Introduction

This is the NetFoundry Auth service

Overview

HTTP verbs

NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP verbs.

Verb Usage

GET

Used to retrieve a resource

POST

Used to create a new resource

PUT

Used to update an existing resource, full updates only

DELETE

Used to delete an existing resource

The PATCH method is not used (yet).

HTTP status codes

NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP status codes.

Status code Usage

200 OK

The actual response will depend on the request method used. In a GET request, the response will contain an entity corresponding to the requested resource. In a POST request, the response will contain an entity describing or containing the result of the action.

201 Created

The request has been fulfilled and resulted in a new resource being created.

202 Accepted

The request has been accepted and is being processed asynchronously Standard response for successful HTTP requests which invoke back-end services.

204 No Content

The server successfully processed the request, but is not returning any content.

400 Bad Request

The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).

401 Unauthorized

The request lacks valid authentication credentials for the target resource.

403 Forbidden

The request is authenticated with valid credentials however that set of credentials is not authorized to access this resource.

404 Not Found

The requested resource could not be found but may be available again in the future. Subsequent requests by the client are permissible.

Pagination

Paginated services will accept the following optional request parameters:

Table 1. Request parameters
Path Type Optional Description

page

Integer

true

Page you want to retrieve, 0 indexed and defaults to 0.

size

Integer

true

Size of the page you want to retrieve, defaults to 1000.

sort

String

true

Properties that should be sorted by in the format property,property(,ASC|DESC). Default sort direction is ascending. Use multiple sort parameters if you want to switch directions, e.g. ?sort=firstname&sort=lastname,asc.

Pagination response has following structure:

Table 2. Response structure
Path Type Optional Description

content

Array[Object]

false

Actual items.

totalElements

Integer

false

Total count.

totalPages

Integer

false

Total pages with current page size.

last

Boolean

false

If this page is the last one.

numberOfElements

Integer

false

Actual size of content array (number of items).

first

Boolean

false

If this page is the first one.

sort

Object

true

Sort information object.

size

Integer

false

Requested size of the page.

number

Integer

false

Page number.

empty

booloean

false

If this page is empty.

Authorization

Authorize

POST /auth

Authorization

Authorization not required for this request.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

identityId

String

false

audience

String

false

claims

Map

false

Response fields

Path Type Optional Description

token

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/auth' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ1Ym5ueFBwVURZdE90c210WXZpZjd3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjA5MzVhNDJhLTM4NGMtNDIxNC1hZjNhLTI4MTMzODZiYmIwOCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjFiNjZlNTdhLTYyZjEtNGMxOC1hZjRkLTM3NzE3YTIzMjM3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Nm9b2BGOcG-zf7G--cLTz-yFK_iO24u_Mp-ocENhGTlOO7LN0f1S7rCX7EU6H-B4A1ksmBwJbL8DfM7gBbS2jSZ-cs-nOT8rImPquH1KDM5VXTlefQHZwZX2PO2vG5PqHsTaNtTIxX0_0oyG-HmPKNvwK21Xk9YnGtywAIJKtna1dji7UJCcHkPOJ3z3epi0-uEeQ-K7YhCNBcnJoudtmimuR42VZVMvrT9fB8YD8ywvRuiT09okUH01e7TFDh9ZY6CGsHUYi4_xm5CfhUUCEJ0UEjC6uBkZ1kKfJZjJsTKfJJyjhRR3sHQ_8qrgc9Z9XyVv7afhe5_XSwWs2dySlQ' \
    -d '{"identityId":"74a7ba9f-203f-4758-a2b1-d7ca78b514e7","audience":"io.netfoundry.test","claims":{}}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 2119

{
  "token" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImsxIn0.eyJqdGkiOiJuUkp1U2tRNjVUS3p2UEJJODhuSi13IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijc0YTdiYTlmLTIwM2YtNDc1OC1hMmIxLWQ3Y2E3OGI1MTRlNyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkudGVzdCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ1MTA4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImY5ZDVkZjY4LTliOWUtNDUyOS04MDEwLTIwZWM3ODliZGY3NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjp0ZXN0czoqOmZvb3M6KiJdLCJhY3Rpb25zIjpbInRlc3RzOmNyZWF0ZS1mb28iXX1dfQ.M0X3nOJofUdDR9weej9L4qfYwhYkOWClRq-lYKr1h5zRJCE95tftA_slKPG9Mz-c3A81mG69PNHEs1WPY1f3QgmwnjZNoPMq4zFNpKO05sjIBqB0-EzkNkj7qR9rDipjEVMtMavnXyoWtpcbTNJOS4NXdOVahIlx65DkKrQRjA3GKLzay_sGw_YoYd8Hp2vgtJjGCk_xkCj7Ab8eiU3u8GHyNduzQ8sF7K5buf-qc8X5Gano6zYQnoTNk74ip6HQ_vnCy5lZ2_UEwqowBlU_RRsJpiYS0viOFgUQGrBe-uDQ0Yg5GXt2g0NukxaCCo5IornBKnjFjw1xrZJAPSNTWw"
}

Core Authorization Resources

Domains

Find Domains

GET /domains

Returns a set of {@link Domain}s that the client is authorized to read.

Authorization

This endpoint requires read action on the domain resource type.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

[].id

String

false

[].name

String

false

A human friendly name which can be used for UX purposes.

Size must be between 1 and 256 inclusive.

[].code

String

false

A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain.

Must match the regular expression [0-9a-zA-Z.]+.
Size must be between 1 and 128 inclusive.

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link Domain} was created.

[].updatedAt

String

false

The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted.

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/domains' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJSRFNvcjRIRUlLM1J2X0c1V2pGaTVnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjQwNTU5MmE2LTVhMmQtNDk0Ni04NThjLTM5ODhjNDZhNjMxYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMjRhOWQwYjItYThmZC00NWNjLWFkM2ItY2E3Yjc3MjlmNWJlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.SYOvrF5g9k82Ey8wRtRIwuJqtNnRLpWPBWdpVZsgOxe-iVpkspdy-7T79sgfByWEKWD7fU5Ori-LoQ4e_n10_dZu3BcsR7CbeXCNsoifw5pi_tyHwSTXAaIWpPNz-gn4LEMTY8A3xSai4Jqtix-T_Zq4cyf1mu4DGMW-9EsVGk2jbk3jff6UeE1yCkIrGIjnqM03VVlAJNNKFziy1sg9vBUFls2tTIfYkKyxgRYLwbsT71OCLMEb2x-aDptPhiJEnhm3PtC__ZiVzExz3_FzH59k0Xf7WotmClpM3rYmfy4691odTpbvGpQKv816PKnwLP8nhZbCP3VKxNJxRx6QTA'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 878

[ {
  "id" : "bc4ce966-7b3c-450c-8846-3a63f262a3b6",
  "name" : "Test Domain 50",
  "code" : "test.domain.50",
  "createdBy" : "227b4ad0-280c-4de5-829a-315521cd864a",
  "createdAt" : "2021-05-04T16:13:29.027511Z",
  "updatedAt" : "2021-05-04T16:13:29.027511Z",
  "_title" : "Test Domain 50"
}, {
  "id" : "be73361e-08cf-46c1-8fd2-a76be0549434",
  "name" : "Test Domain 48",
  "code" : "test.domain.48",
  "createdBy" : "50092845-9de5-486f-acc0-9d1413e2e648",
  "createdAt" : "2021-05-04T16:13:28.999565Z",
  "updatedAt" : "2021-05-04T16:13:28.999565Z",
  "_title" : "Test Domain 48"
}, {
  "id" : "5d8c0d50-91ab-4134-934f-69b1d4032d16",
  "name" : "Test Domain 46",
  "code" : "test.domain.46",
  "createdBy" : "881216f8-a130-437e-90e7-43f9cb7ca32d",
  "createdAt" : "2021-05-04T16:13:28.929405Z",
  "updatedAt" : "2021-05-04T16:13:28.929405Z",
  "_title" : "Test Domain 46"
} ]

Get Domain

GET /domains/{idOrCode}

Authorization

This endpoint requires read action on the domain resource type.

Path parameters

Parameter Type Optional Description

idOrCode

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

name

String

false

A human friendly name which can be used for UX purposes.

Size must be between 1 and 256 inclusive.

code

String

false

A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain.

Must match the regular expression [0-9a-zA-Z.]+.
Size must be between 1 and 128 inclusive.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link Domain} was created.

updatedAt

String

false

The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted.

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/domains/3f9f3e65-f288-4b89-ac8c-80d87db4260d' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJGcllSVVZqbm9JSkx1cDNieDdET1RRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjkwNGQxOWYzLTBmMmUtNDFlZS1iMmUxLTI1ZDMwYjZmN2ZhMiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZTkwM2Y3NTQtOTIyZC00ZDI4LTk5MGUtZWQ0YjczZTQ4MTgwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.GR_lYb-3_SJy02Jtn706t7cu8pwsC8meQQrCsLGzVsv0lw6sgAHevhohnlob6jbkq0LARFLwI-XrPU4e8eVZ_4cTBAzGb_GqHTwinhmlU1wDdR0K6JbKby1QqvW-OEkGajvapizsyXiHfJ6DVrw83QUx2nWfgyVw8iy40C4aIKGBwC3RGQPPZshkkVveYhS5YAl2jFmo4Utw31Zq702_TKAsQS1i82NdHohikVOXoowxM8A7MPlgPEDayivN2ZsD7I_VWI9UC4LkdCDigfUE4y3rjrUCi10JU_XlDRT_bltM7H66ltlzca-Q5MlzDL_dkMXxp1SuzUOtiiZpNVOgPg'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 288

{
  "id" : "3f9f3e65-f288-4b89-ac8c-80d87db4260d",
  "name" : "Test Domain",
  "code" : "io.netfoundry.test",
  "createdBy" : "575e80b0-3cc5-45e3-bac9-98bf32524ef8",
  "createdAt" : "2021-05-04T16:13:25.367299Z",
  "updatedAt" : "2021-05-04T16:13:25.367299Z",
  "_title" : "Test Domain"
}

Get Domain

GET /domains/{idOrCode}

Authorization

This endpoint requires read action on the domain resource type.

Path parameters

Parameter Type Optional Description

idOrCode

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

name

String

false

A human friendly name which can be used for UX purposes.

Size must be between 1 and 256 inclusive.

code

String

false

A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain.

Must match the regular expression [0-9a-zA-Z.]+.
Size must be between 1 and 128 inclusive.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link Domain} was created.

updatedAt

String

false

The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted.

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/domains/io.netfoundry.test' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIxU3RxemF5VmlhUUNIM3FFM0R3MHBBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImQzZTg1MTgyLWU0MDgtNDdlYS05Njc0LTc2YzM2ZmYzYTE3YSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZTlkMWM4YmMtZmY1YS00MDUwLWI0OTktZjZiMGI2YTQ4MjkxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.FuNUB_gCHNbQcXG1_WwYl6KzHFOv7udHNS1U9-HaRl3zLpuiZybdD07ypgcg4Y8Gr0cPy-7B2gQ1GN2Ad9V7ukqVYZh-w3e0JOucd1Aomc8478cXENv3cbROPNG3U8cEM_E5WIRj3C_uqNvs2dppbQG5GndGcHsRs6Z1yqCD7QQi2BPF--mgSL5FwJPM0Qj4O7hii0VE8RrsTgcE1aYwAPdcqWb8KOoxEnIs3mS7Qr6B4NrcGYaDC_Q2MxtiAvH4n39kFcvBD-03v7n9LfhCWsZDkau5mG24LSj244-JUYKnMykn0fWzxxf_RWh8lMZ296mdpXgGnsG5NDrFF1V5fw'

Example response

HTTP/1.1 200 OK
Content-Disposition: inline;filename=f.txt
Content-Type: application/json
Content-Length: 288

{
  "id" : "3f9f3e65-f288-4b89-ac8c-80d87db4260d",
  "name" : "Test Domain",
  "code" : "io.netfoundry.test",
  "createdBy" : "575e80b0-3cc5-45e3-bac9-98bf32524ef8",
  "createdAt" : "2021-05-04T16:13:25.367299Z",
  "updatedAt" : "2021-05-04T16:13:25.367299Z",
  "_title" : "Test Domain"
}

Create Domain

POST /domains

Authorization

This endpoint requires create action on the domain resource type.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

name

String

false

Size must be between 1 and 256 inclusive.

code

String

false

Must match the regular expression [0-9a-zA-Z.]+.
Size must be between 1 and 128 inclusive.

Response fields

Path Type Optional Description

id

String

false

name

String

false

A human friendly name which can be used for UX purposes.

Size must be between 1 and 256 inclusive.

code

String

false

A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain.

Must match the regular expression [0-9a-zA-Z.]+.
Size must be between 1 and 128 inclusive.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link Domain} was created.

updatedAt

String

false

The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted.

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/domains' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJndURXRGxaeXExeDRfMXVFNDl5Z0RnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjJjY2M1NDdjLTQyMzItNGIyNS04ZWJkLWUyYWM2OTFmYWZhNyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjkyNDdmYjAtY2EzMS00OGYwLWI1NzYtODk5NGQwODVjZjQzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.TvEzao_hIFcAm6ZL_Sayza-TYHUfzdQRx-tVhaVD12-cxeutRvYuRoRspnf5223RWRCSX1doermc9bIXHf8lenCA7rPEm0rsj_-vpR8hyb_GpBtYfF8tGX61f2emJWpUsag-BXiv_-my2nlYhZzkk5BZScIr6nLD4lKTu5E3hVGB-Tm9klptUk1CjEGoNB7-FxhZHAeWzLZCCXEmOyfnxgXeG_te5rG5qZt0FQOGWFrlDJJ6dLxgH2B7DIKHGGTg8aZQapJCm0aiAaLEjBvDaBJ1JnWBay7lWWk8MfNdJPFAVeYD3QsxApz-HhO2d4zPWVyoHM5-XZJKNoStuPzO9w' \
    -d '{"name":"Other Test Domain","code":"other.test.domain"}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 299

{
  "id" : "8285ffb1-26ad-4ff4-a256-d5805c32c0a8",
  "name" : "Other Test Domain",
  "code" : "other.test.domain",
  "createdBy" : "2ccc547c-4232-4b25-8ebd-e2ac691fafa7",
  "createdAt" : "2021-05-04T16:13:29.890681Z",
  "updatedAt" : "2021-05-04T16:13:29.890681Z",
  "_title" : "Other Test Domain"
}

Resource Types

Find Resource Types

GET /resource-types

Returns a set of {@link ResourceType}s that the client is authorized to read and which match the specified (optional) query parameters.

If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).

Authorization

This endpoint requires read action on the resource-type resource type.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

domainId

Object

true

Filters results to those that are in one of the specified {@link Domain}s.

code

Object

true

Filters results to those matching one of the specified codes.

parentId

Object

true

Filters results to those that are an immediate child of one of the specified {@link ResourceType}s.

Request fields

No request body.

Response fields

Path Type Optional Description

[].id

String

false

[].domainId

String

false

The id of the domain within which this {@link ResourceType} exists.

[].name

String

false

The human friendly name of this {@link ResourceType}.

Size must be between 1 and 256 inclusive.

[].code

String

false

A unique value (within the domain) that can be used by code as a reference to this resource type. These values should almost always be the simple type name of the resource class, such as "BillingAccount".

Must match the regular expression [0-9a-zA-Z-]+.
Size must be between 1 and 64 inclusive.

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link ResourceType} was created.

[].updatedAt

String

false

The date-time at which this {@link ResourceType} was updated. The only supported 'update' on this bean is to mark it as deleted.

[].parentId

String

true

Returns the id of the parent {@link ResourceType} or null if this is a root.

[].childrenIds

Array[Object]

true

Returns the id of {@link ResourceType}s that are children of this.

[].depth

Integer

true

Returns the depth of this {@link ResourceType} within the tree, where a root {@link ResourceType} has a depth of 0.

[].root

Boolean

true

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/resource-types' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJGam5TbGc0NFZjT1l6bzRYdU53OWRnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImZjYzJmMjQ3LTM4OWMtNGMxMi04MTJiLWViYjc2MzEyMWRiMiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjc0YjNiYTItOGQ1Mi00ZjkyLTkxOWEtNzI2NzczNDM1MTllXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Bo-f_rCpN0U4Ij6U6m88PWNbrD_BClkJfJ5AA8uRXHZR3GZAojFPgYSetdCXVREnzyiOpm4NLmBsOtjkh7ZKW12656isqyCGs6bbIxEVWccwsLTzA-frJlQ4zElEcZ4pbx8zTyDQgGt-cRKjY46tarjINJpi-MYkt4G4btQ3CEgln4EFm7NCXzZilP2Biok162ry8FbdLV1W03iY0osuKV-w_nRGVilwiJ1SCGQouzYXYF0XGh_XOJRX8ICz4j2-VcDFWun665ZkcZo4rgDqjhNHmnqIqBo31MT6Y6-EWOsmwbwP4QyTbdXMIVHk23dtNlNqbNiXn4lWYfrhgdiADQ'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1387

[ {
  "id" : "ba98dc59-cf72-46f9-a4f2-58dbbfdd567b",
  "domainId" : "d2b69525-3d8b-4673-b8aa-b6d8d822c1bb",
  "name" : "Resource Type",
  "code" : "resource-type",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.339667Z",
  "updatedAt" : "2021-05-04T16:13:21.339667Z",
  "parentId" : "14f8984b-b636-4bfa-acae-df4bbc267cdd",
  "childrenIds" : [ "011c97b1-1ca8-414f-96b0-b60e5da1f0a6" ],
  "depth" : 1,
  "root" : false,
  "_title" : "Resource Type"
}, {
  "id" : "ce2ede2c-c2d0-46a1-9f40-9c1b393f3469",
  "domainId" : "d2b69525-3d8b-4673-b8aa-b6d8d822c1bb",
  "name" : "Standard Role Type",
  "code" : "standard-role-type",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.340727Z",
  "updatedAt" : "2021-05-04T16:13:21.340727Z",
  "parentId" : null,
  "childrenIds" : [ "5c6cef03-5b62-4046-9b33-3bf2262dac86" ],
  "depth" : 0,
  "root" : true,
  "_title" : "Standard Role Type"
}, {
  "id" : "80849345-8011-4ce9-92d2-27cd6bec886a",
  "domainId" : "bc4ce966-7b3c-450c-8846-3a63f262a3b6",
  "name" : "Test Type 51",
  "code" : "Test-Type-51",
  "createdBy" : "02156e2f-932e-4ba9-9e2c-622e5272ae19",
  "createdAt" : "2021-05-04T16:13:29.029270Z",
  "updatedAt" : "2021-05-04T16:13:29.029270Z",
  "parentId" : null,
  "childrenIds" : [ ],
  "depth" : 0,
  "root" : true,
  "_title" : "Test Type 51"
} ]

Get Resource Type

GET /resource-types/{id}

Authorization

This endpoint requires read action on the resource-type resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have read action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

domainId

String

false

The id of the domain within which this {@link ResourceType} exists.

name

String

false

The human friendly name of this {@link ResourceType}.

Size must be between 1 and 256 inclusive.

code

String

false

A unique value (within the domain) that can be used by code as a reference to this resource type. These values should almost always be the simple type name of the resource class, such as "BillingAccount".

Must match the regular expression [0-9a-zA-Z-]+.
Size must be between 1 and 64 inclusive.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link ResourceType} was created.

updatedAt

String

false

The date-time at which this {@link ResourceType} was updated. The only supported 'update' on this bean is to mark it as deleted.

parentId

String

true

Returns the id of the parent {@link ResourceType} or null if this is a root.

childrenIds

Array[Object]

true

Returns the id of {@link ResourceType}s that are children of this.

depth

Integer

true

Returns the depth of this {@link ResourceType} within the tree, where a root {@link ResourceType} has a depth of 0.

root

Boolean

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/resource-types/f5d99ac3-faf2-4f02-8e54-16f406e1da8b' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJFTEI1b2JnSVhYMDlaYUg0WkoxVlN3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjlkMDc1NDdiLTllYjAtNGQxYS04OTE4LWI5MzQzN2U3YTlhYiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNzAzZGJiMjUtZjQ4OC00NTZhLWE0OTAtNzIxYzAwYmNjYzcxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.hAeprlWTib6mA-_uIwRdRWpefev0gxSXN2_rLnNCwJy4Uk3veTuExN8pTxF2pIBTY2RqHTVj3hbg0O0OqotCgKO7oZjgQ0SnP290qiYgxrFyfWgAFDf03okxA-WjuIyt4c8tzSbp7MAswQF1RVFDkyjiJyoF0bljAcWROVkdxI00beYwkHkltekXRUCMlNNWNfnmysCxsEw4pVx1L7LTp8Vg2PkC40kbSV3HeiJckGO93_D_Oagk1tyTU6V5wLySx5phDsQF7gUKQ45odbM1FZBE-YGdsSJRhCTVD8OJJMQr97ODc4SiPdmNUKrV5PZ-BLJisOp6lsViRNyWLDPRMw'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 406

{
  "id" : "f5d99ac3-faf2-4f02-8e54-16f406e1da8b",
  "domainId" : "3f9f3e65-f288-4b89-ac8c-80d87db4260d",
  "name" : "Test Type",
  "code" : "test-type",
  "createdBy" : "1c0fbab9-f2d6-479b-8a55-30cce8e5cc63",
  "createdAt" : "2021-05-04T16:13:25.382127Z",
  "updatedAt" : "2021-05-04T16:13:25.382127Z",
  "parentId" : null,
  "childrenIds" : [ ],
  "depth" : 0,
  "root" : true,
  "_title" : "Test Type"
}

Create Resource Type

POST /resource-types

Authorization

This endpoint requires the following actions:

  • create action on the resource-type resource type

  • read action on the domain resource type

  • read action on the resource-type resource type

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

domainId

String

false

Client must have create action under the annotated resource.
Client must have read action on the annotated resource.

parentId

String

true

Client must have read action on the annotated resource.

resourceType

Object

false

resourceType.name

String

false

Size must be between 1 and 256 inclusive.

resourceType.code

String

false

Must match the regular expression [0-9a-zA-Z-]+.
Size must be between 1 and 64 inclusive.

resourceType.children

Array[Object]

true

Response fields

Path Type Optional Description

id

String

false

domainId

String

false

The id of the domain within which this {@link ResourceType} exists.

name

String

false

The human friendly name of this {@link ResourceType}.

Size must be between 1 and 256 inclusive.

code

String

false

A unique value (within the domain) that can be used by code as a reference to this resource type. These values should almost always be the simple type name of the resource class, such as "BillingAccount".

Must match the regular expression [0-9a-zA-Z-]+.
Size must be between 1 and 64 inclusive.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link ResourceType} was created.

updatedAt

String

false

The date-time at which this {@link ResourceType} was updated. The only supported 'update' on this bean is to mark it as deleted.

parentId

String

true

Returns the id of the parent {@link ResourceType} or null if this is a root.

childrenIds

Array[Object]

true

Returns the id of {@link ResourceType}s that are children of this.

depth

Integer

true

Returns the depth of this {@link ResourceType} within the tree, where a root {@link ResourceType} has a depth of 0.

root

Boolean

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/resource-types' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ4LVlLU25sazl3UFpaQzh4ck5vUzF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjdiNTEwZjEyLWY5MGQtNDgyYS04ZjljLTEzNWJkZTE3MzgwYSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZmFlODY0ZmUtNmZjMC00ZGIzLWEzODEtNzlkZmE5NmRlZDkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fSx7XCJpZFwiOlwiNmQxMDZlMmYtYWZmMi00Nzg3LTg3MGEtODMzMGVkYWI5YmM3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fSx7XCJpZFwiOlwiOWY0Zjg1ZDgtOTNlYi00NWZlLTk0ZDktZDcxOGE1NmIwZDU4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.GhOWMbVgoGDfFcCB6u4-NnqpLKm5kZTbl9r6K86bMLdqxNdIzErWvkpO7aAoB9qZlMAMYcC6Ei5fbUwjg1ABTBpoTTeqKhMncAMHv1ezox93ECzqAfv2Ju17PqtcN7ieKzHavE03Hk33fBo1pP4Z5QOYs62LXG8J-I_AvBTcYmo7fSzKqEEhXRuc0U5m4sRL7oPal86JthDzm9_UvDskKp9yUD-qUvY138Jpiz6ZuWEJH521eyDl8t3RPC6wSHa_5nLokv9n_zPMwnx4tNS3Iet_wzjRZW4vQY6JKe5QDDDoJDDYanK0PI6-LyO9L7BOYfhzdy72DcWcN-FrBNJ2-g' \
    -d '{"domainId":"3f9f3e65-f288-4b89-ac8c-80d87db4260d","parentId":"f5d99ac3-faf2-4f02-8e54-16f406e1da8b","resourceType":{"name":"Another Test Type","code":"anoter-test-type","children":[]}}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 464

{
  "id" : "bec54f8d-a7ae-43f1-bbb4-0a33967dd1a1",
  "domainId" : "3f9f3e65-f288-4b89-ac8c-80d87db4260d",
  "name" : "Another Test Type",
  "code" : "anoter-test-type",
  "createdBy" : "7b510f12-f90d-482a-8f9c-135bde17380a",
  "createdAt" : "2021-05-04T16:13:29.517454Z",
  "updatedAt" : "2021-05-04T16:13:29.517454Z",
  "parentId" : "f5d99ac3-faf2-4f02-8e54-16f406e1da8b",
  "childrenIds" : [ ],
  "depth" : 1,
  "root" : false,
  "_title" : "Another Test Type"
}

Resource Actions

Find Resource Actions

GET /resource-actions

Returns a set of {@link ResourceAction}s that the client is authorized to read and which match the specified (optional) query parameters.

