Introduction
This is the NetFoundry Auth service
Overview
HTTP verbs
NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP verbs.
Verb | Usage |
---|---|
|
Used to retrieve a resource |
|
Used to create a new resource |
|
Used to update an existing resource, full updates only |
|
Used to delete an existing resource |
The PATCH method is not used (yet).
|
HTTP status codes
NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP status codes.
Status code | Usage |
---|---|
|
The actual response will depend on the request method used. In a GET request, the response will contain an entity corresponding to the requested resource. In a POST request, the response will contain an entity describing or containing the result of the action. |
|
The request has been fulfilled and resulted in a new resource being created. |
|
The request has been accepted and is being processed asynchronously Standard response for successful HTTP requests which invoke back-end services. |
|
The server successfully processed the request, but is not returning any content. |
|
The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). |
|
The request lacks valid authentication credentials for the target resource. |
|
The request is authenticated with valid credentials however that set of credentials is not authorized to access this resource. |
|
The requested resource could not be found but may be available again in the future. Subsequent requests by the client are permissible. |
Pagination
Paginated services will accept the following optional request parameters:
Path | Type | Optional | Description |
---|---|---|---|
page |
Integer |
true |
Page you want to retrieve, 0 indexed and defaults to 0. |
size |
Integer |
true |
Size of the page you want to retrieve, defaults to 1000. |
sort |
String |
true |
Properties that should be sorted by in the format |
Pagination response has following structure:
Path | Type | Optional | Description |
---|---|---|---|
content |
Array[Object] |
false |
Actual items. |
totalElements |
Integer |
false |
Total count. |
totalPages |
Integer |
false |
Total pages with current page size. |
last |
Boolean |
false |
If this page is the last one. |
numberOfElements |
Integer |
false |
Actual size of content array (number of items). |
first |
Boolean |
false |
If this page is the first one. |
sort |
Object |
true |
Sort information object. |
size |
Integer |
false |
Requested size of the page. |
number |
Integer |
false |
Page number. |
empty |
booloean |
false |
If this page is empty. |
Authorization
Masquerade
POST /masquerade
Exchange a NetFoundry token with a service identity for a NetFoundry token with a user identity.
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
identityId |
String |
false |
|
audience |
String |
false |
|
claims |
Map |
false |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
token |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/masquerade' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJ3MmtHalJFd3ZhRERsMEMzX0VHbUNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjVlNDIyYzgxLTQwZmQtNDY0Mi1hODVkLTRiMjA5MTM0ZWIyMSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjFmYzJlNmQ2LTMxZDUtNDY1ZC04MmJiLTU0ZGY4OWVjM2Y4NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiN2QyZmY3MzgtNWExOS00MTdmLWEwN2UtMjE5MGY4MjZiMzQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNjVmZmY5ZjEtMWE4Ny00NWY3LTljNTctMWU0NmE0YTkzYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.SfyPKOpUh3aX6gqikkV-hQfb2a_qF6nt6JjtoiMzsavNEvW1iYkjO6o89cSUxXExvW3RMTUXDrOuegU0O43j_nmXA4yZVr4gEK1F1mKw6G22crpfLePl5JUB33Y2D-SZhhf0VJW-6ssl-aH-CwoMrKMIgRkNOvmLfhRKpONoLP5k4o1L9LJ_ZY1-CVoBsq_LBx5lyqE15m48NWdo3bCQRJSBFiD1ufytwV0EcSG4NvQLQqBqAhUEo6tghNNpeGfyNz0ZZsaRMQXIB90O6ibJhmini-COMwRzZ9k5kAL6GLHuq_LwOeHGSfwxFvWffu7oyunRN2IYcwUyoUgUaM0e5A' \
-d '{"identityId":"144e4593-4e7d-4aaa-821e-704dc4f620da","audience":"io.netfoundry.test","claims":{}}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 2372
{
"token" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJVdWZFcVU5Uk56MjU0alNmYldTZjV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE0NGU0NTkzLTRlN2QtNGFhYS04MjFlLTcwNGRjNGY2MjBkYSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkudGVzdCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODUxODMxLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjBiYTE3NjkwLTRmNzMtNDA4MC1hYWNiLTUxMDNhNTg4OTA2M1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM30se1wiaWRcIjpcIjBhMWEzZDYxLThmNWItNDAxNi1iNGNkLTAyOTE2OWM4MjY1YlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiN2QyZmY3MzgtNWExOS00MTdmLWEwN2UtMjE5MGY4MjZiMzQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNjVmZmY5ZjEtMWE4Ny00NWY3LTljNTctMWU0NmE0YTkzYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjp0ZXN0czoqOmZvb3M6KiJdLCJhY3Rpb25zIjpbInRlc3RzOmNyZWF0ZS1mb28iXX1dfQ.OjYgspzvawdLtD6wxB7wrzgPnbqJu5d_3J5TkjBi8j6or8asHU2z270glhPKMG_YSyqo4YcgYTO7E-xrGGUwKXgf7TmdQLy4g9t9uRqWdztnuREmn9yIVwyCAdoTPE8gqEHKG3H7Nvq889rcy2rLbqzHYA1hFCGCS6dWyK2LJzjYOEeDhqSkVPt2x2MjWygkpVs1-zgUnM0io0UeRUbnAudAeKTCdLNQvXvUQ2D_LFV7IwA0BVZngJab2h_ariMhvDLUjBB8JWs48VsuaIlVEf_sXd9HImjitVq6eWmJspGy4OHoH_1QYVrGAp8b11nxxRs8qTjJWOKrjJFYmQT2hQ"
}
Core Authorization Resources
Domains
Find Domains
GET /domains
Returns a set of {@link Domain}s that the client is authorized to read.
Authorization
This endpoint requires read
action on the domain
resource type.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].name |
String |
false |
A human friendly name which can be used for UX purposes. Size must be between 1 and 256 inclusive. |
[].code |
String |
false |
A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain. Must match the regular expression |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link Domain} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/domains' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiI2bUlWaHhhR3hLMzZsN0JVdE1mVkdRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjhhZjY2MDlkLTc4NzctNDBhYi05NmFkLWM3ZDBlNjFhZTZmNSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOCwiZXhwIjoxNjc0ODU1MTI4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZmVmM2Y0MGUtNDk5Ni00N2YxLThlOTctM2I0MTBjYTlmZDIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.ANuT1iMqo5HKtYFawQiOLSSqGnoSC4VGONfcabIATX0JxfeGCeqte0Hq-MpSiZx-wpYXS9CJNOopY06O12UsMqtsddNx3e8XPxDjifMQtWqWjCPjORYUiJaeK3ddY78tc_ODzE9m9ErkSbOx2FzI-jW21GqSuP-whcnfmAZAz6gq8kQdbwwpSEPoiVb8FJMS8ZzJd9NAC5BFFC5bAvxITsg-ZgMyE1AFYja6BOgES05wZgqOHrun8h3mgP_Bzps7k0F6T6UCfxqoLZhJ1fnmOp-Ew1a_P8Zw4_wojKvEJFTYJH6maqehUNRDIp-afmoii9G_sI4DvMtOWwdmk995rA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 913
[ {
"id" : "07127c5a-b56c-4f2a-8605-5957a728fcc2",
"name" : "Organizations and Identities",
"code" : "io.netfoundry.identity",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:58.431750Z",
"updatedAt" : "2023-01-27T20:31:58.431750Z",
"_title" : "Organizations and Identities"
}, {
"id" : "a5e9c7b1-3a74-49b6-aabf-c61a2b628a46",
"name" : "Management",
"code" : "io.netfoundry.management",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:32:00.084322Z",
"updatedAt" : "2023-01-27T20:32:00.084322Z",
"_title" : "Management"
}, {
"id" : "135a068c-041c-47da-a323-67d46dac9934",
"name" : "Test Domain 3",
"code" : "test.domain.3",
"createdBy" : "5ce0d63a-11a5-437c-9168-93ca93fce110",
"createdAt" : "2023-01-27T20:32:07.257017Z",
"updatedAt" : "2023-01-27T20:32:07.257017Z",
"_title" : "Test Domain 3"
} ]
Get Domain
GET /domains/{idOrCode}
Authorization
This endpoint requires read
action on the domain
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
idOrCode |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
A human friendly name which can be used for UX purposes. Size must be between 1 and 256 inclusive. |
code |
String |
false |
A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain. Must match the regular expression |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link Domain} was created. |
updatedAt |
String |
false |
The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/domains/daeed4f4-bebe-4646-ac40-3e3d81f8b3fa' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJPUzlneWVMWFE4OFQ3dXRLRDRHTmlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjBmMmU0OTY5LTE0ZDQtNDk1ZS1iNTdjLWU1NTg5ODBhMmNmOSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOCwiZXhwIjoxNjc0ODU1MTI4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjdjMzBlYjItZDIwNy00ODg3LWI5YjUtNWZhZmZlMDI5MWUzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.xG7CvCCJGjc5AmdX-A0fEL2bpmfnqCkA29zcKhF4qKQ_3Wjco6A2HzSGoWht7NrRlSBbXkd4AzgNI60qr4eXjxWNWqCmF4dU_YVem_fVgJweLrHeWnmTHJQpUaaPJYL7hHiJC3rZ5euXD3T6NRVnynBbRygSOQH8bh1gAb_mGTAZvi-fiO8MdUXIQrsCjeHs1DDNv8dzHPyU-bxpPx9_hCZRZku-kqhG63_Zi8YR8vEGI5osrDxNF-nkt5ptQVmZSRLjewNc9ulF6KBho5kyRfGxRYpcGdFVMlRRqF3Zk3ymDnY4T9nST2D95CdisJIQODuk2ElDNbmNCVZfN7-tog'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 288
{
"id" : "daeed4f4-bebe-4646-ac40-3e3d81f8b3fa",
"name" : "Test Domain",
"code" : "io.netfoundry.test",
"createdBy" : "3854bb13-84a8-4378-aad3-0589c57ddb77",
"createdAt" : "2023-01-27T20:32:03.833413Z",
"updatedAt" : "2023-01-27T20:32:03.833413Z",
"_title" : "Test Domain"
}
Get Domain
GET /domains/{idOrCode}
Authorization
This endpoint requires read
action on the domain
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
idOrCode |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
A human friendly name which can be used for UX purposes. Size must be between 1 and 256 inclusive. |
code |
String |
false |
A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain. Must match the regular expression |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link Domain} was created. |
updatedAt |
String |
false |
The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/domains/io.netfoundry.test' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJMSEVWR1R1TGxCRmQ2eTh2OHJVUUVRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjkwY2QzZmEyLTQzMjgtNDJkYi1hN2U2LTUxMjk4MDc0YjFmMCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOCwiZXhwIjoxNjc0ODU1MTI4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZmQ4NWY5NzgtMzdjMC00YTQxLTkxNDYtMTAxZmMxMTU4NDhiXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Xp9M-Q3CJ5gdh5YV-TLU4mun4kj8rtoJa1jSG6xUM3OOpJEpZQgx5PUNeTwGlc1Ev__0CRc1jhLnFCdVd2geEqdfIP2jOqlkCC_aX7jEJHp_Z6NpftZEW4iZv7j_jZnrRWKB5wb-uWGIF1NPlDR4dzVe7PNC3YmdXFwQSQvQKTKNHmG5YUYY5GrFEazdqQTSjLGPN80lvPrHBPRruPe76U4bJ7axN3nkVmbaehjCI36_mS9HTNyNDZSvaRqGoVriwLIHDBV6XjLb23IVoRkTkX4YvWdt3FepahH_9ugE-1d6yqJ2nUMta3oTpuTE2iurN9djWJjek5b-AD0Dok2f0A'
Example response
HTTP/1.1 200 OK
Content-Disposition: inline;filename=f.txt
Content-Type: application/json
Content-Length: 288
{
"id" : "daeed4f4-bebe-4646-ac40-3e3d81f8b3fa",
"name" : "Test Domain",
"code" : "io.netfoundry.test",
"createdBy" : "3854bb13-84a8-4378-aad3-0589c57ddb77",
