Introduction
This is the NetFoundry Auth service
Overview
HTTP verbs
NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP verbs.
| Verb | Usage |
|---|---|
|
Used to retrieve a resource |
|
Used to create a new resource |
|
Used to update an existing resource, full updates only |
|
Used to delete an existing resource |
The PATCH method is not used (yet).
|
HTTP status codes
NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP status codes.
| Status code | Usage |
|---|---|
|
The actual response will depend on the request method used. In a GET request, the response will contain an entity corresponding to the requested resource. In a POST request, the response will contain an entity describing or containing the result of the action. |
|
The request has been fulfilled and resulted in a new resource being created. |
|
The request has been accepted and is being processed asynchronously Standard response for successful HTTP requests which invoke back-end services. |
|
The server successfully processed the request, but is not returning any content. |
|
The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). |
|
The request lacks valid authentication credentials for the target resource. |
|
The request is authenticated with valid credentials however that set of credentials is not authorized to access this resource. |
|
The requested resource could not be found but may be available again in the future. Subsequent requests by the client are permissible. |
Pagination
Paginated services will accept the following optional request parameters:
| Path | Type | Optional | Description |
|---|---|---|---|
page |
Integer |
true |
Page you want to retrieve, 0 indexed and defaults to 0. |
size |
Integer |
true |
Size of the page you want to retrieve, defaults to 1000. |
sort |
String |
true |
Properties that should be sorted by in the format |
Pagination response has following structure:
| Path | Type | Optional | Description |
|---|---|---|---|
content |
Array[Object] |
false |
Actual items. |
totalElements |
Integer |
false |
Total count. |
totalPages |
Integer |
false |
Total pages with current page size. |
last |
Boolean |
false |
If this page is the last one. |
numberOfElements |
Integer |
false |
Actual size of content array (number of items). |
first |
Boolean |
false |
If this page is the first one. |
sort |
Object |
true |
Sort information object. |
size |
Integer |
false |
Requested size of the page. |
number |
Integer |
false |
Page number. |
empty |
booloean |
false |
If this page is empty. |
Authorization
Masquerade
POST /masquerade
Exchange a NetFoundry token with a service identity for a NetFoundry token with a user identity.
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
identityId |
String |
true |
Must not be null. |
audience |
String |
true |
Must not be empty. |
claims |
Map |
true |
Must not be null. |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
token |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/masquerade' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJFWWs3ckdkY09Wam5aMThfLURNTXN3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjExNDQ4YzlhLWY3NTItNDFlMy04N2IzLWU3NTI5MzczZGNiYiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NywiZXhwIjoxNzQzMTExODU3LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjdkODY4NjU3LWRiYjAtNGE1YS1iNzU2LWViOWY0ZTkyZmU4ZlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1N31dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiOWM5OGRmNDQtMWJhOS00OGJiLTllOTEtNzYzMTZlNDA3MDY0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI0fSx7XCJpZFwiOlwiOTFkMGU0OWUtMGMzOC00YzY4LWE3OTEtNTk1NGExYzFiNjNkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI0fSx7XCJpZFwiOlwiYTE4ZTU3YjEtNzhiNS00OWRhLTg2YjktNGQ0MDg0ODc1YjBkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjIzfSx7XCJpZFwiOlwiZmYxOTI4NTMtN2VkNi00NTBmLWJhZWYtMWUzMTA4ODQ4MDc4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU1fSx7XCJpZFwiOlwiNjNjN2U3MDgtMzE1Yi00YjE1LTlhMzYtNzIxNGJjOGE4NjVjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI2fSx7XCJpZFwiOlwiY2MxNzU1ODktNTAzNS00NGVkLTkxMmEtZmZkODc4OTVlZjVlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI0fSx7XCJpZFwiOlwiYzE0ZDE5NmMtOGYyYS00ZWFlLTkzMDktZjI5ZTM4OWIzNzEyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU0fSx7XCJpZFwiOlwiODI5ODYwMmMtMDkxYy00Y2ZhLWJiYjUtOTA4ZGUzODk4ZmViXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjM5fSx7XCJpZFwiOlwiYWVmYTE1YjctNWZhMi00NGM4LThlNDItNzBhY2I1ZjA5ODE5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI3fSx7XCJpZFwiOlwiOGNjNTQ4MzgtNzY5Ny00NmZhLTk4YTQtY2M3ZTk2ZDA5ZGZhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI0fSx7XCJpZFwiOlwiMzFkNjE5OGUtMWIxZi00YWM3LWI3ZDMtODRiMjljMGI3M2JhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjIzfSx7XCJpZFwiOlwiZTVkN2RiMmYtNzZiZS00MTNlLWI3Y2EtOGQxYzg2ODg3YTQxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI1fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.gR52avVSr9QcojF49VipJkS7QqT1gum1hQcNhk4TJuHb44Fx4aZ4iM62LGpEVWA5fbHVvZ15rrOQCwHJMwldK3hKaLeE81FIdaHaQc2z5JhS6RBTkF_dX8gf74yanqzomgvvfV--virq9QRZf9gHoiV-pjEJC_yAS2lEpOLzI8teIRX69uVpvfAOFJo7ynKbLbGjO_1kIbAr-v5TgXKcEKuQd_X9IeTFPVqrp-OA8u_tyzaczRf4PIMMGUPb2DRKgtCCco3z3NH96PZoDZAF0MSs6SG5FdtG3R_e5-iUPVAoTgN0X6W82LMrFObk0zPkM9Q0YvmuRRUSYKSnBeCY5Q' \
-d '{"identityId":"d80e18ef-6694-44e7-ad43-9596ed340333","audience":"io.netfoundry.test","claims":{}}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 2262
{
"token" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJ1b2QwLXZqYjk0MUFBTkhrenJTOGpRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImQ4MGUxOGVmLTY2OTQtNDRlNy1hZDQzLTk1OTZlZDM0MDMzMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkudGVzdCIsImlhdCI6MTc0MzEwODI1NywiZXhwIjoxNzQzMTA4NTU3LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImExNTZjZTEwLTc4ZDUtNGFkYy05MmIwLTUxNTNmMTZlZGNhYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImM3MDAyY2RhLThhZDItNDM5OC05Njg5LWM1MDRkNmVjMTUzNFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1N31dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiOWM5OGRmNDQtMWJhOS00OGJiLTllOTEtNzYzMTZlNDA3MDY0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI0fSx7XCJpZFwiOlwiOTFkMGU0OWUtMGMzOC00YzY4LWE3OTEtNTk1NGExYzFiNjNkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI0fSx7XCJpZFwiOlwiYTE4ZTU3YjEtNzhiNS00OWRhLTg2YjktNGQ0MDg0ODc1YjBkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjIzfSx7XCJpZFwiOlwiZmYxOTI4NTMtN2VkNi00NTBmLWJhZWYtMWUzMTA4ODQ4MDc4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU1fSx7XCJpZFwiOlwiNjNjN2U3MDgtMzE1Yi00YjE1LTlhMzYtNzIxNGJjOGE4NjVjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI2fSx7XCJpZFwiOlwiY2MxNzU1ODktNTAzNS00NGVkLTkxMmEtZmZkODc4OTVlZjVlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI0fSx7XCJpZFwiOlwiYzE0ZDE5NmMtOGYyYS00ZWFlLTkzMDktZjI5ZTM4OWIzNzEyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU0fSx7XCJpZFwiOlwiODI5ODYwMmMtMDkxYy00Y2ZhLWJiYjUtOTA4ZGUzODk4ZmViXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjM5fSx7XCJpZFwiOlwiYWVmYTE1YjctNWZhMi00NGM4LThlNDItNzBhY2I1ZjA5ODE5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI3fSx7XCJpZFwiOlwiOGNjNTQ4MzgtNzY5Ny00NmZhLTk4YTQtY2M3ZTk2ZDA5ZGZhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI0fSx7XCJpZFwiOlwiMzFkNjE5OGUtMWIxZi00YWM3LWI3ZDMtODRiMjljMGI3M2JhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjIzfSx7XCJpZFwiOlwiZTVkN2RiMmYtNzZiZS00MTNlLWI3Y2EtOGQxYzg2ODg3YTQxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI1fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.hCe4WiAknNbhyIUHTWv0DrRlzdMVhmurkOF7Mr_M_SqDxFJICP21V5DDzkFQlcn27-BJH2mjtIMUSPgC7xvBipqhuceJeD7bWJolNPWNMnO4MjRUL0_vFBC8C9YZfHVdNoWNwvoDEN5rm3VtuIcma3TmXE3s4WrAvgF4Ubdu8VB1L3MTzNZsorrFAJ0AuX_v9FQv60R0dtCteQv-Ha5VIuUBVf-xvDhJFqeBOJd7d0bSicySjJBnuMOYuOPhseYxT6XFGdEu6rvcpGjVqu9Ci7aN4MCM-l-Ytwdaw4WyzHGxvaS9oZoVYPVFnkNaIJHtAH7So4S-Nh-zN6WcwWEmQg"
}Core Authorization Resources
Domains
Find Domains
GET /domains
Returns a set of {@link Domain}s that the client is authorized to read.
Authorization
This endpoint requires read action on the domain resource type.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].name |
String |
true |
A human friendly name which can be used for UX purposes. Must not be null. |
[].code |
String |
true |
A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain. Must match the regular expression |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link Domain} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/domains' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJ2d0VOb2NyQlE5Y0RMX3U1ak5MNlFRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjZkNjM0ZDU0LTQyZDUtNDU3ZC1iOTcwLWQ0YjlhN2UxYzNlYiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI0OSwiZXhwIjoxNzQzMTExODQ5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiODA1YzExYWUtNGQ5My00YjYxLWI3ZDctZTExNzFhYzAyY2MxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjQ5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.sjikNdk-JK5jqxS1Cpeaz4ar1FlFA7dUpEtm21MYYMLXGMNS1etOXXhDuuUsvVLPg-8d1Vhfkhb6NoVMZ4zxIJPO4CblGE-aB2edmfwyaxl3cDOfTRGjUId9wrfLM8ucOSIsCG8Nm25DeGZVN46llYhGSGtXEqAJ9zI6u_1_K-MJGGoOt4Lo34URsdQYRsHsnYCJCKhrNrZJVxiryBQGLUL66Z5vIPY_5T1PI-c3XpXiIjV30Ogt2Zi7RDmMB_QbUUb0u1QG12OhBm4g32rIL_i5TpL4zQSodt8Iv6A4q75Ayy35OREwxlwNYqcue85HcXRbXt2SLdvNu61eRpi8xA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 868
[ {
"id" : "10569cc9-11aa-472e-ae7d-25576a4358b3",
"name" : "Networks",
"code" : "io.netfoundry.network",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:43.180902Z",
"updatedAt" : "2025-03-27T20:43:43.180902Z",
"_title" : "Networks"
}, {
"id" : "96cc2656-7c44-4f5d-ad19-ec28cf14d624",
"name" : "Test Domain",
"code" : "io.netfoundry.test",
"createdBy" : "46ea71b8-433d-4da1-821a-cf84a2fa16af",
"createdAt" : "2025-03-27T20:43:59.085632Z",
"updatedAt" : "2025-03-27T20:43:59.085632Z",
"_title" : "Test Domain"
}, {
"id" : "252a0f57-e15b-48e9-bb3b-493c8dfa9e97",
"name" : "Test Domain 6",
"code" : "test.domain.6",
"createdBy" : "93baa4f7-0e28-46f5-979f-c59978890406",
"createdAt" : "2025-03-27T20:44:08.430723Z",
"updatedAt" : "2025-03-27T20:44:08.430723Z",
"_title" : "Test Domain 6"
} ]Get Domain
GET /domains/{idOrCode}
Authorization
This endpoint requires read action on the domain resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
idOrCode |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
name |
String |
true |
A human friendly name which can be used for UX purposes. Must not be null. |
code |
String |
true |
A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain. Must match the regular expression |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link Domain} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/domains/96cc2656-7c44-4f5d-ad19-ec28cf14d624' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJRMHRLQlFHbXBSaDVSS3VoOGZwVjBnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImJjYTE3MDc2LTQ1ZDctNDBkOC05NjQ5LWI0ZmQ1ZDY0ZDlhYiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI0OSwiZXhwIjoxNzQzMTExODQ5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZTg5MWJiYjAtNWNjZC00YjNiLThkZjktZmM4M2NkMTgwMDk5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjQ5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.G5Imey9aS8io3iCM8wPXY1dnO2ebXK_kKUrplU7Bvpu7guMC1_b8eGEp2JlScT5SzXFwjRd_acyHVogkLlmVPnLKoc6ackJSghidJC4fFz5XAg8xysqGnuCrbIuk8I6T1i9GKGme8uUkA_dL8Dci9ZsiULBaQKtHjGlKkX7sv0avk9TzmE9uCjisNXsmXqw9olTIKz83Tv5T8UZdYRrKp4k07EKW1dr0iD59lKErTjLTVC2JKzk2nq2DQcKGsLRnbolQ3GWOewhGCSFJdZ1hBJ9BW18EpdhJ6zTbFcsjj6iGZ_NboyQ2GiO2FArE-GDG4tCzEoDGiQYtdIsJHrVmNA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 288
{
"id" : "96cc2656-7c44-4f5d-ad19-ec28cf14d624",
"name" : "Test Domain",
"code" : "io.netfoundry.test",
"createdBy" : "46ea71b8-433d-4da1-821a-cf84a2fa16af",
"createdAt" : "2025-03-27T20:43:59.085632Z",
"updatedAt" : "2025-03-27T20:43:59.085632Z",
"_title" : "Test Domain"
}Get Domain
GET /domains/{idOrCode}
Authorization
This endpoint requires read action on the domain resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
idOrCode |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
name |
String |
true |
A human friendly name which can be used for UX purposes. Must not be null. |
code |
String |
true |
A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain. Must match the regular expression |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link Domain} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/domains/io.netfoundry.test' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiItZ3pmUGRMZl9FUDZ3Wk1YdGQ3ZlRBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjZjNjk3ODAzLWUwM2MtNDJkNi1iMjU5LWI1Mzk4Y2Q4NGMxMSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI0OSwiZXhwIjoxNzQzMTExODQ5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiODFhYWQ5MGItNGFkOS00MGQ4LTg4MDEtNGY1OGJkYjRlMWNlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjQ5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.RPOIZOMTkpcRUBlKAYEGw9K7mll8tPm6d-EBqTWVbiFGupIzAI6u9SEkGkhGyxHTWMYA_1_F6v9-3tGqzH9fg2TSPPav9xIZ9XakGhJ7vYai18E-F4aNUPAURLCXRUXoxE1cafwZQt8jcqMqelftVu4VAzWou7awW5D7XMm3y9qgn1r-C_bmqoVtQEkWVKJICuqx1bVXRGrrf6WHp85JNHvmRbsndKwfXNdIl7nQC8SB5sifLQazMIJMDkwvzkwkCzt9w9ly_VTOszP68FNaiEYxwQfziI1xCF5uWMj5VKj613CqWsm2LMQue4VQ9QWfolzkZqRkWN9DLHlgYhVyZw'Example response
HTTP/1.1 200 OK
Content-Disposition: inline;filename=f.txt
Content-Type: application/json
Content-Length: 288
{
"id" : "96cc2656-7c44-4f5d-ad19-ec28cf14d624",
"name" : "Test Domain",
"code" : "io.netfoundry.test",
"createdBy" : "46ea71b8-433d-4da1-821a-cf84a2fa16af",
"createdAt" : "2025-03-27T20:43:59.085632Z",
"updatedAt" : "2025-03-27T20:43:59.085632Z",
"_title" : "Test Domain"
}Create Domain
POST /domains
Authorization
This endpoint requires create action on the domain resource type.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
name |
String |
true |
Must not be null. |
code |
String |
true |
Must match the regular expression |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
name |
String |
true |
A human friendly name which can be used for UX purposes. Must not be null. |
code |
String |
true |
A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain. Must match the regular expression |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link Domain} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/domains' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJWZ0NZZTh0OGxKVzM0eHZpQTNDcF9BIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImY1YTBjODkwLWM4YzUtNDcyNi04MTIyLTRlYjI0YzUzZWRiNiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MCwiZXhwIjoxNzQzMTExODUwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOTQ5MDg0MGItNzM1NC00ZTIwLWIxMWMtZGIzMjhlOGE4MzU3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.PJsyl6P9joJXPgQoMRGccI_LH8-V_9mqQfaqnd7QI8EyDRsf_BYBGoyHcjwXLwu26DU8FLW14FcWHyeNF1UigfkJ8MdPYaAKvPoD7-pDivSXCp9F_ddg6OfSq9pDrbV8Om-VRJEoLuKc9-m2PtLOFyDtAWRecC5UjXH2-QY6CWtmiICs_gJviinaMoaIoR7rSxY1pPts0pV16d_kldrLkv6OGlIB9nOBheniROr-ckB3YSEfLUkUeGZAT7fEc6QH0GWjHP9inRMUgPvhf-vhYYlOaeCcP6Pv-7xj9LgzL2wBbR6n2626TPbhQhdkQkTNZVLQwjIn63Lp6AyiAIvJfg' \
-d '{"name":"Other Test Domain","code":"other.test.domain"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 299
{
"id" : "8c79600d-ebb2-4bd0-9f96-a34bfbf0f82b",
"name" : "Other Test Domain",
"code" : "other.test.domain",
"createdBy" : "f5a0c890-c8c5-4726-8122-4eb24c53edb6",
"createdAt" : "2025-03-27T20:44:10.283341Z",
"updatedAt" : "2025-03-27T20:44:10.283341Z",
"_title" : "Other Test Domain"
}Resource Types
Find Resource Types
GET /resource-types
Returns a set of {@link ResourceType}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
{@link ResourceType}s.
