Reference documentation and code samples for the Google Auth Library Client class Iam.
Tools for using the IAM API.
Namespace
Google \ Auth
Methods
__construct
Parameters
Name
Description
httpHandler
callable|null
[optional] The HTTP Handler to send requests.
universeDomain
string
signBlob
Sign a string using the IAM signBlob API.
Note that signing using IAM requires your service account to have theiam.serviceAccounts.signBlobpermission, part of the "Service Account
Token Creator" IAM role.
Parameters
Name
Description
email
string
The service account email.
accessToken
string
An access token from the service account.
stringToSign
string
The string to be signed.
delegates
string[]
[optional] A list of service account emails to
add to the delegate chain. If omitted, the value of$emailwill
be used.
Returns
Type
Description
string
The signed string, base64-encoded.
generateIdToken
Sign a string using the IAM signBlob API.
Note that signing using IAM requires your service account to have theiam.serviceAccounts.signBlobpermission, part of the "Service Account
Token Creator" IAM role.
Parameters
Name
Description
clientEmail
string
The service account email.
targetAudience
string
The audience for the ID token.
bearerToken
string
The token to authenticate the IAM request.
headers
array
[optional] Additional headers to send with the request.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Google Auth Library Client - Class Iam (1.47.1)\n\nVersion latestkeyboard_arrow_down\n\n- [1.47.1 (latest)](/php/docs/reference/auth/latest/Iam)\n- [1.47.0](/php/docs/reference/auth/1.47.0/Iam)\n- [1.46.0](/php/docs/reference/auth/1.46.0/Iam)\n- [1.45.2](/php/docs/reference/auth/1.45.2/Iam) \nReference documentation and code samples for the Google Auth Library Client class Iam.\n\nTools for using the IAM API.\n\nNamespace\n---------\n\nGoogle \\\\ Auth\n\nMethods\n-------\n\n### __construct\n\n### signBlob\n\nSign a string using the IAM signBlob API.\n\nNote that signing using IAM requires your service account to have the\n`iam.serviceAccounts.signBlob` permission, part of the \"Service Account\nToken Creator\" IAM role.\n\n### generateIdToken\n\nSign a string using the IAM signBlob API.\n\nNote that signing using IAM requires your service account to have the\n`iam.serviceAccounts.signBlob` permission, part of the \"Service Account\nToken Creator\" IAM role.\n\nConstants\n---------\n\n### IAM_API_ROOT\n\n Value: 'https://iamcredentials.googleapis.com/v1'\n\n### SIGN_BLOB_PATH\n\n Value: '%s:signBlob?alt=json'\n\n### SERVICE_ACCOUNT_NAME\n\n Value: 'projects/-/serviceAccounts/%s'"]]
