All Products
Search
Document Center

Resource Access Management:List of operations by function

Last Updated:May 08, 2024
This product(Ims/2019-08-15) OpenAPI adopts RPC Signature style. See signature details in Description of the signature mechanism. We have packaged SDKs for common programming languages for developers. Developers can directly call the OpenAPI of this product by downloading the SDK without paying attention to the technical details. If the existing SDK cannot meet the usage requirements, you can connect through the signature mechanism. It will take about 5 working days. Therefore, it is recommended to join our DingTalk service group (11370001915) and sign under the guidance of experts.
Before using the API, you need to prepare your identity account and access key (AccessKey) to effectively access the API through client tools (SDK, CLI, etc.). For details see getAccessKey.

User management

APITitleDescription
RAM userRAM user
CreateUserCreateUserCreates a RAM user.
GetUserGetUserQueries the information about a RAM user.
UpdateUserUpdateUserModifies the information about a RAM user.
DeleteUserDeleteUserDeletes a RAM user.
ListUsersListUsersQueries the details of all RAM users.
ListUserBasicInfosListUserBasicInfosQueries the basic information about all RAM users.
GetAccountSummaryGetAccountSummaryQueries the overview information of an Alibaba Cloud account.
LogonLogon
CreateLoginProfileCreateLoginProfileEnables logon to the console for a RAM user.
GetLoginProfileGetLoginProfileQueries the console logon settings of a RAM user.
UpdateLoginProfileUpdateLoginProfileModifies the logon information of a RAM user.
DeleteLoginProfileDeleteLoginProfileDisables logon to the console for a RAM user.
ChangePasswordChangePasswordChanges the password that is used to log on to the console for a Resource Access Management (RAM) user.
AccessKeyAccessKey
CreateAccessKeyCreateAccessKeyCreates an AccessKey pair for an Alibaba Cloud account or a RAM user.
DeleteAccessKeyDeleteAccessKeyDeletes an AccessKey pair from an Alibaba Cloud account or a RAM user.
UpdateAccessKeyUpdateAccessKeyModifies the status of an AccessKey pair for an Alibaba Cloud account or a RAM user.
GetAccessKeyLastUsedGetAccessKeyLastUsedQueries the time when an AccessKey pair was used for the last time.
ListAccessKeysListAccessKeysQueries the AccessKey pairs of an Alibaba Cloud account or a RAM user.
MFAMFA
CreateVirtualMFADeviceCreateVirtualMFADeviceCreates a multi-factor authentication (MFA) device.
ListVirtualMFADevicesListVirtualMFADevicesQueries multi-factor authentication (MFA) devices.
DeleteVirtualMFADeviceDeleteVirtualMFADeviceDeletes a multi-factor authentication (MFA) device.
DisableVirtualMFADisableVirtualMFAUnbinds and deletes an MFA device from a RAM user.
BindMFADeviceBindMFADeviceBinds a multi-factor authentication (MFA) device to a RAM user.
UnbindMFADeviceUnbindMFADeviceUnbinds a multi-factor authentication (MFA) device from a RAM user.
GetAccountMFAInfoGetAccountMFAInfoQueries a multi-factor authentication (MFA) device of an Alibaba Cloud account.
GetUserMFAInfoGetUserMFAInfoQueries the information of the multi-factor authentication (MFA) device that is bound to a RAM user.
TagTag
TagResourcesTagResourcesAdds tags to resources.
UntagResourcesUntagResourcesRemoves tags from a resource.
ListTagResourcesListTagResourcesQueries the tags that are added resources.

User group management

APITitleDescription
CreateGroupCreateGroupCreates a RAM user group.
GetGroupGetGroupQueries the information about a Resource Access Management (RAM) user group.
UpdateGroupUpdateGroupModifies the information of a RAM user group.
DeleteGroupDeleteGroupDeletes a RAM user group.
ListGroupsListGroupsQueries RAM user groups.
AddUserToGroupAddUserToGroupAdds a RAM user to a RAM user group.
RemoveUserFromGroupRemoveUserFromGroupRemoves a RAM user from a RAM user group.
ListUsersForGroupListUsersForGroupQueries RAM users in a RAM user group.
ListGroupsForUserListGroupsForUserQueries the RAM user groups to which a RAM user belongs.

