Data type

IAM IAM

  • API Reference
    • Common request header and common response header
    • Data type
    • Error code
    • Feature Update Records
    • General Description
    • Introduction
    • Service domain
    • STS-Related Interfaces
  • API Reference_IAM
    • Common request header and common response header
    • Data type
    • Error code
    • General Description
    • Group management API
    • Introduction
    • Policy management API
    • Role Management Interfaces
    • Service domain
    • User management API
  • FAQs
    • Common Questions Overview
    • FAQs related to IAM users
    • FAQs related to product permissions
  • Function Release Records
  • Operation guide
    • Account Security Audit
    • Enterprise Account Integration
      • Federated Login Overview
      • IAM Role-based SSO
      • IAM User-based SSO
    • Group Management
    • Message Center
    • Permission Policies
      • ACL
      • Authorization
      • Managing IAM Policies
      • Permission Policy Overview
      • Policy Authentication Evaluation Logic
      • Strategy type
      • Tag-Based Authorization and Authentication
    • Role Management
      • Common scenarios
      • Create role
      • FAQs
      • Managing Roles
      • Overview
      • Related concepts
      • Using Roles
    • Settings
    • User
      • IAM User Operations
      • Two-Factor Authentication
      • User management
    • User Anomaly Behavior Analysis (Public Beta)
      • Risk Behavior Management
  • Operation records
    • Cloud Trail (Public Beta)
  • Product Announcement
    • Baidu Intelligent Cloud Enables Login Protection MFA Multi-Factor Authentication Notification for All Users
  • Product Description
    • Application scenarios
    • Concepts
    • Currently Supported Product Lines
    • Product functions
    • Product overview
    • System Restrictions
    • Enterprise Organization vs Identity and Access Management
  • Product pricing
    • Product pricing
  • Quick Start
    • Create groups and grant permissions
    • Creating IAM User Administrators
  • SDK
    • Go-SDK
      • Error handling
      • Group management API
      • Initialize SDK
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
    • Java-SDK
      • Error code
      • Group management API
      • Initialization
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
    • Python-SDK
      • Error code
      • Group management API
      • Initialization
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
  • Testing Knowledge Base SDK
  • Typical Practices
    • Baidu Intelligent Cloud Partner Guide to Creating IAM Users
    • User Management and Permission Assignment
All documents
menu
No results found, please re-enter

IAM IAM

  • API Reference
    • Common request header and common response header
    • Data type
    • Error code
    • Feature Update Records
    • General Description
    • Introduction
    • Service domain
    • STS-Related Interfaces
  • API Reference_IAM
    • Common request header and common response header
    • Data type
    • Error code
    • General Description
    • Group management API
    • Introduction
    • Policy management API
    • Role Management Interfaces
    • Service domain
    • User management API
  • FAQs
    • Common Questions Overview
    • FAQs related to IAM users
    • FAQs related to product permissions
  • Function Release Records
  • Operation guide
    • Account Security Audit
    • Enterprise Account Integration
      • Federated Login Overview
      • IAM Role-based SSO
      • IAM User-based SSO
    • Group Management
    • Message Center
    • Permission Policies
      • ACL
      • Authorization
      • Managing IAM Policies
      • Permission Policy Overview
      • Policy Authentication Evaluation Logic
      • Strategy type
      • Tag-Based Authorization and Authentication
    • Role Management
      • Common scenarios
      • Create role
      • FAQs
      • Managing Roles
      • Overview
      • Related concepts
      • Using Roles
    • Settings
    • User
      • IAM User Operations
      • Two-Factor Authentication
      • User management
    • User Anomaly Behavior Analysis (Public Beta)
      • Risk Behavior Management
  • Operation records
    • Cloud Trail (Public Beta)
  • Product Announcement
    • Baidu Intelligent Cloud Enables Login Protection MFA Multi-Factor Authentication Notification for All Users
  • Product Description
    • Application scenarios
    • Concepts
    • Currently Supported Product Lines
    • Product functions
    • Product overview
    • System Restrictions
    • Enterprise Organization vs Identity and Access Management
  • Product pricing
    • Product pricing
  • Quick Start
    • Create groups and grant permissions
    • Creating IAM User Administrators
  • SDK
    • Go-SDK
      • Error handling
      • Group management API
      • Initialize SDK
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
    • Java-SDK
      • Error code
      • Group management API
      • Initialization
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
    • Python-SDK
      • Error code
      • Group management API
      • Initialization
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
  • Testing Knowledge Base SDK
  • Typical Practices
    • Baidu Intelligent Cloud Partner Guide to Creating IAM Users
    • User Management and Permission Assignment
  • Document center
  • arrow
  • IAMIAM
  • arrow
  • API Reference_IAM
  • arrow
  • Data type
Table of contents on this page
  • Definition of model object
  • UserModel
  • LoginProfile
  • AccessKey
  • GroupModel
  • PolicyModel
  • RoleModel
  • Idp
  • UpdateSubUserIdpRequest
  • TokenResponse (formerly BearTokenResponse)
  • AccountSummary
  • AccountLimitInfo
  • AccountCountInfo

