> For the complete documentation index, see [llms.txt](/llms.txt)
# GS2-Identifier SDK API Reference
Specification of models and API references for GS2-Identifier SDK for various programming languages
## Models
### Identifier
Credential
Credentials used to access the GS2 API.
A credential consists of a client ID and a client secret, and access using the credential is restricted based on the privileges of the user who owns the credential.
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| clientId | string | | ✓ | UUID | ~ 256 chars | Client ID |
| userName | string | | ✓ | | ~ 128 chars | User Name
The name of the GS2-Identifier user who owns this credential. The credential inherits the permissions of this user based on the security policies attached to them. |
| clientSecret | string | | ✓ | UUID | ~ 100 chars | Client Secret |
| createdAt | long | | * | Current time | | Creation Timestamp
Unix time, milliseconds
* Set automatically by the server |
| revision | long | | | 0 | 0 ~ 9223372036854775805 | Revision |
**Related methods:**
describeIdentifiers - List Credentials
createIdentifier - Create Credential
getIdentifier - Get Credentials
deleteIdentifier - Delete credential
---
### Password
Password
Password for logging into the Management Console based on user permissions.
A password allows different accounts to log in to a single project and still limit the information they have access to.
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| passwordId | string | | * | | ~ 1024 chars | Password GRN
* Set automatically by the server |
| userId | string | | ✓ | | ~ 1024 chars | GS2-Identifier User GRN |
| userName | string | | ✓ | | ~ 128 chars | User Name
The name of the GS2-Identifier user who owns this password. The user logs into the management console with this user name and the corresponding password, and access is restricted based on the security policies attached to the user. |
| enableTwoFactorAuthentication | string (enum)
enum {
"RFC6238",
"Disable"
}
| | | "Disable" | | Two-Factor Authentication
Controls whether TOTP-based two-factor authentication (RFC 6238) is required for management console login with this password. When set to "RFC6238", the user must provide a valid one-time code from their authenticator app in addition to the password. When set to "Disable", only the password is required."RFC6238": Enable / "Disable": Disable / |
| twoFactorAuthenticationSetting | [TwoFactorAuthenticationSetting](#twofactorauthenticationsetting) | {enableTwoFactorAuthentication} == "RFC6238" | | | | Two-Factor Authentication Setting
The TOTP configuration for this password, including the shared secret key and setup status. Only present when enableTwoFactorAuthentication is set to "RFC6238". Contains the verification state (Verifying/Enable) to track whether the user has completed the authenticator app setup.
* Enabled only if enableTwoFactorAuthentication is "RFC6238" |
| createdAt | long | | * | Current time | | Creation Timestamp
Unix time, milliseconds
* Set automatically by the server |
| revision | long | | | 0 | 0 ~ 9223372036854775805 | Revision |
**Related methods:**
createPassword - Create password
getPassword - Get Password
enableMfa - Enable MFA
challengeMfa - Verify MFA
disableMfa - Disable MFA
deletePassword - Delete password
---
### AttachSecurityPolicy
Attached Security Policy
Manages the association between a GS2-Identifier user and their security policies. Each user has one attachment record that contains the list of security policy GRNs applied to that user. When the user's credentials are used for API access, all attached policies are evaluated to determine whether the requested operation is allowed or denied.
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userId | string | | * | | ~ 1024 chars | GS2-Identifier User GRN
* Set automatically by the server |
| securityPolicyIds | List<string> | | | [] | 0 ~ 100 items | List of Security Policy GRNs
The list of security policies attached to this user. Multiple policies can be attached, and their permissions are combined (union). If any attached policy allows an action, the action is permitted. Up to 100 policies can be attached per user. |
| attachedAt | long | | * | Current time | | Creation Timestamp
Unix time, milliseconds
* Set automatically by the server |
| revision | long | | | 0 | 0 ~ 9223372036854775805 | Revision |
---
### User
GS2-Identifier User
This entity represents a game developer who has access to the project.
The user has credentials for programmatic access and
A password can be registered that allows the user to log into the Management Console and manage the project based on the user's permissions.
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userId | string | | * | | ~ 1024 chars | GS2-Identifier User GRN
* Set automatically by the server |
| name | string | | ✓ | | ~ 128 chars | GS2-Identifier User name
GS2-Unique Identifier User name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
| description | string | | | | ~ 1024 chars | Description |
| createdAt | long | | * | Current time | | Creation Timestamp
Unix time, milliseconds
* Set automatically by the server |
| updatedAt | long | | * | Current time | | Last Updated Timestamp
Unix time, milliseconds
* Set automatically by the server |
| revision | long | | | 0 | 0 ~ 9223372036854775805 | Revision |
**Related methods:**
describeUsers - List Users
createUser - Create User
updateUser - Update user
getUser - Get User
deleteUser - Delete user
---
### SecurityPolicy
Security Policy
Define restrictions on the types of APIs that users can use and the resources they can access.
Access restriction rules are defined using JSON format definition data called policy documents.
For the specifications of policy documents, please refer to [the explanation page](/articles/tech/identifier/#security-policy) on policy documents in the development documents.
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| securityPolicyId | string | | * | | ~ 1024 chars | Security Policy GRN
* Set automatically by the server |
| name | string | | ✓ | | ~ 128 chars | Security Policy Name
Unique Security Policy name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
| description | string | | | | ~ 1024 chars | Description |
| policy | string | | ✓ | | ~ 524288 chars | Policy Document
A JSON document that defines the access control rules for this security policy. The document specifies which GS2 API actions are allowed or denied, and which resources (identified by GRN patterns) the rules apply to. Multiple statements can be combined to create fine-grained access control. Maximum 512KB. |
| createdAt | long | | * | Current time | | Creation Timestamp
Unix time, milliseconds
* Set automatically by the server |
| updatedAt | long | | * | Current time | | Last Updated Timestamp
Unix time, milliseconds
* Set automatically by the server |
**Related methods:**
getHasSecurityPolicy - List assigned Security Policies
attachSecurityPolicy - Assign the Security Policy to a user
detachSecurityPolicy - Revoke assigned Security Policies from a user
describeSecurityPolicies - List Security Policies
describeCommonSecurityPolicies - List GS2-defined Security Policies
createSecurityPolicy - Create Security Policy
updateSecurityPolicy - Update Security Policy
getSecurityPolicy - Get Security Policy
deleteSecurityPolicy - Delete Security Policy
---
### ProjectToken
Project Token
A temporary access token issued by authenticating with a credential (client ID and client secret). This token is used to authorize all subsequent GS2 API calls within the project. The token has a limited lifetime and must be refreshed periodically.
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| token | string | | | | ~ 1024 chars | Project Token
The token string used for API authentication. This token is generated upon successful login with a credential. Maximum 1024 characters. |
**Related methods:**
loginByUser - Get a Project Token by specifying a GS2-Identifier user
---
### TwoFactorAuthenticationSetting
Two-Factor Authentication Setting
Configuration for TOTP-based two-factor authentication (RFC 6238) on a management console password. Stores the shared secret key used to generate and verify time-based one-time passwords. The setting goes through a verification phase before being fully enabled to ensure the user has correctly configured their authenticator app.
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| status | string (enum)
enum {
"Verifying",
"Enable"
}
| | | "Verifying" | | Status
The current state of the two-factor authentication setup. "Verifying" indicates the user has initiated setup but has not yet confirmed a valid TOTP code from their authenticator app. "Enable" indicates the setup is complete and two-factor authentication is actively enforced for console logins."Verifying": Verifying / "Enable": Enable / |
**Related models:**
Password - Password
---
## Methods
### describeIdentifiers
List Credentials
Retrieves a paginated list of OAuth credentials (client ID/secret pairs) associated with the specified user.
