Identity and Access Management API, gRPC: SubjectDetailsService.Get
Returns the details of the specified subject.
gRPC request
rpc Get (GetSubjectRequest) returns (GetSubjectResponse)
GetSubjectRequest
{
"subject_id": "string",
"field_mask": "google.protobuf.FieldMask",
"resource_context": {
"id": "string",
"type": "string"
}
}
|
Field |
Description |
|
subject_id |
string Required field. ID of the subject to return. The maximum string length in characters is 100. |
|
field_mask |
A mask that specifies which fields of the subject to return. |
|
resource_context |
The resource to which the returned subject has access. Can only be an organization or a folder. |
Resource
A Resource. For more information, see Resource.
|
Field |
Description |
|
id |
string Required field. ID of the resource. The maximum string length in characters is 50. |
|
type |
string Required field. The type of the resource, e.g. resource-manager.folder, billing.account, compute.snapshot, etc. The maximum string length in characters is 64. |
GetSubjectResponse
{
"subject": {
"sub": "string",
"type": "SubjectType",
"created_at": "google.protobuf.Timestamp",
"status": "SubjectStatus",
"name": "string",
"last_authenticated_at": "google.protobuf.Timestamp",
"groups": [
{
"id": "string",
"name": "string",
"type": "GroupType"
}
],
// Includes only one of the fields `user_account`, `service_account`, `group`, `invitee`
"user_account": {
"given_name": "string",
"family_name": "string",
"preferred_username": "string",
"email": "string",
"phone_number": "string",
"subject_container": {
"id": "string",
"name": "string",
"container_type": "ContainerType"
},
"last_id_proof_at": "google.protobuf.Timestamp",
"suspend_reason": "string",
"job_info": {
"company_name": "string",
"department": "string",
"job_title": "string",
"employee_id": "string"
},
"expires_at": "google.protobuf.Timestamp",
"modified_at": "google.protobuf.Timestamp"
},
"service_account": {
"cloud": {
"id": "string",
"name": "string"
},
"folder": {
"id": "string",
"name": "string"
},
"service_agent": {
"service_id": "string",
"microservice_id": "string"
}
},
"group": {
"id": "string",
"name": "string",
"type": "GroupType"
},
"invitee": {
"email": "string",
"preferred_username": "string"
},
// end of the list of possible fields
"external_id": "string"
}
}
|
Field |
Description |
|
subject |
The requested subject. |
Subject
|
Field |
Description |
|
sub |
string Required field. Subject - Identifier for the End-User at the Issuer. The maximum string length in characters is 100. |
|
type |
enum SubjectType Required field. Subject type.
|
|
created_at |
Creation time |
|
status |
enum SubjectStatus Status
|
|
name |
string End-User's full name in displayable form including all name parts, possibly including titles and suffixes, ordered according to the End-User's locale and preferences. |
|
last_authenticated_at |
Last time the access token was created. Filled only for federated users (not for global users). |
|
groups[] |
Groups to which the subject belongs |
|
user_account |
Details of a user account subject. Set when the subject is a user account. Includes only one of the fields Subject type-specific details. |
|
service_account |
Details of a service account subject. Set when the subject is a service account. Includes only one of the fields Subject type-specific details. |
|
group |
Details of a group subject. Set when the subject is a group. Includes only one of the fields Subject type-specific details. |
|
invitee |
Details of an invitee subject. Set when the subject is an invitee. Includes only one of the fields Subject type-specific details. |
|
external_id |
string Subject id in external container |
Group
|
Field |
Description |
|
id |
string ID of the group. |
|
name |
string Name of the group. |
|
type |
enum GroupType Type of the group.
|
UserAccount
|
Field |
Description |
|
given_name |
string Given name(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters. |
|
family_name |
string Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters. |
|
preferred_username |
string Shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe. |
|
|
string End-User's preferred e-mail address. Its value MUST conform to the RFC 5322 [RFC5322] addr-spec syntax. |
|
phone_number |
string End-User's preferred phone number. |
|
subject_container |
Subject container |
|
last_id_proof_at |
Last time when subject identification was proofed. |
|
suspend_reason |
string Reason of subject's suspension |
|
job_info |
Information about job |
|
expires_at |
The subject will be suspended at the specified time |
|
modified_at |
Last time when the user account attributes were modified |
SubjectContainer
|
Field |
Description |
|
id |
string ID of the subject container. |
|
name |
string Name of the subject container. |
|
container_type |
enum ContainerType Type of the subject container.
|
JobInfo
|
Field |
Description |
|
company_name |
string Name of the company the user works for. |
|
department |
string Department the user belongs to. |
|
job_title |
string Job title of the user. |
|
employee_id |
string Employee identifier of the user. |
ServiceAccount
|
Field |
Description |
|
cloud |
Cloud the service account belongs to. |
|
folder |
Folder the service account belongs to. |
|
service_agent |
Service agent details. Set when the service account is a service agent. |
Cloud
|
Field |
Description |
|
id |
string ID of the cloud. |
|
name |
string Name of the cloud. |
Folder
|
Field |
Description |
|
id |
string ID of the folder. |
|
name |
string Name of the folder. |
ServiceAgent
|
Field |
Description |
|
service_id |
string ID of the service the service agent acts on behalf of. |
|
microservice_id |
string ID of the microservice the service agent acts on behalf of. |
Invitee
|
Field |
Description |
|
|
string E-mail address of the invitee. |
|
preferred_username |
string Preferred username of the invitee. |