|
|
5488
5700
|
returnSecureToken: { description: "Should always be true.", type: "boolean" },
|
|
5489
5701
|
tenantId: {
|
|
5490
5702
|
description: "The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform instance in the project.",
|
|
@@ -5513,7 +5725,7 @@ exports.default = {
|
|
|
5513
5725
|
description: "An Identity Platform ID token for the authenticated user.",
|
|
5514
5726
|
type: "string",
|
|
5515
5727
|
},
|
|
5516
|
-
kind: { type: "string" },
|
|
5728
|
+
kind: { deprecated: true, type: "string" },
|
|
5517
5729
|
localId: {
|
|
5518
5730
|
description: "The ID of the authenticated user. Always present in the response.",
|
|
5519
5731
|
type: "string",
|
|
@@ -5527,9 +5739,14 @@ exports.default = {
|
|
|
5527
5739
|
description: "An opaque string that functions as proof that the user has successfully passed the first factor authentication.",
|
|
5528
5740
|
type: "string",
|
|
5529
5741
|
},
|
|
5530
|
-
oauthAccessToken: {
|
|
5531
|
-
|
|
5742
|
+
oauthAccessToken: {
|
|
5743
|
+
deprecated: true,
|
|
5744
|
+
description: "The OAuth2 access token.",
|
|
5745
|
+
type: "string",
|
|
5746
|
+
},
|
|
5747
|
+
oauthAuthorizationCode: { deprecated: true, type: "string" },
|
|
5532
5748
|
oauthExpireIn: {
|
|
5749
|
+
deprecated: true,
|
|
5533
5750
|
description: "The access token expiration time in seconds.",
|
|
5534
5751
|
format: "int32",
|
|
5535
5752
|
type: "integer",
|
|
@@ -5543,9 +5760,15 @@ exports.default = {
|
|
|
5543
5760
|
type: "string",
|
|
5544
5761
|
},
|
|
5545
5762
|
registered: {
|
|
5763
|
+
deprecated: true,
|
|
5546
5764
|
description: "Whether the email is for an existing account. Always true.",
|
|
5547
5765
|
type: "boolean",
|
|
5548
5766
|
},
|
|
5767
|
+
userNotifications: {
|
|
5768
|
+
description: "Warning notifications for the user.",
|
|
5769
|
+
items: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitV1UserNotification" },
|
|
5770
|
+
type: "array",
|
|
5771
|
+
},
|
|
5549
5772
|
},
|
|
5550
5773
|
type: "object",
|
|
5551
5774
|
},
|
|
@@ -5561,6 +5784,7 @@ exports.default = {
|
|
|
5561
5784
|
type: "string",
|
|
5562
5785
|
},
|
|
5563
5786
|
operation: {
|
|
5787
|
+
deprecated: true,
|
|
5564
5788
|
enum: ["VERIFY_OP_UNSPECIFIED", "SIGN_UP_OR_IN", "REAUTH", "UPDATE", "LINK"],
|
|
5565
5789
|
type: "string",
|
|
5566
5790
|
},
|
|
@@ -5633,11 +5857,21 @@ exports.default = {
|
|
|
5633
5857
|
GoogleCloudIdentitytoolkitV1SignUpRequest: {
|
|
5634
5858
|
description: "Request message for SignUp.",
|
|
5635
5859
|
properties: {
|
|
5636
|
-
captchaChallenge: { type: "string" },
|
|
5860
|
+
captchaChallenge: { deprecated: true, type: "string" },
|
|
5637
5861
|
captchaResponse: {
|
|
5638
5862
|
description: "The reCAPTCHA token provided by the reCAPTCHA client-side integration. reCAPTCHA Enterprise uses it for assessment. Required when reCAPTCHA enterprise is enabled.",
|
|
5639
5863
|
type: "string",
|
|
5640
5864
|
},
|
|
5865
|
+
clientType: {
|
|
5866
|
+
description: "The client type: web, Android or iOS. Required when enabling reCAPTCHA enterprise protection.",
|
|
5867
|
+
enum: [
|
|
5868
|
+
"CLIENT_TYPE_UNSPECIFIED",
|
|
5869
|
+
"CLIENT_TYPE_WEB",
|
|
5870
|
+
"CLIENT_TYPE_ANDROID",
|
|
5871
|
+
"CLIENT_TYPE_IOS",
|
|
5872
|
+
],
|
|
5873
|
+
type: "string",
|
|
5874
|
+
},
|
|
5641
5875
|
disabled: {
|
|
5642
5876
|
description: "Whether the user will be disabled upon creation. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
|
|
5643
5877
|
type: "boolean",
|
|
@@ -5658,7 +5892,7 @@ exports.default = {
|
|
|
5658
5892
|
description: "A valid ID token for an Identity Platform user. If set, this request will link the authentication credential to the user represented by this ID token. For a non-admin request, both the `email` and `password` fields must be set. For an admin request, `local_id` must not be set.",
|
|
5659
5893
|
type: "string",
|
|
5660
5894
|
},
|
|
5661
|
-
instanceId: { type: "string" },
|
|
5895
|
+
instanceId: { deprecated: true, type: "string" },
|
|
5662
5896
|
localId: {
|
|
5663
5897
|
description: "The ID of the user to create. The ID must be unique within the project that the user is being created under. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).",