Credentials are used for programmatic authentication via the Login API to obtain project tokens.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | User name |
| pageToken | string | | | | ~ 1024 chars | Token specifying the position from which to start acquiring data |
| limit | int | | | 30 | 1 ~ 1000 | Number of data acquired |
#### Result
| | Type | Description |
| --- | --- | --- |
| items | [List<Identifier>](#identifier) | List of Credentials |
| nextPageToken | string | Page token to retrieve the rest of the listing |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.DescribeIdentifiers(
&identifier.DescribeIdentifiersRequest {
UserName: pointy.String("user-0001"),
PageToken: nil,
Limit: nil,
}
)
if err != nil {
panic("error occurred")
}
items := result.Items
nextPageToken := result.NextPageToken
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\DescribeIdentifiersRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->describeIdentifiers(
(new DescribeIdentifiersRequest())
->withUserName("user-0001")
->withPageToken(null)
->withLimit(null)
);
$items = $result->getItems();
$nextPageToken = $result->getNextPageToken();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.DescribeIdentifiersRequest;
import io.gs2.identifier.result.DescribeIdentifiersResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
DescribeIdentifiersResult result = client.describeIdentifiers(
new DescribeIdentifiersRequest()
.withUserName("user-0001")
.withPageToken(null)
.withLimit(null)
);
List items = result.getItems();
String nextPageToken = result.getNextPageToken();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.DescribeIdentifiers(
new Gs2.Gs2Identifier.Request.DescribeIdentifiersRequest()
.WithUserName("user-0001")
.WithPageToken(null)
.WithLimit(null),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var items = result.Items;
var nextPageToken = result.NextPageToken;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.describeIdentifiers(
new Gs2Identifier.DescribeIdentifiersRequest()
.withUserName("user-0001")
.withPageToken(null)
.withLimit(null)
);
const items = result.getItems();
const nextPageToken = result.getNextPageToken();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.describe_identifiers(
identifier.DescribeIdentifiersRequest()
.with_user_name('user-0001')
.with_page_token(None)
.with_limit(None)
)
items = result.items
next_page_token = result.next_page_token
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.describe_identifiers({
userName="user-0001",
pageToken=nil,
limit=nil,
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
nextPageToken = result.nextPageToken;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.describe_identifiers_async({
userName="user-0001",
pageToken=nil,
limit=nil,
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
nextPageToken = result.nextPageToken;
```
---
### createIdentifier
Create Credential
Generates a new OAuth credential (client ID and client secret) for the specified user.
The client secret is returned only in this response and cannot be retrieved later; store it securely.
The credential can be used with the Login API to obtain project tokens for programmatic API access.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | User Name
The name of the GS2-Identifier user who owns this credential. The credential inherits the permissions of this user based on the security policies attached to them. |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [Identifier](#identifier) | Created Credential |
| clientSecret | string | Client Secret |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.CreateIdentifier(
&identifier.CreateIdentifierRequest {
UserName: pointy.String("user-0001"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
clientSecret := result.ClientSecret
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\CreateIdentifierRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->createIdentifier(
(new CreateIdentifierRequest())
->withUserName("user-0001")
);
$item = $result->getItem();
$clientSecret = $result->getClientSecret();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.CreateIdentifierRequest;
import io.gs2.identifier.result.CreateIdentifierResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
CreateIdentifierResult result = client.createIdentifier(
new CreateIdentifierRequest()
.withUserName("user-0001")
);
Identifier item = result.getItem();
String clientSecret = result.getClientSecret();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.CreateIdentifier(
new Gs2.Gs2Identifier.Request.CreateIdentifierRequest()
.WithUserName("user-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
var clientSecret = result.ClientSecret;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.createIdentifier(
new Gs2Identifier.CreateIdentifierRequest()
.withUserName("user-0001")
);
const item = result.getItem();
const clientSecret = result.getClientSecret();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.create_identifier(
identifier.CreateIdentifierRequest()
.with_user_name('user-0001')
)
item = result.item
client_secret = result.client_secret
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.create_identifier({
userName="user-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
clientSecret = result.clientSecret;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.create_identifier_async({
userName="user-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
clientSecret = result.clientSecret;
```
---
### getIdentifier
Get Credentials
Retrieves the metadata of a specific credential identified by client ID.
The client secret is not included in the response for security reasons.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | User Name
The name of the GS2-Identifier user who owns this credential. The credential inherits the permissions of this user based on the security policies attached to them. |
| clientId | string | | ✓| UUID | ~ 256 chars | Client ID |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [Identifier](#identifier) | Credential |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.GetIdentifier(
&identifier.GetIdentifierRequest {
UserName: pointy.String("user-0001"),
ClientId: pointy.String("client-0001"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\GetIdentifierRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->getIdentifier(
(new GetIdentifierRequest())
->withUserName("user-0001")
->withClientId("client-0001")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.GetIdentifierRequest;
import io.gs2.identifier.result.GetIdentifierResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
GetIdentifierResult result = client.getIdentifier(
new GetIdentifierRequest()
.withUserName("user-0001")
.withClientId("client-0001")
);
Identifier item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.GetIdentifier(
new Gs2.Gs2Identifier.Request.GetIdentifierRequest()
.WithUserName("user-0001")
.WithClientId("client-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.getIdentifier(
new Gs2Identifier.GetIdentifierRequest()
.withUserName("user-0001")
.withClientId("client-0001")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.get_identifier(
identifier.GetIdentifierRequest()
.with_user_name('user-0001')
.with_client_id('client-0001')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.get_identifier({
userName="user-0001",
clientId="client-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.get_identifier_async({
userName="user-0001",
clientId="client-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### deleteIdentifier
Delete credential
Revokes and deletes the specified credential.
After deletion, the client ID and client secret can no longer be used for authentication.
Any existing project tokens obtained with this credential remain valid until they expire.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | User Name
The name of the GS2-Identifier user who owns this credential. The credential inherits the permissions of this user based on the security policies attached to them. |
| clientId | string | | ✓| UUID | ~ 256 chars | Client ID |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [Identifier](#identifier) | Credential |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.DeleteIdentifier(
&identifier.DeleteIdentifierRequest {
UserName: pointy.String("user-0001"),
ClientId: pointy.String("client-0001"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\DeleteIdentifierRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->deleteIdentifier(
(new DeleteIdentifierRequest())
->withUserName("user-0001")
->withClientId("client-0001")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.DeleteIdentifierRequest;
import io.gs2.identifier.result.DeleteIdentifierResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
DeleteIdentifierResult result = client.deleteIdentifier(
new DeleteIdentifierRequest()
.withUserName("user-0001")
.withClientId("client-0001")
);
Identifier item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.DeleteIdentifier(
new Gs2.Gs2Identifier.Request.DeleteIdentifierRequest()
.WithUserName("user-0001")
.WithClientId("client-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.deleteIdentifier(
new Gs2Identifier.DeleteIdentifierRequest()
.withUserName("user-0001")
.withClientId("client-0001")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.delete_identifier(
identifier.DeleteIdentifierRequest()
.with_user_name('user-0001')
.with_client_id('client-0001')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.delete_identifier({
userName="user-0001",
clientId="client-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.delete_identifier_async({
userName="user-0001",
clientId="client-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### describeAttachedGuards
List assigned GS2-Guard Namespace GRNs
Retrieves the list of GS2-Guard Namespaces attached to the specified credential.
When guards are attached, API requests using this credential are subject to additional access control checks defined by the guard service (e.g., IP-based blocking).
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| clientId | string | | ✓| UUID | ~ 256 chars | Client ID |
| userName | string | | ✓| | ~ 128 chars | GS2-Identifier User name
GS2-Unique Identifier User name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
#### Result
| | Type | Description |
| --- | --- | --- |
| items | List<string> | List of GS2-Guard Namespace GRN |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.DescribeAttachedGuards(
&identifier.DescribeAttachedGuardsRequest {
ClientId: pointy.String("client-0001"),
UserName: pointy.String("user-0001"),
}
)
if err != nil {
panic("error occurred")
}
items := result.Items
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\DescribeAttachedGuardsRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->describeAttachedGuards(
(new DescribeAttachedGuardsRequest())
->withClientId("client-0001")
->withUserName("user-0001")
);
$items = $result->getItems();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.DescribeAttachedGuardsRequest;
import io.gs2.identifier.result.DescribeAttachedGuardsResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
DescribeAttachedGuardsResult result = client.describeAttachedGuards(
new DescribeAttachedGuardsRequest()
.withClientId("client-0001")
.withUserName("user-0001")
);
List items = result.getItems();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.DescribeAttachedGuards(
new Gs2.Gs2Identifier.Request.DescribeAttachedGuardsRequest()
.WithClientId("client-0001")
.WithUserName("user-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var items = result.Items;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.describeAttachedGuards(
new Gs2Identifier.DescribeAttachedGuardsRequest()
.withClientId("client-0001")
.withUserName("user-0001")
);
const items = result.getItems();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.describe_attached_guards(
identifier.DescribeAttachedGuardsRequest()
.with_client_id('client-0001')
.with_user_name('user-0001')
)
items = result.items
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.describe_attached_guards({
clientId="client-0001",
userName="user-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.describe_attached_guards_async({
clientId="client-0001",
userName="user-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
```
---
### attachGuard
Assign the GS2-Guard Namespace GRN to the credential
Attaches a GS2-Guard Namespace to the specified credential for additional access control.
