Creates and configures a client-side encryption identity that's authorized to send mail from the user account. Google publishes the S/MIME certificate to a shared domain-wide directory so that people within a Google Workspace organization can encrypt and send mail to the identity.
For administrators managing identities and keypairs for users in their organization, requests require authorization with a service account that has domain-wide delegation authority to impersonate users with the https://www.googleapis.com/auth/gmail.settings.basic scope.
For users managing their own identities and keypairs, requests require hardware key encryption turned on and configured.
HTTP request
POST https://gmail.googleapis.com/gmail/v1/users/{userId}/settings/cse/identities
The URL uses gRPC Transcoding syntax.
Path parameters
| Parameters | |
|---|---|
userId |
The requester's primary email address. To indicate the authenticated user, you can use the special value |
Request body
The request body contains an instance of CseIdentity.
Response body
If successful, the response body contains a newly created instance of CseIdentity.
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/gmail.settings.basichttps://www.googleapis.com/auth/gmail.settings.sharing
For more information, see the Authorization guide.