If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).

Authorization

This endpoint requires read action on the resource-action resource type.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

code

Object

true

Filters results to those matching one of the specified codes.

resourceTypeId

Object

true

Filters results to those that apply to one of the {@link ResourceType}s specified.

domainId

Object

true

Filters results to those that are in one of the specified {@link Domain}s.

customRoleId

Object

true

Filters results to those that are granted by one of the specified {@link CustomRole}s. Only non-deleted {@link CustomRoleAction}s are considered.

standardRoleTypeId

Object

true

Filters results to those that are included in one of the specified {@link StandardRoleType}s.

Request fields

No request body.

Response fields

Path Type Optional Description

[].id

String

false

[].resourceTypeId

String

false

The type of resource that this {@link ResourceAction} applies to.

[].name

String

false

A human friendly name for this action. This should be a verb only, such as "Create", "Grant", "Remove", "Activate", "Update", "Delete", etc. This can contain more than one word, and spaces are permitted and encouraged if more than one word is present. Words should be initial-caps. This value will be appended with the names of other entities, such as a resource type name, in order to compute names for the composition of this with another entity. For example, if this action is "Create" and it is composed with a resource type named "Network", then the resulting composition may be named "Create Network".

Size must be between 1 and 256 inclusive.

[].code

String

false

Used by code as a reference to this action. These values should almost always be a simple verb such as "create", "update", "grant", "fetch", etc. Lower-case and hyphen separation of words is encouraged. Since this is used by code, the key value have a limited alphabet of letters, numbers, and hyphens. This value must be unique among the set of {@link ResourceAction}s targeting the same resource type.

Must match the regular expression [0-9a-zA-Z-]+.
Size must be between 1 and 64 inclusive.

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link ResourceAction} was created.

[].updatedAt

String

false

The date-time at which this {@link ResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted.

[].standardAction

Boolean

true

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/resource-actions' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJsMDNyTFdNRU1wTzZGZzRvS3dtalpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjVlOGEzNzYyLTI4MDgtNDY3Mi1hMjM2LTY3ZjZkZTIwMWZiMSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwNywiZXhwIjoxNjIwMTQ4NDA3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMzEwOGE0OTYtMmU4NS00Mzc0LTk0Y2YtYjcwN2JlM2QxZDIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.dH-FLA5xr0aTfUbjqejsWZu3bQjlVJjExseXwD5V91vET94L5lkls84AxyW4LmF3EbnpGjmujnLTKLK2kGcGhBIyCzHBfS_IDb7RWLQ274LWd7_b9SwDdGfWOgrEzDaFYRh1E9DKhNWernNy1wXf2dk1mrHejK-rNsj27OXR9Xhybir1v0QmsbR3QW1MeidIF7SOec22KcpARTzMe_NKYEENbFiC0vHnxLFwQp8XZQ01dtUWcWjRK3LW9PBfKUNhCedGWLp8oC4Lrupu7R1swDC1N3pj4fkkfIiM5n8jytNM2w9PcyT9xzX7irilgXHPCcrSZbFGy7EB0rakl_St-A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1136

[ {
  "id" : "6e60eb3a-0558-4a59-b921-7cf3d5cfe4fe",
  "resourceTypeId" : "ce2ede2c-c2d0-46a1-9f40-9c1b393f3469",
  "name" : "Create",
  "code" : "create",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.346007Z",
  "updatedAt" : "2021-05-04T16:13:21.346007Z",
  "standardAction" : true,
  "_title" : "Create Standard Role Type"
}, {
  "id" : "c82ff6fb-5353-4c03-bfcf-65c23b9fb33a",
  "resourceTypeId" : "f5d99ac3-faf2-4f02-8e54-16f406e1da8b",
  "name" : "Test Action",
  "code" : "test-action",
  "createdBy" : "1516bd76-46d4-4b96-a90c-49600a648dad",
  "createdAt" : "2021-05-04T16:13:25.386176Z",
  "updatedAt" : "2021-05-04T16:13:25.386176Z",
  "standardAction" : false,
  "_title" : "Test Action Test Type"
}, {
  "id" : "ec3953ac-1db1-4ede-beb5-ba2dc4f1e871",
  "resourceTypeId" : "4eb0a7fb-8acf-4159-910d-47d33d7defb7",
  "name" : "Update",
  "code" : "update",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:20.910067Z",
  "updatedAt" : "2021-05-04T16:13:20.910067Z",
  "standardAction" : true,
  "_title" : "Update API Account Identity"
} ]

Get Resource Action

GET /resource-actions/{id}

Authorization

This endpoint requires read action on the resource-action resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have read action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

resourceTypeId

String

false

The type of resource that this {@link ResourceAction} applies to.

name

String

false

A human friendly name for this action. This should be a verb only, such as "Create", "Grant", "Remove", "Activate", "Update", "Delete", etc. This can contain more than one word, and spaces are permitted and encouraged if more than one word is present. Words should be initial-caps. This value will be appended with the names of other entities, such as a resource type name, in order to compute names for the composition of this with another entity. For example, if this action is "Create" and it is composed with a resource type named "Network", then the resulting composition may be named "Create Network".

Size must be between 1 and 256 inclusive.

code

String

false

Used by code as a reference to this action. These values should almost always be a simple verb such as "create", "update", "grant", "fetch", etc. Lower-case and hyphen separation of words is encouraged. Since this is used by code, the key value have a limited alphabet of letters, numbers, and hyphens. This value must be unique among the set of {@link ResourceAction}s targeting the same resource type.

Must match the regular expression [0-9a-zA-Z-]+.
Size must be between 1 and 64 inclusive.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link ResourceAction} was created.

updatedAt

String

false

The date-time at which this {@link ResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted.

standardAction

Boolean

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/resource-actions/c82ff6fb-5353-4c03-bfcf-65c23b9fb33a' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJEdkhzZkM1TFZubWRwRzAxdGlkaVFnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjA4MjU1OWI5LThlZTAtNDc2My05NWJlLTY5ZTM3ZDg4NGVhOCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwNywiZXhwIjoxNjIwMTQ4NDA3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNDRlOTBhMjctNzAxZi00OWJkLWI3YjUtYjA2ZWZlNTY4ZGFhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.BhgvTZlbt5zJoEOldbXpSie_lLCwa31vPrd4dUEjTZlAqu1bWc22ZEXGcQoYS5vUQdCuAoCYPGfisY37APuBIij91a4WGH8aTCFVqqVKS0L1Tz6lm5X2c9OPhb5lIEQL0CtLbiLMLCf9Rv0bilEI3WkvgiNULYfxOpEPcRouNiQ12nbXrpzW-SVnI90xsCrNAiWRQJ9QZjy6XNzV7LBrcbmPDU6lR18hFPt5pTB7OHWDA2X2SQyKFVWeSfCwZdbGWANTl3z7YHSdV-vAROCL8pR6Q2XXKrhc0cxCAtJapESIEwYuFLdfbfw7VbVnmNt4syNDruI13h9WlPVgnUK6_Q'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 380

{
  "id" : "c82ff6fb-5353-4c03-bfcf-65c23b9fb33a",
  "resourceTypeId" : "f5d99ac3-faf2-4f02-8e54-16f406e1da8b",
  "name" : "Test Action",
  "code" : "test-action",
  "createdBy" : "1516bd76-46d4-4b96-a90c-49600a648dad",
  "createdAt" : "2021-05-04T16:13:25.386176Z",
  "updatedAt" : "2021-05-04T16:13:25.386176Z",
  "standardAction" : false,
  "_title" : "Test Action Test Type"
}

Create Resource Action

POST /resource-actions

Authorization

This endpoint requires the following actions:

  • create action on the resource-action resource type

  • read action on the resource-type resource type

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

resourceTypeId

String

false

Client must have create action under the annotated resource.
Client must have read action on the annotated resource.

actions

Array[Object]

false

actions[].name

String

false

actions[].code

String

false

Response fields

Path Type Optional Description

[].id

String

false

[].resourceTypeId

String

false

The type of resource that this {@link ResourceAction} applies to.

[].name

String

false

A human friendly name for this action. This should be a verb only, such as "Create", "Grant", "Remove", "Activate", "Update", "Delete", etc. This can contain more than one word, and spaces are permitted and encouraged if more than one word is present. Words should be initial-caps. This value will be appended with the names of other entities, such as a resource type name, in order to compute names for the composition of this with another entity. For example, if this action is "Create" and it is composed with a resource type named "Network", then the resulting composition may be named "Create Network".

Size must be between 1 and 256 inclusive.

[].code

String

false

Used by code as a reference to this action. These values should almost always be a simple verb such as "create", "update", "grant", "fetch", etc. Lower-case and hyphen separation of words is encouraged. Since this is used by code, the key value have a limited alphabet of letters, numbers, and hyphens. This value must be unique among the set of {@link ResourceAction}s targeting the same resource type.

Must match the regular expression [0-9a-zA-Z-]+.
Size must be between 1 and 64 inclusive.

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link ResourceAction} was created.

[].updatedAt

String

false

The date-time at which this {@link ResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted.

[].standardAction

Boolean

true

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/resource-actions' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJJRVY3ajN2RXdmS3k2c2ZTWlFObkN3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjZiODgyZTkyLTgwM2MtNDhkNy04M2FjLWE5OGQ1MTNlNzUwNiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwNiwiZXhwIjoxNjIwMTQ4NDA2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMzE0NGYxZGYtY2I3MC00MmY4LWI0YjEtNTE4NzY1ZDI4YTljXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA2fSx7XCJpZFwiOlwiYTA2ZmNjMWItY2FlNS00MzA2LWEzY2MtZmViZDYxYWE0YjhiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.cqFZ5uJBJ-gqB_yTBwXZQNePhlSnQR8_9KOLXdV7eQjRFrPJ27iS8Pnm1Pxdz3KL1n9gZuIhEUK9UU39WF_rtLptIT17ABUwo9duFpNzqG90wSiAsY1Z6V8RdjmSG_aBzfaf-eOGFLrAKuEB8PmVlf1TplcE9jDu0uKyBc_hPzl0RxQ_BuxYvYSdv5TANNEWe5DnRCg1YuFFvcpSHN8yzssRCqjGbW3Pxq_xu2xJKxFGDgSk15A6G0AZESbao_16-RpW81GHQ-5qNjNcFePkIkM0MovvJH-1751qD1tjqIfeg609gY0PO7efdSSuUlvG_hBAUXXToQCUgBT2afVVvw' \
    -d '{"resourceTypeId":"f5d99ac3-faf2-4f02-8e54-16f406e1da8b","actions":[{"name":"Update Custom","code":"update-custom"}]}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 390

[ {
  "id" : "0a282787-23b2-4f9e-9537-6e79bbc52e1d",
  "resourceTypeId" : "f5d99ac3-faf2-4f02-8e54-16f406e1da8b",
  "name" : "Update Custom",
  "code" : "update-custom",
  "createdBy" : "6b882e92-803c-48d7-83ac-a98d513e7506",
  "createdAt" : "2021-05-04T16:13:27.168062Z",
  "updatedAt" : "2021-05-04T16:13:27.168062Z",
  "standardAction" : false,
  "_title" : "Update Custom Test Type"
} ]

Authorization Grants

Grants (abstract)

Find Grants

GET /grants

Authorization

Authorization not required for this request.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

grantType

Object

true

identityId

Object

true

resourceActionId

Object

true

path

Object

true

Request fields

No request body.

Response fields

Path Type Optional Description

[].grantType

String

true

The concrete type that this virtual {@link Grant} is based upon. Never null.

Must be one of [CustomRole, IdentityResourceAction, PublicGrant, SuperUser].

[].grantId

String

true

The id of the concrete grant resource on which this virtual {@link Grant} is based. If the grant type has separate resources for the grant and the privileges, then this will reference the grant resource (the resource with an identity id.) Never null.

[].privilegeSourceId

String

true

The id of the concrete {@link PrivilegeSource} from which this grant is based. Some grant types combine the grant and privilege aspects into a single resource. For example, a {@link SuperUser} is both a grant (it specifies an identity id) and a privilege source. In other cases, such as a {@link CustomRole} and {@link CustomRoleGrant}, they are separate. When they are the same resource, this value will match the grantId value. Never null.

[].identityId

String

true

The identity id of the holder of this grant. Almost never null, with the one exception of a grant made to all users (or all authenticated users.).

[].privileges

Map

true

The set of privileges that this grants. These are organized as a stack of 3 Maps where the keys are the domain code, then the resource type code, then the action code, and the leaf value is a set of paths on which that action can be performed.

[].createdBy

String

false

The identity id that created the grant.

[].createdAt

String

false

The date-time at which the grant was created.

[].deletedAt

String

true

The date-time at which the grant was deleted. This will be null for an grant that has not been deleted. If this property is not null, then the grant is 'marked' as being deleted.

[].deletedBy

String

true

The identity id that deleted the grant. This will be null until the resource is marked deleted.

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/grants' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJqN3Q2MWFXMG5BcXhsWmZaRzdrQWpBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImJmOWE5NjY1LWY2ODctNGQ2ZC1hY2E2LWRhNTc1OGNiOGY4ZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjRlZmMxYWY0LTBhNzYtNGE3Ni1iMjA0LTRiMTdkNGViMmZiZVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.TqM1cLJ9Xt_m3MFKhSaQWDvEX6T055KKuA2SXj1D0wbhshEsQLS4XADF1IsuiYim4PKTtD2bKz_FNOLEovMFAz-6K86eM4_-JDeLPOXub-VKle3tRHrmzwIQJSJc8DX-oLB1huB0iP6iyyFHyMfsc77kUaPbrYdSMe0nrDL9nXPz33i_lfx7db6pqkSsfMYY2zsdd3EohHkAJwsdcCxysjA-WiYl9RuzSmBY7dW_XB5OUFYi5QNx3ev9RK-WXSMVDQH0pDWsS4ooWtCe0j3Nx7S6vieiKCimY4SZVGld5kThjLrp52Is0un7tnxtDtOTHFsxht4nsE1qxnq6aBvFQg'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 12032

[ {
  "grantType" : "IdentityResourceAction",
  "grantId" : "98b0fb34-a627-46b1-87c6-3bed5782fb57",
  "privilegeSourceId" : "98b0fb34-a627-46b1-87c6-3bed5782fb57",
  "identityId" : "16f645d6-e5ec-4d27-a542-64891f58b3a8",
  "privileges" : {
    "io.netfoundry.network" : {
      "edge-router" : {
        "read" : [ [ ] ]
      }
    }
  },
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:22.162241Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Grant Read Edge Router, All to identity 16f645d6-e5ec-4d27-a542-64891f58b3a8"
}, {
  "grantType" : "IdentityResourceAction",
  "grantId" : "6037a137-4369-4e74-b822-b493e70929e5",
  "privilegeSourceId" : "6037a137-4369-4e74-b822-b493e70929e5",
  "identityId" : "83d8cce9-1ad2-4ec1-ae23-9d1f3d28f2ba",
  "privileges" : {
    "io.netfoundry.network" : {
      "support-path" : {
        "read" : [ [ ] ]
      }
    }
  },
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.707286Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Grant Read Support Path, All to identity 83d8cce9-1ad2-4ec1-ae23-9d1f3d28f2ba"
}, {
  "grantType" : "SuperUser",
  "grantId" : "daf52982-158f-4f19-b30e-74f2586f6aa9",
  "privilegeSourceId" : "daf52982-158f-4f19-b30e-74f2586f6aa9",
  "identityId" : "f750d892-a066-4e74-a394-03463b3ffe6b",
  "privileges" : {
    "test.domain.19" : {
      "Test-Type-20" : {
        "Test-Action-21" : [ [ ] ]
      }
    },
    "io.netfoundry.auth" : {
      "identity-resource-action" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "custom-role-action" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "super-user" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "standard-role-grant" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "custom-role-grant" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "public-grant" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "standard-role-type" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "domain" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "custom-role" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "resource-type" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "action-inclusion" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "resource-action" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "standard-role" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      }
    },
    "test.domain.16" : {
      "Test-Type-17" : {
        "Test-Action-18" : [ [ ] ]
      }
    },
    "io.netfoundry.test" : {
      "test-type" : {
        "test-action" : [ [ ] ],
        "update-custom" : [ [ ] ]
      }
    },
    "test.domain.13" : {
      "Test-Type-14" : {
        "Test-Action-15" : [ [ ] ]
      }
    },
    "io.netfoundry.identity" : {
      "service-identity" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ],
        "update-active" : [ [ ] ]
      },
      "identity-provider" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "invitation" : {
        "update-respond" : [ [ ] ],
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ],
        "update-revoke" : [ [ ] ]
      },
      "organization" : {
        "update-logo" : [ [ ] ],
        "create-identity-provider" : [ [ ] ],
        "read" : [ [ ] ],
        "update-branding" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "create-network-group" : [ [ ] ],
        "delete" : [ [ ] ],
        "update-active" : [ [ ] ]
      },
      "session-configuration" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "api-account-identity" : {
        "read" : [ [ ] ],
        "update-rotate-password" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ],
        "update-active" : [ [ ] ]
      },
      "user-identity" : {
        "read" : [ [ ] ],
        "update-reset-mfa" : [ [ ] ],
        "create-identity-mapping" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ],
        "update-active" : [ [ ] ]
      },
      "identity-session" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      }
    },
    "test.domain.22" : {
      "Test-Type-23" : {
        "Test-Action-24" : [ [ ] ]
      }
    },
    "test.domain.10" : {
      "Test-Type-11" : {
        "Test-Action-12" : [ [ ] ]
      }
    },
    "test.domain.6" : {
      "Test-Type-7" : {
        "Test-Action-8" : [ [ ] ]
      }
    },
    "io.netfoundry.network" : {
      "network-config-metadata" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "network-version" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "azure-virtual-wan-site" : {
        "read" : [ [ ] ],
        "update-deploy" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "edge-router" : {
        "read" : [ [ ] ],
        "update-heal" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "certificate-authority" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "support-path" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "network" : {
        "delete-certificate-authorities" : [ [ ] ],
        "read" : [ [ ] ],
        "delete-client-sync-endpoints" : [ [ ] ],
        "read-processes" : [ [ ] ],
        "update-certificate-authorities" : [ [ ] ],
        "update-heal" : [ [ ] ],
        "update" : [ [ ] ],
        "read-alarms" : [ [ ] ],
        "update-add-admin-user" : [ [ ] ],
        "create-as-code" : [ [ ] ],
        "delete" : [ [ ] ],
        "read-as-code" : [ [ ] ],
        "read-certificate-authorities" : [ [ ] ],
        "update-client-sync-endpoints" : [ [ ] ],
        "create-certificate-authorities" : [ [ ] ],
        "read-platform-protected" : [ [ ] ],
        "create" : [ [ ] ],
        "read-elastic-search" : [ [ ] ],
        "create-client-sync-endpoints" : [ [ ] ]
      },
      "endpoint" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ],
        "read-as-code" : [ [ ] ],
        "create-as-code" : [ [ ] ]
      },
      "netflow-collector" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "transfer-node" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "host" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "edge-router-policy" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "terminator" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "transfer-node-pool" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "geo-region" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "network-group" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ],
        "read-elastic-search" : [ [ ] ]
      },
      "gateway-cluster" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "azure-subscription" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "app-wan" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "read-as-code" : [ [ ] ],
        "delete" : [ [ ] ],
        "create-as-code" : [ [ ] ]
      },
      "network-controller" : {
        "read" : [ [ ] ],
        "read-platform-protected" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "service-policy" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "netflow-export" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "service-group" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "posture-check" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "config-type" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "endpoint-group" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "data-center" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "healing-alert" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "service" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ],
        "create-as-code" : [ [ ] ],
        "read-as-code" : [ [ ] ]
      },
      "service-edge-router-policy" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "exemption-configuration" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "client-sync" : {
        "read" : [ [ ] ],
        "update" : [ [ ] ],
        "create" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "workflow-status" : {
        "read" : [ [ ] ],
        "read-extended" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      },
      "config" : {
        "read" : [ [ ] ],
        "create" : [ [ ] ],
        "update" : [ [ ] ],
        "delete" : [ [ ] ]
      }
    }
  },
  "createdBy" : "d4656737-9188-49d3-b635-ebae93f614b0",
  "createdAt" : "2021-05-04T16:13:28.527662Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Grant All Actions (SU) in All Domains to identity f750d892-a066-4e74-a394-03463b3ffe6b"
} ]

Super-User Grants

Find Super Users

GET /super-users

Returns a set of {@link SuperUser}s that the client is authorized to read and which match the specified (optional) query parameters.

If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).

Authorization

This endpoint requires read action on the super-user resource type.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

identityId

Object

true

Filters results to those that grant to an identity specified in this set.

domainId

Object

true

Filters results to those that grant access to one of the specified {@link Domain}s. To search for {@link SuperUser}s that explicitly grant access to all domains (ie, the domainId is null), include this query parameter with no value.

isDeleted

Boolean

true

When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.

Request fields

No request body.

Response fields

Path Type Optional Description

[].id

String

false

[].identityId

String

false

The id of the identity to whom super-user access has been granted.

[].domainId

String

true

An optional {@link Domain} id, which when set indicates that this super-user is limited to {@link ResourceAction}s in the corresponding {@link Domain}. When not set, this super-user applies to all {@link Domain}s, present and future.

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link SuperUser} was created.

[].updatedAt

String

false

The date-time at which this {@link SuperUser} was updated. The only supported 'update' on this bean is to mark it as deleted.

