Introduction
This is the NetFoundry Auth service
Overview
HTTP verbs
NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP verbs.
| Verb | Usage |
|---|---|
|
Used to retrieve a resource |
|
Used to create a new resource |
|
Used to update an existing resource, full updates only |
|
Used to delete an existing resource |
The PATCH method is not used (yet).
|
HTTP status codes
NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP status codes.
| Status code | Usage |
|---|---|
|
The actual response will depend on the request method used. In a GET request, the response will contain an entity corresponding to the requested resource. In a POST request, the response will contain an entity describing or containing the result of the action. |
|
The request has been fulfilled and resulted in a new resource being created. |
|
The request has been accepted and is being processed asynchronously Standard response for successful HTTP requests which invoke back-end services. |
|
The server successfully processed the request, but is not returning any content. |
|
The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). |
|
The request lacks valid authentication credentials for the target resource. |
|
The request is authenticated with valid credentials however that set of credentials is not authorized to access this resource. |
|
The requested resource could not be found but may be available again in the future. Subsequent requests by the client are permissible. |
Pagination
Paginated services will accept the following optional request parameters:
| Path | Type | Optional | Description |
|---|---|---|---|
page |
Integer |
true |
Page you want to retrieve, 0 indexed and defaults to 0. |
size |
Integer |
true |
Size of the page you want to retrieve, defaults to 1000. |
sort |
String |
true |
Properties that should be sorted by in the format |
Pagination response has following structure:
| Path | Type | Optional | Description |
|---|---|---|---|
content |
Array[Object] |
false |
Actual items. |
totalElements |
Integer |
false |
Total count. |
totalPages |
Integer |
false |
Total pages with current page size. |
last |
Boolean |
false |
If this page is the last one. |
numberOfElements |
Integer |
false |
Actual size of content array (number of items). |
first |
Boolean |
false |
If this page is the first one. |
sort |
Object |
true |
Sort information object. |
size |
Integer |
false |
Requested size of the page. |
number |
Integer |
false |
Page number. |
empty |
booloean |
false |
If this page is empty. |
Authorization
Masquerade
POST /masquerade
Exchange a NetFoundry token with a service identity for a NetFoundry token with a user identity.
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
identityId |
String |
false |
|
audience |
String |
false |
|
claims |
Map |
false |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
token |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/masquerade' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJzT0NmbklQU1dVaFNZWTlKWFJIT3BBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImExNGQ5ZmExLTkzZjMtNGYxNi05NmQwLTkzMTc3Y2NkNTA5MSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0OCwiZXhwIjoxNjM2NTYzNDQ4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjEwZWNjMzlkLWI0ZDctNDk4YS1iNDRkLTdmMzE1ZDFiYzFhMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0OH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYmQ4ODIwZTItYTAzMi00NGQzLWEwNzQtMTJkODM5NDMxZGIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYTM5NDAxMGItMjdlMi00YWYzLWJlOGUtOWZiMzA2ZGEyYmMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.RTBo3hBjOYpy1d0djP9xRKAtuPGVoH9zQgMXTJuKP1cb2dLx9lh0payaDOAWgXG8IMWdEFv1xbHGDc1MlWB2nJBIdpFcCO35_lXXzRLcMHsILcRb9YDMx9Cq926OSvRmZxyKZT_i0eFIOySYQ34Vr5TIrG2mfvXxf2aLVsnjGj36SUV-Faz3oR7tI82H5SI7Yg-aTYFCGeGmgn16p0zp7HquysoleK05Ncds9aXKsCDazAZHAeNSV260TsHEvtteYBAiYXSAmcd-wzih_FMZ70bVOrBOPG-rV4PVQP8CG8UllFPZFlsFxhAoy0WvOfKTVOj2s-DHdFAS8oLUrCwQ2A' \
-d '{"identityId":"af1985f7-dc70-45c6-a456-a4ca11d24405","audience":"io.netfoundry.test","claims":{}}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 2268
{
"token" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJxamNRenBGT3N1dGVYam1YZzVlcWRBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImFmMTk4NWY3LWRjNzAtNDVjNi1hNDU2LWE0Y2ExMWQyNDQwNSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkudGVzdCIsImlhdCI6MTYzNjU1OTg0OCwiZXhwIjoxNjM2NTYwMTQ4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjBiMGNmMGZhLTkxZTgtNDAwNS05YTY0LTFjZDU4ZWMzODllNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0MX0se1wiaWRcIjpcImIxMGYxNDM0LTNmYTEtNDA2Yy1iNDVlLTE2NTE5OTIyYmE2ZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYmQ4ODIwZTItYTAzMi00NGQzLWEwNzQtMTJkODM5NDMxZGIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYTM5NDAxMGItMjdlMi00YWYzLWJlOGUtOWZiMzA2ZGEyYmMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjp0ZXN0czoqOmZvb3M6KiJdLCJhY3Rpb25zIjpbInRlc3RzOmNyZWF0ZS1mb28iXX1dfQ.sCs46ggVaQhihWudvRS-IM2ml74r7jvff-Xapwi2JY9ioJPibKdebMh00Q8HFPzaRKP3vD0pkjZ3SoxWBPbvYX6NLTPeC_T_4XITOR51EkkppKfcHHi5hLDHLpRoNIlcWXElG5_hbCw0Yq_V640G5f1v-D95EoV6PrlZvnO5xxJV1UDX_SPmQL_b3InYGrCp8S8iIBjKPSyewU0UFXhEMF0yL4zd2I7dbwQjYTSoiyHYdoAp5QuvuEGhtZXqvxo1OEicsCVj4C0yHexw3fgS-TKoPxvf10vcUAn5VlNcMARxLqvOpZOCA4fyu4Qe7dr3Viyp-s4TbWy1gvwkY7wl_A"
}Core Authorization Resources
Domains
Find Domains
GET /domains
Returns a set of {@link Domain}s that the client is authorized to read.
Authorization
This endpoint requires read action on the domain resource type.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].name |
String |
false |
A human friendly name which can be used for UX purposes. Size must be between 1 and 256 inclusive. |
[].code |
String |
false |
A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain. Must match the regular expression |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link Domain} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/domains' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJiU290QldVZTVRemduNmtTYjB4Mkl3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijg2ODJlMDU3LTY3NDItNDViNi04NzUwLTliOWMwMThjYmZiNiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NCwiZXhwIjoxNjM2NTYzNDQ0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOTQ5YjA2MjAtNDdkMC00MWMzLWFhODYtMWQ0MTI5ZDQwNzUxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.QB7oSGd8P_XHgCkCa7Blp3TR19TsMIrbtFUDChq3ApOu6NNXACXtoUXzDuOxSdcDXvx8Rj-vk4cAO-ZWCBazeMssX_AVdhgFzFMImVYFdPau_6e-1dJHlQFJIEYYsQfxrcJjEmH-d9rJGFX1v5EDNrHtHwr7BsYhCsQCr5xuzdND3r_Hf7ZtHcBA0an655NnLiQtqP-wufw521SFmVn05Dfs9SYsZPjRUCIc0f09w9mZi2-xxXgSSLPz-aHegEhdVcAASd_AwGVMc51Eohq3FfMrSFUAjb5v6qRWuwFwrjj10GVoC69GH22elKlj24fnx66KkKvlpPNo5RB3cQnJpg'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 878
[ {
"id" : "d66c4fcf-2541-43d2-ab4a-3b1b88129c51",
"name" : "Test Domain",
"code" : "io.netfoundry.test",
"createdBy" : "f81bb6d5-b7bb-4c2b-a3b9-7445ee62842d",
"createdAt" : "2021-11-10T15:57:16.691636Z",
"updatedAt" : "2021-11-10T15:57:16.691636Z",
"_title" : "Test Domain"
}, {
"id" : "c691b68f-1c9a-40d2-98ff-ecb5b2d20fa1",
"name" : "Test Domain 21",
"code" : "test.domain.21",
"createdBy" : "160c167e-11f9-43b2-8893-8bda0d60af90",
"createdAt" : "2021-11-10T15:57:24.419231Z",
"updatedAt" : "2021-11-10T15:57:24.419231Z",
"_title" : "Test Domain 21"
}, {
"id" : "a5e9c7b1-3a74-49b6-aabf-c61a2b628a46",
"name" : "Management",
"code" : "io.netfoundry.management",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:10.211167Z",
"updatedAt" : "2021-11-10T15:57:10.211167Z",
"_title" : "Management"
} ]Get Domain
GET /domains/{idOrCode}
Authorization
This endpoint requires read action on the domain resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
idOrCode |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
A human friendly name which can be used for UX purposes. Size must be between 1 and 256 inclusive. |
code |
String |
false |
A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain. Must match the regular expression |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link Domain} was created. |
updatedAt |
String |
false |
The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/domains/d66c4fcf-2541-43d2-ab4a-3b1b88129c51' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJHVmZMZTk4Q2FJcnR2WktCbkZPR2NBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjcxZDNkMTk2LTI5YzMtNDExYi05YWJhLWE2OWJjODdlY2QwYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NCwiZXhwIjoxNjM2NTYzNDQ0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYWM0ZDI1ZTQtYzM2Mi00ZDY0LTg3MTctNjUxZWEwODVhMjliXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.i1cz9koBXjHzEnsbDptvoi8a9JjH7fB5vghoM4pWxLf1celJErvb2SkAQSPVYM__O4nlt0e6Fwctp4am4UQSlEPle2MGVLLoWX95x2QkfXvZnv9ZRBrIhKDEiuoQWB4cksqGQKymPZGx2Y_bNyIiSf0iaQWRO2TfdJPzV51RxU7o0tpMvfkUrSNmUsPFZ2nYDXbJb379hX5JFjbaZQyKYZMuo2hUEO3P3rpLCzUPEbDvfT5QwwI3xBvnvC70lJ-xtqD6Z0BmBRk2gcyjO_-TQKmn8oz-sxkI7AkVp9V68S6W2uSN97HNyLbQpo6Qb3chPfppfUdfr5py6LlGSN-OoA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 288
{
"id" : "d66c4fcf-2541-43d2-ab4a-3b1b88129c51",
"name" : "Test Domain",
"code" : "io.netfoundry.test",
"createdBy" : "f81bb6d5-b7bb-4c2b-a3b9-7445ee62842d",
"createdAt" : "2021-11-10T15:57:16.691636Z",
"updatedAt" : "2021-11-10T15:57:16.691636Z",
"_title" : "Test Domain"
}Get Domain
GET /domains/{idOrCode}
Authorization
This endpoint requires read action on the domain resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
idOrCode |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
A human friendly name which can be used for UX purposes. Size must be between 1 and 256 inclusive. |
code |
String |
false |
A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain. Must match the regular expression |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link Domain} was created. |
updatedAt |
String |
false |
The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/domains/io.netfoundry.test' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJ2VzE0c1hpb1FoZ05sRW5STFFiS253IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjJjMTMxNzUwLTI2ZmItNGYyYS1hNDNjLWNjNWJjNzBmMjg4MiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NCwiZXhwIjoxNjM2NTYzNDQ0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNWNjNTVlMmMtNjliZS00YjZlLWI0YTgtYjBmYzRhZGI0NzJiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.hvLQOyKcLyxVyu8xK_z_vGHNeqHwTPLGpYA9rxEv6mitstGHUJHHe3w1f2KgzKhl1YihcHOQ8O-zvq8T8vPuI4yiI54F-Eszp_NPUFr48sAPTi93bv4Hq9hu-25TVziYtgpsJm4qLcovtm3KVz6Msbw4zvBtsCvojJOoQ94PLVA_yc16wfFxhxyJP23sqQXvaCSnGGNZurqWBnZ2iTFVTsKRB7rOu5ZHb2Y7ANnYfvv2XDjEaASMzXb5mfyMLHZ8jP6Xs-oYv4IhoZo8IThdxOipHXWBRzox6jEvAMeXPfoDQ_cZpg8LtFmYgVcSMJ90ci2mZn4hzwHl_Pr_RyOI_A'Example response
HTTP/1.1 200 OK
Content-Disposition: inline;filename=f.txt
Content-Type: application/json
Content-Length: 288
{
"id" : "d66c4fcf-2541-43d2-ab4a-3b1b88129c51",
"name" : "Test Domain",
"code" : "io.netfoundry.test",
"createdBy" : "f81bb6d5-b7bb-4c2b-a3b9-7445ee62842d",
"createdAt" : "2021-11-10T15:57:16.691636Z",
"updatedAt" : "2021-11-10T15:57:16.691636Z",
"_title" : "Test Domain"
}Create Domain
POST /domains
Authorization
This endpoint requires create action on the domain resource type.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
name |
String |
false |
Size must be between 1 and 256 inclusive. |
code |
String |
false |
Must match the regular expression |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
A human friendly name which can be used for UX purposes. Size must be between 1 and 256 inclusive. |
code |
String |
false |
A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain. Must match the regular expression |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link Domain} was created. |
updatedAt |
String |
false |
The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/domains' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJyeTVJMXp0Y3pHcGxlUTcwVGw3UFRnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImFiNjY3NmNhLTYwYzUtNDY0NC1iNWU1LTRjOGE0MDRhODU1YyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NCwiZXhwIjoxNjM2NTYzNDQ0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjkxNWYzODEtNzk1Ni00YmZkLWIzMDEtMGJhNTg0MDk4NWNjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.UyVYhInoDN19xk1lVWU-Oqom2KaVxwQ4lIhBe0bUxTaIp3yjUpl9W7epsQQtI5WfkTLVUOpUXr5-paY7urgH3xZGpXceke1C76lX3tzHtHAcPFF2LiyX84YQ7WNQ3RHlLik6XArvkv66rhHAaAW_mopJFgfqYBbM5gPx4BDUM_cWwm3GxYi7lKm2JHotkRQTk1_M-ImKgBni7kcyRQdCtQkxN79MIRFYr89nCV7U4AgOhffvx8ekRYDMZrXdM0r7Xj3e0f2Vu4AR_1BcrpNihk3kxy1JUve5BOX632cyk12-6GTqdgJkhLFQ2rpeqMSOz_EW9MWNrHRA5qa0dxcjtw' \
-d '{"name":"Other Test Domain","code":"other.test.domain"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 299
{
"id" : "955e3d50-4a28-4249-9079-ef62e9f347fc",
"name" : "Other Test Domain",
"code" : "other.test.domain",
"createdBy" : "ab6676ca-60c5-4644-b5e5-4c8a404a855c",
"createdAt" : "2021-11-10T15:57:24.937601Z",
"updatedAt" : "2021-11-10T15:57:24.937601Z",
"_title" : "Other Test Domain"
}Resource Types
Find Resource Types
GET /resource-types
Returns a set of {@link ResourceType}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read action on the resource-type resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
domainId |
Object |
true |
Filters results to those that are in one of the specified {@link Domain}s. |
code |
Object |
true |
Filters results to those matching one of the specified codes. |
parentId |
Object |
true |
Filters results to those that are an immediate child of one of the specified {@link ResourceType}s. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].domainId |
String |
false |
The id of the domain within which this {@link ResourceType} exists. |
[].name |
String |
false |
The human friendly name of this {@link ResourceType}. Size must be between 1 and 256 inclusive. |
[].code |
String |
false |
A unique value (within the domain) that can be used by code as a reference to this resource type. These values should almost always be the simple type name of the resource class, such as "BillingAccount". Must match the regular expression |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link ResourceType} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link ResourceType} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].parentId |
String |
true |
Returns the id of the parent {@link ResourceType} or null if this is a root. |
[].childrenIds |
Array[Object] |
true |
Returns the id of {@link ResourceType}s that are children of this. |
[].depth |
Integer |
true |
Returns the depth of this {@link ResourceType} within the tree, where a root {@link ResourceType} has a depth of 0. |
[].root |
Boolean |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-types' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJKaXh3bmkwQzVJMTFzdUNRRnFKc1BBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjU3MzE1YzQ2LTIyNWQtNDg4MS04NWNiLWUwYWFhZDg5M2NmMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NiwiZXhwIjoxNjM2NTYzNDQ2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiN2RkY2YzNGEtYTQ1Yy00ZDk4LThjM2ItNmRjNDMxMDVhZjM0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.cmJi61wKVin-cdYVXA-EZitYzXY3KkQxet_twLIIlnFsKEbXDGrj5ajEwBP0aiG1rx2xNxuXqOx-LknySofQAyDdJ-pWX8uMCKmeZ_w1KlIGXhNnMkaRP4OaNJ0YVlL-MtGBFDVkNnAWxXSu9spd5I5RXoKF1ThgPEdSO9qXv1VNJe7BgQEfuLbKcJxeN133KGV6GDg6GKgX7xovRXKsCZNGYsQedKDfnx7UiDJyqDv0JXjQCipUBqW7F96V_PoWY2anAwlKZhqiKEWVz8SiiMVndWuvHQsL3Gn8xqPGsweNXCr0jlXIItySyl9RUbcu0Esd4aNUDlgPCgUCSQ-1lA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1454
[ {
"id" : "e8db90f0-bfbd-4cc7-8f12-f73bb54f11f2",
"domainId" : "fba92eac-5724-4b36-92cf-21a16bd06587",
"name" : "Resource Action",
"code" : "resource-action",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.029559Z",
"updatedAt" : "2021-11-10T15:57:08.029559Z",
"parentId" : "9359ce79-2a7f-40c5-aa79-5bb90fa3c839",
"childrenIds" : [ ],
"depth" : 2,
"root" : false,
"_title" : "Resource Action"
}, {
"id" : "f694395e-eff5-476c-987d-f3ef4d3a4e14",
"domainId" : "fba92eac-5724-4b36-92cf-21a16bd06587",
"name" : "Custom Role Action",
"code" : "custom-role-action",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.039245Z",
"updatedAt" : "2021-11-10T15:57:08.039245Z",
"parentId" : "3e372278-946f-4a8f-8b37-75772c1733f2",
"childrenIds" : [ ],
"depth" : 1,
"root" : false,
"_title" : "Custom Role Action"
}, {
"id" : "2529bc81-9c74-4b77-9f56-33386216b3dd",
"domainId" : "b67a42c9-85a0-40a5-b8cf-81bcf902340c",
"name" : "Account",
"code" : "account",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:10.044176Z",
"updatedAt" : "2021-11-10T15:57:10.044176Z",
"parentId" : null,
"childrenIds" : [ "205b17ee-422e-4135-a33c-6abe0e02008e", "199e2236-845b-4fe2-93a8-12cb8cf72e4d", "0be13342-ec7e-4956-b75f-834c50cde4db" ],
"depth" : 0,
"root" : true,
"_title" : "Account"
} ]Get Resource Type
GET /resource-types/{id}
Authorization
This endpoint requires read action on the resource-type resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
domainId |
String |
false |
The id of the domain within which this {@link ResourceType} exists. |
name |
String |
false |
The human friendly name of this {@link ResourceType}. Size must be between 1 and 256 inclusive. |
code |
String |
false |
A unique value (within the domain) that can be used by code as a reference to this resource type. These values should almost always be the simple type name of the resource class, such as "BillingAccount". Must match the regular expression |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link ResourceType} was created. |
updatedAt |
String |
false |
The date-time at which this {@link ResourceType} was updated. The only supported 'update' on this bean is to mark it as deleted. |
parentId |
String |
true |
Returns the id of the parent {@link ResourceType} or null if this is a root. |
childrenIds |
Array[Object] |
true |
Returns the id of {@link ResourceType}s that are children of this. |
depth |
Integer |
true |
Returns the depth of this {@link ResourceType} within the tree, where a root {@link ResourceType} has a depth of 0. |
root |
Boolean |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-types/33e0efd8-fa1d-438b-9b26-57c01955c799' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJ6dGtGUVUwNXJKZnctUzRDWUlKSTRnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImJhM2M2YzRmLTJhMmItNDAxYS1iYWI5LWIxZmE1NDA0OGQzZiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NiwiZXhwIjoxNjM2NTYzNDQ2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOGE5YTM4YWItYTc0NS00NDhiLTg3YzYtZmEwYjNlYmRlMDhlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.mPcs7JXB2RFNKZku3oPVuIh83XaXeu1-SL7m83F4rGbqpAG4Yeof1xi1vbYAkEwLiqc-WoDJ1-UEZcuCXh2S5iCgBUIBG9B0Z_2f2-DmZgRFkR8AopQfhQvncIiZ29SLXo5VULGMbipwqwrVXRNNh6mcGxpM6sJbn13JdihWdW7jpcrB0fuTfZFdaxPmj401Vzv6Jp5wtTG6_8TyL_xNcMw5h2BvNUcyviIR5uWbWDzVPo7vVG5yFbe7rEsoq5COCBlp47MkU0pUAxHVUovm8FrAHnu_aTEnoGs4i7Tyy-vAQHXQ7Y7oXt77MYcGU3yUmKfsL5jThrry7PTK14221w'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 406
{
"id" : "33e0efd8-fa1d-438b-9b26-57c01955c799",
"domainId" : "d66c4fcf-2541-43d2-ab4a-3b1b88129c51",
"name" : "Test Type",
"code" : "test-type",
"createdBy" : "60e7f21b-a5ba-404f-94e3-132806c489a8",
"createdAt" : "2021-11-10T15:57:16.721031Z",
"updatedAt" : "2021-11-10T15:57:16.721031Z",
"parentId" : null,
"childrenIds" : [ ],
"depth" : 0,
"root" : true,
"_title" : "Test Type"
}Create Resource Type
POST /resource-types
Authorization
This endpoint requires the following actions:
-
createaction on theresource-typeresource type -
readaction on thedomainresource type -
