TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-22 13:27:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

initial design

Browse Source
This commit is contained in:
Livio Spring
2025-02-07 16:16:24 +01:00
parent b63c5fdb17
commit e06d688d08
6 changed files with 829 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
proto/zitadel/authorizations/v2/authorization.proto Normal file
View File

@@ -0,0 +1,104 @@
syntax = "proto3";
package zitadel.authorizations.v2;
import "validate/validate.proto";
import "zitadel/object/v2/object.proto";
message AuthorizationQuery {
oneof query {
option (validate.required) = true;
// Search for authorizations by their ID.
AuthorizationIDQuery authorization_id_query = 1;
// Search for authorizations by the ID of the user who was granted the authorization.
UserIDQuery user_id_query = 2;
// Search for authorizations by the ID of the organisation the user is part of.
UserOrganizationIDQuery user_organization_id_query = 3;
// Search for authorizations by the ID of the project the user was granted the authorization for.
ProjectIDQuery project_id_query = 4;
// Search for authorizations by the ID of the project grant the user was granted the authorization for.
ProjectGrantIDQuery project_grant_id_query = 5;
// Search for authorizations by the key of the role the user was granted.
RoleKeyQuery role_key_query = 6;
// UserGrantProjectIDQuery project_id_query = 1;
// UserGrantUserIDQuery user_id_query = 2;
// UserGrantWithGrantedQuery with_granted_query = 3;
// UserGrantRoleKeyQuery role_key_query = 4;
// UserGrantProjectGrantIDQuery project_grant_id_query = 5;
// UserGrantUserNameQuery user_name_query = 6;
// UserGrantFirstNameQuery first_name_query = 7;
// UserGrantLastNameQuery last_name_query = 8;
// UserGrantEmailQuery email_query = 9;
// UserGrantOrgNameQuery org_name_query = 10;
// UserGrantOrgDomainQuery org_domain_query = 11;
// UserGrantProjectNameQuery project_name_query = 12;
// UserGrantDisplayNameQuery display_name_query = 13;
// UserGrantUserTypeQuery user_type_query = 14;
}
}
message AuthorizationIDQuery {
string id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
}
message UserIDQuery {
string user_id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
}
message UserOrganizationIDQuery {
string user_organization_id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
}
message ProjectIDQuery {
string project_id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
}
message ProjectGrantIDQuery {
string project_grant_id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
}
message RoleKeyQuery {
string role_key = 1 [(validate.rules).string = {max_len: 200}];
zitadel.object.v2.TextQueryMethod method = 2 [(validate.rules).enum.defined_only = true];
}
message Authorization {
// ID is the unique identifier of the authorization.
string id = 1;
// UserID represents the ID of the user who was granted the authorization.
string user_id = 2;
// UserOrganisationID represents the ID of the organisation the user is part of.
string user_organization_id = 3;
// ProjectID represents the ID of the project the user was granted the authorization for.
string project_id = 4;
// ProjectGrantID represents the ID of the project grant the user was granted the authorization for.
// This field is only set if the authorization was granted for a project grant and not a project directly.
string project_grant_id = 5;
// Roles contains the roles the user was granted for the project or project grant.
repeated Role roles = 6;
}
message Role {
// Key is the unique identifier of the role.
string key = 1;
// DisplayName is the human readable name of the role.
string display_name = 2;
}

156
proto/zitadel/authorizations/v2/authorization_service.proto Normal file
View File