"createdAt" : "2023-01-27T20:32:03.833413Z",
"updatedAt" : "2023-01-27T20:32:03.833413Z",
"_title" : "Test Domain"
}
Create Domain
POST /domains
Authorization
This endpoint requires create
action on the domain
resource type.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
false |
Size must be between 1 and 256 inclusive. |
code |
String |
false |
Must match the regular expression |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
A human friendly name which can be used for UX purposes. Size must be between 1 and 256 inclusive. |
code |
String |
false |
A globally unique value that can be used by code to namespace other values which only have to be unique within a domain, such as a resource’s key. This value must be formatted as an inverse domain name. For example, "io.netfoundry.authorization" for the colloquial 'authorization' domain. Must match the regular expression |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link Domain} was created. |
updatedAt |
String |
false |
The date-time at which this {@link Domain} was updated. The only supported 'update' on this bean is to mark it as deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/domains' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJnMm1WZ2JGUHV3MjgyNTlCWmgwWlFnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImQ1MGQyY2U2LTFiOTEtNDg5NC05YjM0LWQ3ODI5MDg3MTkzNSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOCwiZXhwIjoxNjc0ODU1MTI4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYzIyMGRjN2ItM2YxMi00ZDllLWI5ZWItNTYwNzU4Nzk4NWM3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.MBEnLw2jTu7irjXKLLn1hFTXXc-eG5oLt93IriRx9veRHKZikIchjKOFNDkUj44OHX_ziJsN7o0lpIr5l4-WNfaKAacimaXvXOH8qsdxGAs8U1aUyXcXrIaFWQX7qcfrjB7dEJNKXNtzedvzMyp0RuuyhN3MeRdiMa5JASpunlGiodL08sfX3ChOCA41yBTtqQFWOwPIgEN8U_eZFHnPKwo5kXSRl03fuRgyFQlftl6k3_SZjOiaXgzLUJ4zPOjMyvMb_9_PajP7lJaDXK0aFwClzU8a7Z3VHE4YGNCngAtQuqmxRmcZwnsAmO5kf-mAAxJpVL9ZyT9WNz4W7fRcjA' \
-d '{"name":"Other Test Domain","code":"other.test.domain"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 299
{
"id" : "40d46fbd-04f4-468f-bd60-a03f931d0136",
"name" : "Other Test Domain",
"code" : "other.test.domain",
"createdBy" : "d50d2ce6-1b91-4894-9b34-d78290871935",
"createdAt" : "2023-01-27T20:32:08.338024Z",
"updatedAt" : "2023-01-27T20:32:08.338024Z",
"_title" : "Other Test Domain"
}
Resource Types
Find Resource Types
GET /resource-types
Returns a set of {@link ResourceType}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read
action on the resource-type
resource type.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
domainId |
Object |
true |
Filters results to those that are in one of the specified {@link Domain}s. |
code |
Object |
true |
Filters results to those matching one of the specified codes. |
parentId |
Object |
true |
Filters results to those that are an immediate child of one of the specified {@link ResourceType}s. |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].domainId |
String |
false |
The id of the domain within which this {@link ResourceType} exists. |
[].name |
String |
false |
The human friendly name of this {@link ResourceType}. Size must be between 1 and 256 inclusive. |
[].code |
String |
false |
A unique value (within the domain) that can be used by code as a reference to this resource type. These values should almost always be the simple type name of the resource class, such as "BillingAccount". Must match the regular expression |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link ResourceType} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link ResourceType} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].childrenIds |
Array[Object] |
true |
Returns the id of {@link ResourceType}s that are children of this. |
[].parentId |
String |
true |
Returns the id of the parent {@link ResourceType} or null if this is a root. |
[].depth |
Integer |
true |
Returns the depth of this {@link ResourceType} within the tree, where a root {@link ResourceType} has a depth of 0. |
[].root |
Boolean |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-types' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJ5V1BpT1VPaTR5VWRkaEtXWFd2cTFnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImRhMmQ4MGMyLTA3OTktNDIwNC1iYmVjLWUxMGE1M2ExNTAwOSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMDY3ZmI4ODgtOTkyNy00NDVkLWI2YjQtMDBkOTFiMDU3ZTgxXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.XXK-XmlqK1_ymTplL1VI_c6yLbXF84kzTvJI-i-PLofIRl2enRpd9j5VcK0m1kMbTjSzMoXjH_N0XcYVesK1x00s73uDmXHNlK9JMbd3_zkZS_TL8Lti5hh5BnGSrkoaH0kLoVvMuPIxL6U50A5j0rRcXcw8QqXOARLLYP_nQr6K2mZgUq-OuWDogce_D0Jt-fyZU58pcUr5j38Iy8ZOPogQSy4CwWaWX6_bPdBYDZClEv-BPuZrbv-rGt4LyNFbx4pGlWMdEOmCnugr-WjsivSAG7qDUQPrF5qC2NfwcJGUaXoQAE230tgoTNHRxJuASPYbcmNnBeIUU4y12YEnoA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1353
[ {
"id" : "36ba970f-a7de-4f31-acb3-997b63b26264",
"domainId" : "07127c5a-b56c-4f2a-8605-5957a728fcc2",
"name" : "Identity Preference",
"code" : "identity-preference",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:32:00.118050Z",
"updatedAt" : "2023-01-27T20:32:00.118050Z",
"childrenIds" : [ ],
"parentId" : "20393fa5-3598-47e9-b93e-3cd129285b1c",
"depth" : 2,
"root" : false,
"_title" : "Identity Preference"
}, {
"id" : "fa2b5d70-b42e-4633-9749-b66b063cd3f6",
"domainId" : "07127c5a-b56c-4f2a-8605-5957a728fcc2",
"name" : "Service Identity",
"code" : "service-identity",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:58.433444Z",
"updatedAt" : "2023-01-27T20:31:58.433444Z",
"childrenIds" : [ ],
"parentId" : "2fce6233-3a71-4a4a-8947-f7844f58bbfb",
"depth" : 1,
"root" : false,
"_title" : "Service Identity"
}, {
"id" : "f8cfffdd-e808-4027-8431-7783667a372d",
"domainId" : "135a068c-041c-47da-a323-67d46dac9934",
"name" : "Test Type 4",
"code" : "Test-Type-4",
"createdBy" : "9a4a14dc-e3b8-414c-a6ed-4a661220541e",
"createdAt" : "2023-01-27T20:32:07.264777Z",
"updatedAt" : "2023-01-27T20:32:07.264777Z",
"childrenIds" : [ ],
"parentId" : null,
"depth" : 0,
"root" : true,
"_title" : "Test Type 4"
} ]
Get Resource Type
GET /resource-types/{id}
Authorization
This endpoint requires read
action on the resource-type
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
domainId |
String |
false |
The id of the domain within which this {@link ResourceType} exists. |
name |
String |
false |
The human friendly name of this {@link ResourceType}. Size must be between 1 and 256 inclusive. |
code |
String |
false |
A unique value (within the domain) that can be used by code as a reference to this resource type. These values should almost always be the simple type name of the resource class, such as "BillingAccount". Must match the regular expression |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link ResourceType} was created. |
updatedAt |
String |
false |
The date-time at which this {@link ResourceType} was updated. The only supported 'update' on this bean is to mark it as deleted. |
childrenIds |
Array[Object] |
true |
Returns the id of {@link ResourceType}s that are children of this. |
parentId |
String |
true |
Returns the id of the parent {@link ResourceType} or null if this is a root. |
depth |
Integer |
true |
Returns the depth of this {@link ResourceType} within the tree, where a root {@link ResourceType} has a depth of 0. |
root |
Boolean |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-types/3f9ae78f-844c-4ce9-ac54-a5187715b4ea' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJqT1RPN1VPQnozc1FjSU9lNlNUVGxRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijk2NTZkM2Q4LTNlZWEtNDQ1OS04ZWFkLTBiOTU2ZmIyZTk4YiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZWU1MDhkOWQtODhmMS00ZTA3LWI2YjQtMmE1ZDRmM2M4MTMwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.iTz76W4eXd-O13Brd6WUucpatZUyyBktxD-3XNarinMuCvglxiujh-2hmXQpX2VsY0Gf3wIK2ls2afAapw09cn8nzTBqwEmE7FuiI6I_LmBdN1FANQmhG68P1dIRp5VuzD8J8N6jPXg4Pi6-yB7e9vd8CBaXcL5DK3fJrs5YElykHl965PBe55LRc40TtXdSDfpeOjS8SXlq0iJUYqLCM8ehiC1QB4UQnzB9d1oBaZ9OlB1Ix1N4QY_3YrLQE7dEYe0ftBUMavO2_jKkJrFHhnvsAvG8Ie1-fN7lg8b4kvO27ZEiUDrFQ1MkpNFO-8XgRIcu2ewjkvV53eAaLwyJBQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 406
{
"id" : "3f9ae78f-844c-4ce9-ac54-a5187715b4ea",
"domainId" : "daeed4f4-bebe-4646-ac40-3e3d81f8b3fa",
"name" : "Test Type",
"code" : "test-type",
"createdBy" : "ee2e1ea2-f00b-4c67-8215-2675a3258a1a",
"createdAt" : "2023-01-27T20:32:03.869040Z",
"updatedAt" : "2023-01-27T20:32:03.869040Z",
"childrenIds" : [ ],
"parentId" : null,
"depth" : 0,
"root" : true,
"_title" : "Test Type"
}
Create Resource Type
POST /resource-types
Authorization
This endpoint requires the following actions:
-
create
action on theresource-type
resource type -
read
action on thedomain
resource type -
read
action on theresource-type
resource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
domainId |
String |
false |
Client must have |
parentId |
String |
true |
Client must have |
resourceType |
Object |
false |
|
resourceType.name |
String |
false |
Size must be between 1 and 256 inclusive. |
resourceType.code |
String |
false |
Must match the regular expression |
resourceType.children |
Array[Object] |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
domainId |
String |
false |
The id of the domain within which this {@link ResourceType} exists. |
name |
String |
false |
The human friendly name of this {@link ResourceType}. Size must be between 1 and 256 inclusive. |
code |
String |
false |
A unique value (within the domain) that can be used by code as a reference to this resource type. These values should almost always be the simple type name of the resource class, such as "BillingAccount". Must match the regular expression |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link ResourceType} was created. |
updatedAt |
String |
false |
The date-time at which this {@link ResourceType} was updated. The only supported 'update' on this bean is to mark it as deleted. |
childrenIds |
Array[Object] |
true |
Returns the id of {@link ResourceType}s that are children of this. |
parentId |
String |
true |
Returns the id of the parent {@link ResourceType} or null if this is a root. |
depth |
Integer |
true |
Returns the depth of this {@link ResourceType} within the tree, where a root {@link ResourceType} has a depth of 0. |
root |
Boolean |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-types' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJ4ZDB4VG9rcFBSc25Ec2xkV2RJTFJ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjEwZDI3NWI3LWFkYzMtNGM2Yy1hMDc3LWFmOTQ1OWMwYWMzMCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjRiYTlkZDctNTAxNi00ZDI5LThmNzctMDlkNjBhNzUzY2JkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMxfSx7XCJpZFwiOlwiMDJiNzM2YjAtYmIyMC00ZTNkLWE2ODEtZDllY2QxOThmNDhmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMxfSx7XCJpZFwiOlwiNWU1ODYxYWUtN2M1My00Y2YyLWI5MzYtYTM5OWJmZWZjYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.oLRrZrtDibp_C5BI1biX5gC5iNu4YAyrkeY6kfzqe303BvSRGtECE2ofndZMRXbr4nx3-VoXfOUZOkyCtQABxmoxs0B9PX2C038DPyipQVOqBwb-DdcdwpCAiJK89s6eE4bxJ2YxkcSpFKz9jfeJeajwGhC8ykommNeGFGG9p0BzcSAT_ZAWxOm4iVlOVeYy2UjQvjhA3-FyjghcIdqwWm_2MbLr51GWKexwVha9VFCDHlRQWg2SElxwhV4aswOaQbvEwAb2uCbTs66ppKh-2aWfOyAfsyLivQNL3T7LA7Qcez9qeZtI5kcw5uopubl6pJs5PZj315yQbFQoTdYA5g' \
