Reference documentation and code samples for the Google Auth Library Client class Iam.
Tools for using the IAM API.
Namespace
Google \ AuthMethods
__construct
httpHandler
callable|null
[optional] The HTTP Handler to send requests.
universeDomain
string
signBlob
Sign a string using the IAM signBlob API.
Note that signing using IAM requires your service account to have the iam.serviceAccounts.signBlob
permission, part of the "Service Account
Token Creator" IAM role.
email
string
The service account email.
accessToken
string
An access token from the service account.
stringToSign
string
The string to be signed.
delegates
string[]
[optional] A list of service account emails to
add to the delegate chain. If omitted, the value of $email
will
be used.
string
generateIdToken
Sign a string using the IAM signBlob API.
Note that signing using IAM requires your service account to have the iam.serviceAccounts.signBlob
permission, part of the "Service Account
Token Creator" IAM role.
clientEmail
string
The service account email.
targetAudience
string
The audience for the ID token.
bearerToken
string
The token to authenticate the IAM request.
headers
array
[optional] Additional headers to send with the request.
string
Constants
IAM_API_ROOT
Value: 'https://iamcredentials.googleapis.com/v1'
SIGN_BLOB_PATH
Value: '%s:signBlob?alt=json'
SERVICE_ACCOUNT_NAME
Value: 'projects/-/serviceAccounts/%s'
