Cloud Organization API, gRPC: FederationService
A set of methods for managing federations.
Call | Description |
---|---|
Get | Returns the specified federation. |
List | Retrieves the list of federations in the specified organization. |
Create | Creates a federation in the specified organization. |
Update | Updates the specified federation. |
Delete | Deletes the specified federation. |
AddUserAccounts | Adds users to the specified federation. |
DeleteUserAccounts | Deletes users from the specified federation. |
ListUserAccounts | Lists users for the specified federation. |
ListOperations | Lists operations for the specified federation. |
Calls FederationService
Get
Returns the specified federation.
To get the list of available federations, make a List request.
rpc Get (GetFederationRequest) returns (Federation)
GetFederationRequest
Field | Description |
---|---|
federation_id | string ID of the federation to return. To get the federation ID, make a FederationService.List request. The maximum string length in characters is 50. |
Federation
Field | Description |
---|---|
id | string Required. ID of the federation. The maximum string length in characters is 50. |
organization_id | string ID of the organization that the federation belongs to. |
name | string Required. Name of the federation. Value must match the regular expression |[a-z][-a-z0-9]{1,61}[a-z0-9] . |
description | string Description of the federation. The maximum string length in characters is 256. |
created_at | google.protobuf.Timestamp Creation timestamp. |
cookie_max_age | google.protobuf.Duration Browser cookie lifetime in seconds. If the cookie is still valid, the management console authenticates the user immediately and redirects them to the home page. Acceptable values are 10m to 12h, inclusive. |
auto_create_account_on_login | bool Add new users automatically on successful authentication. The user becomes member of the organization automatically, but you need to grant other roles to them. If the value is false , users who aren't added to the organization can't log in, even if they have authenticated on your server. |
issuer | string Required. ID of the IdP server to be used for authentication. The IdP server also responds to IAM with this ID after the user authenticates. The maximum string length in characters is 8000. |
sso_binding | enum BindingType Single sign-on endpoint binding type. Most Identity Providers support the POST binding type. SAML Binding is a mapping of a SAML protocol message onto standard messaging formats and/or communications protocols.
|
sso_url | string Required. Single sign-on endpoint URL. Specify the link to the IdP login page here. The maximum string length in characters is 8000. |
security_settings | FederationSecuritySettings Federation security settings. |
case_insensitive_name_ids | bool Use case insensitive Name IDs. |
labels | map<string,string> Resource labels as key:value pairs. Maximum of 64 per resource. |
FederationSecuritySettings
Field | Description |
---|---|
encrypted_assertions | bool Enable encrypted assertions. |
force_authn | bool Value parameter ForceAuthn in SAMLRequest. |
List
Retrieves the list of federations in the specified organization.
rpc List (ListFederationsRequest) returns (ListFederationsResponse)
ListFederationsRequest
Field | Description |
---|---|
organization_id | string Required. ID of the organization to list federations in. To get the organization ID, make a yandex.cloud.organizationmanager.v1.OrganizationService.List request. The maximum string length in characters is 50. |
page_size | int64 The maximum number of results per page to return. If the number of available results is larger than page_size , the service returns a ListFederationsResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100 Acceptable values are 0 to 1000, inclusive. |
page_token | string Page token. To get the next page of results, set page_token to the ListFederationsResponse.next_page_token returned by a previous list request. The maximum string length in characters is 2000. |
filter | string A filter expression that filters resources listed in the response. The expression must specify:
|
ListFederationsResponse
Field | Description |
---|---|
federations[] | Federation List of federations. |
next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListFederationsRequest.page_size, use the next_page_token as the value for the ListFederationsRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
Federation
Field | Description |
---|---|
id | string Required. ID of the federation. The maximum string length in characters is 50. |
organization_id | string ID of the organization that the federation belongs to. |
name | string Required. Name of the federation. Value must match the regular expression |[a-z][-a-z0-9]{1,61}[a-z0-9] . |
description | string Description of the federation. The maximum string length in characters is 256. |
created_at | google.protobuf.Timestamp Creation timestamp. |
cookie_max_age | google.protobuf.Duration Browser cookie lifetime in seconds. If the cookie is still valid, the management console authenticates the user immediately and redirects them to the home page. Acceptable values are 10m to 12h, inclusive. |
auto_create_account_on_login | bool Add new users automatically on successful authentication. The user becomes member of the organization automatically, but you need to grant other roles to them. If the value is false , users who aren't added to the organization can't log in, even if they have authenticated on your server. |
issuer | string Required. ID of the IdP server to be used for authentication. The IdP server also responds to IAM with this ID after the user authenticates. The maximum string length in characters is 8000. |
sso_binding | enum BindingType Single sign-on endpoint binding type. Most Identity Providers support the POST binding type. SAML Binding is a mapping of a SAML protocol message onto standard messaging formats and/or communications protocols.
