You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
<pclass="firstline">Search transitive groups of a member. **Note:** This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. If the account of the member is not one of these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. A transitive group is any group that has a direct or indirect membership to the member. Actor must have view permissions all transitive groups.</p>
@@ -153,6 +159,7 @@ <h3>Method Details</h3>
153
159
154
160
{ # A membership within the Cloud Identity Groups API. A `Membership` defines a relationship between a `Group` and an entity belonging to that `Group`, referred to as a "member".
155
161
"createTime": "A String", # Output only. The time when the `Membership` was created.
162
+
"deliverySetting": "A String", # Output only. Delivery setting associated with the membership.
156
163
"name": "A String", # Output only. The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Membership`. Shall be of the form `groups/{group}/memberships/{membership}`.
157
164
"preferredMemberKey": { # A unique identifier for an entity in the Cloud Identity Groups API. An entity can represent either a group with an optional `namespace` or a user without a `namespace`. The combination of `id` and `namespace` must be unique; however, the same `id` can be used with different `namespace`s. # Required. Immutable. The `EntityKey` of the member.
158
165
"id": "A String", # The ID of the entity. For Google-managed entities, the `id` should be the email address of an existing group or user. For external-identity-mapped entities, the `id` must be a string conforming to the Identity Source's requirements. Must be unique within a `namespace`.
@@ -255,6 +262,7 @@ <h3>Method Details</h3>
255
262
256
263
{ # A membership within the Cloud Identity Groups API. A `Membership` defines a relationship between a `Group` and an entity belonging to that `Group`, referred to as a "member".
257
264
"createTime": "A String", # Output only. The time when the `Membership` was created.
265
+
"deliverySetting": "A String", # Output only. Delivery setting associated with the membership.
258
266
"name": "A String", # Output only. The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Membership`. Shall be of the form `groups/{group}/memberships/{membership}`.
259
267
"preferredMemberKey": { # A unique identifier for an entity in the Cloud Identity Groups API. An entity can represent either a group with an optional `namespace` or a user without a `namespace`. The combination of `id` and `namespace` must be unique; however, the same `id` can be used with different `namespace`s. # Required. Immutable. The `EntityKey` of the member.
260
268
"id": "A String", # The ID of the entity. For Google-managed entities, the `id` should be the email address of an existing group or user. For external-identity-mapped entities, the `id` must be a string conforming to the Identity Source's requirements. Must be unique within a `namespace`.
@@ -339,6 +347,7 @@ <h3>Method Details</h3>
339
347
"memberships": [ # The `Membership`s under the specified `parent`.
340
348
{ # A membership within the Cloud Identity Groups API. A `Membership` defines a relationship between a `Group` and an entity belonging to that `Group`, referred to as a "member".
341
349
"createTime": "A String", # Output only. The time when the `Membership` was created.
350
+
"deliverySetting": "A String", # Output only. Delivery setting associated with the membership.
342
351
"name": "A String", # Output only. The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Membership`. Shall be of the form `groups/{group}/memberships/{membership}`.
343
352
"preferredMemberKey": { # A unique identifier for an entity in the Cloud Identity Groups API. An entity can represent either a group with an optional `namespace` or a user without a `namespace`. The combination of `id` and `namespace` must be unique; however, the same `id` can be used with different `namespace`s. # Required. Immutable. The `EntityKey` of the member.
344
353
"id": "A String", # The ID of the entity. For Google-managed entities, the `id` should be the email address of an existing group or user. For external-identity-mapped entities, the `id` must be a string conforming to the Identity Source's requirements. Must be unique within a `namespace`.
@@ -455,6 +464,7 @@ <h3>Method Details</h3>
455
464
{ # The response message for MembershipsService.ModifyMembershipRoles.
456
465
"membership": { # A membership within the Cloud Identity Groups API. A `Membership` defines a relationship between a `Group` and an entity belonging to that `Group`, referred to as a "member". # The `Membership` resource after modifying its `MembershipRole`s.
457
466
"createTime": "A String", # Output only. The time when the `Membership` was created.
467
+
"deliverySetting": "A String", # Output only. Delivery setting associated with the membership.
458
468
"name": "A String", # Output only. The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Membership`. Shall be of the form `groups/{group}/memberships/{membership}`.
459
469
"preferredMemberKey": { # A unique identifier for an entity in the Cloud Identity Groups API. An entity can represent either a group with an optional `namespace` or a user without a `namespace`. The combination of `id` and `namespace` must be unique; however, the same `id` can be used with different `namespace`s. # Required. Immutable. The `EntityKey` of the member.