Once attached, API requests using this credential will be validated against the guard's blocking policies (e.g., IP detection, anonymous IP filtering, reputation-based filtering).
Returns the complete list of guard Namespaces attached to the credential after the operation.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | GS2-Identifier User name
GS2-Unique Identifier User name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
| clientId | string | | ✓| UUID | ~ 256 chars | Client ID |
| guardNamespaceId | string | | ✓| | ~ 1024 chars | Assign GS2-Guard Namespace GRN |
#### Result
| | Type | Description |
| --- | --- | --- |
| items | List<string> | List of GS2-Guard Namespace GRN |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.AttachGuard(
&identifier.AttachGuardRequest {
UserName: pointy.String("user-0001"),
ClientId: pointy.String("client-0001"),
GuardNamespaceId: pointy.String("guard-namespace-0001"),
}
)
if err != nil {
panic("error occurred")
}
items := result.Items
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\AttachGuardRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->attachGuard(
(new AttachGuardRequest())
->withUserName("user-0001")
->withClientId("client-0001")
->withGuardNamespaceId("guard-namespace-0001")
);
$items = $result->getItems();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.AttachGuardRequest;
import io.gs2.identifier.result.AttachGuardResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
AttachGuardResult result = client.attachGuard(
new AttachGuardRequest()
.withUserName("user-0001")
.withClientId("client-0001")
.withGuardNamespaceId("guard-namespace-0001")
);
List items = result.getItems();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.AttachGuard(
new Gs2.Gs2Identifier.Request.AttachGuardRequest()
.WithUserName("user-0001")
.WithClientId("client-0001")
.WithGuardNamespaceId("guard-namespace-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var items = result.Items;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.attachGuard(
new Gs2Identifier.AttachGuardRequest()
.withUserName("user-0001")
.withClientId("client-0001")
.withGuardNamespaceId("guard-namespace-0001")
);
const items = result.getItems();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.attach_guard(
identifier.AttachGuardRequest()
.with_user_name('user-0001')
.with_client_id('client-0001')
.with_guard_namespace_id('guard-namespace-0001')
)
items = result.items
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.attach_guard({
userName="user-0001",
clientId="client-0001",
guardNamespaceId="guard-namespace-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.attach_guard_async({
userName="user-0001",
clientId="client-0001",
guardNamespaceId="guard-namespace-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
```
---
### detachGuard
Remove GS2-Guard Namespace GRN from the credential
Removes a GS2-Guard Namespace from the specified credential.
After removal, API requests using this credential will no longer be subject to the guard's access control checks.
Returns the list of remaining guard Namespaces attached to the credential.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | GS2-Identifier User name
GS2-Unique Identifier User name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
| clientId | string | | ✓| UUID | ~ 256 chars | Client ID |
| guardNamespaceId | string | | ✓| | ~ 1024 chars | GS2-Guard Namespace GRN |
#### Result
| | Type | Description |
| --- | --- | --- |
| items | List<string> | List of GS2-Guard Namespace GRN |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.DetachGuard(
&identifier.DetachGuardRequest {
UserName: pointy.String("user-0001"),
ClientId: pointy.String("client-0001"),
GuardNamespaceId: pointy.String("guard-namespace-0001"),
}
)
if err != nil {
panic("error occurred")
}
items := result.Items
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\DetachGuardRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->detachGuard(
(new DetachGuardRequest())
->withUserName("user-0001")
->withClientId("client-0001")
->withGuardNamespaceId("guard-namespace-0001")
);
$items = $result->getItems();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.DetachGuardRequest;
import io.gs2.identifier.result.DetachGuardResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
DetachGuardResult result = client.detachGuard(
new DetachGuardRequest()
.withUserName("user-0001")
.withClientId("client-0001")
.withGuardNamespaceId("guard-namespace-0001")
);
List items = result.getItems();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.DetachGuard(
new Gs2.Gs2Identifier.Request.DetachGuardRequest()
.WithUserName("user-0001")
.WithClientId("client-0001")
.WithGuardNamespaceId("guard-namespace-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var items = result.Items;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.detachGuard(
new Gs2Identifier.DetachGuardRequest()
.withUserName("user-0001")
.withClientId("client-0001")
.withGuardNamespaceId("guard-namespace-0001")
);
const items = result.getItems();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.detach_guard(
identifier.DetachGuardRequest()
.with_user_name('user-0001')
.with_client_id('client-0001')
.with_guard_namespace_id('guard-namespace-0001')
)
items = result.items
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.detach_guard({
userName="user-0001",
clientId="client-0001",
guardNamespaceId="guard-namespace-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.detach_guard_async({
userName="user-0001",
clientId="client-0001",
guardNamespaceId="guard-namespace-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
```
---
### getServiceVersion
Get Microservice Version
#### Request
Request parameters: None
#### Result
| | Type | Description |
| --- | --- | --- |
| item | string | Version |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.GetServiceVersion(
&identifier.GetServiceVersionRequest {
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\GetServiceVersionRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->getServiceVersion(
(new GetServiceVersionRequest())
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.GetServiceVersionRequest;
import io.gs2.identifier.result.GetServiceVersionResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
GetServiceVersionResult result = client.getServiceVersion(
new GetServiceVersionRequest()
);
String item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.GetServiceVersion(
new Gs2.Gs2Identifier.Request.GetServiceVersionRequest(),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.getServiceVersion(
new Gs2Identifier.GetServiceVersionRequest()
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.get_service_version(
identifier.GetServiceVersionRequest()
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.get_service_version({
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.get_service_version_async({
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### createPassword
Create password
Creates password credentials for the specified GS2-Identifier user.
Once created, the user can authenticate using their username and password via the LoginByUser API to obtain a project token.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | User Name
The name of the GS2-Identifier user who owns this password. The user logs into the management console with this user name and the corresponding password, and access is restricted based on the security policies attached to the user. |
| password | string | | ✓| | ~ 1024 chars | Password
The hashed password used for management console authentication. Set during password creation and verified against user input at login time. Stored internally and never returned through the API. |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [Password](#password) | Created Password |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.CreatePassword(
&identifier.CreatePasswordRequest {
UserName: pointy.String("user-0001"),
Password: pointy.String("password-0001"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\CreatePasswordRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->createPassword(
(new CreatePasswordRequest())
->withUserName("user-0001")
->withPassword("password-0001")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.CreatePasswordRequest;
import io.gs2.identifier.result.CreatePasswordResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
CreatePasswordResult result = client.createPassword(
new CreatePasswordRequest()
.withUserName("user-0001")
.withPassword("password-0001")
);
Password item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.CreatePassword(
new Gs2.Gs2Identifier.Request.CreatePasswordRequest()
.WithUserName("user-0001")
.WithPassword("password-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.createPassword(
new Gs2Identifier.CreatePasswordRequest()
.withUserName("user-0001")
.withPassword("password-0001")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.create_password(
identifier.CreatePasswordRequest()
.with_user_name('user-0001')
.with_password('password-0001')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.create_password({
userName="user-0001",
password="password-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.create_password_async({
userName="user-0001",
password="password-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### getPassword
Get Password
Retrieves the password metadata for the specified user.
