Method: users.settings.cse.identities.patch
Stay organized with collections
Save and categorize content based on your preferences.
Associates a different key pair with an existing client-side encryption identity. The updated key pair must validate against Google's S/MIME certificate profiles.
For administrators managing identities and keypairs for users in their organization, requests require authorization with a service account that has domain-wide delegation authority to impersonate users with the https://www.googleapis.com/auth/gmail.settings.basic scope.
For users managing their own identities and keypairs, requests require hardware key encryption turned on and configured.
HTTP request
PATCH https://gmail.googleapis.com/gmail/v1/users/{userId}/settings/cse/identities/{emailAddress}
The URL uses gRPC Transcoding syntax.
Path parameters
| Parameters |
userId |
string
The requester's primary email address. To indicate the authenticated user, you can use the special value me.
|
emailAddress |
string
The email address of the client-side encryption identity to update.
|
Request body
The request body contains an instance of CseIdentity.
Response body
If successful, the response body contains an instance of CseIdentity.
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/gmail.settings.basic
https://www.googleapis.com/auth/gmail.settings.sharing
For more information, see the Authorization guide.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-06-12 UTC.
[null,null,["Last updated 2025-06-12 UTC."],[],[],null,["# Method: users.settings.cse.identities.patch\n\n- [HTTP request](#body.HTTP_TEMPLATE)\n- [Path parameters](#body.PATH_PARAMETERS)\n- [Request body](#body.request_body)\n- [Response body](#body.response_body)\n- [Authorization scopes](#body.aspect)\n- [Try it!](#try-it)\n\nAssociates a different key pair with an existing client-side encryption identity. The updated key pair must validate against Google's [S/MIME certificate profiles](https://support.google.com/a/answer/7300887).\n\nFor administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope.\n\nFor users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.\n\n### HTTP request\n\n`PATCH https://gmail.googleapis.com/gmail/v1/users/{userId}/settings/cse/identities/{emailAddress}`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n| Parameters ||\n|----------------|-------------------------------------------------------------------------------------------------------------------------|\n| `userId` | `string` The requester's primary email address. To indicate the authenticated user, you can use the special value `me`. |\n| `emailAddress` | `string` The email address of the client-side encryption identity to update. |\n\n### Request body\n\nThe request body contains an instance of [CseIdentity](/workspace/gmail/api/reference/rest/v1/users.settings.cse.identities#CseIdentity).\n\n### Response body\n\nIf successful, the response body contains an instance of [CseIdentity](/workspace/gmail/api/reference/rest/v1/users.settings.cse.identities#CseIdentity).\n\n### Authorization scopes\n\nRequires one of the following OAuth scopes:\n\n- `https://www.googleapis.com/auth/gmail.settings.basic`\n- `\n https://www.googleapis.com/auth/gmail.settings.sharing`\n\nFor more information, see the [Authorization guide](/workspace/guides/configure-oauth-consent)."]]