@@ -0,0 +1,156 @@
syntax = "proto3";
package zitadel.authorizations.v2;
import "google/protobuf/timestamp.proto";
import "validate/validate.proto";
import "zitadel/object/v2/object.proto";
import "zitadel/authorizations/v2/authorization.proto";
// AuthorizationService provides methods to manage authorizations for users within your projects and applications.
//
// For managing permissions and roles for ZITADEL internal resources, like organizations, projects,
// users, etc., please use the PermissionsService.
service AuthorizationsService {
// ListAuthorizations returns all authorizations matching the request and necessary permissions.
//
// Required permissions:
// - "user.grant.read"
// - no permissions required for listing own authorizations
rpc ListAuthorizations(ListAuthorizationsRequest) returns (ListAuthorizationsResponse) {}
// GetAuthorization returns the authorization by its ID.
//
// Required permissions:
// - "user.grant.read"
// - no permissions required for getting own authorization
rpc GetAuthorization(GetAuthorizationRequest) returns (GetAuthorizationResponse) {}
// CreateAuthorization creates a new authorization for a user in a project or project grant.
//
// Required permissions:
// - "user.grant.write"
rpc CreateAuthorization(CreateAuthorizationRequest) returns (CreateAuthorizationResponse) {}
// UpdateAuthorization updates the authorization.
//
// Note that any role keys previously granted to the user and not present in the request will be revoked.
//
// Required permissions:
// - "user.grant.write"
rpc UpdateAuthorization(UpdateAuthorizationRequest) returns (UpdateAuthorizationResponse) {}
// DeleteAuthorization deletes the authorization.
//
// In case the authorization is not found, the request will return a successful response as
// the desired state is already achieved.
// You can check the deletion date in the response to verify if the authorization was deleted during the request.
//
// Required permissions:
// - "user.grant.delete"
rpc DeleteAuthorization(DeleteAuthorizationRequest) returns (DeleteAuthorizationResponse) {}
}
message ListAuthorizationsRequest {
// Paginate through the results using a limit.
zitadel.object.v2.ListQuery query = 1;
// Filter the authorizations to be returned.
repeated AuthorizationQuery queries = 2;
}
message ListAuthorizationsResponse {
// Details contains the pagination information.
zitadel.object.v2.ListDetails details = 1;
repeated Authorization authorizations = 2;
}
message GetAuthorizationRequest {
// ID is the unique identifier of the authorization.
string id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
}
message GetAuthorizationResponse {
Authorization authorization = 1;
}
message CreateAuthorizationRequest {
// UserID is the ID of the user who should be granted the authorization.
string user_id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
// Grant on either the project directly or on a project grant.
oneof grant {
option (validate.required) = true;
// Project is the ID of the project the user should be granted the authorization for.
string project_id = 2 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
// ProjectGrant is the ID of the project grant the user should be granted the authorization for.
string project_grant_id = 3 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
}
// RoleKeys are the keys of the roles the user should be granted.
repeated string role_keys = 4 [(validate.rules).repeated = {
unique: true
items: {
string: {
min_len: 1
max_len: 200
}
}
}];
}
message CreateAuthorizationResponse {
// ID is the unique identifier of the newly created authorization.
string id = 1;
// CreationDate is the timestamp when the authorization was created.
google.protobuf.Timestamp creation_date = 2;
}
message UpdateAuthorizationRequest {
// ID is the unique identifier of the authorization.
string id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
// RoleKeys are the keys of the roles the user should be granted.
// Note that any role keys previously granted to the user and not present in the list will be revoked.
repeated string role_keys = 2 [(validate.rules).repeated = {
unique: true
items: {
string: {
min_len: 1
max_len: 200
}
}
}];
}
message UpdateAuthorizationResponse {
// ChangeDate is the timestamp when the authorization was last updated.
google.protobuf.Timestamp change_date = 1;
}
message DeleteAuthorizationRequest {
// ID is the unique identifier of the authorization.
string id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
}
message DeleteAuthorizationResponse {
// DeletionDate is the timestamp when the authorization was deleted.
// Note that the deletion date is only guaranteed to be set if the deletion was successful during the request.
// In case the deletion occurred in a previous request, the deletion date might not be set.
google.protobuf.Timestamp deletion_date = 1;
}

30
proto/zitadel/metadata/v2/metadata.proto Normal file
View File

@@ -0,0 +1,30 @@
syntax = "proto3";
import "zitadel/object.proto";
import "validate/validate.proto";
package zitadel.metadata.v2;
option go_package ="github.com/zitadel/zitadel/pkg/grpc/metadata/v2";
message Metadata {
//zitadel.v1.ObjectDetails details = 1; TODO?
string key = 2;
bytes value = 3;
}
message MetadataQuery {
oneof query {
option (validate.required) = true;
MetadataKeyQuery key_query = 1;
}
}
message MetadataKeyQuery {
string key = 1 [
(validate.rules).string = {max_len: 200}
];
zitadel.v1.TextQueryMethod method = 2 [
(validate.rules).enum.defined_only = true
];
}