The actual password value is not returned; only metadata such as MFA settings and creation time are included.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | User Name
The name of the GS2-Identifier user who owns this password. The user logs into the management console with this user name and the corresponding password, and access is restricted based on the security policies attached to the user. |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [Password](#password) | Password |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.GetPassword(
&identifier.GetPasswordRequest {
UserName: pointy.String("user-0001"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\GetPasswordRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->getPassword(
(new GetPasswordRequest())
->withUserName("user-0001")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.GetPasswordRequest;
import io.gs2.identifier.result.GetPasswordResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
GetPasswordResult result = client.getPassword(
new GetPasswordRequest()
.withUserName("user-0001")
);
Password item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.GetPassword(
new Gs2.Gs2Identifier.Request.GetPasswordRequest()
.WithUserName("user-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.getPassword(
new Gs2Identifier.GetPasswordRequest()
.withUserName("user-0001")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.get_password(
identifier.GetPasswordRequest()
.with_user_name('user-0001')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.get_password({
userName="user-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.get_password_async({
userName="user-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### enableMfa
Enable MFA
Initiates the setup of TOTP (Time-based One-Time Password) -based multi-factor authentication for the specified user.
Generates a TOTP secret key and sets the MFA status to "Verifying".
Returns a challenge token that must be used with the ChallengeMfa API to complete the setup by verifying a TOTP passcode.
If MFA is already enabled, an error is returned.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | User Name
The name of the GS2-Identifier user who owns this password. The user logs into the management console with this user name and the corresponding password, and access is restricted based on the security policies attached to the user. |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [Password](#password) | Password updated |
| challengeToken | string | Challenge Token |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.EnableMfa(
&identifier.EnableMfaRequest {
UserName: pointy.String("user-0001"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
challengeToken := result.ChallengeToken
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\EnableMfaRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->enableMfa(
(new EnableMfaRequest())
->withUserName("user-0001")
);
$item = $result->getItem();
$challengeToken = $result->getChallengeToken();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.EnableMfaRequest;
import io.gs2.identifier.result.EnableMfaResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
EnableMfaResult result = client.enableMfa(
new EnableMfaRequest()
.withUserName("user-0001")
);
Password item = result.getItem();
String challengeToken = result.getChallengeToken();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.EnableMfa(
new Gs2.Gs2Identifier.Request.EnableMfaRequest()
.WithUserName("user-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
var challengeToken = result.ChallengeToken;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.enableMfa(
new Gs2Identifier.EnableMfaRequest()
.withUserName("user-0001")
);
const item = result.getItem();
const challengeToken = result.getChallengeToken();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.enable_mfa(
identifier.EnableMfaRequest()
.with_user_name('user-0001')
)
item = result.item
challenge_token = result.challenge_token
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.enable_mfa({
userName="user-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
challengeToken = result.challengeToken;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.enable_mfa_async({
userName="user-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
challengeToken = result.challengeToken;
```
---
### challengeMfa
Verify MFA
Completes the MFA setup by verifying a 6-digit TOTP (Time-based One-Time Password) code.
The MFA status must be "Verifying" (set by EnableMfa); otherwise, an error is returned.
Upon successful verification, the MFA status is changed to "Enable", and subsequent logins via LoginByUser will require a TOTP passcode.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | User Name
The name of the GS2-Identifier user who owns this password. The user logs into the management console with this user name and the corresponding password, and access is restricted based on the security policies attached to the user. |
| passcode | string | | ✓| | 6 ~ 6 chars | One-time password code |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [Password](#password) | Password updated |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.ChallengeMfa(
&identifier.ChallengeMfaRequest {
UserName: pointy.String("user-0001"),
Passcode: pointy.String("012345"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\ChallengeMfaRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->challengeMfa(
(new ChallengeMfaRequest())
->withUserName("user-0001")
->withPasscode("012345")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.ChallengeMfaRequest;
import io.gs2.identifier.result.ChallengeMfaResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
ChallengeMfaResult result = client.challengeMfa(
new ChallengeMfaRequest()
.withUserName("user-0001")
.withPasscode("012345")
);
Password item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.ChallengeMfa(
new Gs2.Gs2Identifier.Request.ChallengeMfaRequest()
.WithUserName("user-0001")
.WithPasscode("012345"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.challengeMfa(
new Gs2Identifier.ChallengeMfaRequest()
.withUserName("user-0001")
.withPasscode("012345")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.challenge_mfa(
identifier.ChallengeMfaRequest()
.with_user_name('user-0001')
.with_passcode('012345')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.challenge_mfa({
userName="user-0001",
passcode="012345",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.challenge_mfa_async({
userName="user-0001",
passcode="012345",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### disableMfa
Disable MFA
Disables multi-factor authentication for the specified user.
Clears the TOTP secret key and MFA settings. Subsequent logins will only require password authentication.
If MFA is already disabled, an error is returned.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | User Name
The name of the GS2-Identifier user who owns this password. The user logs into the management console with this user name and the corresponding password, and access is restricted based on the security policies attached to the user. |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [Password](#password) | Password updated |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.DisableMfa(
&identifier.DisableMfaRequest {
UserName: pointy.String("user-0001"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\DisableMfaRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->disableMfa(
(new DisableMfaRequest())
->withUserName("user-0001")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.DisableMfaRequest;
import io.gs2.identifier.result.DisableMfaResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
DisableMfaResult result = client.disableMfa(
new DisableMfaRequest()
.withUserName("user-0001")
);
Password item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.DisableMfa(
new Gs2.Gs2Identifier.Request.DisableMfaRequest()
.WithUserName("user-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.disableMfa(
new Gs2Identifier.DisableMfaRequest()
.withUserName("user-0001")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.disable_mfa(
identifier.DisableMfaRequest()
.with_user_name('user-0001')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.disable_mfa({
userName="user-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.disable_mfa_async({
userName="user-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### deletePassword
Delete password
Deletes the password credentials for the specified user.
After deletion, the user can no longer authenticate via the LoginByUser API. MFA settings are also removed.
Credential-based authentication (client ID/secret) via the Login API is not affected.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | User Name
The name of the GS2-Identifier user who owns this password. The user logs into the management console with this user name and the corresponding password, and access is restricted based on the security policies attached to the user. |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [Password](#password) | Password |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.DeletePassword(
&identifier.DeletePasswordRequest {
UserName: pointy.String("user-0001"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\DeletePasswordRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->deletePassword(
(new DeletePasswordRequest())
->withUserName("user-0001")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.DeletePasswordRequest;
import io.gs2.identifier.result.DeletePasswordResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
DeletePasswordResult result = client.deletePassword(
new DeletePasswordRequest()
.withUserName("user-0001")
);
Password item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.DeletePassword(
new Gs2.Gs2Identifier.Request.DeletePasswordRequest()
.WithUserName("user-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.deletePassword(
new Gs2Identifier.DeletePasswordRequest()
.withUserName("user-0001")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.delete_password(
identifier.DeletePasswordRequest()
.with_user_name('user-0001')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.delete_password({
userName="user-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.delete_password_async({
userName="user-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### getHasSecurityPolicy
List assigned Security Policies
Retrieves all security policies currently attached to the specified user.
The combined set of attached policies determines the user's effective API permissions.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | GS2-Identifier User name
GS2-Unique Identifier User name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
#### Result
| | Type | Description |
| --- | --- | --- |
| items | [List<SecurityPolicy>](#securitypolicy) | List of Security Policies |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.GetHasSecurityPolicy(
&identifier.GetHasSecurityPolicyRequest {
UserName: pointy.String("user-0001"),
}
)
if err != nil {
panic("error occurred")
}
items := result.Items
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\GetHasSecurityPolicyRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->getHasSecurityPolicy(
(new GetHasSecurityPolicyRequest())
->withUserName("user-0001")
);
$items = $result->getItems();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.GetHasSecurityPolicyRequest;
import io.gs2.identifier.result.GetHasSecurityPolicyResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
GetHasSecurityPolicyResult result = client.getHasSecurityPolicy(
new GetHasSecurityPolicyRequest()
.withUserName("user-0001")
);
List items = result.getItems();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.GetHasSecurityPolicy(
new Gs2.Gs2Identifier.Request.GetHasSecurityPolicyRequest()
.WithUserName("user-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var items = result.Items;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.getHasSecurityPolicy(
new Gs2Identifier.GetHasSecurityPolicyRequest()
.withUserName("user-0001")
);
const items = result.getItems();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.get_has_security_policy(
identifier.GetHasSecurityPolicyRequest()
.with_user_name('user-0001')
)
items = result.items
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.get_has_security_policy({
userName="user-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.get_has_security_policy_async({
userName="user-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
```
---
### attachSecurityPolicy
Assign the Security Policy to a user
Attaches a security policy to the specified user by its GRN.