readaction on theresource-typeresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
domainId |
String |
false |
Client must have |
parentId |
String |
true |
Client must have |
resourceType |
Object |
false |
|
resourceType.name |
String |
false |
Size must be between 1 and 256 inclusive. |
resourceType.code |
String |
false |
Must match the regular expression |
resourceType.children |
Array[Object] |
true |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
domainId |
String |
false |
The id of the domain within which this {@link ResourceType} exists. |
name |
String |
false |
The human friendly name of this {@link ResourceType}. Size must be between 1 and 256 inclusive. |
code |
String |
false |
A unique value (within the domain) that can be used by code as a reference to this resource type. These values should almost always be the simple type name of the resource class, such as "BillingAccount". Must match the regular expression |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link ResourceType} was created. |
updatedAt |
String |
false |
The date-time at which this {@link ResourceType} was updated. The only supported 'update' on this bean is to mark it as deleted. |
parentId |
String |
true |
Returns the id of the parent {@link ResourceType} or null if this is a root. |
childrenIds |
Array[Object] |
true |
Returns the id of {@link ResourceType}s that are children of this. |
depth |
Integer |
true |
Returns the depth of this {@link ResourceType} within the tree, where a root {@link ResourceType} has a depth of 0. |
root |
Boolean |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-types' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJMOXl4WTlERE1FNFRDWDNWVVhtTGF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImI4Y2UwMmJkLTI0MzYtNGQ2OC05NzA4LTgwZDc5OWE3Mjg0OCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NiwiZXhwIjoxNjM2NTYzNDQ2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYmU4N2E1ZmQtYmQzNC00ZGY1LTkyNzgtNjUxN2JlMjI5MWY3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ2fSx7XCJpZFwiOlwiNjk2ZWNhYjUtMjkzNi00MmU5LWFjM2QtZWRhOTRkNmJkMWEyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ2fSx7XCJpZFwiOlwiZWM3ZDE5ZGMtMTE2NS00MzVhLWIzNTUtNDIwZTlmZjMxOTc1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.jfFSLLX73tg0gHhM9swLK1Q0NFJw06KLUg6UcEr6edOfc3V4iAmKPx_O7Ou_0jOEsfiGwgr0Ztwz_l9xzeilqSdqXATxb5Ma_Vdlr_aIEMppDqOBtn8-vsYQ08FaBUhpsSQdP2tBEgpzcJUGUb0CAoKD32h-6qSOHfAHfMBSAnPO7T-LGmZkMuf6oRuPEj43ohtIId8ahk1dfHAJ7pYh0MHE44RKWJPR5Ta_aP0voFkXoazlXYnwx-N192t9Jju8lwBp-lX8tRsPqcWteVeK2k_3qvYAGfJLfJkpBcIdZVmjlnFgSAWPo9Sf9C3s9ZXhUmek8bNvkuMlGytMzX-VdA' \
-d '{"domainId":"d66c4fcf-2541-43d2-ab4a-3b1b88129c51","parentId":"33e0efd8-fa1d-438b-9b26-57c01955c799","resourceType":{"name":"Another Test Type","code":"anoter-test-type","children":[]}}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 464
{
"id" : "b8e1e069-438e-4918-9dd3-fc4b0af830e3",
"domainId" : "d66c4fcf-2541-43d2-ab4a-3b1b88129c51",
"name" : "Another Test Type",
"code" : "anoter-test-type",
"createdBy" : "b8ce02bd-2436-4d68-9708-80d799a72848",
"createdAt" : "2021-11-10T15:57:26.902736Z",
"updatedAt" : "2021-11-10T15:57:26.902736Z",
"parentId" : "33e0efd8-fa1d-438b-9b26-57c01955c799",
"childrenIds" : [ ],
"depth" : 1,
"root" : false,
"_title" : "Another Test Type"
}Resource Actions
Find Resource Actions
GET /resource-actions
Returns a set of {@link ResourceAction}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read action on the resource-action resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
code |
Object |
true |
Filters results to those matching one of the specified codes. |
resourceTypeId |
Object |
true |
Filters results to those that apply to one of the {@link ResourceType}s specified. |
domainId |
Object |
true |
Filters results to those that are in one of the specified {@link Domain}s. |
customRoleId |
Object |
true |
Filters results to those that are granted by one of the specified {@link CustomRole}s. Only non-deleted {@link CustomRoleAction}s are considered. |
standardRoleTypeId |
Object |
true |
Filters results to those that are included in one of the specified {@link StandardRoleType}s. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].resourceTypeId |
String |
false |
The type of resource that this {@link ResourceAction} applies to. |
[].name |
String |
false |
A human friendly name for this action. This should be a verb only, such as "Create", "Grant", "Remove", "Activate", "Update", "Delete", etc. This can contain more than one word, and spaces are permitted and encouraged if more than one word is present. Words should be initial-caps. This value will be appended with the names of other entities, such as a resource type name, in order to compute names for the composition of this with another entity. For example, if this action is "Create" and it is composed with a resource type named "Network", then the resulting composition may be named "Create Network". Size must be between 1 and 256 inclusive. |
[].code |
String |
false |
Used by code as a reference to this action. These values should almost always be a simple verb such as "create", "update", "grant", "fetch", etc. Lower-case and hyphen separation of words is encouraged. Since this is used by code, the key value have a limited alphabet of letters, numbers, and hyphens. This value must be unique among the set of {@link ResourceAction}s targeting the same resource type. Must match the regular expression |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link ResourceAction} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link ResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].standardAction |
Boolean |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-actions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJSMFpoaEpUWGxhbnRqakZuTHJZVXB3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImZjMTc4ZTYzLWE5YzItNGEzOS1iZWM4LTJhZWMzYmViNjI0ZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MywiZXhwIjoxNjM2NTYzNDQzLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOTExNDc5ZGItNDhlZi00N2JhLThiMTUtMzJiYzQxM2I0M2E5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQzfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.nX9kaekLlQJkUWZha4fvzI8v5OjVDdXI_XF0DhHR9ZoYzBahPFEOI7yCEocy8fIxaluOUpbkhHZ7g9UufaVjQfNJwSja9G-WdsEvaQe2xHlgav_TvHVFwNx1LVvjYMKFFkC2W27L0PrOrmpaGMshuPhas5m5EWtEpWEI_bPGg_pvEkrrbz_HZElmmYjATK0ezaUP0-kUoWja2N96DNqDZLFdYfrJWbnW3VC2W322vbBYDF1rIIXotwxqjSXyAex0cNNwCh-R1rUTbg6xTi1Ak6GAOTuivwIPYB8XR2ETlR-IZFSznM0LuYlRjL5t0MCKRs5FwYwyT-79GBx77J9D0g'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1113
[ {
"id" : "8a10b1c4-a3de-4599-a85f-cae0a99a320f",
"resourceTypeId" : "da5fc305-6424-4bd3-8dfa-8b70ad6effda",
"name" : "Update",
"code" : "update",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:06.730088Z",
"updatedAt" : "2021-11-10T15:57:06.730088Z",
"standardAction" : true,
"_title" : "Update Azure Virtual WAN Site"
}, {
"id" : "eded77c1-3ca9-403b-bf35-b384e0a50fce",
"resourceTypeId" : "6b757423-3cbd-4111-875e-c02692ffe010",
"name" : "Delete",
"code" : "delete",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.045047Z",
"updatedAt" : "2021-11-10T15:57:08.045047Z",
"standardAction" : true,
"_title" : "Delete Custom Role Grant"
}, {
"id" : "d9a4a87d-bc34-4181-9499-20a4696b3e1a",
"resourceTypeId" : "ae7c3697-b1e6-44b5-a676-a610181d71fb",
"name" : "Read",
"code" : "read",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:06.720587Z",
"updatedAt" : "2021-11-10T15:57:06.720587Z",
"standardAction" : true,
"_title" : "Read Service"
} ]Get Resource Action
GET /resource-actions/{id}
Authorization
This endpoint requires read action on the resource-action resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
resourceTypeId |
String |
false |
The type of resource that this {@link ResourceAction} applies to. |
name |
String |
false |
A human friendly name for this action. This should be a verb only, such as "Create", "Grant", "Remove", "Activate", "Update", "Delete", etc. This can contain more than one word, and spaces are permitted and encouraged if more than one word is present. Words should be initial-caps. This value will be appended with the names of other entities, such as a resource type name, in order to compute names for the composition of this with another entity. For example, if this action is "Create" and it is composed with a resource type named "Network", then the resulting composition may be named "Create Network". Size must be between 1 and 256 inclusive. |
code |
String |
false |
Used by code as a reference to this action. These values should almost always be a simple verb such as "create", "update", "grant", "fetch", etc. Lower-case and hyphen separation of words is encouraged. Since this is used by code, the key value have a limited alphabet of letters, numbers, and hyphens. This value must be unique among the set of {@link ResourceAction}s targeting the same resource type. Must match the regular expression |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link ResourceAction} was created. |
updatedAt |
String |
false |
The date-time at which this {@link ResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
standardAction |
Boolean |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-actions/f1cd1b7d-d014-4c4e-90db-da888b1d3bdd' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJnUkxGM3RSc0RUQVg4YWhKQlhOSzFnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjUxMDgxMjViLThjN2YtNGM2My05Y2YxLThhZTczZmUzZTE5MiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MywiZXhwIjoxNjM2NTYzNDQzLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMmM4NTE4NmMtODJkOS00Y2IzLWFlNjQtZjRhMGUzOTkyZTc5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQzfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.VEU58FlKLNcKr4dXOmWpsuwnAAM-3Sqj41Dhj2f_hUE6tQbGAa4hk3PdPnS7OdVHS5C3tIX2wOKTev-y8Dx1-6-byv6ZiVJj5Knc3WGE1fBS2JuAq_Bt6bDZ3VhmBP-ScC9IVv6nLXGMbRnurN1sPJNtJfiPps7ldQhtJV0US7cDRad4AJ2Cdo5H_p8VA9hygkb35CUAi-FnRb1E_F9pypaBAJsWE6KFcq49eB0bL_f93I-kU2GwX3jFJJQEuFExzAXLGfdnzRg4JmwNbIV5XVWIm4cvywX2p8ur5Au8kAZ9gU08F0XAjvQylg1LZFYadYPycLitl7W23HTxrFxdcA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 380
{
"id" : "f1cd1b7d-d014-4c4e-90db-da888b1d3bdd",
"resourceTypeId" : "33e0efd8-fa1d-438b-9b26-57c01955c799",
"name" : "Test Action",
"code" : "test-action",
"createdBy" : "470e6c97-f026-4c03-9f96-1db61e303e64",
"createdAt" : "2021-11-10T15:57:16.731134Z",
"updatedAt" : "2021-11-10T15:57:16.731134Z",
"standardAction" : false,
"_title" : "Test Action Test Type"
}Create Resource Action
POST /resource-actions
Authorization
This endpoint requires the following actions:
-
createaction on theresource-actionresource type -
readaction on theresource-typeresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
resourceTypeId |
String |
false |
Client must have |
actions |
Array[Object] |
false |
|
actions[].name |
String |
false |
|
actions[].code |
String |
false |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].resourceTypeId |
String |
false |
The type of resource that this {@link ResourceAction} applies to. |
[].name |
String |
false |
A human friendly name for this action. This should be a verb only, such as "Create", "Grant", "Remove", "Activate", "Update", "Delete", etc. This can contain more than one word, and spaces are permitted and encouraged if more than one word is present. Words should be initial-caps. This value will be appended with the names of other entities, such as a resource type name, in order to compute names for the composition of this with another entity. For example, if this action is "Create" and it is composed with a resource type named "Network", then the resulting composition may be named "Create Network". Size must be between 1 and 256 inclusive. |
[].code |
String |
false |
Used by code as a reference to this action. These values should almost always be a simple verb such as "create", "update", "grant", "fetch", etc. Lower-case and hyphen separation of words is encouraged. Since this is used by code, the key value have a limited alphabet of letters, numbers, and hyphens. This value must be unique among the set of {@link ResourceAction}s targeting the same resource type. Must match the regular expression |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link ResourceAction} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link ResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].standardAction |
Boolean |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-actions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJSdUs1NVRSbDlGdnFFLWh5TzU3ZkRRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImMzOTc5NWNlLWQzNGYtNGQ5OS1hN2RiLTBiODNlZTNkYTRhNCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MywiZXhwIjoxNjM2NTYzNDQzLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZjIzM2NmZjUtMmQ1ZS00ZjVkLWIyNDgtZmRhNjQ4NTJhMjAzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQzfSx7XCJpZFwiOlwiM2FjNDg3MTgtYWU1Ni00ZWEyLWFlNDEtZmMwM2Q3N2U3ZDM3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQzfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.W6Gip6-vdNUE49Men3F4vwMCCl34a79L84zva1l8qftwyZEEeQtks9iGWLPvk3lAeQrEjRNNPZhGo_jXcHZ4skLBq40taXAQXojvaTbPqDOMUZahdGRgqMUuU89HmsSZHVPqmOy09ccy4rJ1qnf8JAJaNZnEE0MD4Nag3HMc12Hkvnt8NOlwEwVOeap5bwQOBWgWoI4DsDgPfJ9Pq57kqSbxkmh9AQaGmXmkyAZNb3tj9RT7jbNVjCEr2Y5KBSWWY95Kl4o7atlJzBjJVEBEPoyRk6QX1TEro-o5-_XZNph94TImSyY21eLE0Hmtthp17VYrBIpsPM_5HTobcde8_A' \
-d '{"resourceTypeId":"33e0efd8-fa1d-438b-9b26-57c01955c799","actions":[{"name":"Update Custom","code":"update-custom"}]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 390
[ {
"id" : "530d39b3-644e-4dcb-a29b-7f906314cfc7",
"resourceTypeId" : "33e0efd8-fa1d-438b-9b26-57c01955c799",
"name" : "Update Custom",
"code" : "update-custom",
"createdBy" : "c39795ce-d34f-4d99-a7db-0b83ee3da4a4",
"createdAt" : "2021-11-10T15:57:23.284959Z",
"updatedAt" : "2021-11-10T15:57:23.284959Z",
"standardAction" : false,
"_title" : "Update Custom Test Type"
} ]Authorization Grants
Grants (abstract)
Find Grants
GET /grants
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
grantType |
Object |
true |
|
identityId |
Object |
true |
|
resourceActionId |
Object |
true |
|
path |
Object |
true |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].grantType |
String |
true |
The concrete type that this virtual {@link Grant} is based upon. Never null. Must be one of [CustomRole, IdentityResourceAction, PublicGrant, SuperUser]. |
[].grantId |
String |
true |
The id of the concrete grant resource on which this virtual {@link Grant} is based. If the grant type has separate resources for the grant and the privileges, then this will reference the grant resource (the resource with an identity id.) Never null. |
[].privilegeSourceId |
String |
true |
The id of the concrete {@link PrivilegeSource} from which this grant is based. Some grant types combine the grant and privilege aspects into a single resource. For example, a {@link SuperUser} is both a grant (it specifies an identity id) and a privilege source. In other cases, such as a {@link CustomRole} and {@link CustomRoleGrant}, they are separate. When they are the same resource, this value will match the grantId value. Never null. |
[].identityId |
String |
true |
The identity id of the holder of this grant. Almost never null, with the one exception of a grant made to all users (or all authenticated users.). |
[].privileges |
Map |
true |
The set of privileges that this grants. These are organized as a stack of 3 Maps where the keys are the domain code, then the resource type code, then the action code, and the leaf value is a set of paths on which that action can be performed. |
[].createdBy |
String |
false |
The identity id that created the grant. |
[].createdAt |
String |
false |
The date-time at which the grant was created. |
[].deletedAt |
String |
true |
The date-time at which the grant was deleted. This will be null for an grant that has not been deleted. If this property is not null, then the grant is 'marked' as being deleted. |
[].deletedBy |
String |
true |
The identity id that deleted the grant. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/grants' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiIxYmRPVlN4ZEtKNm1odk5iTHZCOTV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijk2Y2MzY2NjLWU5NWMtNDE4Zi04NGY3LTM1YmNhYjQ0OTk0NyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NSwiZXhwIjoxNjM2NTYzNDQ1LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImUxOTVhMzkyLTk0ODEtNDg2OC1iZTIzLTU1ZDdkOGJkMDAxYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0NX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Lv8Q9yofVU9SDR5EnXEYtVubUHV8IX033IoW9niF5MzXlVRs4KLe5bpM8E9t5OTGjka463ufyJ9hk9tRgBrON0m789EsvYOPIEfGTfJkTR-nC06eCt7IJI2q2d4FZRC3JrXclAPhQ1wkG9v8FASyDq7xTTw-l57kMyooGvR84PgZfpmoWOPo1B0VQkDkELW0M77HtwGD0E9Je_K8dyN-fWVZqJRPUUSSNb6vl3YZ1zbqg535OAmMoQAqQK_9mglOFrH1Rcc3MF8Ks30ydXOKyPmQwXXNP6sLT9dT5kRQWU5ySsShQ7dmzhOAMfaZ_c2tYQJZzBGYPANaVDqRi34iTw'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1748
[ {
"grantType" : "IdentityResourceAction",
"grantId" : "9f3584e9-93d4-4a27-af67-52ac02de967a",
"privilegeSourceId" : "9f3584e9-93d4-4a27-af67-52ac02de967a",
"identityId" : "83d8cce9-1ad2-4ec1-ae23-9d1f3d28f2ba",
"privileges" : {
"io.netfoundry.network" : {
"azure-virtual-wan-site" : {
"read" : [ [ ] ]
}
}
},
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.475028Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read Azure Virtual WAN Site, All to identity 83d8cce9-1ad2-4ec1-ae23-9d1f3d28f2ba"
}, {
"grantType" : "IdentityResourceAction",
"grantId" : "8cf10e5a-3811-46a6-a553-30e4c64d2c9f",
"privilegeSourceId" : "8cf10e5a-3811-46a6-a553-30e4c64d2c9f",
"identityId" : "83d8cce9-1ad2-4ec1-ae23-9d1f3d28f2ba",
"privileges" : {
"io.netfoundry.network" : {
"service" : {
"read" : [ [ ] ]
}
}
},
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.475028Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read Service, All to identity 83d8cce9-1ad2-4ec1-ae23-9d1f3d28f2ba"
}, {
"grantType" : "IdentityResourceAction",
"grantId" : "4f17338f-83e2-4c16-8d61-ac7ba290beeb",
"privilegeSourceId" : "4f17338f-83e2-4c16-8d61-ac7ba290beeb",
"identityId" : "2b6f496d-36f1-4e66-a205-8abcf1d41d74",
"privileges" : {
"io.netfoundry.billing" : {
"account" : {
"read" : [ [ ] ]
}
}
},
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:10.085001Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read Account, All to identity 2b6f496d-36f1-4e66-a205-8abcf1d41d74"
} ]Super-User Grants
Find Super Users
GET /super-users
Returns a set of {@link SuperUser}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read action on the super-user resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
identityId |
Object |
true |
Filters results to those that grant to an identity specified in this set. |
domainId |
Object |
true |
Filters results to those that grant access to one of the specified {@link Domain}s. To search for {@link SuperUser}s that explicitly grant access to all domains (ie, the domainId is null), include this query parameter with no value. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].identityId |
String |
false |
The id of the identity to whom super-user access has been granted. |
[].domainId |
String |
true |
