Regen all docs. (#700)
* Stop recursing if discovery == {}
* Generate docs with 'make docs'.
diff --git a/docs/dyn/iamcredentials_v1.projects.serviceAccounts.html b/docs/dyn/iamcredentials_v1.projects.serviceAccounts.html
new file mode 100644
index 0000000..a020611
--- /dev/null
+++ b/docs/dyn/iamcredentials_v1.projects.serviceAccounts.html
@@ -0,0 +1,355 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+ margin: 0;
+ padding: 0;
+ border: 0;
+ font-weight: inherit;
+ font-style: inherit;
+ font-size: 100%;
+ font-family: inherit;
+ vertical-align: baseline;
+}
+
+body {
+ font-size: 13px;
+ padding: 1em;
+}
+
+h1 {
+ font-size: 26px;
+ margin-bottom: 1em;
+}
+
+h2 {
+ font-size: 24px;
+ margin-bottom: 1em;
+}
+
+h3 {
+ font-size: 20px;
+ margin-bottom: 1em;
+ margin-top: 1em;
+}
+
+pre, code {
+ line-height: 1.5;
+ font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+ margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+ font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+ border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+ margin-top: 0.5em;
+}
+
+.firstline {
+ margin-left: 2 em;
+}
+
+.method {
+ margin-top: 1em;
+ border: solid 1px #CCC;
+ padding: 1em;
+ background: #EEE;
+}
+
+.details {
+ font-weight: bold;
+ font-size: 14px;
+}
+
+</style>
+
+<h1><a href="iamcredentials_v1.html">IAM Service Account Credentials API</a> . <a href="iamcredentials_v1.projects.html">projects</a> . <a href="iamcredentials_v1.projects.serviceAccounts.html">serviceAccounts</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+ <code><a href="#generateAccessToken">generateAccessToken(name, body, x__xgafv=None)</a></code></p>
+<p class="firstline">Generates an OAuth 2.0 access token for a service account.</p>
+<p class="toc_element">
+ <code><a href="#generateIdToken">generateIdToken(name, body, x__xgafv=None)</a></code></p>
+<p class="firstline">Generates an OpenID Connect ID token for a service account.</p>
+<p class="toc_element">
+ <code><a href="#generateIdentityBindingAccessToken">generateIdentityBindingAccessToken(name, body, x__xgafv=None)</a></code></p>
+<p class="firstline"></p>
+<p class="toc_element">
+ <code><a href="#signBlob">signBlob(name, body, x__xgafv=None)</a></code></p>
+<p class="firstline">Signs a blob using a service account's system-managed private key.</p>
+<p class="toc_element">
+ <code><a href="#signJwt">signJwt(name, body, x__xgafv=None)</a></code></p>
+<p class="firstline">Signs a JWT using a service account's system-managed private key.</p>
+<h3>Method Details</h3>
+<div class="method">
+ <code class="details" id="generateAccessToken">generateAccessToken(name, body, x__xgafv=None)</code>
+ <pre>Generates an OAuth 2.0 access token for a service account.
+
+Args:
+ name: string, The resource name of the service account for which the credentials
+are requested, in the following format:
+`projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
+character is required; replacing it with a project ID is invalid. (required)
+ body: object, The request body. (required)
+ The object takes the form of:
+
+{
+ "lifetime": "A String", # The desired lifetime duration of the access token in seconds.
+ # Must be set to a value less than or equal to 3600 (1 hour). If a value is
+ # not specified, the token's lifetime will be set to a default value of one
+ # hour.
+ "delegates": [ # The sequence of service accounts in a delegation chain. Each service
+ # account must be granted the `roles/iam.serviceAccountTokenCreator` role
+ # on its next service account in the chain. The last service account in the
+ # chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+ # on the service account that is specified in the `name` field of the
+ # request.
+ #
+ # The delegates must have the following format:
+ # `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
+ # character is required; replacing it with a project ID is invalid.
+ "A String",
+ ],
+ "scope": [ # Code to identify the scopes to be included in the OAuth 2.0 access token.
+ # See https://developers.google.com/identity/protocols/googlescopes for more
+ # information.
+ # At least one value required.
+ "A String",
+ ],
+ }
+
+ x__xgafv: string, V1 error format.
+ Allowed values
+ 1 - v1 error format
+ 2 - v2 error format
+
+Returns:
+ An object of the form:
+
+ {
+ "expireTime": "A String", # Token expiration time.
+ # The expiration time is always set.
+ "accessToken": "A String", # The OAuth 2.0 access token.
+ }</pre>
+</div>
+
+<div class="method">
+ <code class="details" id="generateIdToken">generateIdToken(name, body, x__xgafv=None)</code>
+ <pre>Generates an OpenID Connect ID token for a service account.
+
+Args:
+ name: string, The resource name of the service account for which the credentials
+are requested, in the following format:
+`projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
+character is required; replacing it with a project ID is invalid. (required)
+ body: object, The request body. (required)
+ The object takes the form of:
+
+{
+ "includeEmail": True or False, # Include the service account email in the token. If set to `true`, the
+ # token will contain `email` and `email_verified` claims.
+ "audience": "A String", # The audience for the token, such as the API or account that this token
+ # grants access to.
+ "delegates": [ # The sequence of service accounts in a delegation chain. Each service
+ # account must be granted the `roles/iam.serviceAccountTokenCreator` role
+ # on its next service account in the chain. The last service account in the
+ # chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+ # on the service account that is specified in the `name` field of the
+ # request.
+ #
+ # The delegates must have the following format:
+ # `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
+ # character is required; replacing it with a project ID is invalid.
+ "A String",
+ ],
+ }
+
+ x__xgafv: string, V1 error format.