The policy is loaded and validated before attachment. Both custom policies and GS2-defined common policies can be attached.
A user can have multiple policies attached; the effective permissions are the union of all attached policies.
Returns the complete list of security policies currently attached to the user after the operation.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | GS2-Identifier User name
GS2-Unique Identifier User name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
| securityPolicyId | string | | ✓| | ~ 1024 chars | GRN of the Security Policy to assign |
#### Result
| | Type | Description |
| --- | --- | --- |
| items | [List<SecurityPolicy>](#securitypolicy) | List of Security Policies assigned to a user |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.AttachSecurityPolicy(
&identifier.AttachSecurityPolicyRequest {
UserName: pointy.String("user-0001"),
SecurityPolicyId: pointy.String("securityPolicyId-0001"),
}
)
if err != nil {
panic("error occurred")
}
items := result.Items
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\AttachSecurityPolicyRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->attachSecurityPolicy(
(new AttachSecurityPolicyRequest())
->withUserName("user-0001")
->withSecurityPolicyId("securityPolicyId-0001")
);
$items = $result->getItems();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.AttachSecurityPolicyRequest;
import io.gs2.identifier.result.AttachSecurityPolicyResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
AttachSecurityPolicyResult result = client.attachSecurityPolicy(
new AttachSecurityPolicyRequest()
.withUserName("user-0001")
.withSecurityPolicyId("securityPolicyId-0001")
);
List items = result.getItems();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.AttachSecurityPolicy(
new Gs2.Gs2Identifier.Request.AttachSecurityPolicyRequest()
.WithUserName("user-0001")
.WithSecurityPolicyId("securityPolicyId-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var items = result.Items;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.attachSecurityPolicy(
new Gs2Identifier.AttachSecurityPolicyRequest()
.withUserName("user-0001")
.withSecurityPolicyId("securityPolicyId-0001")
);
const items = result.getItems();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.attach_security_policy(
identifier.AttachSecurityPolicyRequest()
.with_user_name('user-0001')
.with_security_policy_id('securityPolicyId-0001')
)
items = result.items
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.attach_security_policy({
userName="user-0001",
securityPolicyId="securityPolicyId-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.attach_security_policy_async({
userName="user-0001",
securityPolicyId="securityPolicyId-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
```
---
### detachSecurityPolicy
Revoke assigned Security Policies from a user
Detaches a security policy from the specified user by its GRN.
After detachment, the user loses the permissions granted by this policy.
Returns the list of security policies that remain attached to the user after the operation.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | GS2-Identifier User name
GS2-Unique Identifier User name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
| securityPolicyId | string | | ✓| | ~ 1024 chars | GRN for the Security Policy to be revoked |
#### Result
| | Type | Description |
| --- | --- | --- |
| items | [List<SecurityPolicy>](#securitypolicy) | List of Security Policies that remain assigned to the user after deactivation |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.DetachSecurityPolicy(
&identifier.DetachSecurityPolicyRequest {
UserName: pointy.String("user-0001"),
SecurityPolicyId: pointy.String("securityPolicyId-0001"),
}
)
if err != nil {
panic("error occurred")
}
items := result.Items
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\DetachSecurityPolicyRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->detachSecurityPolicy(
(new DetachSecurityPolicyRequest())
->withUserName("user-0001")
->withSecurityPolicyId("securityPolicyId-0001")
);
$items = $result->getItems();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.DetachSecurityPolicyRequest;
import io.gs2.identifier.result.DetachSecurityPolicyResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
DetachSecurityPolicyResult result = client.detachSecurityPolicy(
new DetachSecurityPolicyRequest()
.withUserName("user-0001")
.withSecurityPolicyId("securityPolicyId-0001")
);
List items = result.getItems();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.DetachSecurityPolicy(
new Gs2.Gs2Identifier.Request.DetachSecurityPolicyRequest()
.WithUserName("user-0001")
.WithSecurityPolicyId("securityPolicyId-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var items = result.Items;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.detachSecurityPolicy(
new Gs2Identifier.DetachSecurityPolicyRequest()
.withUserName("user-0001")
.withSecurityPolicyId("securityPolicyId-0001")
);
const items = result.getItems();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.detach_security_policy(
identifier.DetachSecurityPolicyRequest()
.with_user_name('user-0001')
.with_security_policy_id('securityPolicyId-0001')
)
items = result.items
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.detach_security_policy({
userName="user-0001",
securityPolicyId="securityPolicyId-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.detach_security_policy_async({
userName="user-0001",
securityPolicyId="securityPolicyId-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
```
---
### describeUsers
List Users
Retrieves a paginated list of GS2-Identifier users under the current project.
Users are entities that can hold credentials (client ID/secret), passwords, and security policies for API access control.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| pageToken | string | | | | ~ 1024 chars | Token specifying the position from which to start acquiring data |
| limit | int | | | 30 | 1 ~ 1000 | Number of data items to retrieve |
#### Result
| | Type | Description |
| --- | --- | --- |
| items | [List<User>](#user) | List of Users |
| nextPageToken | string | Page token to retrieve the rest of the listing |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.DescribeUsers(
&identifier.DescribeUsersRequest {
PageToken: nil,
Limit: nil,
}
)
if err != nil {
panic("error occurred")
}
items := result.Items
nextPageToken := result.NextPageToken
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\DescribeUsersRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->describeUsers(
(new DescribeUsersRequest())
->withPageToken(null)
->withLimit(null)
);
$items = $result->getItems();
$nextPageToken = $result->getNextPageToken();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.DescribeUsersRequest;
import io.gs2.identifier.result.DescribeUsersResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
DescribeUsersResult result = client.describeUsers(
new DescribeUsersRequest()
.withPageToken(null)
.withLimit(null)
);
List items = result.getItems();
String nextPageToken = result.getNextPageToken();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.DescribeUsers(
new Gs2.Gs2Identifier.Request.DescribeUsersRequest()
.WithPageToken(null)
.WithLimit(null),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var items = result.Items;
var nextPageToken = result.NextPageToken;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.describeUsers(
new Gs2Identifier.DescribeUsersRequest()
.withPageToken(null)
.withLimit(null)
);
const items = result.getItems();
const nextPageToken = result.getNextPageToken();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.describe_users(
identifier.DescribeUsersRequest()
.with_page_token(None)
.with_limit(None)
)
items = result.items
next_page_token = result.next_page_token
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.describe_users({
pageToken=nil,
limit=nil,
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
nextPageToken = result.nextPageToken;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.describe_users_async({
pageToken=nil,
limit=nil,
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
nextPageToken = result.nextPageToken;
```
---
### createUser
Create User
Creates a new GS2-Identifier user with the specified name and description.
After creation, you can assign credentials, passwords, and security policies to control API access permissions.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| name | string | | ✓| | ~ 128 chars | GS2-Identifier User name
GS2-Unique Identifier User name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
| description | string | | | | ~ 1024 chars | Description |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [User](#user) | Created User |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.CreateUser(
&identifier.CreateUserRequest {
Name: pointy.String("user-0001"),
Description: nil,
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\CreateUserRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->createUser(
(new CreateUserRequest())
->withName("user-0001")
->withDescription(null)
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.CreateUserRequest;
import io.gs2.identifier.result.CreateUserResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
CreateUserResult result = client.createUser(
new CreateUserRequest()
.withName("user-0001")
.withDescription(null)
);
User item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.CreateUser(
new Gs2.Gs2Identifier.Request.CreateUserRequest()
.WithName("user-0001")
.WithDescription(null),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.createUser(
new Gs2Identifier.CreateUserRequest()
.withName("user-0001")
.withDescription(null)
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.create_user(
identifier.CreateUserRequest()
.with_name('user-0001')
.with_description(None)
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.create_user({
name="user-0001",
description=nil,
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.create_user_async({
name="user-0001",
description=nil,
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### updateUser
Update user
Updates the description of an existing GS2-Identifier user.