|
|
5664
5898
|
type: "string",
|
|
@@ -5677,6 +5911,11 @@ exports.default = {
|
|
|
5677
5911
|
type: "string",
|
|
5678
5912
|
},
|
|
5679
5913
|
photoUrl: { description: "The profile photo url of the user to create.", type: "string" },
|
|
5914
|
+
recaptchaVersion: {
|
|
5915
|
+
description: "The reCAPTCHA version of the reCAPTCHA token in the captcha_response.",
|
|
5916
|
+
enum: ["RECAPTCHA_VERSION_UNSPECIFIED", "RECAPTCHA_ENTERPRISE"],
|
|
5917
|
+
type: "string",
|
|
5918
|
+
},
|
|
5680
5919
|
targetProjectId: {
|
|
5681
5920
|
description: "The project ID of the project which the user should belong to. Specifying this field requires a Google OAuth 2.0 credential with the proper [permissions](https://cloud.google.com/identity-platform/docs/access-control). If this is not set, the target project is inferred from the scope associated to the Bearer access token.",
|
|
5682
5921
|
type: "string",
|
|
@@ -5732,6 +5971,11 @@ exports.default = {
|
|
|
5732
5971
|
},
|
|
5733
5972
|
type: "object",
|
|
5734
5973
|
},
|
|
5974
|
+
GoogleCloudIdentitytoolkitV1TotpInfo: {
|
|
5975
|
+
description: "Information about TOTP MFA.",
|
|
5976
|
+
properties: {},
|
|
5977
|
+
type: "object",
|
|
5978
|
+
},
|
|
5735
5979
|
GoogleCloudIdentitytoolkitV1UploadAccountRequest: {
|
|
5736
5980
|
description: "Request message for UploadAccount.",
|
|
5737
5981
|
properties: {
|
|
@@ -5752,7 +5996,7 @@ exports.default = {
|
|
|
5752
5996
|
format: "int32",
|
|
5753
5997
|
type: "integer",
|
|
5754
5998
|
},
|
|
5755
|
-
delegatedProjectNumber: { format: "int64", type: "string" },
|
|
5999
|
+
delegatedProjectNumber: { deprecated: true, format: "int64", type: "string" },
|
|
5756
6000
|
dkLen: {
|
|
5757
6001
|
description: "The desired key length for the STANDARD_SCRYPT hashing function. Must be at least 1.",
|
|
5758
6002
|
format: "int32",
|
|
@@ -5816,7 +6060,7 @@ exports.default = {
|
|
|
5816
6060
|
items: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitV1ErrorInfo" },
|
|
5817
6061
|
type: "array",
|
|
5818
6062
|
},
|
|
5819
|
-
kind: { type: "string" },
|
|
6063
|
+
kind: { deprecated: true, type: "string" },
|
|
5820
6064
|
},
|
|
5821
6065
|
type: "object",
|
|
5822
6066
|
},
|
|
@@ -5944,6 +6188,29 @@ exports.default = {
|
|
|
5944
6188
|
},
|
|
5945
6189
|
type: "object",
|
|
5946
6190
|
},
|
|
6191
|
+
GoogleCloudIdentitytoolkitV1UserNotification: {
|
|
6192
|
+
description: "Warning notifications for the user.",
|
|
6193
|
+
properties: {
|
|
6194
|
+
notificationCode: {
|
|
6195
|
+
description: "Warning notification enum. Can be used for localization.",
|
|
6196
|
+
enum: [
|
|
6197
|
+
"NOTIFICATION_CODE_UNSPECIFIED",
|
|
6198
|
+
"MISSING_LOWERCASE_CHARACTER",
|
|
6199
|
+
"MISSING_UPPERCASE_CHARACTER",
|
|
6200
|
+
"MISSING_NUMERIC_CHARACTER",
|
|
6201
|
+
"MISSING_NON_ALPHANUMERIC_CHARACTER",
|
|
6202
|
+
"MINIMUM_PASSWORD_LENGTH",
|
|
6203
|
+
"MAXIMUM_PASSWORD_LENGTH",
|
|
6204
|
+
],
|
|
6205
|
+
type: "string",
|
|
6206
|
+
},
|
|
6207
|
+
notificationMessage: {
|
|
6208
|
+
description: "Warning notification string. Can be used as fallback.",
|
|
6209
|
+
type: "string",
|
|
6210
|
+
},
|
|
6211
|
+
},
|
|
6212
|
+
type: "object",
|
|
6213
|
+
},
|
|
5947
6214
|
GoogleCloudIdentitytoolkitV1VerifyIosClientRequest: {
|
|
5948
6215
|
description: "Request message for VerifyIosClient",
|
|
5949
6216
|
properties: {
|
|
@@ -6122,7 +6389,13 @@ exports.default = {
|
|
|
6122
6389
|
notification: {
|
|
6123
6390
|
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2NotificationConfig",
|
|
6124
6391
|
},
|
|
6392
|
+
passwordPolicyConfig: {
|
|
6393
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2PasswordPolicyConfig",
|
|
6394
|
+
},
|
|
6125
6395
|
quota: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2QuotaConfig" },
|
|
6396
|
+
recaptchaConfig: {
|
|
6397
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2RecaptchaConfig",
|
|
6398
|
+
},
|
|
6126
6399
|
signIn: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2SignInConfig" },
|
|
6127
6400
|
smsRegionConfig: {