Authorization
This endpoint requires read action on the resource-type resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
domainId |
Object |
true |
Filters results to those that are in one of the specified ,{@link Domain},s. |
code |
Object |
true |
Filters results to those matching one of the specified codes. |
parentId |
Object |
true |
Filters results to those that are an immediate child of one of the specified ,{@link ResourceType},s. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].domainId |
String |
true |
The id of the domain within which this {@link ResourceType} exists. Must not be null. |
[].name |
String |
true |
The human friendly name of this {@link ResourceType}. Must not be null. |
[].code |
String |
true |
A unique value (within the domain) that can be used by code as a reference to this resource type. These values should almost always be the simple type name of the resource class, such as "BillingAccount". Must match the regular expression |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link ResourceType} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link ResourceType} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[].parentId |
String |
true |
Returns the id of the parent {@link ResourceType} or null if this is a root. |
[].root |
Boolean |
true |
|
[].depth |
Integer |
true |
Returns the depth of this {@link ResourceType} within the tree, where a root {@link ResourceType} has a depth of 0. |
[].childrenIds |
Array[Object] |
true |
Returns the id of {@link ResourceType}s that are children of this. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-types' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJxV3lPSHBJdnRORnRQYXFMRTJ4QzJ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjJiNWFkMmMxLTZiMDYtNDViOS05ODkwLTVhYzhmYzA0N2M1ZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1OCwiZXhwIjoxNzQzMTExODU4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNTY4ZTk4NzAtMDJkNy00ODY4LTgxYmEtMTE4YzRmNDA0MTFlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.E4jpVC8n0oiQDaAFAI6NDTZkMaqCHgopV6tfrzeDySQ_VjrOyHVePfOhU4-jMyCYoxzRbXFRTm4X_NDljwOHER9len5Sws_SlMDZzvUsfUohu-yo_vOwgX7KAVi_U1oncH_I3bHb0-oXBi7eWmh6yrT0AX-CcDefLVvhd6J2GipVjOvJfariXBq8uHQ56YfCGkHH6QFjj6pAGUwom6scYCzDd8YAGQ_PFJYkgbvca2oacJvGWkrodKGIcwOeNmBAOwI2p_H3cyFJOZAQHYaBQZGKJpLUBwF2Nyrn8JgkZelxiMCjRo_PNQ0X-XCt_FV1Gn6hFi3lR8RQzamaeDVtrQ'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1519
[ {
"id" : "d33dd0c0-5144-4c87-864c-1d08b039d4fc",
"domainId" : "1b008214-e0b6-4b55-b570-b26c02bcaf8f",
"name" : "User Identity",
"code" : "user-identity",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:43.077899Z",
"updatedAt" : "2025-03-27T20:43:43.077899Z",
"parentId" : "e1d8a67d-228c-4999-9555-589059f83fd6",
"root" : false,
"depth" : 1,
"childrenIds" : [ "0deb077f-296f-43a2-8d0d-8f174a2a8f2d", "36ba970f-a7de-4f31-acb3-997b63b26264", "00533fc0-d4af-4fe3-973a-128e2e155911" ],
"_title" : "User Identity"
}, {
"id" : "658535f2-dda0-49d2-b7f2-92aeea050735",
"domainId" : "1b008214-e0b6-4b55-b570-b26c02bcaf8f",
"name" : "Identity Provider",
"code" : "identity-provider",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:45.694711Z",
"updatedAt" : "2025-03-27T20:43:45.694711Z",
"parentId" : "e1d8a67d-228c-4999-9555-589059f83fd6",
"root" : false,
"depth" : 1,
"childrenIds" : [ ],
"_title" : "Identity Provider"
}, {
"id" : "a8607f1e-04e4-479b-92fb-3ef1a7427358",
"domainId" : "1b008214-e0b6-4b55-b570-b26c02bcaf8f",
"name" : "API Account Identity",
"code" : "api-account-identity",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:43.077899Z",
"updatedAt" : "2025-03-27T20:43:43.077899Z",
"parentId" : "e1d8a67d-228c-4999-9555-589059f83fd6",
"root" : false,
"depth" : 1,
"childrenIds" : [ ],
"_title" : "API Account Identity"
} ]Get Resource Type
GET /resource-types/{id}
Authorization
This endpoint requires read action on the resource-type resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
domainId |
String |
true |
The id of the domain within which this {@link ResourceType} exists. Must not be null. |
name |
String |
true |
The human friendly name of this {@link ResourceType}. Must not be null. |
code |
String |
true |
A unique value (within the domain) that can be used by code as a reference to this resource type. These values should almost always be the simple type name of the resource class, such as "BillingAccount". Must match the regular expression |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link ResourceType} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link ResourceType} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
parentId |
String |
true |
Returns the id of the parent {@link ResourceType} or null if this is a root. |
root |
Boolean |
true |
|
depth |
Integer |
true |
Returns the depth of this {@link ResourceType} within the tree, where a root {@link ResourceType} has a depth of 0. |
childrenIds |
Array[Object] |
true |
Returns the id of {@link ResourceType}s that are children of this. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-types/f9959589-0aa2-4d1b-a477-073b99994e1e' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJfZDJuV3RtOXdJVDdjVHJOUy0tQXlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImU5MjY5MDQ4LTE4OGEtNDgwMy05YWE4LTA4OWQwODNmM2MyMCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1OCwiZXhwIjoxNzQzMTExODU4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMGNmZmQ5ZTUtNDg3ZS00OTlkLThjNmYtNzlkZmI1NWRjOTBlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.s4IcxpbErujdj6Oz4S78_ukMNO-yZw1mhCnNAiIaUDtY6Anx4aW_JWxOV45XhVYVj-9RHWdWmrkOloDSDFyCyXEt-PIVPd3h5gVWkQGQ4lkKg6BvkizU4JoHoHpdlNWGgan4wto5e8pMvPEdRk_rWxL1ACVu-I5rgzltoPLgB8Q8a85hCQmzNFGhOEFEV9yzSskLsuPFawYJeyct_KNBuTEO_T7u8emi1SsEG4cpWp8ADV0fS3Gc7DQOL_GAEu_WR-qr9aGFpfot0nWyVhoWHnvpf2pjmV8LeJlpRbRM82YvnjC2HogW6UFsAtbPahCBAF658E_2MpJZ3C0AqrzPRQ'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 406
{
"id" : "f9959589-0aa2-4d1b-a477-073b99994e1e",
"domainId" : "96cc2656-7c44-4f5d-ad19-ec28cf14d624",
"name" : "Test Type",
"code" : "test-type",
"createdBy" : "44042dda-23e6-4024-967c-c6268b357aee",
"createdAt" : "2025-03-27T20:43:59.190029Z",
"updatedAt" : "2025-03-27T20:43:59.190029Z",
"parentId" : null,
"root" : true,
"depth" : 0,
"childrenIds" : [ ],
"_title" : "Test Type"
}Create Resource Type
POST /resource-types
Authorization
This endpoint requires the following actions:
-
createaction on theresource-typeresource type -
readaction on thedomainresource type -
readaction on theresource-typeresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
domainId |
String |
true |
Client must have |
parentId |
String |
true |
Client must have |
resourceType |
Object |
true |
Must not be null. |
resourceType.name |
String |
true |
Must not be null. |
resourceType.code |
String |
true |
Must match the regular expression |
resourceType.children |
Array[Object] |
true |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
domainId |
String |
true |
The id of the domain within which this {@link ResourceType} exists. Must not be null. |
name |
String |
true |
The human friendly name of this {@link ResourceType}. Must not be null. |
code |
String |
true |
A unique value (within the domain) that can be used by code as a reference to this resource type. These values should almost always be the simple type name of the resource class, such as "BillingAccount". Must match the regular expression |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link ResourceType} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link ResourceType} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
parentId |
String |
true |
Returns the id of the parent {@link ResourceType} or null if this is a root. |
root |
Boolean |
true |
|
depth |
Integer |
true |
Returns the depth of this {@link ResourceType} within the tree, where a root {@link ResourceType} has a depth of 0. |
childrenIds |
Array[Object] |
true |
Returns the id of {@link ResourceType}s that are children of this. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-types' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJSeEtFRmlOUkFaRGNfR1lIZG1vSmVnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImFkZjJjODhlLWMyZjctNDc5Yi1hZWU1LWYzZDhmMzkyMmJmMSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1OCwiZXhwIjoxNzQzMTExODU4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNzhjOGYyMGYtZTQ2Ny00NzEwLWFkZWEtMTliZDRhMzQ1ZWNhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU4fSx7XCJpZFwiOlwiOTU1MzIxYzQtODdjYy00NTMxLTkwOGQtYmM3YjgzOTIzZmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU4fSx7XCJpZFwiOlwiZTg4NzQ3YWItY2MyNS00ODEzLTg5MWUtZTY1ZDFkZWIyNjU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.nf7-7ZRJy3Bisj9dhV37xjvvOLhQTUOHadLlAcbDaEagXTuEXA6_NX2St7QKhqp4gzsfEppSRHc5X7MmjLtT7_16RTvO0GoWQAJfvl_7gCEaGRiDvykS6NV7wL32vISIqC8Eo7q_OpCWNO7C3FKKpTxjzPFn_MQHDSYgWi3XGZjrMxbtDDxaz2qRTGPH5g_wcmyP9fpEtpx7diqGQK2JahNOcsOqchMruBh7PFNVp0SxckMP7eQbLvWlEy-VKBYkzl8Cvog4U6IzVltbpyGtitzqel7REvKvpqiuNykniD8wyyAXwVI0owjOPxwZGJ3J9xe5jFYVndXPDG57SVvHNA' \
-d '{"domainId":"96cc2656-7c44-4f5d-ad19-ec28cf14d624","parentId":"f9959589-0aa2-4d1b-a477-073b99994e1e","resourceType":{"name":"Another Test Type","code":"anoter-test-type","children":[]}}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 464
{
"id" : "1628d510-aa8f-4f6b-9762-679fef6b67d4",
"domainId" : "96cc2656-7c44-4f5d-ad19-ec28cf14d624",
"name" : "Another Test Type",
"code" : "anoter-test-type",
"createdBy" : "adf2c88e-c2f7-479b-aee5-f3d8f3922bf1",
"createdAt" : "2025-03-27T20:44:18.497369Z",
"updatedAt" : "2025-03-27T20:44:18.497369Z",
"parentId" : "f9959589-0aa2-4d1b-a477-073b99994e1e",
"root" : false,
"depth" : 1,
"childrenIds" : [ ],
"_title" : "Another Test Type"
}Resource Actions
Find Resource Actions
GET /resource-actions
Returns a set of {@link ResourceAction}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
specified. {@link CustomRole}s. Only non-deleted {@link CustomRoleAction}s are considered. {@link StandardRoleType}s.
Authorization
This endpoint requires read action on the resource-action resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
code |
Object |
true |
Filters results to those matching one of the specified codes. |
resourceTypeId |
Object |
true |
Filters results to those that apply to one of the ,{@link ResourceType},s specified. |
domainId |
Object |
true |
Filters results to those that are in one of the specified ,{@link Domain},s. |
customRoleId |
Object |
true |
Filters results to those that are granted by one of the specified ,{@link CustomRole},s. Only non-deleted ,{@link CustomRoleAction},s are considered. |
standardRoleTypeId |
Object |
true |
Filters results to those that are included in one of the specified ,{@link StandardRoleType},s. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].resourceTypeId |
String |
true |
The type of resource that this {@link ResourceAction} applies to. Must not be null. |
[].name |
String |
true |
A human friendly name for this action. This should be a verb only, such as "Create", "Grant", "Remove", "Activate", "Update", "Delete", etc. This can contain more than one word, and spaces are permitted and encouraged if more than one word is present. Words should be initial-caps. This value will be appended with the names of other entities, such as a resource type name, in order to compute names for the composition of this with another entity. For example, if this action is "Create" and it is composed with a resource type named "Network", then the resulting composition may be named "Create Network". Must not be null. |
[].code |
String |
true |
Used by code as a reference to this action. These values should almost always be a simple verb such as "create", "update", "grant", "fetch", etc. Lower-case and hyphen separation of words is encouraged. Since this is used by code, the key value have a limited alphabet of letters, numbers, and hyphens. This value must be unique among the set of {@link ResourceAction}s targeting the same resource type. Must match the regular expression |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link ResourceAction} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link ResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[].standardAction |
Boolean |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-actions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiIxbmpCc210YkFjOTIteV8ySFRaU0ZnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjczMDM2MzE0LTVkZTAtNDRiMC1iODVjLTAyZGIxNWUxZmVkZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NSwiZXhwIjoxNzQzMTExODU1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMDY5YzY5MjEtMWViZS00ZDM0LWIzYmEtODFmZTY0MDExOTAxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.qJ-EMpHGqzHJeIOzVFqCc8JKvEyFUvo_7VLMK2zQKXd5o_p1NI8279z4F0snDYvMvhU9CDI2xPATkW1iqFvhvLP-oMU2BIUWriKIbdA91LWF30ZdJmkDWZOQOEVqEKnWGiL7dkvcLdQaOx6AU_CHyrgHpWuR60TU7J511BHa2QDR-tAeDEhzwPX5GVW9n0pqmV2DhCfHgfwiA69U3oxFwSASqhGoM9LCdADtI354B7ygxc25V9ldRgGGbbW_6kPYSNWcix1b-8ZhDsmYi8yNvcNMSiMCHoppu4vxSUtQ7TPG6Fl4CFK5Bb3yc_Veujh_eaBJtxKujapj0j1wnSdJNQ'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1140
[ {
"id" : "5f6dc172-82a0-4634-86ee-d853dff5d364",
"resourceTypeId" : "ffe9f01e-da52-4ab7-b73b-240c7fcb664a",
"name" : "Update Add Admin User",
"code" : "update-add-admin-user",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:44.089231Z",
"updatedAt" : "2025-03-27T20:43:44.089231Z",
"standardAction" : false,
"_title" : "Update Add Admin User Network"
}, {
"id" : "7d453895-58c7-4cb0-90e1-cc25f9b4ec82",
"resourceTypeId" : "b29f88a5-e663-499f-af76-ee00a6dd95b9",
"name" : "Read",
"code" : "read",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:48.185382Z",
"updatedAt" : "2025-03-27T20:43:48.185382Z",
"standardAction" : true,
"_title" : "Read DNS Zone"
}, {
"id" : "21bd8011-584b-43e2-97ab-a6ab5f21d7a6",
"resourceTypeId" : "4f2babf9-4f51-417c-8cd3-38f3e3777460",
"name" : "Read",
"code" : "read",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:48.791658Z",
"updatedAt" : "2025-03-27T20:43:48.791658Z",
"standardAction" : true,
"_title" : "Read OIDC Public Client"
} ]Get Resource Action
GET /resource-actions/{id}
Authorization
This endpoint requires read action on the resource-action resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
resourceTypeId |
String |
true |
The type of resource that this {@link ResourceAction} applies to. Must not be null. |
name |
String |
true |
A human friendly name for this action. This should be a verb only, such as "Create", "Grant", "Remove", "Activate", "Update", "Delete", etc. This can contain more than one word, and spaces are permitted and encouraged if more than one word is present. Words should be initial-caps. This value will be appended with the names of other entities, such as a resource type name, in order to compute names for the composition of this with another entity. For example, if this action is "Create" and it is composed with a resource type named "Network", then the resulting composition may be named "Create Network". Must not be null. |
code |
String |
true |
Used by code as a reference to this action. These values should almost always be a simple verb such as "create", "update", "grant", "fetch", etc. Lower-case and hyphen separation of words is encouraged. Since this is used by code, the key value have a limited alphabet of letters, numbers, and hyphens. This value must be unique among the set of {@link ResourceAction}s targeting the same resource type. Must match the regular expression |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link ResourceAction} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link ResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
standardAction |
Boolean |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-actions/3d374434-844e-475c-8a37-08a4bd60420d' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJ1VnQzVWVwYVd6Wk5hQzZhNmt6TVdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjYxMGQyMGQ3LTg3ZDEtNDNiYS05M2NlLWFjMjJhZWU0ZjhjNyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NSwiZXhwIjoxNzQzMTExODU1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiODliOTFjNDUtY2ZkYy00M2MxLTllNmEtNWJkNjA3YmViYzA5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.D1BSC23TUFDfyq-DL2MYbd4l3SLwByLD_r9irMZdEyedE2WnR-zJCkUO5CUkUlhGAK3YMEaeSM9q3Iy17YH4V73lz4PsKXzBLqkhjxEWTV6NzArCMINd9-i27F_AH6GBUNsinzWzWtsdwRA1k2f_0mi1y7rci1HOIybK3qcCpED3HB0bSjuzMMq2adSixC9leiaNPQtplOEdrMg_-uL_sIHHMbknq1bXVb4ZspdbIgDJIIP5f2SZnjxhiiggULW-EhEu5bAiRWEO5zn8NMQFMpNyZr23r7WBISlEs1pCG7q0tENm3Ohkbxdqxdnx1mkdbcBrtnC1VqbBa7p9m6yvog'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 380
{
"id" : "3d374434-844e-475c-8a37-08a4bd60420d",
"resourceTypeId" : "f9959589-0aa2-4d1b-a477-073b99994e1e",
"name" : "Test Action",
"code" : "test-action",
"createdBy" : "26e66044-9480-4f88-aac3-98b9fb4ddc55",
"createdAt" : "2025-03-27T20:43:59.254271Z",
"updatedAt" : "2025-03-27T20:43:59.254271Z",
"standardAction" : false,
"_title" : "Test Action Test Type"
}Create Resource Action
POST /resource-actions
Authorization
This endpoint requires the following actions:
-
createaction on theresource-actionresource type -
readaction on theresource-typeresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
resourceTypeId |
String |
true |
Client must have |
actions |
Array[Object] |
true |
Must not be empty. |
actions[].name |
String |
true |
Must not be null. |
actions[].code |
String |
true |
Must not be null. |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].resourceTypeId |
String |
true |
The type of resource that this {@link ResourceAction} applies to. Must not be null. |
[].name |
String |
true |
A human friendly name for this action. This should be a verb only, such as "Create", "Grant", "Remove", "Activate", "Update", "Delete", etc. This can contain more than one word, and spaces are permitted and encouraged if more than one word is present. Words should be initial-caps. This value will be appended with the names of other entities, such as a resource type name, in order to compute names for the composition of this with another entity. For example, if this action is "Create" and it is composed with a resource type named "Network", then the resulting composition may be named "Create Network". Must not be null. |
[].code |
String |
true |
