This product(
Ims/2019-08-15
) OpenAPI adopts RPC Signature style. See signature details in Description of the signature mechanism. We have packaged SDKs for common programming languages for developers. Developers can directly call the OpenAPI of this product by downloading the SDK without paying attention to the technical details. If the existing SDK cannot meet the usage requirements, you can connect through the signature mechanism. It will take about 5 working days. Therefore, it is recommended to join our DingTalk service group (78410016550) and sign under the guidance of experts. Before using the API, you need to prepare your identity account and access key (AccessKey) to effectively access the API through client tools (SDK, CLI, etc.). For details see getAccessKey.
User management
API | Title | Description |
---|---|---|
RAM user | RAM user | |
CreateUser | CreateUser | Creates a RAM user. |
GetUser | GetUser | Queries the information about a RAM user. |
UpdateUser | UpdateUser | Modifies the information about a RAM user. |
DeleteUser | DeleteUser | Deletes a RAM user. |
ListUsers | ListUsers | Queries the details of all RAM users. |
ListUserBasicInfos | ListUserBasicInfos | Queries the basic information about all RAM users. |
GetAccountSummary | GetAccountSummary | Queries the overview information of an Alibaba Cloud account. |
Logon | Logon | |
CreateLoginProfile | CreateLoginProfile | Enables logon to the console for a RAM user. |
GetLoginProfile | GetLoginProfile | Queries the logon configurations of a Resource Access Management (RAM) user. |
UpdateLoginProfile | UpdateLoginProfile | Modifies the logon information of a RAM user. |
DeleteLoginProfile | DeleteLoginProfile | Disables logon to the console for a RAM user. |
ChangePassword | ChangePassword | Changes the password that is used to log on to the console for a Resource Access Management (RAM) user. |
AccessKey | AccessKey | |
CreateAccessKey | CreateAccessKey | Creates an AccessKey pair for an Alibaba Cloud account or a RAM user. |
DeleteAccessKey | DeleteAccessKey | Deletes an AccessKey pair from an Alibaba Cloud account or a RAM user. |
UpdateAccessKey | UpdateAccessKey | Modifies the status of an AccessKey pair for an Alibaba Cloud account or a RAM user. |
GetAccessKeyLastUsed | GetAccessKeyLastUsed | Queries the time when an AccessKey pair was used for the last time. |
ListAccessKeys | ListAccessKeys | Queries the AccessKey pairs of an Alibaba Cloud account or a RAM user. |
MFA | MFA | |
CreateVirtualMFADevice | CreateVirtualMFADevice | Creates a multi-factor authentication (MFA) device. |
ListVirtualMFADevices | ListVirtualMFADevices | Queries multi-factor authentication (MFA) devices. |
DeleteVirtualMFADevice | DeleteVirtualMFADevice | Deletes a multi-factor authentication (MFA) device. |
DisableVirtualMFA | DisableVirtualMFA | Unbinds and deletes an MFA device from a RAM user. |
BindMFADevice | BindMFADevice | Binds a multi-factor authentication (MFA) device to a RAM user. |
UnbindMFADevice | UnbindMFADevice | Unbinds a multi-factor authentication (MFA) device from a RAM user. |
GetAccountMFAInfo | GetAccountMFAInfo | Queries a multi-factor authentication (MFA) device of an Alibaba Cloud account. |
GetUserMFAInfo | GetUserMFAInfo | Queries the information of the multi-factor authentication (MFA) device that is bound to a RAM user. |
Tag | Tag | |
TagResources | TagResources | Adds tags to resources. |
UntagResources | UntagResources | Removes tags from a resource. |
ListTagResources | ListTagResources | Queries the tags that are added resources. |
User group management
API | Title | Description |
---|---|---|
CreateGroup | CreateGroup | Creates a RAM user group. |
GetGroup | GetGroup | Queries the information about a Resource Access Management (RAM) user group. |
UpdateGroup | UpdateGroup | Modifies the information of a RAM user group. |
DeleteGroup | DeleteGroup | Deletes a RAM user group. |
ListGroups | ListGroups | Queries RAM user groups. |
AddUserToGroup | AddUserToGroup | Adds a RAM user to a RAM user group. |
RemoveUserFromGroup | RemoveUserFromGroup | Removes a RAM user from a RAM user group. |