|
sso_url | string Required. Single sign-on endpoint URL. Specify the link to the IdP login page here. The maximum string length in characters is 8000. |
security_settings | FederationSecuritySettings Federation security settings. |
case_insensitive_name_ids | bool Use case insensitive Name IDs. |
labels | map<string,string> Resource labels as key:value pairs. Maximum of 64 per resource. |
FederationSecuritySettings
Field | Description |
---|---|
encrypted_assertions | bool Enable encrypted assertions. |
force_authn | bool Value parameter ForceAuthn in SAMLRequest. |
Create
Creates a federation in the specified organization.
rpc Create (CreateFederationRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:CreateFederationMetadata
Operation.response:Federation
CreateFederationRequest
Field | Description |
---|---|
organization_id | string ID of the organization to create a federation in. To get the organization ID, make a yandex.cloud.organizationmanager.v1.OrganizationService.List request. The maximum string length in characters is 50. |
name | string Name of the federation. The name must be unique within the organization. Value must match the regular expression [a-z]([-a-z0-9]{0,61}[a-z0-9])? . |
description | string Description of the federation. The maximum string length in characters is 256. |
cookie_max_age | google.protobuf.Duration Browser cookie lifetime in seconds. If the cookie is still valid, the management console authenticates the user immediately and redirects them to the home page. The default value is 8h . Acceptable values are 10m to 12h, inclusive. |
auto_create_account_on_login | bool Add new users automatically on successful authentication. The user becomes member of the organization automatically, but you need to grant other roles to them. If the value is false , users who aren't added to the organization can't log in, even if they have authenticated on your server. |
issuer | string Required. ID of the IdP server to be used for authentication. The IdP server also responds to IAM with this ID after the user authenticates. The maximum string length in characters is 8000. |
sso_binding | enum BindingType Single sign-on endpoint binding type. Most Identity Providers support the POST binding type. SAML Binding is a mapping of a SAML protocol message onto standard messaging formats and/or communications protocols.
|
sso_url | string Required. Single sign-on endpoint URL. Specify the link to the IdP login page here. The maximum string length in characters is 8000. |
security_settings | FederationSecuritySettings Federation security settings. |
case_insensitive_name_ids | bool Use case insensitive Name IDs. |
labels | map<string,string> Resource labels as key:value pairs. No more than 64 per resource. The maximum string length in characters for each value is 63. Each value must match the regular expression [-_0-9a-z]* . The string length in characters for each key must be 1-63. Each key must match the regular expression [a-z][-_0-9a-z]* . |
FederationSecuritySettings
Field | Description |
---|---|
encrypted_assertions | bool Enable encrypted assertions. |
force_authn | bool Value parameter ForceAuthn in SAMLRequest. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
CreateFederationMetadata
Field | Description |
---|---|
federation_id | string ID of the federation that is being created. |
Federation
Field | Description |
---|---|
id | string Required. ID of the federation. The maximum string length in characters is 50. |
organization_id | string ID of the organization that the federation belongs to. |
name | string Required. Name of the federation. Value must match the regular expression |[a-z][-a-z0-9]{1,61}[a-z0-9] . |
description | string Description of the federation. The maximum string length in characters is 256. |
created_at | google.protobuf.Timestamp Creation timestamp. |
cookie_max_age | google.protobuf.Duration Browser cookie lifetime in seconds. If the cookie is still valid, the management console authenticates the user immediately and redirects them to the home page. Acceptable values are 10m to 12h, inclusive. |
auto_create_account_on_login | bool Add new users automatically on successful authentication. The user becomes member of the organization automatically, but you need to grant other roles to them. If the value is false , users who aren't added to the organization can't log in, even if they have authenticated on your server. |
issuer | string Required. ID of the IdP server to be used for authentication. The IdP server also responds to IAM with this ID after the user authenticates. The maximum string length in characters is 8000. |
sso_binding | enum BindingType Single sign-on endpoint binding type. Most Identity Providers support the POST binding type. SAML Binding is a mapping of a SAML protocol message onto standard messaging formats and/or communications protocols.
|
sso_url | string Required. Single sign-on endpoint URL. Specify the link to the IdP login page here. The maximum string length in characters is 8000. |
security_settings | FederationSecuritySettings Federation security settings. |
case_insensitive_name_ids | bool Use case insensitive Name IDs. |
labels | map<string,string> Resource labels as key:value pairs. Maximum of 64 per resource. |
Update
Updates the specified federation.
