Identity Provider API, gRPC: UserpoolService.Create
- gRPC request
- CreateUserpoolRequest
- UserSettings
- PasswordQualityPolicy
- RequiredClasses
- MinLengthByClassSettings
- Fixed
- Smart
- PasswordLifetimePolicy
- BruteforceProtectionPolicy
- operation.Operation
- CreateUserpoolMetadata
- Userpool
- UserSettings
- PasswordQualityPolicy
- RequiredClasses
- MinLengthByClassSettings
- Fixed
- Smart
- PasswordLifetimePolicy
- BruteforceProtectionPolicy
Creates a userpool in the specified organization.
gRPC request
rpc Create (CreateUserpoolRequest) returns (operation.Operation)
CreateUserpoolRequest
{
"organization_id": "string",
"name": "string",
"description": "string",
"labels": "map<string, string>",
"default_subdomain": "string",
"user_settings": {
"allow_edit_self_password": "bool",
"allow_edit_self_info": "bool",
"allow_edit_self_contacts": "bool",
"allow_edit_self_login": "bool"
},
"password_quality_policy": {
"allow_similar": "bool",
"max_length": "int64",
"min_length": "int64",
"match_length": "int64",
"required_classes": {
"lowers": "bool",
"uppers": "bool",
"digits": "bool",
"specials": "bool"
},
"min_length_by_class_settings": {
"one": "int64",
"two": "int64",
"three": "int64"
},
// Includes only one of the fields `fixed`, `smart`
"fixed": {
"lowers_required": "bool",
"uppers_required": "bool",
"digits_required": "bool",
"specials_required": "bool",
"min_length": "int64"
},
"smart": {
"one_class": "int64",
"two_classes": "int64",
"three_classes": "int64",
"four_classes": "int64"
}
// end of the list of possible fields
},
"password_lifetime_policy": {
"min_days_count": "int64",
"max_days_count": "int64"
},
"bruteforce_protection_policy": {
"window": "google.protobuf.Duration",
"block": "google.protobuf.Duration",
"attempts": "int64"
}
}
Request to create a userpool.
|
Field |
Description |
|
organization_id |
string Required field. ID of the organization to create a userpool in. The maximum string length in characters is 50. |
|
name |
string Required field. Name of the userpool. Value must match the regular expression |
|
description |
string Description of the userpool. The maximum string length in characters is 256. |
|
labels |
object (map<string, string>) Resource labels as key:value pairs. No more than 64 per resource. The maximum string length in characters for each value is 63. Each value must match the regular expression |
|
default_subdomain |
string Required field. Default subdomain for the userpool. The maximum string length in characters is 63. |
|
user_settings |
User settings for the userpool. |
|
password_quality_policy |
Password quality policy for the userpool. |
|
password_lifetime_policy |
Password lifetime policy for the userpool. |
|
bruteforce_protection_policy |
Bruteforce protection policy for the userpool. |
UserSettings
Settings that control user capabilities within a userpool.
|
Field |
Description |
|
allow_edit_self_password |
bool Whether users can change their own passwords. |
|
allow_edit_self_info |
bool Whether users can edit their own profile information. |
|
allow_edit_self_contacts |
bool Whether users can edit their own contact information. |
|
allow_edit_self_login |
bool Whether users can edit their own login information. |
PasswordQualityPolicy
Policy that defines password quality requirements.
|
Field |
Description |
|
allow_similar |
bool Whether passwords similar to previous ones are allowed. |
|
max_length |
int64 Maximum password length. Zero means no maximum length is enforced. The minimum value is 0. |
|
min_length |
int64 Minimum password length. The minimum value is 0. |
|
match_length |
int64 Minimum length of substrings to check for similarity to vulnerable sequences. The minimum value is 0. |
|
required_classes |
Character classes required in passwords. |
|
min_length_by_class_settings |
Minimum length requirements based on character class diversity. |
|
fixed |
Fixed complexity requirements. Exactly one of complexity requirements must be specified. Includes only one of the fields Defines password complexity policy. |
|
smart |
Smart complexity requirements. Exactly one of complexity requirements must be specified. Includes only one of the fields Defines password complexity policy. |
RequiredClasses
Character classes that can be required in passwords.
|
Field |
Description |
|
lowers |
bool Whether lowercase letters are required. |
|
uppers |
bool Whether uppercase letters are required. |
|
digits |
bool Whether digits are required. |
|
specials |
bool Whether special characters are required. |
MinLengthByClassSettings
Minimum password length requirements based on character class diversity.