An optional {@link Domain} id, which when set indicates that this super-user is limited to {@link ResourceAction}s in the corresponding {@link Domain}. When not set, this super-user applies to all {@link Domain}s, present and future. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link SuperUser} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link SuperUser} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link SuperUser} was deleted. This will be null for an {@link SuperUser} that has not been deleted. If this property is not null, then the {@link SuperUser} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/super-users' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJaLXFHdklad2RYdDJvdmJJVHJZUnpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjUyYTFhNmNhLWI3NGItNDljZi05NGQ4LTlhYjZmYzBiMDcwOSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MSwiZXhwIjoxNjM2NTYzNDQxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZTYyMDk1NGEtZTM3Yy00Y2IzLTk3MTktMDRjMmQ3NTM0MGEyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.BJkzUFKYlO2qsykgsrJxV0cGQJzzKjABh7EhHx4_XA2Z4XQskzd6YUCac4-8YCQeNbKwraz6WlbHo7Tp4-TNQJj2pFdqdwY2zoSFstLJZOiF89BwG5jFflDTsaPoQCojV2FjQTdS7kc3V3wPh2qA1IRAozGfNYptTRnihSkVKBVZExlB8o1mGk4A8odrOW75zmyPJLqHv7SDklPRdiZE_yelSZWGsXl_9zIt7Ulz_kS21bV9Yh0K40I1rekIIiZThDPfO2toWb891NjQM_KPUrbpJiC6MFIl0J62uk38pBM_ikGjJmn6ZedYGd15zINpgoysHttMTDjjl2jryZvClw'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1601
[ {
"id" : "9608fd86-34ac-408b-a0f5-c7791018d090",
"identityId" : "6e504652-a00b-4d6d-a3d8-a8c70d6de964",
"domainId" : "28960046-17d3-43b1-a9ee-08e9a48be909",
"createdBy" : "d5aa10de-98f2-48f4-93d7-554813a28402",
"createdAt" : "2021-11-10T15:57:21.478637Z",
"updatedAt" : "2021-11-10T15:57:21.517850Z",
"deletedAt" : "2021-11-10T15:57:21.511394Z",
"deletedBy" : "320df7db-2611-4d1a-b968-e95a39cc173e",
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in Test Domain 6 to identity 6e504652-a00b-4d6d-a3d8-a8c70d6de964"
}, {
"id" : "0b0cf0fa-91e8-4005-9a64-1cd58ec389e6",
"identityId" : "af1985f7-dc70-45c6-a456-a4ca11d24405",
"domainId" : null,
"createdBy" : "f0a269ba-a2f6-4eaa-be4e-e467152a8787",
"createdAt" : "2021-11-10T15:57:21.230173Z",
"updatedAt" : "2021-11-10T15:57:21.230173Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in All Domains to identity af1985f7-dc70-45c6-a456-a4ca11d24405"
}, {
"id" : "b10f1434-3fa1-406c-b45e-16519922ba6f",
"identityId" : "af1985f7-dc70-45c6-a456-a4ca11d24405",
"domainId" : "d66c4fcf-2541-43d2-ab4a-3b1b88129c51",
"createdBy" : "b5e26f61-c7ac-480f-b939-ede75dfbf68b",
"createdAt" : "2021-11-10T15:57:16.747140Z",
"updatedAt" : "2021-11-10T15:57:16.747140Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in Test Domain to identity af1985f7-dc70-45c6-a456-a4ca11d24405"
} ]Get Super User
GET /super-users/{id}
Authorization
This endpoint requires read action on the super-user resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
The id of the identity to whom super-user access has been granted. |
domainId |
String |
true |
An optional {@link Domain} id, which when set indicates that this super-user is limited to {@link ResourceAction}s in the corresponding {@link Domain}. When not set, this super-user applies to all {@link Domain}s, present and future. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link SuperUser} was created. |
updatedAt |
String |
false |
The date-time at which this {@link SuperUser} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link SuperUser} was deleted. This will be null for an {@link SuperUser} that has not been deleted. If this property is not null, then the {@link SuperUser} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/super-users/b10f1434-3fa1-406c-b45e-16519922ba6f' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJ0dnFlcThQNWlnNDNMYmdPLTNvaVBRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImEzNTc4NWU5LTZkN2QtNDg0YS1hNzJkLTg4ZDg5YzdlZmM3MyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MSwiZXhwIjoxNjM2NTYzNDQxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYzgzMzgwZWItNjllMS00M2U2LWEwYTEtMWI3Y2MyMjk0NmM5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Xmy_2X_8DYIy6g8lEZh7SOu_6T3qAbcpPG-nIAq32DEA-y3ARLkmZtpI_4cvHGaBLpmjMVrG-yMBwflfDfafCEr4hM7oRgTNNPPfZ_6KTnbg18MyJJXP8srN5kOH4jDqqPzNAGqIez3j91-V9WlP6N7YShNT0QkHFyt2pH0PX-ffdLMCPRXBNLWBOsjfodNimFcuFW_2eEg-qmPg47pitjdMJNECz0L04Sdl-ifvN2x3bbp2PZkiFHJXhwRPbniexGpvVLJCh94oVXBfG6xXmJeYG0yKwe_Fl0M3TaGSK1sh4FXVu9FaAEilTs13SeaSu7WF_Jvh1NvMsxfjUV9gcA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 522
{
"id" : "b10f1434-3fa1-406c-b45e-16519922ba6f",
"identityId" : "af1985f7-dc70-45c6-a456-a4ca11d24405",
"domainId" : "d66c4fcf-2541-43d2-ab4a-3b1b88129c51",
"createdBy" : "b5e26f61-c7ac-480f-b939-ede75dfbf68b",
"createdAt" : "2021-11-10T15:57:16.747140Z",
"updatedAt" : "2021-11-10T15:57:16.747140Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in Test Domain to identity af1985f7-dc70-45c6-a456-a4ca11d24405"
}Create Super User
POST /super-users
Authorization
This endpoint requires the following actions:
-
createaction on thesuper-userresource type -
readaction on thedomainresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
identityId |
String |
false |
|
domainId |
String |
true |
Client must have |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
The id of the identity to whom super-user access has been granted. |
domainId |
String |
true |
An optional {@link Domain} id, which when set indicates that this super-user is limited to {@link ResourceAction}s in the corresponding {@link Domain}. When not set, this super-user applies to all {@link Domain}s, present and future. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link SuperUser} was created. |
updatedAt |
String |
false |
The date-time at which this {@link SuperUser} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link SuperUser} was deleted. This will be null for an {@link SuperUser} that has not been deleted. If this property is not null, then the {@link SuperUser} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/super-users' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJkZ2x1ZlJtN1ZBOEdsc0ZFTXFCV2pBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImYwYTI2OWJhLWEyZjYtNGVhYS1iZTRlLWU0NjcxNTJhODc4NyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MSwiZXhwIjoxNjM2NTYzNDQxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYjNiMzBjYmEtZDkxZC00YjRkLWJkNmMtOTIxMTliZTg4NjY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQxfSx7XCJpZFwiOlwiZjU5MGI3NWMtZTAxOC00ZmI3LWIwMTUtNjg2N2FiOTUwODYzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.fFN4V5cksL6QLneUBRlcgwxGJbAlS2ebIlB1LIHmAWTvAR2xPYas8Ws9YukEj_RFpWlkfvHMGi-JlnM-ciJ0Zi1Paj72HKzSJbmENSGyU4W41NcnDLwskfnmawhyQqiMKwDOoD1koqda6C-LIr4Gy_U1VZ8DcXLdGBuKkc-KgXFtgoNHsb4COd8GNzdfbgTRQp4h-u5VNIUANIxkBIlhHpv5E2AYeLam2YZdC5LFMwP4NJ-D0OtXcyGy0cPMgU4G90YyMKtqtG_jTQhc9sFQ08s20Lz9THkKa-6ZEYKycPVTfLR-9iUwN-loi_LZ67zGAzlj1VqLpihGrOn9BHdb0Q' \
-d '{"identityId":"af1985f7-dc70-45c6-a456-a4ca11d24405","domainId":null}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 488
{
"id" : "0b0cf0fa-91e8-4005-9a64-1cd58ec389e6",
"identityId" : "af1985f7-dc70-45c6-a456-a4ca11d24405",
"domainId" : null,
"createdBy" : "f0a269ba-a2f6-4eaa-be4e-e467152a8787",
"createdAt" : "2021-11-10T15:57:21.230173Z",
"updatedAt" : "2021-11-10T15:57:21.230173Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in All Domains to identity af1985f7-dc70-45c6-a456-a4ca11d24405"
}Delete Super User
DELETE /super-users/{id}
Authorization
This endpoint requires delete action on the super-user resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/super-users/9608fd86-34ac-408b-a0f5-c7791018d090' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJkN21mVFp6dVJSWXQ3VkEwaGxEY3FnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjMyMGRmN2RiLTI2MTEtNGQxYS1iOTY4LWU5NWEzOWNjMTczZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MSwiZXhwIjoxNjM2NTYzNDQxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMzliOGM2NjQtOTE2ZS00Mzk4LTlmOTQtNWFkOTUxY2IzNWQxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Vc-4PqZLqqn4LMXQsXMSXybnjjDvyXvknyIVQkn60TphGuiRzuv2VLt7BMcderGmoTLRvdgR4e6bwvMaBkifxayJjm6TZhjwGvcgnPn68Po6XcEqrF3VVX6JBj_QfOSOplC_jQFd-LWFS7U4fU8F8wJpOelITpun0U-LLNXLeqJyDJAwAYZHT8lW5kMgEh8YLQVhuV5px2IDXOrz41_8kVcwtYOfYpOTaNWgUN0rstqOQM2DydX2fJYJ1pf-ti8OqHFrMs8NBK3PeQO-QwmRhsq-XU07fV6aiNKmMz_bMF5jzAwJWTtyMbSn589mR1E-QG9VXiujsNXNvgSUzA7z8Q'Example response
HTTP/1.1 200 OKPublic Grants
Find Public Grants
GET /public-grants
Returns a set of {@link PublicGrant}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read action on the public-grant resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
resourceActionId |
Object |
true |
Filters results to those that grant one of the specified {@link ResourceAction}s. |
isAnonymous |
Boolean |
true |
When true, filters results where the isAnonymous property is true. When false, filters to those with the isAnonymous property is false. When not specified, the results will include those with both true and false values for this property. |
path |
Object |
true |
Filters results to those that target any resource along the specified path. For example, if the path is to Network X which is under Network Group Y, this would restrict the results to {@link IdentityResourceAction}s that grant an action on any resource under Network X, an action on Network X itself, or an action on Network Group Y. Combine this query parameter with resourceActionIds to limit the results to the types of actions along the path that are of interest. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].resourceActionId |
String |
false |
|
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link PublicGrant} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link PublicGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link PublicGrant} was deleted. This will be null for an {@link PublicGrant} that has not been deleted. If this property is not null, then the {@link PublicGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link PublicGrant} targets. |
[].path[].resourceId |
String |
false |
|
[].path[].resourceTypeId |
String |
true |
|
[].anonymous |
Boolean |
true |
If true, then any client may perform the linked action even if not authenticated. If false, then a client must be authenticated in order to perform the linked action. The actual identity id of the client does not matter for {@link PublicGrant}s. |
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiIwalFMcTRxTzh5bXBuNG1kMl9SX2ZRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijg4MDg3OTg2LTA4NTAtNGQ5OS05Y2M5LTk1ZTZjNDdiM2IyMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NywiZXhwIjoxNjM2NTYzNDQ3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImJkODgyMGUyLWEwMzItNDRkMy1hMDc0LTEyZDgzOTQzMWRiMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N30se1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImEzOTQwMTBiLTI3ZTItNGFmMy1iZThlLTlmYjMwNmRhMmJjMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYTUwODdmMjEtNDc5MC00ZDdmLWE5OTYtMWFlNWI0N2VjY2YxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.CjhfA5CTXOlt6IaRXOJVYxGxyvg9PN5SrF3qGFoECp0uXTTSOL5wOUBu8QrZN8GQKpLj8wiuqlOdaXT4qjGQO_lGcIT2UdQnU9grQepkGxawed7lwc_T-q6YD2K1dC7wubndFSk-5_sQKh-RscbUbl41SjDRo_FKdaxzX_PDn3J12IoLtvDaPkJH7O7CnD0V9Kn_StcKF8WFUNtUrirB-5gU5kjeF7YpphDDSVphr4K2yao_1v5IzvS9COMzVn8quMBMmXBom2uLi2qoIFfDIwuZtNQoITXzivdaQzyo3iwF4rmQundCSNBmWEEJtaZNeaORpoG0Bzg_0Rkj44yBug'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1913
[ {
"id" : "31b66084-32c9-4d7d-bb80-560094f89d1b",
"resourceActionId" : "c3dbbed5-f3dd-43f6-9eb4-41553eb2fa8c",
"createdBy" : "841c5e09-f7ea-43a7-a02e-3354434cfce6",
"createdAt" : "2021-11-10T15:57:27.099503Z",
"updatedAt" : "2021-11-10T15:57:27.115574Z",
"deletedAt" : "2021-11-10T15:57:27.115232Z",
"deletedBy" : "879f55b1-d608-4319-82eb-991e7bb0d95f",
"path" : [ {
"resourceId" : "924befad-0ad6-4b0d-b890-cbe7e62d7208",
"resourceTypeId" : "7a41f86b-d1d7-4f30-b2d1-aa38cc40aa05"
} ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Test Action 49 Test Type 48 on/under Test Type 48 924befad-0ad6-4b0d-b890-cbe7e62d7208 to All Authenticated Clients"
}, {
"id" : "76e54087-674d-444f-8229-474ae4305d89",
"resourceActionId" : "0443e765-57a7-4175-9390-550e29c37aaf",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.222639Z",
"updatedAt" : "2021-11-10T15:57:08.222639Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Read Resource Action, All to All Authenticated Clients"
}, {
"id" : "bd8820e2-a032-44d3-a074-12d839431db0",
"resourceActionId" : "c158d21c-4a75-4b71-92ae-46dcbbfce881",
"createdBy" : "96fbcd3b-b7da-4404-8e2c-0bc980bd15f5",
"createdAt" : "2021-11-10T15:57:27.005154Z",
"updatedAt" : "2021-11-10T15:57:27.005154Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "39e02a50-1e6c-4e7c-a744-42dae263fdef",
"resourceTypeId" : "50aa8395-1a64-4535-9a59-19f190e4b6ef"
} ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Test Action 46 Test Type 45 on/under Test Type 45 39e02a50-1e6c-4e7c-a744-42dae263fdef to All Authenticated Clients"
} ]Get Public Grant
GET /public-grants/{id}
Authorization
This endpoint requires read action on the public-grant resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
resourceActionId |
String |
false |
|
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link PublicGrant} was created. |
updatedAt |
String |
false |
The date-time at which this {@link PublicGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link PublicGrant} was deleted. This will be null for an {@link PublicGrant} that has not been deleted. If this property is not null, then the {@link PublicGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link PublicGrant} targets. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
anonymous |
Boolean |
true |
If true, then any client may perform the linked action even if not authenticated. If false, then a client must be authenticated in order to perform the linked action. The actual identity id of the client does not matter for {@link PublicGrant}s. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants/bd8820e2-a032-44d3-a074-12d839431db0' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiIxN0hfY1Q0TGR6YVE5UGIxNXJlN1dnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImVkN2E5ODVhLTAwMmMtNGEzOC04Y2ZiLWM5NTU2N2I5ZmQzMCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NywiZXhwIjoxNjM2NTYzNDQ3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImJkODgyMGUyLWEwMzItNDRkMy1hMDc0LTEyZDgzOTQzMWRiMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N30se1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYmFkZDk3OGUtZTU5OC00YTk4LWFmMGMtODE4Y2FhYjZjYzBlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.pD9QNIoHwylApw6Lmn1z6eeyHF3fhU3qRyjvMXcddGb5RYFDzMI2lG7lrCQkkz6ZUGZ0oufhB3YQJJdhSuCMcMcXW_4zOfabuTMTg_6D4mdsn8cwjXDpnTwkOoK1oIfQ448aiGTMqKQivH4Nx78jccTyMpzBvDG_IBIhdM3vnnEwed5nvbcf8Q-Omm4vUlVQySfJwzC6zshCt10AhpTLa6PwPHsS_EGCIwp2lDXoQAstzNzBGG7zORH9HqCzGTn0Pg2nX_u-02gCVwxDiGpyp4jczf9xylSYp1xVewWiZ8g2WrP4_8CSemhdibbsS7Rsdl1FpD7cKXqRbU1QJ0b0RA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 678
{
"id" : "bd8820e2-a032-44d3-a074-12d839431db0",
"resourceActionId" : "c158d21c-4a75-4b71-92ae-46dcbbfce881",
"createdBy" : "96fbcd3b-b7da-4404-8e2c-0bc980bd15f5",
"createdAt" : "2021-11-10T15:57:27.005154Z",
"updatedAt" : "2021-11-10T15:57:27.005154Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "39e02a50-1e6c-4e7c-a744-42dae263fdef",
"resourceTypeId" : "50aa8395-1a64-4535-9a59-19f190e4b6ef"
} ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Test Action 46 Test Type 45 on/under Test Type 45 39e02a50-1e6c-4e7c-a744-42dae263fdef to All Authenticated Clients"
}Create Public Grant
POST /public-grants
Authorization
This endpoint requires the following actions:
-
createaction on thepublic-grantresource type -
readaction on theresource-actionresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
resourceActionId |
String |
false |
Client must have |
path |
Array[Object] |
false |
|
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
anonymous |
Boolean |
true |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
resourceActionId |
String |
false |
|
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link PublicGrant} was created. |
updatedAt |
String |
false |
The date-time at which this {@link PublicGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link PublicGrant} was deleted. This will be null for an {@link PublicGrant} that has not been deleted. If this property is not null, then the {@link PublicGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link PublicGrant} targets. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
anonymous |
Boolean |
true |
If true, then any client may perform the linked action even if not authenticated. If false, then a client must be authenticated in order to perform the linked action. The actual identity id of the client does not matter for {@link PublicGrant}s. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJ5ekFNMDl2aFhwMlYwa2JvSy03V3ZRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjRkNDlkYTE1LTE1ZmItNGZmZi04NzRlLTYzZTYxZTdlZGQwZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NywiZXhwIjoxNjM2NTYzNDQ3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImJkODgyMGUyLWEwMzItNDRkMy1hMDc0LTEyZDgzOTQzMWRiMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N30se1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYzdjNzVmNWQtMmIyNC00YTM1LWE3OTctMjU4ZTRkZmRkYzZhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiYmI2ZTY4MWYtYmE3MC00NmIxLWIzMmQtNWUzYmZlYzIwMzBhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Jj9ruaHOX8hp_zl6T5IZbZXH7SBhm9__-KXQAoXg5ITczdHnEPSmNG6L3FbsXvfjdy8_Fzoe0azFCwlSrqBHKd1i5_cUnEumqaT91dlmrbGL2HWFuhAosz4A9I1cxARn7sxzYObj4P9LUbVCR89BOHImRe-ORLYtI8QZebfiK_-kg2FrYikWvz1r9YtahAoCVBT1B9cCC7V58hYzMfW2kN4pBacOcmGtePhU-j2B2SoFV0o0vsbt_Kbv3-MXlga6b-6hdYqaJ8_Vps6vEjzTs4EkXbTHQ3xeGYgq9VcAr9Lcp9eu0nrjDSQyblXbHbeIuYORQEdCpZUHhKceIkR6pw' \
-d '{"resourceActionId":"f1cd1b7d-d014-4c4e-90db-da888b1d3bdd","path":[{"resourceId":"e68a4428-72bb-43ec-bd9a-997a696f5ba8","resourceTypeId":"33e0efd8-fa1d-438b-9b26-57c01955c799"}],"anonymous":false}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 669
{
"id" : "a394010b-27e2-4af3-be8e-9fb306da2bc2",
"resourceActionId" : "f1cd1b7d-d014-4c4e-90db-da888b1d3bdd",
"createdBy" : "4d49da15-15fb-4fff-874e-63e61e7edd0e",
"createdAt" : "2021-11-10T15:57:27.198760Z",
"updatedAt" : "2021-11-10T15:57:27.198760Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "e68a4428-72bb-43ec-bd9a-997a696f5ba8",
"resourceTypeId" : "33e0efd8-fa1d-438b-9b26-57c01955c799"
} ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Test Action Test Type on/under Test Type e68a4428-72bb-43ec-bd9a-997a696f5ba8 to All Authenticated Clients"
}Delete Public Grant
DELETE /public-grants/{id}
Authorization
This endpoint requires delete action on the public-grant resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants/31b66084-32c9-4d7d-bb80-560094f89d1b' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJtV2c0WG5PT2MwdWF2dWgybUQwbkRBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijg3OWY1NWIxLWQ2MDgtNDMxOS04MmViLTk5MWU3YmIwZDk1ZiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NywiZXhwIjoxNjM2NTYzNDQ3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImJkODgyMGUyLWEwMzItNDRkMy1hMDc0LTEyZDgzOTQzMWRiMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N30se1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjMxYjY2MDg0LTMyYzktNGQ3ZC1iYjgwLTU2MDA5NGY4OWQxYlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N30se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMzhkYmJhMzktYjkzZi00ZDI4LTg2YzAtODk0NGI0ZDhlZDYxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.mRHu3a6HQG2sYRYD5aZfS3Q7DJHy2pDubCutQLBDzDzSc9SmiM1YRthcj8tXMQEk_x0NF350LeihxB98cJ-ncjGJ05CTh66_DFZScB8uxFK-DRetfN_hYnEzYnGNkJtw_WXx8rFiBQFyGJ5mWYGCs0R6ylaJZqMeFdVWPv_9dJCE1g-RAFV1MiDaWAwTgHJSmkiNWM-Hvavs9r6ppxs7qkjfBkD575ZvRAsXYd3WI2laDC-EHAGpPOM6aBiOGJmJ_O8gsYgCR4rGlamqSJ3HArW-pcpJskJIhF0yrNTUanYQ0YV9WhwYdLPJ5ZGDSWEByO-OtdOrKBnq3v0w_T-S2Q'Example response