|
|
6128
6401
|
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2SmsRegionConfig",
|
|
@@ -6136,6 +6409,38 @@ exports.default = {
|
|
|
6136
6409
|
},
|
|
6137
6410
|
type: "object",
|
|
6138
6411
|
},
|
|
6412
|
+
GoogleCloudIdentitytoolkitAdminV2CustomStrengthOptions: {
|
|
6413
|
+
description: "Custom strength options to enforce on user passwords.",
|
|
6414
|
+
properties: {
|
|
6415
|
+
containsLowercaseCharacter: {
|
|
6416
|
+
description: "The password must contain a lower case character.",
|
|
6417
|
+
type: "boolean",
|
|
6418
|
+
},
|
|
6419
|
+
containsNonAlphanumericCharacter: {
|
|
6420
|
+
description: "The password must contain a non alpha numeric character.",
|
|
6421
|
+
type: "boolean",
|
|
6422
|
+
},
|
|
6423
|
+
containsNumericCharacter: {
|
|
6424
|
+
description: "The password must contain a number.",
|
|
6425
|
+
type: "boolean",
|
|
6426
|
+
},
|
|
6427
|
+
containsUppercaseCharacter: {
|
|
6428
|
+
description: "The password must contain an upper case character.",
|
|
6429
|
+
type: "boolean",
|
|
6430
|
+
},
|
|
6431
|
+
maxPasswordLength: {
|
|
6432
|
+
description: "Maximum password length. No default max length",
|
|
6433
|
+
format: "int32",
|
|
6434
|
+
type: "integer",
|
|
6435
|
+
},
|
|
6436
|
+
minPasswordLength: {
|
|
6437
|
+
description: "Minimum password length. Range from 6 to 30",
|
|
6438
|
+
format: "int32",
|
|
6439
|
+
type: "integer",
|
|
6440
|
+
},
|
|
6441
|
+
},
|
|
6442
|
+
type: "object",
|
|
6443
|
+
},
|
|
6139
6444
|
GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdp: {
|
|
6140
6445
|
description: "Standard Identity Toolkit-trusted IDPs.",
|
|
6141
6446
|
properties: {
|
|
@@ -6470,6 +6775,11 @@ exports.default = {
|
|
|
6470
6775
|
items: { enum: ["PROVIDER_UNSPECIFIED", "PHONE_SMS"], type: "string" },
|
|
6471
6776
|
type: "array",
|
|
6472
6777
|
},
|
|
6778
|
+
providerConfigs: {
|
|
6779
|
+
description: "A list of usable second factors for this project along with their configurations. This field does not support phone based MFA, for that use the 'enabled_providers' field.",
|
|
6780
|
+
items: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2ProviderConfig" },
|
|
6781
|
+
type: "array",
|
|
6782
|
+
},
|
|
6473
6783
|
state: {
|
|
6474
6784
|
description: "Whether MultiFactor Authentication has been enabled for this project.",
|
|
6475
6785
|
enum: ["STATE_UNSPECIFIED", "DISABLED", "ENABLED", "MANDATORY"],
|
|
@@ -6543,12 +6853,56 @@ exports.default = {
|
|
|
6543
6853
|
type: "boolean",
|
|
6544
6854
|
},
|
|
6545
6855
|
token: {
|
|
6856
|
+
deprecated: true,
|
|
6546
6857
|
description: "Do not use. The `token` response type is not supported at the moment.",
|
|
6547
6858
|
type: "boolean",
|
|
6548
6859
|
},
|
|
6549
6860
|
},
|
|
6550
6861
|
type: "object",
|
|
6551
6862
|
},
|
|
6863
|
+
GoogleCloudIdentitytoolkitAdminV2PasswordPolicyConfig: {
|
|
6864
|
+
description: "The configuration for the password policy on the project.",
|
|
6865
|
+
properties: {
|
|
6866
|
+
forceUpgradeOnSignin: {
|
|
6867
|
+
description: "Users must have a password compliant with the password policy to sign-in.",
|
|
6868
|
+
type: "boolean",
|
|
6869
|
+
},
|
|
6870
|
+
lastUpdateTime: {
|
|
6871
|
+
description: "Output only. The last time the password policy on the project was updated.",
|
|
6872
|
+
format: "google-datetime",
|
|
6873
|
+
readOnly: true,
|
|
6874
|
+
type: "string",
|
|
6875
|
+
},
|
|
6876
|
+
passwordPolicyEnforcementState: {
|
|
6877
|
+
description: "Which enforcement mode to use for the password policy.",
|
|
6878
|
+
enum: ["PASSWORD_POLICY_ENFORCEMENT_STATE_UNSPECIFIED", "OFF", "ENFORCE"],
|
|
6879
|
+
type: "string",
|
|
6880
|
+
},
|
|
6881
|
+
passwordPolicyVersions: {
|
|
6882
|
+
description: "Must be of length 1. Contains the strength attributes for the password policy.",
|
|
6883
|
+
items: {
|
|
6884
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2PasswordPolicyVersion",
|
|
6885
|
+
},
|
|
6886
|
+
type: "array",
|
|
6887
|
+
},
|
|
6888
|
+
},
|
|
6889
|
+
type: "object",
|
|
6890
|
+
},
|
|
6891
|
+
GoogleCloudIdentitytoolkitAdminV2PasswordPolicyVersion: {
|
|
