Method: users.settings.cse.keypairs.list
Stay organized with collections
Save and categorize content based on your preferences.
Lists client-side encryption key pairs for an authenticated user.
For administrators managing identities and keypairs for users in their organization, requests require authorization with a service account that has domain-wide delegation authority to impersonate users with the https://www.googleapis.com/auth/gmail.settings.basic scope.
For users managing their own identities and keypairs, requests require hardware key encryption turned on and configured.
HTTP request
GET https://gmail.googleapis.com/gmail/v1/users/{userId}/settings/cse/keypairs
The URL uses gRPC Transcoding syntax.
Path parameters
| Parameters |
userId |
string
The requester's primary email address. To indicate the authenticated user, you can use the special value me.
|
Query parameters
| Parameters |
pageToken |
string
Pagination token indicating which page of key pairs to return. If the token is not supplied, then the API will return the first page of results.
|
pageSize |
integer
The number of key pairs to return. If not provided, the page size will default to 20 entries.
|
Request body
The request body must be empty.
Response body
If successful, the response body contains data with the following structure:
| JSON representation |
{
"cseKeyPairs": [
{
object (CseKeyPair)
}
],
"nextPageToken": string
} |
| Fields |
cseKeyPairs[] |
object (CseKeyPair)
One page of the list of CSE key pairs installed for the user.
|
nextPageToken |
string
Pagination token to be passed to a subsequent keypairs.list call in order to retrieve the next page of key pairs. If this value is not returned, then no further pages remain.
|
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/gmail.settings.basic
https://mail.google.com/
https://www.googleapis.com/auth/gmail.modify
https://www.googleapis.com/auth/gmail.readonly
https://www.googleapis.com/auth/gmail.settings.sharing
For more information, see the Authorization guide.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-06-12 UTC.
[null,null,["Last updated 2025-06-12 UTC."],[],[],null,["# Method: users.settings.cse.keypairs.list\n\n- [HTTP request](#body.HTTP_TEMPLATE)\n- [Path parameters](#body.PATH_PARAMETERS)\n- [Query parameters](#body.QUERY_PARAMETERS)\n- [Request body](#body.request_body)\n- [Response body](#body.response_body)\n - [JSON representation](#body.ListCseKeyPairsResponse.SCHEMA_REPRESENTATION)\n- [Authorization scopes](#body.aspect)\n- [Try it!](#try-it)\n\nLists client-side encryption key pairs for an authenticated user.\n\nFor administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope.\n\nFor users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.\n\n### HTTP request\n\n`GET https://gmail.googleapis.com/gmail/v1/users/{userId}/settings/cse/keypairs`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n| Parameters ||\n|----------|-------------------------------------------------------------------------------------------------------------------------|\n| `userId` | `string` The requester's primary email address. To indicate the authenticated user, you can use the special value `me`. |\n\n### Query parameters\n\n| Parameters ||\n|-------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `pageToken` | `string` Pagination token indicating which page of key pairs to return. If the token is not supplied, then the API will return the first page of results. |\n| `pageSize` | `integer` The number of key pairs to return. If not provided, the page size will default to 20 entries. |\n\n### Request body\n\nThe request body must be empty.\n\n### Response body\n\nIf successful, the response body contains data with the following structure:\n\n| JSON representation |\n|----------------------------------------------------------------------------------------------------------------------------------------------------|\n| ``` { \"cseKeyPairs\": [ { object (/workspace/gmail/api/reference/rest/v1/users.settings.cse.keypairs#CseKeyPair) } ], \"nextPageToken\": string } ``` |\n\n| Fields ||\n|-----------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `cseKeyPairs[]` | `object (`[CseKeyPair](/workspace/gmail/api/reference/rest/v1/users.settings.cse.keypairs#CseKeyPair)`)` One page of the list of CSE key pairs installed for the user. |\n| `nextPageToken` | `string` Pagination token to be passed to a subsequent keypairs.list call in order to retrieve the next page of key pairs. If this value is not returned, then no further pages remain. |\n\n### Authorization scopes\n\nRequires one of the following OAuth scopes:\n\n- `https://www.googleapis.com/auth/gmail.settings.basic`\n- `\n https://mail.google.com/`\n- `\n https://www.googleapis.com/auth/gmail.modify`\n- `\n https://www.googleapis.com/auth/gmail.readonly`\n- `\n https://www.googleapis.com/auth/gmail.settings.sharing`\n\nFor more information, see the [Authorization guide](/workspace/guides/configure-oauth-consent)."]]