214
proto/zitadel/permissions/v2/manager.proto Normal file
View File

@@ -0,0 +1,214 @@
syntax = "proto3";
import "validate/validate.proto";
import "zitadel/object/v2/object.proto";
package zitadel.permissions.v2;
/*
message Manager2 {
// ID is the unique identifier of the manager role.
string id = 1;
// UserID is the ID of the user who was granted the manager role.
oneof user {
string user_id = 2;
User expanded = 3;
}
repeated string roles = 4;
oneof managerType {
// InstanceManager is the manager role for the instance.
InstanceManager instance_manager = 3;
// OrganizationManager is the manager role for the organization.
OrganizationManager organization_manager = 4;
// ProjectManager is the manager role for the project.
ProjectManager project_manager = 5;
// ProjectGrantManager is the manager role for the project grant.
ProjectGrantManager project_grant_manager = 6;
}
}
*/
message Manager {
// ID is the unique identifier of the manager role.
string id = 1;
// User is the user who was granted the manager role.
User user = 2;
// string user_id = 3;
// string user_preferred_login_name = 4;
// string user_display_name = 5;
// string user_avatar_url = 6;
// string user_organization_id = 7;
// Resource is the type of the resource the manager roles were granted for.
oneof resource {
// Instance is returned if the manager roles were granted on the instance level.
bool instance = 3;
// Organization provides information about the organization the manager roles were granted for.
Organization organization = 4;
// Project provides information about the project the manager roles were granted for.
Project project = 5;
// ProjectGrant provides information about the project grant the manager roles were granted for.
ProjectGrant project_grant = 6;
}
// Roles are the roles that were granted to the user for the specified resource.
repeated string roles = 7;
}
message User {
// ID is the unique identifier of the user.
string id = 1;
// PreferredLoginName is the preferred login name of the user. This value is unique across the whole instance..
string preferred_login_name = 2;
// DisplayName is the public display name of the user.
// By default it's the user's given name and family name, their username or their email address.
string display_name = 3;
// AvatarURL is the URL to the user's public avatar image.
string avatar_url = 4;
// The organization the user belong to.
string organization_id = 5;
// zitadel.user.v1.Type user_type = 10 TODO: peintner?
}
message Organization {
// ID is the unique identifier of the organization the user was granted the manager role for.
string id = 1;
// Name is the name of the organization the user was granted the manager role for.
string name = 2;
}
message Project {
// ID is the unique identifier of the project the user was granted the manager role for.
string id = 1;
// Name is the name of the project the user was granted the manager role for.
string name = 2;
// OrganizationID is the ID of the organization the project belongs to.
string organization_id = 3;
}
message ProjectGrant {
// ID is the unique identifier of the project grant the user was granted the manager role for.
string id = 1;
// ProjectID is the ID of the project the project grant belongs to.
string project_id = 2;
// ProjectName is the name of the project the project grant belongs to.
string project_name = 3;
// OrganizationID is the ID of the organization the project grant belongs to.
string organization_id = 4;
}
/*
message SetInstanceManager {
// Roles are the roles that should be granted to the user.
repeated string roles = 1 [(validate.rules).repeated = {
unique: true
items: {
string: {
min_len: 1
max_len: 200
prefix: "IAM_" // TODO: do we want to limit here as well?
}
}
}];
}
message SetOrganizationManager {
// OrganizationID is the ID of the organization the user should be granted the manager role for.
string organization_id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
// Roles are the roles that should be granted to the user within the specified organization.
repeated string roles = 2 [(validate.rules).repeated = {
unique: true
items: {
string: {
min_len: 1
max_len: 200
prefix: "ORG_" // TODO: do we want to limit here as well?
}
}
}];
}
message SetProjectManager {
// ProjectID is the ID of the project the user should be granted the manager role for.
string project_id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
// Roles are the roles that should be granted to the user within the specified project.
repeated string roles = 2 [(validate.rules).repeated = {
unique: true
items: {
string: {
min_len: 1
max_len: 200
prefix: "PROJECT_" // TODO: do we want to limit here as well?
}
}
}];
}
message SetProjectGrantManager {
// ProjectGrantID is the ID of the project grant the user should be granted the manager role for.
string project_grant_id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
// Roles are the roles that should be granted to the user within the specified project grant.
repeated string roles = 2 [(validate.rules).repeated = {
unique: true
items: {
string: {
min_len: 1
max_len: 200
prefix: "PROJECT_GRANT_" // TODO: do we want to limit here as well?
}
}
}];
}
*/
message ManagerQuery {
oneof query {
option (validate.required) = true;
// Search for managers roles granted to a specific user.
UserIDQuery user_id_query = 1;
// Search for managers roles granted for a specific resource.
ResourceQuery resource_query = 2;
// Search for managers roles granted with a specific role.
RoleQuery role_query = 3;
}
}
message UserIDQuery {
// Search for managers by user ID.
string user_id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
}
message ResourceQuery {
// Search for managers by the granted resource.
oneof resource {
// Search for managers granted on the instance level.
bool instance = 1;
// Search for managers granted on a specific organization.
string organization_id = 2;
// Search for managers granted on a specific project.
string project_id = 3;
// Search for managers granted on a specific project grant.
string project_grant_id = 4;
}
}
message RoleQuery {
// Search for managers by the granted role.
string role_key = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
}