HTTP/1.1 200 OKIdentity - Resource Action Grants
Find Identity Resource Actions
GET /identity-resource-actions
Returns a set of {@link IdentityResourceAction}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read action on the identity-resource-action resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
identityId |
Object |
true |
Filters results to those that grant to an identity specified in this set. |
resourceActionId |
Object |
true |
Filters results to those that grant one of the specified {@link ResourceAction}s. |
path |
Object |
true |
Filters results to those that target any resource along the specified path. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].identityId |
String |
false |
The id of the identity to whom this {@link IdentityResourceAction#resourceActionId} has been granted. |
[].resourceActionId |
String |
false |
The {@link ResourceAction} that possession of this {@link IdentityResourceAction} grants to the linked identity for resources under the specified path. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link IdentityResourceAction} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link IdentityResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was deleted. This will be null for an {@link IdentityResourceAction} that has not been deleted. If this property is not null, then the {@link IdentityResourceAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. |
[].path[].resourceId |
String |
false |
|
[].path[].resourceTypeId |
String |
true |
|
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJ3eURCQkhfU05yV19pWnJQYnZxeURBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3MGUyMmNhLTU0YzgtNGRlZC04MGQyLTM4N2Q0MDUxZGUwYSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MCwiZXhwIjoxNjM2NTYzNDQwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMTZlZjZiNjQtNWExYS00Y2ZlLWEzYTgtODYyZDRiMjY5OWUzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.LMn858nhq2vJy0925azLTq3hT9DxM5sUBjVsDfg6zwCr4NJ5fmtjQYFCrbTNoz6Qos_xanI62_tQC2jqQxmY2uiakOMRbavbPZuKIMq8dWvqdW8i4YbGVfQFl_zueFO96C03jIutha5oZ7bk2uWKY91cVuufLIHQeapkO1e5JWnUrjfAsBOeyCfK-Oe3Cfi2emIhUMxcp9hzaKUMMU4b7LKNbznItxrc8PAdc4wQpU-yUck6TRoTYlAPWvsa9YhmbJjAbjWEGLp87tzed5273FxhZc6l7mnOhsb-S9OWgPruxiYqnlOvXsSLDrnLRo6ZmkBHD-S7k9MS6BGGyL-DAQ'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1710
[ {
"id" : "189ca8d3-fa34-4952-b744-cfc8d7738c77",
"identityId" : "83d8cce9-1ad2-4ec1-ae23-9d1f3d28f2ba",
"resourceActionId" : "1d442f14-44b8-427d-9ad2-616196763988",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.475028Z",
"updatedAt" : "2021-11-10T15:57:08.475028Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Read NetFlow Collector, All to identity 83d8cce9-1ad2-4ec1-ae23-9d1f3d28f2ba"
}, {
"id" : "dccc1d2f-b23a-4585-9fd6-194ca1efb848",
"identityId" : "16f645d6-e5ec-4d27-a542-64891f58b3a8",
"resourceActionId" : "93688ab7-a800-4b0d-8bf0-e044d22cf853",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:09.299518Z",
"updatedAt" : "2021-11-10T15:57:09.299518Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Read Gateway Cluster, All to identity 16f645d6-e5ec-4d27-a542-64891f58b3a8"
}, {
"id" : "4437b80d-2604-4896-945f-a7ad0dc31d0e",
"identityId" : "0ed768fa-7214-4404-8335-a715156dff45",
"resourceActionId" : "d0e0ee04-dbdb-4993-9754-e47b9f19d6c3",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:09.466309Z",
"updatedAt" : "2021-11-10T15:57:09.466309Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Read Identity Provider, All to identity 0ed768fa-7214-4404-8335-a715156dff45"
} ]Get Identity Resource Action
GET /identity-resource-actions/{id}
Authorization
This endpoint requires read action on the identity-resource-action resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
The id of the identity to whom this {@link IdentityResourceAction#resourceActionId} has been granted. |
resourceActionId |
String |
false |
The {@link ResourceAction} that possession of this {@link IdentityResourceAction} grants to the linked identity for resources under the specified path. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link IdentityResourceAction} was created. |
updatedAt |
String |
false |
The date-time at which this {@link IdentityResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was deleted. This will be null for an {@link IdentityResourceAction} that has not been deleted. If this property is not null, then the {@link IdentityResourceAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions/8c957dac-42d3-4b86-adfb-766a0c1c2211' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJ1TUc5WlBLeS13WW9ocmRMb042dFF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjZkMTRkZDQxLTBhZTktNDg2Mi1hYzljLTliZDBiMWZiYzkwNSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MCwiZXhwIjoxNjM2NTYzNDQwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiODBlMmFkYTMtYmExNC00YzU5LWIxMzYtODkzOTlmMzc2ODFmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Rwb-HiSnQJcwRvsDGIzYHttCZfyaxB6mMAErOXX204XkNCUejPwcDfE6yIgEtiKHAHI25hMfOisTSP3YZeh73fA1biYAW7tDGgO9jd8Q1YLIyOCfuBch_Dm0bHT080VbZ8Pd39zi6ICse5ysHW3AjSNwGfrSS-1ivt-8BWxt1dUrcjy3BXIpzhXSKpQ51zdEHk5tSe7w4h4wJ7SROqPW-_k4YgJHP0FzA3m4woNJXxUWfiAwJXO0VMdvt29qnPdw8kQt7Ebll6Ro7LhnbhI7tX15lQ5NJnRaj6QY5g0Arj5byHSdxcZxuJXvljLgee4dao7_UrgzBsKDcBabKSG9gQ'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 751
{
"id" : "8c957dac-42d3-4b86-adfb-766a0c1c2211",
"identityId" : "14f6b1e5-f77b-4444-a0ce-19b9ee513cd5",
"resourceActionId" : "78fc5a76-914e-4d12-8f78-fdd247c4314c",
"createdBy" : "88dd6942-8daf-4b31-b876-03893ec6e2a6",
"createdAt" : "2021-11-10T15:57:20.865698Z",
"updatedAt" : "2021-11-10T15:57:20.865698Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "22cc6198-d9ad-4a7a-b484-ce020b467fed",
"resourceTypeId" : "008fe6d6-097e-43c4-9309-9bfc6b98b3aa"
} ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Test Action 5 Test Type 4 on/under Test Type 4 22cc6198-d9ad-4a7a-b484-ce020b467fed to identity 14f6b1e5-f77b-4444-a0ce-19b9ee513cd5"
}Create Identity Resource Action
POST /identity-resource-actions
Authorization
This endpoint requires the following actions:
-
createaction on theidentity-resource-actionresource type -
readaction on theresource-actionresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
identityId |
String |
false |
|
resourceActionId |
String |
false |
Client must have |
path |
Array[Object] |
false |
|
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
The id of the identity to whom this {@link IdentityResourceAction#resourceActionId} has been granted. |
resourceActionId |
String |
false |
The {@link ResourceAction} that possession of this {@link IdentityResourceAction} grants to the linked identity for resources under the specified path. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link IdentityResourceAction} was created. |
updatedAt |
String |
false |
The date-time at which this {@link IdentityResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was deleted. This will be null for an {@link IdentityResourceAction} that has not been deleted. If this property is not null, then the {@link IdentityResourceAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJFUlNXLTY3S2tBS0RJX1M0ckNnZm5BIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImY3ODkzODVkLTMxOGQtNDNiMi1hZjQ3LTBiZDE3ODIwNzk0ZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MCwiZXhwIjoxNjM2NTYzNDQwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZmY5ODU3YWMtNzZhMi00OWM0LTlhNzAtNTBkMDExOTJkOGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQwfSx7XCJpZFwiOlwiMTc5MjY5MTctYjI0Ni00MDM4LTllZDYtZGQyN2ZkNmIwNjAwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.b89VvbwieRVG0QYG8wYCnasFUHRL3jgqbiUHfczvJgy09xPb_X4dyJTchWeCQhQOTulv458mgjaFAOkMT4CEC4rSezihYG0V1SX1BaQq-qB78F1ZDRbE4NXdD0B4ZJbNF2btsFa17mi2oGdjdbEDqvUkTrEGmoU-f-2qU38EnnaLv52xboD6hZ85nd1v7Yh3zLEBtkWlen-rPoee8BX-hcbamMqSkWZlf0Z02HGw2xHQx3jCfEyz1t6uTwfb3l0NCIq7WaRqV5JCeC9UP2t33legXe_ka6Loe1IpbKURpgHVuA-zUekeRcZlHqfmruqHGodNGOoFOeaVe1HnkqFqxA' \
-d '{"identityId":"ab17c024-3658-4b31-9cf5-45d33a5498fc","resourceActionId":"f1cd1b7d-d014-4c4e-90db-da888b1d3bdd","path":[{"resourceId":"e25cb59b-261e-4ac9-a5c5-4fd0575c6fd1","resourceTypeId":"33e0efd8-fa1d-438b-9b26-57c01955c799"}]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 745
{
"id" : "e7f02f26-3cdd-40b7-b793-8dd6e02ab0a2",
"identityId" : "ab17c024-3658-4b31-9cf5-45d33a5498fc",
"resourceActionId" : "f1cd1b7d-d014-4c4e-90db-da888b1d3bdd",
"createdBy" : "f789385d-318d-43b2-af47-0bd17820794d",
"createdAt" : "2021-11-10T15:57:21.016884Z",
"updatedAt" : "2021-11-10T15:57:21.016884Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "e25cb59b-261e-4ac9-a5c5-4fd0575c6fd1",
"resourceTypeId" : "33e0efd8-fa1d-438b-9b26-57c01955c799"
} ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Test Action Test Type on/under Test Type e25cb59b-261e-4ac9-a5c5-4fd0575c6fd1 to identity ab17c024-3658-4b31-9cf5-45d33a5498fc"
}Delete Identity Resource Action
DELETE /identity-resource-actions/{id}
Authorization
This endpoint requires delete action on the identity-resource-action resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions/1e006c01-0f85-4ff9-9bc2-f09cbfd3ee99' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiI2OS1UUUhscmZQSk9kTnlVOTVsa0FRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImE5Njc5YjAyLWE5MzItNGFjOS1hMGYxLWFmODQwZGI2NjU1ZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTgzOSwiZXhwIjoxNjM2NTYzNDM5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZWJjN2VhNGYtMjZlOS00YzUwLWFkNzItZjFlNGNjMmVjM2UyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.KlfssPT5md2vdsNSFC05f_cwAvCG-_7QJGUUOGq7SeBeF0TNaGQLwTIqRZeZhuTVIGcccPZLUnwCMKeDEGGGrHgXoJ74TRvyjiXL_P0JGy6Xsai3g5joa_zDNOJF7IEgF5v-BwaYt9cezr-Xs7AgRolU2yNGmo9q6-PfqszDIianTgJDR6qTYcVgEtNKgJ7Bffg2chCw04pd0S10boGuxIA7b2Yb3yHtgQWmhm6skEp6A9jBt7C3AEItoiz5lNgPvT2iNSQ4uwZb1LMU1NRtD9rduOaMlK7QTvRhblrBgkFZJVl6m6fTVG7Pf44krMVFL4QF_d6NxB8rIljueRSP0A'Example response
HTTP/1.1 200 OKCustom Roles
Find Custom Roles
GET /custom-roles
Returns a set of {@link CustomRole}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read action on the custom-role resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
identityId |
Object |
true |
Filters results to those granted to one of the specified identity ids. |
resourceActionId |
Object |
true |
Filters results to those that grant one of the specified {@link ResourceAction}s. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].name |
String |
false |
The human friendly name of this {@link CustomRole}. Size must be between 1 and 256 inclusive. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link CustomRole} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link CustomRole} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link CustomRole} was deleted. This will be null for an {@link CustomRole} that has not been deleted. If this property is not null, then the {@link CustomRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJjOW14U0ZhR3R2UEpQTS15LTNZUmZ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjM0MGFiZGE1LTJkNGUtNDhjNC1hYTdmLTZiNzk0ODg1MjRiMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MiwiZXhwIjoxNjM2NTYzNDQyLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOWQ1ZDg4MDYtMzg3OS00ZmVlLWE5N2MtZDQ4YWJiOGFhOTY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQyfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.fasi6w6pK7unwW_fZ7V2Jwo3wtbrrci8o1boUhTY_QrhrlAjtj_xMakIBmV_uMvP4gN9GdTTIlnVUExlbnZDD_dGEWut6tuQnRmIKtFA7GgEfoGKRZ2ysPO_68S3trB44pmmJ8G5AySeTOKkeibKhq6z-JEJouP0rXVsCYP17GrNZ20E1JG-qnKcmssluyJv7wHVK0OEO9unhUsdZrQo-dCX4EpYUQYuK_eaTKvK2HwQ-Kn86BMCqpFaoF3NSMbmxemQ0SQJ00bt_GP6lUTurfRtN2Ly2TndSH9s15eGGLN9wrJtoiFxAxXtE0Y8YrUxYE4e8EVOfw-mZf_ytZBJ_g'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1157
[ {
"id" : "74a9a6c3-106c-40bc-acab-780c837ad8d0",
"name" : "NF MOP Tests, Control Plane",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.571677Z",
"updatedAt" : "2021-11-10T15:57:08.571677Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "NF MOP Tests, Control Plane"
}, {
"id" : "43c2ec8b-262e-46bb-a861-8009a6b3304b",
"name" : "Test Custom Role 9",
"createdBy" : "48d8f367-1dd8-4b82-9e62-9d4b80dcd5cb",
"createdAt" : "2021-11-10T15:57:21.959606Z",
"updatedAt" : "2021-11-10T15:57:21.959606Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "Test Custom Role 9"
}, {
"id" : "6420c3ef-8a44-43ac-8411-23983ba2efdd",
"name" : "Test Custom Role 7",
"createdBy" : "e0367dc9-d249-49c3-b1f5-843ee53cd6c5",
"createdAt" : "2021-11-10T15:57:21.739978Z",
"updatedAt" : "2021-11-10T15:57:21.739978Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "Test Custom Role 7"
} ]Get Custom Role
GET /custom-roles/{id}
Authorization
This endpoint requires read action on the custom-role resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
The human friendly name of this {@link CustomRole}. Size must be between 1 and 256 inclusive. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link CustomRole} was created. |
updatedAt |
String |
false |
The date-time at which this {@link CustomRole} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRole} was deleted. This will be null for an {@link CustomRole} that has not been deleted. If this property is not null, then the {@link CustomRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/2626a712-c6c8-48f0-a3ac-a7478ee6b8dc' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJBT0dQY1VrTnF0cmlOM2dCR2tsVUZ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjVkYzM2ZjdiLTJkZjQtNDk4Yi1hOWQ3LWVhZWJkYjY3Y2Y2NyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MiwiZXhwIjoxNjM2NTYzNDQyLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYzg3YmJiNzgtMjQ5MC00ZDU0LTkxMzctODM1OWZiZDA2NjEwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQyfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.kgcAMQZo6yDCYiYolPdVzB1znw9nY9-fNx5J6EyJ_J9x8eVTigA1pWpmFOYc0fiz7yeZWs24gvU7PpdNkxUYalOJqC-TT7Pj3_kzwaBo1dKebOC7rdQtdcAX8Lbbu5b3VvuwMPk11g9ELOFCDB-G8TivA1I6n7d7CPd-xz04nw72D6ZO-YCH-pBaPx6hfe3Rlr9Dhe8hHzvX5WcNnVgUmAQkW4Nx09EbTsKUHHHvIwdIKkMZJ-TCbbZii-DOiJvls9sdQASc5Xm19mYYDYhZ5En4rdZK0AuL7cMLaN2G48xppeGwxSViu3hBvR2rwwjwPwgW6Lr7S_1TbiSzhFxKXQ'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 379
{
"id" : "2626a712-c6c8-48f0-a3ac-a7478ee6b8dc",
"name" : "Test Custom Role 10",
"createdBy" : "f06f6633-84b2-4411-8c55-310e50b286ec",
"createdAt" : "2021-11-10T15:57:22.366935Z",
"updatedAt" : "2021-11-10T15:57:22.366935Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "Test Custom Role 10"
}Create Custom Role
POST /custom-roles
Authorization
This endpoint requires create action on the custom-role resource type.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
name |
String |
false |
Size must be between 1 and 256 inclusive. |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
The human friendly name of this {@link CustomRole}. Size must be between 1 and 256 inclusive. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link CustomRole} was created. |
updatedAt |
String |
false |
The date-time at which this {@link CustomRole} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRole} was deleted. This will be null for an {@link CustomRole} that has not been deleted. If this property is not null, then the {@link CustomRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJjajVQTzFtdUJkXzJxQVN3SGFyb01RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImE0N2E1NWJiLTAwMWMtNDliNS05ODMwLTQ3NWEzMGM5YzQ1MSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MiwiZXhwIjoxNjM2NTYzNDQyLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZjVjZTViODEtNmY5Yy00OWE1LThjOGQtYjQyNDViNDRhMDNlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQyfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.EeiR3Q-TwiCM_I1fMyT27oJ9_tAUMbZ2K3D_7nMfXzmAPRDo8ztcjGcOo1HUUi0rdTLZdhcxeXccHi3vFw6dx_k7nCwxcWZaNVYfiHHJ68FUxcNzrb4FNvb69Ed4NZzZwlIOPNj_V56eTez1Y9PSLzq58N9mBiLwYX_kkrYQrHm9IJy63SytMFQAJR30neCtez-3NOknqlG2ljGE9V9yOCJlX9_hy9lrlBQqYXORhCKdusi4iuSHMqsUjQ9s7d6CEUkfFf--CN1hHepnbitAdKFas68_uB_YjfG231is6qDpXsjoYvx1GG9FcI-QcMeDpmbJWNUWQ5I8O1Ul_lkoSQ' \
-d '{"name":"Test Custom Role Create"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 387
{
"id" : "75af4f31-86b5-492e-bcbf-365f219598d8",
"name" : "Test Custom Role Create",
"createdBy" : "a47a55bb-001c-49b5-9830-475a30c9c451",
"createdAt" : "2021-11-10T15:57:22.767867Z",
"updatedAt" : "2021-11-10T15:57:22.767867Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "Test Custom Role Create"
}Delete Custom Role
DELETE /custom-roles/{id}
Authorization
This endpoint requires delete action on the custom-role resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/88b0e6d5-0618-4925-b620-ccc9f5a6fc06' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJyVkl2X1owZ1BKSzlhUURGUkN6TkFBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImUxMDFmZTZlLTJmYzUtNDJiYS05ZWIzLWMyZGFlYTdiZGQ5MSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MiwiZXhwIjoxNjM2NTYzNDQyLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYTYyYmM1MzctMWQ5My00YWI2LWFiNGQtZDk4NDlmYmY4YTk0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQyfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.PhgQphM8uK2CFP-mXy6zJXFo9pZU2QLw6b21xvulSuPsWNOsGVCajUui3bKbxkH-p9O-P3rSf6z8aHryX4RMToYGXH1VE96CLO3TniOqN8HxN8Guoqd1yJ1R9Bcdk1gSzwiYKSOC_nktrayN0NMoGt5XCBCTihE7vS6r1I4MgOybosoe9m7u-ZEnbwgId99KTOZLg1_aPHCy5w4kbvy6hm46c8bwNsVGUU9cyN6m_4v3LiOEL6eDZOCdtZjd90z_d95n1PbT50D_2feVtvC7ZY64B_gxrBtjLUAaI3V7UcGMuyU8VOLQr8iJZp_OfnPTb8PZcwG-xr2Q5US00KHEvg'Example response
HTTP/1.1 200 OKGrant Custom Role (deprecated)
POST /custom-roles/{id}/identity-grants/{identityId}
Deprecated.
Deprecated. Use {@link CustomRoleGrantController#createCustomRoleGrant} to grant an identity a standard role.
Authorization
This endpoint requires the following actions:
-
readaction on thecustom-roleresource type -
createaction on thecustom-role-grantresource type
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/aef1471a-05e9-4d56-97d7-75da53f618af/identity-grants/6204afc2-192a-42cc-998c-cb66948ea047' -i -X POST \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJkZ0pxUWdtQ2tnclBEMUNsb0xFRUZBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjgxMzRlYjQ0LTAxNWEtNDU1Yy1iY2FkLTIzNGI3OTgyMjAzMSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MiwiZXhwIjoxNjM2NTYzNDQyLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZGZlNTQ0NzQtMDQ5OC00M2IwLTk3ODYtNmU1MjJkZGZiNjdmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQyfSx7XCJpZFwiOlwiMjAzNTg5ZmYtYWQ5MC00MzdhLWIyY2EtYWQwMTBkNWI4M2NmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQyfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.d5wkJhuPFv9OxFbFVA5EadIomJ6saF3fzQDOZPQIFe3oeVdPTM3iaL8Oy0tkrQhe5Hdl9A9-X492FbStFxpCLD5vorGnuXjKBbIg3Rn29Xn66RQE9Vzjb2VWG3r7c2E5v5OyKuneTB6-xDVKPyMqWgSDjDRNsO46zODZRnrqdsm3nHPrfakUjzXs07qMBKml-fMee7zSKTaOJ3jo7oqf7EgBaOq6L5NIzEsFdODA5T9nOVPLi0QNHYwn9l9vMwxaV-keFBTz3alOYFTZdHg9AWiAftFO7wd-q0AWCg5N5kWjrVyF6GbfRFSY4gIXr8zlqOokFkYhBqjF3XY5Pq1Otw'Example response
HTTP/1.1 200 OKRevoke Custom Role (deprecated)
DELETE /custom-roles/{id}/identity-grants/{identityId}
Deprecated.
Deprecated. Use {@link CustomRoleGrantController#createCustomRoleGrant} to grant an identity a standard role.