[].deletedAt

String

true

The date-time at which this {@link SuperUser} was deleted. This will be null for an {@link SuperUser} that has not been deleted. If this property is not null, then the {@link SuperUser} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

[].deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

[].type

String

true

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/super-users' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI0WUZ2YmUwN2E4OHRsbDJEY3RvSDVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjFlZmFjOWFhLWE5NWMtNDUyNC05YjFjLTEyNzY3MGZiYmRjNCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZmQ5MjY1ZTEtMDBmMS00MGIyLWExYWUtYjBlMjQxMDYzODlmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.YtI9zyl_h-xxPQuYyNJK0lPyGv_k4SVkhx8mMnT_UMai4G6gfakKvLmZy8EpSA6iv8QtrefBF09M-M54whAOxz-fjwiG54FIumhusNj9en3VzzvPQWU6UKmCMU4H_ouKQXAN9nRalLcpT1KgU-tyIhMcezUp_GjTpk-BudHrzaI8jHvzquAoBARSCXQuYK7cqhsHI7F2cnoQvl5z51kBYqL9HDwfB3BAPJ4xzQGhI8rwbNDab3K4fjSfUNa0-RaCiilhoyOK60ELbWBbBzM-ijvkJcT5aNPVYoKJ8S32PhXod0r378B1VP2Y8OTF4Do1eh4WLo3e3nEDOqQrHueO3A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1472

[ {
  "id" : "20f47fa7-195a-42fa-aaea-b719ba2a2722",
  "identityId" : "cc1ce7cb-dc72-4753-a127-9aa08b9aede6",
  "domainId" : null,
  "createdBy" : "445a4bfc-9e8e-4a51-b304-d18f11a9e4d6",
  "createdAt" : "2021-05-04T16:13:28.475253Z",
  "updatedAt" : "2021-05-04T16:13:28.475253Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
  "_title" : "Grant All Actions (SU) in All Domains to identity cc1ce7cb-dc72-4753-a127-9aa08b9aede6"
}, {
  "id" : "6e84f1a6-d968-48d2-83b8-4601915b1a80",
  "identityId" : "e3f78bc1-1c67-4b79-bf73-356e7db7ba79",
  "domainId" : null,
  "createdBy" : "4a92582d-09c8-409a-8f33-c7b2bb01cc6b",
  "createdAt" : "2021-05-04T16:13:28.600736Z",
  "updatedAt" : "2021-05-04T16:13:28.600736Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
  "_title" : "Grant All Actions (SU) in All Domains to identity e3f78bc1-1c67-4b79-bf73-356e7db7ba79"
}, {
  "id" : "f246f8dc-566b-4ec4-a020-af3f9aff4849",
  "identityId" : "a3778d77-28c9-43bd-8c28-6e0c7b117157",
  "domainId" : null,
  "createdBy" : "fe9e2004-e8a7-4c21-ae2e-4b49d57dc4d0",
  "createdAt" : "2021-05-04T16:13:28.504024Z",
  "updatedAt" : "2021-05-04T16:13:28.504024Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
  "_title" : "Grant All Actions (SU) in All Domains to identity a3778d77-28c9-43bd-8c28-6e0c7b117157"
} ]

Get Super User

GET /super-users/{id}

Authorization

This endpoint requires read action on the super-user resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have read action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

identityId

String

false

The id of the identity to whom super-user access has been granted.

domainId

String

true

An optional {@link Domain} id, which when set indicates that this super-user is limited to {@link ResourceAction}s in the corresponding {@link Domain}. When not set, this super-user applies to all {@link Domain}s, present and future.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link SuperUser} was created.

updatedAt

String

false

The date-time at which this {@link SuperUser} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link SuperUser} was deleted. This will be null for an {@link SuperUser} that has not been deleted. If this property is not null, then the {@link SuperUser} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

type

String

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/super-users/f9d5df68-9b9e-4529-8010-20ec789bdf74' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmOS1sVlA2enJIM0JRdzZqd0s3QUVnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImJiMDc3NzliLTdmN2QtNDQwMS1iNDFjLTVjYjZlZmFjNzAwNCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOTFmZDVlOTUtMjUwOC00ODY0LTkxNWUtZTZkZGVjZWM2NWY1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Yxe_0gO7K3FPJrNWpa1s1AQMKVev4lkcPJz6lMG-JB1yn8fI7rok9nR6z5crUJvkL0JNR4TJdwNlckGteeFOKPX0KLxDnFoAPRjEwSwbuGOa69S6z1CN7yaD-4rAnD0vTkrNBC_OxBtYtzSdtWWUOKr0wzLScjcbXVbVi4ccwCmaNRFXmaOrDbMqE1zzJ4iXn3gUf-Bp7Un1Gl8Jq0fOdH95DnqVOS-GKqVSCChikYhOhSFrLCr-bKKuh_6bwumkwwUwlnWF9APzzseXdn0202RCZuZyQgRm5Vbj2mt73XIcI_I8g4LYUUaUIzkzQzDNyfo8V9tRqdR8zdliX3pcuw'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 522

{
  "id" : "f9d5df68-9b9e-4529-8010-20ec789bdf74",
  "identityId" : "74a7ba9f-203f-4758-a2b1-d7ca78b514e7",
  "domainId" : "3f9f3e65-f288-4b89-ac8c-80d87db4260d",
  "createdBy" : "84a035e1-3324-4281-9380-f77fbf541058",
  "createdAt" : "2021-05-04T16:13:25.392275Z",
  "updatedAt" : "2021-05-04T16:13:25.392275Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
  "_title" : "Grant All Actions (SU) in Test Domain to identity 74a7ba9f-203f-4758-a2b1-d7ca78b514e7"
}

Create Super User

POST /super-users

Authorization

This endpoint requires the following actions:

  • create action on the super-user resource type

  • read action on the domain resource type

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

identityId

String

false

domainId

String

true

Client must have read action on the annotated resource.

Response fields

Path Type Optional Description

id

String

false

identityId

String

false

The id of the identity to whom super-user access has been granted.

domainId

String

true

An optional {@link Domain} id, which when set indicates that this super-user is limited to {@link ResourceAction}s in the corresponding {@link Domain}. When not set, this super-user applies to all {@link Domain}s, present and future.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link SuperUser} was created.

updatedAt

String

false

The date-time at which this {@link SuperUser} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link SuperUser} was deleted. This will be null for an {@link SuperUser} that has not been deleted. If this property is not null, then the {@link SuperUser} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

type

String

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/super-users' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJWTjlvLWtoc1VmTGFFRFhmX3hKUG1BIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImNlNmJhNzJjLTg5NWItNDQ0Yi1hNGU1LTdlZmYwOTcxY2FhYSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNDY4NjE1ODYtN2FiMS00NzMwLTliNGUtMWNmOGE4MjAyNWEwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fSx7XCJpZFwiOlwiYTBlZTJjZTAtYmQwMC00NTg0LWJiM2QtNzI4OTY1MDFhNzQwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.BHZ430P-rdJ3q0qoU1WIn7rt3WzfgJYjW5G6oDTC7YwHmNtAevkd7L02HfUVu4wTvP3WlyQaJYCjyTqEPl5vkGweg3aHNZrO7ZRWDFb_U5d-iXUaJeMgVh4pXDVA88mcdF1TV2979mB5UFHheQj7RmWeiAIHtPJpF7_XuvGmd84Y6nhnLO7c4KuAdMHgNMYimAc_Dnm8DyxLPmJMZjn74WyNf0XjIPk0guK4JSv6MxLBQrJwMNPAYiwisRZaXOZiHqJjklATjZvwcfXJazib2lAifYKZdC8oMTR2VNnjmQ9RrmvaVf_XvFZ24noMgz1sMLwn4c4luOCu6HnwiDFmvA' \
    -d '{"identityId":"74a7ba9f-203f-4758-a2b1-d7ca78b514e7","domainId":null}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 488

{
  "id" : "b6061b91-f509-486a-b893-b2a4d5ebdcb6",
  "identityId" : "74a7ba9f-203f-4758-a2b1-d7ca78b514e7",
  "domainId" : null,
  "createdBy" : "ce6ba72c-895b-444b-a4e5-7eff0971caaa",
  "createdAt" : "2021-05-04T16:13:29.671441Z",
  "updatedAt" : "2021-05-04T16:13:29.671441Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
  "_title" : "Grant All Actions (SU) in All Domains to identity 74a7ba9f-203f-4758-a2b1-d7ca78b514e7"
}

Delete Super User

DELETE /super-users/{id}

Authorization

This endpoint requires delete action on the super-user resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have delete action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/super-users/59f4cb37-f75e-461d-87a0-6c1a866a3a6f' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJQMWhuRVlPdkIyR2hEblREQXR5MG5BIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjdhYmI1ZDNlLTNiYTctNDE2ZS04YzcyLTY0NjM5YmRhM2ExOCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMDdmMWViYTktNmM1ZC00ZTFjLTgxYTctNGMyODM1MDk2Zjg1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.PGkeKPjzWQv-QhQkW5Oqv-0oj-52AcgWVO8CQbBHAzjN2zmHTCAgZyPMxjUrYugt5ZJeVIt_-CBn2R15l9kA76JMe3RIlsz09H3rHrwavrvaoFnsBWhmbH692KhS3ETyDrqgg6AVP3Il9JjmcP3S542hOC5oiIbggzQ7-Lj3ujHwkozO0OaocaUuj8CvmOxDirqs3vT6hsz0Wxwe_DXxiGQyREuCylnGJnDAonWvwLx9Bz2XBrRr-my90cyJaCtmiqoDYuD2gA0zclT4_393D4ves93zw2gf2AT2wDFk7yca0NXgJJufhnZVK7MKErKayz6t-w02uDuL_Mg2fYMhuA'

Example response

HTTP/1.1 200 OK

Public Grants

Find Public Grants

GET /public-grants

Returns a set of {@link PublicGrant}s that the client is authorized to read and which match the specified (optional) query parameters.

If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).

Authorization

This endpoint requires read action on the public-grant resource type.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

resourceActionId

Object

true

Filters results to those that grant one of the specified {@link ResourceAction}s.

isAnonymous

Boolean

true

When true, filters results where the isAnonymous property is true. When false, filters to those with the isAnonymous property is false. When not specified, the results will include those with both true and false values for this property.

path

Object

true

Filters results to those that target any resource along the specified path. For example, if the path is to Network X which is under Network Group Y, this would restrict the results to {@link IdentityResourceAction}s that grant an action on any resource under Network X, an action on Network X itself, or an action on Network Group Y. Combine this query parameter with resourceActionIds to limit the results to the types of actions along the path that are of interest.
The path value must start with a domain code followed by a colon. It may then have a comma delimited sequence of colon separated resource type code and resource id pairs. The path structure must match that of the server defined resource tree for the specified resources in the specified domain.

isDeleted

Boolean

true

When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.

Request fields

No request body.

Response fields

Path Type Optional Description

[].id

String

false

[].resourceActionId

String

false

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link PublicGrant} was created.

[].updatedAt

String

false

The date-time at which this {@link PublicGrant} was updated. The only supported 'update' on this bean is to mark it as deleted.

[].deletedAt

String

true

The date-time at which this {@link PublicGrant} was deleted. This will be null for an {@link PublicGrant} that has not been deleted. If this property is not null, then the {@link PublicGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

[].deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

[].path

Array[Object]

false

The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link PublicGrant} targets.

[].path[].resourceId

String

false

[].path[].resourceTypeId

String

true

[].anonymous

Boolean

true

If true, then any client may perform the linked action even if not authenticated. If false, then a client must be authenticated in order to perform the linked action. The actual identity id of the client does not matter for {@link PublicGrant}s.

[].type

String

true

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJEenNIc0xESndjbm9LSHhLaV9hZ2pBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjIyMDg4NGE5LTMyYWMtNDc1Yy05YmEwLThjMDBlZjlmNzVhOCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNzQ3ZDA0MGUtZmJkYy00MmRlLTllMzctMjU3MjIxZDAzMTVhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.W6Ziu2PY_SYMGXB5aLnS_xWcaDNQ1lNtUhiVDiCbXsShkWLL27UmRkVVuFDj0ywhIK4HiJIsvFd1PgB2wKwse11svCtzxirUCdsmjXXJa6OPQv1TmVT0nOFNCJzggY5pAj2ZlAm475_JFeOshWzjnr0X0hII0qtHnG_MCXveB0kyqPsmHPNnXPtPHwfdQlNtcQE42v2VYOKhkfokSWH0I8sOjkNENhUpX0nXB_LhHz2_krq6ucaeH9SSngYdZVw3KJhEyw73FSBZaUaiBGn5torH8nup2ut0VhkiDjAJ2rXFqqj9FwxU2vFOJxm1GgrWLHolfB9eoArsSVrCt4ZtYw'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1653

[ {
  "id" : "669ff5aa-a05e-476c-8b55-ed685ea19b2f",
  "resourceActionId" : "48651a68-fd9e-40e3-81c1-fa4a669a73bf",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.196072Z",
  "updatedAt" : "2021-05-04T16:13:21.196072Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ ],
  "anonymous" : false,
  "type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
  "_title" : "Grant Read Data Center, All to All Authenticated Clients"
}, {
  "id" : "13fab29a-f9ef-475e-97a1-6752d496d91c",
  "resourceActionId" : "c82ff6fb-5353-4c03-bfcf-65c23b9fb33a",
  "createdBy" : "ca58c2dd-fc36-49de-9982-eedecb460583",
  "createdAt" : "2021-05-04T16:13:28.344299Z",
  "updatedAt" : "2021-05-04T16:13:28.344299Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ {
    "resourceId" : "e2edfe04-8418-428b-b5cc-7e8979f4f52d",
    "resourceTypeId" : "f5d99ac3-faf2-4f02-8e54-16f406e1da8b"
  } ],
  "anonymous" : false,
  "type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
  "_title" : "Grant Test Action Test Type on/under Test Type e2edfe04-8418-428b-b5cc-7e8979f4f52d to All Authenticated Clients"
}, {
  "id" : "8cc79ca2-4e60-498f-b909-0d85991319ff",
  "resourceActionId" : "c4add057-d9a6-46b4-ac6c-97ef7bba33c7",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.555085Z",
  "updatedAt" : "2021-05-04T16:13:21.555085Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ ],
  "anonymous" : false,
  "type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
  "_title" : "Grant Read Resource Action, All to All Authenticated Clients"
} ]

Get Public Grant

GET /public-grants/{id}

Authorization

This endpoint requires read action on the public-grant resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have read action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

resourceActionId

String

false

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link PublicGrant} was created.

updatedAt

String

false

The date-time at which this {@link PublicGrant} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link PublicGrant} was deleted. This will be null for an {@link PublicGrant} that has not been deleted. If this property is not null, then the {@link PublicGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

path

Array[Object]

false

The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link PublicGrant} targets.

path[].resourceId

String

false

path[].resourceTypeId

String

true

anonymous

Boolean

true

If true, then any client may perform the linked action even if not authenticated. If false, then a client must be authenticated in order to perform the linked action. The actual identity id of the client does not matter for {@link PublicGrant}s.

type

String

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants/346c5ef0-473b-40d6-823f-a8118d03af32' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ1aUtHWkc2V3ZNOU80LTdBRDdteTBBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImNiMjgxYTNlLTgyNTUtNDU5My1hYzIyLTZlYjVhMzJkMDE0YyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYjhjZTE4OGQtNDk3Yy00YjQ2LTg1ZGUtY2Y5NDVlODdlY2E1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.EomfsnhHM-tqVNiRiJGymaXW2Og4o7Loop1WM6ZXj9iC8g95CyzqaiocR5votIWs1q8PVxVIdbtPO9PwAFPkk9fxRgf8GjoRmMuuN5xpmtGCMrMD8xzMc1_9F089nZ9gqTaOpkN_eEKiuxK0r_xPMuFpmQcTFOwxh6bpisCPGzYYpVpB1-_mjYJnkI98g5U2lKxpwnGlfqCfnUCPcNYRaO8tYVmOHhHZEC2BpHn6kd2zZ330bmsUSxKRC4qJ3GPunbUIfLMofp2XICHmpZ1cYJRFsuSglDyca1DQRlq5SXK8i6ytqDN1n2zyeJa1ahFXRcK758atOsOuofkrXOiJOA'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 678

{
  "id" : "346c5ef0-473b-40d6-823f-a8118d03af32",
  "resourceActionId" : "58a03225-b6bf-438b-8fc0-27660cbeb213",
  "createdBy" : "80dc96c1-c7ce-41a7-8550-e8ff951da97a",
  "createdAt" : "2021-05-04T16:13:28.250869Z",
  "updatedAt" : "2021-05-04T16:13:28.250869Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ {
    "resourceId" : "9ec5a9f4-f8b9-488f-ae68-1b5c5939cca1",
    "resourceTypeId" : "91ade9af-3422-448a-a991-8bc8ebadae50"
  } ],
  "anonymous" : false,
  "type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
  "_title" : "Grant Test Action 21 Test Type 20 on/under Test Type 20 9ec5a9f4-f8b9-488f-ae68-1b5c5939cca1 to All Authenticated Clients"
}

Create Public Grant

POST /public-grants

Authorization

This endpoint requires the following actions:

  • create action on the public-grant resource type

  • read action on the resource-action resource type

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

resourceActionId

String

false

Client must have read action on the annotated resource.

path

Array[Object]

false

path[].resourceId

String

false

path[].resourceTypeId

String

true

anonymous

Boolean

true

Response fields

Path Type Optional Description

id

String

false

resourceActionId

String

false

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link PublicGrant} was created.

updatedAt

String

false

The date-time at which this {@link PublicGrant} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link PublicGrant} was deleted. This will be null for an {@link PublicGrant} that has not been deleted. If this property is not null, then the {@link PublicGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

path

Array[Object]

false

The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link PublicGrant} targets.

path[].resourceId

String

false

path[].resourceTypeId

String

true

anonymous

Boolean

true

If true, then any client may perform the linked action even if not authenticated. If false, then a client must be authenticated in order to perform the linked action. The actual identity id of the client does not matter for {@link PublicGrant}s.

type

String

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI3SW1JQU9IdDN1bWM5QWtCNlBCTnlRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImNhNThjMmRkLWZjMzYtNDlkZS05OTgyLWVlZGVjYjQ2MDU4MyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOGIwNzFhYTgtY2NlYy00MjM2LTg4NGEtZDM2Zjc4YTk1MDA0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZTZiNWU3NTEtOTQwYS00MDA4LWIwNDgtMjQwZmM3NTE2MGYzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.jzOgamRD060QR8L2GFwyhobR4EvzRNVto1q-IrPNi4RS4n-sGKUKMWy4XGZePzq7zlkjS4gtZtlZW0do63hMBo_EU5rf9EV6V2bso3feEHAVuUa7ofWn_W0SRgnGBUzr1lzEae7TJU23eh78SQTK4nCoPwpjAAb7vqNeLKx66oBqbtX7wD6ccCOzLXgJ1k1IzJ6xViIzxTTt3duqFc2kpDuke4m0nClV_4jQsg-bI3dm1AyFFUEsLXBZ4dGPypwL3ptlOqmIeS-Q7d-n0l45Xo8-lC5sOSBb4y0qyDoeQEf9mYyiE20ibao7_QU0RXpG-UcbuR_LP6CwxDkfRsC7VQ' \
    -d '{"resourceActionId":"c82ff6fb-5353-4c03-bfcf-65c23b9fb33a","path":[{"resourceId":"e2edfe04-8418-428b-b5cc-7e8979f4f52d","resourceTypeId":"f5d99ac3-faf2-4f02-8e54-16f406e1da8b"}],"anonymous":false}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 669

{
  "id" : "13fab29a-f9ef-475e-97a1-6752d496d91c",
  "resourceActionId" : "c82ff6fb-5353-4c03-bfcf-65c23b9fb33a",
  "createdBy" : "ca58c2dd-fc36-49de-9982-eedecb460583",
  "createdAt" : "2021-05-04T16:13:28.344299Z",
  "updatedAt" : "2021-05-04T16:13:28.344299Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ {
    "resourceId" : "e2edfe04-8418-428b-b5cc-7e8979f4f52d",
    "resourceTypeId" : "f5d99ac3-faf2-4f02-8e54-16f406e1da8b"
  } ],
  "anonymous" : false,
  "type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
  "_title" : "Grant Test Action Test Type on/under Test Type e2edfe04-8418-428b-b5cc-7e8979f4f52d to All Authenticated Clients"
}

Delete Public Grant

DELETE /public-grants/{id}

Authorization

This endpoint requires delete action on the public-grant resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have delete action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants/00a18a64-da1f-4b89-af66-65dda917e552' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJnVnV1TGdsQ0xtUmFvQmRFVUVoUW5RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijc3N2QwMGFmLWQyMzAtNGYzYS05NGExLTQ0MDVlNjRjZjdlYSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjAwYTE4YTY0LWRhMWYtNGI4OS1hZjY2LTY1ZGRhOTE3ZTU1MlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiODFmZmMxZWEtMDQ2MS00YjBhLWJhMjAtN2ZhMGJjZDQ0OTQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.W9g-bWw5zNHuqFl8vdZ1yzUmlcPQNUvkEVEGrVS519E2OJdWBEw4ddG1RTIue244MUM61u3ZNdl1DoKwTqRqE89-hIdegcuDw5pPjLgOFT1ge_oWpULEPP1Vw-HOoRcnxPfUrDgMpXoLkxtaOFD-JgeA1B3iTBk7djAOOj69wcAKDRkLiWh3Jnq-5kNIsodcHBmglfSkqhip2O16XRuIEk22rlNy99R8_TRR-1nj18QAK3j-GrWjd8nwv_MYxZmPghpGf_HrRG4cxmxSRckMk86_QfRT-_alCuBxn7XEJLNJbcpPhogWRdxyF4jVfQ7N6fQnnrDXlDq2lHVHgAsSHQ'

Example response

HTTP/1.1 200 OK

Identity - Resource Action Grants

Find Identity Resource Actions

GET /identity-resource-actions

Returns a set of {@link IdentityResourceAction}s that the client is authorized to read and which match the specified (optional) query parameters.

If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).

Authorization

This endpoint requires read action on the identity-resource-action resource type.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

identityId

Object

true

Filters results to those that grant to an identity specified in this set.

resourceActionId

Object

true

Filters results to those that grant one of the specified {@link ResourceAction}s.

path

Object

true

Filters results to those that target any resource along the specified path.
For example, if the path is to Network X which is under Network Group Y, this would restrict the results to {@link CustomRoleAction}s that grant an action on any resource under Network X, an action on Network X itself, or an action on Network Group Y. Combine this query parameter with resourceActionIds to limit the results to the types of actions along the path that are of interest.
The path value must start with a domain code followed by a colon. It may then have a comma delimited sequence of colon separated resource type code and resource id pairs. The path structure must match that of the server defined resource tree for the specified resources in the specified domain.

isDeleted

Boolean

true

When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.

Request fields

No request body.

Response fields

Path Type Optional Description

[].id

String

false

[].identityId

String

false

The id of the identity to whom this {@link IdentityResourceAction#resourceActionId} has been granted.

[].resourceActionId

String

false

The {@link ResourceAction} that possession of this {@link IdentityResourceAction} grants to the linked identity for resources under the specified path.

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link IdentityResourceAction} was created.

[].updatedAt

String

false

The date-time at which this {@link IdentityResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted.

[].deletedAt

String

true

The date-time at which this {@link IdentityResourceAction} was deleted. This will be null for an {@link IdentityResourceAction} that has not been deleted. If this property is not null, then the {@link IdentityResourceAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

[].deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

[].path

Array[Object]

false

The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}.