189
proto/zitadel/permissions/v2/permission_service.proto Normal file
View File

@@ -0,0 +1,189 @@
syntax = "proto3";
package zitadel.permissions.v2;
import "google/protobuf/timestamp.proto";
import "validate/validate.proto";
import "zitadel/object/v2/object.proto";
import "zitadel/permissions/v2/manager.proto";
// PermissionsService provides methods to manage permissions for resource
// and their management in ZITADEL itself.
//
// If you want to manage permissions and roles within your project or application,
// please use the AuthorizationsService.
service PermissionsService {
// ListManagers returns all managers and its roles matching the request and necessary permissions.
//
// Required permissions depend on the resource type:
// - "iam.member.read" for instance managers
// - "org.member.read" for organization managers
// - "project.member.read" for project managers
// - "project.grant.member.read" for project grant managers
// - "user.membership.read" TODO: only this required?
// - no permissions required for listing own manager roles
rpc ListManagers(ListManagersRequest) returns (ListManagersResponse) {}
// GetManager returns the manager role by its ID.
//
// Required permissions depend on the resource type:
// - "iam.member.read" for instance managers
// - "org.member.read" for organization managers
// - "project.member.read" for project managers
// - "project.grant.member.read" for project grant managers
// - "user.membership.read" TODO: only this required?
// - no permissions required for getting own manager roles
rpc GetManager(GetManagerRequest) returns (GetManagerResponse) {}
// CreateManager grants a manager role to a user.
//
// Required permissions depend on the resource type:
// - "iam.member.write" for instance managers
// - "org.member.write" for organization managers
// - "project.member.write" for project managers
// - "project.grant.member.write" for project grant managers
rpc CreateManager(CreateManagerRequest) returns (CreateManagerResponse) {}
// UpdateManager updates the manager role.
//
// Note that any role previously granted to the user and not present in the request will be revoked.
//
// Required permissions depend on the resource type:
// - "iam.member.write" for instance managers
// - "org.member.write" for organization managers
// - "project.member.write" for project managers
// - "project.grant.member.write" for project grant managers
rpc UpdateManager(UpdateManagerRequest) returns (UpdateManagerResponse) {}
// DeleteManager revokes a manager role from a user.
//
// Note that the deletion is only guaranteed to be successful if the user has the required permissions.
//
// Required permissions depend on the resource type:
// - "iam.member.delete" for instance managers
// - "org.member.delete" for organization managers
// - "project.member.delete" for project managers
// - "project.grant.member.delete" for project grant managers
rpc DeleteManager(DeleteManagerRequest) returns (DeleteManagerResponse) {}
}
message ListManagersRequest {
// Paginate through the results using a limit.
zitadel.object.v2.ListQuery query = 1;
// Filter the manager roles to be returned.
repeated ManagerQuery queries = 2;