Authorization
This endpoint requires the following actions:
-
readaction on thecustom-roleresource type -
deleteaction on thecustom-role-grantresource type
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/5981d0df-5466-4c84-b1fa-a5af73dfe0c5/identity-grants/cd7a37ba-7cc2-4db0-ad8f-e842ac7725f5' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJyRDlrdDVKOElxRl9wR1NDbEZ2OGV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE5ZjlkNjI0LTM1YTItNGZmYS04MTMxLTEyY2U0MjUxZTUwOCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MiwiZXhwIjoxNjM2NTYzNDQyLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZTJhNzg1YTAtNzJlMi00NjdmLWI0ODQtZjZhZGFlZWU3MjZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQyfSx7XCJpZFwiOlwiOTFiNDNiZTQtZDVkMy00ZWFjLThlZjYtZjhmNTJiNWIxZWUzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQyfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.BeI3FKITykG34_pqRBItMJTVvQEuLlTU6LAbKSjXExYZsxjoJooEPBJTmF4p_iA4pQfK-mWLPQHZr9Cl8eo1_rXJFNABZsuWe_AN6ZPuvqphfrleB4UCoc_M4EYbqgObW-6VA5wl92qMcn_OZTjagySvV0gtOFXO-7LHeGFo0jOvQO1KAXJkaYc-PrakAdktVvC1F4ntSkJbouiGw0ThMHhzuYCUykpuIYneDGopaon3SjMK-Gloyy2a6m4O8vOVc_coZpRbJenTUBwyYWUGduZP-qKHbX6Ro-mZFUmDBKdYEjyF7DQ-n73E3lyzxuq9jvx479YNyRsoqNtPQ1CSng'Example response
HTTP/1.1 200 OKCustom Role Actions
Find Custom Role Actions
GET /custom-role-actions
Returns a set of {@link CustomRoleAction}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read action on the custom-role-action resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
customRoleId |
Object |
true |
Filters results to those from one of the specified {@link CustomRole}s. |
resourceActionId |
Object |
true |
Filters results to those that grant one of the specified {@link ResourceAction}s. |
path |
Object |
true |
Filters results to those that target any resource along the specified path. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].customRoleId |
String |
false |
The {@link CustomRole} that this {@link CustomRoleAction} belongs to. This {@link CustomRoleAction} should be granted to any identity that is granted this linked {@link CustomRole}. |
[].resourceActionId |
String |
false |
The {@link ResourceAction} that this {@link CustomRoleAction} confers to the identities that hold the linked {@link CustomRole}. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link CustomRoleAction} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link CustomRoleAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was deleted. This will be null for an {@link CustomRoleAction} that has not been deleted. If this property is not null, then the {@link CustomRoleAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. |
[].path[].resourceId |
String |
false |
|
[].path[].resourceTypeId |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJCVHllYVZEOW1yMTcxbGpKTUxBbTlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImQ1YTEyN2UxLTcyOTYtNGNlMy04MzFkLTI0OTkzOWY1MWNlYiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NiwiZXhwIjoxNjM2NTYzNDQ2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiODdmZjU4NTUtZWRmNC00YjhlLWIwNDYtYzBmODYwMWJkZDNmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.VnOsG5nbTuzZM27UGQ9uVHcdHsUYVrcbesGmYAX868Ashn3_uZut9hc9C05Mn9yB_MTZ0BRuUMyazeyzeHE0rhvI0UQh2_7eNXdnp_3wlBsJrUf7A2klxM6Idf-haOSNRwmn0PEuQHybXP2nOIdLPUcX-jdY9sKKLciS7d5hrZAbatIG-Xa5aiBOG_-P-1-mK-Gcw0i89GP_h4O2gyjUYHPvtsXeF2ad-d5jMv0Crl8VATLfMoLaxMkTmHH2hwsBBYZLGeGk6anEcHxravkiq75Sj0qr4z62aeqAA1cKyJ-C12aGntD85bB1I7Tdy93mZpZPfoZyF3doySRJNNT2Rw'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1281
[ {
"id" : "946bb965-e741-46da-9cbb-d5ab076c0361",
"customRoleId" : "74a9a6c3-106c-40bc-acab-780c837ad8d0",
"resourceActionId" : "3481f070-05d6-4562-9f36-3791cf65a658",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.574422Z",
"updatedAt" : "2021-11-10T15:57:08.574422Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"_title" : "Read Custom Role Grant, All"
}, {
"id" : "89462ea6-b055-4def-a1db-433fa36d3e72",
"customRoleId" : "668720a0-531a-44fc-b196-4d3dbfba73eb",
"resourceActionId" : "223e5f71-b84e-4465-97c2-8dda550ece84",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:10.048555Z",
"updatedAt" : "2021-11-10T15:57:10.048555Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"_title" : "Create Payment Profile, All"
}, {
"id" : "ed95e045-1d91-4a23-90c3-11314ab1e516",
"customRoleId" : "668720a0-531a-44fc-b196-4d3dbfba73eb",
"resourceActionId" : "92e583f0-c453-46b9-a5a0-138c912d3544",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:10.048555Z",
"updatedAt" : "2021-11-10T15:57:10.048555Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"_title" : "Update Account, All"
} ]Get Custom Role Action
GET /custom-role-actions/{id}
Authorization
This endpoint requires read action on the custom-role-action resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
customRoleId |
String |
false |
The {@link CustomRole} that this {@link CustomRoleAction} belongs to. This {@link CustomRoleAction} should be granted to any identity that is granted this linked {@link CustomRole}. |
resourceActionId |
String |
false |
The {@link ResourceAction} that this {@link CustomRoleAction} confers to the identities that hold the linked {@link CustomRole}. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link CustomRoleAction} was created. |
updatedAt |
String |
false |
The date-time at which this {@link CustomRoleAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was deleted. This will be null for an {@link CustomRoleAction} that has not been deleted. If this property is not null, then the {@link CustomRoleAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions/80a2075a-9be6-4815-bbf3-098b42a1522e' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJ3RmxrTUlEUlR6QUZDY2pibXhIU2lnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImMyMjYzNzdlLWRkNmItNDZjMi05YmJmLTQ3MjRkNGVhZDEzOCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NiwiZXhwIjoxNjM2NTYzNDQ2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZWU3MmY0YjktMzkzMi00Y2M0LThjYWQtNjUyYzcyMmY5MDg2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Atcdy-BhwkqEzpprelnNinM8EO-em9ZtBkovDGxJmSCL7N9Bcalbfu3W1hWcxXtaJVYp5YP8AtJTjIfgZiRZ5zrnu1wkWVBVhGxv0I5g33L3BhFmjkm0hdvRTeUX8xxhUCmMqPAVjIIgm-OGQPmAFdq5_MBYkJd4hw-jUi2Gqp_9smyKkyXeE7jPWPMhw7ZcAVsUSg8jV2RhlWjFFVyCTvA26Cnrftm9pcOJxJCqb-XCNH32jLpGHtYODZjizEjLgXGDaAD8ZtcwZ6Ou10xOjmYMrAsSY_LJvIMUGLGNAtjIx0oXspXZOd5SIBx-FP5LAvThdkSy9PGAf6xlj9c39A'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 613
{
"id" : "80a2075a-9be6-4815-bbf3-098b42a1522e",
"customRoleId" : "e9400081-c39a-4752-89d8-3a9c69c48cb6",
"resourceActionId" : "8b9cba56-2812-4644-bbed-cfaac28a106b",
"createdBy" : "cb9cdb3a-6e2a-4ff8-a37d-822e51841ab6",
"createdAt" : "2021-11-10T15:57:26.110469Z",
"updatedAt" : "2021-11-10T15:57:26.110469Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "b6ae21f7-614f-45c8-80df-52a1020e77af",
"resourceTypeId" : "f2382ce6-e8c9-4636-b963-166761150831"
} ],
"_title" : "Test Action 38 Test Type 37 on/under Test Type 37 b6ae21f7-614f-45c8-80df-52a1020e77af"
}Create Custom Role Action
POST /custom-role-actions
Authorization
This endpoint requires the following actions:
-
createaction on thecustom-role-actionresource type -
readaction on thecustom-roleresource type -
readaction on theresource-actionresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
customRoleId |
String |
false |
Client must have |
resourceActionId |
String |
false |
Client must have |
path |
Array[Object] |
false |
|
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
customRoleId |
String |
false |
The {@link CustomRole} that this {@link CustomRoleAction} belongs to. This {@link CustomRoleAction} should be granted to any identity that is granted this linked {@link CustomRole}. |
resourceActionId |
String |
false |
The {@link ResourceAction} that this {@link CustomRoleAction} confers to the identities that hold the linked {@link CustomRole}. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link CustomRoleAction} was created. |
updatedAt |
String |
false |
The date-time at which this {@link CustomRoleAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was deleted. This will be null for an {@link CustomRoleAction} that has not been deleted. If this property is not null, then the {@link CustomRoleAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJmZDNrZUR0LWtRbHNwSDkzSGRhazNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImZlZTk5MTQ5LThmNDYtNDIyZS1iNzFiLWE2ODIyNjdjMjlhNiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NSwiZXhwIjoxNjM2NTYzNDQ1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMzE2NGM2YmItNGM2NS00NzU0LWJlZjktZmFmMDJjN2MxZTI4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ1fSx7XCJpZFwiOlwiMGIwNzU1MjItMTU5ZC00N2Q2LWE3NmUtNDIzMjA4MzYzNmQ1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ1fSx7XCJpZFwiOlwiODMzYmY4ZmUtMzE2YS00YTBkLWI2ZDMtYTY0NWY5ZDllZWNkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.HXFAo1kG8WM-tjPTxucU1Bvm6QM9bSSE6svsmjUy6Z0V8-fFc2uP8vOin8-6Vs8G0nz_z_YVTDYRYVugtZqyM9khPGHfUA1Mno8R9zsHnxyo4ZK8As12yeWUFOXmwHZuhAJUi32LQrm8GRAJ8CquGC25iyI5_zMRdJQnVhcVciKaYmZjZAf_dx9QqZ2sEB1DoK3Zzv6pEWqk3Jkw_7QzBNbu8BQM9JTAZZGKHAPrQPnUDWNYSOayKdVaS5LmEWpIW11I7l4OKKkMMMNtBbOwAWGgUxRx4MnNch0mEo1cKiv6hvuEb6HhC9IBjasi9u8on50sxGaJHIy35ahB8PJgiA' \
-d '{"customRoleId":"0f65cbce-64cb-4a37-a0eb-5f2c82acf8ac","resourceActionId":"f1cd1b7d-d014-4c4e-90db-da888b1d3bdd","path":[{"resourceId":"7924e21a-6972-485b-ba7a-36214681cd0b","resourceTypeId":"33e0efd8-fa1d-438b-9b26-57c01955c799"}]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 604
{
"id" : "309a1ca9-2dcc-49a3-b5f9-2014f584a4d0",
"customRoleId" : "0f65cbce-64cb-4a37-a0eb-5f2c82acf8ac",
"resourceActionId" : "f1cd1b7d-d014-4c4e-90db-da888b1d3bdd",
"createdBy" : "fee99149-8f46-422e-b71b-a682267c29a6",
"createdAt" : "2021-11-10T15:57:26.024469Z",
"updatedAt" : "2021-11-10T15:57:26.024469Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "7924e21a-6972-485b-ba7a-36214681cd0b",
"resourceTypeId" : "33e0efd8-fa1d-438b-9b26-57c01955c799"
} ],
"_title" : "Test Action Test Type on/under Test Type 7924e21a-6972-485b-ba7a-36214681cd0b"
}Delete Custom Role Action
DELETE /custom-role-actions/{id}
Authorization
This endpoint requires delete action on the custom-role-action resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions/a8d8249d-49e8-4db5-bbec-860a30fa747b' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJ5QnZ4WUs2TG5SR3NzakdmR3FyOXlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImU3YWNkNTAxLTkyYjYtNGM2NC05ZmJhLTAxMWE5ZDVkYTk3YSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NiwiZXhwIjoxNjM2NTYzNDQ2LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMDVjODEzYjgtOWY4Zi00NjI3LWI3YjctMTQ3ZjZiZjg4MDg1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ2fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.JKXTTArsA1d0mE_nzOyrWCYcMq2LmrB3B0jGuWyLHFBn6UUfenW7aIi0e5vy0ruKcxqA4ToZ6bVcADYFvga3NtGA_FQtxWQcSfecBvW0idcbflIYUF3fS8fvRji4vhul83fIt5efAU83gz7DH6HJaXX8yWSNAGdbjPmVkZpyAk6EzcMxUS8zKjrGwOeXq23mXvb0J-_PnUgkX2mi0rLM5vtzdzbVEgu2_5Gv81LjBOXuPukKR9ip8O8sOQ-UFaCkK22QnvaxdGr193UEql-YaVCNzf9yXRY7XnlI-88-noMXYqW-lWBxEg0VHjn2Eg72Yw42I4QSe3OhkcWJkVO63Q'Example response
HTTP/1.1 200 OKCustom Roles Grants
Find Custom Role Grants
GET /custom-role-grants
Returns a set of {@link CustomRoleGrant}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read action on the custom-role-grant resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
customRoleId |
Object |
true |
Filters results to grants to one of the specified {@link CustomRole}s. |
customRoleIds |
Object |
true |
Deprecated.. |
identityId |
Object |
true |
Filters results to those granted to one of the specified identity ids. |
identityIds |
Object |
true |
Deprecated.. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].identityId |
String |
false |
|
[].customRoleId |
String |
false |
|
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link CustomRoleGrant} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link CustomRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was deleted. This will be null for an {@link CustomRoleGrant} that has not been deleted. If this property is not null, then the {@link CustomRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJCSGJQdS1BcEIzbkFtTm50SmsyV1l3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjQzMWE1OGRkLTE3ZWMtNDZlNy04YTEyLTQ2YTNiOGEzZjUxZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MiwiZXhwIjoxNjM2NTYzNDQyLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOGJhMjBmNTEtOTgwMi00NDQwLWIzZjMtNjVlMzg5NWRhYjM4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQyfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.SiNPoTJRXOineUc7Rn8WlXHm12e59NQ3PuAD-O4VFHQEbhlmnOKD5M6Oolhn7r_pAZTXG2PtsDHy2t4mCFs773gtNRPXTS6k9oM1yRoQjB3vOcMHm56lM_PJ9RvgTxlhqWtQ0PRBIs90wGel_t8_JpbSCOGNLxkeIcOfuvYCjOWC4vGRk4h9wkiJCnXdY7GoKpugJmz1JZVHAJJ6s2gk2QkYHRMGSLnNMNGNCiwNmT88UF5HxxLCQWcPXlsf_FavnAfr20nDQL-6P46xpgMDrqFKuE7Z6M6eZGjGZtFT1SUF-LgMZu0uHr8iFESt8QIEAccKei-DsgEC2Tp4L68FCg'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1415
[ {
"id" : "4f9472c7-dbea-43d7-8b7d-f325ce2f181a",
"identityId" : "a17fffad-b448-4fc0-8e16-60baadc1d5ee",
"customRoleId" : "233ae92e-4b5d-4cab-9549-5d55fd1cbf6c",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.118875Z",
"updatedAt" : "2021-11-10T15:57:08.118875Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read-Only, ALL Auth Domain Resources to identity a17fffad-b448-4fc0-8e16-60baadc1d5ee"
}, {
"id" : "7a74ecfc-f578-4bfb-8ad4-15e8257f8283",
"identityId" : "373cef0b-d1d8-460a-9aaa-373a63556a5f",
"customRoleId" : "233ae92e-4b5d-4cab-9549-5d55fd1cbf6c",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:09.080529Z",
"updatedAt" : "2021-11-10T15:57:09.080529Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read-Only, ALL Auth Domain Resources to identity 373cef0b-d1d8-460a-9aaa-373a63556a5f"
}, {
"id" : "ad286179-03fa-4005-a045-aec9d5613fee",
"identityId" : "fa06a740-21f8-480a-9e7a-1f759b506e0b",
"customRoleId" : "233ae92e-4b5d-4cab-9549-5d55fd1cbf6c",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:09.243907Z",
"updatedAt" : "2021-11-10T15:57:09.243907Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read-Only, ALL Auth Domain Resources to identity fa06a740-21f8-480a-9e7a-1f759b506e0b"
} ]Get Custom Role Grant
GET /custom-role-grants/{id}
Authorization
This endpoint requires read action on the custom-role-grant resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
|
customRoleId |
String |
false |
|
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link CustomRoleGrant} was created. |
updatedAt |
String |
false |
The date-time at which this {@link CustomRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was deleted. This will be null for an {@link CustomRoleGrant} that has not been deleted. If this property is not null, then the {@link CustomRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants/9bcdc898-6f21-454b-a04d-a16dd43d0cd5' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJ3dWItLTloTURkYXZrRnZ2b0djNThnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImVjZGE3NmIxLTU1NWQtNGY0MS1iNmFjLWVmYzcxMWNiNWYwYSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MSwiZXhwIjoxNjM2NTYzNDQxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYjYyZGE1MWUtNjRkOC00YjBkLTk3OTgtOTliYjM1OTVlYzM0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.RbIKOO-iFRo5KjGNmdtPWK8ti-B0oCOi8hVGOfrkt7DmjLiDraQD4BiYg78-Kdw2KYHCz_pdc3gShM1JvFC6TjC0UgaH_34kQ5MWW-ef7mbQMtcDbxnHRyfxm5EesUtrRFYR_bmrhP5E5BKuAvcy8tNqBaF5bjP1wX8SzLKLuEqTKPxtoVNRsUdt5OX4ceQlGbzzRbyqUQkEeZNEu3KrZ4n1lzlulkQ3U6hs199xaEBgLecQODgkOTcJV-5DBCHSjfRNq8JVWpcNDvH-E8nDSFc7hnS-JcBe6vXwGdkD2Yc5EOax69SLJT47ED8THc0dojw_52XldvhbTL7UXzuMPA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 451
{
"id" : "9bcdc898-6f21-454b-a04d-a16dd43d0cd5",
"identityId" : "7e23584d-0202-4f10-8882-fde83b720545",
"customRoleId" : "6420c3ef-8a44-43ac-8411-23983ba2efdd",
"createdBy" : "749bab24-4ad1-4c1d-bb87-c75ca914513f",
"createdAt" : "2021-11-10T15:57:21.743486Z",
"updatedAt" : "2021-11-10T15:57:21.743486Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Custom Role 7 to identity 7e23584d-0202-4f10-8882-fde83b720545"
}Create Custom Role Grant
POST /custom-role-grants
Authorization
This endpoint requires the following actions:
-
createaction on thecustom-role-grantresource type -
readaction on thecustom-roleresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
customRoleId |
String |
false |
Client must have |
identityId |
String |
false |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
|
customRoleId |
String |
false |
|
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link CustomRoleGrant} was created. |
updatedAt |
String |
false |
The date-time at which this {@link CustomRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was deleted. This will be null for an {@link CustomRoleGrant} that has not been deleted. If this property is not null, then the {@link CustomRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJjUVVINFgtT1NIaW0zNmxrUldyelpRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjRhNTdlMDBiLTJhNjAtNGQ1OS05NWNiLWUxOTAwN2EyZTMzYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MSwiZXhwIjoxNjM2NTYzNDQxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjE1YjM5YzAtNDgxNS00OTUwLWE4ZTQtNWI0NmNmZDhlZjJhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQxfSx7XCJpZFwiOlwiNTYzN2VkNTMtYjQxZC00YmZkLWI3MzAtZmQ3YmM3YTZmYTQ1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.m55m4gJXrRVX_Qdq4ouHzcaJ3yuqVLkAZ0-n9YidR48OVoCO3knl28f5zp7NCGMMeo1ppYILzLFfjCuFqlh2h1peFYfMiEK1R-ATpJRzTdiJpKJ8fQ9ciLdad8d61BHpiT7qACHJ69RhhxwI7cPKIoR-oDlkKDT9FEJW8TNNGyLVEsJNdGGmFoM_HcF5J1thrZzW1QCq7tyKOljtO1BRxNJ0harx3I2uNRpDP5PwY-k4ui4ZcubnnXsUin_dq4MUpQvXu6Mx8Z53II2Ae1-LokTVIHcBiQU5UAvJtFeV45LW-9TxapOivgCFkg59V9PVApJlB_mNF86xqQuvnbByow' \
-d '{"customRoleId":"43c2ec8b-262e-46bb-a861-8009a6b3304b","identityId":"145d85fb-cf66-4a58-ba44-b041a7ccb980"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 451
{
"id" : "a656f147-bba9-4f0a-8a95-ab5ffcf04da6",
"identityId" : "145d85fb-cf66-4a58-ba44-b041a7ccb980",
"customRoleId" : "43c2ec8b-262e-46bb-a861-8009a6b3304b",
"createdBy" : "4a57e00b-2a60-4d59-95cb-e19007a2e33c",
"createdAt" : "2021-11-10T15:57:22.013574Z",
"updatedAt" : "2021-11-10T15:57:22.013574Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Custom Role 9 to identity 145d85fb-cf66-4a58-ba44-b041a7ccb980"
}Delete Custom Role Grant
DELETE /custom-role-grants/{id}
Authorization
This endpoint requires delete action on the custom-role-grant resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants/e5865833-b17d-43cc-bcef-b9c0323594d3' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJhZzR0T0w3Qm9LNnpRbFdYTmhFLTdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM0ODMxMjY2LTI1N2QtNDc3Yy05NTYxLTcxMTQ1MmNiNTFiNCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MSwiZXhwIjoxNjM2NTYzNDQxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNGM1MTIxYzEtYzI0NC00YzM1LTgxNjUtZTFmNmU4YzQ5M2VhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.grrSMdtO1LimgZJTglC9UX4QdYU00nbcfX0EpRapnKKt1kdXozIriibqY5puTX7Ptc6AFX_HfJWciO2HXTSmRD524IKclcuFs8N5ER80wFLC8kca6ic0NNbAbrZI27I1YNr7zYgR-Iws0yD2bbW_6RaxpiB19lIThn6oNj1DUumkJ4fXAgGYXdb85mTPRBfCxntr6f8jRhC0drN7izeU4oxpHvdNpC5j-i2ow2MI-gt8nP_l_ymHH3aiTTGz9k8sY8KivzuiPLrBrSzMygEZ71XDu5BvFsEgJJG0b0EQ52fcfaI1R00rQvyGd_r0iOBiA-TqFxhNuiNAKJUYz3K1Ug'Example response
HTTP/1.1 200 OKStandard Roles
Find Standard Roles
GET /standard-roles
Returns a set of {@link StandardRole}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read action on the standard-role resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
standardRoleTypeId |
Object |
true |
Filters results to those that are of one of the specified {@link StandardRoleType}s. |
identityId |
Object |
true |
Filters results to those which have been granted to one of the specified identities. |
resourceId |
Object |
true |
Filters results to those that specifically target one of the specified resources. |
path |
Object |
true |
Filters results to those that target any resource along the specified path. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].standardRoleTypeId |
String |
false |
The 'type' of this {@link StandardRole}. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link StandardRole} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link StandardRole} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link StandardRole} was deleted. This will be null for an {@link StandardRole} that has not been deleted. If this property is not null, then the {@link StandardRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link StandardRole} targets. For example, if this {@link StandardRole} is "ACME Corporation Account Manager" then this property defines the (id) path of/to the "ACME Corporation" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to this {@link StandardRole#standardRoleType}'s resource type. Both must target the same {@link ResourceType}. |
[].path[].resourceId |
String |
false |
|
[].path[].resourceTypeId |
String |
true |
|
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJleUVDOHRzR3l3Vm4xb2xkNjVtQVJ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjJmNGRkNGNiLTQ3YTctNDA3OC1iZjQ3LTVjNDkxMDE1MTQ5OSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NywiZXhwIjoxNjM2NTYzNDQ3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImJkODgyMGUyLWEwMzItNDRkMy1hMDc0LTEyZDgzOTQzMWRiMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N30se1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImEzOTQwMTBiLTI3ZTItNGFmMy1iZThlLTlmYjMwNmRhMmJjMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYmZhMjEzMzYtZjZjZi00NjdmLTlkYzgtY2MxZmI4ZTgxZDRmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.TJiNAgZdzKxrJd3IEfF4v13p5ov74BmlMQd6609xR5OX8VcV_cU6AWRaHKfBOxKrtBkwDvsoI_PU8WnbN6ScQdMiFrmLCggu2OPi_2BrTkwlQ4j2n_WG8NZq3NJvSYTwV6wG_IOYOJjF3rTz-NungCEXqEt3g1sUqgqTtWSfSrEAspMO4DdjLZUBBzqGvtjL19Gu6WCqmbJo4P1StT_tSLgVCmsDLE7C-_2wshZpBYk-aQHxiQazzVslxMWTRwjvs1k8et_oSK9dMu8gHXK-ew_Bv_M7t3fEtq141quZcuUDJM-ZTzUNDO8pUmgd0MAgN6AE_UUNQYzxCAYMqiP-gg'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1793
[ {
"id" : "a9b14f47-a798-4eee-b20c-1dc63f353f4d",
"standardRoleTypeId" : "0900b919-e614-42e2-bc6a-4be5bb091dd9",
"createdBy" : "741d3d54-abc4-4785-93e4-3aaecd4fc44e",
"createdAt" : "2021-11-10T15:57:27.753814Z",
"updatedAt" : "2021-11-10T15:57:27.753814Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "41392ea2-8aae-4da2-9b53-b0d46666ec11",
"resourceTypeId" : "21af72a1-586c-4914-833f-a057d94a6318"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Test Type 53 Admin - 41392ea2-8aae-4da2-9b53-b0d46666ec11"
}, {
"id" : "73b203c9-1e2f-4789-9d70-b3524e7a0bf2",
"standardRoleTypeId" : "ceec36a8-48bf-4870-ba18-ac4681dd2f77",
