gws-cloudidentity

Installation

Summary

Manage Google Cloud Identity groups, devices, memberships, and inbound SSO profiles via CLI.

Covers six resource categories: customers, devices, groups, inbound OIDC/SAML SSO profiles, and SSO assignments
Device operations include creation, deletion, wiping, and user management; group operations support CRUD, search, lookup, and security settings
SSO profile management supports OIDC and SAML configurations with multi-party approval workflows for sensitive actions
Requires Google Workspace authentication and gws CLI; use gws schema to inspect method parameters before execution

SKILL.md

cloudidentity (v1)

PREREQUISITE: Read ../gws-shared/SKILL.md for auth, global flags, and security rules. If missing, run gws generate-skills to create it.

gws cloudidentity <resource> <method> [flags]

API Resources

cancelWipe — Cancels an unfinished device wipe. This operation can be used to cancel device wipe in the gap between the wipe operation returning success and the device being wiped. This operation is possible when the device is in a "pending wipe" state. The device enters the "pending wipe" state when a wipe device command is issued, but has not yet been sent to the device. The cancel wipe will fail if the wipe command has already been issued to the device.
create — Creates a device. Only company-owned device may be created. Note: This method is available only to customers who have one of the following SKUs: Enterprise Standard, Enterprise Plus, Enterprise for Education, and Cloud Identity Premium
delete — Deletes the specified device.

Related skills

Installs

579

Repository

GitHub Stars

26.1K

First Seen

Mar 4, 2026

Security Audits