repeated Expand expand = 3; // TODO: ?
}
enum Expand {
EXPAND_UNSPECIFIED = 0;
EXPAND_USER = 1;
EXPAND_RESOURCE = 2;
}
message ListManagersResponse {
// Details contains the pagination information.
zitadel.object.v2.ListDetails details = 1;
repeated Manager managers = 2;
}
message GetManagerRequest {
// ID is the unique identifier of the manager.
string id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
}
message GetManagerResponse {
Manager manager = 1;
}
/*
message CreateManagerRequest {
// UserID is the ID of the user who should be granted the manager role.
string user_id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
oneof managerType {
SetInstanceManager instance_manager = 2;
SetOrganizationManager organization_manager = 3;
SetProjectManager project_manager = 4;
SetProjectGrantManager project_grant_manager = 5;
}
}
*/
message CreateManagerRequest {
// UserID is the ID of the user who should be granted the manager role.
string user_id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
// Resource is the type of the resource the manager roles should be granted for.
oneof resource {
option (validate.required) = true;
// Instance is the resource type for granting manager privileges on the instance level.
bool instance = 2 [(validate.rules).bool = {const: true}];
// OrganizationID is required to grant manager privileges for a specific organization.
string organization_id = 3;
// ProjectID is required to grant manager privileges for a specific project.
string project_id = 4;
// ProjectGrantID is required to grant manager privileges for a specific project grant.
string project_grant_id = 5;
}
// Roles are the roles that should be granted to the user for the specified resource.
repeated string roles = 6 [(validate.rules).repeated = {
unique: true
items: {
string: {
min_len: 1
max_len: 200
}
}
}];
}
message CreateManagerResponse {
// ID is the unique identifier of the newly created manager role.
string id = 1;
// CreationDate is the timestamp when the manager role was created.
google.protobuf.Timestamp creation_date = 2;
}
message UpdateManagerRequest {
// ManagerID is the ID of the manager role that should be updated.
string manager_role_id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
// Roles are the roles that the user should be granted.
// Note that any role previously granted to the user and not present in the list will be revoked.
repeated string roles = 2 [(validate.rules).repeated = {
unique: true
items: {
string: {
min_len: 1
max_len: 200
}
}
}];
}
message UpdateManagerResponse {
// ChangeDate is the timestamp when the manager role was last updated.
google.protobuf.Timestamp change_date = 1;
}
message DeleteManagerRequest {
// ManagerID is the ID of the manager role the user should be removed from.
string manager_role_id = 1 [(validate.rules).string = {
min_len: 1
max_len: 200
}];
}
message DeleteManagerResponse {
// DeletionDate is the timestamp when the manager role was deleted.
// Note that the deletion date is only guaranteed to be set if the deletion was successful during the request.
// In case the deletion occurred in a previous request, the deletion date might not be set.
google.protobuf.Timestamp deletion_date = 1;
}