|
Field |
Description |
|
one |
int64 Minimum length for passwords with one character class. The minimum value is 0. |
|
two |
int64 Minimum length for passwords with two character classes. The minimum value is 0. |
|
three |
int64 Minimum length for passwords with three character classes. The minimum value is 0. |
Fixed
Fixed complexity policy enforces uniform password rules with required character classes and minimum length.
|
Field |
Description |
|
lowers_required |
bool Whether lowercase letters are required in the password. |
|
uppers_required |
bool Whether uppercase letters are required in the password. |
|
digits_required |
bool Whether digits are required in the password. |
|
specials_required |
bool Whether special characters are required in the password. |
|
min_length |
int64 Minimum length required for all passwords. The minimum value is 0. |
Smart
Smart complexity policy applies adaptive requirements based on character class diversity.
Zero value means passwords with this number of classes are forbidden.
|
Field |
Description |
|
one_class |
int64 For passwords with one class of characters The minimum value is 0. |
|
two_classes |
int64 For passwords with two classes of characters The minimum value is 0. |
|
three_classes |
int64 For passwords with three classes of characters The minimum value is 0. |
|
four_classes |
int64 For passwords with all four classes of characters The minimum value is 0. |
PasswordLifetimePolicy
Policy that defines password lifetime requirements.
|
Field |
Description |
|
min_days_count |
int64 Minimum number of days before a password can be changed. The minimum value is 0. |
|
max_days_count |
int64 Maximum number of days a password remains valid. The minimum value is 0. |
BruteforceProtectionPolicy
Policy that defines protection against brute force attacks.
Zero or empty values disable bruteforce protection.
|
Field |
Description |
|
window |
Time window for counting failed authentication attempts. |
|
block |
Duration of the block after too many failed attempts. |
|
attempts |
int64 Number of failed attempts allowed within the window before blocking. Value must be greater than 0. |
operation.Operation
{
"id": "string",
"description": "string",
"created_at": "google.protobuf.Timestamp",
"created_by": "string",
"modified_at": "google.protobuf.Timestamp",
"done": "bool",
"metadata": {
"userpool_id": "string"
},
// Includes only one of the fields `error`, `response`
"error": "google.rpc.Status",
"response": {
"id": "string",
"organization_id": "string",
"name": "string",
"description": "string",
"labels": "map<string, string>",
"created_at": "google.protobuf.Timestamp",
"updated_at": "google.protobuf.Timestamp",
"domains": [
"string"
],
"status": "Status",
"user_settings": {
"allow_edit_self_password": "bool",
"allow_edit_self_info": "bool",
"allow_edit_self_contacts": "bool",
"allow_edit_self_login": "bool"
},
"password_quality_policy": {
"allow_similar": "bool",
"max_length": "int64",
"min_length": "int64",
"match_length": "int64",
"required_classes": {
"lowers": "bool",
"uppers": "bool",
"digits": "bool",
"specials": "bool"
},
"min_length_by_class_settings": {
"one": "int64",
"two": "int64",
"three": "int64"
},
// Includes only one of the fields `fixed`, `smart`
"fixed": {
"lowers_required": "bool",
"uppers_required": "bool",
"digits_required": "bool",
"specials_required": "bool",
"min_length": "int64"
},
"smart": {
"one_class": "int64",
"two_classes": "int64",
"three_classes": "int64",
"four_classes": "int64"
}
// end of the list of possible fields
},
"password_lifetime_policy": {
"min_days_count": "int64",
"max_days_count": "int64"
},
"bruteforce_protection_policy": {
"window": "google.protobuf.Duration",
"block": "google.protobuf.Duration",
"attempts": "int64"
}
}
// end of the list of possible fields
}
An Operation resource. For more information, see Operation.
|
Field |
Description |
|
id |
string ID of the operation. |
|
description |
string Description of the operation. 0-256 characters long. |
|
created_at |
Creation timestamp. |
|
created_by |
string ID of the user or service account who initiated the operation. |
|
modified_at |
The time when the Operation resource was last modified. |
|
done |
bool If the value is |
|
metadata |
Service-specific metadata associated with the operation. |
|
error |
The error result of the operation in case of failure or cancellation. Includes only one of the fields The operation result. |
|
response |
The normal response of the operation in case of success. Includes only one of the fields The operation result. |
CreateUserpoolMetadata
Metadata for the UserpoolService.Create operation.