-d '{"domainId":"daeed4f4-bebe-4646-ac40-3e3d81f8b3fa","parentId":"3f9ae78f-844c-4ce9-ac54-a5187715b4ea","resourceType":{"name":"Another Test Type","code":"anoter-test-type","children":[]}}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 464
{
"id" : "9a65cb25-8988-49de-b0c2-820b30fceaac",
"domainId" : "daeed4f4-bebe-4646-ac40-3e3d81f8b3fa",
"name" : "Another Test Type",
"code" : "anoter-test-type",
"createdBy" : "10d275b7-adc3-4c6c-a077-af9459c0ac30",
"createdAt" : "2023-01-27T20:32:11.942494Z",
"updatedAt" : "2023-01-27T20:32:11.942494Z",
"childrenIds" : [ ],
"parentId" : "3f9ae78f-844c-4ce9-ac54-a5187715b4ea",
"depth" : 1,
"root" : false,
"_title" : "Another Test Type"
}
Resource Actions
Find Resource Actions
GET /resource-actions
Returns a set of {@link ResourceAction}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read
action on the resource-action
resource type.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
code |
Object |
true |
Filters results to those matching one of the specified codes. |
resourceTypeId |
Object |
true |
Filters results to those that apply to one of the {@link ResourceType}s specified. |
domainId |
Object |
true |
Filters results to those that are in one of the specified {@link Domain}s. |
customRoleId |
Object |
true |
Filters results to those that are granted by one of the specified {@link CustomRole}s. Only non-deleted {@link CustomRoleAction}s are considered. |
standardRoleTypeId |
Object |
true |
Filters results to those that are included in one of the specified {@link StandardRoleType}s. |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].resourceTypeId |
String |
false |
The type of resource that this {@link ResourceAction} applies to. |
[].name |
String |
false |
A human friendly name for this action. This should be a verb only, such as "Create", "Grant", "Remove", "Activate", "Update", "Delete", etc. This can contain more than one word, and spaces are permitted and encouraged if more than one word is present. Words should be initial-caps. This value will be appended with the names of other entities, such as a resource type name, in order to compute names for the composition of this with another entity. For example, if this action is "Create" and it is composed with a resource type named "Network", then the resulting composition may be named "Create Network". Size must be between 1 and 256 inclusive. |
[].code |
String |
false |
Used by code as a reference to this action. These values should almost always be a simple verb such as "create", "update", "grant", "fetch", etc. Lower-case and hyphen separation of words is encouraged. Since this is used by code, the key value have a limited alphabet of letters, numbers, and hyphens. This value must be unique among the set of {@link ResourceAction}s targeting the same resource type. Must match the regular expression |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link ResourceAction} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link ResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].standardAction |
Boolean |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-actions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJ1NjdJU0wtNDVuemVWWmVFUmhxYVdBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNmZDk4MWNmLWM5NWMtNDYyMC04NzlmLTUyODhmZjUxMzFhZiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYjNkN2Q1MmMtMmE4OC00YmRjLTg5OWUtNzg2NDU2ZTNjYWYwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.JB32fJdy9CheOENiOYEl4qBtN0djiFobr-YOsYoVmtN_YGEwFVNdrQOXpzWnt_qk5N42MXkzvckoohLv_o4t6T9tC1JAJbnVKT3zUo3Hr-XQYkrvBIpOOiOR7urUnISXsdJopWHVyo18sv8EVbmryRuo90Ak5ObRzAfZ9ndPUNc2mebfGtCRQKuNs9BUY-gNYFREq-Lwc0sgCbokGRjwPYi9Yng_eZIxC9fdHvm59trXc_6RZrD_46KmaC6jSV2cKRCw5GIMQxZf3-9CH-ZY-sqcGY40V5Jax7zS1ge4dO-OwB6pmTxOQ9l0MO6w58wZBGljQIMfeBslTErGPFieAw'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1161
[ {
"id" : "58d1b8c7-e422-445e-acbb-38922766bd15",
"resourceTypeId" : "2fce6233-3a71-4a4a-8947-f7844f58bbfb",
"name" : "Create Identity Provider",
"code" : "create-identity-provider",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:58.590723Z",
"updatedAt" : "2023-01-27T20:31:58.590723Z",
"standardAction" : false,
"_title" : "Create Identity Provider Organization"
}, {
"id" : "63e3f816-b69f-48f1-a69c-97ff929d081c",
"resourceTypeId" : "aeecff41-1b31-49ee-8b11-0edd6b398e21",
"name" : "Delete",
"code" : "delete",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:58.475395Z",
"updatedAt" : "2023-01-27T20:31:58.475395Z",
"standardAction" : true,
"_title" : "Delete Geo Region"
}, {
"id" : "e33e31c0-e50e-436e-bfc5-3b3a992b3426",
"resourceTypeId" : "565f882f-d795-4ba4-8999-fe77b7252a34",
"name" : "Create",
"code" : "create",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:58.826396Z",
"updatedAt" : "2023-01-27T20:31:58.826396Z",
"standardAction" : true,
"_title" : "Create Custom Role"
} ]
Get Resource Action
GET /resource-actions/{id}
Authorization
This endpoint requires read
action on the resource-action
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
resourceTypeId |
String |
false |
The type of resource that this {@link ResourceAction} applies to. |
name |
String |
false |
A human friendly name for this action. This should be a verb only, such as "Create", "Grant", "Remove", "Activate", "Update", "Delete", etc. This can contain more than one word, and spaces are permitted and encouraged if more than one word is present. Words should be initial-caps. This value will be appended with the names of other entities, such as a resource type name, in order to compute names for the composition of this with another entity. For example, if this action is "Create" and it is composed with a resource type named "Network", then the resulting composition may be named "Create Network". Size must be between 1 and 256 inclusive. |
code |
String |
false |
Used by code as a reference to this action. These values should almost always be a simple verb such as "create", "update", "grant", "fetch", etc. Lower-case and hyphen separation of words is encouraged. Since this is used by code, the key value have a limited alphabet of letters, numbers, and hyphens. This value must be unique among the set of {@link ResourceAction}s targeting the same resource type. Must match the regular expression |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link ResourceAction} was created. |
updatedAt |
String |
false |
The date-time at which this {@link ResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
standardAction |
Boolean |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-actions/5228cb09-86c7-4d46-9fbd-f63d06c36f0b' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJFTEI3RGRzSVRoam5kLXE5a1QteGZRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImVhOWEwMmY2LTljYjktNDg4My1iOWI3LTVjOWQyYzM4ZTIyZiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMmViZmQ1NzctMjM5NS00ZGUxLWJhNzItNTQ0ZTdmZGQzOWZmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.N4UC7czdh7vFS7R6IOm5jotb4uPwbyJZqz66DVYBP1JhSdo26vy0T5Tj11mmw9-DOdW1ekLLKSlHA2J9pln2c3cj-nHqVISoxkYdplis4VwMU7OI3hHjpbe6bsVwr_tG0MKsR7l2Hg1Fhp_3P-jUXttGd9JHJDA81u8BRFjLMCmsp1LyqaWZs9a9Jga9InxqgOYyDYx-0c0d-w2eKTdo1PU3j8BsvaIlG6-f6nYmi2SYe2-xFHEVF6-Ieds8YgfRAIxJLLh4nh3XhqDv5Bv7feU6nEeb9yd584JKyeYpghGmE1OwwKiEPI8qYLVijEqKPqO3yQbSAt6v8NiFzImGjg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 380
{
"id" : "5228cb09-86c7-4d46-9fbd-f63d06c36f0b",
"resourceTypeId" : "3f9ae78f-844c-4ce9-ac54-a5187715b4ea",
"name" : "Test Action",
"code" : "test-action",
"createdBy" : "dbe7ba04-a464-407e-839b-16c091da23b1",
"createdAt" : "2023-01-27T20:32:03.877974Z",
"updatedAt" : "2023-01-27T20:32:03.877974Z",
"standardAction" : false,
"_title" : "Test Action Test Type"
}
Create Resource Action
POST /resource-actions
Authorization
This endpoint requires the following actions:
-
create
action on theresource-action
resource type -
read
action on theresource-type
resource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
resourceTypeId |
String |
false |
Client must have |
actions |
Array[Object] |
false |
|
actions[].name |
String |
false |
|
actions[].code |
String |
false |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].resourceTypeId |
String |
false |
The type of resource that this {@link ResourceAction} applies to. |
[].name |
String |
false |
A human friendly name for this action. This should be a verb only, such as "Create", "Grant", "Remove", "Activate", "Update", "Delete", etc. This can contain more than one word, and spaces are permitted and encouraged if more than one word is present. Words should be initial-caps. This value will be appended with the names of other entities, such as a resource type name, in order to compute names for the composition of this with another entity. For example, if this action is "Create" and it is composed with a resource type named "Network", then the resulting composition may be named "Create Network". Size must be between 1 and 256 inclusive. |
[].code |
String |
false |
Used by code as a reference to this action. These values should almost always be a simple verb such as "create", "update", "grant", "fetch", etc. Lower-case and hyphen separation of words is encouraged. Since this is used by code, the key value have a limited alphabet of letters, numbers, and hyphens. This value must be unique among the set of {@link ResourceAction}s targeting the same resource type. Must match the regular expression |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link ResourceAction} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link ResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].standardAction |
Boolean |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resource-actions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiIwUjNNOU5JR0JfeXhHTk5tZUVwNDJ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImVkNGQxOTY3LWYwZjgtNDlhYy1hYTU5LTAwOWRiZmE4MmYxMCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNmE2ZDUzODctY2ZiNC00ZDM2LWI0NWUtYzk2YWYyY2NhY2E0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYzc4YmU0NzUtZGFlOS00N2U4LTk2NGQtNDBkY2U2NWM4YTFhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.h7fIpIwWAnDkjaWAej3cngHtWtTSAyNEEgWuI_Ck5TLjfUz4Xl_T4FkiqYdcIN2-bwDdFC1o7tJnsfhPv1RTtcgHt3IISg7eyEimFlR2htLyRARYlgmAZO8CfN9j3s420RcT7IYKfUIVTTmhaJvYKsDGlDJIfBJZqdAEdlBczv7bl0RKup0u_lXMkIc4EZp8CytUm8MFI2mhGq2DuJaHTtbuaLZ-BzKpxM8q1cVDay5x4U0UmEIvXNaw3M7qxRsxdf018sedW6YWwMSyZaBSg7Eh1uQSC2E1tGO1M5s6R9O45LqR0N537fDAZbqE8odsIq-E0NMt-i7XCK84Ps-HAg' \