"createdBy" : "689fe444-1853-4632-8097-9a3892793ddc",
"createdAt" : "2021-11-10T15:57:27.900582Z",
"updatedAt" : "2021-11-10T15:57:27.900582Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "388861e8-adf5-4c36-8afe-92af502a4af8",
"resourceTypeId" : "9b7d35ad-d009-4367-9489-9b1698f30c64"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Test Type 55 Admin - 388861e8-adf5-4c36-8afe-92af502a4af8"
}, {
"id" : "b63965a2-5695-4a61-af81-1b20cec09868",
"standardRoleTypeId" : "06a31568-34a5-4af4-968a-666c62b02d52",
"createdBy" : "9cb46578-7b5c-4f20-827f-c685a617a661",
"createdAt" : "2021-11-10T15:57:27.653160Z",
"updatedAt" : "2021-11-10T15:57:27.653160Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "71c8a103-e2a5-4afa-9777-5a6f890369d3",
"resourceTypeId" : "9e7fc449-5303-48c7-ba23-79acfe9b567c"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Test Type 51 Admin - 71c8a103-e2a5-4afa-9777-5a6f890369d3"
} ]Get Standard Role
GET /standard-roles/{id}
Authorization
This endpoint requires read action on the standard-role resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
standardRoleTypeId |
String |
false |
The 'type' of this {@link StandardRole}. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link StandardRole} was created. |
updatedAt |
String |
false |
The date-time at which this {@link StandardRole} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link StandardRole} was deleted. This will be null for an {@link StandardRole} that has not been deleted. If this property is not null, then the {@link StandardRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link StandardRole} targets. For example, if this {@link StandardRole} is "ACME Corporation Account Manager" then this property defines the (id) path of/to the "ACME Corporation" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to this {@link StandardRole#standardRoleType}'s resource type. Both must target the same {@link ResourceType}. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles/a9b14f47-a798-4eee-b20c-1dc63f353f4d' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJ3X3ZrTXAydjlOM2VzMnJNX2Z4RjJ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImU3ZDFjNzU2LTZlNWQtNDI4MC05M2E0LTc4NzJiOTQ2MzYyZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NywiZXhwIjoxNjM2NTYzNDQ3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImJkODgyMGUyLWEwMzItNDRkMy1hMDc0LTEyZDgzOTQzMWRiMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N30se1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImEzOTQwMTBiLTI3ZTItNGFmMy1iZThlLTlmYjMwNmRhMmJjMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiODQxZjNiOGMtMzI1YS00Y2RmLTk3OWQtY2UyMmZlZjU2NzVlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.hbLzb8_vF-JJX8h64LmSuMhAmnb-DrWLl1-xlO6aa61oGTvI7qSFGC1Pzi_ofDpp5ctcHKTkueKjoUqLbKJqxqxSELXGncGn-fJElz6hlRROXh3eV0M6yaBcphAv8tFIge6PCgwcZvs3-mHIcFlplhz1c1HhPHpt7CTAxHLFgr0_GhbqELn68RakkodvC0Dw7-q7Mayn3b_tmGDkJUfgG_VJ7TWKOlBUqijo4cvzm1_Vok-wme-ZnkE2U8q7rYno_w5WiFb6lu2AFvW4jHjmRlTeojKqJL4V-Kw0Wh5dW5_CVj8xrBu0Ro88cdtwGCouMfwQyDvTglUc6tDz3gBP3Q'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 595
{
"id" : "a9b14f47-a798-4eee-b20c-1dc63f353f4d",
"standardRoleTypeId" : "0900b919-e614-42e2-bc6a-4be5bb091dd9",
"createdBy" : "741d3d54-abc4-4785-93e4-3aaecd4fc44e",
"createdAt" : "2021-11-10T15:57:27.753814Z",
"updatedAt" : "2021-11-10T15:57:27.753814Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "41392ea2-8aae-4da2-9b53-b0d46666ec11",
"resourceTypeId" : "21af72a1-586c-4914-833f-a057d94a6318"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Test Type 53 Admin - 41392ea2-8aae-4da2-9b53-b0d46666ec11"
}Create Standard Role
POST /standard-roles
Authorization
This endpoint requires the following actions:
-
createaction on thestandard-roleresource type -
readaction on thestandard-role-typeresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
standardRoleTypeId |
String |
false |
Client must have |
path |
Array[Object] |
false |
|
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
standardRoleTypeId |
String |
false |
The 'type' of this {@link StandardRole}. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link StandardRole} was created. |
updatedAt |
String |
false |
The date-time at which this {@link StandardRole} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link StandardRole} was deleted. This will be null for an {@link StandardRole} that has not been deleted. If this property is not null, then the {@link StandardRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link StandardRole} targets. For example, if this {@link StandardRole} is "ACME Corporation Account Manager" then this property defines the (id) path of/to the "ACME Corporation" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to this {@link StandardRole#standardRoleType}'s resource type. Both must target the same {@link ResourceType}. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJtc3ZRQjd6Wk1ONk9KeXpBb1JNbDF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjY4OWZlNDQ0LTE4NTMtNDYzMi04MDk3LTlhMzg5Mjc5M2RkYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NywiZXhwIjoxNjM2NTYzNDQ3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImJkODgyMGUyLWEwMzItNDRkMy1hMDc0LTEyZDgzOTQzMWRiMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N30se1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImEzOTQwMTBiLTI3ZTItNGFmMy1iZThlLTlmYjMwNmRhMmJjMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMzY4NTdhZDUtYzQwZS00OGJkLWJjZWUtZmM1NWRlYTIyYjA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiZTFjY2RkYTItYWI0Ni00ZmQ3LTkzZWQtMzYwODczNDg0ZTYzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.IWNf6UQ6UGZgZMTzEM934sTKw_fKY3eb4uIhxkB-3NOQfye3lgU87bv9VshLREzF-qrH_rBagXwHEaKAUjOJ0Nxf1aof7sn62ROoZ5tVR3fb37sWACOYvXhA79Y3eFsxiT4z9e36Si9SS8R4CB6OX6OtswKsANHyUsLSlyDndpz_T9XEIiNltXUZqzthlC5Lgl0158QUbH7e-K0qXyKvGF23eQfmTd0P-0yiGzA3u9uE0LgsmuK8jEVPsrcUvWA71i1IREGJyVpwyf2JZa9opxz1BOR26Xo6pPAxt6QXuJQtNIkmbZnnkEqk10FFQ6bS99j8rNM1E8VzjpMQvw5bIw' \
-d '{"standardRoleTypeId":"ceec36a8-48bf-4870-ba18-ac4681dd2f77","path":[{"resourceId":"388861e8-adf5-4c36-8afe-92af502a4af8","resourceTypeId":"9b7d35ad-d009-4367-9489-9b1698f30c64"}]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 595
{
"id" : "73b203c9-1e2f-4789-9d70-b3524e7a0bf2",
"standardRoleTypeId" : "ceec36a8-48bf-4870-ba18-ac4681dd2f77",
"createdBy" : "689fe444-1853-4632-8097-9a3892793ddc",
"createdAt" : "2021-11-10T15:57:27.900582Z",
"updatedAt" : "2021-11-10T15:57:27.900582Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "388861e8-adf5-4c36-8afe-92af502a4af8",
"resourceTypeId" : "9b7d35ad-d009-4367-9489-9b1698f30c64"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Test Type 55 Admin - 388861e8-adf5-4c36-8afe-92af502a4af8"
}Delete Standard Role
DELETE /standard-roles/{id}
Authorization
This endpoint requires delete action on the standard-role resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles/2f3d4acf-ce23-4304-954d-12d42c54c778' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJHU3BqaHdRQmhZcnh0cU1ZeG5TYWxRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImRiZTJkODAzLTFmNDktNGJjZS1iNDE5LWI1MTNkZTdlZDhmYiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0OCwiZXhwIjoxNjM2NTYzNDQ4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImJkODgyMGUyLWEwMzItNDRkMy1hMDc0LTEyZDgzOTQzMWRiMFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N30se1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImEzOTQwMTBiLTI3ZTItNGFmMy1iZThlLTlmYjMwNmRhMmJjMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNDhmMDkxM2QtZTk1OS00YzdmLWI2NWYtNjM1ZmE0MGQwYTgzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.GJtDDMtt4T9g6z51fR0oOmExu7KKVBbuMTePVWWgXf9Lvx0RSJ4U0WdkQbReT7FSgjIC2zBFvuW4HCYit7MHKh-OjUqiY-jCuNWjl81Lil0PaHRdBfRpeO_q0WFLqfzRshSnP0CnmF3D36bmJAPsj7S6OaRuCtFBau2uNORrYP0PZcry8MgrDqyUHNogypZnatR47S-daFBOITuqSxmNTCRmU9HqltWWAJSUxr2jKZqwt64esbc9MXrE0-Z6BkryJRIG-6_ZHIGoJjCQ9xhJ1MbJ9lQnd2QKeo-upqk4TYv85-jMWjROuk44P5YKgA9YOIiSfTISa4KwjLvy02Jj4w'Example response
HTTP/1.1 200 OKStandard Roles Grants
Find Standard Role Grants
GET /standard-role-grants
Returns a set of {@link StandardRoleGrant}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read action on the standard-role-grant resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
standardRoleId |
Object |
true |
Filters results to grants to one of the specified {@link StandardRole}s. |
standardRoleIds |
Object |
true |
Deprecated.. |
identityId |
Object |
true |
Filters results to those granted to one of the specified identity ids. |
identityIds |
Object |
true |
Deprecated.. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].identityId |
String |
false |
|
[].standardRoleId |
String |
false |
|
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link StandardRoleGrant} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link StandardRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was deleted. This will be null for an {@link StandardRoleGrant} that has not been deleted. If this property is not null, then the {@link StandardRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJ6SWlyd0t3UXNHS2JrSFFUZW5OYXBBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjBjZTJlMjc0LWVlZTEtNDM5Yy1hNzkxLTY4MDg0NmM5MWU4OSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NCwiZXhwIjoxNjM2NTYzNDQ0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjAxMmZhZTUtZWU5Yi00MTA1LThiZWItOWU3ZTk3NDYyYmU1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.j43-2q6tsI74tJWzZk33H-XeXBxsDccUocj-GGJ202sG3QL0syyYdJ21WHbpX7wY713Rw3O9xRU6jgmGuTmY_bhkdylI219UUW_GyEQ8whEpJVo9EjOTxjLUNYVuvwSk-TSrEEZl0u2hN_h_L7ACnwB3hIQhZ6_sRaPDh8o6gItj3fLm2xBS1pfKTqwxGLke3M8UiaJ6AuCGRdPapZJqJ3vKZVqDu2zB6_2jVutZOqpAby1RB3ENM-iravh_gX6lZhs3aoPWbxHiJHMFTzz3AIzkA8ibMrdYDXc2xM6QWqC7a_tWx1ZMvb8Pvmin02iyQujvYTEzGW981yl8Ngbj_A'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 496
[ {
"id" : "64d67fca-2494-4b32-8127-4bb0e7d8a4de",
"identityId" : "934e967c-ea9f-4e4c-b602-138afc409905",
"standardRoleId" : "c64ae0d0-65c7-419d-a854-937d286cc01f",
"createdBy" : "26767c6f-fa47-440f-b1f8-805992578835",
"createdAt" : "2021-11-10T15:57:24.171600Z",
"updatedAt" : "2021-11-10T15:57:24.171600Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Type 18 Admin - 5197110f-64f8-42e0-aaf2-6c328dfa3ae5 to identity 934e967c-ea9f-4e4c-b602-138afc409905"
} ]Get Standard Role Grant
GET /standard-role-grants/{id}
Authorization
This endpoint requires read action on the standard-role-grant resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
|
standardRoleId |
String |
false |
|
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link StandardRoleGrant} was created. |
updatedAt |
String |
false |
The date-time at which this {@link StandardRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was deleted. This will be null for an {@link StandardRoleGrant} that has not been deleted. If this property is not null, then the {@link StandardRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants/9521cf9c-7847-489c-9853-7208160b7808' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiIyQUFsaHhRLWxSMTV5MkFnMG9XNTVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjM2YTVkZmNlLWJlNDQtNGY2ZS1iYTk1LWJiOTRhOWVkNThlZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NCwiZXhwIjoxNjM2NTYzNDQ0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjExMDViZjQtZDE5Yi00ZGNiLWE3OWYtZmQxY2RhMjE2MmE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Y-Dwpmqk7mfOAenT4MvouztIcP8ivg0Oi06s3UHlc_TCEpgvbrAMO19u5ykp27vGJ4OUvAKq06grkY576STGjrJHc5M1XPP39EOYumjasva_hjVx5cqsxUUQUdKZe4VIWn3Fau7duz3eExRI-NWYMhhQv_mkX3563zlRGnh_5MZyWnrAY_tyYvgyjbQ7V2lRfFt-pIwAev_EP0kgKUf67NvnewNsyv5Jwb0By7SiEn6nVSoVI_8Svq3vox70RbXS01naILB-tKHbJXr_OJu1gf_nAblAJiUl0s3jChY_BdqyLWiiXgaxnAGxMOXTEPs3yCaQMm-_52MxX2hXELh11Q'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 492
{
"id" : "9521cf9c-7847-489c-9853-7208160b7808",
"identityId" : "8dc28280-ad11-48f8-8549-aad58fac5b03",
"standardRoleId" : "6456b0c0-9bec-45ee-adcb-bd7a5fbf2f55",
"createdBy" : "57938899-1a30-4024-851f-4b1bba6d7c35",
"createdAt" : "2021-11-10T15:57:24.344445Z",
"updatedAt" : "2021-11-10T15:57:24.344445Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Type 20 Admin - f75e2bc4-7b40-4d37-bd05-18a84d6a07bf to identity 8dc28280-ad11-48f8-8549-aad58fac5b03"
}Create Standard Role Grant
POST /standard-role-grants
Authorization
This endpoint requires the following actions:
-
createaction on thestandard-role-grantresource type -
readaction on thestandard-roleresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
standardRoleId |
String |
false |
Client must have |
identityId |
String |
false |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
|
standardRoleId |
String |
false |
|
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link StandardRoleGrant} was created. |
updatedAt |
String |
false |
The date-time at which this {@link StandardRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was deleted. This will be null for an {@link StandardRoleGrant} that has not been deleted. If this property is not null, then the {@link StandardRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJkWnA4c1B0ZjY0SVpPWHAwVFJIaVdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjI2NzY3YzZmLWZhNDctNDQwZi1iMWY4LTgwNTk5MjU3ODgzNSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NCwiZXhwIjoxNjM2NTYzNDQ0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiODEwZjJhMGYtZDY1ZS00MWQyLTliNWMtNGM4NzNiOGFhZmJkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ0fSx7XCJpZFwiOlwiZTYxNTJhNWMtNDA2Ni00YTllLTg2MGMtNmU2ZjJiNGQ2NTliXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.b1fv4oiZYUlIMQsPCYO4vx2dM8eVw_05wEzF6dFTEn0faW_8qvDdjO0KqMtJfWZD6Cw4yo3fqGkE_YXx07aVlub73dLFx0gDCHwfTladMH5GHuppycqWmHhMeYM6mQ3WLttIkV6RmlXQRFJW8d27eiUQVmRqCxgj3i7VR2FL-OxFPcdbXq2rhxKTcTYdbkJpacpziej5KMQyNzW2UK21p6wRj4OioFQLNa2t3kf7-oHrOdi_ZiMBqdG0VwdkA7Xx3jXLAM51RJ41g7hcT5UEABW4JO0QWsR4EjF47fyKLvJUgnW-AYSnos1sKZJNguFj1-GAHn2jKc3FLpAxupSyhA' \
-d '{"standardRoleId":"c64ae0d0-65c7-419d-a854-937d286cc01f","identityId":"934e967c-ea9f-4e4c-b602-138afc409905"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 492
{
"id" : "64d67fca-2494-4b32-8127-4bb0e7d8a4de",
"identityId" : "934e967c-ea9f-4e4c-b602-138afc409905",
"standardRoleId" : "c64ae0d0-65c7-419d-a854-937d286cc01f",
"createdBy" : "26767c6f-fa47-440f-b1f8-805992578835",
"createdAt" : "2021-11-10T15:57:24.171600Z",
"updatedAt" : "2021-11-10T15:57:24.171600Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Type 18 Admin - 5197110f-64f8-42e0-aaf2-6c328dfa3ae5 to identity 934e967c-ea9f-4e4c-b602-138afc409905"
}Delete Standard Role Grant
DELETE /standard-role-grants/{id}
Authorization
This endpoint requires delete action on the standard-role-grant resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants/23421ca2-7294-41a6-8999-3dcebf50a93f' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiI0Q3Y0TmhDdWJ6MWRBcUd4a3BUTG5nIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImVmNWQ0YTE0LTcwOWQtNDBlMi05MDhhLTU5YWI4N2Y5NDgwZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NCwiZXhwIjoxNjM2NTYzNDQ0LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMTA2ZTk2ZjEtODllZS00MWU2LWFlMjktOGZmZmRkNWI1NWNjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ0fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.ivTy6bHc07gkza53UlWwlyaEeqzlzfWhDhmWEqs9RgMopMZxJalVoIG-h4yO0b4dkQ9EdQbwMWaf9mRG2KrslSJeClsPwMXNUYBSRkCJ3mG-gapayPc5v5QJraJNZy2LYqsED8Yrj7OsyhqVUSPXU-v-F08-fwMnqC1-2cKKM62GfScx0I2VBXk9NvkXkI6x9K-CEoD28zEWrHb08W0Fj99lqQR5jnX9RORoFrOq9mZq_Jxwx-f-Zb3WR0GXBHZdKb53CM77Uv7YpvIXJbq9p82YbZl4gMRCONbORHmt8NTsd-8bRqvWUxzca2tqydNLzNpm79w1IYAmixEWZg3Nvg'Example response
HTTP/1.1 200 OKStandard Role Types
Find Standard Role Types
GET /standard-role-types
Returns a set of {@link StandardRoleType}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read action on the standard-role-type resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
resourceTypeId |
Object |
true |
Filters results to those that target one of the specified {@link ResourceType}s. |
resourceTypeIds |
Object |
true |
Deprecated.. |
authorizationStrategyName |
Object |
true |
Filters results to those that are of one of the specified strategies. |
authorizationStrategyNames |
Object |
true |
Deprecated.. |
includedByStandardRoleTypeId |
Object |
true |
Filters results to those whose actions are fully included by the specified {@link StandardRoleType}. In other words, all returned {@link StandardRoleType}s are logical sub-sets of the {@link StandardRoleType} specified by this query parameter. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].resourceTypeId |
String |
false |
|
[].authorizationStrategyName |
String |
false |
Size must be between 1 and 64 inclusive. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link StandardRoleType} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link StandardRoleType} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-types' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJSU2xhNnY5aVl6dFpPRUJHNXVGdHNRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImJkNDAwZDdjLTdmOTgtNGI3NC1hOTY5LTNmOGYzZmQ3NGQyOSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NSwiZXhwIjoxNjM2NTYzNDQ1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZDQ2Mzk3ZTMtYjU2OC00YjkxLTg1NTUtZjBiMGVkZWRhMGU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.fKUKF7jjCw4FWPLOkTBFeUPH2fgQUIakZztlpEcHkCPi_zIpMn-cFR8L8rsavqCwn2rKUbLNlYK3U0Pr0bJF4tNG4z6LBg859BlWHE8_B-FMLShBE_sqkqt08ImQTC-M1T94tfK772RmZ4Fzfk3YAe_25hFNvcedlvz-aaFB-L-oDW2NVqX9CUioTxUEpItzn-aUKajSEWs1OHQxH8Bgka24SOaEEIM8zvwPOc8m6iCWPor5J71V_mDw_68iR-6L7VxMAqaWFUjUyVg-RGSZA3XtcxKeOlLJTRhgvutqEH1uUnNwi5CA16JSyxhK8ogZegyWNYzfRb5VlfoWRaY-wA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1022
[ {
"id" : "1b227d28-b130-43fa-aa04-d92a75da1496",
"resourceTypeId" : "e8a21ffa-1660-4279-aeb8-d8632cefa002",
"authorizationStrategyName" : "Admin",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.177515Z",
"updatedAt" : "2021-11-10T15:57:08.177515Z",
"_title" : "Standard Role Admin"
}, {
"id" : "883dfe96-80a1-49db-8af4-5c025e3ff90c",
"resourceTypeId" : "3e372278-946f-4a8f-8b37-75772c1733f2",
"authorizationStrategyName" : "Admin",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.177515Z",
"updatedAt" : "2021-11-10T15:57:08.177515Z",
"_title" : "Custom Role Admin"
}, {
"id" : "2b7abdeb-9201-405d-a856-bb9f876e3982",
"resourceTypeId" : "60e48627-984c-4bf3-83bb-a167be96a747",
"authorizationStrategyName" : "Admin",
"createdBy" : "bd52baef-82f7-4d49-8a63-d9141bf447ee",
"createdAt" : "2021-11-10T15:57:24.337854Z",
"updatedAt" : "2021-11-10T15:57:24.337854Z",
"_title" : "Test Type 20 Admin"
} ]Get Standard Role Type
GET /standard-role-types/{id}
Authorization
This endpoint requires read action on the standard-role-type resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
resourceTypeId |
String |
false |
|
authorizationStrategyName |
String |
false |
Size must be between 1 and 64 inclusive. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link StandardRoleType} was created. |
updatedAt |
String |
false |
The date-time at which this {@link StandardRoleType} was updated. The only supported 'update' on this bean is to mark it as deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-types/d9132239-4d6f-4799-be2a-3a1534ef916e' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJSbFJZbUhjdTBjTnV4eHNYcnBocjVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImRhODhjYjE5LTA4OTMtNDYyZS1hY2ExLThjZDBjNTM2OTY4MiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NSwiZXhwIjoxNjM2NTYzNDQ1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNWExNjExNWItZmIwZS00ZWEyLTk0NzctNmNiNzNkMTc4ZDk1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.qhKOG20e8pooopOegKYV2Pp9FcauCkVJS4YPGbMzzCyaCSzYO1c0bafg0qVJOArapL4e6JbIetKvDNsHVRQ2BHY1P63CONSEMm5b3nkd7hrSFMQ0Zx6g9UO5f30cngomIzvHcAk8_MtUbrO_A12s1KoyPTEW7wWcIMqtO8LjEjrOWj_20gTgwlVetXWFLbNjxHVdzabsq956U-sdnfaaocy1vO_UYc80N7qoqzJI1RkrDpG46FkUyRVHi_0uJHRziBzmxvOz1j4_lLDZjpqZByxians6uhOxlb8TbyHikAU9LlwN9HLUzdgXQbTmZuqhBl0qsC6sih6klcGVtzMj2A'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 338
{
"id" : "d9132239-4d6f-4799-be2a-3a1534ef916e",
"resourceTypeId" : "09a55a58-27f2-478d-a114-94bca7e0f79a",
"authorizationStrategyName" : "Admin",
"createdBy" : "fa0f0292-adc0-4a83-8962-882779372ac4",
"createdAt" : "2021-11-10T15:57:25.367221Z",
"updatedAt" : "2021-11-10T15:57:25.367221Z",
"_title" : "Test Type 24 Admin"
}Create Standard Role Type
POST /standard-role-types
Authorization
This endpoint requires the following actions:
-
createaction on thestandard-role-typeresource type -
readaction on theresource-typeresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
resourceTypeId |
String |
false |
Client must have |
authorizationStrategy |
String |
false |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
resourceTypeId |
String |
false |
|
authorizationStrategyName |
String |
false |
Size must be between 1 and 64 inclusive. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link StandardRoleType} was created. |
updatedAt |
String |
false |
The date-time at which this {@link StandardRoleType} was updated. The only supported 'update' on this bean is to mark it as deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-types' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJMR2k5TFVETl8tSjg5X080dThrTXFRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjFmMzA0MjMxLWRlYWMtNDAzZC1hYzgxLTk2OTBhZWEwMThmNyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NSwiZXhwIjoxNjM2NTYzNDQ1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYTc4ZmJmZjYtMTJkMi00MjJmLTg1MmItODY1MzNhM2EwZmM5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ1fSx7XCJpZFwiOlwiYWY1MTEwM2MtNDFlYS00NDVmLWE2YjYtNDU1NTVjNjRlMGU4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.dPl6-UCVYbQoFY2mExhcUtHbL3s8Q3edNJZtW1LlYzaaqhwf4BPqFIsV6b8xd34-F7Had-n7dfhqBwO-WxaTk33t-mylUUKC9YqzJzRP5cbSFc-mBxVZU6LmJE7LFD_1DXpC4msvJRmSCyCaA8uAsO0iQzJEgusIXFh7ZjLKapMcaeNt-O_-aIOjRMH2ZgpU-xoRDmNa-52tov5gNKAV0f5IrtNlSB3eeI8qCl9x56D0C3j-kVe9lOpBnuw5z8BNz6pJJcYacz7JGQeW_l7QRIfFuwF2fjH8gVcCmmHnKFg8GB0mxwiC-dFLgR_oPaZjQLJe7Vlu7q8oiZLmBQC-5A' \
-d '{"resourceTypeId":"33e0efd8-fa1d-438b-9b26-57c01955c799","authorizationStrategy":"Admin"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 335
{
"id" : "a3788ffe-7516-4289-be85-9fc83a499e10",
"resourceTypeId" : "33e0efd8-fa1d-438b-9b26-57c01955c799",
"authorizationStrategyName" : "Admin",
"createdBy" : "1f304231-deac-403d-ac81-9690aea018f7",
"createdAt" : "2021-11-10T15:57:25.272136Z",
"updatedAt" : "2021-11-10T15:57:25.272136Z",
"_title" : "Test Type Admin"
}Resource Action Inclusions in Standard Roles
Find Action Inclusions
GET /action-inclusions
Returns a set of {@link ActionInclusion}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read action on the action-inclusion resource type.