[].path[].resourceId

String

false

[].path[].resourceTypeId

String

true

[].type

String

true

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjTEhIVUVmalJnZjRxYjRLaHY5bGF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjQzYTkyNDA5LWI4ZWEtNDE2NS04NTBjLWNhYTM5NjA4NTNhYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNmViOGQxYjgtOWQwNS00OTJlLWJlYzUtNjQwNjlhMWNmOWJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.gNIMGwMQmaca88gJKG63lltCcF0i50LT_07DL8__JWxAWzls9Nbx6Y8UUdOWS8dIJJ1Epo9gfdEHDJVP0ldQ1rLn17gp7TMupF9ye9N87Gk9gCkLXjph270YilXPFMTWdfEFYnaJtPf6fpICl__Humn0EDUbz1-sTsvHKkSJE6JOUJCj6tIrYZG724sDT7VqzMMEd2JtBq655OcLgfUtiQ1cLYOuyOztjlB8AOtVVeJf3dSoMtkLQ2HHnFO4acNoNeSg7UDFeWxNTzXjgb1SdsWqI0oHM01X2s5Ku-QADnYJIy_iYdGN0hm2f_gQ4bqj6sC9r8XUJD0MfEAp2S-n0A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1694

[ {
  "id" : "f46d9c2a-383c-4c55-b6e3-e6979c9379aa",
  "identityId" : "16f645d6-e5ec-4d27-a542-64891f58b3a8",
  "resourceActionId" : "c8063f50-3e9d-47b6-8a78-05de78b71c04",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:22.162241Z",
  "updatedAt" : "2021-05-04T16:13:22.162241Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ ],
  "type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
  "_title" : "Grant Read Network Group, All to identity 16f645d6-e5ec-4d27-a542-64891f58b3a8"
}, {
  "id" : "f4c88852-b2fa-4b3e-b2a2-df5a508561d6",
  "identityId" : "0ed768fa-7214-4404-8335-a715156dff45",
  "resourceActionId" : "be105c60-08c3-4127-b6d9-6b51418e300c",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:22.251120Z",
  "updatedAt" : "2021-05-04T16:13:22.251120Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ ],
  "type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
  "_title" : "Grant Read Terminator, All to identity 0ed768fa-7214-4404-8335-a715156dff45"
}, {
  "id" : "605cf02d-ccc4-4314-a5a0-97281199d1e0",
  "identityId" : "16f645d6-e5ec-4d27-a542-64891f58b3a8",
  "resourceActionId" : "be105c60-08c3-4127-b6d9-6b51418e300c",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:22.379600Z",
  "updatedAt" : "2021-05-04T16:13:22.379600Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ ],
  "type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
  "_title" : "Grant Read Terminator, All to identity 16f645d6-e5ec-4d27-a542-64891f58b3a8"
} ]

Get Identity Resource Action

GET /identity-resource-actions/{id}

Authorization

This endpoint requires read action on the identity-resource-action resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have read action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

identityId

String

false

The id of the identity to whom this {@link IdentityResourceAction#resourceActionId} has been granted.

resourceActionId

String

false

The {@link ResourceAction} that possession of this {@link IdentityResourceAction} grants to the linked identity for resources under the specified path.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link IdentityResourceAction} was created.

updatedAt

String

false

The date-time at which this {@link IdentityResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link IdentityResourceAction} was deleted. This will be null for an {@link IdentityResourceAction} that has not been deleted. If this property is not null, then the {@link IdentityResourceAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

path

Array[Object]

false

The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}.

path[].resourceId

String

false

path[].resourceTypeId

String

true

type

String

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions/0ad3e819-0ccb-4943-bb10-bcfe72827339' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJNY1JBREV1WjFBQWFoeFpQZ09XRzVRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjM3ZDc4ZTg3LTIxOTAtNGQ0Zi1iODcwLWE1NmI0ZTRmN2Y0NiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYzJiMTcxMDMtM2EwNC00YmM0LTk4NzItZjc1MTY2ZmZhODEzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.T86TeQbXvavwLVB8N13S9x0hbkQifd4TsyFiwS1HDzUSbfdd0lBIPCAhXhLXmSGG1RSUvfFNq6EAUK1YkBB58oxvzafefvLIR8Qcs7i15B-58S-ethpqKjGIon1inYuXijNpwWF4VrFmPa51aJtHp8XkvcoDJDMtGNXahVfxe8gGZXcHUzyeDI6AZgXAVf8YquT8tjICYIr7PQYKGFt3JYvxjs2N0X0B7QuDdgUpoqIMGWDAKuuPfwvVyljWXclY3p9KaCclPQLr5TZj9knkB5u7T8aKah1s7bS2IMSyj4nvFg9Tg96nGwHA0wCMx4plwtB7eLmso-8EZo1zJSB2rA'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 754

{
  "id" : "0ad3e819-0ccb-4943-bb10-bcfe72827339",
  "identityId" : "fdceedac-53c5-4d65-9667-2083bd45632f",
  "resourceActionId" : "424c3309-197c-446c-a95c-045370e8dfb7",
  "createdBy" : "361d7c16-41c7-4d92-9394-216c075d3926",
  "createdAt" : "2021-05-04T16:13:28.152667Z",
  "updatedAt" : "2021-05-04T16:13:28.152667Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ {
    "resourceId" : "4e8be4f5-fb5f-42a6-9fbf-b777d9c8f7bf",
    "resourceTypeId" : "99a7e06e-4670-40d7-841c-2e1e8f387be6"
  } ],
  "type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
  "_title" : "Grant Test Action 18 Test Type 17 on/under Test Type 17 4e8be4f5-fb5f-42a6-9fbf-b777d9c8f7bf to identity fdceedac-53c5-4d65-9667-2083bd45632f"
}

Create Identity Resource Action

POST /identity-resource-actions

Authorization

This endpoint requires the following actions:

  • create action on the identity-resource-action resource type

  • read action on the resource-action resource type

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

identityId

String

false

resourceActionId

String

false

Client must have read action on the annotated resource.

path

Array[Object]

false

path[].resourceId

String

false

path[].resourceTypeId

String

true

Response fields

Path Type Optional Description

id

String

false

identityId

String

false

The id of the identity to whom this {@link IdentityResourceAction#resourceActionId} has been granted.

resourceActionId

String

false

The {@link ResourceAction} that possession of this {@link IdentityResourceAction} grants to the linked identity for resources under the specified path.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link IdentityResourceAction} was created.

updatedAt

String

false

The date-time at which this {@link IdentityResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link IdentityResourceAction} was deleted. This will be null for an {@link IdentityResourceAction} that has not been deleted. If this property is not null, then the {@link IdentityResourceAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

path

Array[Object]

false

The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}.

path[].resourceId

String

false

path[].resourceTypeId

String

true

type

String

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJxSTY3OWZUcW8xVE03Zm81aTNET0x3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjQ3Njc5NmI2LTViMDQtNDIwMS04YWYzLTA1YzU2ZDE5ZmMzMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOGY3MDNiNTEtYmZmOS00NjIzLTg4OWMtMzQ4ZTBhZGYwZjRiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiNmRkZmEyOTMtZmYwMC00MTA2LWI4NWMtZjc1ZDViMjAwNWNiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.b2nOk2e8xn8w5ZEV1LUYZKoeR-8D6NemMIYZrEJq4zNrzqTYLYHx83tuOO8xWhqhsw92e45MLPSmEyLHpw65xP_5wOdUnIo9x7n5O_M5oF4Iwnt8UfYfM6E0x3FtN-_WXp2KOTJkdFW2ipjD8mkKsiXGA0ZNOoJSnDLHyOEgoX0l4zthzZKfPGSWe6WQKR9It-NXxm-9LjlbqUTnxnRRxWWkeuyAse6TBS8Bpf8LKajaZVFCiuYlNpRk_tMZ893CwF56xPFmxYvbXuG8fhT0KagcHySH8MdrXTTQo1Vq778UeUYaCmQttR759gIB4cRNQfh-CGjh_iYcc-F-re3Tow' \
    -d '{"identityId":"3008d447-86b8-4d2a-a767-5a885c48f21c","resourceActionId":"c82ff6fb-5353-4c03-bfcf-65c23b9fb33a","path":[{"resourceId":"bd655838-b140-47c0-9d2c-093e966b8804","resourceTypeId":"f5d99ac3-faf2-4f02-8e54-16f406e1da8b"}]}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 745

{
  "id" : "2cefa5d9-e64b-4ea3-b756-9868bc387f78",
  "identityId" : "3008d447-86b8-4d2a-a767-5a885c48f21c",
  "resourceActionId" : "c82ff6fb-5353-4c03-bfcf-65c23b9fb33a",
  "createdBy" : "476796b6-5b04-4201-8af3-05c56d19fc33",
  "createdAt" : "2021-05-04T16:13:28.203652Z",
  "updatedAt" : "2021-05-04T16:13:28.203652Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ {
    "resourceId" : "bd655838-b140-47c0-9d2c-093e966b8804",
    "resourceTypeId" : "f5d99ac3-faf2-4f02-8e54-16f406e1da8b"
  } ],
  "type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
  "_title" : "Grant Test Action Test Type on/under Test Type bd655838-b140-47c0-9d2c-093e966b8804 to identity 3008d447-86b8-4d2a-a767-5a885c48f21c"
}

Delete Identity Resource Action

DELETE /identity-resource-actions/{id}

Authorization

This endpoint requires delete action on the identity-resource-action resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have delete action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions/ef21fa1c-9e99-422f-b72a-43a880bc8bc0' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJhd0ZNaUIwajlHc0w0ck1SUndzdUlBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjI1MzZhYTg4LTIxMmUtNDM1OC1hYmUxLTgyMDRiNTAyOGI4ZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNDcwMTVhNzgtMGMyNS00ZThhLWIxOTgtODE2N2Y5OGI1OTMzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.eAFt2B8G3lDsERvVa1zpgtmx1PlUiZmPbhN4rlVAiYmZWkIz5Y3_Tc4GInXTQ0nxokuP_6jx53xZgm5V63nPJDeOYQbUVhy5VyGe50pmansoRHoq03qOVhCJy5Foj5hIvx_KzPatKgsAAdbsyopBAr6bQ2Pv4FyMYutma6gtkeBFKFgWbnU8eClon3zP4jkYTpRxj8eHcP3dLgUviPZoMwDLZr9xaNWIu0qjYD63i8HrxvGFln7VRspmL59ji0K6AWzC2Mcp7HJq78GmxVDEJpoHfiKZfvOvjbs35PLTVYBwh2aPV0ovo7mrCP__e9fNy9SIOdQPt7yHMC4RgbGn2w'

Example response

HTTP/1.1 200 OK

Custom Roles

Find Custom Roles

GET /custom-roles

Returns a set of {@link CustomRole}s that the client is authorized to read and which match the specified (optional) query parameters.

If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).

Authorization

This endpoint requires read action on the custom-role resource type.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

identityId

Object

true

Filters results to those granted to one of the specified identity ids.

resourceActionId

Object

true

Filters results to those that grant one of the specified {@link ResourceAction}s.

isDeleted

Boolean

true

When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.

Request fields

No request body.

Response fields

Path Type Optional Description

[].id

String

false

[].name

String

false

The human friendly name of this {@link CustomRole}.

Size must be between 1 and 256 inclusive.

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link CustomRole} was created.

[].updatedAt

String

false

The date-time at which this {@link CustomRole} was updated. The only supported 'update' on this bean is to mark it as deleted.

[].deletedAt

String

true

The date-time at which this {@link CustomRole} was deleted. This will be null for an {@link CustomRole} that has not been deleted. If this property is not null, then the {@link CustomRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

[].deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

[].type

String

true

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJxRkFlV2ExU2lzdHVTdm90NHhKc0xBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijc0MGY0NDI1LWY5NmEtNDhkNi04NzVhLWY4MzA0Y2Q4NjI2NSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwNywiZXhwIjoxNjIwMTQ4NDA3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYTk5MDU2NzUtODE4Ni00MWY4LWIxMjUtZWNlODRhNmJkNTJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.T6EBczozsQiyUJBZ2x_2QkF-DdslanjbJel_7LUzOM8n33Jz02UxwlPBzeS9gee63ei7IKQBKcLeTdjqmEQ_GfcTDPIooT7GJMUhkckgVWQGhIePpthHB8M5juA76SqFb72CDMiWbBEW6O2ydLhtOhNGKO9iR6GyHlsB5xiz7JFr_k4kwELCNSo8m7XQeIBjcWXTG482hlIsCgJUz01mkq6HF2pt3-auarz2-bh0TX6Mh14LAlfEOfoviXzmBwuALrG96JGJDlKzBJ8wPsK95962jCiNXMVhYsLGd9vaOHuQfsOIUpr8kqzE2jL3RzMJrxi_WxwUoiR_2dARrOA94A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1193

[ {
  "id" : "233ae92e-4b5d-4cab-9549-5d55fd1cbf6c",
  "name" : "Read-Only, ALL Auth Domain Resources",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.383528Z",
  "updatedAt" : "2021-05-04T16:13:21.383528Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
  "_title" : "Read-Only, ALL Auth Domain Resources"
}, {
  "id" : "74a9a6c3-106c-40bc-acab-780c837ad8d0",
  "name" : "NF MOP Tests, Control Plane",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.770745Z",
  "updatedAt" : "2021-05-04T16:13:21.770745Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
  "_title" : "NF MOP Tests, Control Plane"
}, {
  "id" : "3187f0b4-360d-4e24-95b8-645a1243d6ec",
  "name" : "Test Custom Role 0",
  "createdBy" : "98ea4da9-e3b3-463b-94e0-78511c54c389",
  "createdAt" : "2021-05-04T16:13:27.508253Z",
  "updatedAt" : "2021-05-04T16:13:27.508253Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
  "_title" : "Test Custom Role 0"
} ]

Get Custom Role

GET /custom-roles/{id}

Authorization

This endpoint requires read action on the custom-role resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have read action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

name

String

false

The human friendly name of this {@link CustomRole}.

Size must be between 1 and 256 inclusive.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link CustomRole} was created.

updatedAt

String

false

The date-time at which this {@link CustomRole} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link CustomRole} was deleted. This will be null for an {@link CustomRole} that has not been deleted. If this property is not null, then the {@link CustomRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

type

String

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/3187f0b4-360d-4e24-95b8-645a1243d6ec' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJadU5MNlNhOFZmdkpNckZla2h3bF9BIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjM2OTlmZjQ4LWE2MWItNDFkMy04Yzk5LTRhNjk3NWMyNmFjNCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwNywiZXhwIjoxNjIwMTQ4NDA3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiY2YyYmM4OTgtZjY3Ni00MGVmLTg4ZjItMmEzMDhhN2Q0ZGZhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.U6ZvPqgdVVUem1OAAV72RdSov9KR85HJgPB2OzHXKQHdubwT3tCiIR9h4JbKGSLdqQRmny4K2fOpiDUqUy5Kn5QyLJNCJjW3dFDQF_gnO_sJUMR-IEme8qv8lN5Sd6WwTE0aMl6OyD8PCik1GBf3aBzcI0prLbQ7M8vjTOLRK3EUJsdWcS4pi5ZJ7aNwca1glSSYSy0QLQSYw3HaELhvuZgrCIfUXo62GrtmYxOf_YCq4YWaX2-DzLW6ZKGPgVGadmhsLepq9x0xXBvdicL_45rGoR3-uKJvHFCNpihxoceCkTPxSeZWAd85vbyM6BjNmG4gawvZggRXm8KbDXhkzQ'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 377

{
  "id" : "3187f0b4-360d-4e24-95b8-645a1243d6ec",
  "name" : "Test Custom Role 0",
  "createdBy" : "98ea4da9-e3b3-463b-94e0-78511c54c389",
  "createdAt" : "2021-05-04T16:13:27.508253Z",
  "updatedAt" : "2021-05-04T16:13:27.508253Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
  "_title" : "Test Custom Role 0"
}

Create Custom Role

POST /custom-roles

Authorization

This endpoint requires create action on the custom-role resource type.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

name

String

false

Size must be between 1 and 256 inclusive.

Response fields

Path Type Optional Description

id

String

false

name

String

false

The human friendly name of this {@link CustomRole}.

Size must be between 1 and 256 inclusive.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link CustomRole} was created.

updatedAt

String

false

The date-time at which this {@link CustomRole} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link CustomRole} was deleted. This will be null for an {@link CustomRole} that has not been deleted. If this property is not null, then the {@link CustomRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

type

String

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVMHZ6cml2M3FVUkZILVpndGJiNXdRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjczNGQ0NzY2LTgxMGItNDY1My1iZWU4LWM2YWQyMzg5MDI3MCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwNywiZXhwIjoxNjIwMTQ4NDA3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNGViNGU1NTMtMGI4OC00M2MzLWJjMjgtZTJjNmMyN2QxYjcxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.hap0Z1FNGsxVaHIA4plm2QOZfqqi2AKcOIVR-Z3MeAFVnuuq2zRJwrFPFvN4CcrxORQAyEWQkTz1wkjZpf46dxVT8LQawWfnwaVxNHFDaoOWaoA50KaTcwWFlmoWv88G9NZq8kdeGJLGAVnLs6-cXNJXKJPC1mAUBYR0m96DLVVkY_LdCvgYsVPah-WVDSdZLWCgMNNZNl8bQCPrk1cLdzqMWUYwW3OWztt96wURJP3SqSy_SsmbSydSVZRwWA2C7oWCWuMOtUE0FLiOIqo__3ADnO6Y_MNoig4ungPbdf8ZLetcGamNV2OVj77PhYXOalaZwfJ35fIuspPGy0nJJg' \
    -d '{"name":"Test Custom Role Create"}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 387

{
  "id" : "8d6941c6-1f4f-4cf0-988f-900c8d6302e0",
  "name" : "Test Custom Role Create",
  "createdBy" : "734d4766-810b-4653-bee8-c6ad23890270",
  "createdAt" : "2021-05-04T16:13:27.717074Z",
  "updatedAt" : "2021-05-04T16:13:27.717074Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
  "_title" : "Test Custom Role Create"
}

Delete Custom Role

DELETE /custom-roles/{id}

Authorization

This endpoint requires delete action on the custom-role resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have delete action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/7a041a7f-79b7-4967-a26f-2569c8ac123e' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJkWE9zbHNRTGtjRHpiOTBsZmhlMlJnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNlYWUxM2VlLWI5YzgtNGE4NS1hMDZhLWYzNzQ5NjI4MDg0OSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwNywiZXhwIjoxNjIwMTQ4NDA3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNmZlYjQyOGYtOTdmYi00ODRjLWJjMWItNWNkN2RmOTg2OWEwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.NXxmRUAYWo9Zuqr6KtBafI_kc9qYoV6TZrmCIo7b4j2xaRCqOVMQxU6NAC8sPB91BhTZGcdMJOPgBcqOqZuvE4wKGcA96Case4hEvx-NXYfss1Sp7MXBxDQykOMyBnCfX48jqQF2VS_T4yqiWL7uB8DXteezHMgJnBetCP18VabRaC6FM0-0pvq3WttvKXLhs7KP0AJpqLTzwu_iCRlWr3Kx1OjOOalr0wHYU75oxkaT7YMrhuqGooa14adngKbVU5mlvWWOd5SAlfhaXqfp1Q_hx960WSaJ73hT6X5cvHvAVB_dNZbuZVL5v09LKeqaWSdF2TqxJF2yYw8Xye3Z8A'

Example response

HTTP/1.1 200 OK

Grant Custom Role (deprecated)

POST /custom-roles/{id}/identity-grants/{identityId}

Deprecated.

Deprecated. Use {@link CustomRoleGrantController#createCustomRoleGrant} to grant an identity a standard role.

Authorization

This endpoint requires the following actions:

  • read action on the custom-role resource type

  • create action on the custom-role-grant resource type

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have create action under the annotated resource.
Client must have read action on the annotated resource.

identityId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/583b106e-77dd-4dc5-8bb2-d08c31178b52/identity-grants/860feec7-afbc-4752-ac4f-3a7f81c661e1' -i -X POST \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI2UVluTldhWHVkZV85Z05sZS02UXF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE1NGY1Zjg1LWY2ODQtNGJkYy04MTEzLTFhMzU4ODAzYWUxYSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwNywiZXhwIjoxNjIwMTQ4NDA3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYjc5N2Y4ZTItZWRjMS00YzhlLTkwMDMtYzNiNWU5ZmFiYmNjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fSx7XCJpZFwiOlwiNzliMjRiODktYmI5MS00MmRlLTkwYTgtNDFkYjRiOWI3MjI4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.TsE3nCiCg1iNrHxDEzAQp2JrOoAdXDOzCMlofWV5Pjp0Wjs_CIO_uu8bzG-FUkYz8nBYk21gsDOHfR7X0HccwaELO3xjZcioVqWmoBcg9zFXQGSsfn3xTg3kxrYJ-Dqi52PjBgf2dMnr917DHQyQGDreH9ViX6iddLPZL-IsAw8h-H81vHbtHJMBDTu5yyDXuZXM-gcjLH7O5-y5qiuO7RoNx99c5azKIZa9y_EWyo9ZMYSLY7LbQsRkDzHzEL-B2JPrXkMHqjXVbRrsac89_Oqvy90k9LL4txYSSqoTujSqoVVAOEQkAMjTzPxaT0h0e2BI496CZVcPQ6_Hh7MqXA'

Example response

HTTP/1.1 200 OK

Revoke Custom Role (deprecated)

DELETE /custom-roles/{id}/identity-grants/{identityId}

Deprecated.

Deprecated. Use {@link CustomRoleGrantController#createCustomRoleGrant} to grant an identity a standard role.

Authorization

This endpoint requires the following actions:

  • read action on the custom-role resource type

  • delete action on the custom-role-grant resource type

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have read action on the annotated resource.

identityId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/2bab9e7b-83cc-47e6-ac86-208c87f86eaf/identity-grants/c2af61af-e713-4b8b-9585-b0cfea73eff1' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJCSWFxc0J6X0Q5U0k0bVFNa1pDUll3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijc4N2QyMDA2LTgxMDUtNGYxNS04YTM1LWViZmY4ZmYxMWU3YiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwNywiZXhwIjoxNjIwMTQ4NDA3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOTU2NGNmOTMtNDBlYS00NWY2LWE3ZTAtMjExYTI2MWJjYTlhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fSx7XCJpZFwiOlwiNjAzZmFhZWYtNjlmOS00N2NmLWIxN2MtMTQ5Y2JkNTE0MDM2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.YBIeskdbzSX0WTvqzjCPg0vWqMzFpn-6G1PdAW-kYscmTNwemSH7PDhCv1c3rBShHUS83PRdrTDCv1cCNmfFpgOCkItLkVS2WI-r4SbedWwpK5SMJDK274yN8Rdvpr1xCEdQWI14VRaFB0_EvOPhNT1Ixq2QzcB-wJrJVRT2fbgpEhHv5ZOfFPAn6o-5BafiVsgO1ShprrtTesgyAZ_YvzP-L1CRm7J1Tx5gQi3zbrli8ab8f-leP8-FxpCYDhZ7LgI-0YxR9OX5eV-DgPIC-EZ5eIGPGfj8n04WGd3fVW5dyTRhnmHQXe28WwdTWAf--J2Z-e6W381TI8QanlyZ5w'

Example response

HTTP/1.1 200 OK

Custom Role Actions

Find Custom Role Actions

GET /custom-role-actions

Returns a set of {@link CustomRoleAction}s that the client is authorized to read and which match the specified (optional) query parameters.

If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).

Authorization

This endpoint requires read action on the custom-role-action resource type.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

customRoleId

Object

true

Filters results to those from one of the specified {@link CustomRole}s.

resourceActionId

Object

true

Filters results to those that grant one of the specified {@link ResourceAction}s.

path

Object

true

Filters results to those that target any resource along the specified path.
For example, if the path is to Network X which is under Network Group Y, this would restrict the results to {@link CustomRoleAction}s that grant an action on any resource under Network X, an action on Network X itself, or an action on Network Group Y. Combine this query parameter with resourceActionIds to limit the results to the types of actions along the path that are of interest.
The path value must start with a domain code followed by a colon. It may then have a comma delimited sequence of colon separated resource type code and resource id pairs. The path structure must match that of the server defined resource tree for the specified resources in the specified domain.

isDeleted

Boolean

true

When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.

Request fields

No request body.

Response fields

Path Type Optional Description

[].id

String

false

[].customRoleId

String

false

The {@link CustomRole} that this {@link CustomRoleAction} belongs to. This {@link CustomRoleAction} should be granted to any identity that is granted this linked {@link CustomRole}.

[].resourceActionId

String

false

The {@link ResourceAction} that this {@link CustomRoleAction} confers to the identities that hold the linked {@link CustomRole}.

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link CustomRoleAction} was created.

[].updatedAt

String

false

The date-time at which this {@link CustomRoleAction} was updated. The only supported 'update' on this bean is to mark it as deleted.

[].deletedAt

String

true

The date-time at which this {@link CustomRoleAction} was deleted. This will be null for an {@link CustomRoleAction} that has not been deleted. If this property is not null, then the {@link CustomRoleAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

[].deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

[].path

Array[Object]

false

The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}.