-d '{"resourceTypeId":"3f9ae78f-844c-4ce9-ac54-a5187715b4ea","actions":[{"name":"Update Custom","code":"update-custom"}]}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 390
[ {
"id" : "e546c82e-26f7-4474-b3d8-3d18604b1bd9",
"resourceTypeId" : "3f9ae78f-844c-4ce9-ac54-a5187715b4ea",
"name" : "Update Custom",
"code" : "update-custom",
"createdBy" : "ed4d1967-f0f8-49ac-aa59-009dbfa82f10",
"createdAt" : "2023-01-27T20:32:10.208147Z",
"updatedAt" : "2023-01-27T20:32:10.208147Z",
"standardAction" : false,
"_title" : "Update Custom Test Type"
} ]
Authorization Grants
Grants (abstract)
Find Grants
GET /grants
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
grantType |
Object |
true |
|
identityId |
Object |
true |
|
resourceActionId |
Object |
true |
|
path |
Object |
true |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].grantType |
String |
true |
The concrete type that this virtual {@link Grant} is based upon. Never null. Must be one of [CustomRole, IdentityResourceAction, PublicGrant, SuperUser]. |
[].grantId |
String |
true |
The id of the concrete grant resource on which this virtual {@link Grant} is based. If the grant type has separate resources for the grant and the privileges, then this will reference the grant resource (the resource with an identity id.) Never null. |
[].privilegeSourceId |
String |
true |
The id of the concrete {@link PrivilegeSource} from which this grant is based. Some grant types combine the grant and privilege aspects into a single resource. For example, a {@link SuperUser} is both a grant (it specifies an identity id) and a privilege source. In other cases, such as a {@link CustomRole} and {@link CustomRoleGrant}, they are separate. When they are the same resource, this value will match the grantId value. Never null. |
[].identityId |
String |
true |
The identity id of the holder of this grant. Almost never null, with the one exception of a grant made to all users (or all authenticated users.). |
[].privileges |
Map |
true |
The set of privileges that this grants. These are organized as a stack of 3 Maps where the keys are the domain code, then the resource type code, then the action code, and the leaf value is a set of paths on which that action can be performed. |
[].createdBy |
String |
false |
The identity id that created the grant. |
[].createdAt |
String |
false |
The date-time at which the grant was created. |
[].deletedAt |
String |
true |
The date-time at which the grant was deleted. This will be null for an grant that has not been deleted. If this property is not null, then the grant is 'marked' as being deleted. |
[].deletedBy |
String |
true |
The identity id that deleted the grant. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/grants' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJKOFVJcnZWcVFHM094Z2lIRjlxUUV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImVkOWRkOWY1LWNiZjUtNGM2Yy05M2FmLTFiZDQxNWVmMjQ3ZiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyNywiZXhwIjoxNjc0ODU1MTI3LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjBkMTVhNzZjLTA3MTMtNDhlYy1iYjMyLTE5N2E0MDc5NTRiYVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyN31dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.qd4qfvWTaR91GApQbY7v3WA_pR2Gmv4XsvW3easlPF_Szx0GMm-GI34heeRxr06-mf_mGeQDPa5uvBzYgeQFv3FWCLDMJaLu48z7w0fubMfLpGYJXI_WdXqZSIHrZ6jQDs0qz8jt7uwUCsztf169L8kX8XmkW1s8QrASFrckT5y5hUNA59J4ciOY94jsqhG_ZHvqCkfgA7Y1isRXm7jGtIVkh73RHJOFT9BpyVHwNMYVq9H1mIdiyVuAmUENJX2q8cBkrJsLGUsdhVxLKwJhLLmQePpQkzLw7Wcnmn6s6JVOmrcCaPefgHAtKvkGXfK9g-B46bBZphAHuLshvFXqGg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1745
[ {
"grantType" : "IdentityResourceAction",
"grantId" : "51fc22d2-2b96-40ee-a75c-e5435ee5d6db",
"privilegeSourceId" : "51fc22d2-2b96-40ee-a75c-e5435ee5d6db",
"identityId" : "0ed768fa-7214-4404-8335-a715156dff45",
"privileges" : {
"io.netfoundry.network" : {
"data-center" : {
"read" : [ [ ] ]
}
}
},
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:59.710467Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read Data Center, All to identity 0ed768fa-7214-4404-8335-a715156dff45"
}, {
"grantType" : "IdentityResourceAction",
"grantId" : "c80a961e-877c-4617-9290-09b7707499a4",
"privilegeSourceId" : "c80a961e-877c-4617-9290-09b7707499a4",
"identityId" : "50f24a8c-4845-4b69-83a9-00d53f1d7da2",
"privileges" : {
"io.netfoundry.network" : {
"network" : {
"delete" : [ [ ] ]
}
}
},
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:59.697434Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Delete Network, All to identity 50f24a8c-4845-4b69-83a9-00d53f1d7da2"
}, {
"grantType" : "IdentityResourceAction",
"grantId" : "a00e9564-34fe-4ca6-86a3-7a7248f79d28",
"privilegeSourceId" : "a00e9564-34fe-4ca6-86a3-7a7248f79d28",
"identityId" : "26690eb4-92e9-4ed0-acbe-6e26564eae99",
"privileges" : {
"io.netfoundry.identity" : {
"organization" : {
"create" : [ [ ] ]
}
}
},
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:59.437247Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Create Organization, All to identity 26690eb4-92e9-4ed0-acbe-6e26564eae99"
} ]
Super-User Grants
Find Super Users
GET /super-users
Returns a set of {@link SuperUser}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read
action on the super-user
resource type.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
identityId |
Object |
true |
Filters results to those that grant to an identity specified in this set. |
domainId |
Object |
true |
Filters results to those that grant access to one of the specified {@link Domain}s. To search for {@link SuperUser}s that explicitly grant access to all domains (ie, the domainId is null), include this query parameter with no value. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].identityId |
String |
false |
The id of the identity to whom super-user access has been granted. |
[].domainId |
String |
true |
An optional {@link Domain} id, which when set indicates that this super-user is limited to {@link ResourceAction}s in the corresponding {@link Domain}. When not set, this super-user applies to all {@link Domain}s, present and future. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link SuperUser} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link SuperUser} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link SuperUser} was deleted. This will be null for an {@link SuperUser} that has not been deleted. If this property is not null, then the {@link SuperUser} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/super-users' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJlWF9QMkliMVpPTjlIa282SzhEQXRnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjZhYzUyZWYyLWE4ZGMtNDRhNS05ZGM5LWE5ODdiNWJkMDMwMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNTBlODljYmItNjEyZS00NzRlLTk4MzQtN2QwZDdkZWQwOWIwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.ZT8AUb_G53DOfiZJ7nrmL_lC3aaRsFz6FZWqajANUri5xO2pbCZJHwocNj1X8Q2Hj8Wkbf7FXHSFiOWvKxM22MyG9Ijf7A2c7NZsCshAYCSrhZ7tjv7VMC0yN8b6RN3m4QVObh42oP7_Whv2CGPmEyD1TeIXNHbPC8mMsqz1_mHgsEG-ivQY_82TuTRDtqxibQcJSR1uhwD5raC0fmFIPy4lFMuPlvQy1Q_PjPKU5bCRwacl_UXxbbq2OBez7fRCjuRjzsH_TrpdyxiiOFZEIiUoMJsnkT0uqFDJABiNzdZ8B-ichYE6G-mBi9J9ahag_yQ1egAnXVdPAfiYYpynqg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1472
[ {
"id" : "ca437a02-8b98-4ba4-ad2f-f3ea09a358a2",
"identityId" : "0563ec25-8cb9-48ff-8677-3e36f5384a53",
"domainId" : null,
"createdBy" : "03b01ed5-cd62-438c-b4bd-0204cfa90967",
"createdAt" : "2023-01-27T20:32:11.347024Z",
"updatedAt" : "2023-01-27T20:32:11.347024Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in All Domains to identity 0563ec25-8cb9-48ff-8677-3e36f5384a53"
}, {
"id" : "4cb23342-fe1c-4b76-ae26-56d287affedd",
"identityId" : "f2e219ea-6d99-47d5-8816-035fc23e1153",
"domainId" : null,
"createdBy" : "40148a50-09e6-462c-aec2-cb361a3c8c1d",
"createdAt" : "2023-01-27T20:32:06.068303Z",
"updatedAt" : "2023-01-27T20:32:06.068303Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in All Domains to identity f2e219ea-6d99-47d5-8816-035fc23e1153"
}, {
"id" : "5d1377ee-ef29-4fc8-b892-8a3898064b67",
"identityId" : "c8f1ac64-e0d1-4cd3-80e4-6cc3744497b2",
"domainId" : null,
"createdBy" : "cfb00b4d-7230-447f-a7d2-72b08db4f6dd",
"createdAt" : "2023-01-27T20:32:10.859102Z",
"updatedAt" : "2023-01-27T20:32:10.859102Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in All Domains to identity c8f1ac64-e0d1-4cd3-80e4-6cc3744497b2"
} ]
Get Super User
GET /super-users/{id}
Authorization
This endpoint requires read
action on the super-user
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
The id of the identity to whom super-user access has been granted. |
domainId |
String |
true |
An optional {@link Domain} id, which when set indicates that this super-user is limited to {@link ResourceAction}s in the corresponding {@link Domain}. When not set, this super-user applies to all {@link Domain}s, present and future. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link SuperUser} was created. |
updatedAt |
String |
false |
The date-time at which this {@link SuperUser} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link SuperUser} was deleted. This will be null for an {@link SuperUser} that has not been deleted. If this property is not null, then the {@link SuperUser} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/super-users/0ba17690-4f73-4080-aacb-5103a5889063' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJuRjlRRWYxenBwMXFFaHdWSHZmWGhnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjFmZWFiYzY1LWMwN2ItNDJkOS1hMjA5LWZlYjI5MTAwNjA1NiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZjcxZGU0MzYtZWY5Ni00NjNkLWJkODMtM2RiNTg1Nzg5ZDk2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.XFOD5PaR8Dyzr0s4ToHgwuM_z8h9zBKXnivXtTxhcrL0bGhWSbon83djiyxtZtDTGBZL9ZUtqnx2hMQLnRxrMmukQECpGGe0oDj_9fe-xQTIocAQPitcqJ0sV0nK27v9MXsE7eUk_DqnpDQjDE6nmEKENhH8WS8L2JmD3crIFdprF3KV05eq3srGgZmzz7nbFmBVyGPM5UFxVvV2CHf_ZlKSbi4X_DLD9zoV1Ei99E5psh9mVQGFDcl4_7RiLR_3C1ceo9jwUULzaWZKrqrWC-5coIqkPpRCNY60n0KV_57wMYSiaVts5y9hdYMSaFILqO67xUoUvDbF6YEPySr0xQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 522
{
"id" : "0ba17690-4f73-4080-aacb-5103a5889063",
"identityId" : "144e4593-4e7d-4aaa-821e-704dc4f620da",
"domainId" : "daeed4f4-bebe-4646-ac40-3e3d81f8b3fa",
"createdBy" : "a1cf7e37-e918-49d2-91f7-7d872c53d07c",
"createdAt" : "2023-01-27T20:32:03.888790Z",
"updatedAt" : "2023-01-27T20:32:03.888790Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in Test Domain to identity 144e4593-4e7d-4aaa-821e-704dc4f620da"
}
Create Super User
POST /super-users
Authorization
This endpoint requires the following actions:
-
create
action on thesuper-user
resource type -
read
action on thedomain
