Update - Infisical

Overview

Endpoints

Identities
Token Auth
Universal Auth
GCP Auth
- POST
  Login
- POST
  Attach
- GET
  Retrieve
- PATCH
  Update
- DEL
  Revoke
AWS Auth
Azure Auth
Kubernetes Auth
OIDC Auth
JWT Auth
Groups
Organizations
Projects
Project Users
Project Groups
Project Identities
Project Roles
Project Templates
Environments
Folders
Secret Tags
Secrets
Dynamic Secrets
Secret Imports
Identity Specific Privilege
App Connections
Secret Syncs
Integrations
Service Tokens
Audit Logs

Infisical PKI

Certificate Authorities
Certificates
Certificate Templates
Certificate Collections
PKI Alerting

Infisical SSH

Certificates
Certificate Authorities
Certificate Templates

Infisical KMS

Keys

PATCH

api

auth

gcp-auth

identities

{identityId}

curl --request PATCH \
  --url https://us.infisical.com/api/v1/auth/gcp-auth/identities/{identityId} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "type": "iam",
  "allowedServiceAccounts": "",
  "allowedProjects": "",
  "allowedZones": "",
  "accessTokenTrustedIps": [
    {
      "ipAddress": "<string>"
    }
  ],
  "accessTokenTTL": 157680000,
  "accessTokenNumUsesLimit": 1,
  "accessTokenMaxTTL": 157680000
}'

{
  "identityGcpAuth": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "accessTokenTTL": 7200,
    "accessTokenMaxTTL": 7200,
    "accessTokenNumUsesLimit": 0,
    "accessTokenTrustedIps": "<any>",
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z",
    "identityId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "type": "<string>",
    "allowedServiceAccounts": "<string>",
    "allowedProjects": "<string>",
    "allowedZones": "<string>"
  }
}

Authorizations

Authorization

string

header

required

An access token in Infisical

Path Parameters

identityId

string

required

The ID of the identity to update the auth method for.

Body

application/json

type

enum<string>

Available options:

iam,

gce

allowedServiceAccounts

string

default:

The new comma-separated list of trusted service account emails corresponding to the GCE resource(s) allowed to authenticate with Infisical.

allowedProjects

string

default:

The new comma-separated list of trusted GCP projects that the GCE instance must belong to authenticate with Infisical.

allowedZones

string

default:

The new comma-separated list of trusted zones that the GCE instances must belong to authenticate with Infisical.

accessTokenTrustedIps

object[]

The new IPs or CIDR ranges that access tokens can be used from.

accessTokenTTL

integer

The new lifetime for an access token in seconds.

Required range: 0 <= x <= 315360000

accessTokenNumUsesLimit

integer

The new maximum number of times that an access token can be used.

Required range: x >= 0

accessTokenMaxTTL

integer

The new maximum lifetime for an access token in seconds.

Required range: 0 <= x <= 315360000

Response

200

application/json

Default Response

identityGcpAuth

object

required

Was this page helpful?

Suggest edits Raise issue

Retrieve Revoke

curl --request PATCH \
  --url https://us.infisical.com/api/v1/auth/gcp-auth/identities/{identityId} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "type": "iam",
  "allowedServiceAccounts": "",
  "allowedProjects": "",
  "allowedZones": "",
  "accessTokenTrustedIps": [
    {
      "ipAddress": "<string>"
    }
  ],
  "accessTokenTTL": 157680000,
  "accessTokenNumUsesLimit": 1,
  "accessTokenMaxTTL": 157680000
}'

{
  "identityGcpAuth": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "accessTokenTTL": 7200,
    "accessTokenMaxTTL": 7200,
    "accessTokenNumUsesLimit": 0,
    "accessTokenTrustedIps": "<any>",
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z",
    "identityId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "type": "<string>",
    "allowedServiceAccounts": "<string>",
    "allowedProjects": "<string>",
    "allowedZones": "<string>"
  }
}