ListUsersForGroup | ListUsersForGroup | Queries Resource Access Management (RAM) users in a RAM user group. |
ListGroupsForUser | ListGroupsForUser | Queries the RAM user groups to which a RAM user belongs. |
SSO management
API | Title | Description |
---|---|---|
SetUserSsoSettings | SetUserSsoSettings | Configures information about identity providers (IdPs) for user-based single sign-on (SSO). |
GetUserSsoSettings | GetUserSsoSettings | Queries information about identity providers (IdPs) for user-based single sign-on (SSO). |
CreateSAMLProvider | CreateSAMLProvider | Creates an identity provider (IdP) for role-based SSO. |
DeleteSAMLProvider | DeleteSAMLProvider | Deletes an identity provider (IdP) for role-based SSO. |
UpdateSAMLProvider | UpdateSAMLProvider | Modifies information about an identity provider (IdP) for role-based SSO. |
GetSAMLProvider | GetSAMLProvider | Queries the information about an identity provider (IdP) for role-based single sign-on (SSO). |
ListSAMLProviders | ListSAMLProviders | Queries identity providers (IdPs) for role-based SSO. |
CreateOIDCProvider | CreateOIDCProvider | Creates an OpenID Connect (OIDC) identity provider (IdP) to configure a trust relationship between Alibaba Cloud and an external IdP. This topic provides an example on how to create an IdP named TestOIDCProvider to configure a trust relationship between the external IdP Okta and Alibaba Cloud. |
GetOIDCProvider | GetOIDCProvider | Queries the information about an OIDC IdP. |
UpdateOIDCProvider | UpdateOIDCProvider | Modifies the description and client IDs of an OpenID Connect (OIDC) identity provider (IdP). |
ListOIDCProviders | ListOIDCProviders | Queries OIDC IdPs. |
DeleteOIDCProvider | DeleteOIDCProvider | Deletes an OpenID Connect (OIDC) identity provider (IdP). |
AddClientIdToOIDCProvider | AddClientIdToOIDCProvider | Adds a client ID to an OpenID Connect (OIDC) identity provider (IdP). |
RemoveClientIdFromOIDCProvider | RemoveClientIdFromOIDCProvider | Removes a client ID from an OpenID Connect (OIDC) identity provider (IdP). |
AddFingerprintToOIDCProvider | AddFingerprintToOIDCProvider | Adds a fingerprint to an OpenID Connect (OIDC) identity provider (IdP). |
RemoveFingerprintFromOIDCProvider | RemoveFingerprintFromOIDCProvider | Removes a fingerprint from an OpenID Connect (OIDC) identity provider (IdP). |
OAuth management
API | Title | Description |
---|---|---|
CreateApplication | CreateApplication | Creates an application. |
GetApplication | GetApplication | Queries the configuration information about an application. |
UpdateApplication | UpdateApplication | Modifies the information about a specified application. |
DeleteApplication | DeleteApplication | Deletes an application. |
ListApplications | ListApplications | Lists the created applications. |
ListPredefinedScopes | ListPredefinedScopes | Queries predefined application permissions. |
CreateAppSecret | CreateAppSecret | Creates an application secret for the specified application. |
GetAppSecret | GetAppSecret | Queries the details of an application secret. |
ListAppSecretIds | ListAppSecretIds | Queries the secret IDs of an application. |
DeleteAppSecret | DeleteAppSecret | Delete the application secret for the specified application. |
Security settings
API | Title | Description |
---|---|---|
SetPasswordPolicy | SetPasswordPolicy | Configures the password policy for RAM users. |
GetPasswordPolicy | GetPasswordPolicy | Queries the details of the password policy for RAM users. |
SetSecurityPreference | SetSecurityPreference | Configures security preferences for a RAM user. |
GetSecurityPreference | GetSecurityPreference | Queries the security preferences for RAM users. |
SetDefaultDomain | SetDefaultDomain | Configures the default domain name. |
GetDefaultDomain | GetDefaultDomain | Queries the default domain name of an Alibaba Cloud account. |
GetCredentialReport | GetCredentialReport | Queries the user credential reports of an Alibaba Cloud account. |
GetAccountSecurityPracticeReport | GetAccountSecurityPracticeReport | Queries the security report for an Alibaba Cloud account. |
GenerateCredentialReport | GenerateCredentialReport | Generates a user credential report. |