+ Allowed values
+ 1 - v1 error format
+ 2 - v2 error format
+
+Returns:
+ An object of the form:
+
+ {
+ "token": "A String", # The OpenId Connect ID token.
+ }</pre>
+</div>
+
+<div class="method">
+ <code class="details" id="generateIdentityBindingAccessToken">generateIdentityBindingAccessToken(name, body, x__xgafv=None)</code>
+ <pre>
+
+Args:
+ name: string, The resource name of the service account for which the credentials
+are requested, in the following format:
+`projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
+character is required; replacing it with a project ID is invalid. (required)
+ body: object, The request body. (required)
+ The object takes the form of:
+
+{
+ "scope": [ # Code to identify the scopes to be included in the OAuth 2.0 access token.
+ # See https://developers.google.com/identity/protocols/googlescopes for more
+ # information.
+ # At least one value required.
+ "A String",
+ ],
+ "jwt": "A String", # Required. Input token.
+ # Must be in JWT format according to
+ # RFC7523 (https://tools.ietf.org/html/rfc7523)
+ # and must have 'kid' field in the header.
+ # Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+ # Mandatory payload fields (along the lines of RFC 7523, section 3):
+ # - iss: issuer of the token. Must provide a discovery document at
+ # $iss/.well-known/openid-configuration . The document needs to be
+ # formatted according to section 4.2 of the OpenID Connect Discovery
+ # 1.0 specification.
+ # - iat: Issue time in seconds since epoch. Must be in the past.
+ # - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+ # after iat. We recommend to create tokens that last shorter than 6
+ # hours to improve security unless business reasons mandate longer
+ # expiration times. Shorter token lifetimes are generally more secure
+ # since tokens that have been exfiltrated by attackers can be used for
+ # a shorter time. you can configure the maximum lifetime of the
+ # incoming token in the configuration of the mapper.
+ # The resulting Google token will expire within an hour or at "exp",
+ # whichever is earlier.
+ # - sub: JWT subject, identity asserted in the JWT.
+ # - aud: Configured in the mapper policy. By default the service account
+ # email.
+ #
+ # Claims from the incoming token can be transferred into the output token
+ # accoding to the mapper configuration. The outgoing claim size is limited.
+ # Outgoing claims size must be less than 4kB serialized as JSON without
+ # whitespace.
+ #
+ # Example header:
+ # {
+ # "alg": "RS256",
+ # "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+ # }
+ # Example payload:
+ # {
+ # "iss": "https://accounts.google.com",
+ # "iat": 1517963104,
+ # "exp": 1517966704,
+ # "aud":
+ # "https://iamcredentials.googleapis.com/google.iam.credentials.v1.CloudGaia",
+ # "sub": "113475438248934895348",
+ # "my_claims": {
+ # "additional_claim": "value"
+ # }
+ # }
+ }
+
+ x__xgafv: string, V1 error format.
+ Allowed values
+ 1 - v1 error format
+ 2 - v2 error format
+
+Returns:
+ An object of the form:
+
+ {
+ "expireTime": "A String", # Token expiration time.
+ # The expiration time is always set.
+ "accessToken": "A String", # The OAuth 2.0 access token.
+ }</pre>
+</div>
+
+<div class="method">
+ <code class="details" id="signBlob">signBlob(name, body, x__xgafv=None)</code>
+ <pre>Signs a blob using a service account's system-managed private key.
+
+Args:
+ name: string, The resource name of the service account for which the credentials
+are requested, in the following format:
+`projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
+character is required; replacing it with a project ID is invalid. (required)
+ body: object, The request body. (required)
+ The object takes the form of:
+
+{
+ "payload": "A String", # The bytes to sign.
+ "delegates": [ # The sequence of service accounts in a delegation chain. Each service
+ # account must be granted the `roles/iam.serviceAccountTokenCreator` role
+ # on its next service account in the chain. The last service account in the
+ # chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+ # on the service account that is specified in the `name` field of the
+ # request.
+ #
+ # The delegates must have the following format:
+ # `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
+ # character is required; replacing it with a project ID is invalid.
+ "A String",
+ ],
+ }
+
+ x__xgafv: string, V1 error format.
+ Allowed values
+ 1 - v1 error format
+ 2 - v2 error format
+
+Returns:
+ An object of the form:
+
+ {
+ "signedBlob": "A String", # The signed blob.
+ "keyId": "A String", # The ID of the key used to sign the blob.
+ }</pre>
+</div>
+
+<div class="method">
+ <code class="details" id="signJwt">signJwt(name, body, x__xgafv=None)</code>
+ <pre>Signs a JWT using a service account's system-managed private key.
+
+Args:
+ name: string, The resource name of the service account for which the credentials
+are requested, in the following format:
+`projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
+character is required; replacing it with a project ID is invalid. (required)
+ body: object, The request body. (required)
+ The object takes the form of:
+
+{
+ "payload": "A String", # The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+ "delegates": [ # The sequence of service accounts in a delegation chain. Each service
+ # account must be granted the `roles/iam.serviceAccountTokenCreator` role
+ # on its next service account in the chain. The last service account in the
+ # chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+ # on the service account that is specified in the `name` field of the
+ # request.
+ #
+ # The delegates must have the following format:
+ # `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
+ # character is required; replacing it with a project ID is invalid.
+ "A String",
+ ],
+ }
+
+ x__xgafv: string, V1 error format.
+ Allowed values
+ 1 - v1 error format
+ 2 - v2 error format
+
+Returns:
+ An object of the form:
+
+ {
+ "keyId": "A String", # The ID of the key used to sign the JWT.
+ "signedJwt": "A String", # The signed JWT.
+ }</pre>
+</div>
+
+</body></html>
\ No newline at end of file