[].path[].resourceId

String

false

[].path[].resourceTypeId

String

true

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiItQ0VlUUhPRmlmUWtaVmVfR2dqNmxnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImZmMzYyZDJjLTJhMTItNDg3Zi1hZDA4LWVlZGM3OGJmZGNlMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwNywiZXhwIjoxNjIwMTQ4NDA3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZGYwZDY0YjMtNTFlNi00ZTVmLTlmNWEtNTJjMjYyZGM0Y2FhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.f-yojcc_ZAzSZ1jeZeGxRqxOXH5ubG3pxG6ypYFY1sUG3_yLL4Q21lypeCcZFoSEo0WES45EVGGqyaRh1bEHxCtEihBHhzxh6NuE-kQ_IfyEO9ihPN8vf5eQn-kSMIQXmEOYJTCnmBu3LQ4wxBpjf6AK9WEpMAlxcFSMKE87Aa5fuwZJ55GOzRnvhZKwiadhjUjOpHVlElFOOJ3SOD6nMSvfMol5vkbWV0V7sAkN02zwqwjZf8gXB9jLC7e0wri0Gtz5AthfFNQ2ZTE_oh96Wu98_fqAHpuBknM_qDcgqtbNAV-A9spJdbwXhWsFScJ2QYeGI_E1Ptm1CV4C6nsEdQ'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1283

[ {
  "id" : "59228f5a-cb68-4b2d-85c6-75dd5ee7b3ab",
  "customRoleId" : "665bf926-a4de-4a65-a59e-1206e0ff6fcb",
  "resourceActionId" : "bacc134f-a0e7-4fcd-9e57-e9e804bb21db",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.696153Z",
  "updatedAt" : "2021-05-04T16:13:21.696153Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ ],
  "_title" : "Read API Account Identity, All"
}, {
  "id" : "5be321b0-5f36-4872-8368-247f68463485",
  "customRoleId" : "74a9a6c3-106c-40bc-acab-780c837ad8d0",
  "resourceActionId" : "688824bb-8a2c-4716-a11f-9d357dc4c904",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.772767Z",
  "updatedAt" : "2021-05-04T16:13:21.772767Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ ],
  "_title" : "Read Support Path, All"
}, {
  "id" : "5dc4c391-098d-468d-ae99-558d1f163dbe",
  "customRoleId" : "665bf926-a4de-4a65-a59e-1206e0ff6fcb",
  "resourceActionId" : "d76315ff-ee56-477f-a482-3c615156f54b",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.696153Z",
  "updatedAt" : "2021-05-04T16:13:21.696153Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ ],
  "_title" : "Read Transfer Node, All"
} ]

Get Custom Role Action

GET /custom-role-actions/{id}

Authorization

This endpoint requires read action on the custom-role-action resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have read action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

customRoleId

String

false

The {@link CustomRole} that this {@link CustomRoleAction} belongs to. This {@link CustomRoleAction} should be granted to any identity that is granted this linked {@link CustomRole}.

resourceActionId

String

false

The {@link ResourceAction} that this {@link CustomRoleAction} confers to the identities that hold the linked {@link CustomRole}.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link CustomRoleAction} was created.

updatedAt

String

false

The date-time at which this {@link CustomRoleAction} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link CustomRoleAction} was deleted. This will be null for an {@link CustomRoleAction} that has not been deleted. If this property is not null, then the {@link CustomRoleAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

path

Array[Object]

false

The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}.

path[].resourceId

String

false

path[].resourceTypeId

String

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions/15962b76-9cde-4d15-8d18-7987c06dd97a' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJBWGRqVU9iWFN0TExuMmtua3U0YjJRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjI4OTdiMDg2LWM1NTctNDU3OS05NmEzLWU4MmVlOGMwYjY0ZiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwNywiZXhwIjoxNjIwMTQ4NDA3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOTY5OWM2MDMtZjY4OS00YmY3LWFiZjAtYTRmOGQ3MDMyODFlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.agU3i5cum0pUswv5BVsnvwU605XhgeRt53Mjyjb6rX8tHgzRi6qWQdz9B5IBbpdHW3apX4ed9c-UqXNa9uUMcb-xfV0W3-wpeevitt1gEJ9FncbmHExBHgMCw63T_QyUeSrcJESol3otXmX-eCxbzhi0yfJwvKC-ZA7kLl7-PXxUs5Q3Q2wm448WhMzsZRv3P6o5kuTvqlcr7NDpturEieNSaZj2_l5csK5MsT07OKvUyrSGlB11Xil9OV801b7HFFSscavRpJVS7e_8Y-yVtC6GRM-snLj_QPMT5zF4928BABU15Vr8VxVp2S7mFae6uGU8lqHR-BUv-jqLgdQhsA'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 610

{
  "id" : "15962b76-9cde-4d15-8d18-7987c06dd97a",
  "customRoleId" : "17f91772-de1f-4ed1-bc2d-b66a14a326ba",
  "resourceActionId" : "da420519-d8be-4f74-a9c4-b387733d837d",
  "createdBy" : "edbc61db-d7b1-4170-8b37-c2f383f8541e",
  "createdAt" : "2021-05-04T16:13:27.914107Z",
  "updatedAt" : "2021-05-04T16:13:27.914107Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ {
    "resourceId" : "5abe5155-abac-4495-9958-2d4cfdaf3198",
    "resourceTypeId" : "9a20f56c-9e14-4144-b4ba-6e5d6ca06334"
  } ],
  "_title" : "Test Action 8 Test Type 7 on/under Test Type 7 5abe5155-abac-4495-9958-2d4cfdaf3198"
}

Create Custom Role Action

POST /custom-role-actions

Authorization

This endpoint requires the following actions:

  • create action on the custom-role-action resource type

  • read action on the custom-role resource type

  • read action on the resource-action resource type

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

customRoleId

String

false

Client must have create action under the annotated resource.
Client must have read action on the annotated resource.

resourceActionId

String

false

Client must have read action on the annotated resource.

path

Array[Object]

false

path[].resourceId

String

false

path[].resourceTypeId

String

true

Response fields

Path Type Optional Description

id

String

false

customRoleId

String

false

The {@link CustomRole} that this {@link CustomRoleAction} belongs to. This {@link CustomRoleAction} should be granted to any identity that is granted this linked {@link CustomRole}.

resourceActionId

String

false

The {@link ResourceAction} that this {@link CustomRoleAction} confers to the identities that hold the linked {@link CustomRole}.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link CustomRoleAction} was created.

updatedAt

String

false

The date-time at which this {@link CustomRoleAction} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link CustomRoleAction} was deleted. This will be null for an {@link CustomRoleAction} that has not been deleted. If this property is not null, then the {@link CustomRoleAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

path

Array[Object]

false

The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}.

path[].resourceId

String

false

path[].resourceTypeId

String

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJfV1RZSURaTzNLZ2pkb3FfenBhUU53IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImVjMzdjMzNhLTc4YzEtNGQxOC1iNTg4LTE5ZjUzOGE0NTk5NyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwNywiZXhwIjoxNjIwMTQ4NDA3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZTFjYzNlNzgtOTFmOS00ZWFiLTkxMjMtZjU2NzgyZjdmNTU4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fSx7XCJpZFwiOlwiMDRmODA4OWUtZDM0MC00OTNkLThjMWQtN2VkZTFlZTcwNjVkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fSx7XCJpZFwiOlwiZWU3N2VhNTAtMTBlYy00MTRhLTg2NWEtMGRiNzIxNjNlZTY0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.FYADtncfPPeiOrMEib3TXiss_Rzj8kzthrpnuKC6EvctaAhxvRSp_AGgow4_z9SGt-YRRJbU30OdsKS4jX6IYFsNP4FNPtI8I5YjCvvqCKT0yaRzHWvIT3hpargQ5wJHnietT_L4UDkBxvGcO2pzvA9blrMc-Ke-5hfuE_tLXpPIMvbzW2zhlOP4WywgGRJX0IdxMOxJucu90y_puMe0SrkXz0NFA958PP1i4SRabZxQ_2RdQMV6eBdJExrRwSoUAYlqLUSxfjsKWt-jID83QvZbp9qkBcZVbOAfCAUKHsJ3frLK706wFeh1tDQiu_SyuHQmCF8MQ7d6LIra2QCQqA' \
    -d '{"customRoleId":"8b92e31c-e795-4ec2-b9be-3f92c68fe8f4","resourceActionId":"c82ff6fb-5353-4c03-bfcf-65c23b9fb33a","path":[{"resourceId":"0198be60-eccc-4ebc-8a9e-df615455c2e2","resourceTypeId":"f5d99ac3-faf2-4f02-8e54-16f406e1da8b"}]}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 604

{
  "id" : "f12d5847-9e71-4ba0-be9b-073d03c3e114",
  "customRoleId" : "8b92e31c-e795-4ec2-b9be-3f92c68fe8f4",
  "resourceActionId" : "c82ff6fb-5353-4c03-bfcf-65c23b9fb33a",
  "createdBy" : "ec37c33a-78c1-4d18-b588-19f538a45997",
  "createdAt" : "2021-05-04T16:13:27.861228Z",
  "updatedAt" : "2021-05-04T16:13:27.861228Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ {
    "resourceId" : "0198be60-eccc-4ebc-8a9e-df615455c2e2",
    "resourceTypeId" : "f5d99ac3-faf2-4f02-8e54-16f406e1da8b"
  } ],
  "_title" : "Test Action Test Type on/under Test Type 0198be60-eccc-4ebc-8a9e-df615455c2e2"
}

Delete Custom Role Action

DELETE /custom-role-actions/{id}

Authorization

This endpoint requires delete action on the custom-role-action resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have delete action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions/916c8369-c6aa-4ff9-b151-a34fbb9c1ce9' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVUU1HZkFBeVh1UWRqNlFRZHNtYnlBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijc3NDdjYzNiLTNmMmEtNDA0MS1hMzI0LTAzZWE5N2MzMDJiNiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwNywiZXhwIjoxNjIwMTQ4NDA3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNmU4ZDgyNDctZDU2Ni00NDFhLTg0N2MtZWFhNmE0ODhlMWQzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.TxdLEHyAAfRcbU4Gqpha5Wip42u5bL32Iznc2hAjf-Kojytf5kB3n-RT2WedR_rzczmJixesrS3dDmrH3Bv1AjYmUpr4PR4f_8OxzTwpgdFQ6BIMygECFAs7RpMXBLo_TnNnGeRzbmzd7ecXfZDvAi_CzwNSiQ6VxaZtc3YqVgG2nCzOXMxSWfL--1EAkWaWoqSLxd84laP7dlCsuv5sNyAbeyv5aJPnaAMtEILI_avLoTjlPULU9ve1vuhjeLl8PJmBv1Z3WIi7WTPynsKebTUHqI59ni2og11n9OW6JR1xkwWnaJOKA1DMjUuRJaC_XASos3VSKoMXV4kv4XR1cw'

Example response

HTTP/1.1 200 OK

Custom Roles Grants

Find Custom Role Grants

GET /custom-role-grants

Returns a set of {@link CustomRoleGrant}s that the client is authorized to read and which match the specified (optional) query parameters.

If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).

Authorization

This endpoint requires read action on the custom-role-grant resource type.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

customRoleId

Object

true

Filters results to grants to one of the specified {@link CustomRole}s.

customRoleIds

Object

true

Deprecated..

identityId

Object

true

Filters results to those granted to one of the specified identity ids.

identityIds

Object

true

Deprecated..

isDeleted

Boolean

true

When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.

Request fields

No request body.

Response fields

Path Type Optional Description

[].id

String

false

[].identityId

String

false

[].customRoleId

String

false

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link CustomRoleGrant} was created.

[].updatedAt

String

false

The date-time at which this {@link CustomRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted.

[].deletedAt

String

true

The date-time at which this {@link CustomRoleGrant} was deleted. This will be null for an {@link CustomRoleGrant} that has not been deleted. If this property is not null, then the {@link CustomRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

[].deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJEZEEzOUlDV1d2QUsyOER3Uno0MFVnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjRiNmViMjdhLTk2M2EtNDMwNC05MzljLTFkZGMyZTMyN2Y4NSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgxMCwiZXhwIjoxNjIwMTQ4NDEwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYjQ4NDIxMzMtYWNkNC00ZjI2LWIxMjQtZGRhNGIxZmUwYTg3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODEwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.QWCs52l8im2vtHgrj0k_ylot0VD58k9F86eZNJOqgFhDu17IrU4yD6Or_LFQsSbUbwGTRHgOy-vdSung9YonSpfXOnRq6NyxXolnK9HS2E8_Kn_Y_l3EAAc8N1_sRrpaoi6TZb-NLadb0762mKz3BwKocdi9xyHdux7ZkFzDbrqQfvuqt5m10OPltC0FGC9VN-nOj6ek7K_jtHLidigly7nqBm31YliXj20Jaso5aicQtlun1rExs6g1TNAL4zSPbjPINhoIme9K7C7g9RcDe5CDQBZQd-IRPrKL0cndfa6rfaU_RdPyiQfybg85jcf6WERa9lJJZq6zKYsKtjyutw'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1457

[ {
  "id" : "eeb1f8df-8abb-496a-a355-010be7f90c14",
  "identityId" : "bc186704-9a24-4c84-a5f5-a756a17a67e0",
  "customRoleId" : "233ae92e-4b5d-4cab-9549-5d55fd1cbf6c",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.571932Z",
  "updatedAt" : "2021-05-04T16:13:21.571932Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Grant Read-Only, ALL Auth Domain Resources to identity bc186704-9a24-4c84-a5f5-a756a17a67e0"
}, {
  "id" : "4bbaed90-042a-41f4-bde1-af2b1b6da80b",
  "identityId" : "281eb3dd-b980-40d1-a6af-05c7f8fa1f3c",
  "customRoleId" : "443a630c-edba-414b-b710-f1b9c3e7eaa6",
  "createdBy" : "e95c814a-3ccc-4688-b867-0c047dee10b4",
  "createdAt" : "2021-05-04T16:13:29.951516Z",
  "updatedAt" : "2021-05-04T16:13:29.958232Z",
  "deletedAt" : "2021-05-04T16:13:29.957651Z",
  "deletedBy" : "5c349fdd-0ad3-4c57-b047-e5d8aacbb6dd",
  "_title" : "Grant Test Custom Role 62 to identity 281eb3dd-b980-40d1-a6af-05c7f8fa1f3c"
}, {
  "id" : "35ed5f76-32b8-45d5-9341-c1f3532e0e26",
  "identityId" : "a17fffad-b448-4fc0-8e16-60baadc1d5ee",
  "customRoleId" : "233ae92e-4b5d-4cab-9549-5d55fd1cbf6c",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.460177Z",
  "updatedAt" : "2021-05-04T16:13:21.460177Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Grant Read-Only, ALL Auth Domain Resources to identity a17fffad-b448-4fc0-8e16-60baadc1d5ee"
} ]

Get Custom Role Grant

GET /custom-role-grants/{id}

Authorization

This endpoint requires read action on the custom-role-grant resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have read action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

identityId

String

false

customRoleId

String

false

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link CustomRoleGrant} was created.

updatedAt

String

false

The date-time at which this {@link CustomRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link CustomRoleGrant} was deleted. This will be null for an {@link CustomRoleGrant} that has not been deleted. If this property is not null, then the {@link CustomRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants/36573c99-2f7e-43f8-8e0a-956541cfb1b7' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI2SlRqQWlTWGloaF9GWmNoaURmMTRBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjY1ODJjNzk4LTNlNmItNDczNy1iNGYxLWFmYjY5MjM3YTNhMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZWU0MjkyYTEtZTMzNS00NzMyLTgzOTMtMGZmNzQ5NjMzNmUzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.V-VSl3CbbHYljy-D6hVUoJOIX5dVG9n16NpVJc9zDoZgpXyPZZCj52Y8KzJc5D4VFq27g8iOrfSJO1J4pb6IeOXW-umslwXkclZMp5qI_ikTDh37XAtVPcpCu_bdwOMG_ibE-m-9b0z9nGfWPUUrVlvoKJAL_cPxc5OoIT40TgCRfS6X80WL5G3Sf8ArJuvMcO5ltLwCSsIkw7BFDV-22GIsaBSpI7fK_hvtEvBpKZ5Ffq5k2TWk-byBSWsPN5ACxj3MkZFKyDm6VC0DJnca-8Ye9O4wnqo81FYEhNSvgMHhw-674oc7Lt6wckMc4NYuCIPo4HM0jdiTZrsWGnJR8w'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 452

{
  "id" : "36573c99-2f7e-43f8-8e0a-956541cfb1b7",
  "identityId" : "3a1fc23f-c7a1-4f72-b93b-df7f81b8e850",
  "customRoleId" : "1e9c0b07-421e-4dd4-a4d8-e54a40dd6b27",
  "createdBy" : "1bd25575-3a94-433c-9959-f86e1c59272f",
  "createdAt" : "2021-05-04T16:13:29.920312Z",
  "updatedAt" : "2021-05-04T16:13:29.920312Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Grant Test Custom Role 61 to identity 3a1fc23f-c7a1-4f72-b93b-df7f81b8e850"
}

Create Custom Role Grant

POST /custom-role-grants

Authorization

This endpoint requires the following actions:

  • create action on the custom-role-grant resource type

  • read action on the custom-role resource type

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

customRoleId

String

false

Client must have create action under the annotated resource.
Client must have read action on the annotated resource.

identityId

String

false

Response fields

Path Type Optional Description

id

String

false

identityId

String

false

customRoleId

String

false

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link CustomRoleGrant} was created.

updatedAt

String

false

The date-time at which this {@link CustomRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link CustomRoleGrant} was deleted. This will be null for an {@link CustomRoleGrant} that has not been deleted. If this property is not null, then the {@link CustomRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI2T1F3WjRLX2tUNFhRWnRmcjZWM2tBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjM1ZGM1Y2FjLWYzNGItNGYyOC1iNjM0LTU4ZjE4MGM1MWIxOSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNWRjYmJmZTAtYmZiMi00MGM3LTg4ZDUtM2FjZjAzODQyN2NjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fSx7XCJpZFwiOlwiZTVjMDc3ZGYtYTY2Zi00MmFiLWFmY2MtMGY1NDhkZTExOWY4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.GzjY4wBstzXurfb_MD8B8xvPNZp7vIYsNf_a89ryLmUbHLUqeeQhuMZ7WMhHKwffh7rlf1dpvEh2E2t2bu0LyTfVEIvP1bBVJQqJHWM95p4Qszm8q7EXULEc0GgdcgtkaJWXxSvDzUtr83hZTgdO942q_NagR-X4X4blnFRuE25ujBOUmJYQJEA_OL2P0-dBU-HgH1j6vgK6arKMc8-_LJsp6wq8GDCR68TbH3sDB48zAEvc320Rlfo3pbxdfZxeTNce-AhMZHOIdfGRJtK2JX3AtMM2x7tdbvmDHYjp5nG9-UlVTwRj1MqxiOJNKBD2ozReqwlDSskcjMNu3fD2rQ' \
    -d '{"customRoleId":"f28c5590-4cfd-4aed-b7e0-de50110c42f2","identityId":"fc006445-dc16-4ade-bb65-72d3b1d5800b"}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 452

{
  "id" : "45b66474-908a-48b0-8efa-4985f3e4e4f5",
  "identityId" : "fc006445-dc16-4ade-bb65-72d3b1d5800b",
  "customRoleId" : "f28c5590-4cfd-4aed-b7e0-de50110c42f2",
  "createdBy" : "35dc5cac-f34b-4f28-b634-58f180c51b19",
  "createdAt" : "2021-05-04T16:13:29.982290Z",
  "updatedAt" : "2021-05-04T16:13:29.982290Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Grant Test Custom Role 63 to identity fc006445-dc16-4ade-bb65-72d3b1d5800b"
}

Delete Custom Role Grant

DELETE /custom-role-grants/{id}

Authorization

This endpoint requires delete action on the custom-role-grant resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have delete action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants/4bbaed90-042a-41f4-bde1-af2b1b6da80b' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJKTkY5SFRjSl9ZcmR4Z2Z3c1pNVTdBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjVjMzQ5ZmRkLTBhZDMtNGM1Ny1iMDQ3LWU1ZDhhYWNiYjZkZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMzVkMjBmZDEtYzkyYS00Y2UxLWJmNGEtMDJkOGIxNGUxMzJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Uk1dN1lHVdRB87MsNHd-Zz_386qbPnKGxnBEsiLFF9kD7-XvjY6a3QtYjTw15q9t438CSRwXHFvpKBAbwA5JX0WNV2EbXQpmVBdtLR7e0qAhHsC1gH94D8nYv4jyUKgXOUfrwjy7RPPwD8EGuRCjWiPIwBt2mG_sf7k8hBLMsRpTfdpcJFwdMQxusE9tKcO99F7uQIr2Etz1aYtirMlMG1PuMq-JEw3KE87yucICF41g0FpmQzI34cmRRVdG7ZfREhWP8P_Ys08vQgTETisO8fp2NESkDePnjSYxWn8EYWhsY_rQ0DeN96SHZiGFrUjb7AakBF9zJC-kBnsPtwETzg'

Example response

HTTP/1.1 200 OK

Standard Roles

Find Standard Roles

GET /standard-roles

Returns a set of {@link StandardRole}s that the client is authorized to read and which match the specified (optional) query parameters.

If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).

Authorization

This endpoint requires read action on the standard-role resource type.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

standardRoleTypeId

Object

true

Filters results to those that are of one of the specified {@link StandardRoleType}s.

identityId

Object

true

Filters results to those which have been granted to one of the specified identities.

resourceId

Object

true

Filters results to those that specifically target one of the specified resources.
For example, if Network id X is passed, this would restrict the results to instances of a Network X Standard Role, such as Network Admin of Network X, Network Read-Only of Network X, etc. This would exclude Network Group Standard Roles, even if the Network Group contains Network X.

path

Object

true

Filters results to those that target any resource along the specified path.
For example, if the path is to Network X which is under Network Group Y, this would restrict the results to {@link CustomRoleAction}s that grant an action on any resource under Network X, an action on Network X itself, or an action on Network Group Y. Combine this query parameter with resourceActionIds to limit the results to the types of actions along the path that are of interest.
The path value must start with a domain code followed by a colon. It may then have a comma delimited sequence of colon separated resource type code and resource id pairs. The path structure must match that of the server defined resource tree for the specified resources in the specified domain.

isDeleted

Boolean

true

When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.

Request fields

No request body.

Response fields

Path Type Optional Description

[].id

String

false

[].standardRoleTypeId

String

false

The 'type' of this {@link StandardRole}.

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link StandardRole} was created.

[].updatedAt

String

false

The date-time at which this {@link StandardRole} was updated. The only supported 'update' on this bean is to mark it as deleted.

[].deletedAt

String

true

The date-time at which this {@link StandardRole} was deleted. This will be null for an {@link StandardRole} that has not been deleted. If this property is not null, then the {@link StandardRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

[].deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

[].path

Array[Object]

false

The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link StandardRole} targets. For example, if this {@link StandardRole} is "ACME Corporation Account Manager" then this property defines the (id) path of/to the "ACME Corporation" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to this {@link StandardRole#standardRoleType}'s resource type. Both must target the same {@link ResourceType}.