Used by code as a reference to this action. These values should almost always be a simple verb such as "create", "update", "grant", "fetch", etc. Lower-case and hyphen separation of words is encouraged. Since this is used by code, the key value have a limited alphabet of letters, numbers, and hyphens. This value must be unique among the set of {@link ResourceAction}s targeting the same resource type. Must match the regular expression |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link ResourceAction} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link ResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[].standardAction |
Boolean |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-actions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJwOWIwNWNmWGwtVHRJdk9UOEY5YlBnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjVhNjQxYzQ4LWEyZjctNDM2Ni1iZDQyLWJiZjlkYmVmMWQ2NyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NSwiZXhwIjoxNzQzMTExODU1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiM2FkZmYzZGEtZDc2Yy00YzhmLThlODMtY2RjZWZjZDFlNzI5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU1fSx7XCJpZFwiOlwiYjY0ZDFlOTEtMDIzYi00YTEzLTgwYzMtMTlkNGQ3MDQ3NGNjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.biBHzRQzIxFwZJpmb3vDDxbH0GAcFnxUBzUQ8cpZhUZXth9NKFLZFXpfDg9JQ0blFFSreOyxLLo7TPmnHTlpf-S8O6NaMAs6gMwUAn8oR2O_OA33_Bt8mqxiphYiGNbMLwTpCwFpjlci2C1cMIZXJ2zcr4n_KX3g7mN4thRD1_TwuPx_WXXa1a77K7kAivkh8C9TeXGyaoVZKyUqUysswBP9to5uQB7GC5CiQcJy3U-KV087LEJXOfdZtnpaLSM0GsOCZ4GVGr3WovH-DknniKtqSiMeobFpCXsmPOtoLe8mSZms3WlIJWqjdg0k9QUWxTFA5QAstWEjdhEOs9NImA' \
-d '{"resourceTypeId":"f9959589-0aa2-4d1b-a477-073b99994e1e","actions":[{"name":"Update Custom","code":"update-custom"}]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 390
[ {
"id" : "c94ec48e-26c4-4670-9fe3-503808418305",
"resourceTypeId" : "f9959589-0aa2-4d1b-a477-073b99994e1e",
"name" : "Update Custom",
"code" : "update-custom",
"createdBy" : "5a641c48-a2f7-4366-bd42-bbf9dbef1d67",
"createdAt" : "2025-03-27T20:44:15.360965Z",
"updatedAt" : "2025-03-27T20:44:15.360965Z",
"standardAction" : false,
"_title" : "Update Custom Test Type"
} ]Authorization Grants
Grants (abstract)
Find Grants
GET /grants
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
grantType |
Object |
true |
|
identityId |
Object |
true |
|
resourceActionId |
Object |
true |
|
path |
Object |
true |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].grantType |
String |
true |
The concrete type that this virtual {@link Grant} is based upon. Never null. Must be one of [CustomRole, IdentityResourceAction, PublicGrant, SuperUser]. |
[].grantId |
String |
true |
The id of the concrete grant resource on which this virtual {@link Grant} is based. If the grant type has separate resources for the grant and the privileges, then this will reference the grant resource (the resource with an identity id.) Never null. |
[].privilegeSourceId |
String |
true |
The id of the concrete {@link PrivilegeSource} from which this grant is based. Some grant types combine the grant and privilege aspects into a single resource. For example, a {@link SuperUser} is both a grant (it specifies an identity id) and a privilege source. In other cases, such as a {@link CustomRole} and {@link CustomRoleGrant}, they are separate. When they are the same resource, this value will match the grantId value. Never null. |
[].identityId |
String |
true |
The identity id of the holder of this grant. Almost never null, with the one exception of a grant made to all users (or all authenticated users.). |
[].privileges |
Map |
true |
The set of privileges that this grants. These are organized as a stack of 3 Maps where the keys are the domain code, then the resource type code, then the action code, and the leaf value is a set of paths on which that action can be performed. |
[].createdBy |
String |
true |
The identity id that created the grant. Must not be null. |
[].createdAt |
String |
true |
The date-time at which the grant was created. Must not be null. |
[].deletedAt |
String |
true |
The date-time at which the grant was deleted. This will be null for an grant that has not been deleted. If this property is not null, then the grant is 'marked' as being deleted. |
[].deletedBy |
String |
true |
The identity id that deleted the grant. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/grants' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJMUHI3NlU1dlZZX0hfWklKRlRsS293IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImFkYjYzODdlLWQ0MjEtNGYyNy1hY2Y3LWU5Y2FhY2IzMTQwMSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI0NywiZXhwIjoxNzQzMTExODQ3LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjRmYjAxOTg1LWE2N2UtNDk5NS04MzA3LTE3NDBjMWExZDRhZlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI0N31dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiOWM5OGRmNDQtMWJhOS00OGJiLTllOTEtNzYzMTZlNDA3MDY0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI0fSx7XCJpZFwiOlwiOTFkMGU0OWUtMGMzOC00YzY4LWE3OTEtNTk1NGExYzFiNjNkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI0fSx7XCJpZFwiOlwiYTE4ZTU3YjEtNzhiNS00OWRhLTg2YjktNGQ0MDg0ODc1YjBkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjIzfSx7XCJpZFwiOlwiNjNjN2U3MDgtMzE1Yi00YjE1LTlhMzYtNzIxNGJjOGE4NjVjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI2fSx7XCJpZFwiOlwiY2MxNzU1ODktNTAzNS00NGVkLTkxMmEtZmZkODc4OTVlZjVlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI0fSx7XCJpZFwiOlwiODI5ODYwMmMtMDkxYy00Y2ZhLWJiYjUtOTA4ZGUzODk4ZmViXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjM5fSx7XCJpZFwiOlwiYWVmYTE1YjctNWZhMi00NGM4LThlNDItNzBhY2I1ZjA5ODE5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI3fSx7XCJpZFwiOlwiOGNjNTQ4MzgtNzY5Ny00NmZhLTk4YTQtY2M3ZTk2ZDA5ZGZhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI0fSx7XCJpZFwiOlwiMzFkNjE5OGUtMWIxZi00YWM3LWI3ZDMtODRiMjljMGI3M2JhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjIzfSx7XCJpZFwiOlwiZTVkN2RiMmYtNzZiZS00MTNlLWI3Y2EtOGQxYzg2ODg3YTQxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjI1fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.FuEbiUsxQUS3c3jdZbQ_YcYajiIphnQZVksrq6vpc1xz4RJOAQAneU-x53P6LEWrs90eN1c6tgHMaSzptMuvaiJAVPHbLEV731CFqBjtg3lV0XrGNhIw-dqa0YK0_wUr-bF-G3YLbCgiZ9HguXykJhpUt-CS8AOEuFKJDN_J_-6M5v1PcuRonF-2tSu4qBdIAH1H1NVu0YOumXmDE2PKhirkRQO94QSVLnSOzeCbB_YjnSL31P9f-oFE6BXhI8DaK6Df8HFi0JYSCrIboTtqhXNuyqIr5BjwuNm9bgYDe2CNWtsEe6lz2ys5aeJNFij0iqp2TTy1h9HyxN-iqzqrHQ'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1798
[ {
"grantType" : "IdentityResourceAction",
"grantId" : "9eea86e2-d343-4c96-b27d-a6681d74f5f2",
"privilegeSourceId" : "9eea86e2-d343-4c96-b27d-a6681d74f5f2",
"identityId" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"privileges" : {
"io.netfoundry.identity" : {
"service-identity" : {
"create" : [ [ ] ]
}
}
},
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:48.272709Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Create Service Identity, All to identity 0ab1b47d-a5de-4f39-a3bd-7b130cacf401"
}, {
"grantType" : "IdentityResourceAction",
"grantId" : "aa1c08d0-5b3a-4e06-8ae2-b2ac76271803",
"privilegeSourceId" : "aa1c08d0-5b3a-4e06-8ae2-b2ac76271803",
"identityId" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"privileges" : {
"io.netfoundry.network" : {
"network-host" : {
"read-network-host" : [ [ ] ]
}
}
},
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:48.145601Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read Network Host Network Host, All to identity 0ab1b47d-a5de-4f39-a3bd-7b130cacf401"
}, {
"grantType" : "IdentityResourceAction",
"grantId" : "145dd3af-d240-4291-8477-e2b507646c71",
"privilegeSourceId" : "145dd3af-d240-4291-8477-e2b507646c71",
"identityId" : "0ed768fa-7214-4404-8335-a715156dff45",
"privileges" : {
"io.netfoundry.auth" : {
"standard-role-grant" : {
"read" : [ [ ] ]
}
}
},
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:45.989343Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read Standard Role Grant, All to identity 0ed768fa-7214-4404-8335-a715156dff45"
} ]Super-User Grants
Find Super Users
GET /super-users
Returns a set of {@link SuperUser}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
{@link Domain}s. To search for {@link SuperUser}s that explicitly grant access to all domains (ie, the domainId is null), include this query parameter with no value. only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.
Authorization
This endpoint requires read action on the super-user resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
identityId |
Object |
true |
Filters results to those that grant to an identity specified in this set. |
domainId |
Object |
true |
Filters results to those that grant access to one of the specified ,{@link Domain},s. To search for ,{@link SuperUser},s that explicitly grant access to all domains (ie, the domainId is null), include this query parameter with no value. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].identityId |
String |
true |
The id of the identity to whom super-user access has been granted. Must not be null. |
[].domainId |
String |
true |
An optional {@link Domain} id, which when set indicates that this super-user is limited to {@link ResourceAction}s in the corresponding {@link Domain}. When not set, this super-user applies to all {@link Domain}s, present and future. |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link SuperUser} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link SuperUser} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[].deletedAt |
String |
true |
The date-time at which this {@link SuperUser} was deleted. This will be null for an {@link SuperUser} that has not been deleted. If this property is not null, then the {@link SuperUser} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/super-users' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiI2YWRDTnhhM2poVS1lMTF4TmxvNFpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImE5ZjUxMzZlLTk2YjYtNGNkNi1iNzA3LWNhNDkwNTlmMDViMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NywiZXhwIjoxNzQzMTExODU3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOWY0ZTU4YzItMzkzOC00MmViLTkwMzktM2M2MThhMWNhOTRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.cnPG6BkS1VEUuMoD-hWkcjav_aLPeVqBcjaNhnzeOD9Xqz_cFUVFv2LSuer6pfRnP0fE4p4_1NZuw2_nXTgAyGugYPmxKR1YJepjLzYfb-hhEf3JBBDFih56jc6EJG1ggA23GkiW0P4p7TLa-qk3fUH0U7cJyR1w1zigAMHqwyf9VcUctFkGSqk-8FQh314DSaFQkg1tK3gYQJYdLZtxx8tOTuRHgmlLaj-LNuzdrMdxxx-fKSP52GKwr8xboJhz6MIAfo2VFUvf1Pui8_oVDyL3NUZ_hLPLzEFAUQN_XppdjscTZckwozA5EkqnAOA69y_99bDmbbU9Wy6XEkmMaA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1602
[ {
"id" : "13c57ac0-dbfa-48bf-8662-e469662d9fd5",
"identityId" : "9ef48b65-aa0b-4a9e-a848-750d52fcd2cf",
"domainId" : "92653fa0-1519-4473-848d-416478482180",
"createdBy" : "45131c1e-bf8e-493a-b725-85880a144fe5",
"createdAt" : "2025-03-27T20:44:17.639279Z",
"updatedAt" : "2025-03-27T20:44:17.713845Z",
"deletedAt" : "2025-03-27T20:44:17.713206Z",
"deletedBy" : "4738835c-5de3-4a92-90d9-8848a891f8dd",
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in Test Domain 55 to identity 9ef48b65-aa0b-4a9e-a848-750d52fcd2cf"
}, {
"id" : "c7002cda-8ad2-4398-9689-c504d6ec1534",
"identityId" : "d80e18ef-6694-44e7-ad43-9596ed340333",
"domainId" : null,
"createdBy" : "c58879f1-b2ab-48a9-8283-be038860358a",
"createdAt" : "2025-03-27T20:44:17.445842Z",
"updatedAt" : "2025-03-27T20:44:17.445842Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in All Domains to identity d80e18ef-6694-44e7-ad43-9596ed340333"
}, {
"id" : "a156ce10-78d5-4adc-92b0-5153f16edcaa",
"identityId" : "d80e18ef-6694-44e7-ad43-9596ed340333",
"domainId" : "96cc2656-7c44-4f5d-ad19-ec28cf14d624",
"createdBy" : "35b8b26e-a478-4e29-b8e4-849f56b340a7",
"createdAt" : "2025-03-27T20:43:59.299542Z",
"updatedAt" : "2025-03-27T20:43:59.299542Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in Test Domain to identity d80e18ef-6694-44e7-ad43-9596ed340333"
} ]Get Super User
GET /super-users/{id}
Authorization
This endpoint requires read action on the super-user resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
identityId |
String |
true |
The id of the identity to whom super-user access has been granted. Must not be null. |
domainId |
String |
true |
An optional {@link Domain} id, which when set indicates that this super-user is limited to {@link ResourceAction}s in the corresponding {@link Domain}. When not set, this super-user applies to all {@link Domain}s, present and future. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link SuperUser} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link SuperUser} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link SuperUser} was deleted. This will be null for an {@link SuperUser} that has not been deleted. If this property is not null, then the {@link SuperUser} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/super-users/a156ce10-78d5-4adc-92b0-5153f16edcaa' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJQdEUtT2h6elNPT2RabkRwZllxN01nIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjI0ZTcxZGM2LTUxZWUtNGFjNS05Mjc5LTViNDg0NGY5NDZmZiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NywiZXhwIjoxNzQzMTExODU3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiN2QyMTgwYzktYWJmNi00NmQ3LWFhYzctMmViMDYwMDk0YmRjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Bcxuqp4oDbtQ0uKlvorDyUdXcvdpt3wFczNsqKROjARyKkqSzgGUF5kUFLEvGtMmkplNl7x1opeahFCiUCYgcxl5iEBpBErrIsNALi4bdfiwkSymB9bYCr5BvDQs9Is0WeEWHLNv5_WsbSwcgw23UVhZR791jpiXUvCkJ_34SkDm4Bq9b1hp_hMWAwmYcpTB_xh90fKRX-pYwuUWwdoPtYWOtUynOpqCiC6srBHZNI_m-JGFHUFoZwRMHh1lC66Wgm4TT9wSrXjQxc_GJMwvjgCJpUGokHs-kHLb4qfXT-k_yj7PiAvNKXgzXHTDkmZ8Dg58hL-ptZDAnqJkAXbhDA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 522
{
"id" : "a156ce10-78d5-4adc-92b0-5153f16edcaa",
"identityId" : "d80e18ef-6694-44e7-ad43-9596ed340333",
"domainId" : "96cc2656-7c44-4f5d-ad19-ec28cf14d624",
"createdBy" : "35b8b26e-a478-4e29-b8e4-849f56b340a7",
"createdAt" : "2025-03-27T20:43:59.299542Z",
"updatedAt" : "2025-03-27T20:43:59.299542Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in Test Domain to identity d80e18ef-6694-44e7-ad43-9596ed340333"
}Create Super User
POST /super-users
Authorization
This endpoint requires the following actions:
-
createaction on thesuper-userresource type -
readaction on thedomainresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
identityId |
String |
true |
Must not be null. |
domainId |
String |
true |
Client must have |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
identityId |
String |
true |
The id of the identity to whom super-user access has been granted. Must not be null. |
domainId |
String |
true |
An optional {@link Domain} id, which when set indicates that this super-user is limited to {@link ResourceAction}s in the corresponding {@link Domain}. When not set, this super-user applies to all {@link Domain}s, present and future. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link SuperUser} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link SuperUser} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link SuperUser} was deleted. This will be null for an {@link SuperUser} that has not been deleted. If this property is not null, then the {@link SuperUser} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/super-users' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJySll0OEZ2ZFJyZTV4eFV3cDBSWDdRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM1ODg3OWYxLWIyYWItNDhhOS04MjgzLWJlMDM4ODYwMzU4YSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NywiZXhwIjoxNzQzMTExODU3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZWMxNzM0MjItMjFhOC00Y2JhLThiOTEtYTM1OTAyNDcxY2M1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU3fSx7XCJpZFwiOlwiNDM1NTlkMzItYmJhNC00ZGMzLTgxYWYtMjM2NzU0M2JlYjgyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.c18KloUuAbEae77UC_ZeHbPn0U11bsgrWaeuJW5IJpyFrOMirpGLigze7auwcC7yxjU0bZl3oxCa95jM3hBk_HYQeIG14j4P1ZmdISxR2XeVLM_hUR0650yQKsVusbyEFHDMWQLF7Hlj2M1YNXbkP2bZVLQvsSU6GE0UY2IvTr7VPmJGWfO5FxR0LFz1bDHyocs3mIYvHqIO_JHeXjEqam0UYnPnD4EMOx2OSuxxplKDpfHzielUdVlJpJqpPFWrvL8_rhJ20ppKtMbAYPwn9t-drn_L6D6G7G-cbuFgZpGh_Za4yPj_QRCkHNQx61EYt9xrpFTbdfSo5IhBvcucBA' \
-d '{"identityId":"d80e18ef-6694-44e7-ad43-9596ed340333","domainId":null}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 488
{
"id" : "c7002cda-8ad2-4398-9689-c504d6ec1534",
"identityId" : "d80e18ef-6694-44e7-ad43-9596ed340333",
"domainId" : null,
"createdBy" : "c58879f1-b2ab-48a9-8283-be038860358a",
"createdAt" : "2025-03-27T20:44:17.445842Z",
"updatedAt" : "2025-03-27T20:44:17.445842Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in All Domains to identity d80e18ef-6694-44e7-ad43-9596ed340333"
}Delete Super User
DELETE /super-users/{id}
Authorization
This endpoint requires delete action on the super-user resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/super-users/13c57ac0-dbfa-48bf-8662-e469662d9fd5' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJyVDNaVGhWTmhmZlZhWGpJaXBuSmZ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjQ3Mzg4MzVjLTVkZTMtNGE5Mi05MGQ5LTg4NDhhODkxZjhkZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NywiZXhwIjoxNzQzMTExODU3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiM2QzNDMyMzUtZDNkYy00N2I1LTgxNmMtYzY5ZThiNDljYWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.rUcLmubqPWx5U1Pawlafj1o0QC9jpwpVlIX00sqgjhgfH77RsOddRZK5GALILW5Gy-fSk_iqKILogeWTnqqvHD0gnhzT6uOqqQGUzCTEhJO6HfcXk6kAZmkFd4pooeLwF4cYI4V4FT9ZngSx8NWF0lpFW5cIFdtCypYf32T_p5Dfch0ywVR0Ayrqj7f30J7MR2940uK1Aeq-Bru3bLc0F5ao9ghRxN9cqDtMp0Vj4gS6CQAWeraBrhTIEsT0l0FugWmv5w33H06vHcojDzE2qDySxMv0IRY3jX4cYXvWbXjOmV88jG06IRvre34bUVd9IGDZSJsZiEabFFsv2irHTg'Example response
HTTP/1.1 200 OKPublic Grants
Find Public Grants
GET /public-grants
Returns a set of {@link PublicGrant}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
{@link ResourceAction}s. false, filters to those with the isAnonymous property is false. When not specified, the results will include those with both true and false values for this property. example, if the path is to Network X which is under Network Group Y, this would restrict the results to {@link IdentityResourceAction}s that grant an action on any resource under Network X, an action on Network X itself, or an action on Network Group Y. Combine this query parameter with resourceActionIds to limit the results to the types of actions along the path that are of interest.
The path value must start with a domain code followed by a colon. It may then have a comma delimited sequence of colon separated resource type code and resource id pairs. The path structure must match that of the server defined resource tree for the specified resources in the specified domain. only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.