6892
|
+
description: "The strength attributes for the password policy on the project.",
|
|
6893
|
+
properties: {
|
|
6894
|
+
customStrengthOptions: {
|
|
6895
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2CustomStrengthOptions",
|
|
6896
|
+
},
|
|
6897
|
+
schemaVersion: {
|
|
6898
|
+
description: "Output only. schema version number for the password policy",
|
|
6899
|
+
format: "int32",
|
|
6900
|
+
readOnly: true,
|
|
6901
|
+
type: "integer",
|
|
6902
|
+
},
|
|
6903
|
+
},
|
|
6904
|
+
type: "object",
|
|
6905
|
+
},
|
|
6552
6906
|
GoogleCloudIdentitytoolkitAdminV2Permissions: {
|
|
6553
6907
|
description: "Configuration related to restricting a user's ability to affect their account.",
|
|
6554
6908
|
properties: {
|
|
@@ -6578,6 +6932,20 @@ exports.default = {
|
|
|
6578
6932
|
},
|
|
6579
6933
|
type: "object",
|
|
6580
6934
|
},
|
|
6935
|
+
GoogleCloudIdentitytoolkitAdminV2ProviderConfig: {
|
|
6936
|
+
description: "ProviderConfig describes the supported MFA providers along with their configurations.",
|
|
6937
|
+
properties: {
|
|
6938
|
+
state: {
|
|
6939
|
+
description: "Describes the state of the MultiFactor Authentication type.",
|
|
6940
|
+
enum: ["MFA_STATE_UNSPECIFIED", "DISABLED", "ENABLED", "MANDATORY"],
|
|
6941
|
+
type: "string",
|
|
6942
|
+
},
|
|
6943
|
+
totpProviderConfig: {
|
|
6944
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2TotpMfaProviderConfig",
|
|
6945
|
+
},
|
|
6946
|
+
},
|
|
6947
|
+
type: "object",
|
|
6948
|
+
},
|
|
6581
6949
|
GoogleCloudIdentitytoolkitAdminV2QuotaConfig: {
|
|
6582
6950
|
description: "Configuration related to quotas.",
|
|
6583
6951
|
properties: {
|
|
@@ -6587,6 +6955,65 @@ exports.default = {
|
|
|
6587
6955
|
},
|
|
6588
6956
|
type: "object",
|
|
6589
6957
|
},
|
|
6958
|
+
GoogleCloudIdentitytoolkitAdminV2RecaptchaConfig: {
|
|
6959
|
+
description: "The reCAPTCHA Enterprise integration config.",
|
|
6960
|
+
properties: {
|
|
6961
|
+
emailPasswordEnforcementState: {
|
|
6962
|
+
description: "The reCAPTCHA config for email/password provider, containing the enforcement status. The email/password provider contains all related user flows protected by reCAPTCHA.",
|
|
6963
|
+
enum: ["RECAPTCHA_PROVIDER_ENFORCEMENT_STATE_UNSPECIFIED", "OFF", "AUDIT", "ENFORCE"],
|
|
6964
|
+
type: "string",
|
|
6965
|
+
},
|
|
6966
|
+
managedRules: {
|
|
6967
|
+
description: "The managed rules for authentication action based on reCAPTCHA scores. The rules are shared across providers for a given tenant project.",
|
|
6968
|
+
items: {
|
|
6969
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2RecaptchaManagedRule",
|
|
6970
|
+
},
|
|
6971
|
+
type: "array",
|
|
6972
|
+
},
|
|
6973
|
+
recaptchaKeys: {
|
|
6974
|
+
description: "Output only. The reCAPTCHA keys.",
|
|
6975
|
+
items: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2RecaptchaKey" },
|
|
6976
|
+
readOnly: true,
|
|
6977
|
+
type: "array",
|
|
6978
|
+
},
|
|
6979
|
+
useAccountDefender: {
|
|
6980
|
+
description: "Whether to use the account defender for reCAPTCHA assessment. Defaults to `false`.",
|
|
6981
|
+
type: "boolean",
|
|
6982
|
+
},
|
|
6983
|
+
},
|
|
6984
|
+
type: "object",
|
|
6985
|
+
},
|
|
6986
|
+
GoogleCloudIdentitytoolkitAdminV2RecaptchaKey: {
|
|
6987
|
+
description: "The reCAPTCHA key config. reCAPTCHA Enterprise offers different keys for different client platforms.",
|
|
6988
|
+
properties: {
|
|
6989
|
+
key: {
|
|
6990
|
+
description: 'The reCAPTCHA Enterprise key resource name, e.g. "projects/{project}/keys/{key}"',
|
|
6991
|
+
type: "string",
|
|
6992
|
+
},
|
|
6993
|
+
type: {
|
|
6994
|
+
description: "The client's platform type.",
|
|
6995
|
+
enum: ["CLIENT_TYPE_UNSPECIFIED", "WEB", "IOS", "ANDROID"],
|
|
6996
|
+
type: "string",
|
|
6997
|
+
},
|
|
6998
|
+
},
|
|
6999
|
+
type: "object",
|
|
7000
|
+
},
|
|
7001
|
+
GoogleCloudIdentitytoolkitAdminV2RecaptchaManagedRule: {
|
|
7002
|
+
description: "The config for a reCAPTCHA managed rule. Models a single interval [start_score, end_score]. The start_score is implicit. It is either the closest smaller end_score (if one is available) or 0. Intervals in aggregate span [0, 1] without overlapping.",