rpc Update (UpdateFederationRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:UpdateFederationMetadata
Operation.response:Federation
UpdateFederationRequest
Field | Description |
---|---|
federation_id | string ID of the federation to update. To get the federation ID, make a FederationService.List request. The maximum string length in characters is 50. |
update_mask | google.protobuf.FieldMask Field mask that specifies which fields of the federation are going to be updated. |
name | string Name of the federation. The name must be unique within the organization. Value must match the regular expression |[a-z]([-a-z0-9]{0,61}[a-z0-9])? . |
description | string Description of the federation. The maximum string length in characters is 256. |
cookie_max_age | google.protobuf.Duration Browser cookie lifetime in seconds. If the cookie is still valid, the management console authenticates the user immediately and redirects them to the home page. The default value is 8h . Acceptable values are 10m to 12h, inclusive. |
auto_create_account_on_login | bool Add new users automatically on successful authentication. The user becomes member of the organization automatically, but you need to grant other roles to them. If the value is false , users who aren't added to the organization can't log in, even if they have authenticated on your server. |
issuer | string Required. ID of the IdP server to be used for authentication. The IdP server also responds to IAM with this ID after the user authenticates. The maximum string length in characters is 8000. |
sso_binding | enum BindingType Single sign-on endpoint binding type. Most Identity Providers support the POST binding type. SAML Binding is a mapping of a SAML protocol message onto standard messaging formats and/or communications protocols.
|
sso_url | string Required. Single sign-on endpoint URL. Specify the link to the IdP login page here. The maximum string length in characters is 8000. |
security_settings | FederationSecuritySettings Federation security settings. |
case_insensitive_name_ids | bool Use case insensitive name ids. |
labels | map<string,string> Resource labels as key:value pairs. No more than 64 per resource. The maximum string length in characters for each value is 63. Each value must match the regular expression [-_0-9a-z]* . The string length in characters for each key must be 1-63. Each key must match the regular expression [a-z][-_0-9a-z]* . |
FederationSecuritySettings
Field | Description |
---|---|
encrypted_assertions | bool Enable encrypted assertions. |
force_authn | bool Value parameter ForceAuthn in SAMLRequest. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
UpdateFederationMetadata
Field | Description |
---|---|
federation_id | string ID of the federation that is being updated. |
Federation
Field | Description |
---|---|
id | string Required. ID of the federation. The maximum string length in characters is 50. |
organization_id | string ID of the organization that the federation belongs to. |
name | string Required. Name of the federation. Value must match the regular expression |[a-z][-a-z0-9]{1,61}[a-z0-9] . |
description | string Description of the federation. The maximum string length in characters is 256. |
created_at | google.protobuf.Timestamp Creation timestamp. |
cookie_max_age | google.protobuf.Duration Browser cookie lifetime in seconds. If the cookie is still valid, the management console authenticates the user immediately and redirects them to the home page. Acceptable values are 10m to 12h, inclusive. |
auto_create_account_on_login | bool Add new users automatically on successful authentication. The user becomes member of the organization automatically, but you need to grant other roles to them. If the value is false , users who aren't added to the organization can't log in, even if they have authenticated on your server. |
issuer | string Required. ID of the IdP server to be used for authentication. The IdP server also responds to IAM with this ID after the user authenticates. The maximum string length in characters is 8000. |
sso_binding | enum BindingType Single sign-on endpoint binding type. Most Identity Providers support the POST binding type. SAML Binding is a mapping of a SAML protocol message onto standard messaging formats and/or communications protocols.
|
sso_url | string Required. Single sign-on endpoint URL. Specify the link to the IdP login page here. The maximum string length in characters is 8000. |
security_settings | FederationSecuritySettings Federation security settings. |
case_insensitive_name_ids | bool Use case insensitive Name IDs. |
labels | map<string,string> Resource labels as key:value pairs. Maximum of 64 per resource. |
Delete
Deletes the specified federation.
rpc Delete (DeleteFederationRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:DeleteFederationMetadata
Operation.response:google.protobuf.Empty
DeleteFederationRequest
Field | Description |
---|---|
federation_id | string ID of the federation to delete. To get the federation ID, make a FederationService.List request. The maximum string length in characters is 50. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
DeleteFederationMetadata
Field | Description |
---|---|
federation_id | string ID of the federation that is being deleted. |
AddUserAccounts
Adds users to the specified federation.