Authorization
This endpoint requires read action on the public-grant resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
resourceActionId |
Object |
true |
Filters results to those that grant one of the specified ,{@link ResourceAction},s. |
isAnonymous |
Boolean |
true |
When true, filters results where the isAnonymous property is true. When false, filters to those with the isAnonymous property is false. When not specified, the results will include those with both true and false values for this property. |
path |
Object |
true |
Filters results to those that target any resource along the specified path. For example, if the path is to Network X which is under Network Group Y, this would restrict the results to ,{@link IdentityResourceAction},s that grant an action on any resource under Network X, an action on Network X itself, or an action on Network Group Y. Combine this query parameter with resourceActionIds to limit the results to the types of actions along the path that are of interest., |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].resourceActionId |
String |
true |
Must not be null. |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link PublicGrant} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link PublicGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[].deletedAt |
String |
true |
The date-time at which this {@link PublicGrant} was deleted. This will be null for an {@link PublicGrant} that has not been deleted. If this property is not null, then the {@link PublicGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].path |
Array[Object] |
true |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link PublicGrant} targets. Must not be null. |
[].path[].resourceId |
String |
true |
Must not be null. |
[].path[].resourceTypeId |
String |
true |
|
[].anonymous |
Boolean |
true |
If true, then any client may perform the linked action even if not authenticated. If false, then a client must be authenticated in order to perform the linked action. The actual identity id of the client does not matter for {@link PublicGrant}s. |
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJDdDRhb3RPUEd2dVFBTWhYZ1ZHY09BIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjFhZGE5YmMyLWQ5NTEtNGQ2YS04MWUzLWE1NTI4MWMzZDlmZiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NSwiZXhwIjoxNzQzMTExODU1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMTNlMjJkYWYtMzljNi00OGYxLTliODctOGMwY2ViMjkwNWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.PErlE3ZqEfjCI5i36Pv8zcDEOz81HVPqiMYCHHrPPBrMCRe12DioWFFrz3UGAsN-EMeYS6ozFd7xxWCrZ-MQ_1QNcwwwq46dd5ai9cFlp6Wr4bu4w_wMo5QNTAAbvKMXKpBFYt94mEE6m-BODQKhCTc1DTstyVglxyqv5hIVQ_SjSMXwOEfT9FD950w8blmsDelJnQtpUtQmPXn_O1lbWhL1W3xDtiAaunOU0j7epJqwjDc9lE36lORGZu5LVQfPbqjqZmtxBhK7kSAdeiQW7AfvkPv4lKWnPCSeyRrh7hI2kHVxKSh05s1l_p-3h9Pv3ydG93d821bfn3oIRQttsA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1904
[ {
"id" : "ae1e6b41-4dcb-4bc0-8cbf-2d27b43e382e",
"resourceActionId" : "75ae0365-b4a2-4bd5-929e-62a990b0a7c8",
"createdBy" : "5d0530e5-8ff4-4296-94a0-a3749d865b42",
"createdAt" : "2025-03-27T20:44:14.796881Z",
"updatedAt" : "2025-03-27T20:44:14.893346Z",
"deletedAt" : "2025-03-27T20:44:14.892575Z",
"deletedBy" : "bbeb629c-1884-4e5b-9310-fcdfeeedf6b5",
"path" : [ {
"resourceId" : "6ad27b3f-4b66-45e8-823b-5b6e76653950",
"resourceTypeId" : "8f7fbb72-493f-4157-816f-0ac1599a556e"
} ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Test Action 48 Test Type 47 on/under Test Type 47 6ad27b3f-4b66-45e8-823b-5b6e76653950 to All Authenticated Clients"
}, {
"id" : "8cc54838-7697-46fa-98a4-cc7e96d09dfa",
"resourceActionId" : "94ee3f67-3f5f-4c1d-9931-994cd9813a36",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:44.360963Z",
"updatedAt" : "2025-03-27T20:43:44.360963Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Read Domain, All to All Authenticated Clients"
}, {
"id" : "c14d196c-8f2a-4eae-9309-f29e389b3712",
"resourceActionId" : "b4b07ff9-8747-44a9-8a9c-a9ee21b1c109",
"createdBy" : "3d95a194-e7d1-402b-9b9f-ab6c8b07aaa6",
"createdAt" : "2025-03-27T20:44:14.464663Z",
"updatedAt" : "2025-03-27T20:44:14.464663Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "873bb7e2-acef-4434-8717-b1c319f98c4d",
"resourceTypeId" : "70aec923-5d1d-40d3-a236-c19847fd4cfc"
} ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Test Action 45 Test Type 44 on/under Test Type 44 873bb7e2-acef-4434-8717-b1c319f98c4d to All Authenticated Clients"
} ]Get Public Grant
GET /public-grants/{id}
Authorization
This endpoint requires read action on the public-grant resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
resourceActionId |
String |
true |
Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link PublicGrant} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link PublicGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link PublicGrant} was deleted. This will be null for an {@link PublicGrant} that has not been deleted. If this property is not null, then the {@link PublicGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
true |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link PublicGrant} targets. Must not be null. |
path[].resourceId |
String |
true |
Must not be null. |
path[].resourceTypeId |
String |
true |
|
anonymous |
Boolean |
true |
If true, then any client may perform the linked action even if not authenticated. If false, then a client must be authenticated in order to perform the linked action. The actual identity id of the client does not matter for {@link PublicGrant}s. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants/c14d196c-8f2a-4eae-9309-f29e389b3712' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiI4TThZOWNXdnd3clFrYWRIZjRqM0F3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjY2NGMzMWFkLTliMzAtNDcyYi05YjVmLTEyOTY0OWE1ZGQzOSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NCwiZXhwIjoxNzQzMTExODU0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMDdkOWZlZTctOGM4ZC00ZjVkLWE5NDctMGU2ODUwZDYyMjM5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.iX09DUMQzQPifNPQSTMbnmo9MUDNv17ZWwHodYjzEryGWzSj0FtLiVrWdha3_Oujo5p8nLG6Na8avTjqfCvREC0gBQasrjjfeVTiao6tT5LxBFST2VKWALX7k4_gXzmgGnGeaxxSQQ_umCw1mR_94j8Kbn4TQkkb-m4PhXqegl1ZySxOG3OHZl_oDWWh7w3NUDa0Nb8SVZKzldIkQ17C007qd_-1W6WGqG6OrosldHCIJYVta74d1-9mFgmGP92M2F6opxnGELkuHvX4XDe1BjyMjGF7VD1tKwDfKaxw8D-cbwktDYf__SfXUTnN0IlVZ9NKepAzpsOg82ykvb15zQ'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 678
{
"id" : "c14d196c-8f2a-4eae-9309-f29e389b3712",
"resourceActionId" : "b4b07ff9-8747-44a9-8a9c-a9ee21b1c109",
"createdBy" : "3d95a194-e7d1-402b-9b9f-ab6c8b07aaa6",
"createdAt" : "2025-03-27T20:44:14.464663Z",
"updatedAt" : "2025-03-27T20:44:14.464663Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "873bb7e2-acef-4434-8717-b1c319f98c4d",
"resourceTypeId" : "70aec923-5d1d-40d3-a236-c19847fd4cfc"
} ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Test Action 45 Test Type 44 on/under Test Type 44 873bb7e2-acef-4434-8717-b1c319f98c4d to All Authenticated Clients"
}Create Public Grant
POST /public-grants
Authorization
This endpoint requires the following actions:
-
createaction on thepublic-grantresource type -
readaction on theresource-actionresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
resourceActionId |
String |
true |
Client must have |
path |
Array[Object] |
true |
Must not be null. |
path[].resourceId |
String |
true |
Must not be null. |
path[].resourceTypeId |
String |
true |
|
anonymous |
Boolean |
true |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
resourceActionId |
String |
true |
Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link PublicGrant} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link PublicGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link PublicGrant} was deleted. This will be null for an {@link PublicGrant} that has not been deleted. If this property is not null, then the {@link PublicGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
true |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link PublicGrant} targets. Must not be null. |
path[].resourceId |
String |
true |
Must not be null. |
path[].resourceTypeId |
String |
true |
|
anonymous |
Boolean |
true |
If true, then any client may perform the linked action even if not authenticated. If false, then a client must be authenticated in order to perform the linked action. The actual identity id of the client does not matter for {@link PublicGrant}s. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJBNkplZFUyV3JDbGVCLWxNN1JrSTdBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijk1MzBjYjFhLWFiMzYtNGZkYi05OGVmLWNlMDQxMWFlNDIzYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NCwiZXhwIjoxNzQzMTExODU0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMjI3ZDI0ZTQtZWNhMS00MmZkLWI3MDAtYzZjZTYxYzNmYzY1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU0fSx7XCJpZFwiOlwiZmE2NmUyZDctNjM1Yi00NWRmLWJlZTItZmFmOGY0NTc3ZTYzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.jMo1eXxnsCaRxXAt09kfI1QVnufW-vgBOChplHZE8QcBraw1rK4yYSqm-yQDFI6NsixRQfCDI8Zd2vAgTy0I9JMiL80StEcZ2jnU_k_7a_7jd2sRBcwOD4mtPoi2Zh52SGJKhzjlddLLj28cNVrBtZ5G4q_bal0C6dygeeRqiF4fwJWctpwV9Leyz3PBwt_vvqk2UZh39GDagLI1MjUfmxrB1Yy0zLoCFG_9pcGj4Yni7_elkyh6Vro8KXYGAOROZGzEe3pRRTQy2ohwOaM-pBAR-cV35CSU2wi-uOVP6mp2wHns2ovWs22yFkpzXuaX-MC6J7jcHZqMTSG1tpB1sQ' \
-d '{"resourceActionId":"3d374434-844e-475c-8a37-08a4bd60420d","path":[{"resourceId":"9034960d-7931-4aa5-ade3-6661d7ca1fa3","resourceTypeId":"f9959589-0aa2-4d1b-a477-073b99994e1e"}],"anonymous":false}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 669
{
"id" : "ff192853-7ed6-450f-baef-1e3108848078",
"resourceActionId" : "3d374434-844e-475c-8a37-08a4bd60420d",
"createdBy" : "9530cb1a-ab36-4fdb-98ef-ce0411ae423c",
"createdAt" : "2025-03-27T20:44:15.056289Z",
"updatedAt" : "2025-03-27T20:44:15.056289Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "9034960d-7931-4aa5-ade3-6661d7ca1fa3",
"resourceTypeId" : "f9959589-0aa2-4d1b-a477-073b99994e1e"
} ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Test Action Test Type on/under Test Type 9034960d-7931-4aa5-ade3-6661d7ca1fa3 to All Authenticated Clients"
}Delete Public Grant
DELETE /public-grants/{id}
Authorization
This endpoint requires delete action on the public-grant resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants/ae1e6b41-4dcb-4bc0-8cbf-2d27b43e382e' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJsX3l0eDB5WnZZWGFaTkhVU3hPSGJ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImJiZWI2MjljLTE4ODQtNGU1Yi05MzEwLWZjZGZlZWVkZjZiNSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NCwiZXhwIjoxNzQzMTExODU0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX0se1wiaWRcIjpcImFlMWU2YjQxLTRkY2ItNGJjMC04Y2JmLTJkMjdiNDNlMzgyZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOTFjNTkwN2YtYzY1Yy00MzI4LTliMjAtZGI3MDNmMjNmYTA3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.T5ZLJv-hPXVOfE0hS8AWRC2G911ieOOxc319trrzqKSAKSsfku9m0I7My2RIL8srcB8mWwEMELE4-VrarG9J_J0MEYodlryTGGXqFCCbinuPMjdv4iNgEqQNwwV-Ir9PfWoMAgx25evwu7KWNvNlvpyiS0lfuKB5_tOGFLksI4Pkjlg7L8a36DRbKBll2ZY_z7Og6d_iri92ikUb2FtbcCCESI4cSaGYcxoyspiCIgUE3iGi7_vT6AymEs2nivWW5Q6-6rSaroAzPUo4iKmN1I1XpJwpWeWn-FsSi842K1b-uNrWkr15dRLk4uM0EME9_Y3eNqFphIP64HAx1XB6mA'Example response
HTTP/1.1 200 OKIdentity - Resource Action Grants
Find Identity Resource Actions
GET /identity-resource-actions
Returns a set of {@link IdentityResourceAction}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
{@link ResourceAction}s. For example, if the path is to Network X which is under Network Group Y, this would restrict the results to {@link CustomRoleAction}s that grant an action on any resource under Network X, an action on Network X itself, or an action on Network Group Y. Combine this query parameter with resourceActionIds to limit the results to the types of actions along the path that are of interest.
The path value must start with a domain code followed by a colon. It may then have a comma delimited sequence of colon separated resource type code and resource id pairs. The path structure must match that of the server defined resource tree for the specified resources in the specified domain. only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.
Authorization
This endpoint requires read action on the identity-resource-action resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
identityId |
Object |
true |
Filters results to those that grant to an identity specified in this set. |
resourceActionId |
Object |
true |
Filters results to those that grant one of the specified ,{@link ResourceAction},s. |
path |
Object |
true |
Filters results to those that target any resource along the specified path., |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].identityId |
String |
true |
The id of the identity to whom this {@link IdentityResourceAction#resourceActionId} has been granted. Must not be null. |
[].resourceActionId |
String |
true |
The {@link ResourceAction} that possession of this {@link IdentityResourceAction} grants to the linked identity for resources under the specified path. Must not be null. |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[].deletedAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was deleted. This will be null for an {@link IdentityResourceAction} that has not been deleted. If this property is not null, then the {@link IdentityResourceAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].path |
Array[Object] |
true |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. Must not be null. |
[].path[].resourceId |
String |
true |
Must not be null. |
[].path[].resourceTypeId |
String |
true |
|
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiIxOXFOM1d0Zl8tb0xDejM2ZUdWc093IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjQ1MjJiN2E0LWFmOWQtNGQ5OC05OTliLWIwNTYxYTIyNjE1MyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI0NSwiZXhwIjoxNzQzMTExODQ1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNzljZDAxYzUtODljZS00OGVkLWJlODUtOGVjZTgyYmMzMjhiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjQ1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.gMQxDdePmyPAgJl8ghpIVKgRd1FfNQ6hlkkg_Ba9mxmImTMp_2cJRMX9IoY5DG09XolBEbJQWB0yuexTjw1aPIMifbMOIrR76DXJU07bszmkIhASsmA07CmqYnISQAQwHx5hP8UtIfsJEiYugvKpqFgcerdlHsfgSMKSgtxzseZYNxtCRaAvHw7muXs4ZjdVMhzTv-5tyXAri_HIqrZwUi1JxUzUhihMzN0CXdlfQlsL6usaALjDYKGRqcP_RJYR90W38apoYJUPflSIV71FahtsCC1pEsVJowofBIY10wq3R0HD9I-zALimaZ66zQL35FK_lUPP8su4J0ynDCP7sg'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1702
[ {
"id" : "3661b7c7-83b0-489e-9cc9-50bad7f3beaa",
"identityId" : "e5f14eba-5792-4a1a-bcf1-9fa176637dd5",
"resourceActionId" : "4322c960-9683-41bc-9e45-a6f09864cc8a",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:43.794861Z",
"updatedAt" : "2025-03-27T20:43:43.794861Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Read API Account Identity, All to identity e5f14eba-5792-4a1a-bcf1-9fa176637dd5"
}, {
"id" : "bad79e79-93ba-4a64-9ad4-472573495895",
"identityId" : "a17fffad-b448-4fc0-8e16-60baadc1d5ee",
"resourceActionId" : "0161de7b-e00a-4d90-ae82-a2d00fd8a643",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:45.674745Z",
"updatedAt" : "2025-03-27T20:43:45.674745Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Read Network Group, All to identity a17fffad-b448-4fc0-8e16-60baadc1d5ee"
}, {
"id" : "4b6c464e-03ad-4df8-8d95-3a83dc6bea59",
"identityId" : "fa06a740-21f8-480a-9e7a-1f759b506e0b",
"resourceActionId" : "d3126ecf-1291-44b6-9cce-9d8322804c82",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:45.723284Z",
"updatedAt" : "2025-03-27T20:43:45.723284Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Read Endpoint, All to identity fa06a740-21f8-480a-9e7a-1f759b506e0b"
} ]Get Identity Resource Action
GET /identity-resource-actions/{id}
Authorization
This endpoint requires read action on the identity-resource-action resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
identityId |
String |
true |
The id of the identity to whom this {@link IdentityResourceAction#resourceActionId} has been granted. Must not be null. |
resourceActionId |
String |
true |
The {@link ResourceAction} that possession of this {@link IdentityResourceAction} grants to the linked identity for resources under the specified path. Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was deleted. This will be null for an {@link IdentityResourceAction} that has not been deleted. If this property is not null, then the {@link IdentityResourceAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
true |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. Must not be null. |
path[].resourceId |
String |
true |
Must not be null. |
path[].resourceTypeId |
String |
true |
|
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions/8698e6b9-52bb-4a62-b488-4ea1b1378edb' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJUODlWeU1hZF9FMFJYNGdkVWRRVlhRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImJkM2M2ZTRhLTMzOTctNGZhYi04MmM4LTQ1Yzk3YTlmMzIzNiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI0NiwiZXhwIjoxNzQzMTExODQ2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiODgyZWI2ZWQtNzUyNS00YTA5LWI3MmQtNjY4OTBhMThmZmE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjQ2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.QRV91orAKIk-K__Z0Bt_zGpe0fGb6inm1RT8Vsk3ZvE1ZlAjKdJcvok5PuA2ARL76jiQ-9zryWaPyt7qexV5EPIn3V1YrG5yekgJt29vUsBtqNB5k-X1NOgw9HDThLDDrwwr9RWCWtsNEzsOYlheeHuaAxXnqT04jQzjTvRBdnL_c4bLQFUqTfMB-11wkuwVV7PERQVIK8EdnMJq8U0RC-hrU9AdEIjBqe_USEe60qrZwovdIM1AJbDt9WKwxgS-nTXtvIb4EoypQkGN5egdtbAm0QHTnxs7vL0a5DLCLOnPJRFoQ-PQrQHkvWdWFBnsgV15tleh11WUvw-nXPzRCA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 751
{
"id" : "8698e6b9-52bb-4a62-b488-4ea1b1378edb",
"identityId" : "af14bd97-cd6f-4e26-b51e-ac9d242e1d3b",
"resourceActionId" : "e5793b02-c1ce-4b17-a33d-c953a05a36ff",
"createdBy" : "daa734dd-bf68-4722-9640-9832528f16e4",
"createdAt" : "2025-03-27T20:44:06.722799Z",
"updatedAt" : "2025-03-27T20:44:06.722799Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "17c3fe1a-41fb-4903-a46a-40b594eb7d64",
"resourceTypeId" : "d35f18b2-97f4-4c32-b9dd-a2be77b25420"
} ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Test Action 5 Test Type 4 on/under Test Type 4 17c3fe1a-41fb-4903-a46a-40b594eb7d64 to identity af14bd97-cd6f-4e26-b51e-ac9d242e1d3b"
}Create Identity Resource Action
POST /identity-resource-actions
Authorization
This endpoint requires the following actions:
-
createaction on theidentity-resource-actionresource type -
readaction on theresource-actionresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
identityId |
String |
true |
Must not be null. |
resourceActionId |
String |
true |
Client must have |
path |
Array[Object] |
true |
Must not be null. |
path[].resourceId |
String |
true |
Must not be null. |
path[].resourceTypeId |
String |
true |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
identityId |
String |
true |
The id of the identity to whom this {@link IdentityResourceAction#resourceActionId} has been granted. Must not be null. |
resourceActionId |
String |
true |
The {@link ResourceAction} that possession of this {@link IdentityResourceAction} grants to the linked identity for resources under the specified path. Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was deleted. This will be null for an {@link IdentityResourceAction} that has not been deleted. If this property is not null, then the {@link IdentityResourceAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
true |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. Must not be null. |
path[].resourceId |
String |
true |
Must not be null. |
path[].resourceTypeId |
String |
true |
|
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJpZmp2OHptb3NuOXBTczVkS195Rm5RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjMwNTk2YzllLTE0MjItNDczNC05YzBkLTIyZGM2MTIwMTE5NyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI0NywiZXhwIjoxNzQzMTExODQ3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNmViNDU1YzItNTYzYy00MGMzLWI0OTQtYTJlYmI4Njk4ZTNiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjQ3fSx7XCJpZFwiOlwiZGUwMTY5NzUtNDAzMi00MzcyLTkxMGItYTY5YWRiNDJmNDY3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjQ3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.q5a2-2Nr1CXA75s8xfH0EgebuWtUEjzaD8tSZxirC9NCtH8b9Oxs-q7XeiLj9Yn9Gb9lZEMi_zbl47pOwnc2TBBpMdbdEuN9ZXsgpF33HrfEwjDH1J3YkFvWXWUknXrlLJvxdW9vUccRsN9u1nMT7Ecwa4z7JvCSehnoIAr4S9zyqzApBBJx3gLFwx1ZBGjir0gJCCroyddB0fv4B_UyRSWGXjU2-GlFZ8hkznGDnmwtE34EzHRy4C52JCODagFkj9LtC2S0QmSAIOt0R_NkaHvqr-kLm9oKHyWBFIlR5YFga_9GmmrWdcMLuZtRu6-iZtA4bZzQ_k6qETq1Y2If-w' \
-d '{"identityId":"5b4a6d87-088b-4f42-ba40-6e96166bf5a8","resourceActionId":"3d374434-844e-475c-8a37-08a4bd60420d","path":[{"resourceId":"b90da485-a75a-4242-9efa-a5fae2e7a98a","resourceTypeId":"f9959589-0aa2-4d1b-a477-073b99994e1e"}]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 745
{
"id" : "1af8d081-d3f6-4979-a3a8-a01385644152",
"identityId" : "5b4a6d87-088b-4f42-ba40-6e96166bf5a8",
"resourceActionId" : "3d374434-844e-475c-8a37-08a4bd60420d",
"createdBy" : "30596c9e-1422-4734-9c0d-22dc61201197",
"createdAt" : "2025-03-27T20:44:07.291962Z",
"updatedAt" : "2025-03-27T20:44:07.291962Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "b90da485-a75a-4242-9efa-a5fae2e7a98a",
"resourceTypeId" : "f9959589-0aa2-4d1b-a477-073b99994e1e"
} ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Test Action Test Type on/under Test Type b90da485-a75a-4242-9efa-a5fae2e7a98a to identity 5b4a6d87-088b-4f42-ba40-6e96166bf5a8"
}Delete Identity Resource Action
DELETE /identity-resource-actions/{id}
Authorization
This endpoint requires delete action on the identity-resource-action resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions/03136e39-40cf-4bdb-b777-10525adda737' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJwTFkyeGRoSS1iZVNoOTc4TDFxWVp3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNhOTI5NzU4LTk3M2MtNDM0YS1hNjc5LTA5NDQ2ODM4MGI5ZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI0NCwiZXhwIjoxNzQzMTExODQ0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNGVmNjIzMzYtM2FiMS00OWE1LWE5YmItNjY0YmRlZGI2NDY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjQ0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.RTXaMMuZSckqp6TPDlwF9K8uunoTTvwkctCQEYLva5oD7BVAAgu-xv3pxGpat98evq_tibIozIJ03qduS8pX7Rk1aNviVOZeIzZ7ubd0TeqDCSCG16SSxOd4lJcl0B2MUbNi7XgAADMkBZovZ2C-EO2xi7cVubqBDmniLZ5wZDW6CF4Zj075bs6QYF0iHv5QSaC11JomV-4pwYhjbxCgQbkO6K69umA65XyqAGJDELYsvJ5Q64mcd7UpUUfOpL3ydjI2cjkO0Hm9aUbbRdRbqzb1EiPH97t98PuDwSqKZVkaUnFXd4C24ZHWTyxAmyqD7Br76Tp6cP1Mh5hMw1k4Cg'Example response
HTTP/1.1 200 OKCustom Roles
Find Custom Roles
GET /custom-roles
Returns a set of {@link CustomRole}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
{@link ResourceAction}s. only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.