The user name cannot be changed after creation.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | GS2-Identifier User name
GS2-Unique Identifier User name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
| description | string | | | | ~ 1024 chars | Description |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [User](#user) | Users after update |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.UpdateUser(
&identifier.UpdateUserRequest {
UserName: pointy.String("user-0001"),
Description: pointy.String("description1"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\UpdateUserRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->updateUser(
(new UpdateUserRequest())
->withUserName("user-0001")
->withDescription("description1")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.UpdateUserRequest;
import io.gs2.identifier.result.UpdateUserResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
UpdateUserResult result = client.updateUser(
new UpdateUserRequest()
.withUserName("user-0001")
.withDescription("description1")
);
User item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.UpdateUser(
new Gs2.Gs2Identifier.Request.UpdateUserRequest()
.WithUserName("user-0001")
.WithDescription("description1"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.updateUser(
new Gs2Identifier.UpdateUserRequest()
.withUserName("user-0001")
.withDescription("description1")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.update_user(
identifier.UpdateUserRequest()
.with_user_name('user-0001')
.with_description('description1')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.update_user({
userName="user-0001",
description="description1",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.update_user_async({
userName="user-0001",
description="description1",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### getUser
Get User
Retrieves the detailed information of a specific GS2-Identifier user by user name.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | GS2-Identifier User name
GS2-Unique Identifier User name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [User](#user) | user |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.GetUser(
&identifier.GetUserRequest {
UserName: pointy.String("user-0001"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\GetUserRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->getUser(
(new GetUserRequest())
->withUserName("user-0001")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.GetUserRequest;
import io.gs2.identifier.result.GetUserResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
GetUserResult result = client.getUser(
new GetUserRequest()
.withUserName("user-0001")
);
User item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.GetUser(
new Gs2.Gs2Identifier.Request.GetUserRequest()
.WithUserName("user-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.getUser(
new Gs2Identifier.GetUserRequest()
.withUserName("user-0001")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.get_user(
identifier.GetUserRequest()
.with_user_name('user-0001')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.get_user({
userName="user-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.get_user_async({
userName="user-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### deleteUser
Delete user
Deletes a GS2-Identifier user and all associated data including credentials, passwords, and security policy attachments.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | GS2-Identifier User name
GS2-Unique Identifier User name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [User](#user) | User deleted |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.DeleteUser(
&identifier.DeleteUserRequest {
UserName: pointy.String("user-0001"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\DeleteUserRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->deleteUser(
(new DeleteUserRequest())
->withUserName("user-0001")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.DeleteUserRequest;
import io.gs2.identifier.result.DeleteUserResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
DeleteUserResult result = client.deleteUser(
new DeleteUserRequest()
.withUserName("user-0001")
);
User item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.DeleteUser(
new Gs2.Gs2Identifier.Request.DeleteUserRequest()
.WithUserName("user-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.deleteUser(
new Gs2Identifier.DeleteUserRequest()
.withUserName("user-0001")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.delete_user(
identifier.DeleteUserRequest()
.with_user_name('user-0001')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.delete_user({
userName="user-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.delete_user_async({
userName="user-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### describeSecurityPolicies
List Security Policies
Retrieves a paginated list of custom security policies defined in the current project.
Security policies are JSON documents that define authorization rules controlling which GS2 API operations a user is allowed to perform.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| pageToken | string | | | | ~ 1024 chars | Token specifying the position from which to start acquiring data |
| limit | int | | | 30 | 1 ~ 1000 | Number of data items to retrieve |
#### Result
| | Type | Description |
| --- | --- | --- |
| items | [List<SecurityPolicy>](#securitypolicy) | List of security policies |
| nextPageToken | string | Page token to retrieve the rest of the listing |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.DescribeSecurityPolicies(
&identifier.DescribeSecurityPoliciesRequest {
PageToken: nil,
Limit: nil,
}
)
if err != nil {
panic("error occurred")
}
items := result.Items
nextPageToken := result.NextPageToken
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\DescribeSecurityPoliciesRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->describeSecurityPolicies(
(new DescribeSecurityPoliciesRequest())
->withPageToken(null)
->withLimit(null)
);
$items = $result->getItems();
$nextPageToken = $result->getNextPageToken();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.DescribeSecurityPoliciesRequest;
import io.gs2.identifier.result.DescribeSecurityPoliciesResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
DescribeSecurityPoliciesResult result = client.describeSecurityPolicies(
new DescribeSecurityPoliciesRequest()
.withPageToken(null)
.withLimit(null)
);
List items = result.getItems();
String nextPageToken = result.getNextPageToken();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.DescribeSecurityPolicies(
new Gs2.Gs2Identifier.Request.DescribeSecurityPoliciesRequest()
.WithPageToken(null)
.WithLimit(null),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var items = result.Items;
var nextPageToken = result.NextPageToken;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.describeSecurityPolicies(
new Gs2Identifier.DescribeSecurityPoliciesRequest()
.withPageToken(null)
.withLimit(null)
);
const items = result.getItems();
const nextPageToken = result.getNextPageToken();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.describe_security_policies(
identifier.DescribeSecurityPoliciesRequest()
.with_page_token(None)
.with_limit(None)
)
items = result.items
next_page_token = result.next_page_token
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.describe_security_policies({
pageToken=nil,
limit=nil,
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
nextPageToken = result.nextPageToken;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.describe_security_policies_async({
pageToken=nil,
limit=nil,
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
nextPageToken = result.nextPageToken;
```
---
### describeCommonSecurityPolicies
List GS2-defined Security Policies
Retrieves a paginated list of built-in security policies provided by GS2.
These common policies cover typical use cases and can be attached to users alongside custom policies.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| pageToken | string | | | | ~ 1024 chars | Token specifying the position from which to start acquiring data |
| limit | int | | | 30 | 1 ~ 1000 | Number of data items to retrieve |
#### Result
| | Type | Description |
| --- | --- | --- |
| items | [List<SecurityPolicy>](#securitypolicy) | List of security policies |
| nextPageToken | string | Page token to retrieve the rest of the listing |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.DescribeCommonSecurityPolicies(
&identifier.DescribeCommonSecurityPoliciesRequest {
PageToken: nil,
Limit: nil,
}
)
if err != nil {
panic("error occurred")
}
items := result.Items
nextPageToken := result.NextPageToken
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\DescribeCommonSecurityPoliciesRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->describeCommonSecurityPolicies(
(new DescribeCommonSecurityPoliciesRequest())
->withPageToken(null)
->withLimit(null)
);
$items = $result->getItems();
$nextPageToken = $result->getNextPageToken();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.DescribeCommonSecurityPoliciesRequest;
import io.gs2.identifier.result.DescribeCommonSecurityPoliciesResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
DescribeCommonSecurityPoliciesResult result = client.describeCommonSecurityPolicies(
new DescribeCommonSecurityPoliciesRequest()
.withPageToken(null)
.withLimit(null)
);
List items = result.getItems();
String nextPageToken = result.getNextPageToken();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.DescribeCommonSecurityPolicies(
new Gs2.Gs2Identifier.Request.DescribeCommonSecurityPoliciesRequest()
.WithPageToken(null)
.WithLimit(null),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var items = result.Items;
var nextPageToken = result.NextPageToken;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.describeCommonSecurityPolicies(
new Gs2Identifier.DescribeCommonSecurityPoliciesRequest()
.withPageToken(null)
.withLimit(null)
);
const items = result.getItems();
const nextPageToken = result.getNextPageToken();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.describe_common_security_policies(
identifier.DescribeCommonSecurityPoliciesRequest()
.with_page_token(None)
.with_limit(None)
)
items = result.items
next_page_token = result.next_page_token
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.describe_common_security_policies({
pageToken=nil,
limit=nil,
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
nextPageToken = result.nextPageToken;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.describe_common_security_policies_async({
pageToken=nil,
limit=nil,
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
items = result.items;
nextPageToken = result.nextPageToken;
```
---
### createSecurityPolicy
Create Security Policy
Creates a new custom security policy with a name, description, and JSON policy document.