resource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
identityId |
String |
false |
|
domainId |
String |
true |
Client must have |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
The id of the identity to whom super-user access has been granted. |
domainId |
String |
true |
An optional {@link Domain} id, which when set indicates that this super-user is limited to {@link ResourceAction}s in the corresponding {@link Domain}. When not set, this super-user applies to all {@link Domain}s, present and future. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link SuperUser} was created. |
updatedAt |
String |
false |
The date-time at which this {@link SuperUser} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link SuperUser} was deleted. This will be null for an {@link SuperUser} that has not been deleted. If this property is not null, then the {@link SuperUser} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/super-users' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiIzUUFmMHVkQ1Vwbzd6eVFzQkxGeXV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImY1YWE5MDk3LTVkMjYtNDA0OS05ZWY2LTA4OTFkNTlhMDMwYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZDBiNTEyZmItOTk4NC00ZTNmLWEzMjEtMzg0NzNkZGU4NDU2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMxfSx7XCJpZFwiOlwiMWU1ZjVhNDUtNTYxNy00YWRjLTg0ZDktNjRlYzM1NDViNGVlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.itOvjTdz6LlCCIuyvmb3Ey_qhZ6raq0Jugs28B4mNyshdL3Ac98G-uDgK4OO1dulH43z_8Vovr-1NgxHKcW6dxE6Ma6WahCompDMD5keT7I3vOMMRxcdKCxz8W8VzHJrDxs5hhyXAJc3zn__wpVUKSOpwkQTVjXLI73BTcwrpkKg-cz6FcTdA4fXA6NsN0yZhhW-obNuFKDvEO7ntkszdrxcEKEAwP11nkw4783XE08u_SIcW4xuuZ-LvSNwQpioCM9LDJlhMZzutZfdit1EiCZCTNJGIFxibeZHgVSiw-5YTbP6fjmv3uvgPB5DxpMRqAxN9nbYfRcOFJOkuttlZg' \
-d '{"identityId":"144e4593-4e7d-4aaa-821e-704dc4f620da","domainId":null}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 488
{
"id" : "0a1a3d61-8f5b-4016-b4cd-029169c8265b",
"identityId" : "144e4593-4e7d-4aaa-821e-704dc4f620da",
"domainId" : null,
"createdBy" : "f5aa9097-5d26-4049-9ef6-0891d59a030c",
"createdAt" : "2023-01-27T20:32:11.506682Z",
"updatedAt" : "2023-01-27T20:32:11.506682Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.superuser.SuperUser",
"_title" : "Grant All Actions (SU) in All Domains to identity 144e4593-4e7d-4aaa-821e-704dc4f620da"
}
Delete Super User
DELETE /super-users/{id}
Authorization
This endpoint requires delete
action on the super-user
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/super-users/e65976cc-6c3d-4f0b-bf4a-28f6e8b47662' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJhNzB6UmRCZjhDX0hWR2xKUkN1NGZRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjRmYTVlMmUwLWE1OTMtNDQzYy04ODJmLWZlOTY3YTZjMmUwNiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYjg0ZGM4ODgtMGYzNC00OWY0LTk4MWYtZGIwMjBjMjg5MTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMxfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.XjrNJXqFljambf0g16uwfnAhOQeXN3mFUPO49IkKw1KQKR6L-B7nKpp7e7_-33mrt0RldolSXMzX7toI8cWmtYAb5qUD9sPttyNtHLURh3Pl4bUS3V3rHOivNVuPYT1-I85_xHXIehgpdFlmS0Zfx49mXaIpjAYmtL1ek32l6OzEFP1QlzmkdJUlr79SK0ITtLUEz3H3TIHlXCY44X05-OhNe0Qf-mY-xzOqRnHbKd0Pd42YTmRTZPlIbXOTQxbSdP4LdWK4brRLV_MG9KzTI0dX1TgFk1-WRitjjuQDylm-jaGq33gfkrVv6FT9qWrxTSBn0pdx_DipyzriZVhJ9Q'
Example response
HTTP/1.1 200 OK
Public Grants
Find Public Grants
GET /public-grants
Returns a set of {@link PublicGrant}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read
action on the public-grant
resource type.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
resourceActionId |
Object |
true |
Filters results to those that grant one of the specified {@link ResourceAction}s. |
isAnonymous |
Boolean |
true |
When true, filters results where the isAnonymous property is true. When false, filters to those with the isAnonymous property is false. When not specified, the results will include those with both true and false values for this property. |
path |
Object |
true |
Filters results to those that target any resource along the specified path. For example, if the path is to Network X which is under Network Group Y, this would restrict the results to {@link IdentityResourceAction}s that grant an action on any resource under Network X, an action on Network X itself, or an action on Network Group Y. Combine this query parameter with resourceActionIds to limit the results to the types of actions along the path that are of interest. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].resourceActionId |
String |
false |
|
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link PublicGrant} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link PublicGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link PublicGrant} was deleted. This will be null for an {@link PublicGrant} that has not been deleted. If this property is not null, then the {@link PublicGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link PublicGrant} targets. |
[].path[].resourceId |
String |
false |
|
[].path[].resourceTypeId |
String |
true |
|
[].anonymous |
Boolean |
true |
If true, then any client may perform the linked action even if not authenticated. If false, then a client must be authenticated in order to perform the linked action. The actual identity id of the client does not matter for {@link PublicGrant}s. |
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiI3Y3hTMHoxWThEdThpZjRnMEFYZjlRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjdhZWM3NjJmLTcxNDctNDhiNC1iNzA4LWY0MGZkZTI4Nzk2ZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMTVlMWMwYjMtYmNhOS00ODQ2LTkyM2UtYTc3MDlkNGEwMzcyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.VrvwW7LMwYD4ExYG7Cea_1OKLQ7mmSu-mM7PCA2OGT6jTOzknvhpZ_ccsWF8qJHgNrza6Wok5Ef4hejhb3KUP3ljnhqUFyrAUmxtLGaEsAC_McvbbZ7v5ZMtEJ-3CLuU70b7WjsQ0qxP8R_I06YibV57MDF7ghoUiQHc1q0awjcgxbpOkJ_fAMWA6qVFK8pl1Th3Ri_uhnSk3u6RBLsHGclCAQa9MYJ07ZcK-_6z9hDB060-MHxIytdk1_4ZKxcMD8ghGhmosillLHnLOuy1MtthaEP363m4QA9ZMuwR1LsWKhErq5OcZSeis6ewwv0Yzb5NL2zVDVp38gDoC1w01A'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1648
[ {
"id" : "7d2ff738-5a19-417f-a07e-2190f826b348",
"resourceActionId" : "5228cb09-86c7-4d46-9fbd-f63d06c36f0b",
"createdBy" : "3112dc65-34a1-40b9-9fef-318fcb2365e9",
"createdAt" : "2023-01-27T20:32:10.031798Z",
"updatedAt" : "2023-01-27T20:32:10.031798Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "6224690f-d1f1-49f1-8509-29e42701e9f6",
"resourceTypeId" : "3f9ae78f-844c-4ce9-ac54-a5187715b4ea"
} ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Test Action Test Type on/under Test Type 6224690f-d1f1-49f1-8509-29e42701e9f6 to All Authenticated Clients"
}, {
"id" : "a64f51b3-d126-4bd5-ba1b-0b2a50e21859",
"resourceActionId" : "5b83675d-e3d6-4dab-976f-b125f20ca7d6",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:58.663442Z",
"updatedAt" : "2023-01-27T20:31:58.663442Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Read Data Center, All to All Authenticated Clients"
}, {
"id" : "9ea91137-df5e-483a-a248-40972b9c91de",
"resourceActionId" : "39f7de2c-72b8-4f63-bd27-3d7f91219fcf",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:58.663669Z",
"updatedAt" : "2023-01-27T20:31:58.663669Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Read Geo Region, All to All Authenticated Clients"
} ]
Get Public Grant
GET /public-grants/{id}
Authorization
This endpoint requires read
action on the public-grant
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
resourceActionId |
String |
false |
|
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link PublicGrant} was created. |
updatedAt |
String |
false |
The date-time at which this {@link PublicGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link PublicGrant} was deleted. This will be null for an {@link PublicGrant} that has not been deleted. If this property is not null, then the {@link PublicGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link PublicGrant} targets. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
anonymous |
Boolean |
true |
If true, then any client may perform the linked action even if not authenticated. If false, then a client must be authenticated in order to perform the linked action. The actual identity id of the client does not matter for {@link PublicGrant}s. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants/65fff9f1-1a87-45f7-9c57-1e46a4a93b90' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJLSGFYakM5WWxoMTlKVlFTVm9WQnFRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjMwZjUxNDMzLTBlZmQtNDQ2Yy04NTI4LTZjOGNhZGE5YmFjMSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOSwiZXhwIjoxNjc0ODU1MTI5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjlhMGJjYWQtZDZkYS00OWZlLThlMzgtZWJjOGY4YWM2MjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.t-Ghdaf-vW17WexyGjkRwt8QJVHHYWs2UaNLRKdSoveUVpTnj5w_mf3VeWTlByOYPSr2kCOVpGd_8-GU2IxSYiTJUelGJMdsHlrrJyDgBy_ffsh-q0kDsAUmbHiV-EDrJfwggtrCxtuLRcHquIZ1U913C1GIEvbBgRaWbib98WRlRIkNA0kA4gzsy7shEasO378qrsyhN16A5jtFAIIWKIMT3KoaGTQULY6NAWnzOkjFBKrab1jIMZZTAsq2M-qfs57lx2eKPBldtZsr3DO1_rXM6MqFjz8qepUh2egeEIeV7_sVCNT2sTWDUexXAAiGN6s5Wq-3AYPiC9qYr22Kvg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 678
{
"id" : "65fff9f1-1a87-45f7-9c57-1e46a4a93b90",
"resourceActionId" : "20c3f095-0981-4ac7-9d62-e536ef369df2",
"createdBy" : "e87804ef-2396-4b09-866a-31d9b1f7b9c8",
"createdAt" : "2023-01-27T20:32:09.866678Z",
"updatedAt" : "2023-01-27T20:32:09.866678Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "58776f0c-f278-4d37-b004-89e0ad888e01",
"resourceTypeId" : "ff3973da-5c40-4b92-bc10-f193ee1b8c75"
} ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Test Action 48 Test Type 47 on/under Test Type 47 58776f0c-f278-4d37-b004-89e0ad888e01 to All Authenticated Clients"
}
Create Public Grant
POST /public-grants
Authorization
This endpoint requires the following actions:
-
create
action on thepublic-grant
resource type -
read
action on theresource-action
resource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
resourceActionId |
String |
false |
Client must have |
path |
Array[Object] |
false |
|
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
anonymous |
Boolean |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
resourceActionId |
String |
false |
|
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link PublicGrant} was created. |
updatedAt |
String |
false |
The date-time at which this {@link PublicGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link PublicGrant} was deleted. This will be null for an {@link PublicGrant} that has not been deleted. If this property is not null, then the {@link PublicGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link PublicGrant} targets. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
anonymous |
Boolean |
true |