Authorization
This endpoint requires read action on the custom-role resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
identityId |
Object |
true |
Filters results to those granted to one of the specified identity ids. |
resourceActionId |
Object |
true |
Filters results to those that grant one of the specified ,{@link ResourceAction},s. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].name |
String |
true |
The human friendly name of this {@link CustomRole}. Must not be null. |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link CustomRole} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link CustomRole} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[].deletedAt |
String |
true |
The date-time at which this {@link CustomRole} was deleted. This will be null for an {@link CustomRole} that has not been deleted. If this property is not null, then the {@link CustomRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJKcTF4VEZHRVp2M0dKcVAtSFRrYUVnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImI5MzAzYWNjLWQ3NGQtNGMwOC1iYzJkLWZjMTE4NzBhM2RjMiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NiwiZXhwIjoxNzQzMTExODU2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOTQ1OGU4NTQtYjNlNy00YjQyLThiNDAtNTNiYzYxYmFhZjhmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.uL1U_ZBMtDyZHXSx2rJSV0Z8UB6WHl7RNbg2SuDKy2u-ZN15iS2GFrLfoCUkAK77eV9SdRafS7IgOv6F1CaVXuMMRc7JEdHmEujbSU6HhEhuo4GoSW9j4Yj51bAQAXuS0XsJheAD3-2jmiiPqeuVYwcBXIX9MffvFbyvPHDtYwr8yeWzoZaQV_wTg9nivSWRKJiRTlgPDTW4DadgMm5O31H8sPIuziZcBOJdBWNr6iP_noirRasxIIDJtqX6dsoVciLqSA1s99OwLBVxptbEqi0UzvGXukpwx6Y8bRmSHdbsK1hbCmHj5aTYIPK6vpRrpnpdueALWMH7zbMGWvkx4g'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1141
[ {
"id" : "8f1493a4-29ca-4b34-8d04-b6ef954b097c",
"name" : "Cloud Engineering",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:48.560125Z",
"updatedAt" : "2025-03-27T20:43:48.560125Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "Cloud Engineering"
}, {
"id" : "dedd9fb4-c0f5-42cb-8ffa-686a04ef8883",
"name" : "Test Custom Role 36",
"createdBy" : "d87fa3cd-6c7b-4044-bb36-02ca0b66d912",
"createdAt" : "2025-03-27T20:44:13.585707Z",
"updatedAt" : "2025-03-27T20:44:13.585707Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "Test Custom Role 36"
}, {
"id" : "765c0c9b-60b8-489b-97a0-16bd0f8be628",
"name" : "Test Custom Role 49",
"createdBy" : "70962909-c4f8-4f54-a389-20169789e3a6",
"createdAt" : "2025-03-27T20:44:15.854304Z",
"updatedAt" : "2025-03-27T20:44:15.854304Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "Test Custom Role 49"
} ]Get Custom Role
GET /custom-roles/{id}
Authorization
This endpoint requires read action on the custom-role resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
name |
String |
true |
The human friendly name of this {@link CustomRole}. Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link CustomRole} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link CustomRole} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRole} was deleted. This will be null for an {@link CustomRole} that has not been deleted. If this property is not null, then the {@link CustomRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/765c0c9b-60b8-489b-97a0-16bd0f8be628' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJ4UEFUQ3BFc09pWFR1VDJMcGJEQ2hnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImMzMjcwZTU3LTI3NWUtNDFlMy04ZjMxLTRjNDU4YWRiOTliZiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NSwiZXhwIjoxNzQzMTExODU1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOGU0Mjg2ZjctY2RhZS00MThkLWEyYTAtNTYwNDdkNTAxMzM0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.QvOrgjR2-yyI6EqeEi1vojxyeGMNPSOcma9oBYyTwZaourUDjWFsSOgFh6gxScBoicFL8z8rqHSRjyzLP20waXD_NwZBgnCdoy0L8oniizesfzXhR_-qJ2dlQejRkrcwo1HSiE4pIbK0Jq9lT7axjSAjfo2nKya7xlr-b_NzjD96opzKRKk7bWZK9hWQolj0zAoQdhrLHbF7rHjhbGcZhTMrwhWcT5_aPsWVaaBXSKon-bigYH-V4tAghddeGNVCnrXZStdQPXXad9CrT2Bq6nPvCTNnYCuN_p8vIuBvhmdYygUVbF95orA453cIyYl5IJi3hdvZJka-wz0rHC7Kow'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 379
{
"id" : "765c0c9b-60b8-489b-97a0-16bd0f8be628",
"name" : "Test Custom Role 49",
"createdBy" : "70962909-c4f8-4f54-a389-20169789e3a6",
"createdAt" : "2025-03-27T20:44:15.854304Z",
"updatedAt" : "2025-03-27T20:44:15.854304Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "Test Custom Role 49"
}Create Custom Role
POST /custom-roles
Authorization
This endpoint requires create action on the custom-role resource type.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
name |
String |
true |
Must not be null. |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
name |
String |
true |
The human friendly name of this {@link CustomRole}. Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link CustomRole} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link CustomRole} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRole} was deleted. This will be null for an {@link CustomRole} that has not been deleted. If this property is not null, then the {@link CustomRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJlbVJ3SXdaZlZBdExkT1RCdHV3M2dRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjczYWVhYTBiLTVlNzctNGUzZS1hMzczLTg4MzNmMmZkZWM3YSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NiwiZXhwIjoxNzQzMTExODU2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjVlMTYwM2MtOTVhMS00YWM4LTg4MjgtYjM5MWM3YWU5M2I4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.J-SlwzMa2fr4Od_PqOyt3Pw99ay_3BjZSReuUhFjSNuNG-DtyLGnnENT3kXdfbsrLgdKdmzjeHQ_MU9hZMbyNjCIkzFLs9cYbledNwhUJUj0KuaYGfmPonNbAhx7tNAfPTjyDIY2okT_LG3shwzlK33P0ApN9xTLaBS97LlPsy7fARB9zNAc0n8vInh4QXu7m30LkjlADWHLJDxGede3VUjdG4YT-ofUt92hf6qg-0FylvhCkFvDlDPrC6ESWgzhbd7LikEP_RMCe4hFP6xoGrNe_HkzwdMYElJ1BBRNjHJxdE02gpLH90AZJQNaGMiANV34HZTivj9wjDinNpkjZA' \
-d '{"name":"Test Custom Role Create"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 387
{
"id" : "e6b96670-a9f8-49ae-94e4-f52ec9ddefd6",
"name" : "Test Custom Role Create",
"createdBy" : "73aeaa0b-5e77-4e3e-a373-8833f2fdec7a",
"createdAt" : "2025-03-27T20:44:16.416009Z",
"updatedAt" : "2025-03-27T20:44:16.416009Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "Test Custom Role Create"
}Delete Custom Role
DELETE /custom-roles/{id}
Authorization
This endpoint requires delete action on the custom-role resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/e0ba2f14-17e9-47a6-9f6c-87ab40da2d5c' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJMLWdkWUlZTUNkaTRGSjQ0WUY5Z3BBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImEwZTRlMTdmLWQxZjEtNDdkMC1iMzg1LTcwNTJkMWZiNjk0NCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NiwiZXhwIjoxNzQzMTExODU2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOTIxYWM2ZTQtMDUwZi00YjIyLTkzNGUtYTJjYzgxMTliNDYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.hv9pADSxxATaXw-v9vFl5OnxqOMQu2m2QxDpt9eShFwOEDg7SviqxM8hm5DwZz6AYRtgtRgYsqApTER9V62wToehhSPOnMrVP0VybQ4c3mjDhtNzOK1j3XeYxt3KkFdViDUXgTKrhb4EFOuvIYWXnHNmvZ-i4vfim7lAqXLk-arbhLXqqN9KagEfdR8WV-IS6Jn6d4ugYjrYxQD7KDQX05ighK09eOl0F74_w3WN1U31fWTLAxJE5Sxza6t1Icj8tl5S-8-cxwS-Rcy-0sXlcc3SswqbMvfSlVg9dpi0oqDluFZhfa9mq0_CLYxX70TK2w1Tg0ny7YRJwvg32JkncA'Example response
HTTP/1.1 200 OKGrant Custom Role (deprecated)
POST /custom-roles/{id}/identity-grants/{identityId}
Deprecated.
Deprecated. Use {@link CustomRoleGrantController#createCustomRoleGrant} to grant an identity a standard role.
Authorization
This endpoint requires the following actions:
-
readaction on thecustom-roleresource type -
createaction on thecustom-role-grantresource type
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
|
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/c4f48e3c-401d-4ffd-a8cd-cdb664fa06ee/identity-grants/9f5c6c56-b468-4b59-bb9c-10c1d8855249' -i -X POST \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJTaWpwSHJCVldjYm92Z29wOUxDOFZ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjczYmI4ZDg3LWQ2NjQtNDRmNS05OGRhLWFiYmMyZWQzODc0MiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NiwiZXhwIjoxNzQzMTExODU2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMjhmMTA5ODctMzc2Mi00OGViLTlkNzQtMzExYzkwNDMzMTNhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU2fSx7XCJpZFwiOlwiMjc5MjI3ZmUtZmM0YS00MjEzLTg3YjItNTcwNzA5ZDNkN2MyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.A7PiP-HpKxLCZkOUDRZDQUuKDuf1zTMiIZmXgXAgmG2ZiMz9sjhmNzgJcoV8FcabhUmUtWWysr1ih-UWykEwQkhCTApcn0D2eio0GdusAR_Z1H0-ziOr8WcwVDqRIQ5U8Bu4N7-KZOa8B2D3c0umB3feaUA-r-gqdTXmTxR-pjT3DVes5p4rQeJtr-m_3Og_VnN5S9G7xYMu3L8NTF7899s81P0UYC6JL_iM6kIz1lbqrjv4k5u74coNfliU8QKX5y4uugQBp64VlXlZORPm3X2JNff1N506fpCOlCeYganDW6tZZL04goRlNnsAHBuaLLi0iLePBVhZ_37QFxmSZA'Example response
HTTP/1.1 200 OKRevoke Custom Role (deprecated)
DELETE /custom-roles/{id}/identity-grants/{identityId}
Deprecated.
Deprecated. Use {@link CustomRoleGrantController#createCustomRoleGrant} to grant an identity a standard role.
Authorization
This endpoint requires the following actions:
-
readaction on thecustom-roleresource type -
deleteaction on thecustom-role-grantresource type
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
|
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/1ddc1462-2bb1-4623-86be-2bcb561ef7b9/identity-grants/81c6b89d-9549-439a-b448-239d3ae829bf' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJlU3R1ZWtkQnZ1Z2tDZXR5aTNlWVJRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImZhODExYWMxLWZmNTQtNDE5Zi04ZWQyLTNjYjcxYzM1NGUwOCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NiwiZXhwIjoxNzQzMTExODU2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZDc5OTNiNWMtZjg2NC00OGM5LWIyZWMtNWZhMThiN2ViMTc0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU2fSx7XCJpZFwiOlwiNTkxM2RiNzgtZjM3Zi00NzdjLWEzYzQtMjc5MTVjNjQ0NzJjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.luXFd7LCZBlRmsYSj47MnTduIsQ6GMbEhMqwTu1MoqG8j0buwl8cxP8rjrXwy94-O2H6Lj-C3Vgyuh0oxMsQgvYfNdpQRXMMQPw0aA69MXI5w0NcwQsk3ALtZhChNVTrhrxusSnBfe23d1AOLTVeMGbII98DY4QMeUzINW32dz2aRzLAMU5tdCB9Zu50W07FeBAJZAEra0z77yKmCAKpuyh8UZ3Mp4lcqrNj3Rq4N-rsOBf0jQEqZpRfL9mVPUZSxGQ20C_lYO3JA_Ji2XaoEYe916mCyGdq__g3NJuMMM73YWZs1gSlkP7xg30MipmPFBcaGXpDyyIJLeDl44YE6Q'Example response
HTTP/1.1 200 OKCustom Role Actions
Find Custom Role Actions
GET /custom-role-actions
Returns a set of {@link CustomRoleAction}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
{@link ResourceAction}s. For example, if the path is to Network X which is under Network Group Y, this would restrict the results to {@link CustomRoleAction}s that grant an action on any resource under Network X, an action on Network X itself, or an action on Network Group Y. Combine this query parameter with resourceActionIds to limit the results to the types of actions along the path that are of interest.
The path value must start with a domain code followed by a colon. It may then have a comma delimited sequence of colon separated resource type code and resource id pairs. The path structure must match that of the server defined resource tree for the specified resources in the specified domain. only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.