|
Field |
Description |
|
userpool_id |
string ID of the userpool that is being created. |
Userpool
A userpool is a container for users in the Identity Provider system.
|
Field |
Description |
|
id |
string Unique identifier of the userpool. |
|
organization_id |
string ID of the organization this userpool belongs to. |
|
name |
string Name of the userpool. |
|
description |
string Description of the userpool. |
|
labels |
object (map<string, string>) Resource labels as key:value pairs. |
|
created_at |
Timestamp when the userpool was created. |
|
updated_at |
Timestamp when the userpool was last updated. |
|
domains[] |
string List of domains associated with this userpool. |
|
status |
enum Status Current status of the userpool.
|
|
user_settings |
User settings for this userpool. |
|
password_quality_policy |
Password quality policy for this userpool. |
|
password_lifetime_policy |
Password lifetime policy for this userpool. |
|
bruteforce_protection_policy |
Bruteforce protection policy for this userpool. |
UserSettings
Settings that control user capabilities within a userpool.
|
Field |
Description |
|
allow_edit_self_password |
bool Whether users can change their own passwords. |
|
allow_edit_self_info |
bool Whether users can edit their own profile information. |
|
allow_edit_self_contacts |
bool Whether users can edit their own contact information. |
|
allow_edit_self_login |
bool Whether users can edit their own login information. |
PasswordQualityPolicy
Policy that defines password quality requirements.
|
Field |
Description |
|
allow_similar |
bool Whether passwords similar to previous ones are allowed. |
|
max_length |
int64 Maximum password length. Zero means no maximum length is enforced. The minimum value is 0. |
|
min_length |
int64 Minimum password length. The minimum value is 0. |
|
match_length |
int64 Minimum length of substrings to check for similarity to vulnerable sequences. The minimum value is 0. |
|
required_classes |
Character classes required in passwords. |
|
min_length_by_class_settings |
Minimum length requirements based on character class diversity. |
|
fixed |
Fixed complexity requirements. Exactly one of complexity requirements must be specified. Includes only one of the fields Defines password complexity policy. |
|
smart |
Smart complexity requirements. Exactly one of complexity requirements must be specified. Includes only one of the fields Defines password complexity policy. |
RequiredClasses
Character classes that can be required in passwords.
|
Field |
Description |
|
lowers |
bool Whether lowercase letters are required. |
|
uppers |
bool Whether uppercase letters are required. |
|
digits |
bool Whether digits are required. |
|
specials |
bool Whether special characters are required. |
MinLengthByClassSettings
Minimum password length requirements based on character class diversity.
|
Field |
Description |
|
one |
int64 Minimum length for passwords with one character class. The minimum value is 0. |
|
two |
int64 Minimum length for passwords with two character classes. The minimum value is 0. |
|
three |
int64 Minimum length for passwords with three character classes. The minimum value is 0. |
Fixed
Fixed complexity policy enforces uniform password rules with required character classes and minimum length.
|
Field |
Description |
|
lowers_required |
bool Whether lowercase letters are required in the password. |
|
uppers_required |
bool Whether uppercase letters are required in the password. |
|
digits_required |
bool Whether digits are required in the password. |
|
specials_required |
bool Whether special characters are required in the password. |
|
min_length |
int64 Minimum length required for all passwords. The minimum value is 0. |
Smart
Smart complexity policy applies adaptive requirements based on character class diversity.
Zero value means passwords with this number of classes are forbidden.
|
Field |
Description |
|
one_class |
int64 For passwords with one class of characters The minimum value is 0. |
|
two_classes |
int64 For passwords with two classes of characters The minimum value is 0. |
|
three_classes |
int64 For passwords with three classes of characters The minimum value is 0. |
|
four_classes |
int64 For passwords with all four classes of characters The minimum value is 0. |
PasswordLifetimePolicy
Policy that defines password lifetime requirements.
|
Field |
Description |
|
min_days_count |
int64 Minimum number of days before a password can be changed. The minimum value is 0. |
|
max_days_count |
int64 Maximum number of days a password remains valid. The minimum value is 0. |
BruteforceProtectionPolicy
Policy that defines protection against brute force attacks.
Zero or empty values disable bruteforce protection.
|
Field |
Description |
|
window |
Time window for counting failed authentication attempts. |
|
block |
Duration of the block after too many failed attempts. |
|
attempts |
int64 Number of failed attempts allowed within the window before blocking. Value must be greater than 0. |