The following tables list the API operations available for use in Identity Management Service (IMS).
Note Alibaba Cloud provides
OpenAPI Explorer to simplify API usage. You can use OpenAPI Explorer to debug API operations and dynamically generate SDK sample code.
User management
| Operation | Description |
|---|---|
| CreateUser | Creates a RAM user. |
| GetUser | Queries the information about a RAM user. |
| UpdateUser | Modifies the information about a RAM user. |
| DeleteUser | Deletes a RAM user. |
| ListUsers | Queries the details of all RAM users. |
| ListUserBasicInfos | Queries the basic information about all RAM users. |
| CreateLoginProfile | Enables console logon for a RAM user. |
| GetLoginProfile | Queries the logon information about a RAM user. |
| UpdateLoginProfile | Modifies the logon information about a RAM user. |
| DeleteLoginProfile | Disables console logon for a RAM user. |
| ChangePassword | Changes the password that is used to log on to the console for a RAM user. |
| CreateAccessKey | Creates an AccessKey pair for an Alibaba Cloud account or a RAM user. |
| UpdateAccessKey | Modifies the status of an AccessKey pair for an Alibaba Cloud account or a RAM user. |
| DeleteAccessKey | Deletes an AccessKey pair from an Alibaba Cloud account or a RAM user. |
| ListAccessKeys | Queries AccessKey pairs of an Alibaba Cloud account or a RAM user. |
| GetAccessKeyLastUsed | Queries the time when an AccessKey pair is used for the last time. |
| CreateVirtualMFADevice | Creates a multi-factor authentication (MFA) device. |
| ListVirtualMFADevices | Queries MFA devices. |
| DeleteVirtualMFADevice | Deletes an MFA device. |
| DisableVirtualMFA | Unbinds and deletes an MFA device from a RAM user. |
| BindMFADevice | Binds an MFA device to a RAM user. |
| UnbindMFADevice | Unbinds an MFA device from a RAM user. |
| GetAccountMFAInfo | Queries the MFA status of an Alibaba Cloud account. |
| GetUserMFAInfo | Queries the information about the MFA device that is bound to a RAM user. |
| GenerateCredentialReport | Generates a user credential report. |
| GetCredentialReport | Queries the content of a user credential report. |
| GetAccountSecurityPracticeReport | Queries the security report of an Alibaba Cloud account. |
| GetAccountSummary | Queries the overview information about an Alibaba Cloud account. |
| TagResources | Attaches tags to a specified resource. |
| UntagResources | Detaches tags from a specified resource. |
| ListTagResources | Queries the tags that are attached to a specified resource. |
User group management
| Operation | Description |
|---|---|
| CreateGroup | Creates a RAM user group. |
| GetGroup | Queries the information about a RAM user group. |
| UpdateGroup | Modifies the information about a RAM user group. |
| DeleteGroup | Deletes a RAM user group. |
| ListGroups | Queries RAM user groups. |
| AddUserToGroup | Adds a RAM user to a RAM user group. |
| ListUsersForGroup | Queries RAM users in a RAM user group. |
| ListGroupsForUser | Queries the RAM user groups to which a RAM user belongs. |
| RemoveUserFromGroup | Removes a RAM user from a RAM user group. |
SSO management
| Operation | Description |
|---|---|
| SetUserSsoSettings | Configures the information about identity providers (IdPs) for user-based single sign-on (SSO). |
| GetUserSsoSettings | Queries the information about IdPs for user-based SSO. |
| CreateSAMLProvider | Creates an IdP for role-based SSO. |
| GetSAMLProvider | Queries the information about an IdP for role-based SSO. |
| UpdateSAMLProvider | Modifies information about an IdP for role-based SSO. |
| ListSAMLProviders | Queries IdPs for role-based SSO. |
| DeleteSAMLProvider | Deletes an IdP for role-based SSO. |
| CreateOIDCProvider | Creates an OpenID Connect (OIDC) IdP to configure a trust relationship between Alibaba Cloud and an external IdP. |
| GetOIDCProvider | Queries the information about an OIDC IdP. |
| UpdateOIDCProvider | Modifies the description and client IDs of an OIDC IdP. |
| ListOIDCProviders | Queries OIDC IdPs. |
| DeleteOIDCProvider | Deletes an OIDC IdP. |
| AddClientIdToOIDCProvider | Adds a client ID to an OIDC IdP. |
| RemoveClientIdFromOIDCProvider | Removes a client ID from an OIDC IdP. |
| AddFingerprintToOIDCProvider | Adds a fingerprint to an OIDC IdP. |
| RemoveFingerprintFromOIDCProvider | Removes a fingerprint from an OIDC IdP. |
Security settings
| Operation | Description |
|---|---|
| SetPasswordPolicy | Configures the password policy for RAM users. |
| GetPasswordPolicy | Queries the password policy for RAM users. |
| SetSecurityPreference | Configures the security preferences for RAM users. |
| GetSecurityPreference | Queries the security preferences for RAM users. |
| SetDefaultDomain | Configures the default domain name. |
| GetDefaultDomain | Queries the default domain name. |
| GenerateCredentialReport | Generates a user credential report. |
| GetCredentialReport | Queries the content of a user credential report. |
| GetAccountSecurityPracticeReport | Queries the security report of an Alibaba Cloud account. |