Authorization
This endpoint requires read action on the custom-role-action resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
customRoleId |
Object |
true |
Filters results to those from one of the specified ,{@link CustomRole},s. |
resourceActionId |
Object |
true |
Filters results to those that grant one of the specified ,{@link ResourceAction},s. |
path |
Object |
true |
Filters results to those that target any resource along the specified path., |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].customRoleId |
String |
true |
The {@link CustomRole} that this {@link CustomRoleAction} belongs to. This {@link CustomRoleAction} should be granted to any identity that is granted this linked {@link CustomRole}. Must not be null. |
[].resourceActionId |
String |
true |
The {@link ResourceAction} that this {@link CustomRoleAction} confers to the identities that hold the linked {@link CustomRole}. Must not be null. |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[].deletedAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was deleted. This will be null for an {@link CustomRoleAction} that has not been deleted. If this property is not null, then the {@link CustomRoleAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].path |
Array[Object] |
true |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. Must not be null. |
[].path[].resourceId |
String |
true |
Must not be null. |
[].path[].resourceTypeId |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJUeGxtenJFLTRYMUgtcGpZMzc5OFVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImRlZDVjZmRlLTBjMGYtNGY4MC05ODIxLTI1YWMzYmJiZGVjMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MywiZXhwIjoxNzQzMTExODUzLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZDMwNzA2YjctNDdhMS00NzYyLTlhMDctMmE0NzZiNjNhMDhhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUzfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.fMjjk54rvea7v5xpXYI9_vcaW61romaM3FqRBYdoUdQFZyoj-gz8__9wSMxub_2lh6ktvutXE6Cm9GHClyYIUeeIZ3UsDfcl29dOvloGOY8tru1vTklpbuyx7pTRPnvkd_NLoC4_S_ru_Y1d-pJuxJ5zIVwCfcYYTx_mCLXZFIM2n0sHFfaJsoxqiG5x1nQGRVMMSD3OcijY7WqTGOPtNJoqa-cFjgCAswTBBwIA1GW3o5dIdGPu9e6d3BjIshPwYBavC5ry45n7uhkpjEULpgdNgVtCGoMiJkr4y-MyoUiiP46q3kOlQvKhoBWOWbfXn0bSUWDjvodZAF5d7b22sg'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1281
[ {
"id" : "2d66d28d-2a56-449e-9668-fcdb2de70a66",
"customRoleId" : "97315ed6-2fc7-4a40-b7ea-abe53cc6a188",
"resourceActionId" : "40c137f4-8a9c-4073-8770-84a9bd37082e",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:48.399980Z",
"updatedAt" : "2025-03-27T20:43:48.399980Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"_title" : "Update NetFlow Collector, All"
}, {
"id" : "ad0a3f42-b1c2-49a2-acce-22ceffcfe989",
"customRoleId" : "97315ed6-2fc7-4a40-b7ea-abe53cc6a188",
"resourceActionId" : "634f5b4d-ad42-46e9-951a-4eb071dfe17a",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:48.399980Z",
"updatedAt" : "2025-03-27T20:43:48.399980Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"_title" : "Update Network, All"
}, {
"id" : "672a7e1c-c5d5-44f9-a593-537f27413f55",
"customRoleId" : "668720a0-531a-44fc-b196-4d3dbfba73eb",
"resourceActionId" : "cc4777ba-d2ca-4b72-8dfe-60298e79bbb5",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:47.371094Z",
"updatedAt" : "2025-03-27T20:43:47.371094Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"_title" : "Read Payment Profile, All"
} ]Get Custom Role Action
GET /custom-role-actions/{id}
Authorization
This endpoint requires read action on the custom-role-action resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
customRoleId |
String |
true |
The {@link CustomRole} that this {@link CustomRoleAction} belongs to. This {@link CustomRoleAction} should be granted to any identity that is granted this linked {@link CustomRole}. Must not be null. |
resourceActionId |
String |
true |
The {@link ResourceAction} that this {@link CustomRoleAction} confers to the identities that hold the linked {@link CustomRole}. Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was deleted. This will be null for an {@link CustomRoleAction} that has not been deleted. If this property is not null, then the {@link CustomRoleAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
true |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. Must not be null. |
path[].resourceId |
String |
true |
Must not be null. |
path[].resourceTypeId |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions/3a310a06-8d84-40b1-ac4e-8589bdb1e2f5' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJfNUN4VjBZbnc2OHY5czBDMDZTRExRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjdiMDQyMGU1LTY2MTMtNDIxMi1iN2NjLTU5YTRkOTg3MzQ3ZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MywiZXhwIjoxNzQzMTExODUzLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZTdiNWJhNDYtZTEzMS00YmU3LWE3YTAtYjU0OWRiYTZkYzZlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUzfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.cFT5kgpUNWwy9Yn9w-y90B8ovmLqwm9_r4OHgJjvhlp46OA0KTc7rhBbTcvLsxSPE1PxDrOYZ2YmiYmkTgvOQn4Evcc_5NMah5Oq6lzEC3-NqGpLsMtlbyH8t3pnCxDARt9MoO9j4yB41DzTPyabf6kLF0Ar3QwNEW6dobn77Sp-08hWqsZz8K6xm6VGMf349ZB3UtvfQLKQNfWJo8MWZjspKkH15jcmg3k8WdaXgoUiG1rAG8fKlD6dGyx4ihLZxpb4OmECrJrJkbjEcbXLiO1ye7N_vYtFYZ19If3BQ3cVjqIPCZMYLwsC0hCyzl74Xc2N63i7h5G1QKpTxO2FZA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 613
{
"id" : "3a310a06-8d84-40b1-ac4e-8589bdb1e2f5",
"customRoleId" : "6afb16a3-207b-4c3a-92c6-65bf04facc4d",
"resourceActionId" : "f79e9488-a0e2-4d95-b6aa-be68d5f2dd62",
"createdBy" : "20086706-b067-4152-bd58-faae56c51e9f",
"createdAt" : "2025-03-27T20:44:13.232904Z",
"updatedAt" : "2025-03-27T20:44:13.232904Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "35f0fd61-6878-44ee-9ba0-bafa7547ee1c",
"resourceTypeId" : "5e63d424-1ffa-4f89-880f-d1d28e3a032e"
} ],
"_title" : "Test Action 35 Test Type 34 on/under Test Type 34 35f0fd61-6878-44ee-9ba0-bafa7547ee1c"
}Create Custom Role Action
POST /custom-role-actions
Authorization
This endpoint requires the following actions:
-
createaction on thecustom-role-actionresource type -
readaction on thecustom-roleresource type -
readaction on theresource-actionresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
customRoleId |
String |
true |
Client must have |
resourceActionId |
String |
true |
Client must have |
path |
Array[Object] |
true |
Must not be null. |
path[].resourceId |
String |
true |
Must not be null. |
path[].resourceTypeId |
String |
true |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
customRoleId |
String |
true |
The {@link CustomRole} that this {@link CustomRoleAction} belongs to. This {@link CustomRoleAction} should be granted to any identity that is granted this linked {@link CustomRole}. Must not be null. |
resourceActionId |
String |
true |
The {@link ResourceAction} that this {@link CustomRoleAction} confers to the identities that hold the linked {@link CustomRole}. Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was deleted. This will be null for an {@link CustomRoleAction} that has not been deleted. If this property is not null, then the {@link CustomRoleAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
true |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. Must not be null. |
path[].resourceId |
String |
true |
Must not be null. |
path[].resourceTypeId |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJiZmtsaVRBdjZQRTBLUnZQcWZkVGVRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImE4ZjVhYTkxLWI5ODYtNDRjYy1hYWQxLTFlODViOTJjYjQ4OCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MywiZXhwIjoxNzQzMTExODUzLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZmUwMzU2NTAtZDY1NC00MWUwLTgwYTItNzIzOGEzOTQ0M2QxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUzfSx7XCJpZFwiOlwiYWU2YWM0OWQtZTAzNi00Mjg4LWFjNGMtNWIyN2JkYTkwOWI3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUzfSx7XCJpZFwiOlwiNWI2YzE2NzQtYWMyZC00ZDZmLWIwYWUtMWYyYTNlYjZlYzhjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUzfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Rg9rM58vh7Wgg0qmUG6JgFNXb6L13R-OnCi1WLHw2TSLvfTw21osMfadKdBfbU-Dx3_6wcyA_gHDrqOkNnHCk-DIW9FjhT6_ISKYxGI-caXGSwVQBoSFRZpYRdtXmA4TgFzK2J2EkhbUm8roAyV9_KweTMqhz6Zc8LecYwmlHcdM6bbK4PucVoEah2apN5hYnHqzOFuo3uIiDWU7IdizhJn-2s4fbJD3SH9aDwTxgDWYfigK5_tj9GuOtV-lvkmPSiJBGOFPIpW6L8Oh981yroztdVL6pSU-RFeg-JWCXf4GX_hLkNU3LVvyckgYpUbSi3fn-Rh9V08-tTjHF68ycg' \
-d '{"customRoleId":"4e0a668f-9c0f-48f0-b809-a0c6f5b62adc","resourceActionId":"3d374434-844e-475c-8a37-08a4bd60420d","path":[{"resourceId":"86226e2d-2e29-4d02-bcae-2fb000b278a9","resourceTypeId":"f9959589-0aa2-4d1b-a477-073b99994e1e"}]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 604
{
"id" : "81259924-b74e-45a0-b4ec-980ff4fc6958",
"customRoleId" : "4e0a668f-9c0f-48f0-b809-a0c6f5b62adc",
"resourceActionId" : "3d374434-844e-475c-8a37-08a4bd60420d",
"createdBy" : "a8f5aa91-b986-44cc-aad1-1e85b92cb488",
"createdAt" : "2025-03-27T20:44:13.114698Z",
"updatedAt" : "2025-03-27T20:44:13.114698Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "86226e2d-2e29-4d02-bcae-2fb000b278a9",
"resourceTypeId" : "f9959589-0aa2-4d1b-a477-073b99994e1e"
} ],
"_title" : "Test Action Test Type on/under Test Type 86226e2d-2e29-4d02-bcae-2fb000b278a9"
}Delete Custom Role Action
DELETE /custom-role-actions/{id}
Authorization
This endpoint requires delete action on the custom-role-action resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions/1f23e7b4-063e-479e-a6eb-a507982947ba' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiIwOEl0UzJrQUZVVXU2VUhJS3BDUHhBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImY2MDNhY2RmLWFiNGMtNGU1My05Y2ZlLTQwNDExMmY3NWYwZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MywiZXhwIjoxNzQzMTExODUzLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZWI3OWUxYjQtMDE5ZS00NDdkLThkZDgtYjM5MGEzMTEwOGQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUzfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.V-xklGKQMgkISzfMpidPIfVHI45fZQjx6s5E98wSuNp3M0OaUy5AVfLUBsodwzR8GZ9gCJgBCghtXCioT9XwOT2WMKxLe_bucwRfxxQMbJaXiTLMQXWQYs3NK8RXa9OYCWEp7D40H9IUBFQaDPQltdyfJhvZ-kH_83f7fSfEQTk6XKE7t-fdd2SyiSm_pZGcqRIMWSRwIYk1s-_9EJoKFgmRDCUPWEUZRUPyT4CnZI5_kZsVfJeVgRms2PdkLh2MCZYhN0quC4vq6GS6_EIwuTUqhSayJwwYnWBs9UlwTEnpNEXZcKPq_58nvHc5LdQXgqz3vuDixA86QoOO7qOfYQ'Example response
HTTP/1.1 200 OKCustom Roles Grants
Find Custom Role Grants
GET /custom-role-grants
Returns a set of {@link CustomRoleGrant}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.
Authorization
This endpoint requires read action on the custom-role-grant resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
customRoleId |
Object |
true |
Filters results to grants to one of the specified ,{@link CustomRole},s. |
customRoleIds |
Object |
true |
Deprecated.. |
identityId |
Object |
true |
Filters results to those granted to one of the specified identity ids. |
identityIds |
Object |
true |
Deprecated.. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].identityId |
String |
true |
Must not be null. |
[].customRoleId |
String |
true |
Must not be null. |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[].deletedAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was deleted. This will be null for an {@link CustomRoleGrant} that has not been deleted. If this property is not null, then the {@link CustomRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJfQmh1dXhGMHplRlR2bWFfWkFBa2xnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImIwZGVjNjA5LTllMzYtNDcwNi1iYTY2LWJiMGU0YjdhNDg5ZiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NCwiZXhwIjoxNzQzMTExODU0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZGVkYzIzMzgtMmMwYi00MDliLTgyNTUtYWViMzZmMDA4ZmZjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.pv4pd_YYNaynBczlM9zy0aTm73aM7R6t85oEon5o2omaYDLYpBiw4xf3JRYtONtRpS_53bHwyNLMNl6ths68boMEgSQQCNlV7LZ77ahEe5gnwbBt7UVLrLNIB2nLvvfTJbUlr8gppdIz1t9styAMGaaoWUgbyYUw2_Vsvcz0B695aWdsr6xMSJ0s2crZ9aojTg8w2504KPuxA5aezQNRBzzfe5ON354qsmxJVtcNB4i3H4WQXx5qy88x-8HfnTXYXF9utnsgU1bsvB_kcwMnoVV0cDLmgxpm_DaUHsVQmpjM1oDxMLQ9uf2fSIHEAzL1QmeNqjTiNU1DUzXfROSF6g'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1415
[ {
"id" : "1305db42-4d34-49b5-98f8-f12a764c775c",
"identityId" : "6b41cd7c-1898-48a6-98b7-f634c364db27",
"customRoleId" : "233ae92e-4b5d-4cab-9549-5d55fd1cbf6c",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:44.262403Z",
"updatedAt" : "2025-03-27T20:43:44.262403Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read-Only, ALL Auth Domain Resources to identity 6b41cd7c-1898-48a6-98b7-f634c364db27"
}, {
"id" : "0e052eaf-d439-43a8-a31f-dc011f0647a4",
"identityId" : "8c86e52a-f2b1-426b-aca8-86dec4ebed48",
"customRoleId" : "233ae92e-4b5d-4cab-9549-5d55fd1cbf6c",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:48.549745Z",
"updatedAt" : "2025-03-27T20:43:48.549745Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read-Only, ALL Auth Domain Resources to identity 8c86e52a-f2b1-426b-aca8-86dec4ebed48"
}, {
"id" : "33ddf684-2b66-4e3b-9f91-ed3c0d83c869",
"identityId" : "50f24a8c-4845-4b69-83a9-00d53f1d7da2",
"customRoleId" : "233ae92e-4b5d-4cab-9549-5d55fd1cbf6c",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:44.262118Z",
"updatedAt" : "2025-03-27T20:43:44.262118Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read-Only, ALL Auth Domain Resources to identity 50f24a8c-4845-4b69-83a9-00d53f1d7da2"
} ]Get Custom Role Grant
GET /custom-role-grants/{id}
Authorization
This endpoint requires read action on the custom-role-grant resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
identityId |
String |
true |
Must not be null. |
customRoleId |
String |
true |
Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was deleted. This will be null for an {@link CustomRoleGrant} that has not been deleted. If this property is not null, then the {@link CustomRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants/4434c8d1-03cf-4a6a-a6c7-152b43adcebf' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiIxT1VYQzR5aHZ3UUhhNVpWVUo4MEx3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImVkMzMyYjEzLTk4MTktNDA2Zi1iMzA3LTFmMWZjYzhlYWRmYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MywiZXhwIjoxNzQzMTExODUzLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMDdmN2MwYTAtMjhhMy00YzQwLTk4ZmUtZWQ4ZDMyZWQxODEyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUzfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.fxcJrkHq8mmkiNTC17mOoP1bEvHf1K0QNy_VuYlFidviqnfAr7gfEdCButoO_2RtqSz4cf_9b9ikJGka3HyDU6o8_6lgoE20_sp1OSjOlsQYfvwINIqgslEdgZnrEaFjhpN3eagpJeDTkKHhnpcCkelHe0VMPrfI9fPVgGorpuMydcsH4y-Y5mSv_S_zd-7o5tMRO3kR4Hx0zQ9-S-85idxw70TrTvMRhn2b474lKa_lzqUf0gcUTWmGmc1IWRcFZUmniG2T7tVGudVpMFdwSobc1xR0yZjQIZzuDBHv5O93TPuUJXSE_GY_ofuh5nLtJYG4X11WYuYJJ05PEW_d8w'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 452
{
"id" : "4434c8d1-03cf-4a6a-a6c7-152b43adcebf",
"identityId" : "5635f892-1188-490f-9a9f-7ad5e65b350d",
"customRoleId" : "a4fa786e-6dcc-48d0-a168-85c60d375842",
"createdBy" : "fe8a22ee-f24f-431c-99fe-df1a97ff762e",
"createdAt" : "2025-03-27T20:44:13.800984Z",
"updatedAt" : "2025-03-27T20:44:13.800984Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Custom Role 40 to identity 5635f892-1188-490f-9a9f-7ad5e65b350d"
}Create Custom Role Grant
POST /custom-role-grants
Authorization
This endpoint requires the following actions:
-
createaction on thecustom-role-grantresource type -
readaction on thecustom-roleresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
customRoleId |
String |
true |
Client must have |
identityId |
String |
true |
Must not be null. |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
identityId |
String |
true |
Must not be null. |
customRoleId |
String |
true |
Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was deleted. This will be null for an {@link CustomRoleGrant} that has not been deleted. If this property is not null, then the {@link CustomRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJNeUhUMEVmNVVydnRpWjZFZFNqYURnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImJkMDI1YzYzLWVjOTktNDhjZi05ZTg2LWYyMmExZjkzMzQzOCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NCwiZXhwIjoxNzQzMTExODU0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMDZjNDNkOWItNWJhMi00ZTI3LWEwN2YtYmM1YTUyM2ZhNzA3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU0fSx7XCJpZFwiOlwiYmViYzdiMWMtOTNjZS00YzI0LWE5NjItZDI0M2NjMDhmNDVhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.CA02idUXdfkSUSjKBG8GULBPP4eXdLa1lR_aQ40uqB4xpf-hNH_BsxHxfbohq86BTsyCAyMcWuvp-Ny9tTWEp_9BJDQAJ279fcMWKYd4JqkJV_m9zz_qiyQ2426BL6h3mFwZEXL9EnKTBQ_SsMYaAa9skNkoQ98w5gYS2rqLJl4pbh02_RiqRMLYRngjeMC7l2Xn75E3FwXbHkkHmw_9vmM7yz5dWgtIRC2HooA388gYKdMK-3PcDeWeOG-guMKG_miSx4hksj5eEl9Ci5hyIYnHqbn1v3CcJIXBeoc9TSuOIe-z3nQ7SvWaHSjHFbtg4nXbZsvViN07CQdOA4dcXQ' \
-d '{"customRoleId":"6e73d572-6749-4217-8da9-37a9a41ba2f7","identityId":"b11d8f83-0d3c-48e5-bf74-6247b2082059"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 452
{
"id" : "84e6bbfd-be76-401e-b54b-bc78c9645252",
"identityId" : "b11d8f83-0d3c-48e5-bf74-6247b2082059",
"customRoleId" : "6e73d572-6749-4217-8da9-37a9a41ba2f7",
"createdBy" : "bd025c63-ec99-48cf-9e86-f22a1f933438",
"createdAt" : "2025-03-27T20:44:14.180770Z",
"updatedAt" : "2025-03-27T20:44:14.180770Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Custom Role 42 to identity b11d8f83-0d3c-48e5-bf74-6247b2082059"
}Delete Custom Role Grant
DELETE /custom-role-grants/{id}
Authorization
This endpoint requires delete action on the custom-role-grant resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants/48907963-3eff-41e5-b6dc-77697e55d7ef' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJuNDJpUW5zRjFXa0t2dkhxM245MVFBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjEzZjQxZjI0LWEyYjktNDA2YS1iODI1LTk5ZWU5NmNkZWNhNiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MywiZXhwIjoxNzQzMTExODUzLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNWJiNDA2NGEtYzRhNi00N2RhLTk0NjMtZTg0ZGVhMzg2NmE4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUzfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.FA9OfC-SklE21xZvY0QoT_DwFgPmpOHAeE8gvJy6G-4C-nomtcquxz1BGLPuMz-SfQ2AxZ0599fAYOT7uYfGB9noUp18iEaCAIPD4burUjMIY6BtJMcrRUjSVNWJXFIBvMHwAh9AYeHxhHNcksJdxjg5dN8HB_sU1N96hkRkT3xBlL0Lk4vIs_wyzJwbyYIITj_jVmI8OQjZiNQg9TWSQrCNqoUOJZpmiSoXYISfAT7_TlbQJdFQ5rM02f8VmJuwk4I4GSqEtY2K2j3vvEgL6kJmvyc9ZE9EoX9LhgZYaAOus4DzgBW1Xb-FN_sIV_nfe_KD9tNGpdyDsuhRtL24zA'Example response
HTTP/1.1 200 OKStandard Roles
Find Standard Roles
GET /standard-roles
Returns a set of {@link StandardRole}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
{@link StandardRoleType}s. identities. resources.
For example, if Network id X is passed, this would restrict the results to instances of a Network X Standard Role, such as Network Admin of Network X, Network Read-Only of Network X, etc. This would exclude Network Group Standard Roles, even if the Network Group contains Network X. For example, if the path is to Network X which is under Network Group Y, this would restrict the results to {@link CustomRoleAction}s that grant an action on any resource under Network X, an action on Network X itself, or an action on Network Group Y. Combine this query parameter with resourceActionIds to limit the results to the types of actions along the path that are of interest.
The path value must start with a domain code followed by a colon. It may then have a comma delimited sequence of colon separated resource type code and resource id pairs. The path structure must match that of the server defined resource tree for the specified resources in the specified domain. only those that are not marked deleted. When not set, defaults to false. To get both deleted and not deleted, make two queries.