If true, then any client may perform the linked action even if not authenticated. If false, then a client must be authenticated in order to perform the linked action. The actual identity id of the client does not matter for {@link PublicGrant}s. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJyVUxPREl5SFoySzF3UFlLd0FHWEFnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjMxMTJkYzY1LTM0YTEtNDBiOS05ZmVmLTMxOGZjYjIzNjVlOSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMjA2ZGRlOTQtYTVkZi00YWRhLTllODctM2YxMDFiYWE4ZWM3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNGNhZTQwMzYtY2UxZi00NTcxLWE2OWYtMWUwYWFhNDQwODMyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.raQkDFLntqVaVYDcZnu7dncf0FhQe84KUwdPtZueL_LTEcGWhpoww9tT5SscOsKwGRQrwd0XdypfY80CZNeVyQhPVe9NHLZqITGOOX_R1XNgNIsuTMR-BzkqUSXbyv6BaSqAfGFge5fQgYzIqr3sBgw3wBIMeizTRBDGBzuatuwjnWSjSs531v2pIKIX9rE3wmrK6rsMb5u8dW6--yUTUs1m9pBaN-UJVO_zSl4UiSmTV2-EfSdqWhdJWprhsdgDjhAUUBC__EhqtxaBKXJsot4E3VBErAnW3UQG8v_VeDL-Qwk8pgpWOW_uvZM3MxjlJ7MlyhsungT4bXNHVWMu3g' \
-d '{"resourceActionId":"5228cb09-86c7-4d46-9fbd-f63d06c36f0b","path":[{"resourceId":"6224690f-d1f1-49f1-8509-29e42701e9f6","resourceTypeId":"3f9ae78f-844c-4ce9-ac54-a5187715b4ea"}],"anonymous":false}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 669
{
"id" : "7d2ff738-5a19-417f-a07e-2190f826b348",
"resourceActionId" : "5228cb09-86c7-4d46-9fbd-f63d06c36f0b",
"createdBy" : "3112dc65-34a1-40b9-9fef-318fcb2365e9",
"createdAt" : "2023-01-27T20:32:10.031798Z",
"updatedAt" : "2023-01-27T20:32:10.031798Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "6224690f-d1f1-49f1-8509-29e42701e9f6",
"resourceTypeId" : "3f9ae78f-844c-4ce9-ac54-a5187715b4ea"
} ],
"anonymous" : false,
"type" : "io.netfoundry.auth.domainv2.publicgrant.PublicGrant",
"_title" : "Grant Test Action Test Type on/under Test Type 6224690f-d1f1-49f1-8509-29e42701e9f6 to All Authenticated Clients"
}
Delete Public Grant
DELETE /public-grants/{id}
Authorization
This endpoint requires delete
action on the public-grant
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/public-grants/91f4643c-d25d-47f6-a017-1557cffcf9e6' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJrYnVtVkxYdjNlYWkyRGFMRkc4YXhnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijk1YmQxY2MyLWJkNTctNDg2My05MzY4LThlZDg1MDdjZDg4NyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOSwiZXhwIjoxNjc0ODU1MTI5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjkxZjQ2NDNjLWQyNWQtNDdmNi1hMDE3LTE1NTdjZmZjZjllNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMjUzYmNlZTktMGNhZi00MjNjLTk0ZmEtZThkNTg0YTIzYzE4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.vRbITz2QHFLNEc8FCtdDe6DC5CThevUoZ8ra_Yshc_iDwFYu86g3MbIpQK9Dpr5nd5pAoWOTrgnaH58n8KAbPx5XNddSBBS9rjSZJCKwNg5tw4231BLC5AJutVeAhIfAFJJLzT58N5HluE8l_Vzipxd-SrWjbqplv5u2DMDOj_kLJpErnhbe3sSSEIfUwnxoHOSyz2sef2FIvO90fUxZdmmClVWJ4Izu9I_3jUkdseFZdjklxkZw72ZSptxvsMloxafk-PQ99rPqsEBwYOQjUsTb1-Isq2IQr8FpmdG2EaCmmdOqLnOqMU_inLBKAoY62DlDr0LvSR2lCaWiN-PBVw'
Example response
HTTP/1.1 200 OK
Identity - Resource Action Grants
Find Identity Resource Actions
GET /identity-resource-actions
Returns a set of {@link IdentityResourceAction}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read
action on the identity-resource-action
resource type.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
identityId |
Object |
true |
Filters results to those that grant to an identity specified in this set. |
resourceActionId |
Object |
true |
Filters results to those that grant one of the specified {@link ResourceAction}s. |
path |
Object |
true |
Filters results to those that target any resource along the specified path. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].identityId |
String |
false |
The id of the identity to whom this {@link IdentityResourceAction#resourceActionId} has been granted. |
[].resourceActionId |
String |
false |
The {@link ResourceAction} that possession of this {@link IdentityResourceAction} grants to the linked identity for resources under the specified path. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link IdentityResourceAction} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link IdentityResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was deleted. This will be null for an {@link IdentityResourceAction} that has not been deleted. If this property is not null, then the {@link IdentityResourceAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. |
[].path[].resourceId |
String |
false |
|
[].path[].resourceTypeId |
String |
true |
|
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJJdGxNWDBvRVVIS1o1Z0VrOGU5RTZBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjA1ZjhjODBlLWU5NzQtNDdjOC1hN2YyLTg0YWU1ZmU2ODRiZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyNywiZXhwIjoxNjc0ODU1MTI3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOThiNzU2YWItMmQ3Mi00NDkzLTlhY2MtNjBlNDE2MGEwZTljXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.mJXkCnZoA444oppCWtBSr81q7aubGwS9dWwRzkO69qsrRHDDp2f7gho4hTFT6HRmsppSEK1vjhKkqpBOMzCf3wedgYHs7_IVl9BL5AY7zkw-v8FckH6cGZ---Z1rKItxthmiVl-kG-uxy4XroKoJgsr5gcbyWAHe0nqECTOr1zEWtooulC-tM63EtP1j_Ge8qfHI9H64WP0K4BpTzy5jyTQDO1C4QGbsDAHIXslT-cEKBB-gEUL_1Q6NwdcegMQzYgfK0mSlyVA5n3HGM70ahJr6m6c7otet1T4MJNZhSxhk2Vo9cIIyFKDiTTb9wV1eY_wFBH99CBaAL4EpfWI1rQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1711
[ {
"id" : "c5ec1a24-7257-41f8-be4a-3273dccf9ecc",
"identityId" : "0ed768fa-7214-4404-8335-a715156dff45",
"resourceActionId" : "00d79f7c-8f43-4a16-97c7-3a9db004c179",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:59.710467Z",
"updatedAt" : "2023-01-27T20:31:59.710467Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Read Client Synchronization, All to identity 0ed768fa-7214-4404-8335-a715156dff45"
}, {
"id" : "8dff90b6-4bb1-41d8-a472-29e7b74f699f",
"identityId" : "26690eb4-92e9-4ed0-acbe-6e26564eae99",
"resourceActionId" : "65d52754-e822-4937-967b-a805d9767f23",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:59.438518Z",
"updatedAt" : "2023-01-27T20:31:59.438518Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Create Invitation, All to identity 26690eb4-92e9-4ed0-acbe-6e26564eae99"
}, {
"id" : "5f117bf0-f4a4-4e87-b4c5-b655cdc3de3e",
"identityId" : "a17fffad-b448-4fc0-8e16-60baadc1d5ee",
"resourceActionId" : "776f7fb9-ab65-4d3a-859b-632b15e76b13",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:59.499365Z",
"updatedAt" : "2023-01-27T20:31:59.499365Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Delete Endpoint Group, All to identity a17fffad-b448-4fc0-8e16-60baadc1d5ee"
} ]
Get Identity Resource Action
GET /identity-resource-actions/{id}
Authorization
This endpoint requires read
action on the identity-resource-action
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
The id of the identity to whom this {@link IdentityResourceAction#resourceActionId} has been granted. |
resourceActionId |
String |
false |
The {@link ResourceAction} that possession of this {@link IdentityResourceAction} grants to the linked identity for resources under the specified path. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link IdentityResourceAction} was created. |
updatedAt |
String |
false |
The date-time at which this {@link IdentityResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was deleted. This will be null for an {@link IdentityResourceAction} that has not been deleted. If this property is not null, then the {@link IdentityResourceAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions/5d6fb8b6-1669-406e-8b8b-3ecb4f81aaf4' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJjaGZKNGdRR2tsTGdxOHhWYUgyOTNRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjQ3MTk4NTExLTQxOTktNDA2MS04ODIxLWRiYmE2NDlmNWU0NyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyNywiZXhwIjoxNjc0ODU1MTI3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZTc3ODAwOGQtMDU0Ny00ZTc0LTkzOTctYzUyZTY0YTE1MzY3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.cPvyPuFx3KGK3rvL7evi5U8MOz73t6ZqnnXL0wDcKgZe1IFLCWv1kS7KrIDHmWm8HAWCl9OkG63Gp1f9uD5m9lLO7gvbOC_9p6CRRhCM3pDnIbEcNHczxQMmT5sYyhYhHS_Sd7N7DJGxqxDPD0DiA255-tktQK6sBzB_ISQX0lewmz0XxE3aZQQt75Pon5mGesgK9i7h_A5ZUH9CNL17h67KNPh5WxW6UFFg6hTcb7xmQk86Omc1jeYRuR7lMdN_CjntNPDgWOSdirZdYKKTbBGZNyW43TbhLSnFIfv8s-IziwgqhcIDODf3jh1t3WysWYhzEvF6pkGSFM70MBquEg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 751
{
"id" : "5d6fb8b6-1669-406e-8b8b-3ecb4f81aaf4",
"identityId" : "2961642a-1223-4885-b35c-087200ede7fc",
"resourceActionId" : "1fcd9785-cfd2-40b6-b743-fae2fe565cca",
"createdBy" : "c3706154-4dd6-4265-8101-c03b5104934c",
"createdAt" : "2023-01-27T20:32:07.547254Z",
"updatedAt" : "2023-01-27T20:32:07.547254Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "2a3b5438-8246-49d9-85e0-fe1619d1d011",
"resourceTypeId" : "4efd8ef0-10c2-44a9-bcb1-adda248e9a72"
} ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Test Action 8 Test Type 7 on/under Test Type 7 2a3b5438-8246-49d9-85e0-fe1619d1d011 to identity 2961642a-1223-4885-b35c-087200ede7fc"
}
Create Identity Resource Action
POST /identity-resource-actions
Authorization
This endpoint requires the following actions:
-
create
action on theidentity-resource-action
resource type -
read
action on theresource-action
resource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
identityId |
String |
false |
|
resourceActionId |
String |
false |
Client must have |
path |
Array[Object] |
false |
|
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
The id of the identity to whom this {@link IdentityResourceAction#resourceActionId} has been granted. |
resourceActionId |
String |
false |
The {@link ResourceAction} that possession of this {@link IdentityResourceAction} grants to the linked identity for resources under the specified path. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link IdentityResourceAction} was created. |
updatedAt |
String |
false |
The date-time at which this {@link IdentityResourceAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link IdentityResourceAction} was deleted. This will be null for an {@link IdentityResourceAction} that has not been deleted. If this property is not null, then the {@link IdentityResourceAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJfMDFzMUFBZkpWZ0RSTzUtVXg3Q2VnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4N2U0YjIwLWEyNDYtNDdjYy04N2RlLTkxNTFiNjdkYjA4YiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyNywiZXhwIjoxNjc0ODU1MTI3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNTNmYzZjY2ItOGRjOC00NmMyLWJmZTEtMzk4Njg2ZWFjNDc4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI3fSx7XCJpZFwiOlwiNjUwMmM2MDAtZTQ2Yi00YjY1LWJjOGUtMTA2ZjU2YzU3NGY0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.utH7DJcCjlSTgxx1zGNiy1pxHQJYPMs3pHtQqlm3jS37LzXgi_8gdciRFsOUU502VlzFH61jWtc-UXlf_5Qp7g23eEEoGCoINf4_hFaFMPa3kQCMdmdOp8TM6b2Ckoc5Jj_jZJb6bkZWnJCb_nJBJj_p_rPpi8VAk89dQpMOZCNSaeu4mWcVY3qQesMV7WVmQmUEJa5BYmC7MWuJpCUVNGmQ5-Stt31jexHecxzZpGpTeN923ZCPQohp_XNB-PdC_IKYlmUQI3Pbime5aAkB3B29v4Mi4CkrcRELF9pOdwlTN4lDhxserNIdxljUKHvov22jv_Vz8H8Tegp1eSPovw' \