[].path[].resourceId

String

false

[].path[].resourceTypeId

String

true

[].type

String

true

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJtRC1TaTkwNEo4bVh0WElZRzJCNWVnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjZkOGY5MzA0LTVmOTgtNDA5MS04NDA0LTU1OTlmMjk3Zjc4OSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNmI5MGIzMDYtNDkxOC00NmZiLWEyYjYtMjQ1ZTNmMTZjMWQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.FwkkMoGu8y0HF-idsZYZGH040dPLF7T9z16FVFH_iTN4CY6DX6HZQVh9WMRG2DMAb8rXlovXo6mCY3QYr3XSxrBCcTuidonR5L0EmXlZyWt2wzU7f5t6a-WSKNU7VAJaF50KteNFxDMwSpxUDjXRG1nwKz76T09hhoAyN7C85AoWhFrld_IlsE5dynFhg0P8ZTzKPwnuykSK9Dx5yMaBn_ffsmDaiKLL42HBb2CJoN0ds7edZqQdaNbptCiJTRjMQpP2UkBCK4ZOBrciIXR3uj6VMZ7DWjfswDEA5W9njEvAUKhMpCZQjKqmIXqKHjJQF2kDfHl8kEz99w6FkqZr_g'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1793

[ {
  "id" : "82c89a37-42ba-4ea2-90e9-8acbda2728ba",
  "standardRoleTypeId" : "199cbaf0-fca5-4583-b050-d8420f7c9fe6",
  "createdBy" : "c227b8e9-d58c-46f4-a341-5f275d109958",
  "createdAt" : "2021-05-04T16:13:28.867405Z",
  "updatedAt" : "2021-05-04T16:13:28.867405Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ {
    "resourceId" : "4477f10b-2730-43d3-a711-64b9c91768d6",
    "resourceTypeId" : "99594576-a40c-4216-b419-06c3a3d506be"
  } ],
  "type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
  "_title" : "Test Type 43 Admin - 4477f10b-2730-43d3-a711-64b9c91768d6"
}, {
  "id" : "a497d6ed-cf4c-4381-9a1c-c509b42e6009",
  "standardRoleTypeId" : "238f3472-26df-4d3a-adad-4d59cd930123",
  "createdBy" : "b3a63794-c623-43ca-abd6-b783971a2311",
  "createdAt" : "2021-05-04T16:13:28.943132Z",
  "updatedAt" : "2021-05-04T16:13:28.943132Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ {
    "resourceId" : "500d1db0-0af9-4ab1-84e3-a3a1f055e46c",
    "resourceTypeId" : "33bd8dc4-7ec7-4ea8-b685-2a5379a7d50b"
  } ],
  "type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
  "_title" : "Test Type 47 Admin - 500d1db0-0af9-4ab1-84e3-a3a1f055e46c"
}, {
  "id" : "b65d9f29-4c3b-444e-a14a-d290747c3f8d",
  "standardRoleTypeId" : "c1f44b7e-b4dd-4a64-bea2-875e4ee649fa",
  "createdBy" : "eb6aef91-7fa9-4d27-9617-0058c533dd18",
  "createdAt" : "2021-05-04T16:13:28.900773Z",
  "updatedAt" : "2021-05-04T16:13:28.900773Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ {
    "resourceId" : "79de0937-c1e1-40a5-a824-d84109c60bfe",
    "resourceTypeId" : "1c8a6b2f-ce09-4ea7-b309-46df8ee38a86"
  } ],
  "type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
  "_title" : "Test Type 45 Admin - 79de0937-c1e1-40a5-a824-d84109c60bfe"
} ]

Get Standard Role

GET /standard-roles/{id}

Authorization

This endpoint requires read action on the standard-role resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have read action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

standardRoleTypeId

String

false

The 'type' of this {@link StandardRole}.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link StandardRole} was created.

updatedAt

String

false

The date-time at which this {@link StandardRole} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link StandardRole} was deleted. This will be null for an {@link StandardRole} that has not been deleted. If this property is not null, then the {@link StandardRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

path

Array[Object]

false

The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link StandardRole} targets. For example, if this {@link StandardRole} is "ACME Corporation Account Manager" then this property defines the (id) path of/to the "ACME Corporation" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to this {@link StandardRole#standardRoleType}'s resource type. Both must target the same {@link ResourceType}.

path[].resourceId

String

false

path[].resourceTypeId

String

true

type

String

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles/b65d9f29-4c3b-444e-a14a-d290747c3f8d' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJhNFJIOW9adVVfcWFicHBRN1pLcy13IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImYzZTkxOTlkLWJiZjMtNDFmYy1iZTIwLTNjMWFlOWIyNzM1ZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMWVhZmExZTItZDljMi00Yjk2LThiMjMtMjQ2MTZkNTgyNzg0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.XInzQOURbfZ9jEuxnkOkR4HyFsm5cdMU0RbCS1Q2rwjduI9BGBxhS-gE-lDEEPt1umrZeCqSEvSRvr2NNy2fYBlb9ENzFWWfhSsigcbMG_0pJ8fm4V2sW0o3apY68dN_nboRWWvYY8ToZDFO5karpcCfrTqgnCNCDoaOJeI2nrEMmstuta91ahyZQS3AwKQ9Rmu4Ncn9XwXvi7FDn_XHPzDMPou4oN-usd9yCO5fWNdqJkSDSnuI9CF5pNrsZzS_AQQ005_oL6lnCLqf6Ip1F-o4GFfgD3VDSTIGQ7kQ6xDBXvG55CvVu85zD44ZmkTk918QQA7i-PhV029I3iheYQ'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 595

{
  "id" : "b65d9f29-4c3b-444e-a14a-d290747c3f8d",
  "standardRoleTypeId" : "c1f44b7e-b4dd-4a64-bea2-875e4ee649fa",
  "createdBy" : "eb6aef91-7fa9-4d27-9617-0058c533dd18",
  "createdAt" : "2021-05-04T16:13:28.900773Z",
  "updatedAt" : "2021-05-04T16:13:28.900773Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ {
    "resourceId" : "79de0937-c1e1-40a5-a824-d84109c60bfe",
    "resourceTypeId" : "1c8a6b2f-ce09-4ea7-b309-46df8ee38a86"
  } ],
  "type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
  "_title" : "Test Type 45 Admin - 79de0937-c1e1-40a5-a824-d84109c60bfe"
}

Create Standard Role

POST /standard-roles

Authorization

This endpoint requires the following actions:

  • create action on the standard-role resource type

  • read action on the standard-role-type resource type

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

standardRoleTypeId

String

false

Client must have create action under the annotated resource.
Client must have read action on the annotated resource.

path

Array[Object]

false

path[].resourceId

String

false

path[].resourceTypeId

String

true

Response fields

Path Type Optional Description

id

String

false

standardRoleTypeId

String

false

The 'type' of this {@link StandardRole}.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link StandardRole} was created.

updatedAt

String

false

The date-time at which this {@link StandardRole} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link StandardRole} was deleted. This will be null for an {@link StandardRole} that has not been deleted. If this property is not null, then the {@link StandardRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

path

Array[Object]

false

The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link StandardRole} targets. For example, if this {@link StandardRole} is "ACME Corporation Account Manager" then this property defines the (id) path of/to the "ACME Corporation" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to this {@link StandardRole#standardRoleType}'s resource type. Both must target the same {@link ResourceType}.

path[].resourceId

String

false

path[].resourceTypeId

String

true

type

String

true

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJrM0dRMElmRXhpVzlOUHlGR1RDREpBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImIzYTYzNzk0LWM2MjMtNDNjYS1hYmQ2LWI3ODM5NzFhMjMxMSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYzZiOGY4YjQtNTA2ZC00YzMzLWI1MzMtZGJiZTkxYzcyNjBlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZTFjNWJiZGItN2ZhMi00NmE3LWJlNDctMDFmMmMwYjk2NTRkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.cCgQFKyHfo4cpseSLRydAgS9GSPu7NWG9MVnp4OiljplDMQ59PbZ9mQezuXNrOergbFzJSlsXv4QwxHBoQ1DRZDSVWLRT3pTxXRDRgT2LoP3aQ77fOA7yKpFRHlce7kgmq3JXuYRyXYMSSz8kO6ITAFBn_e-BN99aPFXSGbpNVB9y3iYmHvxABb1z9q-cObJXPMy9JwU8EqiPxE8Dvol-g6L0XUA9XF83a3Xo1KYqHNDc9mCyoOtutCzQGv-0oDm70qv42vJPOv5delSCjzaPUq5_tWNhI80HnqI0LDI3yB7ALtaRz2bExAZffEzB1qCF9qmoHidczUld_Q3IBiAsg' \
    -d '{"standardRoleTypeId":"238f3472-26df-4d3a-adad-4d59cd930123","path":[{"resourceId":"500d1db0-0af9-4ab1-84e3-a3a1f055e46c","resourceTypeId":"33bd8dc4-7ec7-4ea8-b685-2a5379a7d50b"}]}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 595

{
  "id" : "a497d6ed-cf4c-4381-9a1c-c509b42e6009",
  "standardRoleTypeId" : "238f3472-26df-4d3a-adad-4d59cd930123",
  "createdBy" : "b3a63794-c623-43ca-abd6-b783971a2311",
  "createdAt" : "2021-05-04T16:13:28.943132Z",
  "updatedAt" : "2021-05-04T16:13:28.943132Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "path" : [ {
    "resourceId" : "500d1db0-0af9-4ab1-84e3-a3a1f055e46c",
    "resourceTypeId" : "33bd8dc4-7ec7-4ea8-b685-2a5379a7d50b"
  } ],
  "type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
  "_title" : "Test Type 47 Admin - 500d1db0-0af9-4ab1-84e3-a3a1f055e46c"
}

Delete Standard Role

DELETE /standard-roles/{id}

Authorization

This endpoint requires delete action on the standard-role resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have delete action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles/f3abfb8d-f3ec-4d8a-843b-95a5c38019fe' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJhcnFYdEFDZW9FOEF3WUNNSGgwRzB3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjUyZWY1YWUyLTdiNmMtNDg5Yy04MDE1LTEyZGU0ODMwZWUxMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZTFjMjNhNDQtN2IzZC00MDFkLTljNzYtYzkzOTNhZmE5MDM0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Cp7CY3VS6kHGSRRWolw2qRZ3dWV0PyrHCIZRS8Ljhc0EtdugMog7Ggw0nTIW0xfD526ApUvJmwM8nSHVe8wA3cSrsurCvmOdYY3FASr1zW-5OYpZcsRhQBnsCtfmup_uPv_ZHJi9cCYJzd8XC7_Y-FYbA_mvmlleXn1KWJybTx_gn_hyubDEzbdOx_A0h0xJgSzHeLXdATacl--5BAffuawh6Qo3C9c1U9XSS_qR0fkn3A2Zdfc4PqpDIvVLGzmv1vpxTy5pFdz0705PhD5SkDeayofCstARpwuCqXD8vJQXFK74FBRC3ZXDivU512wCjmSeZtFF6azfuNDoTK-F-g'

Example response

HTTP/1.1 200 OK

Standard Roles Grants

Find Standard Role Grants

GET /standard-role-grants

Returns a set of {@link StandardRoleGrant}s that the client is authorized to read and which match the specified (optional) query parameters.

If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).

Authorization

This endpoint requires read action on the standard-role-grant resource type.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

standardRoleId

Object

true

Filters results to grants to one of the specified {@link StandardRole}s.

standardRoleIds

Object

true

Deprecated..

identityId

Object

true

Filters results to those granted to one of the specified identity ids.

identityIds

Object

true

Deprecated..

isDeleted

Boolean

true

When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.

Request fields

No request body.

Response fields

Path Type Optional Description

[].id

String

false

[].identityId

String

false

[].standardRoleId

String

false

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link StandardRoleGrant} was created.

[].updatedAt

String

false

The date-time at which this {@link StandardRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted.

[].deletedAt

String

true

The date-time at which this {@link StandardRoleGrant} was deleted. This will be null for an {@link StandardRoleGrant} that has not been deleted. If this property is not null, then the {@link StandardRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

[].deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiItNFZTZVpneEpfOTVuQmVxa2RlZTV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjIzZWI2Y2FmLTA4YTYtNGE4OS1hM2U4LWE2ZDA0ODY3YTMwNSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNmE3MmJhOWMtZDE5Ny00NDU3LTliNzItYWVkNjRiYTk3YjRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.HY8aHVSKXmfboBlBwoIcpdofuDREMHsB8fCbmQLuNtS1IXyCMPj7JB3CxCAoOidsGZw-3ByAnLdWNkooQbRbI3K8kECUhO6U8xRNqRqFAnQO1ctyctSLm-ouCpOxOQTjbiV6rDzsCGBSVO2I3UwsUHDoC5zaRPgC8Uw0C7h0vim4eDsG8jZf6g_ykXhAHibr-_X7A1pp8x25d02EFHiDnb2fop_gAix0UU0mrUninYjrjWdq6k5Oon252Y3hxegz0lBT7ykk7kzMdEUrg8otGJZPWFp6iFntTCq6600oBTxlhcHbuXaHjT04T2ryuO8tLJWTgV5JVQonCWUlP2jQgg'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1543

[ {
  "id" : "6ed42df6-a3ea-43af-a85c-8d5bca6dde42",
  "identityId" : "caf94f90-ee25-4c78-89e3-669e1e375178",
  "standardRoleId" : "773b9990-d6b4-4a16-8476-3127f75eac17",
  "createdBy" : "d34757ba-d38a-425d-aa05-61a7af3d7b87",
  "createdAt" : "2021-05-04T16:13:29.083482Z",
  "updatedAt" : "2021-05-04T16:13:29.083482Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Grant Test Type 53 Admin - 50c7d045-5b3e-4275-87e3-4427eda88a37 to identity caf94f90-ee25-4c78-89e3-669e1e375178"
}, {
  "id" : "39aefff4-886a-4e04-9f26-c399c30d652b",
  "identityId" : "5765823b-3969-4d18-a583-6ee0c9f96ac1",
  "standardRoleId" : "82c89a37-42ba-4ea2-90e9-8acbda2728ba",
  "createdBy" : "16fc36b0-f712-4bc5-ba6d-68de5c163b4b",
  "createdAt" : "2021-05-04T16:13:28.881826Z",
  "updatedAt" : "2021-05-04T16:13:28.881826Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Grant Test Type 43 Admin - 4477f10b-2730-43d3-a711-64b9c91768d6 to identity 5765823b-3969-4d18-a583-6ee0c9f96ac1"
}, {
  "id" : "da8bb101-cbfd-4a92-92ff-316dc75044dd",
  "identityId" : "22f7e40b-11d4-4077-9358-c2fa0f36e042",
  "standardRoleId" : "bfdd722f-c251-469a-aeda-13c0ac357aef",
  "createdBy" : "deabf885-94e3-4723-ae76-75e4d0c83d86",
  "createdAt" : "2021-05-04T16:13:29.032867Z",
  "updatedAt" : "2021-05-04T16:13:29.039723Z",
  "deletedAt" : "2021-05-04T16:13:29.039467Z",
  "deletedBy" : "7da3ca85-34f7-4960-b681-7f517e1a2e4f",
  "_title" : "Grant Test Type 51 Admin - ee22f0a7-5ba8-4c4f-a37b-8dbaa4f77534 to identity 22f7e40b-11d4-4077-9358-c2fa0f36e042"
} ]

Get Standard Role Grant

GET /standard-role-grants/{id}

Authorization

This endpoint requires read action on the standard-role-grant resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have read action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

identityId

String

false

standardRoleId

String

false

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link StandardRoleGrant} was created.

updatedAt

String

false

The date-time at which this {@link StandardRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link StandardRoleGrant} was deleted. This will be null for an {@link StandardRoleGrant} that has not been deleted. If this property is not null, then the {@link StandardRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants/836468ac-0625-4da2-ac54-b2336df098ed' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJsd2RVQW9ma1dEQVJGeUo5LVNnbGdRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjZiZWIwOTkwLTMzMzgtNDRmYy1hNzIxLTIzMmM0N2RhMDgzYSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjllZTk3NTUtMTU3My00ZWQ0LWE1NzgtM2Q3ZGUxM2MxNjYzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Mxr_zQJu_U4bOw1c5L4UuEk-fdNyaVQbBDLgbqRqirv_IdqK1-VyiRs7bMKNMnNyLbIU3btnuP-vYHNb7yWTSYuLO5L5vn8P1v1KjcJZR1khvnY22z6HnV019gl1hICQDFek0l_ouHOYX7OQuPjV-7ByRnm9rLBhtC_CT2ngVg8I19G_khxkit3GESO1HCA2Emj2fdigNcCXYbipc9fEuHXE18rwrkfQZNybbIepGkxNcZAVazaoCXJPwci6a9UX5FB8PKu_72VOG-8BQZvOcU-ZjWj7OLJ2hzAOnfZPajLXWQv6WyKc5EJvixiLA4FMGku3P0KK2BrHBXW0qelQ3A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 492

{
  "id" : "836468ac-0625-4da2-ac54-b2336df098ed",
  "identityId" : "6a3c5fd2-8075-4080-91eb-b49b20578c45",
  "standardRoleId" : "1fdd2739-8b99-404e-9a1a-d16a1695f040",
  "createdBy" : "043762ef-2ae2-4f45-bd90-cf4d5747d5a2",
  "createdAt" : "2021-05-04T16:13:29.137808Z",
  "updatedAt" : "2021-05-04T16:13:29.137808Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Grant Test Type 55 Admin - c0541600-8b9b-45d3-829e-5fd4d9b55dfa to identity 6a3c5fd2-8075-4080-91eb-b49b20578c45"
}

Create Standard Role Grant

POST /standard-role-grants

Authorization

This endpoint requires the following actions:

  • create action on the standard-role-grant resource type

  • read action on the standard-role resource type

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

standardRoleId

String

false

Client must have create action under the annotated resource.
Client must have read action on the annotated resource.

identityId

String

false

Response fields

Path Type Optional Description

id

String

false

identityId

String

false

standardRoleId

String

false

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link StandardRoleGrant} was created.

updatedAt

String

false

The date-time at which this {@link StandardRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link StandardRoleGrant} was deleted. This will be null for an {@link StandardRoleGrant} that has not been deleted. If this property is not null, then the {@link StandardRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVN3Bla2xqbUtOdEFpX3NJeGo5LVJRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImQzNDc1N2JhLWQzOGEtNDI1ZC1hYTA1LTYxYTdhZjNkN2I4NyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMWY3MmY0MjEtMWVjYS00MjdjLTk1YTYtNTRhNzAyZTY3OWIzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fSx7XCJpZFwiOlwiODY1OTA1ZmMtOGRmMy00MmE0LTg1NzItMjYxOWVkMjBmODc4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.EhBDuHBmZKEwbEIbotzafAy4eQ9SpQxkMxmL-ikLEuWJQa1wxv0I9OlyYb3fpCIDBSmi9f83W3l3V0XqCQyz_OEpKFBhyjCXPD-LIYKtv3YwQ0gIqVwkjH75Ch9EwfAEPDsS2izDQfcYpFIg7kVolXnOE431tMH4578qoBafapw-DQ9e-ILu6jxM6147uQ2P1b0MB-8dzmmPpnqToqFN5wUDQlwPxISDH0ait5-yn3DBqBE19bwhEHhFOp9TrbFSf8HN6Rt3JL5WO0GFIuzF1n3P0MAPscLCyIfqOE8Da8NTBJSJGeBsFMlbkuWpA2NOWlF7B65hou0K5xOiOmVHZw' \
    -d '{"standardRoleId":"773b9990-d6b4-4a16-8476-3127f75eac17","identityId":"caf94f90-ee25-4c78-89e3-669e1e375178"}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 492

{
  "id" : "6ed42df6-a3ea-43af-a85c-8d5bca6dde42",
  "identityId" : "caf94f90-ee25-4c78-89e3-669e1e375178",
  "standardRoleId" : "773b9990-d6b4-4a16-8476-3127f75eac17",
  "createdBy" : "d34757ba-d38a-425d-aa05-61a7af3d7b87",
  "createdAt" : "2021-05-04T16:13:29.083482Z",
  "updatedAt" : "2021-05-04T16:13:29.083482Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Grant Test Type 53 Admin - 50c7d045-5b3e-4275-87e3-4427eda88a37 to identity caf94f90-ee25-4c78-89e3-669e1e375178"
}

Delete Standard Role Grant

DELETE /standard-role-grants/{id}

Authorization

This endpoint requires delete action on the standard-role-grant resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have delete action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants/171cb326-61bb-4814-8db2-029b97ad7f0c' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJOUEE3TnBlWkVGQ1FtQkJiMHhYWGxBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjQyNjYzMDMzLTVjMWUtNGZhNC04ZjMxLTNkMmUxYmFhMzRkZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZjcwODAzZWEtY2Q3Yy00Y2ZhLThhNTQtZjEwNjBlZjM2MDVmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.KSusZqiwNdkCGN9crcOLbeBDqtdjHauV11H2aJUBqhFMoxiseFfBMb-WIxvYGvuMDEYqQEOBxgIBcnnLrQfSNSf-tFyjQlwbML63w60Ddv2YEw8BembX9HsECquDgRRukjwEoNbPRQASbj38AAU-7RGaszdIniaG4BGQaYSdqbdi9z3LK6CWL_xZSaotjqAdcoMcmsWyhRgu-R4PY7SQpD06XKWxlqkYgEb1p5jblaK8g6ubMxWc4tHD3mH3nORZ3lFJsmcjEtIlwSZhh1LaM5qmwno2zAgWCIoM2Yi4ylKnpMU3G9xGARv1YUI0fKC8o0i4886tWi_V1Bblpq4vQg'

Example response

HTTP/1.1 200 OK

Standard Role Types

Find Standard Role Types

GET /standard-role-types

Returns a set of {@link StandardRoleType}s that the client is authorized to read and which match the specified (optional) query parameters.

If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).

Authorization

This endpoint requires read action on the standard-role-type resource type.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

resourceTypeId

Object

true

Filters results to those that target one of the specified {@link ResourceType}s.

resourceTypeIds

Object

true

Deprecated..

authorizationStrategyName

Object

true

Filters results to those that are of one of the specified strategies.

authorizationStrategyNames

Object

true

Deprecated..

includedByStandardRoleTypeId

Object

true

Filters results to those whose actions are fully included by the specified {@link StandardRoleType}. In other words, all returned {@link StandardRoleType}s are logical sub-sets of the {@link StandardRoleType} specified by this query parameter.

Request fields

No request body.

Response fields

Path Type Optional Description

[].id

String

false

[].resourceTypeId

String

false

[].authorizationStrategyName

String

false

Size must be between 1 and 64 inclusive.

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link StandardRoleType} was created.

[].updatedAt

String

false

The date-time at which this {@link StandardRoleType} was updated. The only supported 'update' on this bean is to mark it as deleted.

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-types' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJDZU12T3NrUUdrek8td3VWZTE1UzVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjUyOTNmNjk0LTAzYzEtNDk3Zi1iZTJhLTYxMWFlY2VjOTYxMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNWI5NDFjZmQtM2FiMS00ZmMyLWJjMjEtODAzMTY3OTJmNmJlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.VveSCW_3nyjQ2RzogtSKGsFn2vqUPbodwWz7FZkYtzVoYqmwU4S9ksS1EYI1zuNMSbI1Hq0-wLfj8YkFzTGQyFnWzgZJVv66zFeLcdSMarzZYW42LIXyudKox7Iu33DtjgZqdLyLR98ygowEmZ8qcoQPksM9kgSXyZaM5nHNSQho2U9i_8i0RmhaMCxRAMFr4JG8u_WSYxRpT1ck8a0fADjOprTfH2dTSzFlPSNxqRkEWZk99E18YBGhzJNZG34IJqU6VCPpHMzVP0TvvLZTrfyCmmRQ0XVeTlO_3yERCXuzaDDMFKKBqId1F-6lBmZaHdBYl29qM2_Gq3UOkGJhXQ'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1020

[ {
  "id" : "ac3ccc54-b6b1-49b0-acb7-d62f62c8803c",
  "resourceTypeId" : "f5d99ac3-faf2-4f02-8e54-16f406e1da8b",
  "authorizationStrategyName" : "Admin",
  "createdBy" : "f0d3a4fa-5218-4502-99ec-75cb901e56d0",
  "createdAt" : "2021-05-04T16:13:29.563666Z",
  "updatedAt" : "2021-05-04T16:13:29.563666Z",
  "_title" : "Test Type Admin"
}, {
  "id" : "20bb9cc3-6760-43ea-a584-f2522487b6c8",
  "resourceTypeId" : "d5390691-32ef-4c52-a87d-95bb67749f56",
  "authorizationStrategyName" : "Admin",
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:20.997417Z",
  "updatedAt" : "2021-05-04T16:13:20.997417Z",
  "_title" : "Network Group Admin"
}, {
  "id" : "ee34f189-673b-48b6-bf49-0a0a839ce05c",
  "resourceTypeId" : "314f3b5e-5f16-4541-935d-2d029e519f44",
  "authorizationStrategyName" : "Admin",
  "createdBy" : "0fe4ff66-c667-4ea3-a386-3d1926e93f90",
  "createdAt" : "2021-05-04T16:13:29.167370Z",
  "updatedAt" : "2021-05-04T16:13:29.167370Z",
  "_title" : "Test Type 57 Admin"
} ]

Get Standard Role Type

GET /standard-role-types/{id}

Authorization

This endpoint requires read action on the standard-role-type resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have read action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

resourceTypeId

String

false

authorizationStrategyName

String

false

Size must be between 1 and 64 inclusive.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link StandardRoleType} was created.

updatedAt

String

false

The date-time at which this {@link StandardRoleType} was updated. The only supported 'update' on this bean is to mark it as deleted.

