List of operations by function - API Reference| Alibaba Cloud Documentation Center

The following tables list the API operations that are available for use in Identity Management Service (IMS).

Note Alibaba Cloud provides OpenAPI Explorer to simplify API usage. You can use OpenAPI Explorer to debug API operations and dynamically generate SDK sample code.

User management


API	Description
CreateUser	Creates a RAM user.
GetUser	Queries the information of a RAM user.
UpdateUser	Modifies the information of a RAM user.
DeleteUser	Deletes a RAM user.
ListUsers	Queries the details of all RAM users.
ListUserBasicInfos	Queries the basic information of all RAM users.
CreateLoginProfile	Enables console logon for a RAM user.
GetLoginProfile	Queries the logon information of a RAM user.
UpdateLoginProfile	Modifies the logon information of a RAM user.
DeleteLoginProfile	Disables console logon for a RAM user.
ChangePassword	Changes the password that is used to log on to the console for a RAM user.
CreateAccessKey	Creates an AccessKey pair for an Alibaba Cloud account or a RAM user.
UpdateAccessKey	Modifies the status of an AccessKey pair for an Alibaba Cloud account or a RAM user.
DeleteAccessKey	Deletes an AccessKey pair from an Alibaba Cloud account or a RAM user.
ListAccessKeys	Queries AccessKey pairs of an Alibaba Cloud account or a RAM user.
GetAccessKeyLastUsed	Queries the time when an AccessKey pair is used for the last time.
CreateVirtualMFADevice	Creates a multi-factor authentication (MFA) device.
ListVirtualMFADevices	Queries MFA devices.
DeleteVirtualMFADevice	Deletes an MFA device.
DisableVirtualMFA	Unbinds and deletes an MFA device from a RAM user.
BindMFADevice	Binds an MFA device to a RAM user.
UnbindMFADevice	Unbinds an MFA device from a RAM user.
GetAccountMFAInfo	Queries the MFA status of an Alibaba Cloud account.
GetUserMFAInfo	Queries the information of the MFA device that is bound to a RAM user.
GenerateCredentialReport	Generates a user credential report.
GetCredentialReport	Queries the content of a user credential report.
GetAccountSecurityPracticeReport	Queries the security report of an Alibaba Cloud account.
GetAccountSummary	Queries the overview information of an Alibaba Cloud account.

User group management


API	Description
CreateGroup	Creates a RAM user group.
GetGroup	Queries the information of a RAM user group.
UpdateGroup	Modifies the information of a RAM user group.
DeleteGroup	Deletes a RAM user group.
ListGroups	Queries RAM user groups.
AddUserToGroup	Adds a RAM user to a RAM user group.
ListUsersForGroup	Queries RAM users in a RAM user group.
ListGroupsForUser	Queries the RAM user groups to which a RAM user belongs.
RemoveUserFromGroup	Removes a RAM user from a RAM user group.

Single sign-on (SSO) management


API	Description
SetUserSsoSettings	Configures the information of identity providers (IdPs) for user-based SSO.
GetUserSsoSettings	Queries the information of IdPs for user-based SSO.
CreateSAMLProvider	Creates an IdP for role-based SSO.
GetSAMLProvider	Queries the information of an IdP for role-based SSO.
UpdateSAMLProvider	Modifies the information of an IdP for role-based SSO.
ListSAMLProviders	Queries IdPs for role-based SSO.
DeleteSAMLProvider	Deletes an IdP for role-based SSO.

Security settings


API	Description
SetPasswordPolicy	Configures the password policy for RAM users.
GetPasswordPolicy	Queries the password policy for RAM users.
SetSecurityPreference	Configures the security preferences for RAM users.
GetSecurityPreference	Queries the security preferences of RAM users.
SetDefaultDomain	Configures the default domain name.
GetDefaultDomain	Queries the default domain name.