{"openapi":"3.0.0","servers":[{"url":"https://oslogin.googleapis.com/"}],"info":{"contact":{"name":"Google","url":"https://google.com","x-twitter":"youtube"},"description":"You can use OS Login to manage access to your VM instances using IAM roles.","license":{"name":"Creative Commons Attribution 3.0","url":"http://creativecommons.org/licenses/by/3.0/"},"termsOfService":"https://developers.google.com/terms/","title":"Cloud OS Login API","version":"v1beta","x-apiClientRegistration":{"url":"https://console.developers.google.com"},"x-apisguru-categories":["analytics","media"],"x-logo":{"url":"https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png"},"x-origin":[{"format":"google","url":"https://oslogin.googleapis.com/$discovery/rest?version=v1beta","version":"v1"}],"x-preferred":true,"x-providerName":"googleapis.com","x-serviceName":"oslogin"},"externalDocs":{"url":"https://cloud.google.com/compute/docs/oslogin/"},"tags":[{"name":"users"}],"paths":{"/v1beta/{name}":{"delete":{"description":"Deletes an SSH public key.","operationId":"oslogin.users.sshPublicKeys.delete","parameters":[{"description":"Required. The fingerprint of the public key to update. Public keys are identified by their SHA-256 fingerprint. The fingerprint of the public key is in format `users/{user}/sshPublicKeys/{fingerprint}`.","in":"path","name":"name","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Empty"}}},"description":"Successful response"}},"security":[{"Oauth2":["https://www.googleapis.com/auth/cloud-platform"],"Oauth2c":["https://www.googleapis.com/auth/cloud-platform"]},{"Oauth2":["https://www.googleapis.com/auth/compute"],"Oauth2c":["https://www.googleapis.com/auth/compute"]}],"tags":["users"]},"get":{"description":"Retrieves an SSH public key.","operationId":"oslogin.users.sshPublicKeys.get","parameters":[{"description":"Required. The fingerprint of the public key to retrieve. Public keys are identified by their SHA-256 fingerprint. The fingerprint of the public key is in format `users/{user}/sshPublicKeys/{fingerprint}`.","in":"path","name":"name","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SshPublicKey"}}},"description":"Successful response"}},"security":[{"Oauth2":["https://www.googleapis.com/auth/cloud-platform"],"Oauth2c":["https://www.googleapis.com/auth/cloud-platform"]},{"Oauth2":["https://www.googleapis.com/auth/compute"],"Oauth2c":["https://www.googleapis.com/auth/compute"]}],"tags":["users"]},"parameters":[{"$ref":"#/components/parameters/_.xgafv"},{"$ref":"#/components/parameters/access_token"},{"$ref":"#/components/parameters/alt"},{"$ref":"#/components/parameters/callback"},{"$ref":"#/components/parameters/fields"},{"$ref":"#/components/parameters/key"},{"$ref":"#/components/parameters/oauth_token"},{"$ref":"#/components/parameters/prettyPrint"},{"$ref":"#/components/parameters/quotaUser"},{"$ref":"#/components/parameters/upload_protocol"},{"$ref":"#/components/parameters/uploadType"}],"patch":{"description":"Updates an SSH public key and returns the profile information. This method supports patch semantics.","operationId":"oslogin.users.sshPublicKeys.patch","parameters":[{"description":"Required. The fingerprint of the public key to update. Public keys are identified by their SHA-256 fingerprint. The fingerprint of the public key is in format `users/{user}/sshPublicKeys/{fingerprint}`.","in":"path","name":"name","required":true,"schema":{"type":"string"}},{"description":"Mask to control which fields get updated. Updates all if not present.","in":"query","name":"updateMask","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SshPublicKey"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SshPublicKey"}}},"description":"Successful response"}},"security":[{"Oauth2":["https://www.googleapis.com/auth/cloud-platform"],"Oauth2c":["https://www.googleapis.com/auth/cloud-platform"]},{"Oauth2":["https://www.googleapis.com/auth/compute"],"Oauth2c":["https://www.googleapis.com/auth/compute"]}],"tags":["users"]}},"/v1beta/{name}/loginProfile":{"get":{"description":"Retrieves the profile information used for logging in to a virtual machine on Google Compute Engine.","operationId":"oslogin.users.getLoginProfile","parameters":[{"description":"Required. The unique ID for the user in format `users/{user}`.","in":"path","name":"name","required":true,"schema":{"type":"string"}},{"description":"The project ID of the Google Cloud Platform project.","in":"query","name":"projectId","schema":{"type":"string"}},{"description":"A