Authorization
This endpoint requires read action on the standard-role resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
standardRoleTypeId |
Object |
true |
Filters results to those that are of one of the specified ,{@link StandardRoleType},s. |
identityId |
Object |
true |
Filters results to those which have been granted to one of the specified identities. |
resourceId |
Object |
true |
Filters results to those that specifically target one of the specified resources., |
path |
Object |
true |
Filters results to those that target any resource along the specified path., |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, defaults to false. To get both deleted and not deleted, make two queries. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].standardRoleTypeId |
String |
true |
The 'type' of this {@link StandardRole}. Must not be null. |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link StandardRole} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link StandardRole} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[].deletedAt |
String |
true |
The date-time at which this {@link StandardRole} was deleted. This will be null for an {@link StandardRole} that has not been deleted. If this property is not null, then the {@link StandardRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].path |
Array[Object] |
true |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link StandardRole} targets. For example, if this {@link StandardRole} is "ACME Corporation Account Manager" then this property defines the (id) path of/to the "ACME Corporation" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to this {@link StandardRole#standardRoleType}'s resource type. Both must target the same {@link ResourceType}. Must not be null. |
[].path[].resourceId |
String |
true |
Must not be null. |
[].path[].resourceTypeId |
String |
true |
|
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJWbFdqeFZvcTlxY0Nkalc5RDhXRmpRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjI1NmU5M2VjLWU4ZjYtNDA3ZC04MTU1LTU4ZGI3ZWY4ZTY3ZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MiwiZXhwIjoxNzQzMTExODUyLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNmE4NTkyYjctYTE4ZC00YjU4LThkNmQtZWRmNWNlNWMzMzA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUyfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.SyXF05NWdcksMCQWqNYIyKzlRbLlXXwrg7BwwV_SZFMUFAHn0BwiiCYjlgsB9K5GkaYnbaWTOysHjo2XZkiDSTyJ-FyamHNf-jyn7ochfQixpHGXSd20fsuWFxsN7apuZnL_Z--1j0YyedKcned5rOuAIe2Rh7qot3p6juOmKfshGZKKLbrvjj3ST5kGl4rPZ5W49XIhwpmqXePECSQEEjbph1b-AxQcRUp70BZmeLsyIMTjS0aaGnsq7AoaJXetb4kYL7MO7Y_3aUFVnivzzhXc2JUnjewDCWZ1UihF0qISZhixa5Whm8vkz3UN2JFkg6xk6HnSWEGlYuEVtACVSQ'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1927
[ {
"id" : "8389422d-87a2-484e-98a7-586da4e33db1",
"standardRoleTypeId" : "502d42b8-dae0-4fcc-bf51-792949696f80",
"createdBy" : "5753634c-d851-492e-9188-7c0ada4844f8",
"createdAt" : "2025-03-27T20:44:10.950285Z",
"updatedAt" : "2025-03-27T20:44:10.950285Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "a6e3dd8d-b789-4af0-8c43-0c0b405556b0",
"resourceTypeId" : "7ffca304-fa75-43be-bf7a-60c874733bc3"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Test Type 18 Admin - a6e3dd8d-b789-4af0-8c43-0c0b405556b0"
}, {
"id" : "19a208da-672c-4a3b-8cb4-848a9b0d612e",
"standardRoleTypeId" : "56a4b30b-8d6a-4b4b-b5eb-c3c22279cea7",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:48.446430Z",
"updatedAt" : "2025-03-27T20:43:48.446430Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "f0428619-11bd-403d-8b00-a463ff8aad84",
"resourceTypeId" : "42f35a22-ad2b-468f-86d8-224739c5d48d"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Network Group Read-Only - f0428619-11bd-403d-8b00-a463ff8aad84"
}, {
"id" : "ddd39147-0ce2-473d-93c7-25b1b404433d",
"standardRoleTypeId" : "8e94ca94-d3ad-4943-b7cd-7b42581da853",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:48.447515Z",
"updatedAt" : "2025-03-27T20:43:48.447515Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "52497172-eafb-450c-bb62-a6519d1a46eb",
"resourceTypeId" : "1f233aad-dfe6-4ea2-a8a7-027945725287"
}, {
"resourceId" : "cf53e966-a3ad-4e80-a5fc-380fe8d48e57",
"resourceTypeId" : "378572d6-97e3-4d8b-988a-f67daa04a8cf"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Standard Role Admin - cf53e966-a3ad-4e80-a5fc-380fe8d48e57"
} ]Get Standard Role
GET /standard-roles/{id}
Authorization
This endpoint requires read action on the standard-role resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
standardRoleTypeId |
String |
true |
The 'type' of this {@link StandardRole}. Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link StandardRole} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link StandardRole} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link StandardRole} was deleted. This will be null for an {@link StandardRole} that has not been deleted. If this property is not null, then the {@link StandardRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
true |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link StandardRole} targets. For example, if this {@link StandardRole} is "ACME Corporation Account Manager" then this property defines the (id) path of/to the "ACME Corporation" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to this {@link StandardRole#standardRoleType}'s resource type. Both must target the same {@link ResourceType}. Must not be null. |
path[].resourceId |
String |
true |
Must not be null. |
path[].resourceTypeId |
String |
true |
|
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles/18d4ded7-fd87-43bb-a497-c76cad4bedf5' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiIxeGNwS1hMMGluUTlHT3NHcUtNd3VBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImFiNzFhODkzLTFiODYtNDM1YS05NWMzLWNlOGFhMDA0MTRlNyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MiwiZXhwIjoxNzQzMTExODUyLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNTUzZjIxOGEtY2MyZi00OTQ1LTg4OGUtYjgwNWE1YjkyMTQ1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUyfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.R0sQHAu6eYrYyk31YfQSxw53_5hXV1CasAXVlQgNs3BaEidc7g_WYa1HzbaPl8yQZmt92G-Phf14lUX3mc920wLmx2ylqiHniA9Kd5fn1jumjpWqGHroYknf3DQSOGtqAPum9Y1yvwhZbytNhAdE2v0cCjWCs4U2_9FWGDoVp0dc0L2O_FBt5jC4XAW-rMApwfwYPqO5SLaBVrzSu8AHKDP5Vx-IDGFCUoRS8n1XwUqNR8lzCLYM7g_7DJOe5-BQMEyQgJwEWyTgGJfYFiXO3lS5dkIgO7itdSqeQfNtTKcZFCdSdPlyPttzkZ0i7eFqVQmJqxMJ6eEJ1lDLJOJp7A'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 595
{
"id" : "18d4ded7-fd87-43bb-a497-c76cad4bedf5",
"standardRoleTypeId" : "d767ab18-6f90-4c6b-a897-70767aac2d8d",
"createdBy" : "3c651d1b-8578-45ad-a1f3-830cf66fddc0",
"createdAt" : "2025-03-27T20:44:11.980306Z",
"updatedAt" : "2025-03-27T20:44:11.980306Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "bd27d12b-00c9-4252-9b85-6e568988fa68",
"resourceTypeId" : "cdec9cd7-7016-4c0b-b1da-8a3cb4b1537c"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Test Type 24 Admin - bd27d12b-00c9-4252-9b85-6e568988fa68"
}Create Standard Role
POST /standard-roles
Authorization
This endpoint requires the following actions:
-
createaction on thestandard-roleresource type -
readaction on thestandard-role-typeresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
standardRoleTypeId |
String |
true |
Client must have |
path |
Array[Object] |
true |
Must not be null. |
path[].resourceId |
String |
true |
Must not be null. |
path[].resourceTypeId |
String |
true |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
standardRoleTypeId |
String |
true |
The 'type' of this {@link StandardRole}. Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link StandardRole} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link StandardRole} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link StandardRole} was deleted. This will be null for an {@link StandardRole} that has not been deleted. If this property is not null, then the {@link StandardRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
true |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link StandardRole} targets. For example, if this {@link StandardRole} is "ACME Corporation Account Manager" then this property defines the (id) path of/to the "ACME Corporation" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to this {@link StandardRole#standardRoleType}'s resource type. Both must target the same {@link ResourceType}. Must not be null. |
path[].resourceId |
String |
true |
Must not be null. |
path[].resourceTypeId |
String |
true |
|
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJvUHV0WFlKOXEzeENvV3FZeWp4bXZnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImNjODlmYTY2LTllYWUtNDk3NS1iNDk2LTBjM2I5YzgzZTU2YyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MiwiZXhwIjoxNzQzMTExODUyLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZDc5ODBkNDItM2Q1OS00ZGExLThkYzQtYzM4Yzg1OWFiYjY3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUyfSx7XCJpZFwiOlwiZmU2YTM3MmQtNDBlNC00NzQ3LTgwZDEtYzE2MzFhNmJhMzkyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUyfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.vXtqtxWEOxH8bAsgrZkJsTs9DDt4PUWcpMa2nxo2bAYYXFTWaI7ge2yuiPBtZqShXYW3ye8sfUaK5Bm41QfyR36348ntyFN6GYMy-I5Vfz4eOayuH8gH6I2wonHa3t1G5ilItlfzJJwEOaouMir-7SHVAvLkyywRe0YxxTUFFRFZE7j3mdBcvsO39GJf9Eu943u0m0HJEEzybDTOb-rQecgJXg-sUCcyfJOk1OORC-rt5p60tmu81_lAG6l8MkfrWQNXq3t42_K5xDxaI9BrfcKiYWYZdcXXbEmQSHRcsUaVsvR0-FixEXB6yDSN0SYR4uSiLyfIx4dEtexpaTFD6g' \
-d '{"standardRoleTypeId":"9def7e1e-1abd-4ff9-8fd6-ed9ffe000128","path":[{"resourceId":"d7ac1072-a01b-4683-bd33-e5df349e1516","resourceTypeId":"b5547649-7bf2-4b4f-a3d1-4a27e8f1373c"}]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 595
{
"id" : "828d8aa8-3342-4618-9d30-83c92464d044",
"standardRoleTypeId" : "9def7e1e-1abd-4ff9-8fd6-ed9ffe000128",
"createdBy" : "cc89fa66-9eae-4975-b496-0c3b9c83e56c",
"createdAt" : "2025-03-27T20:44:12.390428Z",
"updatedAt" : "2025-03-27T20:44:12.390428Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "d7ac1072-a01b-4683-bd33-e5df349e1516",
"resourceTypeId" : "b5547649-7bf2-4b4f-a3d1-4a27e8f1373c"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Test Type 26 Admin - d7ac1072-a01b-4683-bd33-e5df349e1516"
}Delete Standard Role
DELETE /standard-roles/{id}
Authorization
This endpoint requires delete action on the standard-role resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles/498011c5-49cb-4ac3-be90-78866793f4a1' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJOaHpwRE5tQjRfRVRUR21adEVVZXNnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjI0ZmY5YjA5LTY0ZDctNGY0ZC04NGNjLTA5OGU1NGVmMzNkNyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MiwiZXhwIjoxNzQzMTExODUyLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiN2I1MTYxZjAtNDNhZi00NjM1LWFlNWItNDA5ZTE5OWUxNmNjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUyfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.R5PZKBaeFd66xfuyeZo6bBoxNkMwiBQR8H3V7BrDZf2DQIKOcjfnvdpqzRpJuTPVF56t2qlUINGYtiMIUV7MgorHkCp9jpYIkpGtPKzk7sKaB2DoA9pL3wlvmqGHwhXvJsHXFS1O40TAlm41E1M5nk9nlO53pk74YTUwLWkWRT4l8eihV6HwZRPAftcINssCWpNIFBzly9QbXZbasHyrPaHNjG8LxtPcJFtBZyBVRigmLoxfK5v6Vv2z6wcs7ViG40ebh2-ndcYMUBCeiaEZiwrVAthH88cMwNoAzjaykhgFfUL5md1o1pi6_ndlP6oqk0d4SyCML3gQ1J45q4J1Sg'Example response
HTTP/1.1 200 OKStandard Roles Grants
Find Standard Role Grants
GET /standard-role-grants
Returns a set of {@link StandardRoleGrant}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
only those that are not marked deleted. When not set, defaults to false. To get both deleted and not deleted, make two queries.
Authorization
This endpoint requires read action on the standard-role-grant resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
standardRoleId |
Object |
true |
Filters results to grants to one of the specified ,{@link StandardRole},s. |
standardRoleIds |
Object |
true |
Deprecated.. |
identityId |
Object |
true |
Filters results to those granted to one of the specified identity ids. |
identityIds |
Object |
true |
Deprecated.. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, defaults to false. To get both deleted and not deleted, make two queries. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].identityId |
String |
true |
Must not be null. |
[].standardRoleId |
String |
true |
Must not be null. |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[].deletedAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was deleted. This will be null for an {@link StandardRoleGrant} that has not been deleted. If this property is not null, then the {@link StandardRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJkRTZ5MzZJRnNWN1VLbURJMFpPaExnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE1MTE0MmYxLTdhNDYtNGEyZS05ZjMxLTdjZjVlYTQ2YTJkYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MCwiZXhwIjoxNzQzMTExODUwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMjAyYjA2MWQtZjU5ZS00NjgwLTk2MjctOTI3YTE0ZjQ5MTVkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.gfSjQWg24ZYjtUoBpFKa0Q_wmXTlha8yOqin2eABRlLvC1E_MrFGVLOrgHboDjn3q-npVYMy8iYo7FXgit6JW453A_cdTEJjKwgptrpRLUbWfsI8XxVvR1xr-2aJpRMQXfYae_wB9mSIzSSeaeDBFAMBWemLAT2w4-8VlfFMbmE43x1Kw0fk8DJlsD-TYxqABz2KLI3Os7v-8AoIwzPtHuFasozASV1AgDV4nWs1eGmXNCr9HpBzSJZcOTP_KWaHAX_c-8zSqX5pUPiw6sMaMEulLXbaXkPd4zpV--vKMKJUAiGSJsdBGO4IbUcVfF5_KqnE3DtNMTzRjA_kcbPBAQ'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 496
[ {
"id" : "480fb7a8-312c-49ab-8e9e-445372df83f1",
"identityId" : "179e1bf4-7594-4f6f-bde3-6a0d2a87e10f",
"standardRoleId" : "d967b8b6-3956-430b-ae5e-ef7d1b5b358d",
"createdBy" : "598781e2-32cd-4890-8a34-aa153099baee",
"createdAt" : "2025-03-27T20:44:10.636541Z",
"updatedAt" : "2025-03-27T20:44:10.636541Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Type 16 Admin - 965ddf6a-617d-4e64-8cf1-fb4d57f67027 to identity 179e1bf4-7594-4f6f-bde3-6a0d2a87e10f"
} ]Get Standard Role Grant
GET /standard-role-grants/{id}
Authorization
This endpoint requires read action on the standard-role-grant resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
identityId |
String |
true |
Must not be null. |
standardRoleId |
String |
true |
Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was deleted. This will be null for an {@link StandardRoleGrant} that has not been deleted. If this property is not null, then the {@link StandardRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants/03b2376f-6bf4-453c-8802-099690c5d85a' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiIyOE9rTUhyZTBFb25JQTVHclF4Y0RnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijc2YjIzMzhlLTNiZDUtNGUzNi04NGIzLTVlMjgzYjRlMjJiMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MCwiZXhwIjoxNzQzMTExODUwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYjEyMmYyOTctYWZkMi00N2NlLTk1MzktYjg1ZmE0ZTk4M2MxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.YmPWc96E-XI55BaVx9_-SNyO69gcihEjqKqk8OlwceWzcRJAlLR1vbSCw-2GE9q1ASXEXMZVjO9618m4vZdV3OZcpOI4_vzZStFPiJPQqWFmfEck5wkJux_uB9fBqDAsJuTIRqLTf__ot11E9GHWpL3DJIGWUFx6-PN4HZFalbuuSJktmpjO2yxCfEVnitcCYNm_RFmgjMWj3CGtaehbBEM2S5E2OSX6KRpjL9SjYm6WQoUyCy6h3LVLtSxhcZIXc-sNcAoxllgqLOCAFhxyrsA8OlqZR6wJz7STd6Zj7LNhhuZpQi5f9cyvTRGrLd7Bz4pclu1ZsHfDPWt4kn89og'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 492
{
"id" : "03b2376f-6bf4-453c-8802-099690c5d85a",
"identityId" : "7e369bbf-0e67-4e92-94e8-626a99c2b3eb",
"standardRoleId" : "8389422d-87a2-484e-98a7-586da4e33db1",
"createdBy" : "9dd432a4-d6e7-487e-a687-8180a780eacd",
"createdAt" : "2025-03-27T20:44:10.962910Z",
"updatedAt" : "2025-03-27T20:44:10.962910Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Type 18 Admin - a6e3dd8d-b789-4af0-8c43-0c0b405556b0 to identity 7e369bbf-0e67-4e92-94e8-626a99c2b3eb"
}Create Standard Role Grant
POST /standard-role-grants
Authorization
This endpoint requires the following actions:
-
createaction on thestandard-role-grantresource type -
readaction on thestandard-roleresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
standardRoleId |
String |
true |
Client must have |
identityId |
String |
true |
Must not be null. |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
identityId |
String |
true |
Must not be null. |
standardRoleId |
String |
true |
Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was deleted. This will be null for an {@link StandardRoleGrant} that has not been deleted. If this property is not null, then the {@link StandardRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiItdUQwZFpXaXItQzlEMVotNzF1WnFRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjU5ODc4MWUyLTMyY2QtNDg5MC04YTM0LWFhMTUzMDk5YmFlZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MCwiZXhwIjoxNzQzMTExODUwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjI3Mzk4NWEtYTUwZi00OWMzLTk1YjYtOTBhYTY3NzFhY2YwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUwfSx7XCJpZFwiOlwiM2RjMDE0YWUtODIxZC00OGMzLWIwYTAtNjQzNDJiMGNiNGJkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Ui2oSqf--9rWNGt65LlqLEqwAHHL8VYUucmM9vNqF055NCZxKzdfK5K8l2e5NX043hCknjyO8TW2VsTfOYAtSNbq_ln4vJ9FIN1uud5s1v6XDYE3x0yKtQ54tZWG6oxu2zoCI63E7ONkP4dAhSbXj0Q4T89qhor-2cV_OB89dGIZ11jnLX8t8pWlnGCHaB5qWGUAJ5Hvxm_7gp-XQ2quVt1LMr4sAvfMb8ck3Wgs11v_eXcLvCkTjWrCLzUjgILYQtFUnegFN_9WxRDCEVa1ICjoFr_pdcC831gaXdolGIimI_WiyqkMCmYTIYYKNa-fpmhJ5myrZGJIMoC3Q_51tQ' \
-d '{"standardRoleId":"d967b8b6-3956-430b-ae5e-ef7d1b5b358d","identityId":"179e1bf4-7594-4f6f-bde3-6a0d2a87e10f"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 492
{
"id" : "480fb7a8-312c-49ab-8e9e-445372df83f1",
"identityId" : "179e1bf4-7594-4f6f-bde3-6a0d2a87e10f",
"standardRoleId" : "d967b8b6-3956-430b-ae5e-ef7d1b5b358d",
"createdBy" : "598781e2-32cd-4890-8a34-aa153099baee",
"createdAt" : "2025-03-27T20:44:10.636541Z",
"updatedAt" : "2025-03-27T20:44:10.636541Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Type 16 Admin - 965ddf6a-617d-4e64-8cf1-fb4d57f67027 to identity 179e1bf4-7594-4f6f-bde3-6a0d2a87e10f"
}Delete Standard Role Grant
DELETE /standard-role-grants/{id}
Authorization
This endpoint requires delete action on the standard-role-grant resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants/7595fc6c-fa7e-4734-8de7-895593d5e897' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJqTEZtZEh5cVY2ZDJwZGhJa3dKYi1BIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImVhYTIzMGE0LTRhOGQtNDcxMi05ZmQ3LTlkZjhjZDViZGM1MSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1MSwiZXhwIjoxNzQzMTExODUxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMGI1NWY4N2ItMjBjNi00MWZiLWI5Y2ItOWJjZjFkMDU5YTI2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjUxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Yd_tUAqGAWsrvFVZs4KgYK9TQbbwcisLTRRjLXYGPGf424aLnc1XAQ1YfcQsO1hcJx6iIkj9tnJLIKK7ZEQS0q_7pzW_yd5jCOzDEErv6Lgb099YHITLhd_xj2O-Pms_58CiUH8_wNXKusCVIhYHPJhbLyXOBpFABIIlhFOdL477idyZbQ_W2tSDD8UcjMSPvFoBzt-rQnYXEUz7-4fsjnWnZpfqj33HF87RwBHYMBZt0eefaY6-oammyWvdaTLc5hgJOlJCvOboOl_-5kjHopi0qINZslctKesEx6AS8wio6PBy_MhOFo5yQ0zovue9A15hPaNqxyCDZdlb3F2WNQ'Example response
HTTP/1.1 200 OKStandard Role Types
Find Standard Role Types
GET /standard-role-types
Returns a set of {@link StandardRoleType}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
{@link ResourceType}s. strategies. by the specified {@link StandardRoleType}. In other words, all returned {@link StandardRoleType}s are logical sub-sets of the {@link StandardRoleType} specified by this query parameter.