-d '{"identityId":"91f24193-e6bd-4845-ac59-ae1a47e87ff7","resourceActionId":"5228cb09-86c7-4d46-9fbd-f63d06c36f0b","path":[{"resourceId":"d147b047-71a0-4048-9b6a-2987358f4984","resourceTypeId":"3f9ae78f-844c-4ce9-ac54-a5187715b4ea"}]}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 745
{
"id" : "685eaefd-ccc3-4d62-8786-e748ceb5216d",
"identityId" : "91f24193-e6bd-4845-ac59-ae1a47e87ff7",
"resourceActionId" : "5228cb09-86c7-4d46-9fbd-f63d06c36f0b",
"createdBy" : "187e4b20-a246-47cc-87de-9151b67db08b",
"createdAt" : "2023-01-27T20:32:07.648751Z",
"updatedAt" : "2023-01-27T20:32:07.648751Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "d147b047-71a0-4048-9b6a-2987358f4984",
"resourceTypeId" : "3f9ae78f-844c-4ce9-ac54-a5187715b4ea"
} ],
"type" : "io.netfoundry.auth.domainv2.identityresourceaction.IdentityResourceAction",
"_title" : "Grant Test Action Test Type on/under Test Type d147b047-71a0-4048-9b6a-2987358f4984 to identity 91f24193-e6bd-4845-ac59-ae1a47e87ff7"
}
Delete Identity Resource Action
DELETE /identity-resource-actions/{id}
Authorization
This endpoint requires delete
action on the identity-resource-action
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/identity-resource-actions/cb150846-036c-463b-b9fc-c9a28d7e7227' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJFMS13RmNNRkQ3UEFkcmJvMy1IeHR3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImJlNDRkYzM1LTM4NzAtNDJlNS05OGQzLTk2ODdmZWEwNGI5YiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyNywiZXhwIjoxNjc0ODU1MTI3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiN2ZlY2Y2NGEtOTk4Yi00ZDI0LTk3YWUtNTQ5N2IzMGE0MWRhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.GBLd0EgKnTvPHNuSbCullDfTBwvQUcJNzaNnFVC-TGOx6Ag7VBcriRsWZ4mWi1iQ7aAcmnpk6V9CN9Tcb-IPMekTZjD7I79Iyqr4uCoYSe7cwSdame6GSXRilQSdQwX3O5De2tGdCQboHPL_ZshE2iThUBwepPuMXPScE0ZhBkWZDHef1sJTO1ERC-jFMTHoLDuY8LH5nF88n5ztYWJMPgWL4ulpaIa6OGhVRyzI6g0l1wzLgoi7XtNnR-sBlJ4rvVDDCCwYiAZKOBSsGhNVMS6G-2nsVewx_cIRQ5k_wS5M3c033dcZgFTwyTv_zGhKtkhnDvV2c78--TuwFjy23A'
Example response
HTTP/1.1 200 OK
Custom Roles
Find Custom Roles
GET /custom-roles
Returns a set of {@link CustomRole}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read
action on the custom-role
resource type.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
identityId |
Object |
true |
Filters results to those granted to one of the specified identity ids. |
resourceActionId |
Object |
true |
Filters results to those that grant one of the specified {@link ResourceAction}s. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].name |
String |
false |
The human friendly name of this {@link CustomRole}. Size must be between 1 and 256 inclusive. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link CustomRole} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link CustomRole} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link CustomRole} was deleted. This will be null for an {@link CustomRole} that has not been deleted. If this property is not null, then the {@link CustomRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJEX1JHdWFhWEZrSHpfSVdkZFo4TDBRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjQ5ZDFkMzNjLTg4ZmUtNDA4Mi05ODYwLTFiYTE3YzU4YzU3ZiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiY2EzNmNlOTItMWE1NC00OWM5LWExNjctNDI4Y2U2MGZlZjE1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.d0hj6SwkGUUcibSOAD8lzMQZYhU0J2tXQZfHWUNhxj3gmCDrLgSLyZYJTGFUpO8aUVtEP4nBXlCrI4Uo2AEzHMol0wh53zpNUqKjbHMJBXG6lzW6rnZBAA7Vnl3XGS1pPLsV2OKxF1wFlXToouPW1u2LPGGMajIej0AVTOEzEauTbmnee6ezFVKyS3mHHFmLeJwTRHHONnqPLuJsNoAd8Ct_-5gzlap19fmhWZdHE_zDNJbtrxIKPcZzjz0bDjV4J35uML7h5zB75f2K5Yah0c5SfQVD6tYDq0n6n6U9YAMprSuDmOPcfixeQADJroT4CFpZLhjb5nW7g4vDWGag7Q'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1161
[ {
"id" : "74a9a6c3-106c-40bc-acab-780c837ad8d0",
"name" : "NF MOP Tests, Control Plane",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:59.195404Z",
"updatedAt" : "2023-01-27T20:31:59.195404Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "NF MOP Tests, Control Plane"
}, {
"id" : "3a573168-f404-4c16-bf70-54d95a21609f",
"name" : "Test Custom Role 43",
"createdBy" : "817d97f4-1e72-4064-8441-01cbbdf74231",
"createdAt" : "2023-01-27T20:32:09.602347Z",
"updatedAt" : "2023-01-27T20:32:09.602347Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "Test Custom Role 43"
}, {
"id" : "cd6a4121-dc97-4286-bc63-9f2cb3887e62",
"name" : "Test Custom Role 34",
"createdBy" : "93cb8a24-cc5d-49e9-9409-938d9d62cf5d",
"createdAt" : "2023-01-27T20:32:09.286619Z",
"updatedAt" : "2023-01-27T20:32:09.286619Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "Test Custom Role 34"
} ]
Get Custom Role
GET /custom-roles/{id}
Authorization
This endpoint requires read
action on the custom-role
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
The human friendly name of this {@link CustomRole}. Size must be between 1 and 256 inclusive. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link CustomRole} was created. |
updatedAt |
String |
false |
The date-time at which this {@link CustomRole} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRole} was deleted. This will be null for an {@link CustomRole} that has not been deleted. If this property is not null, then the {@link CustomRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/21bf7293-3a67-4c3e-9788-5e0543f232ab' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJEbHZWNzM4RWNITHJPM1RTbjRDQkpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImEyOTg0MzRhLTZjMzYtNDRlNS04YmNiLTk4NTg0YzhiMGRiNCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMzZhNDMwNzAtMjBjMS00MmM4LWIxM2YtMDhkNDQ4ODE0MjY0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.LVo-TjKyAcTvoiAiPzMz3ZC8QYNBaAGAMr55H7jge6flB43sEuko4KR-W0k9z2k-FBWV5TlU_FPOIuRSFSvr8uiZt4Ps5QXN82sSo3u3Flr46MyBQWCXV520UFQq9OqEKmR2KiJcIM-x0ZIwtEUGTKAxM5fjSeQwN9PDLRflgN49hDBE7UBYSJ0bRc-jHEhy-YFiY9lfyBGt-7LhoyYItsBZi1ipbCMysCK8cEVbd83qO0-gDltvi_ckQOYpkF7xsmRpacePVBF3xXQvxXAMdJ7CI5SvDbT-DpzYsx9JcMTLowdua6ZIEr8NReeTmgmPvM7mVr76jvSIXQxWOLbyoQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 379
{
"id" : "21bf7293-3a67-4c3e-9788-5e0543f232ab",
"name" : "Test Custom Role 52",
"createdBy" : "122d0627-bd2d-405f-a4cd-e8c07dba72c1",
"createdAt" : "2023-01-27T20:32:10.374509Z",
"updatedAt" : "2023-01-27T20:32:10.374509Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "Test Custom Role 52"
}
Create Custom Role
POST /custom-roles
Authorization
This endpoint requires create
action on the custom-role
resource type.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
false |
Size must be between 1 and 256 inclusive. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
The human friendly name of this {@link CustomRole}. Size must be between 1 and 256 inclusive. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link CustomRole} was created. |
updatedAt |
String |
false |
The date-time at which this {@link CustomRole} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRole} was deleted. This will be null for an {@link CustomRole} that has not been deleted. If this property is not null, then the {@link CustomRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJwaWZ4TGdWenZuX1lkRVpON0JKc25RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImZjZjk4NmE0LTNiZDQtNDcyNy05OTE4LTI1MWVlNTk3MTA3ZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMDA4YmNjMTEtMzA0Zi00YTA1LWIxNGEtNWEyNWZkODdjNDc4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.fG-kyw7LKifaVM0Huypmvx10nMNB9kzx68GuhsM95I4aU6pY3-hsS5woEqP7_CmQ5csVFqq8lFh6_af5sm1etAyae5J6aA8xLR1VldD_6lYX2kXYn5IHQ8Tl_ybArpmWQWX_Zju5V-8q84-aeaCg-hLKqlnghvNKSQyjH7PDUjtud4fF23wyyZSQPeG39nnhUwGjRJWYngVICFRvfAAR7m-XHamC8B8KCiAgDIdq1PZIrxQ8WzDIwq13kdqhdx9CpfXdafLyEvgQZAi_AGafk_62MSK_zKEklb_Rhl4IscmX5FSXYgeduA-JSIZQUVa3GzGP8l4nEC4JLnjc6jLFZw' \
-d '{"name":"Test Custom Role Create"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 387
{
"id" : "d4c3dfe1-1b5a-43e5-af1c-f844dd03b9f3",
"name" : "Test Custom Role Create",
"createdBy" : "fcf986a4-3bd4-4727-9918-251ee597107d",
"createdAt" : "2023-01-27T20:32:10.536029Z",
"updatedAt" : "2023-01-27T20:32:10.536029Z",
"deletedAt" : null,
"deletedBy" : null,
"type" : "io.netfoundry.auth.domainv2.customrole.CustomRole",
"_title" : "Test Custom Role Create"
}
Delete Custom Role
DELETE /custom-roles/{id}
Authorization
This endpoint requires delete
action on the custom-role
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/e70fc742-51c4-4841-9b90-c0ad693a1409' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJhOGhaM1Z6Ukhxa3JTb1JEOFBTenpBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjZiOGU0OTVlLTBmYWQtNGYyNC1hYjZiLWJhMmI2MzkxNDU3YiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMTgxZTBlNmQtOWEzMy00NjUxLTliNTMtODU0NDUwMjAzZTZhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.JVTAz2ZCppqj5g2sBl2RR5ZYjqyHbN-tl8jfeDeg6pxDiQysIQeU9Tq1TYAWb_zmIpwP6zpxgI7mhE-mEUFkz3TWEKPLAuLd5zWhMHxIuI5AalUIYRizw9Ivmt4YgkM6ndPtameiBXgt6J9OjhQF_KWJOzOnaaXqzN44pESZrN6wNX2aN8EssHgbwPeNUoV76A8qFayoeLraTcMc9YvnmpuK_JFT6S1VcBrcmqBJPmtJvAGJfgMem5RS_JJR6x_3OIcWORaDK0UgdI48y8r89yrMWas9ZYN8oFfCdjFHnqUqRSQRF9te1g8Xvd-_TDR70hxV4oiGCyqFOjcK56zGXg'
Example response
HTTP/1.1 200 OK
Grant Custom Role (deprecated)
POST /custom-roles/{id}/identity-grants/{identityId}
Deprecated.
Deprecated. Use {@link CustomRoleGrantController#createCustomRoleGrant} to grant an identity a standard role.
Authorization
This endpoint requires the following actions:
-
read
action on thecustom-role
resource type -
create
action on thecustom-role-grant
resource type
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/e1c22a83-3b56-46a1-a42a-f6b2bc714d39/identity-grants/8ae03bd7-99bf-4263-9f5a-55754d4e1878' -i -X POST \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiIyb3J6MTU5aHB5d3Q5VHFVVVB0cmRBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImIxMmNmYmZmLTk4NWItNDgxYS04NjAxLWFmMTc1NWE2NmEyMCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYjdlNzI4MzktYTFiNi00YTc4LWI5NjEtMDAwZjQ3YzgxZWM1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTZhNmM0NmYtMzM2Zi00NGExLTk1OTEtNDNjMzBhZDhmMmUzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.C3eU0UDBsBg67Rsybn3cX6ctkK1KvW2HMSv7KGItN5LJ2XY_GxxwcpCZO0c-yopKnZwE59E_Q_qXYgZqnce8QEry3yHM3KzU0UOhRwM2SFcTXkiG5KUN75TbtRrQTNCqtYMrLe2T1mVWO0AZrPrxDQudBIBw2OFFr3Omw2GwT1_x1pSsYn2bXIK26Jxs9yeDAaeGXs2RWCsdbhFbZQVPtcileEJiS3j2_kvubIE2oxTcXhyyVmtUFLq7np3yarFsGw1au8TtSEyFIShUrICWwNL_ku2Vo1FZ7m7V5uYCyH8kgalwWkgkY5xLLyLzN-FZM3kGX0Wn6PBC82W2FDlHYQ'
Example response
HTTP/1.1 200 OK
Revoke Custom Role (deprecated)
DELETE /custom-roles/{id}/identity-grants/{identityId}
Deprecated.
Deprecated. Use {@link CustomRoleGrantController#createCustomRoleGrant} to grant an identity a standard role.