system ID for filtering the results of the request.","in":"query","name":"systemId","schema":{"type":"string"}},{"description":"The view configures whether to retrieve security keys information.","in":"query","name":"view","schema":{"enum":["LOGIN_PROFILE_VIEW_UNSPECIFIED","BASIC","SECURITY_KEY"],"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/LoginProfile"}}},"description":"Successful response"}},"security":[{"Oauth2":["https://www.googleapis.com/auth/cloud-platform"],"Oauth2c":["https://www.googleapis.com/auth/cloud-platform"]},{"Oauth2":["https://www.googleapis.com/auth/cloud-platform.read-only"],"Oauth2c":["https://www.googleapis.com/auth/cloud-platform.read-only"]},{"Oauth2":["https://www.googleapis.com/auth/compute"],"Oauth2c":["https://www.googleapis.com/auth/compute"]},{"Oauth2":["https://www.googleapis.com/auth/compute.readonly"],"Oauth2c":["https://www.googleapis.com/auth/compute.readonly"]}],"tags":["users"]},"parameters":[{"$ref":"#/components/parameters/_.xgafv"},{"$ref":"#/components/parameters/access_token"},{"$ref":"#/components/parameters/alt"},{"$ref":"#/components/parameters/callback"},{"$ref":"#/components/parameters/fields"},{"$ref":"#/components/parameters/key"},{"$ref":"#/components/parameters/oauth_token"},{"$ref":"#/components/parameters/prettyPrint"},{"$ref":"#/components/parameters/quotaUser"},{"$ref":"#/components/parameters/upload_protocol"},{"$ref":"#/components/parameters/uploadType"}]},"/v1beta/{parent}/sshPublicKeys":{"parameters":[{"$ref":"#/components/parameters/_.xgafv"},{"$ref":"#/components/parameters/access_token"},{"$ref":"#/components/parameters/alt"},{"$ref":"#/components/parameters/callback"},{"$ref":"#/components/parameters/fields"},{"$ref":"#/components/parameters/key"},{"$ref":"#/components/parameters/oauth_token"},{"$ref":"#/components/parameters/prettyPrint"},{"$ref":"#/components/parameters/quotaUser"},{"$ref":"#/components/parameters/upload_protocol"},{"$ref":"#/components/parameters/uploadType"}],"post":{"description":"Create an SSH public key","operationId":"oslogin.users.sshPublicKeys.create","parameters":[{"description":"Required. The unique ID for the user in format `users/{user}`.","in":"path","name":"parent","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SshPublicKey"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SshPublicKey"}}},"description":"Successful response"}},"security":[{"Oauth2":["https://www.googleapis.com/auth/cloud-platform"],"Oauth2c":["https://www.googleapis.com/auth/cloud-platform"]},{"Oauth2":["https://www.googleapis.com/auth/compute"],"Oauth2c":["https://www.googleapis.com/auth/compute"]}],"tags":["users"]}},"/v1beta/{parent}:importSshPublicKey":{"parameters":[{"$ref":"#/components/parameters/_.xgafv"},{"$ref":"#/components/parameters/access_token"},{"$ref":"#/components/parameters/alt"},{"$ref":"#/components/parameters/callback"},{"$ref":"#/components/parameters/fields"},{"$ref":"#/components/parameters/key"},{"$ref":"#/components/parameters/oauth_token"},{"$ref":"#/components/parameters/prettyPrint"},{"$ref":"#/components/parameters/quotaUser"},{"$ref":"#/components/parameters/upload_protocol"},{"$ref":"#/components/parameters/uploadType"}],"post":{"description":"Adds an SSH public key and returns the profile information. Default POSIX account information is set when no username and UID exist as part of the login profile.","operationId":"oslogin.users.importSshPublicKey","parameters":[{"description":"The unique ID for the user in format `users/{user}`.","in":"path","name":"parent","required":true,"schema":{"type":"string"}},{"description":"The project ID of the Google Cloud Platform project.","in":"query","name":"projectId","schema":{"type":"string"}},{"description":"Optional. The regions to which to assert that the key was written. If unspecified, defaults to all regions. Regions are listed at https://cloud.google.com/about/locations#region.","explode":true,"in":"query","name":"regions","schema":{"items":{"type":"string"},"type":"array"},"style":"form"},{"description":"The view configures whether to retrieve security keys information.","in":"query","name":"view","schema":{"enum":["LOGIN_PROFILE_VIEW_UNSPECIFIED","BASIC","SECURITY_KEY"],"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SshPublicKey"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ImportSshPublicKeyResponse"}}},"description":"Successful