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-types/89851444-37a1-43bb-8074-0137b015d139' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJBUFhWQzV5anJ1aFpCWF9qMHhDVHF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjgyYWNlN2EzLTVlMTMtNGI1Mi05N2UzLWUyNDdlYzE5OWZmOSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNWI1ZjYzMGMtNzM4ZS00NmZlLWFjMWUtMDdkNjk0NDM0ZWYzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.CzEQb7WjXmPRuChqgoRf91nBnGCdTBkd2eLmifIRHdWF_9jRnK4OhRW9pMqTFkPkgw3StV5zwK8imPiSfUYwLyALQL9RBMHjpkQgO_qz8OQvdyMB-AuOBX5D9x980UiJomXwQcPNNN58wzOlvYWyGxNjUuvuFSiqRuZDEeuhLds3V753BMBgnWreR2RfTKYQzKAQuOERHLgxJCrjXfIhCiMNioetoLUnGfMJC7lAMon3gS_uOPcEnyTUMDuEZ6GWBR-hkkVo1KIhK5pZ_gIUiJopgP4G91T5BlT1_UygYOmsTYyfqU24mORWe-GEsBd4GyxAbbU-7CFHdJ0eMWtGjQ'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 338

{
  "id" : "89851444-37a1-43bb-8074-0137b015d139",
  "resourceTypeId" : "8c895e17-31af-436c-ae9a-f65ee8d35fcd",
  "authorizationStrategyName" : "Admin",
  "createdBy" : "60c09256-1538-4255-a008-b4ed2e38d4c0",
  "createdAt" : "2021-05-04T16:13:29.586792Z",
  "updatedAt" : "2021-05-04T16:13:29.586792Z",
  "_title" : "Test Type 59 Admin"
}

Create Standard Role Type

POST /standard-role-types

Authorization

This endpoint requires the following actions:

  • create action on the standard-role-type resource type

  • read action on the resource-type resource type

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

resourceTypeId

String

false

Client must have read action on the annotated resource.

authorizationStrategy

String

false

Response fields

Path Type Optional Description

id

String

false

resourceTypeId

String

false

authorizationStrategyName

String

false

Size must be between 1 and 64 inclusive.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link StandardRoleType} was created.

updatedAt

String

false

The date-time at which this {@link StandardRoleType} was updated. The only supported 'update' on this bean is to mark it as deleted.

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-types' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjNVN5TDZJV2JQbFRnVU9IQzFURUd3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImYwZDNhNGZhLTUyMTgtNDUwMi05OWVjLTc1Y2I5MDFlNTZkMCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMmRkMjgzOTctYWQ1MC00NmJmLTg4MzAtYzZjZTgzODE4YTg1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fSx7XCJpZFwiOlwiNzc4OWNkZTAtZDdiNi00Yjk4LWE2MzEtMzAwN2EyNzNlZWNhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.KKmE16-X_uG0FkPprAnECYbtsDwC5TyQ4R7gJLkfe9bmytfAOJXvIi_xeJvbTqFd86qtlnbwv9bGcFLBDPgeZvRisL-bKrymKNLUjwXZesdhXYqHpkcD0EPSMMceoCpDMzVpiO5r6t3P4fll8OfcACCRCpULQYivo3SM6WfLdDn94gMtMt0ACDmOXsECctxd4hvXshbcG8CyRMreCgJju_5rO6Re8hK4WWc85BRzqf0VEPdY6hrW4Ip7SaY-f_8PdEi6sTLx-PLPXbpXW5ycWZGGMjszOuhT3TWXkFZWdmk6jhJxpqYMSnoT5D_D5v-zLlTRThceRCmlxoIOtgaOkw' \
    -d '{"resourceTypeId":"f5d99ac3-faf2-4f02-8e54-16f406e1da8b","authorizationStrategy":"Admin"}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 335

{
  "id" : "ac3ccc54-b6b1-49b0-acb7-d62f62c8803c",
  "resourceTypeId" : "f5d99ac3-faf2-4f02-8e54-16f406e1da8b",
  "authorizationStrategyName" : "Admin",
  "createdBy" : "f0d3a4fa-5218-4502-99ec-75cb901e56d0",
  "createdAt" : "2021-05-04T16:13:29.563666Z",
  "updatedAt" : "2021-05-04T16:13:29.563666Z",
  "_title" : "Test Type Admin"
}

Resource Action Inclusions in Standard Roles

Find Action Inclusions

GET /action-inclusions

Returns a set of {@link ActionInclusion}s that the client is authorized to read and which match the specified (optional) query parameters.

If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).

Authorization

This endpoint requires read action on the action-inclusion resource type.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

resourceActionId

Object

true

Filters results to those that apply to one of the specified {@link ResourceAction}s.

authorizationStrategyName

Object

true

Filters results to those that apply to one of the specified strategies.

isDeleted

Boolean

true

When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not.

Request fields

No request body.

Response fields

Path Type Optional Description

[].id

String

false

[].resourceActionId

String

false

[].authorizationStrategyName

String

false

Size must be between 1 and 64 inclusive.

[].includeWhenAbove

Boolean

true

True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is above the {@link StandardRoleType}'s {@link ResourceType}.

[].includeWhenAt

Boolean

true

True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is the same as the {@link StandardRoleType}'s {@link ResourceType}.

[].includeWhenBelow

Boolean

true

True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is below the {@link StandardRoleType}'s {@link ResourceType}.

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link ActionInclusion} was created.

[].updatedAt

String

false

The date-time at which this {@link ActionInclusion} was updated. The only supported 'update' on this bean is to mark it as deleted.

[].deletedAt

String

true

The date-time at which this {@link ActionInclusion} was deleted. This will be null for an {@link ActionInclusion} that has not been deleted. If this property is not null, then the {@link ActionInclusion} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

[].deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJzWTZPc19tUWxHSVA1dEt0X3liX0ZRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImFlNGMyNmJlLTdlZjctNGRhMS05YjliLWRiMDc0ZGYyM2MxMSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgxMCwiZXhwIjoxNjIwMTQ4NDEwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZTQ4YzQzODAtM2YyZS00YTViLWJjYWMtYTI2NGFlNjI3YTM4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODEwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.VUPix3mnJczxrtxsK7lqnYMuKm9Sn6Tj7lQbs-d-ir1qnptVZVaUkuAUWY5vK9IK9Wm3lReiVuirS4cGKH87eoKm-kp-oIhsDw0_4OB7oIMjz2JPufyzLTlnLEf3pKcPe6ajXrGCaZUN3lbzXTPGzfaz_q7uySKEjSzoedXkpHzSEk32n0Rr4aSn48U6e0UK2DrawrEIJgFv4Z1c1eggs8NpIZWNG5APnNG8Tc1IAJFjvhJOvBqzQxmHBhXV_y0qBJAb8EcHqn8I8fcBGyP5i-uATAt7DN2ecqbUkOVgyNdrixrMSAiTs6fxlQlzX6lpPyDdUlgNHn9s0NJUAMbZ_A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1563

[ {
  "id" : "54ed15bf-b341-47e8-b8d7-b5421d980f20",
  "resourceActionId" : "1fe7e490-7037-45a2-af4c-cfdc92fd40ac",
  "authorizationStrategyName" : "Admin",
  "includeWhenAbove" : false,
  "includeWhenAt" : true,
  "includeWhenBelow" : true,
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:20.975091Z",
  "updatedAt" : "2021-05-04T16:13:20.975091Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Inclusion Rules for Update Azure Virtual WAN Site in Admin Standard Roles"
}, {
  "id" : "e3881584-32b3-4214-b155-a3bfd7894145",
  "resourceActionId" : "32322ef8-07c8-4339-82a1-45ee5cf358a5",
  "authorizationStrategyName" : "Contributor",
  "includeWhenAbove" : false,
  "includeWhenAt" : false,
  "includeWhenBelow" : true,
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:21.720279Z",
  "updatedAt" : "2021-05-04T16:13:21.720279Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Inclusion Rules for Update Service in Contributor Standard Roles"
}, {
  "id" : "87cbaf33-b2b4-45e7-bb15-69f6f02286b5",
  "resourceActionId" : "58fe76fb-a19d-4b9f-9114-c0749a0a0202",
  "authorizationStrategyName" : "Admin",
  "includeWhenAbove" : true,
  "includeWhenAt" : true,
  "includeWhenBelow" : true,
  "createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
  "createdAt" : "2021-05-04T16:13:20.973926Z",
  "updatedAt" : "2021-05-04T16:13:20.973926Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Inclusion Rules for Read Geo Region in Admin Standard Roles"
} ]

Get Action Inclusion

GET /action-inclusions/{id}

Authorization

This endpoint requires read action on the action-inclusion resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have read action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

resourceActionId

String

false

authorizationStrategyName

String

false

Size must be between 1 and 64 inclusive.

includeWhenAbove

Boolean

true

True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is above the {@link StandardRoleType}'s {@link ResourceType}.

includeWhenAt

Boolean

true

True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is the same as the {@link StandardRoleType}'s {@link ResourceType}.

includeWhenBelow

Boolean

true

True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is below the {@link StandardRoleType}'s {@link ResourceType}.

createdBy

String

false

The identity id that created this resource.

createdAt

String

false

The date-time at which this {@link ActionInclusion} was created.

updatedAt

String

false

The date-time at which this {@link ActionInclusion} was updated. The only supported 'update' on this bean is to mark it as deleted.

deletedAt

String

true

The date-time at which this {@link ActionInclusion} was deleted. This will be null for an {@link ActionInclusion} that has not been deleted. If this property is not null, then the {@link ActionInclusion} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

_title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions/a851b992-367c-4dd9-bbed-5c2fae313793' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJPWWp3c3h4VUJRLVBZX3JMa29RYnlRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImRmN2JkMDM3LWQ0MDEtNGUzYi04YThkLTU3NmFkOWFmYjk0ZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgxMCwiZXhwIjoxNjIwMTQ4NDEwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMjJhNDlkNjUtYjIyOS00ODM1LWI3YWEtMmZhZmNhY2Q0OWVhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODEwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.WuvFtF04q9M8Nau5jZ7lAa4MNqzC7x6R_GCvCeihJsxPdNeBLL20UxTsWRUR_NKywn27gE8-cQGn8VpVjl6p7T_TKaqqZGmlQagrLLBBcOjOnsUWu1lNMRB90RBWmh0XD2LjRDLY0Ikh8W7glQ65ZXtND7JrhoQGHdRJN2AFN1b3kR4_GoyNv0g4uMh6hseOOBbrfFIz2_nzZf9vkbVIHXhKd2Ac29uAae6VP_RlirvJxOhxzNjDN7rY8m3u9JkXw0-N4iKJ2raUzAn1Sk-0hD5Xqu5bXUOIApSXhD8zvl5hxKssw0sIMgfQSM3Yh65ZMi2fcTHP3O5vA1DDUL1uWg'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 522

{
  "id" : "a851b992-367c-4dd9-bbed-5c2fae313793",
  "resourceActionId" : "58523501-2b76-4993-97c7-6289bc1981d7",
  "authorizationStrategyName" : "Admin",
  "includeWhenAbove" : false,
  "includeWhenAt" : true,
  "includeWhenBelow" : true,
  "createdBy" : "cbe01cdf-364f-48ee-ba78-c4edd1b9ec23",
  "createdAt" : "2021-05-04T16:13:30.143201Z",
  "updatedAt" : "2021-05-04T16:13:30.143201Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Inclusion Rules for Test Action 67 Test Type 66 in Admin Standard Roles"
}

Create Action Inclusion

POST /action-inclusions

Authorization

This endpoint requires the following actions:

  • create action on the action-inclusion resource type

  • read action on the resource-action resource type

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

resourceActionId

String

false

Client must have read action on the annotated resource.

includeWhen

Map

false

Response fields

Path Type Optional Description

[].id

String

false

[].resourceActionId

String

false

[].authorizationStrategyName

String

false

Size must be between 1 and 64 inclusive.

[].includeWhenAbove

Boolean

true

True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is above the {@link StandardRoleType}'s {@link ResourceType}.

[].includeWhenAt

Boolean

true

True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is the same as the {@link StandardRoleType}'s {@link ResourceType}.

[].includeWhenBelow

Boolean

true

True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is below the {@link StandardRoleType}'s {@link ResourceType}.

[].createdBy

String

false

The identity id that created this resource.

[].createdAt

String

false

The date-time at which this {@link ActionInclusion} was created.

[].updatedAt

String

false

The date-time at which this {@link ActionInclusion} was updated. The only supported 'update' on this bean is to mark it as deleted.

[].deletedAt

String

true

The date-time at which this {@link ActionInclusion} was deleted. This will be null for an {@link ActionInclusion} that has not been deleted. If this property is not null, then the {@link ActionInclusion} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource.

[].deletedBy

String

true

The identity id that deleted this resource. This will be null until the resource is marked deleted.

[]._title

String

true

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJOTUljY0R1NWpWbndvT1RjbGhVQUxRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjU3NmVlOTlkLWEwMjItNGQyYS04MDJiLTkzZTJhNDY4ZWFkMiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgxMCwiZXhwIjoxNjIwMTQ4NDEwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNDA2OWMwZTYtMzUwNC00M2Y4LTlkMDctYjNjYmViZGRlOWE4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODEwfSx7XCJpZFwiOlwiZmM4Njc5ODYtZTNlNi00YjlmLTllZTItYjg3ZGQ4NGRlMzY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODEwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.UwHigST1CkLKVGnsfGg2VQc1ieAnIpfQny_7Jam-q4-x3S70Kb_wU6RuxNa47LcCsip4SnhKe-wgd6PajWPuG-_FdEFFxJXAfLbQ5lym-Jdz4U8JTCNBpR33YgL2J_n-67Q3epNx01Qu21tfPPl6eTN5GQM-QwBrd7ixY1baZaC28vT1H4UKGtHEUJM_1QklO_l6SaAOQ-WayUWCqdcrMYbTVRbNGzgowumz4NLxtXhCCWl5_CGlxArZh6AN_kXMvWSOToyfWUlh-c2Xv3LXHCPh1_foc1W-9DrfMIQTgfV8pKHJ-JZydxrfEq6vQTAxjzNE1G_o5so1IDdgYdTiag' \
    -d '{"resourceActionId":"97c56046-f887-4860-8c75-53189a3cd9b3","includeWhen":{"Admin":{"above":false,"at":true,"below":true}}}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 526

[ {
  "id" : "ab104243-d805-4bf6-a871-04c9ecee15d3",
  "resourceActionId" : "97c56046-f887-4860-8c75-53189a3cd9b3",
  "authorizationStrategyName" : "Admin",
  "includeWhenAbove" : false,
  "includeWhenAt" : true,
  "includeWhenBelow" : true,
  "createdBy" : "576ee99d-a022-4d2a-802b-93e2a468ead2",
  "createdAt" : "2021-05-04T16:13:30.208511Z",
  "updatedAt" : "2021-05-04T16:13:30.208511Z",
  "deletedAt" : null,
  "deletedBy" : null,
  "_title" : "Inclusion Rules for Test Action 73 Test Type 72 in Admin Standard Roles"
} ]

Delete Action Inclusion

DELETE /action-inclusions/{id}

Authorization

This endpoint requires delete action on the action-inclusion resource type.

Path parameters

Parameter Type Optional Description

id

Object

false

Client must have delete action on the annotated resource.

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions/d916f2c4-ab09-444d-b852-26a24d3f1468' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJIdHJuQVhuQVBzTkdBaDhVLUZCWk93IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImJjMTdhNTRmLTM0YzMtNDhkOC04ZTgzLTkyMjdlNDY5MDhkYSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgxMCwiZXhwIjoxNjIwMTQ4NDEwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjY2OWZmNWFhLWEwNWUtNDc2Yy04YjU1LWVkNjg1ZWExOWIyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImRlOGE2Y2FkLTNmYTAtNGJkOC05YzVkLTBmZjljODVjNDViYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjEzZmFiMjlhLWY5ZWYtNDc1ZS05N2ExLTY3NTJkNDk2ZDkxY1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcImQ0NTBlYzczLTM5ZjAtNGE1Mi1iMTM1LTJkYTc2N2ZjM2IyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwNX0se1wiaWRcIjpcImRjN2NjNWMwLWVmNTEtNGIyYy04NjllLWQ0MGRmN2RjYjFmMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMn0se1wiaWRcIjpcIjM0NmM1ZWYwLTQ3M2ItNDBkNi04MjNmLWE4MTE4ZDAzYWYzMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH0se1wiaWRcIjpcIjhjYzc5Y2EyLTRlNjAtNDk4Zi1iOTA5LTBkODU5OTEzMTlmZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjQyY2ZmNTgxLTgzNWMtNDgxYy1iZGVmLTQyNTgxYjc4MzgwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjRkNjZhOTI3LTIzODEtNDdhZS04ZWQ2LWM5MWUzZmEwYTA5NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcImI2MDg0ZWM1LTVmMDAtNGY3Yy1iZTg1LTQyYTkxZTQ0YjgyMVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX0se1wiaWRcIjpcIjhhZTk5OGU5LTZlNzktNDRmYi04ODA3LWFiN2NjODQxNDg3N1wiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwMX1dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYzBhOGI4NjEtNGM3YS00ZGI0LWE0OTItZjQxYWNlMjZkNTE5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODEwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.HIQabi9jbI_-fJSDHt67AXvovYWDXEI60EPxIe4LiGXW2wAusrKEA0UGjEVTE1Bh1AngRCa216Uyck8Gk7iFm6m0Q7Eh_m4xvQ6jZjQxEr_ad908HPwH1Rq_U2BhzPmS69K0a4RUx9uTfEekcBO7k20MltrW03B3v0CN4dLe4yw-fSthwT4tF9dLNYzknqsBeipJIsUIi0R-xiV2Qq5XNPBg-xE75rVB9vx5K5cpvU15oE6ZBAxrmL9OlMrMM562UViQyE6j8m11ZpB8l9Dvp_uKpP4FM2WAN5wYzC-WE9AjkVaj351wV0Gn3chS7Z7Fb3u7a61qwaMRc7ypkoUcfA'

Example response

HTTP/1.1 200 OK

Deprecated Resources

Resources

Find Resources

GET /resources

Authorization

Authorization not required for this request.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Parameter Type Optional Description

nameLike

String

true

descriptionLike

String

true

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

id

String

false

name

String

false

description

String

false

resourceTemplateId

String

true

createdAt

String

false

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/resources' -i -X GET

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1152

{
  "content" : [ {
    "id" : "2b374a00-bf8d-4874-8cb5-5ce67adff0e0",
    "name" : "nfrn:orgs:*:nets:*:gateway-clusters:*:endpoints:*",
    "description" : "All Gateway Cluster Endpoints",
    "resourceTemplateId" : null,
    "createdAt" : "2021-05-04T16:13:19.743690Z"
  }, {
    "id" : "cdace3ea-d75b-11e9-b01a-d05099466715",
    "name" : "nfrn:*",
    "description" : "All NetFoundry Resources",
    "resourceTemplateId" : null,
    "createdAt" : "2021-05-04T16:13:19.743690Z"
  }, {
    "id" : "cdace5d7-d75b-11e9-b01a-d05099466715",
    "name" : "nfrn:orgs:*",
    "description" : "All Organizations",
    "resourceTemplateId" : null,
    "createdAt" : "2021-05-04T16:13:19.743690Z"
  } ],
  "pageable" : {
    "sort" : {
      "sorted" : false,
      "unsorted" : true,
      "empty" : true
    },
    "pageNumber" : 0,
    "pageSize" : 20,
    "offset" : 0,
    "paged" : true,
    "unpaged" : false
  },
  "totalElements" : 50,
  "totalPages" : 3,
  "last" : false,
  "numberOfElements" : 20,
  "sort" : {
    "sorted" : false,
    "unsorted" : true,
    "empty" : true
  },
  "first" : true,
  "size" : 20,
  "number" : 0,
  "empty" : false
}

Get Resource

GET /resources/{idOrName}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

idOrName

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

name

String

false

description

String

false

resourceTemplateId

String

true

createdAt

String

false

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/resources/66e6df94-062e-406a-b19c-c1cc8b5f7910' -i -X GET

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 193

{
  "id" : "66e6df94-062e-406a-b19c-c1cc8b5f7910",
  "name" : "nfrn:tests:*:foos:*",
  "description" : "All Foos",
  "resourceTemplateId" : null,
  "createdAt" : "2021-05-04T16:13:25.342620Z"
}

Create Resource

POST /resources

Authorization

Authorization not required for this request.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

name

String

false

description

String

false

audience

String

true

Response fields

Path Type Optional Description

id

String

false

name

String

false

description

String

false

resourceTemplateId

String

true

createdAt

String

false

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/resources' -i -X POST \
    -H 'Content-Type: application/json' \
    -d '{"name":"nfrn:tests:*:random:*","description":"random test resource","audience":"io.netfoundry.tests"}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 207

{
  "id" : "48bf59ad-78f5-454b-98bb-728cee1c0e8f",
  "name" : "nfrn:tests:*:random:*",
  "description" : "random test resource",
  "resourceTemplateId" : null,
  "createdAt" : "2021-05-04T16:13:30.052045Z"
}

Delete Resource

DELETE /resources/{id}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/resources/b1de36f3-9238-45cf-95a4-63f487b8d7cc' -i -X DELETE

Example response

HTTP/1.1 200 OK

Actions

Find Actions

GET /actions

Authorization

Authorization not required for this request.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Parameter Type Optional Description

nameLike

String

true

descriptionLike

String

true

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

id

String

false

name

String

false

Must match the regular expression :[a-zA-Z0-9-].

description

String

false

createdAt

String

false

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/actions' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJPdk5YNkNSTW9DZ1VUa051S1dxM0V3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjdmMjQ1MTk2LTJmNzYtNDE5NS1iODY5LWNjZmJhNDc5OGYyNyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImNkMGZlNjI5LTMxMDAtNDlkMy05YjEwLTJkMTRjMWQ1NzQ1OFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.TgOBVgQqk-gyRvGtmlcnGT80Qt6NJ2kLUEIt4d97DS_ds6zfonlNK7jgecThw6IYwHKhyoF7YcY5DtdiIpzG3FXidh_rD2QKGDN54rlcLpkvrcFBSRz2Ivc0b6UBmsdp-EG3JyQf8lHlAo-4yLxZIo8rzDRWFPAFN143qWApQWnInv8QFp1k1KGncgcu9qdkZIdX9W1M83RNOyuDW8jOl9TtVkfG4EwDHv00NLx88sztYNg0nFWvEZYY7Ax_VBlelEbmhMH5P7NNOlvShKqpOoWNlIhSWLHAGsF9kuMtO2zLtbPuqqeT7jsMW-h1rj_WjibJZ_eqmcN9T8XiIYwscA'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1052

{
  "content" : [ {
    "id" : "a68353ea-b58d-441e-8714-b5ed62c75f22",
    "name" : "networks:create-aws-autoscale-endpoint",
    "description" : "Create AWS Auto-Scale Endpoints",
    "createdAt" : "2021-05-04T16:13:19.681665Z"
  }, {
    "id" : "ce0b865f-d75b-11e9-b01a-d05099466715",
    "name" : "*:*",
    "description" : "All Actions",
    "createdAt" : "2021-05-04T16:13:19.681665Z"
  }, {
    "id" : "ce0b8832-d75b-11e9-b01a-d05099466715",
    "name" : "azure-subscriptions:*",
    "description" : "All Azure Subscription Actions",
    "createdAt" : "2021-05-04T16:13:19.681665Z"
  } ],
  "pageable" : {
    "sort" : {
      "sorted" : false,
      "unsorted" : true,
      "empty" : true
    },
    "pageNumber" : 0,
    "pageSize" : 20,
    "offset" : 0,
    "paged" : true,
    "unpaged" : false
  },
  "totalElements" : 173,
  "totalPages" : 9,
  "last" : false,
  "numberOfElements" : 20,
  "sort" : {
    "sorted" : false,
    "unsorted" : true,
    "empty" : true
  },
  "first" : true,
  "size" : 20,
  "number" : 0,
  "empty" : false
}

Get Action

GET /actions/{idOrName}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

idOrName

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

name

String

false

Must match the regular expression :[a-zA-Z0-9-].