Data type

Updated at:2025-10-27

Definition of model object

UserModel

Parameter name Types Description
id String User ID
name String Username
createTime DateTime Creation time
description String User description
enabled Boolean User activation status

LoginProfile

Parameter name Types Description
password String User password; not displayed in responses
needResetPassword Boolean Whether to reset the password at next login
enabledLogin Boolean Whether to allow IAM user console login
enabledLoginMfa Boolean Whether binding a secondary verification device is required
loginMfaType enum Secondary verification type, options: PHONE-mobile phone number, TOTP virtual MFA device
thirdPartyType enum Bound third-party login types, options: UUAP-Intranet account, PASSPORT-Baidu account
thirdPartyAccount String Bound third-party login accounts: When the binding type is PASSPORT, it can be a mobile phone number, email, or account name.

Note: Unbinding occurs when both thirdPartyType and thirdPartyAccount are empty strings

AccessKey

Parameter name Types Description
id String The public ID of the AccessKey, i.e., AK
secret String AccessKey secret key, i.e., SK
createTime DateTime AccessKey creation time
description String AccessKey description

GroupModel

Parameter name Types Description
id String Group ID
name String Group name
createTime DateTime Creation time
description String Group description

PolicyModel

Parameter name Types Description
id String Policy ID
name String Policy name
type String Policy type, options: Custom - Custom policies; System - System built-in policies
createTime DateTime Creation time
description String Policy description
document String Policy content, the String obtained after ACL format serialization

RoleModel

Parameter name Types Description
id String Role ID
name String Role name
createTime DateTime Creation time
description String Role description
assumeRolePolicyDocument String Specify the entities allowed to assume this role

Idp

Parameter name Types Description
status String User-based SSO status, which returns "enable" when active and "disable" when inactive
domainId String Account ID
encodeMetadata String Base64-encoded IdP metadata
fileName String IdP metadata file name
auxiliaryDomain String Secondary domain name

UpdateSubUserIdpRequest

Parameter name Types Description
fileName String File name, which must be in XML format
encodeMetadata String Base64-encoded IdP metadata
auxiliaryDomain String Secondary domain name

TokenResponse (formerly BearTokenResponse)

Parameter name Types Description
userId String User ID
token String Short-term API Key
status enum After upgrading to TokenResponse, the
Token status will no longer be returned. Options:
DISABLE - Disabled
ENABLE - Enabled
createTime DateTime Creation time, UTC timezone, TZ format
expireTime DateTime Expiration time, UTC timezone, TZ format

AccountSummary

Parameter name Types Description
accountId String Account ID
limitInfo AccountLimitInfo Account quota information
countInfo AccountCountInfo Account count information

AccountLimitInfo

Parameter name Types Description
userLimit Integer Maximum count of IAM users
policyLimit Integer Custom policy upper limit count
contactsLimit Integer Message contact upper limit count
groupLimit Integer Maximum count of groups
subUserOfGroupLimit Integer Maximum count of IAM users that can be added to a single group
groupMaxAttachPolicyLimit Integer Maximum count of policies associated with a group
userRolePerAccountLimit Integer Role upper limit count
roleMaxAttachSystemPolicyLimit Integer Maximum count of system policies associated with a role
roleMaxAttachCustomPolicyLimit Integer Maximum count of custom policies associated with a role
akskLimit Integer Maximum count of AKs each IAM user can create

AccountCountInfo

Parameter name Types Description
userCount Integer Count of created users
policyCount Integer Count of created policies
groupCount Integer Count of created groups

Previous
Common request header and common response header
Next
Error code