Authorization
This endpoint requires read action on the standard-role-type resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
resourceTypeId |
Object |
true |
Filters results to those that target one of the specified ,{@link ResourceType},s. |
resourceTypeIds |
Object |
true |
Deprecated.. |
authorizationStrategyName |
Object |
true |
Filters results to those that are of one of the specified strategies. |
authorizationStrategyNames |
Object |
true |
Deprecated.. |
includedByStandardRoleTypeId |
Object |
true |
Filters results to those whose actions are fully included by the specified ,{@link StandardRoleType},. In other words, all returned ,{@link StandardRoleType},s are logical sub-sets of the ,{@link StandardRoleType}, specified by this query parameter. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].resourceTypeId |
String |
true |
Must not be null. |
[].authorizationStrategyName |
String |
true |
Must not be null. |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link StandardRoleType} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link StandardRoleType} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-types' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJaTGhVbW5MS1Q4OXFyNkV0bGJ1bG1BIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImNkMWE2YzE2LWNlZjAtNDM4MC05ZThmLTE2NmRmOWI1NjUzMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NywiZXhwIjoxNzQzMTExODU3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNmU4MmY4YzEtYmQ0Mi00Y2M3LWFlMzctMjE0MTM0MjYzOTA3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.CE-qh9qHeHQoNoX72of6zHl8fvrnpHFPHybkeQ-ybWGCG8FcjzLcrtBVwY5MKoXo_fhRQh7zjv2C-ejN49nvS_mcPfsq7eDSVdHsBjl2VahB_F9DfIWCbQCh2yNA9gewMBNtE6IyyDaRXF9ZHzympTOGv4DYT0lmNoB_5b5Qro_8w7yY7C61uL7AV3rx3Y6oFYPamr7J0Qft1r-sEjyMzfwgQEvxaV9xhs79jWv2EBWV2F3R7CD1X7OExftwVqxRzxJ-7yCFJF5t2Rffxjv15QJaQ_gK2MW760_oMqK7XnwgIOwoRRVgnj8OsRBr83J-h_pQv-2pI1VKO5-rgujoqQ'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1031
[ {
"id" : "8a931cd9-0bbd-4b8e-bf82-6ae2126640bc",
"resourceTypeId" : "db8b3458-efa8-483f-9c84-71fe2ee11954",
"authorizationStrategyName" : "Admin",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:44.313573Z",
"updatedAt" : "2025-03-27T20:43:44.313573Z",
"_title" : "Custom Role Admin"
}, {
"id" : "8305f2df-9d11-4b1e-a436-f618496aebda",
"resourceTypeId" : "db8b3458-efa8-483f-9c84-71fe2ee11954",
"authorizationStrategyName" : "Read-Only",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:44.313573Z",
"updatedAt" : "2025-03-27T20:43:44.313573Z",
"_title" : "Custom Role Read-Only"
}, {
"id" : "7f385621-15c2-401b-91ed-569b4b31c8fe",
"resourceTypeId" : "ffe9f01e-da52-4ab7-b73b-240c7fcb664a",
"authorizationStrategyName" : "Read-Only",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:43.349064Z",
"updatedAt" : "2025-03-27T20:43:43.349064Z",
"_title" : "Network Read-Only"
} ]Get Standard Role Type
GET /standard-role-types/{id}
Authorization
This endpoint requires read action on the standard-role-type resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
resourceTypeId |
String |
true |
Must not be null. |
authorizationStrategyName |
String |
true |
Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link StandardRoleType} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link StandardRoleType} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-types/060cf031-4ae6-4e3c-8438-46140ba9e01e' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJFSjI1cjQ5cnFoNTRxQXM2NExaWVB3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjZmYmE0ZGQxLTk5YWUtNDMxYS05MmY4LTE3ZGFhNTM0OGI4MSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NywiZXhwIjoxNzQzMTExODU3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZDc3ODA3MzItOTExOS00YjkzLTkwMWMtNWNiNGMyMmZhNGZhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.H49A6NuRPY2-8V-588RayJ-pt5uat9LE5c6eLuqdHSNixnHriZyBu-ZDz-xTKhgXOJ0vHtjsS5IWMqtW0zgWsHzmkN4I5d9EBhwtxTJxsU9E6mYb0GQJUF9jn4ULiReJKvnaLM99BfWv5ilEmTDFWBiONJzQnQ3VOamHUEFsJP-Y-w9lwUOp3M7gl0fiaBcv4LvpxJczdvUM6HeFdqW3n6p3YGoT4n0GSZRyOuL6B9lq6BK6k33NwoxBguEvYmkvF5cDiwPoCE1uDyaCfQaMIKxhZ6DWLAJP7IHq4UL8avFgvq9eWjfsNjuBuMi1MG5e9bXW5On9Ca1BKWelE1N--A'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 338
{
"id" : "060cf031-4ae6-4e3c-8438-46140ba9e01e",
"resourceTypeId" : "48fdc1ee-12f6-4290-bda7-211c69b17f9f",
"authorizationStrategyName" : "Admin",
"createdBy" : "a4520ea0-3013-45c5-95f8-f8a57e8dfd02",
"createdAt" : "2025-03-27T20:44:17.049331Z",
"updatedAt" : "2025-03-27T20:44:17.049331Z",
"_title" : "Test Type 54 Admin"
}Create Standard Role Type
POST /standard-role-types
Authorization
This endpoint requires the following actions:
-
createaction on thestandard-role-typeresource type -
readaction on theresource-typeresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
resourceTypeId |
String |
true |
Client must have |
authorizationStrategy |
String |
true |
Must not be null. |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
resourceTypeId |
String |
true |
Must not be null. |
authorizationStrategyName |
String |
true |
Must not be null. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link StandardRoleType} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link StandardRoleType} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-types' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJuS0ltX2VoN0pmUElsWFZBOC16OEZBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjRiMjA5ZjhiLTdmMzEtNDk4ZC05MGQzLWYwNWM5MmIwMWM1YSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI1NiwiZXhwIjoxNzQzMTExODU2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImZmMTkyODUzLTdlZDYtNDUwZi1iYWVmLTFlMzEwODg0ODA3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NX0se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImMxNGQxOTZjLThmMmEtNGVhZS05MzA5LWYyOWUzODliMzcxMlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODI1NH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZDJhNGEyNDMtZjk5NC00NzE1LThlY2MtYTgxMzQ2OTlhNDU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU2fSx7XCJpZFwiOlwiMmJjZGYyMDktMDhlNC00OTJiLTg2ZTItMjAwYWQyYjliYjllXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjU2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.ELVCSuV7sstVuQE1F4lslgZj-5rCfaXvFu9XioeSSXrvkaCgs1AW7VwgOUPGwV2nbIvcuTYWXqSgFhlbprlKLHJIxAZytenSDhc7wHSk-kHu-yimFE_Zbd2eEUuiK6vpeO6ef64CUweRS2PwPeThLiuG7Zv6v0lpzyXDZTHdhPwbvmHC27O2JJnCX9VKPj0b_2qHYQbq4rlY72H6iNF_c5ep91QhWNPuvW0xzwDEM1ftrwIvSJ_g3x6OEU3ZlFWfDi4vxbSSdo7Ax6zyIOAa80Yn04TVMzOOpN9bUeZwe3qZ79uDRbvEFr9vZLbZUjKhIv5uFktVAIA1e8Gs56ajpQ' \
-d '{"resourceTypeId":"f9959589-0aa2-4d1b-a477-073b99994e1e","authorizationStrategy":"Admin"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 335
{
"id" : "54dcca27-f532-436c-98fb-825098702f2e",
"resourceTypeId" : "f9959589-0aa2-4d1b-a477-073b99994e1e",
"authorizationStrategyName" : "Admin",
"createdBy" : "4b209f8b-7f31-498d-90d3-f05c92b01c5a",
"createdAt" : "2025-03-27T20:44:16.898031Z",
"updatedAt" : "2025-03-27T20:44:16.898031Z",
"_title" : "Test Type Admin"
}Resource Action Inclusions in Standard Roles
Find Action Inclusions
GET /action-inclusions
Returns a set of {@link ActionInclusion}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
strategies. {@link ResourceAction}s. only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.
Authorization
This endpoint requires read action on the action-inclusion resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
resourceActionId |
Object |
true |
Filters results to those that apply to one of the specified ,{@link ResourceAction},s. |
authorizationStrategyName |
Object |
true |
Filters results to those that apply to one of the specified strategies. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].resourceActionId |
String |
true |
Must not be null. |
[].authorizationStrategyName |
String |
true |
Must not be null. |
[].includeWhenAbove |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is above the {@link StandardRoleType}'s {@link ResourceType}. |
[].includeWhenAt |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is the same as the {@link StandardRoleType}'s {@link ResourceType}. |
[].includeWhenBelow |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is below the {@link StandardRoleType}'s {@link ResourceType}. |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link ActionInclusion} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link ActionInclusion} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[].deletedAt |
String |
true |
The date-time at which this {@link ActionInclusion} was deleted. This will be null for an {@link ActionInclusion} that has not been deleted. If this property is not null, then the {@link ActionInclusion} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiIyNk5DSXdVUjhiTlE2VjFLcndjV2ZnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjdjYTc1ZTE2LTQzZWItNGIzMS1hZjRiLTM2OWJlYTk4NzViMiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI0OCwiZXhwIjoxNzQzMTExODQ4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNDY1YTM3ZDMtMzIwYS00ODRiLTkxYTUtMTU0YjVlNDkxMjU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjQ4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.f5hGJP0hixhWt2ZouKeOt2-Fu0Bc-dtFMUP-tZXDADN07ONzyVTxyxZ19QzzBHkfQA6Nv1tDp8-R1WNxIEyyHTlMm4rARgPeoRD9vJwhvBvpxjBBmmr6CcuLcxLta4WRxCWDB20UkLeFhUL2yzCxGSbKKawvtLGEczVDIj6abplHqVUVjAG0rJoPtAl_K9XxfAuVm5cn_5t1OnjYuuXEbo0wFJuoHoLis_RL4HdgsIJHGQuMDMk_SzImlpKfsB5wKvrlcsDgTMErsNEafFyOWwiFI5a90mM_vXs8WJvqAw76j4ZQMtRPl6Vp89Vj4S_0hkx9_DHseqAWaDXiLSi1lQ'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1589
[ {
"id" : "a7ed0448-9869-42a8-8878-9054cda20147",
"resourceActionId" : "241183c0-478e-40a6-b1d8-7078580daf33",
"authorizationStrategyName" : "Contributor",
"includeWhenAbove" : false,
"includeWhenAt" : false,
"includeWhenBelow" : true,
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:44.799326Z",
"updatedAt" : "2025-03-27T20:43:44.799326Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Update Service Identity in Contributor Standard Roles"
}, {
"id" : "fb23779a-0e7d-416a-bffc-e15128229652",
"resourceActionId" : "e9ae7267-1ec5-4b2b-b888-ae7752099e90",
"authorizationStrategyName" : "Read-Only",
"includeWhenAbove" : true,
"includeWhenAt" : true,
"includeWhenBelow" : true,
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:48.038918Z",
"updatedAt" : "2025-03-27T20:43:48.038918Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Read Browzer App in Read-Only Standard Roles"
}, {
"id" : "01a145c4-eeef-4e47-9df9-af5d728b089e",
"resourceActionId" : "48564613-134e-4a8a-95b9-f64e1dde33ce",
"authorizationStrategyName" : "Contributor",
"includeWhenAbove" : false,
"includeWhenAt" : false,
"includeWhenBelow" : true,
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2025-03-27T20:43:47.649262Z",
"updatedAt" : "2025-03-27T20:43:47.649262Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Create Process Execution in Contributor Standard Roles"
} ]Get Action Inclusion
GET /action-inclusions/{id}
Authorization
This endpoint requires read action on the action-inclusion resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
true |
Must not be null. |
resourceActionId |
String |
true |
Must not be null. |
authorizationStrategyName |
String |
true |
Must not be null. |
includeWhenAbove |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is above the {@link StandardRoleType}'s {@link ResourceType}. |
includeWhenAt |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is the same as the {@link StandardRoleType}'s {@link ResourceType}. |
includeWhenBelow |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is below the {@link StandardRoleType}'s {@link ResourceType}. |
createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
createdAt |
String |
true |
The date-time at which this {@link ActionInclusion} was created. Must not be null. |
updatedAt |
String |
true |
The date-time at which this {@link ActionInclusion} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
deletedAt |
String |
true |
The date-time at which this {@link ActionInclusion} was deleted. This will be null for an {@link ActionInclusion} that has not been deleted. If this property is not null, then the {@link ActionInclusion} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions/5da1121e-8eb0-46e0-97ef-dc0f76b17730' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiIyakk5TFo5QnNsZnRUV045WldSRzd3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImFlOWU4MDEwLTAxODctNDJjZC04YmY1LWI2ZDFmMzE5NjVlNyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI0OCwiZXhwIjoxNzQzMTExODQ4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZjY0YzVmNDYtNjNkYy00Zjc2LTk5OGEtNWU0N2Y3OThmN2E0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjQ4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.vQNMZhiQIZG_ShF1P2iXIej4oicEsot3uQG_4w3EeQU4rPn6ri1MTYEvJImM-qyPzB89LykhR1j393qNes_7oYjK1UVdq_c5gT6_CvBejv3sxEf6qjfqcWFKHGQF5mtjN1IdGF_3ysCt24PmO9s6lMifsbV972lchSMTk-FPeTXuXFvi01KcnnXUQLi9S6hfrPOLlUVsvH574NRVle7C83FByl3mtaiURY7fZGC0MFfWP3bBNHo7yjEViurZq49P2nlUn289FYkEMbyz-UMbL6UbF4QvVMaZhMPT8WllWANxbuT5bPEq58RmZcbdw_9kMhdLjq4TGqIjONbB_QskOg'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 520
{
"id" : "5da1121e-8eb0-46e0-97ef-dc0f76b17730",
"resourceActionId" : "f5d27b06-ec31-45fe-8f38-1198f2b708fa",
"authorizationStrategyName" : "Admin",
"includeWhenAbove" : false,
"includeWhenAt" : true,
"includeWhenBelow" : true,
"createdBy" : "3bf0ea6d-88c5-4fcb-bb6d-cd378330e330",
"createdAt" : "2025-03-27T20:44:08.498027Z",
"updatedAt" : "2025-03-27T20:44:08.498027Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Test Action 8 Test Type 7 in Admin Standard Roles"
}Create Action Inclusion
POST /action-inclusions
Authorization
This endpoint requires the following actions:
-
createaction on theaction-inclusionresource type -
readaction on theresource-actionresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
resourceActionId |
String |
true |
Client must have |
includeWhen |
Map |
true |
Must not be empty. |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
true |
Must not be null. |
[].resourceActionId |
String |
true |
Must not be null. |
[].authorizationStrategyName |
String |
true |
Must not be null. |
[].includeWhenAbove |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is above the {@link StandardRoleType}'s {@link ResourceType}. |
[].includeWhenAt |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is the same as the {@link StandardRoleType}'s {@link ResourceType}. |
[].includeWhenBelow |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is below the {@link StandardRoleType}'s {@link ResourceType}. |
[].createdBy |
String |
true |
The identity id that created this resource. Must not be null. |
[].createdAt |
String |
true |
The date-time at which this {@link ActionInclusion} was created. Must not be null. |
[].updatedAt |
String |
true |
The date-time at which this {@link ActionInclusion} was updated. The only supported 'update' on this bean is to mark it as deleted. Must not be null. |
[].deletedAt |
String |
true |
The date-time at which this {@link ActionInclusion} was deleted. This will be null for an {@link ActionInclusion} that has not been deleted. If this property is not null, then the {@link ActionInclusion} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiJmR21GUkRFcURXOWlidE1Eb1hLTHd3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImNjZGU3NWU1LWI2OWYtNGFhMi1hN2FjLTVlZTMyZDVmZTMzMiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI0OSwiZXhwIjoxNzQzMTExODQ5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOTAxZDAyMGMtYzM3YS00ZWE1LTljYzItYmMzZWIyMzQwNTg4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjQ5fSx7XCJpZFwiOlwiMWJiMjNjNzgtZmE3YS00ODUyLWE2ZDQtYzEyMDg0ZjZjOTUzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjQ5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.ZgxvRK4sZFLGNZSn060LEGYI6AwC4lAd_iIRRgOtcg1OAvgOroFGlIK63gpjjfkcEKmNnyhbGcsbUI6Ht3kpoTPQ3OgKcbciFGpBiA1sUP2A63nQyygX2UJrA7dQ4xf_4ZJOAtJLSmbb_QLOWOJAAG8w8uOhtKz6wtFmjRno_XXfR-zEH4mw6tkGUuoN5nckXOLITxxeHdUqoP0YWuGk4Isbd7RUI30l7u6cvptLw-i4UB_hG6b2F2i6_35S5Ga4RMjNNcc8DEoCXFgD4wqRkqwlZrQNXf4etXWi-HaR1P6DRg5zky-I9yiiy7jO4ixQUerKtn6DeZUoCv10WmVKCA' \
-d '{"resourceActionId":"01cef70f-daf7-4df0-85e4-d349d055e757","includeWhen":{"Admin":{"above":false,"at":true,"below":true}}}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 526
[ {
"id" : "2db45cd9-5330-477e-b31f-78e2c403da78",
"resourceActionId" : "01cef70f-daf7-4df0-85e4-d349d055e757",
"authorizationStrategyName" : "Admin",
"includeWhenAbove" : false,
"includeWhenAt" : true,
"includeWhenBelow" : true,
"createdBy" : "ccde75e5-b69f-4aa2-a7ac-5ee32d5fe332",
"createdAt" : "2025-03-27T20:44:09.168058Z",
"updatedAt" : "2025-03-27T20:44:09.168058Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Test Action 14 Test Type 13 in Admin Standard Roles"
} ]Delete Action Inclusion
DELETE /action-inclusions/{id}
Authorization
This endpoint requires delete action on the action-inclusion resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions/adcac95e-a62e-400d-9c3e-9afabbb5cc64' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFlM2YxODkwLWZmOGEtNDY2Yy1hZDVmLTljYjgyMjMxNDJlZCJ9.eyJqdGkiOiIxbFBrWTRiNW9mbXBPZ1gxSFI4T01RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImZiMzhjNWQ3LWJjNmMtNDE2ZS1hZGI3LTg2OTljNjI5Yzk5NyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTc0MzEwODI0OCwiZXhwIjoxNzQzMTExODQ4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjljOThkZjQ0LTFiYTktNDhiYi05ZTkxLTc2MzE2ZTQwNzA2NFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjkxZDBlNDllLTBjMzgtNGM2OC1hNzkxLTU5NTRhMWMxYjYzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcImExOGU1N2IxLTc4YjUtNDlkYS04NmI5LTRkNDA4NDg3NWIwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcIjYzYzdlNzA4LTMxNWItNGIxNS05YTM2LTcyMTRiYzhhODY1Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNn0se1wiaWRcIjpcImNjMTc1NTg5LTUwMzUtNDRlZC05MTJhLWZmZDg3ODk1ZWY1ZVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjgyOTg2MDJjLTA5MWMtNGNmYS1iYmI1LTkwOGRlMzg5OGZlYlwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIzOX0se1wiaWRcIjpcImFlZmExNWI3LTVmYTItNDRjOC04ZTQyLTcwYWNiNWYwOTgxOVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyN30se1wiaWRcIjpcIjhjYzU0ODM4LTc2OTctNDZmYS05OGE0LWNjN2U5NmQwOWRmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNH0se1wiaWRcIjpcIjMxZDYxOThlLTFiMWYtNGFjNy1iN2QzLTg0YjI5YzBiNzNiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyM30se1wiaWRcIjpcImU1ZDdkYjJmLTc2YmUtNDEzZS1iN2NhLThkMWM4Njg4N2E0MVwiLFwibGFzdE1vZGlmaWVkXCI6MTc0MzEwODIyNX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZjdhMWYwMzgtMmNjYy00MDNjLWEyOWEtOTczZjIwODFkOTczXCIsXCJsYXN0TW9kaWZpZWRcIjoxNzQzMTA4MjQ4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.s_Zp6xMN-JRVgo1CXsmKA2dUn7dIqSuuOkg7U47AINkRSECQ8cO2bU80vRAVIptisZc4aE9SKwUaKzhD1bVA0nFhaa3XEekLDR0hUFS4LZNVSoKVHCSNP7Jp90C_xs1fe037JjJNX6O0xNIvkVEY7nfcDCUucngUWXltrDWIuLuMAF8nwxogfuOCIje8NmR4Rc_kmY4CDjzDhgJhMW9hcc45RB7vvzwFKEBpZQY2fbDd8c7-M_7EV2hWJlevCNlbPIVEvkxb9QfYOachU4H4KwY8_UA1p8NPf-kJqkb56kGzHMsx8YF5K6W_TzOM-RIxeePkwfA8GRRw7kouxd4lqQ'Example response
HTTP/1.1 200 OK