description

String

false

createdAt

String

false

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/actions/290b85f3-9f00-448e-a60b-3be0b687d312' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJFMXJaaTZScjlFd2VKa1B3VzU3VjdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE0YzQ2YjNkLTIxYWQtNGQxNC1iOWFkLTNiOTQ1NzhkMTNkOCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjVhMmMxYWVhLWNmNTItNGVmNS05YzBlLWUwMmY1YzVlY2UwZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.NsRz0esKJOoLLNP7Mj5WX_680xZyM8XLog3vD6nIT68BErlJdwlmoV_wPKtqKKornS_8O9Cm2v6OcBvXH8_3TDVfLNkA4ZwORKHg7HBmuwUaQZ8OceVoNuB450qaigpvLphlCj5MWHNVSJe91ckrgQXeq9eBB0x9In6PLnaM4KZnTTIpTp0ix5fIh0driVqWMVkL4Ktc-2o6g_vV1seIv8ZuRqwovEi7PsMQ_kseBqgEm90q5HLby15r8uhz0wf4WOtP4nbgBiFy8dJWQ5Y16pjFhT2rHVM9VHGvXSo_d1ZwMHVe5PMPR0TuV9h45ji5ZmiVXGKOHwsqm6WTMRF7gw'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 161

{
  "id" : "290b85f3-9f00-448e-a60b-3be0b687d312",
  "name" : "tests:create-foo",
  "description" : "Create Foo",
  "createdAt" : "2021-05-04T16:13:25.330793Z"
}

Create Action

POST /actions

Authorization

Authorization not required for this request.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

name

String

false

Must match the regular expression :[a-zA-Z0-9-].

description

String

false

Response fields

Path Type Optional Description

id

String

false

name

String

false

Must match the regular expression :[a-zA-Z0-9-].

description

String

false

createdAt

String

false

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/actions' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJsR01PdmNySzJIMkhJUG10anFEWjNnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjdmY2EzN2FiLTZiZTItNGM3ZC05MDJjLTMwMWZmODIzZDI1MiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjhhYjA2NjJiLWZhNjgtNGI1OC1hMzllLTcyNDQyYWQyMzkxMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Cli74_oCfh5u3QOMgmoJWNmqkejW-y-w0PIv-iTXp4Sjc2dQD29KAu0BYKUpIwVo71EuN4jsXJTihOh1qNMbXMhj5AjRfKG-iMzHqBB-NNHpmAq9FOULxSbTP-KpCWtpSXs_XZh0Z6IP0GtjfihMWTycSZcJj5Cgdj_abFvG1wvwtn5CC4-Rp9VX9xT21TXCScyjDchDMcjcXHglguFCLXNuZGYcCqfI4fu2nXSgDWFT3Yrkca20JApEZMLO7jFlQZG1ObvnSIrJtX3Q6lmlJbgFKIJJ6-ZO7NMU_Ixawq5sOEpfzBePqojqRECtmJ3jb71lRX18ZamPMEoBGM9M2g' \
    -d '{"name":"nfrn:get-widget","description":"Getting a widget"}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 166

{
  "id" : "92b89c06-3460-446b-ae7f-3024dbb1d339",
  "name" : "nfrn:get-widget",
  "description" : "Getting a widget",
  "createdAt" : "2021-05-04T16:13:29.295147Z"
}

Policies

Find Policies

GET /policies

Authorization

Authorization not required for this request.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Parameter Type Optional Description

resourceIdIn

Object

true

actionIdIn

Object

true

descriptionLike

String

true

roleId

Object

true

identityId

Object

true

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

id

String

false

resourceId

String

false

actionId

String

false

description

String

false

createdAt

String

false

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/policies' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ2VlVuVndLOERIaVRWdE5iaW5XRk1nIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImY3NTBkODkyLWEwNjYtNGU3NC1hMzk0LTAzNDYzYjNmZmU2YiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImRhZjUyOTgyLTE1OGYtNGYxOS1iMzBlLTc0ZjI1ODZmNmFhOVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.NGSd9xrWm70kWhfG69UZSAobBTcfLULEINnA0JKjRlb7xpl63aH6iEy6oUAtDCelfaN1_9FTsjwNaHCBVbfImJWohWbG_1JHupJNVigWabm-CfacqiY95VK65oe-wpH69YHYbge5788pZKg_WuxB9UlZJIgx9Q4QbSBKTs6Q9jHrDluQvKoeX7aHumDimrI-A96HBI0XprrNzOx3hUZLgpbpRfr2vimyK2gBrSPVogg5tRdE1KkYMbMcYcxbmy8y075lGat09QubSV4a_bmTyZJPNOHKnqYIUq0FtvIyiz6pQpXFP60qTTG6CicitG5ALb1xCagAwuqMBR6zhR0jkw'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1215

{
  "content" : [ {
    "id" : "0597e8f7-be2b-11e9-b33b-d05099466715",
    "resourceId" : "d862d360-d75b-11e9-b01a-d05099466715",
    "actionId" : "d180d08a-d75b-11e9-b01a-d05099466715",
    "description" : "",
    "createdAt" : "2021-05-04T16:13:19.811588Z"
  }, {
    "id" : "0597e924-be2b-11e9-b33b-d05099466715",
    "resourceId" : "d862d360-d75b-11e9-b01a-d05099466715",
    "actionId" : "d180d1a5-d75b-11e9-b01a-d05099466715",
    "description" : "",
    "createdAt" : "2021-05-04T16:13:19.811588Z"
  }, {
    "id" : "0597e934-be2b-11e9-b33b-d05099466715",
    "resourceId" : "d862d360-d75b-11e9-b01a-d05099466715",
    "actionId" : "d180cffa-d75b-11e9-b01a-d05099466715",
    "description" : "",
    "createdAt" : "2021-05-04T16:13:19.811588Z"
  } ],
  "pageable" : {
    "sort" : {
      "sorted" : false,
      "unsorted" : true,
      "empty" : true
    },
    "pageNumber" : 0,
    "pageSize" : 20,
    "offset" : 0,
    "paged" : true,
    "unpaged" : false
  },
  "totalElements" : 171,
  "totalPages" : 9,
  "last" : false,
  "numberOfElements" : 20,
  "sort" : {
    "sorted" : false,
    "unsorted" : true,
    "empty" : true
  },
  "first" : true,
  "size" : 20,
  "number" : 0,
  "empty" : false
}

Get Policy

GET /policies/{id}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

resourceId

String

false

actionId

String

false

description

String

false

createdAt

String

false

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/policies/8cf31859-6c16-4379-aca9-104fe1c6b6ca' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ5NFZkYnNLdUw0ajRJZ1FoNHd1VE1BIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjM1NzY5MzRjLWFmZmQtNDllMS04MzkwLTgxZDZkMmQ3MmIwMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImYxZTI5NzY1LTUzMzYtNGRjYi04MDIzLTJhMGRhNTk0MmNiNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.UcCifqdctE1mDRRv0vBhyslebYqMrI3uQTwYzBeYnqaHG2EvmK3YzP0iYXLo4QlWxEoBRNaKFY_DjkGwrXpiWFQQplpGsdlHKLFHz-oTfZrUMo3boiD7XJCfGsgpI2D-HSeS3gM0XJ1eJPLPl4xlY7M5spw97tUonpPQ5cPmU9kSa88T_dHcArYmZoRzjTsllwEDp6llgZgGfi8jlIOJZzntoRg2O3PXAWJXRc_LXncWoBfFI_MdluftzAFTsjYer0bK9xHEeySdcPBamhTqW5AMUGsDf3r3E-OV3lDIEMjKecyK3Cbt0Ut9a_MUFANCGSF03dgB6IG-pE-Mmzf7rA'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 255

{
  "id" : "8cf31859-6c16-4379-aca9-104fe1c6b6ca",
  "resourceId" : "66e6df94-062e-406a-b19c-c1cc8b5f7910",
  "actionId" : "290b85f3-9f00-448e-a60b-3be0b687d312",
  "description" : "Create Foo for All Foos",
  "createdAt" : "2021-05-04T16:13:25.357136Z"
}

Create Policy

POST /policies

Authorization

Authorization not required for this request.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

resourceId

String

false

actionId

String

false

Response fields

Path Type Optional Description

id

String

false

resourceId

String

false

actionId

String

false

description

String

false

createdAt

String

false

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/policies' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJTaFVMNzFCbThoVHRoNFF0ZTFwOGxBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNmNTQ1Yzc2LTkwZTItNDY2Yi1hYzAwLTU3ZTUyMTQyOTgzMiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjQxNmIxOTIzLTYzNDUtNGM4Zi05ZWJhLTZiZjYwOTZlYTA4NVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.XspT_m8loVIqlOByuODxsMFoUYm-5V9X2-dB-Be8XxV7SLMHto0gnjYO05G5ZHZNp1o2MMzWMgSP0lJ7k3Z3kDGvAA--_DjvuL-qDLuPdrJ--wFfeZX6YN6mIk6yjenpfgN9Xj7lEoPs4tI-7zcNkyFRZf0CJ1ez8Kd1MHfrDC63XMJ3QQCyeK35dJ4czBIU0vFyh7cWxwTaZGpGRFBtMLlQjBUrQpujNCuPvAOUWPgJTWugmNqhGew21-ORKdHibE9Yo7GXxWOp-w7CDNshTOwdx7cT6XWD5x4zg5InMD5RMzoLJ-sQDkswhS70sQEkgKPrmmd_CZEW8r3zAiwNWA' \
    -d '{"resourceId":"0f9a2bfb-a866-452d-a535-d3a73c2f8c9f","actionId":"10f8ccca-96f8-4e72-b807-164cde36322a"}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 264

{
  "id" : "29a8a346-4e44-46da-a074-63b410abe762",
  "resourceId" : "0f9a2bfb-a866-452d-a535-d3a73c2f8c9f",
  "actionId" : "10f8ccca-96f8-4e72-b807-164cde36322a",
  "description" : "Random Action 38 on All Random37",
  "createdAt" : "2021-05-04T16:13:28.649333Z"
}

Delete Policy

DELETE /policies/{id}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/policies/299f0702-ecd3-4fbf-973f-a2dfe120dddc' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI1VUNVR2k5N2o0MTZObUt4ZEhMYktRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImNjMWNlN2NiLWRjNzItNDc1My1hMTI3LTlhYTA4YjlhZWRlNiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjIwZjQ3ZmE3LTE5NWEtNDJmYS1hYWVhLWI3MTliYTJhMjcyMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.XMdCUATkcD4qrw4Yoyvqb-uoRjRe4BHboOzpks5d4g8dKNWoygs_VgLsU-m01nxadjvnsgiyQbKDaA59vb_Cj49aCMsCPj8goo2qE77JgYjX54GvxJPrC8TRvIUi9FZmx6KvJQkv-ViBbHSKK8AZz9vUaCMZXFcajmIS6mqw9O6wbB_5WnVTHVzNPom0dvNzBNtvDG-5yoQbSvrLqw6-lxqJgyUQz_Vg8VtHgzjhNG32n8kqglDDjcjuMA-R_uZ41yipWoDR1KG3AVnklGsPQ6jyNAB9P_jnyn8NsGz8hPg14mSKdiTgjcuKehoJD0EIPHa25ABVxYp7R9BFWOXQrA'

Example response

HTTP/1.1 200 OK

Grant Policy To Identity

PUT /policies/{id}/identity-grants/{identityId}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

id

Object

false

identityId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/policies/9b516459-7695-4b9e-beb2-9ddea416f967/identity-grants/4843eb6b-04bd-4e35-9526-7e405a40a6b1' -i -X PUT \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJYLWhTT3hnVDJOeksxblRKZEZnTG5nIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjcwNWJlNjY4LWFhZjYtNDBlNi1hNmIwLTRkMzc3YzYxZTE2OSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImJhZTU1NjA3LWMzNTktNGRmZS05ZTk0LTI4OWQ1ZmI5NWQ5MlwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.AyxRGDEO43DZuOqCry3ySn4zjbA_m_ZpH25Fu0cb8kD4VyS6DB8P37DF_BDiMugkioDcbzIglIni4KbAyIWaISqDAmfNZRxoAYQXuUdQ9j-RzRvZZO5a_I1P6LkGRlmZRMoC3KKeI2rypH81r11pXBfQtxvyW6Z2OWnFJmKobCKpdxGHo77H5_dcWo4FzVBeGXKhu2aVVlkW1JKtj5E9ekzM6p8oDFRKdVLuqZjd5GcTlTCa0crqsIEHZMghiXWNz71V7FkEc97cDbmrRsb5NAqOszchCOpGL5c4r1_yUwatYJQe9orUsQBwRSlPzO_6C128PC4-TI6w8dZo1hVweg'

Example response

HTTP/1.1 200 OK

Revoke Policy From Identity

DELETE /policies/{id}/identity-grants/{identityId}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

id

Object

false

identityId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/policies/8f16865e-37d3-4d1a-bad5-fa4b6d9fe286/identity-grants/b135782f-9621-487d-82d0-9681f0d3ae8a' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJNMkc5ZjFHajdpODNBVWpuaUtGVGVnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImEzNzc4ZDc3LTI4YzktNDNiZC04YzI4LTZlMGM3YjExNzE1NyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImYyNDZmOGRjLTU2NmItNGVjNC1hMDIwLWFmM2Y5YWZmNDg0OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.YTZIZR9N9e11-tBV2TmWTuyAo7Dzjd_k7ekRHjuOJwHBvJTYK5qr6hzR-GHbNof0b-CMTIfzGG1ggykv4NawsZo7yN8nA1T0imtWLYrCIr-Pw8FGN4esOfVHTR0eQGBpYFmwJhnSk5av0UNkGfMubVPpjbx00hlUZTmXd_kjiRek_iz3HLrzC2rkve7gE4lWg0Y8KW9AhZB-lP-KIC0Q06fqIbHWlaB-qa_2TNMwVI-LbvjUJpTJlTYgUjOXmqBihzdFNbqVfp3l-BXKJTGpvnPHiNiGcyzA0fcDwJheLS0wXeAg3j6cdJ9i2oMHISQNUFQShaHeiCXnqiHOtuVMQQ'

Example response

HTTP/1.1 200 OK

Grant Policy To Role

PUT /policies/{id}/role-grants/{roleId}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

id

Object

false

roleId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/policies/5718e64f-e77b-4590-8d56-b07b3142f27c/role-grants/7f32e6f1-18eb-44e1-ae40-fcd03f299e06' -i -X PUT \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI3ei1FbHR0Um50S0ItMmdpZldOaEl3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjczMTBjMGRjLWQ3NTktNDU5Mi1iN2MwLTRkN2UxMWQ0OTE5MyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjhhMzQyMjMyLTU0MTctNDhjMC04YjJiLWE2OGJiYjIwOGNmYVwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.hYAY3N01XVqMS5Yk9KZe574bnr1JhzGcnmV8WlFeb7HywhgTHkXv-mCDCbO44Zw7Bb1MlM2ol6tL2yf_RSqj6YhMWtIgD9732GA8RyyzigzAqk7dWT9HY_YzGgizpdzaXblzikRt9nO7vppUBVRsHzqSCeYPNRVcElUZKyAO7_g1c_Sln6_CYzN8X6U4Agi6L_43XJH8N2dUfDQCsCGx6VCX3vyJnfbbjAFX7g2CTjWj0ltcdQlw5LIpNu5ReVnDd1QLQtcyAKinlDMv_MUJxcpeTBzu0ZUdOm-P7PJ5XzIP5DABKSsyui2NR-3wTryC0vSxSKEBO8Mp2nsiyHNNVw'

Example response

HTTP/1.1 200 OK

Revoke Policy From Role

DELETE /policies/{id}/role-grants/{roleId}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

id

Object

false

roleId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/policies/c2621d94-673c-4615-a314-7b347d39bf4d/role-grants/b3a3e797-fa78-431f-a52b-680d496d13c7' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJaVEprMC1IQlA4NUNQcVJoSlZ1SDl3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImUzZjc4YmMxLTFjNjctNGI3OS1iZjczLTM1NmU3ZGI3YmE3OSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOCwiZXhwIjoxNjIwMTQ4NDA4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjZlODRmMWE2LWQ5NjgtNDhkMi04M2I4LTQ2MDE5MTViMWE4MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.cVjvlhQ3799DflyTbKrrkEVM4dATHFcHxZ7jpU6gUNytUf_l4OIRWL6hF7uyK940Lq-jpYg3aIGiBK8S0pGPSaZwVjdbFonRFNO_G3emjggae_1xozZt3jeCqFAOV0LebIs3f31GN6kOG-xca3QhyQfbAB7v1zlKGNjIHj7IDn1eESDQasP3LKiW6ZahX7fHzaOBae53Xkv5B7drr9Y6qt0a8CbtfuFQDeMeNfS0Hd5rcz2iMhKycPcBFh2oiDjx3sgYdkVUA2OdkDsrX7GoaxdclSw4xcGijG18_zgyzxmaSAcS1kp1Env1BwH5InCSYE7CdOHMjuF8Vpon-A0rAA'

Example response

HTTP/1.1 200 OK

Roles

Find Roles

GET /roles

Authorization

Authorization not required for this request.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Parameter Type Optional Description

nameLike

String

true

descriptionLike

String

true

policyId

Object

true

identityId

Object

true

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

id

String

false

name

String

false

description

String

false

createdAt

String

false

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/roles' -i -X GET

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1049

{
  "content" : [ {
    "id" : "ce46aba4-d75b-11e9-b01a-d05099466715",
    "name" : "super-user",
    "description" : "Super User - All Access",
    "createdAt" : "2021-05-04T16:13:19.859846Z"
  }, {
    "id" : "ceea2e98-d75b-11e9-b01a-d05099466715",
    "name" : "Organization Admin",
    "description" : "All Actions on All Tenants",
    "createdAt" : "2021-05-04T16:13:19.859846Z"
  }, {
    "id" : "cf0481e9-d75b-11e9-b01a-d05099466715",
    "name" : "Organization (Read Only)",
    "description" : "Read Only Actions on All Tenants",
    "createdAt" : "2021-05-04T16:13:19.859846Z"
  } ],
  "pageable" : {
    "sort" : {
      "sorted" : false,
      "unsorted" : true,
      "empty" : true
    },
    "pageNumber" : 0,
    "pageSize" : 20,
    "offset" : 0,
    "paged" : true,
    "unpaged" : false
  },
  "totalElements" : 10,
  "totalPages" : 1,
  "last" : true,
  "numberOfElements" : 10,
  "sort" : {
    "sorted" : false,
    "unsorted" : true,
    "empty" : true
  },
  "first" : true,
  "size" : 20,
  "number" : 0,
  "empty" : false
}

Get Role

GET /roles/{idOrName}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

idOrName

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

false

name

String

false

description

String

false

createdAt

String

false

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/roles/56766723-7f61-4d1c-9fb8-c85cf695332b' -i -X GET

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 167

{
  "id" : "56766723-7f61-4d1c-9fb8-c85cf695332b",
  "name" : "Foo Admin",
  "description" : "All Foo related actions",
  "createdAt" : "2021-05-04T16:13:25.364716Z"
}

Create Role

POST /roles

Authorization

Authorization not required for this request.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

name

String

false

description

String

false

Response fields

Path Type Optional Description

id

String

false

name

String

false

description

String

false

createdAt

String

false

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/roles' -i -X POST \
    -H 'Content-Type: application/json' \
    -d '{"name":"Test Role 787ac85e-09a2-4271-97bb-d8f9c17739d6","description":"Random test role"}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 197

{
  "id" : "4125655c-606c-4bbd-b00e-9d1468c270f3",
  "name" : "Test Role 787ac85e-09a2-4271-97bb-d8f9c17739d6",
  "description" : "Random test role",
  "createdAt" : "2021-05-04T16:13:28.810330Z"
}

Delete Role

DELETE /roles/{id}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/roles/4f5cd17d-c503-40e6-949a-87742b65c163' -i -X DELETE

Example response

HTTP/1.1 200 OK

Grant Role To Identity

PUT /roles/{id}/identity-grants/{identityId}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

id

Object

false

identityId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/roles/a817561a-a1e7-4285-8d35-2b881857a716/identity-grants/0bc57781-23de-4356-beb4-d1f84dfc6127' -i -X PUT

Example response

HTTP/1.1 200 OK

Revoke Role From Identity

DELETE /roles/{id}/identity-grants/{identityId}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

id

Object

false

identityId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/roles/748cb60f-e5f9-47ee-b291-c187cbf25b83/identity-grants/2b115c78-689c-4e70-91d3-f24f31f203ee' -i -X DELETE

Example response

HTTP/1.1 200 OK

Claims

Find Claims

GET /claims

Authorization

Authorization not required for this request.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Parameter Type Optional Description

identityIdIn

Object

true

roleIdIn

Object

true

policyIdIn

Object

true

resourceNameLike

String

true

actionNameLike

String

true

audience

String

true

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

resource

String

false

The policy resource name.

action

String

false

The policy action name.

Example request

$ curl 'https://gateway.netFoundry.io/auth/v1/claims' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJoRmdTSDF5MDl2ajZmSlBNVlZ1YlF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImViZTk3ZjhmLTM1N2EtNGRiNS1hNjg4LWI5MDMyNjNjNjEzOCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYyMDE0NDgwOSwiZXhwIjoxNjIwMTQ4NDA5LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImMzZTVhNjcyLWRmZTItNDQ5OS05ZmYzLTgwMWM5Y2ZjYWMzZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYyMDE0NDgwOX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNjY5ZmY1YWEtYTA1ZS00NzZjLThiNTUtZWQ2ODVlYTE5YjJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiZGU4YTZjYWQtM2ZhMC00YmQ4LTljNWQtMGZmOWM4NWM0NWJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiMTNmYWIyOWEtZjllZi00NzVlLTk3YTEtNjc1MmQ0OTZkOTFjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiZDQ1MGVjNzMtMzlmMC00YTUyLWIxMzUtMmRhNzY3ZmMzYjIyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA1fSx7XCJpZFwiOlwiZGM3Y2M1YzAtZWY1MS00YjJjLTg2OWUtZDQwZGY3ZGNiMWYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAyfSx7XCJpZFwiOlwiMzQ2YzVlZjAtNDczYi00MGQ2LTgyM2YtYTgxMThkMDNhZjMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODA4fSx7XCJpZFwiOlwiOGNjNzljYTItNGU2MC00OThmLWI5MDktMGQ4NTk5MTMxOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNDJjZmY1ODEtODM1Yy00ODFjLWJkZWYtNDI1ODFiNzgzODAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiNGQ2NmE5MjctMjM4MS00N2FlLThlZDYtYzkxZTNmYTBhMDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiYjYwODRlYzUtNWYwMC00ZjdjLWJlODUtNDJhOTFlNDRiODIxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfSx7XCJpZFwiOlwiOGFlOTk4ZTktNmU3OS00NGZiLTg4MDctYWI3Y2M4NDE0ODc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjIwMTQ0ODAxfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.UqvUSaCvFsP7SLfvgA_MBLrvtSy2flNifIlvN-Mf5S8geyKeLsE_oXntOCIgfoTe1rwGA1s0g8xtPmA2QJ2RQgP0HYloR50UQullhKGJV-PpmN1v9d5e_idgY_O-c1THFID237q2wmWs7IcHfjwYBt4DaQ6_uIq_SiL4cpbMV1LQynTR0pStaKl5AdNPzRZq3U8DNtFgfk612ngrJKUgXfYqa8ys4S4TiIXFS2CkI7osbcfR373ZDq_ntC4b4i1dMpTgjQaM3OEjYBRrczcm9ggvhXrJLfHRngdawK3YKWi11_W08_TcTNVLOXV1cVJW3hEJRiewj6-1fy6oWs3r4g'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 533

{
  "content" : [ {
    "resource" : "nfrn:tenants:*",
    "action" : "tenants:get-tenants"
  }, {
    "resource" : "nfrn:tenants:*",
    "action" : "tenants:get-tenants"
  }, {
    "resource" : "nfrn:orgs:*:billingkeys:*",
    "action" : "billing:create-keys"
  } ],
  "pageable" : "INSTANCE",
  "totalElements" : 21,
  "totalPages" : 1,
  "last" : true,
  "numberOfElements" : 21,
  "sort" : {
    "sorted" : false,
    "unsorted" : true,
    "empty" : true
  },
  "first" : true,
  "size" : 21,
  "number" : 0,
  "empty" : false
}