blob: 3452c19bb6b49fedf52d9ecb09ff8e4505a22637 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
syntax = "proto3";
package yandex.cloud.iam.v1;
import "google/api/annotations.proto";
import "google/protobuf/timestamp.proto";
import "yandex/cloud/validation.proto";
option go_package = "github.com/yandex-cloud/go-genproto/yandex/cloud/iam/v1;iam";
option java_package = "yandex.cloud.api.iam.v1";
// A set of methods for managing IAM tokens.
service IamTokenService {
// Creates an IAM token for the specified identity.
rpc Create (CreateIamTokenRequest) returns (CreateIamTokenResponse) {
option (google.api.http) = {post: "/iam/v1/tokens" body: "*"};
}
// Create iam token for service account.
rpc CreateForServiceAccount (CreateIamTokenForServiceAccountRequest) returns (CreateIamTokenResponse) {
option (google.api.http) = {post: "/iam/v1/tokens:createForServiceAccount" body: "*"};
};
}
message CreateIamTokenRequest {
oneof identity {
option (exactly_one) = true;
// OAuth token for a Yandex account.
// For more information, see [OAuth token](/docs/iam/concepts/authorization/oauth-token).
string yandex_passport_oauth_token = 1;
// JSON Web Token (JWT) for a service account.
// For more information, see [Get IAM token for a service account](/docs/iam/operations/iam-token/create-for-sa).
string jwt = 2;
}
}
message CreateIamTokenResponse {
// IAM token for the specified identity.
//
// You should pass the token in the `Authorization` header for any further API requests.
// For example, `Authorization: Bearer [iam_token]`.
string iam_token = 1;
// IAM token expiration time.
google.protobuf.Timestamp expires_at = 2;
}
message CreateIamTokenForServiceAccountRequest {
string service_account_id = 1 [(required) = true, (length) = "<=50"];
}
|