response"}},"security":[{"Oauth2":["https://www.googleapis.com/auth/cloud-platform"],"Oauth2c":["https://www.googleapis.com/auth/cloud-platform"]},{"Oauth2":["https://www.googleapis.com/auth/compute"],"Oauth2c":["https://www.googleapis.com/auth/compute"]}],"tags":["users"]}},"/v1beta/{parent}:signSshPublicKey":{"parameters":[{"$ref":"#/components/parameters/_.xgafv"},{"$ref":"#/components/parameters/access_token"},{"$ref":"#/components/parameters/alt"},{"$ref":"#/components/parameters/callback"},{"$ref":"#/components/parameters/fields"},{"$ref":"#/components/parameters/key"},{"$ref":"#/components/parameters/oauth_token"},{"$ref":"#/components/parameters/prettyPrint"},{"$ref":"#/components/parameters/quotaUser"},{"$ref":"#/components/parameters/upload_protocol"},{"$ref":"#/components/parameters/uploadType"}],"post":{"description":"Signs an SSH public key for a user to authenticate to an instance.","operationId":"oslogin.users.projects.zones.signSshPublicKey","parameters":[{"description":"The parent project and zone for the signing request. This is needed to properly ensure per-organization ISS processing and potentially to provide for the possibility of zone-specific certificates used in the signing process.","in":"path","name":"parent","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SignSshPublicKeyRequest"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SignSshPublicKeyResponse"}}},"description":"Successful response"}},"security":[{"Oauth2":["https://www.googleapis.com/auth/cloud-platform"],"Oauth2c":["https://www.googleapis.com/auth/cloud-platform"]},{"Oauth2":["https://www.googleapis.com/auth/compute"],"Oauth2c":["https://www.googleapis.com/auth/compute"]}],"tags":["users"]}}},"components":{"parameters":{"_.xgafv":{"description":"V1 error format.","in":"query","name":"$.xgafv","schema":{"enum":["1","2"],"type":"string"}},"access_token":{"description":"OAuth access token.","in":"query","name":"access_token","schema":{"type":"string"}},"alt":{"description":"Data format for response.","in":"query","name":"alt","schema":{"enum":["json","media","proto"],"type":"string"}},"callback":{"description":"JSONP","in":"query","name":"callback","schema":{"type":"string"}},"fields":{"description":"Selector specifying which fields to include in a partial response.","in":"query","name":"fields","schema":{"type":"string"}},"key":{"description":"API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.","in":"query","name":"key","schema":{"type":"string"}},"oauth_token":{"description":"OAuth 2.0 token for the current user.","in":"query","name":"oauth_token","schema":{"type":"string"}},"prettyPrint":{"description":"Returns response with indentations and line breaks.","in":"query","name":"prettyPrint","schema":{"type":"boolean"}},"quotaUser":{"description":"Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.","in":"query","name":"quotaUser","schema":{"type":"string"}},"uploadType":{"description":"Legacy upload protocol for media (e.g. \"media\", \"multipart\").","in":"query","name":"uploadType","schema":{"type":"string"}},"upload_protocol":{"description":"Upload protocol for media (e.g. \"raw\", \"multipart\").","in":"query","name":"upload_protocol","schema":{"type":"string"}}},"schemas":{"Empty":{"description":"A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }","properties":{},"type":"object"},"ImportSshPublicKeyResponse":{"description":"A response message for importing an SSH public key.","properties":{"details":{"description":"Detailed information about import results.","type":"string"},"loginProfile":{"$ref":"#/components/schemas/LoginProfile","description":"The login profile information for the user."}},"type":"object"},"LoginProfile":{"description":"The user profile information used for logging in to a virtual machine on Google Compute Engine.","properties":{"name":{"description":"Required. A unique user ID.","type":"string"},"posixAccounts":{"description":"The list of POSIX accounts associated with the user.","items":{"$ref":"#/components/schemas/PosixAccount"},"type":"array"},"securityKeys":{"description":"The registered security key credentials for a user.","items":{"$ref":"#/components/schemas/SecurityKey"},"type":"array"},"sshPublicKeys":{"additionalProperties":{"$ref":"#/components/schemas/SshPublicKey"},"description":"A map from SSH public key fingerprint to the associated key object.","type":"object"}},"type":"object"},"PosixAccount":{"description":"The POSIX account information associated with a Google account.","properties":{"accountId":{"description":"Output