|
|
7003
|
+
properties: {
|
|
7004
|
+
action: {
|
|
7005
|
+
description: "The action taken if the reCAPTCHA score of a request is within the interval [start_score, end_score].",
|
|
7006
|
+
enum: ["RECAPTCHA_ACTION_UNSPECIFIED", "BLOCK"],
|
|
7007
|
+
type: "string",
|
|
7008
|
+
},
|
|
7009
|
+
endScore: {
|
|
7010
|
+
description: "The end score (inclusive) of the score range for an action. Must be a value between 0.0 and 1.0, at 11 discrete values; e.g. 0, 0.1, 0.2, 0.3, ... 0.9, 1.0. A score of 0.0 indicates the riskiest request (likely a bot), whereas 1.0 indicates the safest request (likely a human). See https://cloud.google.com/recaptcha-enterprise/docs/interpret-assessment.",
|
|
7011
|
+
format: "float",
|
|
7012
|
+
type: "number",
|
|
7013
|
+
},
|
|
7014
|
+
},
|
|
7015
|
+
type: "object",
|
|
7016
|
+
},
|
|
6590
7017
|
GoogleCloudIdentitytoolkitAdminV2RequestLogging: {
|
|
6591
7018
|
description: "Configuration for logging requests made to this project to Stackdriver Logging",
|
|
6592
7019
|
properties: {
|
|
@@ -6789,6 +7216,12 @@ exports.default = {
|
|
|
6789
7216
|
readOnly: true,
|
|
6790
7217
|
type: "string",
|
|
6791
7218
|
},
|
|
7219
|
+
passwordPolicyConfig: {
|
|
7220
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2PasswordPolicyConfig",
|
|
7221
|
+
},
|
|
7222
|
+
recaptchaConfig: {
|
|
7223
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2RecaptchaConfig",
|
|
7224
|
+
},
|
|
6792
7225
|
smsRegionConfig: {
|
|
6793
7226
|
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2SmsRegionConfig",
|
|
6794
7227
|
},
|
|
@@ -6800,6 +7233,17 @@ exports.default = {
|
|
|
6800
7233
|
},
|
|
6801
7234
|
type: "object",
|
|
6802
7235
|
},
|
|
7236
|
+
GoogleCloudIdentitytoolkitAdminV2TotpMfaProviderConfig: {
|
|
7237
|
+
description: "TotpMFAProviderConfig represents the TOTP based MFA provider.",
|
|
7238
|
+
properties: {
|
|
7239
|
+
adjacentIntervals: {
|
|
7240
|
+
description: "The allowed number of adjacent intervals that will be used for verification to avoid clock skew.",
|
|
7241
|
+
format: "int32",
|
|
7242
|
+
type: "integer",
|
|
7243
|
+
},
|
|
7244
|
+
},
|
|
7245
|
+
type: "object",
|
|
7246
|
+
},
|
|
6803
7247
|
GoogleCloudIdentitytoolkitAdminV2Trigger: {
|
|
6804
7248
|
description: "Synchronous Cloud Function with HTTP Trigger",
|
|
6805
7249
|
properties: {
|
|
@@ -6822,6 +7266,38 @@ exports.default = {
|
|
|
6822
7266
|
},
|
|
6823
7267
|
type: "object",
|
|
6824
7268
|
},
|
|
7269
|
+
GoogleCloudIdentitytoolkitV2CustomStrengthOptions: {
|
|
7270
|
+
description: "Custom strength options to enforce on user passwords.",
|
|
7271
|
+
properties: {
|
|
7272
|
+
containsLowercaseCharacter: {
|
|
7273
|
+
description: "The password must contain a lower case character.",
|
|
7274
|
+
type: "boolean",
|
|
7275
|
+
},
|
|
7276
|
+
containsNonAlphanumericCharacter: {
|
|
7277
|
+
description: "The password must contain a non alpha numeric character.",
|
|
7278
|
+
type: "boolean",
|
|
7279
|
+
},
|
|
7280
|
+
containsNumericCharacter: {
|
|
7281
|
+
description: "The password must contain a number.",
|
|
7282
|
+
type: "boolean",
|
|
7283
|
+
},
|
|
7284
|
+
containsUppercaseCharacter: {
|
|
7285
|
+
description: "The password must contain an upper case character.",
|
|
7286
|
+
type: "boolean",
|
|
7287
|
+
},
|
|
7288
|
+
maxPasswordLength: {
|
|
7289
|
+
description: "Maximum password length. No default max length",
|
|
7290
|
+
format: "int32",
|
|
7291
|
+
type: "integer",
|
|
7292
|
+
},
|
|
7293
|
+
minPasswordLength: {
|
|
7294
|
+
description: "Minimum password length. Range from 6 to 30",
|
|
7295
|
+
format: "int32",
|
|
7296
|
+
type: "integer",
|
|
7297
|
+
},
|
|
7298
|
+
},
|
|
7299
|
+
type: "object",
|
|
7300
|
+
},
|
|
6825
7301
|
GoogleCloudIdentitytoolkitV2FinalizeMfaEnrollmentRequest: {
|
|
6826
7302
|
description: "Finishes enrolling a second factor for the user.",
|
|
6827
7303
|
properties: {
|
|
@@ -6837,6 +7313,9 @@ exports.default = {
|
|
|
6837
7313
|
description: "The ID of the Identity Platform tenant that the user enrolling MFA belongs to. If not set, the user belongs to the default Identity Platform project.",