136
proto/zitadel/user/v2/user_service.proto
View File

@@ -11,10 +11,12 @@ import "zitadel/user/v2/idp.proto";
import "zitadel/user/v2/password.proto";
import "zitadel/user/v2/user.proto";
import "zitadel/user/v2/query.proto";
import "zitadel/metadata/v2/metadata.proto";
import "google/api/annotations.proto";
import "google/api/field_behavior.proto";
import "google/protobuf/duration.proto";
import "google/protobuf/struct.proto";
import "google/protobuf/timestamp.proto";
import "protoc-gen-openapiv2/options/annotations.proto";
import "validate/validate.proto";
@@ -1232,6 +1234,140 @@ service UserService {
};
}
// ListMetadata returns all matching metadata entries for a user.
// You can filter by key only. Filtering by value is not supported yet.
// If no filter is specified, all metadata entries are returned.
//
// Required permissions:
// - 'user.read'
// - no permissions required for listing own metadata
rpc ListMetadata (ListMetadataRequest) returns (ListMetadataResponse) {}
// GetMetadata returns a single metadata entry of the user identified by the key.
//
// Required permissions:
// - 'user.read'
// - no permissions required for getting own metadata
rpc GetMetadata (GetMetadataRequest) returns (GetMetadataResponse) {}
// AddMetadata adds a new metadata entry to the user.
// If the key already exists, an error is returned.
//
// Required permissions:
// - 'user.write'
rpc AddMetadata (AddMetadataRequest) returns (AddMetadataResponse) {}
// UpdateMetadata updates an existing metadata entry of the user.
// If the key does not exist, an error is returned.
//
// Required permissions:
// - 'user.write'
rpc UpdateMetadata (UpdateMetadataRequest) returns (UpdateMetadataResponse) {}
// Set Metadata adds or updates a metadata entry of the user identified by the key.
// If the key does not exist, a new entry is created.
// If the key already exists, the value is updated.
// In case a key from an existing entry needs to be updated,
// the existing entry must be removed and a new one created.
//
// Required permissions:
// - 'user.write'
rpc SetMetadata (SetMetadataRequest) returns (SetMetadataResponse) {}
// Remove Metadata removes an existing metadata entry from the user.
// If the key does not exist, the request wil return a success as the
// desired state is already achieved.
// You can check the deletion date in the response to verify if the
// metadata entry was removed during the request.
//
// Required permissions:
// - 'user.write'
rpc RemoveMetadata (RemoveMetadataRequest) returns (RemoveMetadataResponse) {}
}
message ListMetadataRequest{
// The user ID of the user you like to get the metadata from.
string user_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
// Paginate through the results using a limit.
zitadel.object.v2.ListQuery query = 2;
// Filter the metadata to be returned.
repeated zitadel.metadata.v2.MetadataQuery queries = 3;
}
message ListMetadataResponse{
zitadel.object.v2.ListDetails details = 1;
repeated zitadel.metadata.v2.Metadata result = 2;
}
message GetMetadataRequest{
// The user ID of the user you like to get the metadata from.
string user_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
// Metadata key is the unique identifier of the metadata entry.
string metadata_key = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
}
message GetMetadataResponse{
zitadel.metadata.v2.Metadata metadata = 1;
}
message AddMetadataRequest{
// The user ID of the user you like to add the metadata to.
string user_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
// Metadata key is the unique identifier of the metadata entry.
// If an entry with the same key already exists, an error is returned.
string metadata_key = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
// Metadata value is the value of the metadata entry.
bytes metadata_value = 3 [(validate.rules).bytes = {min_len: 1, max_len: 500000}];
}
message AddMetadataResponse{
// CreationDate is the timestamp the metadata entry was created.
google.protobuf.Timestamp creation_date = 1;
}
message UpdateMetadataRequest{
// The user ID of the user you like to update the metadata from.
string user_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
// Metadata key is the unique identifier of the metadata entry.
// If an entry with the same key does not exist, an error is returned.
string metadata_key = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
// Metadata value is the value of the metadata entry.
bytes metadata_value = 3 [(validate.rules).bytes = {min_len: 1, max_len: 500000}];
}
message UpdateMetadataResponse{
// ChangeDate is the the timestamp the metadata entry was last updated.
google.protobuf.Timestamp change_date = 1;
}
message SetMetadataRequest{
// The user ID of the user you like to set the metadata from.
string user_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
// Metadata key is the unique identifier of the metadata entry.
// An existing entry with the same key will be updated. The key cannot be changed.
// If you need to change the key, remove the existing entry and create a new one.
string metadata_key = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
// Metadata value is the value of the metadata entry.
bytes metadata_value = 3 [(validate.rules).bytes = {min_len: 1, max_len: 500000}];
}
message SetMetadataResponse{
// ChangeDate is the the timestamp the metadata entry was last set, either created or updated.
google.protobuf.Timestamp change_date = 2;
}
message RemoveMetadataRequest{
// The user ID of the user you like to remove the metadata from.
string user_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
// Metadata key is the unique identifier of the metadata entry.
string metadata_key = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
}
message RemoveMetadataResponse{
// DeletionDate is the timestamp the metadata entry was deleted.
// Note that the deletion date is only guaranteed to be set if the deletion was successful during the request.
// In case the deletion occurred in a previous request, the deletion date might not be set.
google.protobuf.Timestamp deletion_date = 1;
}
message AddHumanUserRequest{