rpc AddUserAccounts (AddFederatedUserAccountsRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:AddFederatedUserAccountsMetadata
Operation.response:AddFederatedUserAccountsResponse
AddFederatedUserAccountsRequest
Field | Description |
---|---|
federation_id | string ID of the federation to add users. The maximum string length in characters is 50. |
name_ids[] | string Name IDs returned by the Identity Provider (IdP) on successful authentication. These may be UPNs or user email addresses. The maximum string length in characters for each value is 1000. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
AddFederatedUserAccountsMetadata
Field | Description |
---|---|
federation_id | string ID of the federation that is being altered. |
AddFederatedUserAccountsResponse
Field | Description |
---|---|
user_accounts[] | UserAccount List of users created by FederationService.AddUserAccounts request. |
UserAccount
Field | Description |
---|---|
id | string ID of the user account. |
user_account | oneof: yandex_passport_user_account or saml_user_account |
yandex_passport_user_account | YandexPassportUserAccount A YandexPassportUserAccount resource. |
saml_user_account | SamlUserAccount A SAML federated user. |
YandexPassportUserAccount
Field | Description |
---|---|
login | string Login of the Yandex user account. |
default_email | string Default email of the Yandex user account. |
SamlUserAccount
Field | Description |
---|---|
federation_id | string Required. ID of the federation that the federation belongs to. The maximum string length in characters is 50. |
name_id | string Required. Name Id of the SAML federated user. The name is unique within the federation. 1-256 characters long. The string length in characters must be 1-256. |
attributes | map<string,Attribute> Additional attributes of the SAML federated user. |
Attribute
Field | Description |
---|---|
value[] | string |
DeleteUserAccounts
Deletes users from the specified federation.
rpc DeleteUserAccounts (DeleteFederatedUserAccountsRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:DeleteFederatedUserAccountsMetadata
Operation.response:DeleteFederatedUserAccountsResponse
DeleteFederatedUserAccountsRequest
Field | Description |
---|---|
federation_id | string Required. ID of the federation to delete users from. The maximum string length in characters is 50. |
subject_ids[] | string List of subjects to delete. The number of elements must be in the range 1-1000. The string length in characters for each value must be 1-50. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
DeleteFederatedUserAccountsMetadata
Field | Description |
---|---|
federation_id | string ID of the federation that is being altered. |
DeleteFederatedUserAccountsResponse
Field | Description |
---|---|
deleted_subjects[] | string List of subjects deleted by FederationService.DeleteUserAccounts request. |
non_existing_subjects[] | string List of subjects found in FederationService.DeleteUserAccounts request that do not exist. |
ListUserAccounts
Lists users for the specified federation.
rpc ListUserAccounts (ListFederatedUserAccountsRequest) returns (ListFederatedUserAccountsResponse)
ListFederatedUserAccountsRequest
Field | Description |
---|---|
federation_id | string Required. ID of the federation to list user accounts for. The maximum string length in characters is 50. |
page_size | int64 The maximum number of results per page to return. If the number of available results is larger than page_size , the service returns a ListFederatedUserAccountsResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. Acceptable values are 0 to 1000, inclusive. |
page_token | string Page token. To get the next page of results, set page_token to the ListFederatedUserAccountsResponse.next_page_token returned by a previous list request. The maximum string length in characters is 2000. |
filter | string A filter expression that filters resources listed in the response. The expression must specify:
[a-z0-9A-Z/@_.\-=+*\\]+ . The maximum string length in characters is 1010. |
ListFederatedUserAccountsResponse
Field | Description |
---|---|
user_accounts[] | UserAccount List of user accounts for the specified federation. |
next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListFederatedUserAccountsRequest.page_size, use the next_page_token as the value for the ListFederatedUserAccountsRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
UserAccount
Field | Description |
---|---|
id | string ID of the user account. |
user_account | oneof: yandex_passport_user_account or saml_user_account |
yandex_passport_user_account | YandexPassportUserAccount A YandexPassportUserAccount resource. |
saml_user_account | SamlUserAccount A SAML federated user. |
YandexPassportUserAccount
Field | Description |
---|---|
login | string Login of the Yandex user account. |
default_email | string Default email of the Yandex user account. |
SamlUserAccount
Field | Description |
---|---|
federation_id | string Required. ID of the federation that the federation belongs to. The maximum string length in characters is 50. |
name_id | string Required. Name Id of the SAML federated user. The name is unique within the federation. 1-256 characters long. The string length in characters must be 1-256. |
attributes | map<string,Attribute> Additional attributes of the SAML federated user. |
Attribute
Field | Description |
---|---|
value[] | string |
ListOperations
Lists operations for the specified federation.
rpc ListOperations (ListFederationOperationsRequest) returns (ListFederationOperationsResponse)
ListFederationOperationsRequest
Field | Description |
---|---|
federation_id | string ID of the federation to list operations for. The maximum string length in characters is 50. |
page_size | int64 The maximum number of results per page to return. If the number of available results is larger than page_size , the service returns a ListFederationOperationsResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. Acceptable values are 0 to 1000, inclusive. |
page_token | string Page token. To get the next page of results, set page_token to the ListFederationOperationsResponse.next_page_token returned by a previous list request. The maximum string length in characters is 2000. |
ListFederationOperationsResponse
Field | Description |
---|---|
operations[] | operation.Operation List of operations for the specified federation. |
next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListFederationOperationsRequest.page_size, use the next_page_token as the value for the ListFederationOperationsRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty |