generated: '2026-07-15' method: generated source: openapi/admin-sdk-directory-api.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 21 by_action_class: connected: 6 acting: 15 by_consequence: read: 6 write: 15 human_in_the_loop_required: 0 operations: - path: /admin/directory/v1/users method: get operationId: listUsers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /admin/directory/v1/users method: post operationId: insertUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/users/{userKey} method: get operationId: getUser x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /admin/directory/v1/users/{userKey} method: put operationId: updateUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/users/{userKey} method: patch operationId: patchUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/users/{userKey} method: delete operationId: deleteUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/users/{userKey}/makeAdmin method: post operationId: makeUserAdmin x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/users/{userKey}/undelete method: post operationId: undeleteUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/users/{userKey}/signOut method: post operationId: signOutUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/groups method: get operationId: listGroups x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /admin/directory/v1/groups method: post operationId: insertGroup x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/groups/{groupKey} method: get operationId: getGroup x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /admin/directory/v1/groups/{groupKey} method: put operationId: updateGroup x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/groups/{groupKey} method: patch operationId: patchGroup x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/groups/{groupKey} method: delete operationId: deleteGroup x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/customer/{customerId}/orgunits method: get operationId: listOrgUnits x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /admin/directory/v1/customer/{customerId}/orgunits method: post operationId: insertOrgUnit x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/customer/{customerId}/orgunits/{orgUnitPath} method: get operationId: getOrgUnit x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /admin/directory/v1/customer/{customerId}/orgunits/{orgUnitPath} method: put operationId: updateOrgUnit x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/customer/{customerId}/orgunits/{orgUnitPath} method: patch operationId: patchOrgUnit x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /admin/directory/v1/customer/{customerId}/orgunits/{orgUnitPath} method: delete operationId: deleteOrgUnit x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required