Path parameters
No parameters.
Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
resourceActionId |
Object |
true |
Filters results to those that apply to one of the specified {@link ResourceAction}s. |
authorizationStrategyName |
Object |
true |
Filters results to those that apply to one of the specified strategies. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].resourceActionId |
String |
false |
|
[].authorizationStrategyName |
String |
false |
Size must be between 1 and 64 inclusive. |
[].includeWhenAbove |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is above the {@link StandardRoleType}'s {@link ResourceType}. |
[].includeWhenAt |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is the same as the {@link StandardRoleType}'s {@link ResourceType}. |
[].includeWhenBelow |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is below the {@link StandardRoleType}'s {@link ResourceType}. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link ActionInclusion} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link ActionInclusion} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link ActionInclusion} was deleted. This will be null for an {@link ActionInclusion} that has not been deleted. If this property is not null, then the {@link ActionInclusion} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJLcGdiakR1c3ZyVVAzQkhxV19ZTWFRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImRiODVlZTYwLTdiMmQtNGY3MS05YTlkLTBhMzU2ZmNhMjM1YSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NSwiZXhwIjoxNjM2NTYzNDQ1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNzE5Yjc3MmItM2FjNS00MjU1LTk3OTMtOTU4ZjMyODA3OTg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.A9UdjxeMw_vkVUwlFhKwyqCuMReBiDXUOEhIhk0VMC-don1yhjzAuSIPpZkS0V7o1flfvZbII0R6CIZqci5hXiyeVZBkDRq5oZU10HOwNm0vxyvCH7P88WOqhrXqa4RNJrZiNNNVO3ddwqXjolBnOf-FenbFUqGM-UDxPsjjpJmQvv6MqwBAd41HYd6Voo7EGphn-CoiuXIc5b-sIJsLcAqfH9cvvPiDKALo74u4EOGSk66uxo7_o1ca4T0ixLyByL9GiKUD3K8Mjxrvz_lJvrWlWVNeV-c2ylktJr5YQ98IasbmbSIzIcKjLd9WT6o4d7c33QcS6rpVAcON8RMi2A'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1596
[ {
"id" : "562e731e-d7ba-4ed2-839d-2fffc64c9cd8",
"resourceActionId" : "57af8e00-5534-49d3-a03b-69de81d04c80",
"authorizationStrategyName" : "Contributor",
"includeWhenAbove" : true,
"includeWhenAt" : true,
"includeWhenBelow" : true,
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.502432Z",
"updatedAt" : "2021-11-10T15:57:08.502432Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Read Network Configuration Metadata in Contributor Standard Roles"
}, {
"id" : "9762d4ce-d0fc-435e-af8b-a5bdc7ee136c",
"resourceActionId" : "6ceffca3-4b7d-4492-b566-bbed2dfc8e87",
"authorizationStrategyName" : "Read-Only",
"includeWhenAbove" : false,
"includeWhenAt" : true,
"includeWhenBelow" : true,
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:10.046332Z",
"updatedAt" : "2021-11-10T15:57:10.046332Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Read Account in Read-Only Standard Roles"
}, {
"id" : "8b586b36-6da0-4d41-8ac4-423bf8f9fd67",
"resourceActionId" : "1d465137-3534-4f03-b903-035badf9e081",
"authorizationStrategyName" : "Contributor",
"includeWhenAbove" : false,
"includeWhenAt" : false,
"includeWhenBelow" : true,
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2021-11-10T15:57:08.502432Z",
"updatedAt" : "2021-11-10T15:57:08.502432Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Delete NetFlow Collector in Contributor Standard Roles"
} ]Get Action Inclusion
GET /action-inclusions/{id}
Authorization
This endpoint requires read action on the action-inclusion resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
resourceActionId |
String |
false |
|
authorizationStrategyName |
String |
false |
Size must be between 1 and 64 inclusive. |
includeWhenAbove |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is above the {@link StandardRoleType}'s {@link ResourceType}. |
includeWhenAt |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is the same as the {@link StandardRoleType}'s {@link ResourceType}. |
includeWhenBelow |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is below the {@link StandardRoleType}'s {@link ResourceType}. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link ActionInclusion} was created. |
updatedAt |
String |
false |
The date-time at which this {@link ActionInclusion} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link ActionInclusion} was deleted. This will be null for an {@link ActionInclusion} that has not been deleted. If this property is not null, then the {@link ActionInclusion} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions/10ab8060-8d93-4f94-ac2d-41893837db81' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJtT1hVZUpOMGo4QkQxU3JXNTVwZ3h3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImJlOGM4ODY3LTNlMzctNDMzYi04ZTRlLTU5ZWUwNDU5MTExYSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NSwiZXhwIjoxNjM2NTYzNDQ1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMGIxZjI5ZjEtZTU4Yi00NDYyLWI3MzUtYmVmMGE5Y2NjZDViXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.A3JFJJetOjdwhTAfl8LoTL0w01JchB7u2f5FNWiEUhf5TZVi5qHzWtlWiaOv6Nk2GY6bfe276XDzBIOlCYQQ7EP0__qc2JFNEzuSgpSUc853AlEcjBxmP-jp5e8w_OtyJ3xzaNo9fldPjMbUd1KZTVwvsZI8Hw63PeTfT0OUN-huXK8GpN_kl-uiotnPts-ZHD2AGbp7G3nXnQ2i4y5bISRKWnXRH1aDZWzGo0MKyS1A3DzJkJMB23lUyFppm1sUtRQ_uSjD-kokfSfKWe90G2iRYBR4QI9V4l0pRlpXhjehj6TdJGleAccSKZfo21MiPu6jcTaMSsq-TjvI3tp01A'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 522
{
"id" : "10ab8060-8d93-4f94-ac2d-41893837db81",
"resourceActionId" : "bdc877bd-1194-4493-a129-6b990b221ffc",
"authorizationStrategyName" : "Admin",
"includeWhenAbove" : false,
"includeWhenAt" : true,
"includeWhenBelow" : true,
"createdBy" : "7111d2de-f46c-4744-bb1d-431b71b214b7",
"createdAt" : "2021-11-10T15:57:25.680762Z",
"updatedAt" : "2021-11-10T15:57:25.680762Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Test Action 27 Test Type 26 in Admin Standard Roles"
}Create Action Inclusion
POST /action-inclusions
Authorization
This endpoint requires the following actions:
-
createaction on theaction-inclusionresource type -
readaction on theresource-actionresource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
resourceActionId |
String |
false |
Client must have |
includeWhen |
Map |
false |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
[].id |
String |
false |
|
[].resourceActionId |
String |
false |
|
[].authorizationStrategyName |
String |
false |
Size must be between 1 and 64 inclusive. |
[].includeWhenAbove |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is above the {@link StandardRoleType}'s {@link ResourceType}. |
[].includeWhenAt |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is the same as the {@link StandardRoleType}'s {@link ResourceType}. |
[].includeWhenBelow |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is below the {@link StandardRoleType}'s {@link ResourceType}. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link ActionInclusion} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link ActionInclusion} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link ActionInclusion} was deleted. This will be null for an {@link ActionInclusion} that has not been deleted. If this property is not null, then the {@link ActionInclusion} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJ3NHZReVlyOUQ4cWpCVElMZmE2aEtnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImI4M2ZkYzQ2LWJhZWItNGQzZC1iNWY0LWExNWY5MzUzMTMxNiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NSwiZXhwIjoxNjM2NTYzNDQ1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYWI1ZmI4ZWItMWU1Yi00ODk5LThmNzktNTJkZTI0N2U5MTA4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ1fSx7XCJpZFwiOlwiYTYyYWNhMmUtNGNlMy00NDE0LWJiNGYtYmM5NGY0ZWVmOTFhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.dn9gvJaHFbj4sxEM6pAg2e2ExvWKjZa9Hnw8ocQisPsVzkPsU3UXHMZrKSAFedRn5kj_UoXe0xsmoU-ef01zU2k-xIICNRuSqSGVcmdtpa16_T38hRnMZ-I-niq3m3lZfqHtqIHiyU4yK6KpVhzqEEhtzuvu6zBwKOnBFe9IP45kQxQFLsr_3T77FC_MwyI9ctKNkFrC1txtrDz_fcgDFQVnmR1B3OBave3WMgJg4vaMOwpMh4ZOfuX2TU9sNdah8RI_fqVOjlVoT81duQSq0rfKLnTeHgthAvXCNZqvMiEraUNedglRasUhT2kKCmPOtSra2oGku_Kw8SlY2-dA9A' \
-d '{"resourceActionId":"30ca50df-e33e-4658-acfa-b992a3ccffba","includeWhen":{"Admin":{"above":false,"at":true,"below":true}}}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 526
[ {
"id" : "c279d51d-b9ce-40e5-973b-6681d23d5647",
"resourceActionId" : "30ca50df-e33e-4658-acfa-b992a3ccffba",
"authorizationStrategyName" : "Admin",
"includeWhenAbove" : false,
"includeWhenAt" : true,
"includeWhenBelow" : true,
"createdBy" : "b83fdc46-baeb-4d3d-b5f4-a15f93531316",
"createdAt" : "2021-11-10T15:57:25.898584Z",
"updatedAt" : "2021-11-10T15:57:25.898584Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Test Action 33 Test Type 32 in Admin Standard Roles"
} ]Delete Action Inclusion
DELETE /action-inclusions/{id}
Authorization
This endpoint requires delete action on the action-inclusion resource type.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions/56600672-cd20-4613-9ae1-a494d7445c4b' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJqaGhZM3RMejRfV3d5YnNyYllfcmh3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImRkYjRkNjAyLTcxMGItNGE2ZC04Y2I1LWM5ZTFjNjc4NTQ5OSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NSwiZXhwIjoxNjM2NTYzNDQ1LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjcwYjBjYjViLTQ5NjAtNDIyYy1hMzUxLTM4YjU3OTA2ZDJkMlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjJkOGU3NjA2LWEyNmItNDA4ZC1hMzQyLTRkNzBmMTJkMjU0NFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgzNn0se1wiaWRcIjpcImE5NDgyYWJkLTY5ZjAtNDE1Yy1iNzk0LTYwODgwNmQzNzg4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjc2ZTU0MDg3LTY3NGQtNDQ0Zi04MjI5LTQ3NGFlNDMwNWQ4OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcIjA1ZjJhOGFjLWZhODMtNGRjZC1hMjBlLTA1ODZmYWNmYTJlNlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN30se1wiaWRcIjpcImM0ZTdkMWRhLTE4OWYtNDFjMS05OTgxLTQyMTc1MDk1NmYxNFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcIjQzNDhhZjkwLTkxY2ItNGZjNy05YmM2LThmZTc3NmU5MjcxZFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOX0se1wiaWRcIjpcImI5NTA4ZjQxLWE0YmUtNDAxNi05NDhhLWQ2YzhhZWZlMTc1MFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyOH0se1wiaWRcIjpcImY4N2I4YjFlLWUyZmYtNGI3My1iMWQzLTAzNDc3NWM1NDg2OVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTgyN31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiODZiYzFhOWQtMTY5NS00N2U2LWJhN2MtNDE2NWVjZjE4NjBjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ1fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Ia6LRNVpRLlA9w8AG-vpGO-HfVvsgmeTtYzRwFzGKmO8kEm8bfOutzGMVIHo28SfTZUW3rpLhKc70VabOQzWahLatoNZNIGCEiqnAAgBpqx9DD26ZRj112ZB524en7nZZkLI2XPoKPqULIyqaob4aLn3MifJMXHQhT0QbN1kMgtVGd0A_k2Nv23H7XWwvXSKcJJjNi8q7b_tNj1_1TAizCdeCkKoZ-uGLubzhMZnhiInNTNbfgg2wuRiTryBFlPFeDYrm2S13NhIXZ-3Krc_QY8ry983ZgfQ_JQLmPuzGk_JVEfBJup88J77VsAcHVE-gypw1Bl8fXPGD1AopyIF_Q'Example response
HTTP/1.1 200 OKDeprecated Resources
Resources
Find Resources
GET /resources
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
| Parameter | Type | Optional | Description |
|---|---|---|---|
nameLike |
String |
true |
|
descriptionLike |
String |
true |
Request fields
No request body.
Response fields
Standard paging response where content field is list of following objects:
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
|
description |
String |
false |
|
resourceTemplateId |
String |
true |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resources' -i -X GETExample response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1152
{
"content" : [ {
"id" : "2b374a00-bf8d-4874-8cb5-5ce67adff0e0",
"name" : "nfrn:orgs:*:nets:*:gateway-clusters:*:endpoints:*",
"description" : "All Gateway Cluster Endpoints",
"resourceTemplateId" : null,
"createdAt" : "2021-11-10T15:57:05.280801Z"
}, {
"id" : "cdace3ea-d75b-11e9-b01a-d05099466715",
"name" : "nfrn:*",
"description" : "All NetFoundry Resources",
"resourceTemplateId" : null,
"createdAt" : "2021-11-10T15:57:05.280801Z"
}, {
"id" : "cdace5d7-d75b-11e9-b01a-d05099466715",
"name" : "nfrn:orgs:*",
"description" : "All Organizations",
"resourceTemplateId" : null,
"createdAt" : "2021-11-10T15:57:05.280801Z"
} ],
"pageable" : {
"sort" : {
"sorted" : false,
"unsorted" : true,
"empty" : true
},
"pageNumber" : 0,
"pageSize" : 20,
"offset" : 0,
"paged" : true,
"unpaged" : false
},
"totalElements" : 44,
"totalPages" : 3,
"last" : false,
"numberOfElements" : 20,
"first" : true,
"sort" : {
"sorted" : false,
"unsorted" : true,
"empty" : true
},
"size" : 20,
"number" : 0,
"empty" : false
}Get Resource
GET /resources/{idOrName}
Authorization
Authorization not required for this request.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
idOrName |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
|
description |
String |
false |
|
resourceTemplateId |
String |
true |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resources/e0b3ab71-d6ed-4e19-afae-02c1c4f1e39e' -i -X GETExample response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 193
{
"id" : "e0b3ab71-d6ed-4e19-afae-02c1c4f1e39e",
"name" : "nfrn:tests:*:foos:*",
"description" : "All Foos",
"resourceTemplateId" : null,
"createdAt" : "2021-11-10T15:57:16.662521Z"
}Create Resource
POST /resources
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
name |
String |
false |
|
description |
String |
false |
|
audience |
String |
true |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
|
description |
String |
false |
|
resourceTemplateId |
String |
true |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resources' -i -X POST \
-H 'Content-Type: application/json' \
-d '{"name":"nfrn:tests:*:random:*","description":"random test resource","audience":"io.netfoundry.tests"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 207
{
"id" : "0f35712e-6131-4bd2-94af-7596b3f6f67d",
"name" : "nfrn:tests:*:random:*",
"description" : "random test resource",
"resourceTemplateId" : null,
"createdAt" : "2021-11-10T15:57:26.470370Z"
}Delete Resource
DELETE /resources/{id}
Authorization
Authorization not required for this request.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resources/1af6c003-7c5e-46e0-b9c5-999a86a8e1a2' -i -X DELETEExample response
HTTP/1.1 200 OKActions
Find Actions
GET /actions
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
| Parameter | Type | Optional | Description |
|---|---|---|---|
nameLike |
String |
true |
|
descriptionLike |
String |
true |
Request fields
No request body.
Response fields
Standard paging response where content field is list of following objects:
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
Must match the regular expression |
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/actions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJWdVBDQ3RHY0JMVmlVMjRpeXk5ZVZRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImJkZjNhOTM0LTc2ZGQtNDJhOS05YTNhLTQ1MWE2Yzc1NjY5MSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NywiZXhwIjoxNjM2NTYzNDQ3LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjFjYmViYjQ2LTRlNmEtNGZjYy1iYmY1LTllZmY2NjM3YzJmNVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N31dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYmQ4ODIwZTItYTAzMi00NGQzLWEwNzQtMTJkODM5NDMxZGIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYTM5NDAxMGItMjdlMi00YWYzLWJlOGUtOWZiMzA2ZGEyYmMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Mi-cd4prnGsoUtBTEZhPz34GX96LNJBDzqfw6S97_WqAzkLqNIKKr9xN-IV_57SHrFkRGDoxQG4F5zVRTXhS3Hx_YQOPk-poWblvehIpsYDzyZL50ufjTKoXHVot-b9WIOBktGfUXGFqysgFVwq4k77vF96F86O1Pjgqc8TtoKBfdN4L3H-wmkkxRDepNAj2uGKrtZ55I-qhgUvQ1TbRnzpHI-iswvUp0MEPhp6PDAqB8-j9qIsMcPlD2jLxGFvIS_FZI0uBBAXJItsZPePQkcvrpcpisGvumRGOTE5Q4N2Gmjda7yRcKQ3MbTQdkPAt90Tmqde0ITD2-RQBuBQC7w'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1041
{
"content" : [ {
"id" : "150de5f3-eaf8-4714-93d8-c75a8f41c59b",
"name" : "networkconfigs:*",
"description" : "All Network Config Actions",
"createdAt" : "2021-11-10T15:57:07.002635Z"
}, {
"id" : "40c556d4-cb5d-4fff-9199-377a180aee72",
"name" : "networks:perform-bulk-operations",
"description" : "Perform Bulk Operations",
"createdAt" : "2021-11-10T15:57:06.257045Z"
}, {
"id" : "764e5460-365b-485b-9e92-8c64402d46b4",
"name" : "tests:create-foo",
"description" : "Create Foo",
"createdAt" : "2021-11-10T15:57:16.640511Z"
} ],
"pageable" : {
"sort" : {
"sorted" : false,
"unsorted" : true,
"empty" : true
},
"pageNumber" : 0,
"pageSize" : 20,
"offset" : 0,
"paged" : true,
"unpaged" : false
},
"totalElements" : 167,
"totalPages" : 9,
"last" : false,
"numberOfElements" : 20,
"first" : true,
"sort" : {
"sorted" : false,
"unsorted" : true,
"empty" : true
},
"size" : 20,
"number" : 0,
"empty" : false
}Get Action
GET /actions/{idOrName}
Authorization
Authorization not required for this request.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
idOrName |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
Must match the regular expression |
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/actions/764e5460-365b-485b-9e92-8c64402d46b4' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJuT3ZiNERjdEZxakNIWEpYalc4TXdBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjY5NGMzNjFhLTE5NGQtNGJhMy05NTI1LWIzNWMxZTk0Y2Y3OSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NywiZXhwIjoxNjM2NTYzNDQ3LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjA3OWI4MzU0LTc5YWQtNDQ2MS1iYjYyLWVhMDQwMTA2ZmUwN1wiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N31dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYmQ4ODIwZTItYTAzMi00NGQzLWEwNzQtMTJkODM5NDMxZGIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYTM5NDAxMGItMjdlMi00YWYzLWJlOGUtOWZiMzA2ZGEyYmMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.goHTqkNWMIulwFU1M9XS-H4LyB8fYx5RDQG_a0iknquyGmdZUaPAPnHFzNGW28qlLDG7k5Hwcnh7UCFPtA5bNInAmfKjEUos44uJHS3J0r7cs6xr0I_KuIF6QxYXYVJB71sdvArMVySp5-c_E4mt2CEcrijgAhtZku94_pJfUY9Spb-SnwaFZ4454bQnpJBEMAfY1g650vMypQodQNnwDkZL7QHXMUoaXqP6P-G2rDCiVdkvO_hkHlU5tdCaKB0ZbAjxoRFKqCiMPGaI8TK5xncLbB__gWTVth_4xfwYZx_x1q8Ts77TMlcv3T9c2Gowx6fqlog3fAlo2GwZ4e3UvA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 161
{
"id" : "764e5460-365b-485b-9e92-8c64402d46b4",
"name" : "tests:create-foo",
"description" : "Create Foo",
"createdAt" : "2021-11-10T15:57:16.640511Z"
}Create Action
POST /actions
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
name |
String |
false |
Must match the regular expression |
description |
String |
false |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
Must match the regular expression |
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/actions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJWOC10bXVJWTdxc2pUTE5qX1ozRlV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjUyMTM0Y2IyLWZlMTgtNDUyYS04YmNjLTA1ZjE1YzQ0NGNkYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0NywiZXhwIjoxNjM2NTYzNDQ3LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImY3MjhjNjdhLTdjNGItNDM4My1hOGY0LTk1NDkxNTk0YTE0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0N31dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYmQ4ODIwZTItYTAzMi00NGQzLWEwNzQtMTJkODM5NDMxZGIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYTM5NDAxMGItMjdlMi00YWYzLWJlOGUtOWZiMzA2ZGEyYmMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.LghOI5vo141AqCN1Xz62_mFio5aTlA8c1UfC1YiDWw0pwLTywNda6njXCNbKa0SMJ8OX1scL08wsSbrps-LnRsE6BV4jiV9ekfhaCTQTAXbLwNrrbUwzJe-gVDe5CQfW33yTy4E2rWenTzf3dvLwbB89diND49ls4BE79WkwEySY-hbXxlIS4pU2ffBFoGLjUwFRKiUb1tnu9oo13vaOTQvLd-iaVvNiKgRVgJGbVAN_q0irizBLs-seEf6PIs8U-A1MXvf7E5fhAd8GLre4W8OJpCyefqiCr2PJCnnJpSwV2yajXSFo3ysXj6Feooe7jPid2pWMVtz36DQeiONjGA' \
-d '{"name":"nfrn:get-widget","description":"Getting a widget"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 166
{
"id" : "9c7b13c8-7be4-4ac7-841c-dc7a1ccaf85a",
"name" : "nfrn:get-widget",
"description" : "Getting a widget",
"createdAt" : "2021-11-10T15:57:27.586683Z"
}Policies
Find Policies
GET /policies
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
| Parameter | Type | Optional | Description |
|---|---|---|---|
resourceIdIn |
Object |
true |
|
actionIdIn |
Object |
true |
|
descriptionLike |
String |
true |
|
roleId |
Object |
true |
|
identityId |
Object |
true |
Request fields
No request body.
