Stay organized with collectionsSave and categorize content based on your preferences.
Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
HTTP request
POST https://earthengine.googleapis.com/v1/{resource=projects/*/assets/**}:testIamPermissions
REQUIRED: The resource for which the policy detail is being requested. SeeResource namesfor the appropriate value for this field.
Request body
The request body contains data with the following structure:
JSON representation
{"permissions":[string]}
Fields
permissions[]
string
The set of permissions to check for theresource. Permissions with wildcards (such as*orstorage.*) are not allowed. For more information seeIAM Overview.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-06 UTC."],[[["\u003cp\u003eReturns caller permissions for a specified Earth Engine resource, even if the resource doesn't exist, providing an empty set instead of an error.\u003c/p\u003e\n"],["\u003cp\u003ePrimarily designed for building permission-aware user interfaces and command-line tools, not for strict authorization checks.\u003c/p\u003e\n"],["\u003cp\u003eAccepts a list of specific permissions to check against the resource, using a POST request to a defined endpoint.\u003c/p\u003e\n"],["\u003cp\u003eRequires specific OAuth scopes for authentication, like \u003ccode\u003ehttps://www.googleapis.com/auth/earthengine\u003c/code\u003e or \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-platform\u003c/code\u003e.\u003c/p\u003e\n"]]],["This endpoint, using a POST request to the specified URL, retrieves a caller's permissions for a given resource. It requires the resource path as a parameter and a JSON request body with a list of permissions to check. Wildcard permissions are not permitted. The response indicates the permissions held, returning an empty set if the resource doesn't exist. This is designed for UI/tool development, not for authorization checks, and can \"fail open.\" OAuth scopes are required for authorization.\n"],null,["# Method: projects.assets.testIamPermissions\n\nReturns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.\n\nNote: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.\n\n### HTTP request\n\n`POST https://earthengine.googleapis.com/v1/{resource=projects/*/assets/**}:testIamPermissions`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n| Parameters ||\n|------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `resource` | `string` REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field. |\n\n### Request body\n\nThe request body contains data with the following structure:\n\n| JSON representation |\n|---------------------------------------|\n| ``` { \"permissions\": [ string ] } ``` |\n\n| Fields ||\n|-----------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `permissions[]` | `string` The set of permissions to check for the `resource`. Permissions with wildcards (such as `*` or `storage.*`) are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). |\n\n### Response body\n\nIf successful, the response body contains an instance of [TestIamPermissionsResponse](/earth-engine/reference/rest/Shared.Types/TestIamPermissionsResponse).\n\n### Authorization scopes\n\nRequires one of the following OAuth scopes:\n\n- `https://www.googleapis.com/auth/earthengine`\n- `\n https://www.googleapis.com/auth/earthengine.readonly`\n- `\n https://www.googleapis.com/auth/cloud-platform`\n- `\n https://www.googleapis.com/auth/cloud-platform.read-only`\n\nFor more information, see the [OAuth 2.0 Overview](/identity/protocols/OAuth2)."]]
