Announcement: All noncommercial projects registered to use Earth Engine before
April 15, 2025 must
verify noncommercial eligibility to maintain Earth Engine access.
Method: projects.assets.testIamPermissions
Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
HTTP request
POST https://earthengine.googleapis.com/v1/{resource=projects/*/assets/**}:testIamPermissions
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters |
resource |
string
REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field.
|
Request body
The request body contains data with the following structure:
JSON representation |
{
"permissions": [
string
]
} |
Fields |
permissions[] |
string
The set of permissions to check for the resource . Permissions with wildcards (such as * or storage.* ) are not allowed. For more information see IAM Overview.
|
Response body
If successful, the response body contains an instance of TestIamPermissionsResponse
.
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/earthengine
https://www.googleapis.com/auth/earthengine.readonly
https://www.googleapis.com/auth/cloud-platform
https://www.googleapis.com/auth/cloud-platform.read-only
For more information, see the OAuth 2.0 Overview.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-03-06 UTC.
[null,null,["Last updated 2025-03-06 UTC."],[[["Returns caller permissions for a specified Earth Engine resource, even if the resource doesn't exist, providing an empty set instead of an error."],["Primarily designed for building permission-aware user interfaces and command-line tools, not for strict authorization checks."],["Accepts a list of specific permissions to check against the resource, using a POST request to a defined endpoint."],["Requires specific OAuth scopes for authentication, like `https://www.googleapis.com/auth/earthengine` or `https://www.googleapis.com/auth/cloud-platform`."]]],["This endpoint, using a POST request to the specified URL, retrieves a caller's permissions for a given resource. It requires the resource path as a parameter and a JSON request body with a list of permissions to check. Wildcard permissions are not permitted. The response indicates the permissions held, returning an empty set if the resource doesn't exist. This is designed for UI/tool development, not for authorization checks, and can \"fail open.\" OAuth scopes are required for authorization.\n"]]