Crea y configura una identidad de encriptación del cliente que esté autorizada para enviar correo electrónico desde la cuenta de usuario. Google publica el certificado S/MIME en un directorio compartido de todo el dominio para que las personas de una organización de Google Workspace puedan encriptar y enviar correos electrónicos a la identidad.
En el caso de los administradores que administran identidades y pares de claves para los usuarios de su organización, las solicitudes requieren autorización con una cuenta de servicio que tenga autoridad de delegación en todo el dominio para suplantar la identidad de los usuarios con el alcance https://www.googleapis.com/auth/gmail.settings.basic.
En el caso de los usuarios que administran sus propias identidades y pares de claves, las solicitudes requieren que la encriptación de claves de hardware esté activada y configurada.
Solicitud HTTP
POST https://gmail.googleapis.com/gmail/v1/users/{userId}/settings/cse/identities
[[["Fácil de comprender","easyToUnderstand","thumb-up"],["Resolvió mi problema","solvedMyProblem","thumb-up"],["Otro","otherUp","thumb-up"]],[["Falta la información que necesito","missingTheInformationINeed","thumb-down"],["Muy complicado o demasiados pasos","tooComplicatedTooManySteps","thumb-down"],["Desactualizado","outOfDate","thumb-down"],["Problema de traducción","translationIssue","thumb-down"],["Problema con las muestras o los códigos","samplesCodeIssue","thumb-down"],["Otro","otherDown","thumb-down"]],["Última actualización: 2025-07-25 (UTC)"],[],[],null,["# Method: users.settings.cse.identities.create\n\n- [HTTP request](#body.HTTP_TEMPLATE)\n- [Path parameters](#body.PATH_PARAMETERS)\n- [Request body](#body.request_body)\n- [Response body](#body.response_body)\n- [Authorization scopes](#body.aspect)\n- [Try it!](#try-it)\n\nCreates and configures a client-side encryption identity that's authorized to send mail from the user account. Google publishes the S/MIME certificate to a shared domain-wide directory so that people within a Google Workspace organization can encrypt and send mail to the identity.\n\nFor administrators managing identities and keypairs for users in their organization, requests require authorization with a [service account](https://developers.google.com/identity/protocols/OAuth2ServiceAccount) that has [domain-wide delegation authority](https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority) to impersonate users with the `https://www.googleapis.com/auth/gmail.settings.basic` scope.\n\nFor users managing their own identities and keypairs, requests require [hardware key encryption](https://support.google.com/a/answer/14153163) turned on and configured.\n\n### HTTP request\n\n`POST https://gmail.googleapis.com/gmail/v1/users/{userId}/settings/cse/identities`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n| Parameters ||\n|----------|-------------------------------------------------------------------------------------------------------------------------|\n| `userId` | `string` The requester's primary email address. To indicate the authenticated user, you can use the special value `me`. |\n\n### Request body\n\nThe request body contains an instance of [CseIdentity](/workspace/gmail/api/reference/rest/v1/users.settings.cse.identities#CseIdentity).\n\n### Response body\n\nIf successful, the response body contains a newly created instance of [CseIdentity](/workspace/gmail/api/reference/rest/v1/users.settings.cse.identities#CseIdentity).\n\n### Authorization scopes\n\nRequires one of the following OAuth scopes:\n\n- `https://www.googleapis.com/auth/gmail.settings.basic`\n- `\n https://www.googleapis.com/auth/gmail.settings.sharing`\n\nFor more information, see the [Authorization guide](/workspace/guides/configure-oauth-consent)."]]