|
|
6838
7314
|
type: "string",
|
|
6839
7315
|
},
|
|
7316
|
+
totpVerificationInfo: {
|
|
7317
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitV2FinalizeMfaTotpEnrollmentRequestInfo",
|
|
7318
|
+
},
|
|
6840
7319
|
},
|
|
6841
7320
|
type: "object",
|
|
6842
7321
|
},
|
|
@@ -6851,6 +7330,9 @@ exports.default = {
|
|
|
6851
7330
|
description: "Refresh token updated to reflect MFA enrollment.",
|
|
6852
7331
|
type: "string",
|
|
6853
7332
|
},
|
|
7333
|
+
totpAuthInfo: {
|
|
7334
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitV2FinalizeMfaTotpEnrollmentResponseInfo",
|
|
7335
|
+
},
|
|
6854
7336
|
},
|
|
6855
7337
|
type: "object",
|
|
6856
7338
|
},
|
|
@@ -6892,6 +7374,10 @@ exports.default = {
|
|
|
6892
7374
|
GoogleCloudIdentitytoolkitV2FinalizeMfaSignInRequest: {
|
|
6893
7375
|
description: "Finalizes sign-in by verifying MFA challenge.",
|
|
6894
7376
|
properties: {
|
|
7377
|
+
mfaEnrollmentId: {
|
|
7378
|
+
description: "The MFA enrollment ID from the user's list of current MFA enrollments.",
|
|
7379
|
+
type: "string",
|
|
7380
|
+
},
|
|
6895
7381
|
mfaPendingCredential: {
|
|
6896
7382
|
description: "Required. Pending credential from first factor sign-in.",
|
|
6897
7383
|
type: "string",
|
|
@@ -6903,6 +7389,9 @@ exports.default = {
|
|
|
6903
7389
|
description: "The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.",
|
|
6904
7390
|
type: "string",
|
|
6905
7391
|
},
|
|
7392
|
+
totpVerificationInfo: {
|
|
7393
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitV2MfaTotpSignInRequestInfo",
|
|
7394
|
+
},
|
|
6906
7395
|
},
|
|
6907
7396
|
type: "object",
|
|
6908
7397
|
},
|
|
@@ -6920,6 +7409,129 @@ exports.default = {
|
|
|
6920
7409
|
},
|
|
6921
7410
|
type: "object",
|
|
6922
7411
|
},
|
|
7412
|
+
GoogleCloudIdentitytoolkitV2FinalizeMfaTotpEnrollmentRequestInfo: {
|
|
7413
|
+
description: "Mfa request info specific to TOTP auth for FinalizeMfa.",
|
|
7414
|
+
properties: {
|
|
7415
|
+
sessionInfo: {
|
|
7416
|
+
description: "An opaque string that represents the enrollment session.",
|
|
7417
|
+
type: "string",
|
|
7418
|
+
},
|
|
7419
|
+
verificationCode: { description: "User-entered verification code.", type: "string" },
|
|
7420
|
+
},
|
|
7421
|
+
type: "object",
|
|
7422
|
+
},
|
|
7423
|
+
GoogleCloudIdentitytoolkitV2FinalizeMfaTotpEnrollmentResponseInfo: {
|
|
7424
|
+
description: "Mfa response info specific to TOTP auth for FinalizeMfa.",
|
|
7425
|
+
properties: {},
|
|
7426
|
+
type: "object",
|
|
7427
|
+
},
|
|
7428
|
+
GoogleCloudIdentitytoolkitV2MfaTotpSignInRequestInfo: {
|
|
7429
|
+
description: "TOTP verification info for FinalizeMfaSignInRequest.",
|
|
7430
|
+
properties: {
|
|
7431
|
+
verificationCode: { description: "User-entered verification code.", type: "string" },
|
|
7432
|
+
},
|
|
7433
|
+
type: "object",
|
|
7434
|
+
},
|
|
7435
|
+
GoogleCloudIdentitytoolkitV2PasswordPolicy: {
|
|
7436
|
+
description: "Configuration for password policy.",
|
|
7437
|
+
properties: {
|
|
7438
|
+
allowedNonAlphanumericCharacters: {
|
|
7439
|
+
description: "Output only. Allowed characters which satisfy the non_alphanumeric requirement.",
|
|
7440
|
+
items: { type: "string" },
|
|
7441
|
+
readOnly: true,
|
|
7442
|
+
type: "array",
|
|
7443
|
+
},
|
|
7444
|
+
customStrengthOptions: {
|
|
7445
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitV2CustomStrengthOptions",
|
|
7446
|
+
},
|
|
7447
|
+
enforcementState: {
|
|
7448
|
+
description: "Output only. Which enforcement mode to use for the password policy.",
|
|
7449
|
+
enum: ["ENFORCEMENT_STATE_UNSPECIFIED", "OFF", "ENFORCE"],
|
|
7450
|
+
readOnly: true,
|
|
7451
|
+
type: "string",
|
|
7452
|
+
},
|
|
7453
|
+
forceUpgradeOnSignin: {
|
|
7454
|
+
description: "Users must have a password compliant with the password policy to sign-in.",
|
|
7455
|
+
type: "boolean",
|
|
7456
|
+
},
|
|
7457
|
+
schemaVersion: {
|
|
7458
|
+
description: "Output only. schema version number for the password policy",
|
|
7459
|
+
format: "int32",
|
|
7460
|
+
readOnly: true,
|
|
7461
|
+