Response fields
Standard paging response where content field is list of following objects:
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
resourceId |
String |
false |
|
actionId |
String |
false |
|
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiI0UXI2SnZyTnRrVThwTEh3Q3hfTVRnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjU1M2RhNTI2LTlhZDQtNDNjZC05YzQxLTc5YTQ1ODVlZGUwYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0OCwiZXhwIjoxNjM2NTYzNDQ4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImY5N2IyYmFkLTBjMmMtNGIwNC1iYmU3LTM1N2E3MDk4MzFhZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0OH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYmQ4ODIwZTItYTAzMi00NGQzLWEwNzQtMTJkODM5NDMxZGIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYTM5NDAxMGItMjdlMi00YWYzLWJlOGUtOWZiMzA2ZGEyYmMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.ilES_MTMVlM9Viwvf3ZEyn7aIBQz_zmRZNBm_DTg4zdKopnI8M4RDarfFhwpKuy-eiKn5OniWeX9cPceTAFusIFZPV-zQ3F5Dd0ZzS2rJ2LWqJB096VzKas-S3Foo3bBNJNssgYk_1leRUatGzyXhXrPQ82QQPlobVrND1TvjK3j01p_Hoh5olkDRTGUvO9sCCDrIy1upmiqX6TVdYlr-qLk2H66BzrKOgPUf2jcHHYLUkRYrV-Y1xGYj6s67CaTzOGxIraNUO-MFKuv-tcxeWProsk22uI8wyZi-aGNVA21aVkSvZ2RSMCQvj5GSCvOV_u3AxT8viF1IFovk9JisA'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1215
{
"content" : [ {
"id" : "0597e8f7-be2b-11e9-b33b-d05099466715",
"resourceId" : "d862d360-d75b-11e9-b01a-d05099466715",
"actionId" : "d180d08a-d75b-11e9-b01a-d05099466715",
"description" : "",
"createdAt" : "2021-11-10T15:57:05.366442Z"
}, {
"id" : "0597e924-be2b-11e9-b33b-d05099466715",
"resourceId" : "d862d360-d75b-11e9-b01a-d05099466715",
"actionId" : "d180d1a5-d75b-11e9-b01a-d05099466715",
"description" : "",
"createdAt" : "2021-11-10T15:57:05.366442Z"
}, {
"id" : "0597e934-be2b-11e9-b33b-d05099466715",
"resourceId" : "d862d360-d75b-11e9-b01a-d05099466715",
"actionId" : "d180cffa-d75b-11e9-b01a-d05099466715",
"description" : "",
"createdAt" : "2021-11-10T15:57:05.366442Z"
} ],
"pageable" : {
"sort" : {
"sorted" : false,
"unsorted" : true,
"empty" : true
},
"pageNumber" : 0,
"pageSize" : 20,
"offset" : 0,
"paged" : true,
"unpaged" : false
},
"totalElements" : 171,
"totalPages" : 9,
"last" : false,
"numberOfElements" : 20,
"first" : true,
"sort" : {
"sorted" : false,
"unsorted" : true,
"empty" : true
},
"size" : 20,
"number" : 0,
"empty" : false
}Get Policy
GET /policies/{id}
Authorization
Authorization not required for this request.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
resourceId |
String |
false |
|
actionId |
String |
false |
|
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies/cbac3172-e0bf-4b7f-a562-026d831b5754' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJPYnp6d3JFRkc0Y05JcmtRQXMzZTBRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjQzNjI2NjA1LThhMGQtNGI0MS1iZjM5LTlhZGVhNjNlYzljNSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0OCwiZXhwIjoxNjM2NTYzNDQ4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjcxYzljOTUwLTRiNzUtNGQ3Mi1iNGI5LTA3ZTk5YjcwMmQ1MVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0OH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYmQ4ODIwZTItYTAzMi00NGQzLWEwNzQtMTJkODM5NDMxZGIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYTM5NDAxMGItMjdlMi00YWYzLWJlOGUtOWZiMzA2ZGEyYmMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.i-qr1VwTLfsqRnBeJ0u-R1bt1hb2s7OpRxRM8ukllXMRaITz0n5jIXKwPGNNtEm87ayyaMkr2ELfJs4OC3fC_cAlt_b-E5qucvIJ2m2h1agbTMlpdv4iO9IYCDBfV7UycI6ZmIcrjj2t5fy7WVzIpleIGDRMX7tfPa-SP_5iqZa61vSHPhX2CbSEFT1eL_fnP1vIICtseLHKxWjcE8kBk5iSV7aRsdfWQ9pQrE9VAXWgIC8RDA1ZVpHqICWgBz97wlq-L7vG2NHileLOyYDAkfsiQ_6azLRvW89M85dgLKOAmwtH7SDOvv3HR_jhN1wkPxE7IDLrsQ1AjZ6nKU3PJw'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 255
{
"id" : "cbac3172-e0bf-4b7f-a562-026d831b5754",
"resourceId" : "e0b3ab71-d6ed-4e19-afae-02c1c4f1e39e",
"actionId" : "764e5460-365b-485b-9e92-8c64402d46b4",
"description" : "Create Foo for All Foos",
"createdAt" : "2021-11-10T15:57:16.673067Z"
}Create Policy
POST /policies
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
resourceId |
String |
false |
|
actionId |
String |
false |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
resourceId |
String |
false |
|
actionId |
String |
false |
|
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJvZzcxNkFlS0kwQXNPWXdqR0tPSlBBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjhkOTgzNWFjLWZmNzAtNDIzZC04ZjYyLTYzZTg0M2YzODhmMiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0OCwiZXhwIjoxNjM2NTYzNDQ4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjAwZjI3MDY0LTYzNGMtNDE1Ny1iZTNkLWQ5MjM4ZGM1NzM0MlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0OH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYmQ4ODIwZTItYTAzMi00NGQzLWEwNzQtMTJkODM5NDMxZGIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYTM5NDAxMGItMjdlMi00YWYzLWJlOGUtOWZiMzA2ZGEyYmMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.OLenooDb4lMgkCwigHNUkg_POEYGySF3ovKe5EFW0umUvtmmgmmOREx9LogEbNxe5CzbHcBDCJxikcoVn5yGTd_vvjNTEnhlBITv80sH8dR3uQdRqHZY80x9WCPMI63U_l6L2WJ28mCpeX5acdlODeP9ntPvss4N_rRxgp6ZYwHK-ZykZWwlhDlTdHgS90lJ94ddtog1DNAvURTKvW1YxSwcliW8YYsiBugUi1jAv5GfleJcnp62N6-Q-lXQu66owOzdk0v-NUv_A7cgCzRatZciUDvEqp6bVxXqSV7_73mgbNi_PQxUOn3AS1gFpH334cvuLwkj2NB5eTQRNGE4wA' \
-d '{"resourceId":"d31d24a7-f5a9-464c-946d-89bc8ab736ae","actionId":"afb5f5d7-62c3-4719-abca-ddd66ec6a55e"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 264
{
"id" : "be25184a-fa34-499f-9e13-fd79b9423884",
"resourceId" : "d31d24a7-f5a9-464c-946d-89bc8ab736ae",
"actionId" : "afb5f5d7-62c3-4719-abca-ddd66ec6a55e",
"description" : "Random Action 73 on All Random72",
"createdAt" : "2021-11-10T15:57:28.600766Z"
}Delete Policy
DELETE /policies/{id}
Authorization
Authorization not required for this request.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies/360a3edc-f466-4862-89d0-571cba136746' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJSSThYZUFacFBocUFZWGJBR2tieDV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjBjZGNmYzY0LWNmN2QtNGRhMi1hYjExLTIyMDg5NDdiYWQ2OCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0OCwiZXhwIjoxNjM2NTYzNDQ4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImU3ZmM3YWMwLWZmZWEtNDRkNS1iMTM0LWMyZDliNjYyOWQyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0OH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYmQ4ODIwZTItYTAzMi00NGQzLWEwNzQtMTJkODM5NDMxZGIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYTM5NDAxMGItMjdlMi00YWYzLWJlOGUtOWZiMzA2ZGEyYmMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.ixUX5dTiH9crSIkNCZHB0kaGcy3C6fhfj7a-zKv1CcPv-RwIo7AZAwltDrbTfrrbaKN_WVtxUY0cTye8C79YYsjUlCMXuN90LWbZaH8515OEmccg2bV40thd6Pvwdp1E8C2r_ORVEmsR5u2HVF211OU2gqRsDQPWqxwQ8-1B3Aap-GkUqYEnrIpHkwHMHbvFx2WECpcJw7sQRYQrglGsyjO1srKLYVDZLOpHPXxTgv7CfMcPCJsWl-mDd4gdmRJvsFZeQz0rRVnYGL72dqEr3n8OgtrS9Kl3fy0Gymf9uRdzxZ6Mb72Ypfi_2qRkC_H_99pZ0pcU6wQu6AkxPfmYlw'Example response
HTTP/1.1 200 OKGrant Policy To Identity
PUT /policies/{id}/identity-grants/{identityId}
Authorization
Authorization not required for this request.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
|
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies/525c633e-fedc-45c7-a457-b6286ace36b6/identity-grants/a9d1d877-3268-4cda-b5b1-b39dc3763658' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJ4b3E4cFRrSC1VZnFRUFoxQ21xOXhRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjBlODYyNmRhLTY4MWItNDhjMy05Njk1LTQ0MDU4YjViNTI3MyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0OCwiZXhwIjoxNjM2NTYzNDQ4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImI2YjY4YzRjLTJhODgtNDA2Ny04NjE4LTVhODEyM2JmNTgzNVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0OH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYmQ4ODIwZTItYTAzMi00NGQzLWEwNzQtMTJkODM5NDMxZGIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYTM5NDAxMGItMjdlMi00YWYzLWJlOGUtOWZiMzA2ZGEyYmMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.PrK2fcBf8qbl1DI0rWzNYZe1VRgbaaPasR99QTPKCkhvio4DNJ8jZIlH8e8nOHAUTdzre1F-gGgvZIiWs74xxDAexKgXVWVhatlHx6U_ba1WiS7lgqSfAoMEc1YyWS-KY6chtEAtKWZoDcBT-7O-xvBrhO606lcDbkSCXIKQgAXlMAvsvpyHDQxygngw0qnOCqefnxsPvJs8a1vJf_XkYiHKdwd7XGlnbzqXTRQ1kE-LEmY9V4th1LFbmLS9HR5rfo8TNgMWMiufEagz0woabD-UxzteuFVCFIq7haZ0pzvzgGK0ibeG9OM5UwFTwhD5PWWWg3yGU2HIDEzuyiowyg'Example response
HTTP/1.1 200 OKRevoke Policy From Identity
DELETE /policies/{id}/identity-grants/{identityId}
Authorization
Authorization not required for this request.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
|
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies/13dd4928-57bb-499c-be21-009b91b66f07/identity-grants/dd293d34-67fd-4710-a5ef-9673525eb6a2' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJzTHlTNjRpY1E3SDNtOTl2aU1oa3hBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjI1YzFlYjNjLThiOWYtNGYxZi1hZmE4LTMxZmM3OGFiZTRkNiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0OCwiZXhwIjoxNjM2NTYzNDQ4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImVkN2JkOTY2LTQwZTMtNDQ4Ni04ZWY1LTFkY2ViZjk1YTg0Y1wiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0OH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYmQ4ODIwZTItYTAzMi00NGQzLWEwNzQtMTJkODM5NDMxZGIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYTM5NDAxMGItMjdlMi00YWYzLWJlOGUtOWZiMzA2ZGEyYmMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.oxUSY9PtvoqvAJRX2kjyKfZfDvizU79GIT3JqHTM6uyew-lh7QKbeoobgzLXeOzFLjnoBFS9sveUnF41YAblr697AEzRXJMy7dQoED9nx-oGCkgmjFrUkVrZF5OliEO-6bs8QH6le7f7XWcqot73JDVOKk-tJpm0wiDgD2lpc5dEAnEH3NHsy0o3LfW2BM9teiUEvcrzJSsuj5NKAzHTWMDHmaLjWutAslmrOvf903Hk5fwX9DKgYptVAPbactD-V5xgUVWMGWYd1YU0XBjDU_jK0ZTcCczMeekDIlpWvOg1Ez2FP6_s-WTqhK8auQMYt3lvSOsmtT5GJdD3OPX2tA'Example response
HTTP/1.1 200 OKGrant Policy To Role
PUT /policies/{id}/role-grants/{roleId}
Authorization
Authorization not required for this request.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
|
roleId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies/a08ff0af-9d58-41d9-9f77-aa956efdf754/role-grants/5096867d-1ef2-48c6-893a-19883dcc3347' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJpTTl2eFozQ2FVVWxPeGpjMDNIVEh3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjdhOTY1YTY4LWUzZmYtNGQzYi1hOGQ0LTA2YjA3YTc2ZWU1OSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0OCwiZXhwIjoxNjM2NTYzNDQ4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjgyNWRiZTVkLWFmOWYtNGUwYS1iMmE4LWY0MzczODQ4NTViM1wiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0OH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYmQ4ODIwZTItYTAzMi00NGQzLWEwNzQtMTJkODM5NDMxZGIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYTM5NDAxMGItMjdlMi00YWYzLWJlOGUtOWZiMzA2ZGEyYmMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.NQ-Gghi0M5M9FU3qmBSNcaLBd8xvH_QN2VwXMUWlBww_KtzfdgC2UECIiCDvMSS-8JaIYeEq_vqribkQs3YJ_20LYRO5vnMdtZOOfjloDey2zTa6g8GVI2wM1Oekk0pSX93L0xQ6AgIBA2cL2YZJV7tYH2EOcAZjW5zrCcNtW5Cb1vmKIOijV0mKpPJnBhV_6IjrLOuIJLsF_922JxlakI62FIP3K02uFjMYcR5NjWwZ8aisLTnIesnc5KDQWHAzi9gKUQCBzSO9sryw69KeVikmEr0izllG1N22FtlmBJU8Ga-rFMjFYEH6dt-6LRd9bh5bKdw3lklx4v1D80wsgw'Example response
HTTP/1.1 200 OKRevoke Policy From Role
DELETE /policies/{id}/role-grants/{roleId}
Authorization
Authorization not required for this request.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
|
roleId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies/e8a58ebc-0c18-4939-9dd7-a1f6c7f02854/role-grants/a03107f7-79d5-4664-9e0f-7bd766965e41' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJDaE9Xc0dDcE5wSnh0Z2FUMjZOQ3d3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImNhOTU3ZDg5LWM3NjktNDhjNy1hZGQ2LTQzYjM2YTRmZjJlYiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0OCwiZXhwIjoxNjM2NTYzNDQ4LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImE1ZGEzMjFmLTg5MjgtNDRhMy1iZmI0LTU5MDgxYzQ0ZjU1ZlwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0OH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYmQ4ODIwZTItYTAzMi00NGQzLWEwNzQtMTJkODM5NDMxZGIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fSx7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYTM5NDAxMGItMjdlMi00YWYzLWJlOGUtOWZiMzA2ZGEyYmMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODQ3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Mqxc2TBESJFJvW0IqksGmRRCJhmSRbEJ_EPUe72R-ej8dpxqhYoA6YOCwy7pI9q226Oh8gOfXhhKz4Rqt6R69XRQMwdpN6xAN2hBRjHscZ9oZ1p1OxuY-gbXqYdsmdxshcDsK1-u1UR2_YMdXiCNaR2Dt5Yg_8qRTW3WgcqgUeSVf3Id-wZo983xwrL_6tg7PCuw_OWYsWvOxOnHdCK-3N1paHjwE0XyoYa0xh8oAjoGZv7Bp45e8JiTJBVhQf2g7ZlCsOqoK1TkTFD7zkyMet5zFwZ6qyOQj_AWgba15GUK8911-in3l3SFxsi9MwOMyMFdXELPpM_4Dfp5Qo-GVg'Example response
HTTP/1.1 200 OKRoles
Find Roles
GET /roles
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
| Parameter | Type | Optional | Description |
|---|---|---|---|
nameLike |
String |
true |
|
descriptionLike |
String |
true |
|
policyId |
Object |
true |
|
identityId |
Object |
true |
Request fields
No request body.
Response fields
Standard paging response where content field is list of following objects:
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
|
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/roles' -i -X GETExample response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1016
{
"content" : [ {
"id" : "13da5c64-b4f7-4029-aec0-f547c612426a",
"name" : "Foo Admin",
"description" : "All Foo related actions",
"createdAt" : "2021-11-10T15:57:16.687816Z"
}, {
"id" : "c0432be1-b95c-414e-9147-f8bd07b8dc1f",
"name" : "Random Role 14",
"description" : "All random on all tests",
"createdAt" : "2021-11-10T15:57:23.630675Z"
}, {
"id" : "ce46aba4-d75b-11e9-b01a-d05099466715",
"name" : "super-user",
"description" : "Super User - All Access",
"createdAt" : "2021-11-10T15:57:05.420369Z"
} ],
"pageable" : {
"sort" : {
"sorted" : false,
"unsorted" : true,
"empty" : true
},
"pageNumber" : 0,
"pageSize" : 20,
"offset" : 0,
"paged" : true,
"unpaged" : false
},
"totalElements" : 8,
"totalPages" : 1,
"last" : true,
"numberOfElements" : 8,
"first" : true,
"sort" : {
"sorted" : false,
"unsorted" : true,
"empty" : true
},
"size" : 20,
"number" : 0,
"empty" : false
}Get Role
GET /roles/{idOrName}
Authorization
Authorization not required for this request.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
idOrName |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
|
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/roles/13da5c64-b4f7-4029-aec0-f547c612426a' -i -X GETExample response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 167
{
"id" : "13da5c64-b4f7-4029-aec0-f547c612426a",
"name" : "Foo Admin",
"description" : "All Foo related actions",
"createdAt" : "2021-11-10T15:57:16.687816Z"
}Create Role
POST /roles
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
name |
String |
false |
|
description |
String |
false |
Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
id |
String |
false |
|
name |
String |
false |
|
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/roles' -i -X POST \
-H 'Content-Type: application/json' \
-d '{"name":"Test Role 0ff66be2-c9da-4585-83ca-87bcf0b8d3f1","description":"Random test role"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 197
{
"id" : "fabc7894-7858-4ee9-b6a6-aa82f3d5d3df",
"name" : "Test Role 0ff66be2-c9da-4585-83ca-87bcf0b8d3f1",
"description" : "Random test role",
"createdAt" : "2021-11-10T15:57:23.909612Z"
}Delete Role
DELETE /roles/{id}
Authorization
Authorization not required for this request.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/roles/a712853c-6db2-4272-b0df-c51161fbf80c' -i -X DELETEExample response
HTTP/1.1 200 OKGrant Role To Identity
PUT /roles/{id}/identity-grants/{identityId}
Authorization
Authorization not required for this request.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
|
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/roles/c0432be1-b95c-414e-9147-f8bd07b8dc1f/identity-grants/56008e23-4806-4a20-853f-50b687d5a61b' -i -X PUTExample response
HTTP/1.1 200 OKRevoke Role From Identity
DELETE /roles/{id}/identity-grants/{identityId}
Authorization
Authorization not required for this request.
Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
id |
Object |
false |
|
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/roles/cfa39509-d2b9-4cf3-b215-4a663ce617ac/identity-grants/68168d3c-ece9-4ba6-a490-0638edc00192' -i -X DELETEExample response
HTTP/1.1 200 OKClaims
Find Claims
GET /claims
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
| Parameter | Type | Optional | Description |
|---|---|---|---|
identityIdIn |
Object |
true |
|
roleIdIn |
Object |
true |
|
policyIdIn |
Object |
true |
|
resourceNameLike |
String |
true |
|
actionNameLike |
String |
true |
|
audience |
String |
true |
Request fields
No request body.
Response fields
Standard paging response where content field is list of following objects:
| Path | Type | Optional | Description |
|---|---|---|---|
resource |
String |
false |
The policy resource name. |
action |
String |
false |
The policy action name. |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/claims' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRhZTM5ODZkLTk0NzUtNDZhYy1iNWQwLThkNTI4OGFiNzQ3MyJ9.eyJqdGkiOiJPVGMwdk5VOHJ1Tm14dnl6bnBRSkRRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjQzYjQ2NGQzLTUxNWMtNGZkOS04ZTVmLThlYjA3MTEyNzdkZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTYzNjU1OTg0MiwiZXhwIjoxNjM2NTYzNDQyLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImJhZWEyMGNjLTVmODktNDk2ZC05Yzg3LTlkZmY0MmIwODk2YVwiLFwibGFzdE1vZGlmaWVkXCI6MTYzNjU1OTg0Mn1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiNzBiMGNiNWItNDk2MC00MjJjLWEzNTEtMzhiNTc5MDZkMmQyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMmQ4ZTc2MDYtYTI2Yi00MDhkLWEzNDItNGQ3MGYxMmQyNTQ0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODM2fSx7XCJpZFwiOlwiYTk0ODJhYmQtNjlmMC00MTVjLWI3OTQtNjA4ODA2ZDM3ODg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiNzZlNTQwODctNjc0ZC00NDRmLTgyMjktNDc0YWU0MzA1ZDg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiMDVmMmE4YWMtZmE4My00ZGNkLWEyMGUtMDU4NmZhY2ZhMmU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fSx7XCJpZFwiOlwiYzRlN2QxZGEtMTg5Zi00MWMxLTk5ODEtNDIxNzUwOTU2ZjE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiNDM0OGFmOTAtOTFjYi00ZmM3LTliYzYtOGZlNzc2ZTkyNzFkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI5fSx7XCJpZFwiOlwiYjk1MDhmNDEtYTRiZS00MDE2LTk0OGEtZDZjOGFlZmUxNzUwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI4fSx7XCJpZFwiOlwiZjg3YjhiMWUtZTJmZi00YjczLWIxZDMtMDM0Nzc1YzU0ODY5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjM2NTU5ODI3fV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.CAD7bBYgcRh3-jlDaQ8HfjJxWNAVaeR73j_Gl48K8r8_OIS8RC3qhehiE6Mawfg5bFWtEL8tR5dFT622nA-ryXNKSYASyjoMTMTdQYtR0rwDKsuOx7JnOB1PNnxlUoXNYyUH-R2xC49n1iL7QDZIqHmn0RGb2S555hJJarpIsKJBulxxkUeoLIPCcYTDqVeeQD0ytleNLsi8_u9uu_6ZSLbahIyeQp7gq7DCvnCwGiP8pKxRsM88-EiDEs70rWkjPjVJqMb9ux2x2vYJxbK8U27Hf-w465J_pPWn_2mICSzUXZXxzPSjkBRPmX4loFnpxnDvh41Wc7sOQ4uSggVZ7Q'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 533
{
"content" : [ {
"resource" : "nfrn:tenants:*",
"action" : "tenants:get-tenants"
}, {
"resource" : "nfrn:tenants:*",
"action" : "tenants:get-tenants"
}, {
"resource" : "nfrn:orgs:*:billingkeys:*",
"action" : "billing:create-keys"
} ],
"pageable" : "INSTANCE",
"totalElements" : 20,
"totalPages" : 1,
"last" : true,
"numberOfElements" : 20,
"first" : true,
"sort" : {
"sorted" : false,
"unsorted" : true,
"empty" : true
},
"size" : 20,
"number" : 0,
"empty" : false
}