SSO management

APITitleDescription
SetUserSsoSettingsSetUserSsoSettingsConfigures information about identity providers (IdPs) for user-based single sign-on (SSO).
GetUserSsoSettingsGetUserSsoSettingsQueries information about identity providers (IdPs) for user-based single sign-on (SSO).
CreateSAMLProviderCreateSAMLProviderCreates an identity provider (IdP) for role-based SSO.
DeleteSAMLProviderDeleteSAMLProviderDeletes an identity provider (IdP) for role-based SSO.
UpdateSAMLProviderUpdateSAMLProviderModifies information about an identity provider (IdP) for role-based SSO.
GetSAMLProviderGetSAMLProviderQueries the information about an identity provider (IdP) for role-based single sign-on (SSO).
ListSAMLProvidersListSAMLProvidersQueries identity providers (IdPs) for role-based SSO.
CreateOIDCProviderCreateOIDCProviderCreates an OpenID Connect (OIDC) identity provider (IdP) to configure a trust relationship between Alibaba Cloud and an external IdP. This topic provides an example on how to create an IdP named TestOIDCProvider to configure a trust relationship between the external IdP Okta and Alibaba Cloud.
GetOIDCProviderGetOIDCProviderQueries the information about an OIDC IdP.
UpdateOIDCProviderUpdateOIDCProviderModifies the description and client IDs of an OpenID Connect (OIDC) identity provider (IdP).
ListOIDCProvidersListOIDCProvidersQueries OIDC IdPs.
DeleteOIDCProviderDeleteOIDCProviderDeletes an OpenID Connect (OIDC) identity provider (IdP).
AddClientIdToOIDCProviderAddClientIdToOIDCProviderAdds a client ID to an OpenID Connect (OIDC) identity provider (IdP).
RemoveClientIdFromOIDCProviderRemoveClientIdFromOIDCProviderRemoves a client ID from an OpenID Connect (OIDC) identity provider (IdP).
AddFingerprintToOIDCProviderAddFingerprintToOIDCProviderAdds a fingerprint to an OpenID Connect (OIDC) identity provider (IdP).
RemoveFingerprintFromOIDCProviderRemoveFingerprintFromOIDCProviderRemoves a fingerprint from an OpenID Connect (OIDC) identity provider (IdP).

OAuth management

APITitleDescription
CreateApplicationCreateApplicationCreates an application.
GetApplicationGetApplicationQueries the configuration information about an application.
UpdateApplicationUpdateApplicationModifies the information about a specified application.
DeleteApplicationDeleteApplicationDeletes an application.
ListApplicationsListApplicationsLists the created applications.
ListPredefinedScopesListPredefinedScopesQueries predefined application permissions.
CreateAppSecretCreateAppSecretCreates an application secret for the specified application.
GetAppSecretGetAppSecretQueries the details of an application secret.
ListAppSecretIdsListAppSecretIdsQueries the secret IDs of an application.
DeleteAppSecretDeleteAppSecretDelete the application secret for the specified application.

Security settings

APITitleDescription
SetPasswordPolicySetPasswordPolicyConfigures the password policy for RAM users.
GetPasswordPolicyGetPasswordPolicyQueries the details of the password policy for RAM users.
SetSecurityPreferenceSetSecurityPreferenceConfigures security preferences for a RAM user.
GetSecurityPreferenceGetSecurityPreferenceQueries the security preferences for RAM users.
SetDefaultDomainSetDefaultDomainConfigures the default domain name.
GetDefaultDomainGetDefaultDomainQueries the default domain name of an Alibaba Cloud account.
GetCredentialReportGetCredentialReportQueries the user credential reports of an Alibaba Cloud account.
GetAccountSecurityPracticeReportGetAccountSecurityPracticeReportQueries the security report for an Alibaba Cloud account.
GenerateCredentialReportGenerateCredentialReportGenerates a user credential report.