type: "integer",
|
|
7462
|
+
},
|
|
7463
|
+
},
|
|
7464
|
+
type: "object",
|
|
7465
|
+
},
|
|
7466
|
+
GoogleCloudIdentitytoolkitV2RecaptchaConfig: {
|
|
7467
|
+
description: "Configuration for reCAPTCHA",
|
|
7468
|
+
properties: {
|
|
7469
|
+
recaptchaEnforcementState: {
|
|
7470
|
+
description: "The reCAPTCHA enforcement state for the providers that GCIP supports reCAPTCHA protection.",
|
|
7471
|
+
items: {
|
|
7472
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitV2RecaptchaEnforcementState",
|
|
7473
|
+
},
|
|
7474
|
+
type: "array",
|
|
7475
|
+
},
|
|
7476
|
+
recaptchaKey: {
|
|
7477
|
+
description: 'The reCAPTCHA Enterprise key resource name, e.g. "projects/{project}/keys/{key}". This will only be returned when the reCAPTCHA enforcement state is AUDIT or ENFORCE on at least one of the reCAPTCHA providers.',
|
|
7478
|
+
type: "string",
|
|
7479
|
+
},
|
|
7480
|
+
},
|
|
7481
|
+
type: "object",
|
|
7482
|
+
},
|
|
7483
|
+
GoogleCloudIdentitytoolkitV2RecaptchaEnforcementState: {
|
|
7484
|
+
description: "Enforcement states for reCAPTCHA protection.",
|
|
7485
|
+
properties: {
|
|
7486
|
+
enforcementState: {
|
|
7487
|
+
description: "The reCAPTCHA enforcement state for the provider.",
|
|
7488
|
+
enum: ["ENFORCEMENT_STATE_UNSPECIFIED", "OFF", "AUDIT", "ENFORCE"],
|
|
7489
|
+
type: "string",
|
|
7490
|
+
},
|
|
7491
|
+
provider: {
|
|
7492
|
+
description: "The provider that has reCAPTCHA protection.",
|
|
7493
|
+
enum: ["RECAPTCHA_PROVIDER_UNSPECIFIED", "EMAIL_PASSWORD_PROVIDER"],
|
|
7494
|
+
type: "string",
|
|
7495
|
+
},
|
|
7496
|
+
},
|
|
7497
|
+
type: "object",
|
|
7498
|
+
},
|
|
7499
|
+
GoogleCloudIdentitytoolkitV2RevokeTokenRequest: {
|
|
7500
|
+
description: "Request message for RevokeToken.",
|
|
7501
|
+
properties: {
|
|
7502
|
+
idToken: {
|
|
7503
|
+
description: "Required. A valid Identity Platform ID token to link the account. If there was a successful token revocation request on the account and no tokens are generated after the revocation, the duplicate requests will be ignored and returned immediately.",
|
|
7504
|
+
type: "string",
|
|
7505
|
+
},
|
|
7506
|
+
providerId: {
|
|
7507
|
+
description: 'Required. The idp provider for the token. Currently only supports Apple Idp. The format should be "apple.com".',
|
|
7508
|
+
type: "string",
|
|
7509
|
+
},
|
|
7510
|
+
redirectUri: {
|
|
7511
|
+
description: "The redirect URI provided in the initial authorization request made by the client to the IDP. The URI must use the HTTPS protocol, include a domain name, and can't contain an IP address or localhost. Required if token_type is CODE.",
|
|
7512
|
+
type: "string",
|
|
7513
|
+
},
|
|
7514
|
+
tenantId: {
|
|
7515
|
+
description: "The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.",
|
|
7516
|
+
type: "string",
|
|
7517
|
+
},
|
|
7518
|
+
token: {
|
|
7519
|
+
description: "Required. The token to be revoked. If an authorization_code is passed in, the API will first exchange the code for access token and then revoke the token exchanged.",
|
|
7520
|
+
type: "string",
|
|
7521
|
+
},
|
|
7522
|
+
tokenType: {
|
|
7523
|
+
description: "Required. The type of the token to be revoked.",
|
|
7524
|
+
enum: ["TOKEN_TYPE_UNSPECIFIED", "REFRESH_TOKEN", "ACCESS_TOKEN", "CODE"],
|
|
7525
|
+
type: "string",
|
|
7526
|
+
},
|
|
7527
|
+
},
|
|
7528
|
+
type: "object",
|
|
7529
|
+
},
|
|
7530
|
+
GoogleCloudIdentitytoolkitV2RevokeTokenResponse: {
|
|
7531
|
+
description: "Response message for RevokeToken. Empty for now.",
|
|
7532
|
+
properties: {},
|
|
7533
|
+
type: "object",
|
|
7534
|
+
},
|
|
6923
7535
|
GoogleCloudIdentitytoolkitV2StartMfaEnrollmentRequest: {
|
|
6924
7536
|
description: "Sends MFA enrollment verification SMS for a user.",
|
|
6925
7537
|
properties: {
|
|
@@ -6931,6 +7543,9 @@ exports.default = {
|
|
|
6931
7543
|
description: "The ID of the Identity Platform tenant that the user enrolling MFA belongs to. If not set, the user belongs to the default Identity Platform project.",
|
|
6932
7544
|
type: "string",
|
|
6933
7545
|
},
|
|
7546
|
+
totpEnrollmentInfo: {
|
|
7547