The policy document defines the authorization rules that control which GS2 API operations are allowed or denied.
After creation, the policy can be attached to users via the AttachSecurityPolicy API.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| name | string | | ✓| | ~ 128 chars | Security Policy Name
Unique Security Policy name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
| description | string | | | | ~ 1024 chars | Description |
| policy | string | | ✓| | ~ 524288 chars | Policy Document
A JSON document that defines the access control rules for this security policy. The document specifies which GS2 API actions are allowed or denied, and which resources (identified by GRN patterns) the rules apply to. Multiple statements can be combined to create fine-grained access control. Maximum 512KB. |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [SecurityPolicy](#securitypolicy) | Created security policy |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.CreateSecurityPolicy(
&identifier.CreateSecurityPolicyRequest {
Name: pointy.String("policy-0001"),
Description: nil,
Policy: pointy.String("{}"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\CreateSecurityPolicyRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->createSecurityPolicy(
(new CreateSecurityPolicyRequest())
->withName("policy-0001")
->withDescription(null)
->withPolicy("{}")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.CreateSecurityPolicyRequest;
import io.gs2.identifier.result.CreateSecurityPolicyResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
CreateSecurityPolicyResult result = client.createSecurityPolicy(
new CreateSecurityPolicyRequest()
.withName("policy-0001")
.withDescription(null)
.withPolicy("{}")
);
SecurityPolicy item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.CreateSecurityPolicy(
new Gs2.Gs2Identifier.Request.CreateSecurityPolicyRequest()
.WithName("policy-0001")
.WithDescription(null)
.WithPolicy("{}"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.createSecurityPolicy(
new Gs2Identifier.CreateSecurityPolicyRequest()
.withName("policy-0001")
.withDescription(null)
.withPolicy("{}")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.create_security_policy(
identifier.CreateSecurityPolicyRequest()
.with_name('policy-0001')
.with_description(None)
.with_policy('{}')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.create_security_policy({
name="policy-0001",
description=nil,
policy="{}",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.create_security_policy_async({
name="policy-0001",
description=nil,
policy="{}",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### updateSecurityPolicy
Update Security Policy
Updates the description and policy document of an existing security policy.
Changes take effect immediately for all users who have this policy attached.
The policy name cannot be changed after creation.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| securityPolicyName | string | | ✓| | ~ 128 chars | Security Policy Name
Unique Security Policy name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
| description | string | | | | ~ 1024 chars | Description |
| policy | string | | ✓| | ~ 524288 chars | Policy Document
A JSON document that defines the access control rules for this security policy. The document specifies which GS2 API actions are allowed or denied, and which resources (identified by GRN patterns) the rules apply to. Multiple statements can be combined to create fine-grained access control. Maximum 512KB. |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [SecurityPolicy](#securitypolicy) | Security Policy updated |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.UpdateSecurityPolicy(
&identifier.UpdateSecurityPolicyRequest {
SecurityPolicyName: pointy.String("policy-0001"),
Description: pointy.String("description1"),
Policy: pointy.String("{\"hoge\": \"fuga\"}"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\UpdateSecurityPolicyRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->updateSecurityPolicy(
(new UpdateSecurityPolicyRequest())
->withSecurityPolicyName("policy-0001")
->withDescription("description1")
->withPolicy("{\"hoge\": \"fuga\"}")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.UpdateSecurityPolicyRequest;
import io.gs2.identifier.result.UpdateSecurityPolicyResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
UpdateSecurityPolicyResult result = client.updateSecurityPolicy(
new UpdateSecurityPolicyRequest()
.withSecurityPolicyName("policy-0001")
.withDescription("description1")
.withPolicy("{\"hoge\": \"fuga\"}")
);
SecurityPolicy item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.UpdateSecurityPolicy(
new Gs2.Gs2Identifier.Request.UpdateSecurityPolicyRequest()
.WithSecurityPolicyName("policy-0001")
.WithDescription("description1")
.WithPolicy("{\"hoge\": \"fuga\"}"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.updateSecurityPolicy(
new Gs2Identifier.UpdateSecurityPolicyRequest()
.withSecurityPolicyName("policy-0001")
.withDescription("description1")
.withPolicy("{\"hoge\": \"fuga\"}")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.update_security_policy(
identifier.UpdateSecurityPolicyRequest()
.with_security_policy_name('policy-0001')
.with_description('description1')
.with_policy('{"hoge": "fuga"}')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.update_security_policy({
securityPolicyName="policy-0001",
description="description1",
policy="{\"hoge\": \"fuga\"}",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.update_security_policy_async({
securityPolicyName="policy-0001",
description="description1",
policy="{\"hoge\": \"fuga\"}",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### getSecurityPolicy
Get Security Policy
Retrieves the detailed information of a specific security policy, including its JSON policy document.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| securityPolicyName | string | | ✓| | ~ 128 chars | Security Policy Name
Unique Security Policy name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [SecurityPolicy](#securitypolicy) | Security Policy |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.GetSecurityPolicy(
&identifier.GetSecurityPolicyRequest {
SecurityPolicyName: pointy.String("policy-0001"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\GetSecurityPolicyRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->getSecurityPolicy(
(new GetSecurityPolicyRequest())
->withSecurityPolicyName("policy-0001")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.GetSecurityPolicyRequest;
import io.gs2.identifier.result.GetSecurityPolicyResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
GetSecurityPolicyResult result = client.getSecurityPolicy(
new GetSecurityPolicyRequest()
.withSecurityPolicyName("policy-0001")
);
SecurityPolicy item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.GetSecurityPolicy(
new Gs2.Gs2Identifier.Request.GetSecurityPolicyRequest()
.WithSecurityPolicyName("policy-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.getSecurityPolicy(
new Gs2Identifier.GetSecurityPolicyRequest()
.withSecurityPolicyName("policy-0001")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.get_security_policy(
identifier.GetSecurityPolicyRequest()
.with_security_policy_name('policy-0001')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.get_security_policy({
securityPolicyName="policy-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.get_security_policy_async({
securityPolicyName="policy-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### deleteSecurityPolicy
Delete Security Policy
Deletes a custom security policy.
If this policy is still attached to any users, those users will lose the permissions granted by this policy.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| securityPolicyName | string | | ✓| | ~ 128 chars | Security Policy Name
Unique Security Policy name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [SecurityPolicy](#securitypolicy) | Security Policy |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.DeleteSecurityPolicy(
&identifier.DeleteSecurityPolicyRequest {
SecurityPolicyName: pointy.String("policy-0001"),
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\DeleteSecurityPolicyRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->deleteSecurityPolicy(
(new DeleteSecurityPolicyRequest())
->withSecurityPolicyName("policy-0001")
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.DeleteSecurityPolicyRequest;
import io.gs2.identifier.result.DeleteSecurityPolicyResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
DeleteSecurityPolicyResult result = client.deleteSecurityPolicy(
new DeleteSecurityPolicyRequest()
.withSecurityPolicyName("policy-0001")
);
SecurityPolicy item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.DeleteSecurityPolicy(
new Gs2.Gs2Identifier.Request.DeleteSecurityPolicyRequest()
.WithSecurityPolicyName("policy-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.deleteSecurityPolicy(
new Gs2Identifier.DeleteSecurityPolicyRequest()
.withSecurityPolicyName("policy-0001")
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.delete_security_policy(
identifier.DeleteSecurityPolicyRequest()
.with_security_policy_name('policy-0001')
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.delete_security_policy({
securityPolicyName="policy-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.delete_security_policy_async({
securityPolicyName="policy-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---
### login
Get a Project Token
Authenticates using OAuth2 client credentials (client ID and client secret) and returns a project token (Bearer token).
The client secret is verified against the stored credential; if invalid, an Unauthorized error is returned.
