The following tables list the API operations available for use in Identity Management Service (IMS).

Note Alibaba Cloud provides OpenAPI Explorer to simplify API usage. You can use OpenAPI Explorer to debug API operations and dynamically generate SDK sample code.

User management

API Description
CreateUser Creates a Resource Access Management (RAM) user.
GetUser Queries the information about a RAM user.
UpdateUser Modifies the information about a RAM user.
DeleteUser Deletes a RAM user.
ListUsers Queries the details of all RAM users.
ListUserBasicInfos Queries the basic information about all RAM users.
CreateLoginProfile Enables console logon for a RAM user.
GetLoginProfile Queries the logon information about a RAM user.
UpdateLoginProfile Modifies the logon information about a RAM user.
DeleteLoginProfile Disables console logon for a RAM user.
ChangePassword Changes the password that is used to log on to the console for a RAM user.
CreateAccessKey Creates an AccessKey pair for an Alibaba Cloud account or a RAM user.
UpdateAccessKey Modifies the status of an AccessKey pair for an Alibaba Cloud account or a RAM user.
DeleteAccessKey Deletes an AccessKey pair from an Alibaba Cloud account or a RAM user.
ListAccessKeys Queries AccessKey pairs of an Alibaba Cloud account or a RAM user.
GetAccessKeyLastUsed Queries the time when an AccessKey pair is used for the last time.
CreateVirtualMFADevice Creates a multi-factor authentication (MFA) device.
ListVirtualMFADevices Queries MFA devices.
DeleteVirtualMFADevice Deletes an MFA device.
DisableVirtualMFA Unbinds and deletes an MFA device from a RAM user.
BindMFADevice Binds an MFA device to a RAM user.
UnbindMFADevice Unbinds an MFA device from a RAM user.
GetAccountMFAInfo Queries the MFA status of an Alibaba Cloud account.
GetUserMFAInfo Queries the information about the MFA device that is bound to a RAM user.
GenerateCredentialReport Generates a user credential report.
GetCredentialReport Queries the content of a user credential report.
GetAccountSecurityPracticeReport Queries the security report of an Alibaba Cloud account.
GetAccountSummary Queries the overview information about an Alibaba Cloud account.

User group management

API Description
CreateGroup Creates a RAM user group.
GetGroup Queries the information about a RAM user group.
UpdateGroup Modifies the information about a RAM user group.
DeleteGroup Deletes a RAM user group.
ListGroups Queries RAM user groups.
AddUserToGroup Adds a RAM user to a RAM user group.
ListUsersForGroup Queries RAM users in a RAM user group.
ListGroupsForUser Queries the RAM user groups to which a RAM user belongs.
RemoveUserFromGroup Removes a RAM user from a RAM user group.

SSO management

API Description
SetUserSsoSettings Configures the information about identity providers (IdPs) for user-based single sign-on (SSO).
GetUserSsoSettings Queries the information about IdPs for user-based SSO.
CreateSAMLProvider Creates an IdP for role-based SSO.
GetSAMLProvider Queries the information about an IdP for role-based SSO.
UpdateSAMLProvider Modifies information about an IdP for role-based SSO.
ListSAMLProviders Queries IdPs for role-based SSO.
DeleteSAMLProvider Deletes an IdP for role-based SSO.
CreateOIDCProvider Creates an OpenID Connect (OIDC) IdP to configure a trust relationship between Alibaba Cloud and an external IdP.
GetOIDCProvider Queries the information about an OIDC IdP.
UpdateOIDCProvider Modifies the description and client IDs of an OIDC IdP.
ListOIDCProviders Queries OIDC IdPs.
DeleteOIDCProvider Deletes an OIDC IdP.
AddClientIdToOIDCProvider Adds a client ID to an OIDC IdP.
RemoveClientIdFromOIDCProvider Removes a client ID from an OIDC IdP.
AddFingerprintToOIDCProvider Adds a fingerprint to an OIDC IdP.
RemoveFingerprintFromOIDCProvider Removes a fingerprint from an OIDC IdP.

Security settings

API Description
SetPasswordPolicy Configures the password policy for RAM users.
GetPasswordPolicy Queries the password policy for RAM users.
SetSecurityPreference Configures the security preferences for RAM users.
GetSecurityPreference Queries the security preferences for RAM users.
SetDefaultDomain Configures the default domain name.
GetDefaultDomain Queries the default domain name.
GenerateCredentialReport Generates a user credential report.
GetCredentialReport Queries the content of a user credential report.
GetAccountSecurityPracticeReport Queries the security report of an Alibaba Cloud account.