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitV2StartMfaTotpEnrollmentRequestInfo",
|
|
7548
|
+
},
|
|
6934
7549
|
},
|
|
6935
7550
|
type: "object",
|
|
6936
7551
|
},
|
|
@@ -6940,6 +7555,9 @@ exports.default = {
|
|
|
6940
7555
|
phoneSessionInfo: {
|
|
6941
7556
|
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitV2StartMfaPhoneResponseInfo",
|
|
6942
7557
|
},
|
|
7558
|
+
totpSessionInfo: {
|
|
7559
|
+
$ref: "#/components/schemas/GoogleCloudIdentitytoolkitV2StartMfaTotpEnrollmentResponseInfo",
|
|
7560
|
+
},
|
|
6943
7561
|
},
|
|
6944
7562
|
type: "object",
|
|
6945
7563
|
},
|
|
@@ -6961,6 +7579,10 @@ exports.default = {
|
|
|
6961
7579
|
description: "Required for enrollment. Phone number to be enrolled as MFA.",
|
|
6962
7580
|
type: "string",
|
|
6963
7581
|
},
|
|
7582
|
+
playIntegrityToken: {
|
|
7583
|
+
description: "Android only. Used to assert application identity in place of a recaptcha token (or safety net token). A Play Integrity Token can be generated via the [PlayIntegrity API] (https://developer.android.com/google/play/integrity) with applying SHA256 to the `phone_number` field as the nonce.",
|
|
7584
|
+
type: "string",
|
|
7585
|
+
},
|
|
6964
7586
|
recaptchaToken: { description: "Web only. Recaptcha solution.", type: "string" },
|
|
6965
7587
|
safetyNetToken: {
|
|
6966
7588
|
description: "Android only. Used to assert application identity in place of a recaptcha token. A SafetyNet Token can be generated via the [SafetyNet Android Attestation API](https://developer.android.com/training/safetynet/attestation.html), with the Base64 encoding of the `phone_number` field as the nonce.",
|
|
@@ -7009,6 +7631,44 @@ exports.default = {
|
|
|
7009
7631
|
},
|
|
7010
7632
|
type: "object",
|
|
7011
7633
|
},
|
|
7634
|
+
GoogleCloudIdentitytoolkitV2StartMfaTotpEnrollmentRequestInfo: {
|
|
7635
|
+
description: "Mfa request info specific to TOTP auth for StartMfa.",
|
|
7636
|
+
properties: {},
|
|
7637
|
+
type: "object",
|
|
7638
|
+
},
|
|
7639
|
+
GoogleCloudIdentitytoolkitV2StartMfaTotpEnrollmentResponseInfo: {
|
|
7640
|
+
description: "Mfa response info specific to TOTP auth for StartMfa.",
|
|
7641
|
+
properties: {
|
|
7642
|
+
finalizeEnrollmentTime: {
|
|
7643
|
+
description: "The time by which the enrollment must finish.",
|
|
7644
|
+
format: "google-datetime",
|
|
7645
|
+
type: "string",
|
|
7646
|
+
},
|
|
7647
|
+
hashingAlgorithm: {
|
|
7648
|
+
description: "The hashing algorithm used to generate the verification code.",
|
|
7649
|
+
type: "string",
|
|
7650
|
+
},
|
|
7651
|
+
periodSec: {
|
|
7652
|
+
description: "Duration in seconds at which the verification code will change.",
|
|
7653
|
+
format: "int32",
|
|
7654
|
+
type: "integer",
|
|
7655
|
+
},
|
|
7656
|
+
sessionInfo: {
|
|
7657
|
+
description: "An encoded string that represents the enrollment session.",
|
|
7658
|
+
type: "string",
|
|
7659
|
+
},
|
|
7660
|
+
sharedSecretKey: {
|
|
7661
|
+
description: "A base 32 encoded string that represents the shared TOTP secret. The base 32 encoding is the one specified by [RFC4648#section-6](https://datatracker.ietf.org/doc/html/rfc4648#section-6). (This is the same as the base 32 encoding from [RFC3548#section-5](https://datatracker.ietf.org/doc/html/rfc3548#section-5).)",
|
|
7662
|
+
type: "string",
|
|
7663
|
+
},
|
|
7664
|
+
verificationCodeLength: {
|
|
7665
|
+
description: "The length of the verification code that needs to be generated.",
|
|
7666
|
+
format: "int32",
|
|
7667
|
+
type: "integer",
|
|
7668
|
+
},
|
|
7669
|
+
},
|
|
7670
|
+
type: "object",
|
|
7671
|
+
},
|
|
7012
7672
|
GoogleCloudIdentitytoolkitV2WithdrawMfaRequest: {
|
|
7013
7673
|
description: "Withdraws MFA.",
|
|
7014
7674
|
properties: {
|
|
@@ -7191,6 +7851,7 @@ exports.default = {
|
|
|
7191
7851
|
GrantTokenRequest: {
|
|
7192
7852
|
properties: {
|
|
7193
7853
|
code: {
|
|
7854
|
+
deprecated: true,
|
|
7194
7855
|
description: "ID token to exchange for an access token and a refresh token. This field is called `code` to conform with the OAuth 2.0 specification. This field is deprecated and is ignored.",
|
|
7195
7856
|
type: "string",
|
|
7196
7857
|
},
|