The returned token has a validity period of 36000 seconds (10 hours) and is used as the Bearer token for all subsequent GS2 API requests.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| client_id | string | | ✓| UUID | ~ 256 chars | Client ID |
| client_secret | string | | ✓| UUID | ~ 100 chars | Client Secret |
#### Result
| | Type | Description |
| --- | --- | --- |
| access_token | string | Project Token |
| token_type | string | Bearer |
| expires_in | int | Period of validity(sec) |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.Login(
&identifier.LoginRequest {
ClientId: pointy.String("client-0001"),
ClientSecret: pointy.String("secret-0001"),
}
)
if err != nil {
panic("error occurred")
}
accessToken := result.AccessToken
tokenType := result.TokenType
expiresIn := result.ExpiresIn
ownerId := result.OwnerId
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\LoginRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->login(
(new LoginRequest())
->withClientId("client-0001")
->withClientSecret("secret-0001")
);
$accessToken = $result->getAccessToken();
$tokenType = $result->getTokenType();
$expiresIn = $result->getExpiresIn();
$ownerId = $result->getOwnerId();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.LoginRequest;
import io.gs2.identifier.result.LoginResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
LoginResult result = client.login(
new LoginRequest()
.withClientId("client-0001")
.withClientSecret("secret-0001")
);
String accessToken = result.getAccessToken();
String tokenType = result.getTokenType();
int expiresIn = result.getExpiresIn();
String ownerId = result.getOwnerId();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.Login(
new Gs2.Gs2Identifier.Request.LoginRequest()
.WithClientId("client-0001")
.WithClientSecret("secret-0001"),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var accessToken = result.AccessToken;
var tokenType = result.TokenType;
var expiresIn = result.ExpiresIn;
var ownerId = result.OwnerId;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.login(
new Gs2Identifier.LoginRequest()
.withClientId("client-0001")
.withClientSecret("secret-0001")
);
const accessToken = result.getAccessToken();
const tokenType = result.getTokenType();
const expiresIn = result.getExpiresIn();
const ownerId = result.getOwnerId();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.login(
identifier.LoginRequest()
.with_client_id('client-0001')
.with_client_secret('secret-0001')
)
access_token = result.access_token
token_type = result.token_type
expires_in = result.expires_in
owner_id = result.owner_id
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.login({
clientId="client-0001",
clientSecret="secret-0001",
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
accessToken = result.accessToken;
tokenType = result.tokenType;
expiresIn = result.expiresIn;
ownerId = result.ownerId;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.login_async({
clientId="client-0001",
clientSecret="secret-0001",
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
accessToken = result.accessToken;
tokenType = result.tokenType;
expiresIn = result.expiresIn;
ownerId = result.ownerId;
```
---
### loginByUser
Get a Project Token by specifying a GS2-Identifier user
Authenticates using a GS2-Identifier username and password, and returns a project token.
If multi-factor authentication (MFA) is enabled for the user, a valid TOTP passcode must also be provided in the otp field; if missing, a "require" error is returned.
The password is verified first, followed by the TOTP passcode if MFA is enabled.
#### Request
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | GS2-Identifier username |
| password | string | | ✓| | ~ 1024 chars | Password for GS2-Identifier user |
| otp | string | | | | 6 ~ 6 chars | Passcode |
#### Result
| | Type | Description |
| --- | --- | --- |
| item | [ProjectToken](#projecttoken) | Project Token |
#### Implementation Example
**Go**
```go
import "github.com/gs2io/gs2-golang-sdk/core"
import "github.com/gs2io/gs2-golang-sdk/identifier"
import "github.com/openlyinc/pointy"
session := core.Gs2RestSession{
Credential: &core.BasicGs2Credential{
ClientId: "your client id",
ClientSecret: "your client secret",
},
Region: core.ApNortheast1,
}
if err := session.Connect(); err != nil {
panic("error occurred")
}
client := identifier.Gs2IdentifierRestClient{
Session: &session,
}
result, err := client.LoginByUser(
&identifier.LoginByUserRequest {
UserName: pointy.String("user-name"),
Password: pointy.String("password"),
Otp: nil,
}
)
if err != nil {
panic("error occurred")
}
item := result.Item
```
**PHP**
```php
use Gs2\Core\Model\BasicGs2Credential;
use Gs2\Core\Model\Region;
use Gs2\Core\Net\Gs2RestSession;
use Gs2\Core\Exception\Gs2Exception;
use Gs2\Identifier\Gs2IdentifierRestClient;
use Gs2\Identifier\Request\LoginByUserRequest;
$session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region::AP_NORTHEAST_1
);
$session->open();
$client = new Gs2IdentifierRestClient(
$session
);
try {
$result = $client->loginByUser(
(new LoginByUserRequest())
->withUserName("user-name")
->withPassword("password")
->withOtp(null)
);
$item = $result->getItem();
} catch (Gs2Exception $e) {
exit("error occurred")
}
```
**Java**
```java
import io.gs2.core.model.Region;
import io.gs2.core.model.BasicGs2Credential;
import io.gs2.core.rest.Gs2RestSession;
import io.gs2.core.exception.Gs2Exception;
import io.gs2.identifier.rest.Gs2IdentifierRestClient;
import io.gs2.identifier.request.LoginByUserRequest;
import io.gs2.identifier.result.LoginByUserResult;
Gs2RestSession session = new Gs2RestSession(
Region.AP_NORTHEAST_1,
new BasicGs2Credential(
"your client id",
"your client secret"
)
);
session.connect();
Gs2IdentifierRestClient client = new Gs2IdentifierRestClient(session);
try {
LoginByUserResult result = client.loginByUser(
new LoginByUserRequest()
.withUserName("user-name")
.withPassword("password")
.withOtp(null)
);
ProjectToken item = result.getItem();
} catch (Gs2Exception e) {
System.exit(1);
}
```
**C#**
```csharp
using Gs2.Core;
using Gs2.Core.Model;
using Gs2.Core.Net;
using Gs2.Core.Exception;
var session = new Gs2RestSession(
new BasicGs2Credential(
"your client id",
"your client secret"
),
Region.ApNortheast1
);
yield return session.OpenAsync(r => { });
var client = new Gs2IdentifierRestClient(session);
AsyncResult asyncResult = null;
yield return client.LoginByUser(
new Gs2.Gs2Identifier.Request.LoginByUserRequest()
.WithUserName("user-name")
.WithPassword("password")
.WithOtp(null),
r => asyncResult = r
);
if (asyncResult.Error != null) {
throw asyncResult.Error;
}
var result = asyncResult.Result;
var item = result.Item;
```
**TypeScript**
```typescript
import Gs2Core from '@/gs2/core';
import * as Gs2Identifier from '@/gs2/identifier';
const session = new Gs2Core.Gs2RestSession(
"ap-northeast-1",
new Gs2Core.BasicGs2Credential(
'your client id',
'your client secret'
)
);
await session.connect();
const client = new Gs2Identifier.Gs2IdentifierRestClient(session);
try {
const result = await client.loginByUser(
new Gs2Identifier.LoginByUserRequest()
.withUserName("user-name")
.withPassword("password")
.withOtp(null)
);
const item = result.getItem();
} catch (e) {
process.exit(1);
}
```
**Python**
```python
from gs2 import core
from gs2 import identifier
session = core.Gs2RestSession(
core.BasicGs2Credential(
'your client id',
'your client secret'
),
"ap-northeast-1",
)
session.connect()
client = identifier.Gs2IdentifierRestClient(session)
try:
result = client.login_by_user(
identifier.LoginByUserRequest()
.with_user_name('user-name')
.with_password('password')
.with_otp(None)
)
item = result.item
except core.Gs2Exception as e:
exit(1)
```
**GS2-Script**
```lua
client = gs2('identifier')
api_result = client.login_by_user({
userName="user-name",
password="password",
otp=nil,
})
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
**GS2-Script(Async)**
```lua
client = gs2('identifier')
api_result_handler = client.login_by_user_async({
userName="user-name",
password="password",
otp=nil,
})
api_result = api_result_handler() -- Call the handler to get the result
if(api_result.isError) then
-- When error occurs
fail(api_result['statusCode'], api_result['errorMessage'])
end
result = api_result.result
item = result.item;
```
---