Cloud Identity-Aware Proxy v1 API - Class AttributePropagationSettings (2.7.0)

public sealed class AttributePropagationSettings : IMessage<AttributePropagationSettings>, IEquatable<AttributePropagationSettings>, IDeepCloneable<AttributePropagationSettings>, IBufferMessage, IMessage

Reference documentation and code samples for the Cloud Identity-Aware Proxy v1 API class AttributePropagationSettings.

Configuration for propagating attributes to applications protected by IAP.

Inheritance

object > AttributePropagationSettings

Namespace

Google.Cloud.Iap.V1

Assembly

Google.Cloud.Iap.V1.dll

Constructors

AttributePropagationSettings()

public AttributePropagationSettings()

AttributePropagationSettings(AttributePropagationSettings)

public AttributePropagationSettings(AttributePropagationSettings other)
Parameter
Name Description
other AttributePropagationSettings

Properties

Enable

public bool Enable { get; set; }

Whether the provided attribute propagation settings should be evaluated on user requests. If set to true, attributes returned from the expression will be propagated in the set output credentials.

Property Value
Type Description
bool

Expression

public string Expression { get; set; }

Raw string CEL expression. Must return a list of attributes. A maximum of 45 attributes can be selected. Expressions can select different attribute types from attributes: attributes.saml_attributes, attributes.iap_attributes. The following functions are supported:

  • filter <list>.filter(<iter_var>, <predicate>): Returns a subset of <list> where <predicate> is true for every item.

  • in <var> in <list>: Returns true if <list> contains <var>.

  • selectByName <list>.selectByName(<string>): Returns the attribute in <list> with the given <string> name, otherwise returns empty.

  • emitAs <attribute>.emitAs(<string>): Sets the <attribute> name field to the given <string> for propagation in selected output credentials.

  • strict <attribute>.strict(): Ignores the x-goog-iap-attr- prefix for the provided <attribute> when propagating with the HEADER output credential, such as request headers.

  • append <target_list>.append(<attribute>) OR <target_list>.append(<list>): Appends the provided <attribute> or <list> to the end of <target_list>.

Example expression: attributes.saml_attributes.filter(x, x.name in ['test']).append(attributes.iap_attributes.selectByName('exact').emitAs('custom').strict())

Property Value
Type Description
string

HasEnable

public bool HasEnable { get; }

Gets whether the "enable" field is set

Property Value
Type Description
bool

HasExpression

public bool HasExpression { get; }

Gets whether the "expression" field is set

Property Value
Type Description
bool

OutputCredentials

public RepeatedField<AttributePropagationSettings.Types.OutputCredentials> OutputCredentials { get; }

Which output credentials attributes selected by the CEL expression should be propagated in. All attributes will be fully duplicated in each selected output credential.

Property Value
Type Description
RepeatedFieldAttributePropagationSettingsTypesOutputCredentials