only. A POSIX account identifier.","readOnly":true,"type":"string"},"gecos":{"description":"The GECOS (user information) entry for this account.","type":"string"},"gid":{"description":"The default group ID.","format":"int64","type":"string"},"homeDirectory":{"description":"The path to the home directory for this account.","type":"string"},"name":{"description":"Output only. The canonical resource name.","readOnly":true,"type":"string"},"operatingSystemType":{"description":"The operating system type where this account applies.","enum":["OPERATING_SYSTEM_TYPE_UNSPECIFIED","LINUX","WINDOWS"],"type":"string"},"primary":{"description":"Only one POSIX account can be marked as primary.","type":"boolean"},"shell":{"description":"The path to the logic shell for this account.","type":"string"},"systemId":{"description":"System identifier for which account the username or uid applies to. By default, the empty value is used.","type":"string"},"uid":{"description":"The user ID.","format":"int64","type":"string"},"username":{"description":"The username of the POSIX account.","type":"string"}},"type":"object"},"SecurityKey":{"description":"The credential information for a Google registered security key.","properties":{"deviceNickname":{"description":"The security key nickname explicitly set by the user.","type":"string"},"privateKey":{"description":"Hardware-backed private key text in SSH format.","type":"string"},"publicKey":{"description":"Public key text in SSH format, defined by [RFC4253](\"https://www.ietf.org/rfc/rfc4253.txt\") section 6.6.","type":"string"},"universalTwoFactor":{"$ref":"#/components/schemas/UniversalTwoFactor","description":"The U2F protocol type."},"webAuthn":{"$ref":"#/components/schemas/WebAuthn","description":"The Web Authentication protocol type."}},"type":"object"},"SignSshPublicKeyRequest":{"properties":{"sshPublicKey":{"description":"The SSH public key to sign.","type":"string"}},"type":"object"},"SignSshPublicKeyResponse":{"properties":{"signedSshPublicKey":{"description":"The signed SSH public key to use in the SSH handshake.","type":"string"}},"type":"object"},"SshPublicKey":{"description":"The SSH public key information associated with a Google account.","properties":{"expirationTimeUsec":{"description":"An expiration time in microseconds since epoch.","format":"int64","type":"string"},"fingerprint":{"description":"Output only. The SHA-256 fingerprint of the SSH public key.","readOnly":true,"type":"string"},"key":{"description":"Public key text in SSH format, defined by RFC4253 section 6.6.","type":"string"},"name":{"description":"Output only. The canonical resource name.","readOnly":true,"type":"string"}},"type":"object"},"UniversalTwoFactor":{"description":"Security key information specific to the U2F protocol.","properties":{"appId":{"description":"Application ID for the U2F protocol.","type":"string"}},"type":"object"},"WebAuthn":{"description":"Security key information specific to the Web Authentication protocol.","properties":{"rpId":{"description":"Relying party ID for Web Authentication.","type":"string"}},"type":"object"}},"securitySchemes":{"Oauth2":{"description":"Oauth 2.0 implicit authentication","flows":{"implicit":{"authorizationUrl":"https://accounts.google.com/o/oauth2/auth","scopes":{"https://www.googleapis.com/auth/cloud-platform":"See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.","https://www.googleapis.com/auth/cloud-platform.read-only":"View your data across Google Cloud services and see the email address of your Google Account","https://www.googleapis.com/auth/compute":"View and manage your Google Compute Engine resources","https://www.googleapis.com/auth/compute.readonly":"View your Google Compute Engine resources"}}},"type":"oauth2"},"Oauth2c":{"description":"Oauth 2.0 authorizationCode authentication","flows":{"authorizationCode":{"authorizationUrl":"https://accounts.google.com/o/oauth2/auth","scopes":{"https://www.googleapis.com/auth/cloud-platform":"See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.","https://www.googleapis.com/auth/cloud-platform.read-only":"View your data across Google Cloud services and see the email address of your Google Account","https://www.googleapis.com/auth/compute":"View and manage your Google Compute Engine resources","https://www.googleapis.com/auth/compute.readonly":"View your Google Compute Engine resources"},"tokenUrl":"https://accounts.google.com/o/oauth2/token"}},"type":"oauth2"}}}}