460
470
"id": "A String", # The ID of the entity. For Google-managed entities, the `id` should be the email address of an existing group or user. For external-identity-mapped entities, the `id` must be a string conforming to the Identity Source's requirements. Must be unique within a `namespace`.
parent: string, [Resource name](https://cloud.google.com/apis/design/resource_names) of the group to search transitive memberships in. Format: groups/{group_id}, where group_id is always '-' as this API will search across all groups for a given member. (required)
498
+
orderBy: string, The ordering of membership relation for the display name or email in the response. The syntax for this field can be found at https://cloud.google.com/apis/design/design_patterns#sorting_order. Example: Sort by the ascending display name: order_by="group_name" or order_by="group_name asc". Sort by the descending display name: order_by="group_name desc". Sort by the ascending group key: order_by="group_key" or order_by="group_key asc". Sort by the descending group key: order_by="group_key desc".
499
+
pageSize: integer, The default page size is 200 (max 1000).
500
+
pageToken: string, The next_page_token value returned from a previous list request, if any
501
+
query: string, Required. A CEL expression that MUST include member specification AND label(s). Users can search on label attributes of groups. CONTAINS match ('in') is supported on labels. Identity-mapped groups are uniquely identified by both a `member_key_id` and a `member_key_namespace`, which requires an additional query input: `member_key_namespace`. Example query: `member_key_id == 'member_key_id_value' && 'label_value' in labels`
502
+
x__xgafv: string, V1 error format.
503
+
Allowed values
504
+
1 - v1 error format
505
+
2 - v2 error format
506
+
507
+
Returns:
508
+
An object of the form:
509
+
510
+
{ # The response message for MembershipsService.SearchDirectGroups.
511
+
"memberships": [ # List of direct groups satisfying the query.
512
+
{ # Message containing membership relation.
513
+
"description": "A String", # An extended description to help users determine the purpose of a `Group`.
514
+
"displayName": "A String", # The display name of the `Group`.
515
+
"group": "A String", # The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Group`. Shall be of the form `groups/{group_id}`.
516
+
"groupKey": { # A unique identifier for an entity in the Cloud Identity Groups API. An entity can represent either a group with an optional `namespace` or a user without a `namespace`. The combination of `id` and `namespace` must be unique; however, the same `id` can be used with different `namespace`s. # The `EntityKey` of the `Group`.
517
+
"id": "A String", # The ID of the entity. For Google-managed entities, the `id` should be the email address of an existing group or user. For external-identity-mapped entities, the `id` must be a string conforming to the Identity Source's requirements. Must be unique within a `namespace`.
518
+
"namespace": "A String", # The namespace in which the entity exists. If not specified, the `EntityKey` represents a Google-managed entity such as a Google user or a Google Group. If specified, the `EntityKey` represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source}`.
519
+
},
520
+
"labels": { # One or more label entries that apply to the Group. Currently supported labels contain a key with an empty value.
521
+
"a_key": "A String",
522
+
},
523
+
"membership": "A String", # The [resource name](https://cloud.google.com/apis/design/resource_names) of the `Membership`. Shall be of the form `groups/{group_id}/memberships/{membership_id}`.
524
+
"roles": [ # The `MembershipRole`s that apply to the `Membership`.
525
+
{ # A membership role within the Cloud Identity Groups API. A `MembershipRole` defines the privileges granted to a `Membership`.
526
+
"expiryDetail": { # The `MembershipRole` expiry details. # The expiry details of the `MembershipRole`. Expiry details are only supported for `MEMBER` `MembershipRoles`. May be set if `name` is `MEMBER`. Must not be set if `name` is any other value.
527
+
"expireTime": "A String", # The time at which the `MembershipRole` will expire.
528
+
},
529
+
"name": "A String", # The name of the `MembershipRole`. Must be one of `OWNER`, `MANAGER`, `MEMBER`.
530
+
"restrictionEvaluations": { # Evaluations of restrictions applied to parent group on this membership. # Evaluations of restrictions applied to parent group on this membership.
531
+
"memberRestrictionEvaluation": { # The evaluated state of this restriction. # Evaluation of the member restriction applied to this membership. Empty if the user lacks permission to view the restriction evaluation.
532
+
"state": "A String", # Output only. The current state of the restriction
533
+
},
534
+
},
535
+
},
536
+
],
537
+
},
538
+
],
539
+
"nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results available for listing.
<pre>Search transitive groups of a member. **Note:** This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. If the account of the member is not one of these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. A transitive group is any group that has a direct or indirect membership to the member. Actor must have view permissions all transitive groups.
0 commit comments