Authorization
This endpoint requires the following actions:
-
read
action on thecustom-role
resource type -
delete
action on thecustom-role-grant
resource type
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-roles/60e98d1f-bb1c-4781-8b5b-453e2e212a43/identity-grants/1231d34d-9de7-44f0-9775-13fa4ffd268a' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJ3Z2RVTFhiRWNrVWNDSGkxRWlnLVFRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjQ3ZjU4NjdmLTJkZmEtNDg2ZS1hNTZkLTQ2NDFhNWQ2ZGIxMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjU2ZDk4MzUtN2RhOS00NzAwLTk4NzYtMWFiN2ZmNzU0OWRhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiMGYxNjUyMTUtMDYyMC00ZDZhLTlmODMtZWQ5NzVlZmQ0ZDBjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.r5Fyr0v8OIzSGNPjPb8T-8Uj8ek0htRkyfDy_9_mz1oXs2LewjUJRw9ziWUfaf63hniCalb8KdGXsCUY2CYdjYLzTqW9Nunoe8QQwCisHpRSpFU6ubCXBJrKhcrU2vtUAUYeqq4_jd36qW9-75jBt4A493O8P-tSzC3x-37swCgZv_wVebfpXa-WZn1txxdV2iwHwlmeXsQrNmDx-e0cdWGW0vJq7eGmylccx4Tavf2zfQeZWHGTv7zqGtapTFReZG_T_6CjHN0AU9veK89NdCdYcgxCIaKvDMnPC_vcU1XCF0pufC7wBQ1CG2QoXPHfeEhwOddLHTgyVOpke5g-Fw'
Example response
HTTP/1.1 200 OK
Custom Role Actions
Find Custom Role Actions
GET /custom-role-actions
Returns a set of {@link CustomRoleAction}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read
action on the custom-role-action
resource type.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
customRoleId |
Object |
true |
Filters results to those from one of the specified {@link CustomRole}s. |
resourceActionId |
Object |
true |
Filters results to those that grant one of the specified {@link ResourceAction}s. |
path |
Object |
true |
Filters results to those that target any resource along the specified path. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].customRoleId |
String |
false |
The {@link CustomRole} that this {@link CustomRoleAction} belongs to. This {@link CustomRoleAction} should be granted to any identity that is granted this linked {@link CustomRole}. |
[].resourceActionId |
String |
false |
The {@link ResourceAction} that this {@link CustomRoleAction} confers to the identities that hold the linked {@link CustomRole}. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link CustomRoleAction} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link CustomRoleAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was deleted. This will be null for an {@link CustomRoleAction} that has not been deleted. If this property is not null, then the {@link CustomRoleAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. |
[].path[].resourceId |
String |
false |
|
[].path[].resourceTypeId |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiI4UEN6d2dMN0J3eVZMWm9kLXpTSUZBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImNiZTkyMDAxLTBiNzEtNDc1OC1hN2Q4LTgxYWM0NmE3Mzc2NiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOSwiZXhwIjoxNjc0ODU1MTI5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiY2JlZGYyOWMtYjdjMi00OWRiLWE5MTctOGFkN2EyMmQ2ZjI3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.fjqgpSAOviYzNUkWy2y-ofD8enz-Uz4AHw3PqiEzXgmmavvAeE42nGeBXwodzD1un1WI5R3U7LlqzxebAXyb47IXTZBhEeNpRkNp4bRJgrf4BHJVZ12eWhOXgONCh07uIRv1X_ixBBR2FahpSK8rMWRELstult6-TiTImwpgGTwwh9_vAshMPyp4HlSvs15Z4kiyvf7LI714iOu8cNrSjWXYH2aVG3UBBaqYllpA17tvUy6Ow3uBtrch65ctMt9QKREpj8Qu5579M4USsBR23xs8oAXEJlXXQ5SP-pQ19iCRXqGV1GsmbxAZFryAt7vMNoezP_lEw3SFX-B0_bYS-Q'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1294
[ {
"id" : "91b8e4a4-3aae-4fa4-b1ba-8b7a757e9778",
"customRoleId" : "74a9a6c3-106c-40bc-acab-780c837ad8d0",
"resourceActionId" : "493f8a4e-5d49-4ce4-95ae-3244699050c0",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:59.197256Z",
"updatedAt" : "2023-01-27T20:31:59.197256Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"_title" : "Read Service Group, All"
}, {
"id" : "7b1e4fbc-b3c2-4369-ae38-1ea95c95be1f",
"customRoleId" : "668720a0-531a-44fc-b196-4d3dbfba73eb",
"resourceActionId" : "b3504e28-6843-4d39-9b29-ef22202f88f4",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:32:00.001048Z",
"updatedAt" : "2023-01-27T20:32:00.001048Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"_title" : "Update Enterprise Subscription, All"
}, {
"id" : "b9136d69-0984-46dc-810b-585f05b538fa",
"customRoleId" : "74a9a6c3-106c-40bc-acab-780c837ad8d0",
"resourceActionId" : "f4cba7a5-5b65-4268-845f-0564fd9f6e2e",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:59.197256Z",
"updatedAt" : "2023-01-27T20:31:59.197256Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ ],
"_title" : "Read Standard Role Type, All"
} ]
Get Custom Role Action
GET /custom-role-actions/{id}
Authorization
This endpoint requires read
action on the custom-role-action
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
customRoleId |
String |
false |
The {@link CustomRole} that this {@link CustomRoleAction} belongs to. This {@link CustomRoleAction} should be granted to any identity that is granted this linked {@link CustomRole}. |
resourceActionId |
String |
false |
The {@link ResourceAction} that this {@link CustomRoleAction} confers to the identities that hold the linked {@link CustomRole}. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link CustomRoleAction} was created. |
updatedAt |
String |
false |
The date-time at which this {@link CustomRoleAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was deleted. This will be null for an {@link CustomRoleAction} that has not been deleted. If this property is not null, then the {@link CustomRoleAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions/04578dd2-b16a-4015-997b-0b67f1f7c004' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJzRFR3TGFIQ3JDcWRnWkdSeWxkWnRRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjU2MWE3YWNmLTRjZmYtNDI3Ny1hMzM3LTFmZTU3ZGZmYmVmMyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOSwiZXhwIjoxNjc0ODU1MTI5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMDk1NGFlNTQtNDY5Yi00OTQ0LWEwYjAtMDMyMzI0MzY4Y2Q4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.wboUImJgPCV598soL93x9GPpafTnPmt2S6revlLMaJM6KF7Cq90DNLxkP-bzScm7WoQlZZ2PLCTpxVYyBor9bt-ltapcpFnN9k2ZrVQHw4jjKiZcQ8TDuCM5V6J6kiSqhgY6NTydLE6Pf1rMZg9K1oPDzBpRHPX0gxIfo9tlVLuRI067RGwu5WJf7tu34NHxAfzR4WkLhLtD1kDZyRF6np-Vsdg2SNOMbKYDrsEqs-8bSm9np7vB1sbRMuyMTsmDOG1Th7AcFc6PqNDJLgQzNMm6Cxb8JWGMYbnJTwhP_jM4IzV_KWw-jJFgPBckw6_-ECIHCizjm_W6kOJMrt5mDA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 613
{
"id" : "04578dd2-b16a-4015-997b-0b67f1f7c004",
"customRoleId" : "362227c3-f150-4cec-b2b5-092d47c7a973",
"resourceActionId" : "bb68249a-75eb-44dc-9fff-f0aa15630ca8",
"createdBy" : "10923860-9b83-40f7-803e-b9011cd2130b",
"createdAt" : "2023-01-27T20:32:09.396914Z",
"updatedAt" : "2023-01-27T20:32:09.396914Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "334dc3dd-c1b4-4892-af5c-398ba8299100",
"resourceTypeId" : "9ba0732c-c926-4d79-a1fc-dc1bb99f25cd"
} ],
"_title" : "Test Action 38 Test Type 37 on/under Test Type 37 334dc3dd-c1b4-4892-af5c-398ba8299100"
}
Create Custom Role Action
POST /custom-role-actions
Authorization
This endpoint requires the following actions:
-
create
action on thecustom-role-action
resource type -
read
action on thecustom-role
resource type -
read
action on theresource-action
resource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
customRoleId |
String |
false |
Client must have |
resourceActionId |
String |
false |
Client must have |
path |
Array[Object] |
false |
|
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
customRoleId |
String |
false |
The {@link CustomRole} that this {@link CustomRoleAction} belongs to. This {@link CustomRoleAction} should be granted to any identity that is granted this linked {@link CustomRole}. |
resourceActionId |
String |
false |
The {@link ResourceAction} that this {@link CustomRoleAction} confers to the identities that hold the linked {@link CustomRole}. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link CustomRoleAction} was created. |
updatedAt |
String |
false |
The date-time at which this {@link CustomRoleAction} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRoleAction} was deleted. This will be null for an {@link CustomRoleAction} that has not been deleted. If this property is not null, then the {@link CustomRoleAction} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link CustomRoleAction} targets. For example, if this {@link CustomRoleAction} is "Update Widget Service" then this property defines the (id) path of/to the "Widget Service" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to the {@link ResourceAction#getResourceTypeId()}. Both must target the same {@link ResourceType}. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJFMllGcjBQMTBkcG9VcUYydVdBV2NBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjI4MzM3ZjI5LTZhMTUtNDIyOC1iMTAzLWRmMzMxZGZmZmM4YSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOSwiZXhwIjoxNjc0ODU1MTI5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiODFhNWQ0NjQtYmUzZi00M2QyLWJiNWMtOWQ4YjE1MDUyMjcwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNjEzY2RhZTYtZTg2OS00OWIzLWFiOWQtMDU2YTRjYTUyNjZlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiY2Y2NTRjMWItOWZmNC00Zjg4LWFmZjItMDliOWI5NjY2YzlmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.uGQX37ZCsf9zo45ILw4X3YW6DnnlfQJVxMVHDcvu-U2lTEWvtmY87wKACroG-NKlJFF4qq9OiFfkKizbEI1ylSY9XBkG6EM9y4qPHv-7CglkpoxItM6I4ppxfoJw4pMK4mg669YPDQfSSvMcZBiXbczokMjjpW3bSm2TRVVLnqejk4y-hEZiSB5BoBIOgP3K2iLd-hoV7YpTzzmeQE-xtZMYgjRS1WvUGgwBa7lrNC7QOPEyYMVr23HmicuSq7ZdMvV7hKhVbV55g1FyyEtXDn8dAekvmZrr5gRmvjj5rut2sIDWy55ZwuSyrpmzXfulQ87gBEViEC2jbpCNZduSoA' \
-d '{"customRoleId":"cd6a4121-dc97-4286-bc63-9f2cb3887e62","resourceActionId":"5228cb09-86c7-4d46-9fbd-f63d06c36f0b","path":[{"resourceId":"7db81a67-cc9f-42fe-9396-479eaf260a88","resourceTypeId":"3f9ae78f-844c-4ce9-ac54-a5187715b4ea"}]}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 604
{
"id" : "1238cd60-389a-4d39-a262-76cde594d105",
"customRoleId" : "cd6a4121-dc97-4286-bc63-9f2cb3887e62",
"resourceActionId" : "5228cb09-86c7-4d46-9fbd-f63d06c36f0b",
"createdBy" : "28337f29-6a15-4228-b103-df331dfffc8a",
"createdAt" : "2023-01-27T20:32:09.321343Z",
"updatedAt" : "2023-01-27T20:32:09.321343Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "7db81a67-cc9f-42fe-9396-479eaf260a88",
"resourceTypeId" : "3f9ae78f-844c-4ce9-ac54-a5187715b4ea"
} ],
"_title" : "Test Action Test Type on/under Test Type 7db81a67-cc9f-42fe-9396-479eaf260a88"
}
Delete Custom Role Action
DELETE /custom-role-actions/{id}
Authorization
This endpoint requires delete
action on the custom-role-action
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-actions/40f9a8f5-b869-49ed-b87f-91247b1cd1e9' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJCR3FLaUxQSVhKUDFFdVNKZUJYYWR3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImJhODI4NDVlLTI4OTMtNDYyYi05MGNhLTYyMzI4ZTQ0YTA4ZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOSwiZXhwIjoxNjc0ODU1MTI5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZTNiODZmMTgtYjZmZC00NzE4LWEzMDQtMDU3MzAxMDBiZDI4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.CSD3ffBYkCM3p0KAc0VY8M13TuhVz33T1fDhDyF8_6Swfrau5KqseDM9d0_wtxc_OpBkhzgI1g3pRkl0Utx86Sn5p009d1sG0aKeMZqr7JAK8-8Th1S3byXGc_9HIUircMvJ8lX9JzLRvl_Ph-GWIQ7uWiAl7PjVcH9SUY_RIcBtwH1Sv9gobYEA8fbwHlOs8p3umTJUeTtbQq_Fq_y8cYCFXWOgO8GKTCCBadl4Gfn-8yik0XAfYVXKA6Fv0r-fCW1v159oCxoNx0uNtVHRVml6fCzHo2Q9cOzzQz4_Hl6nJ9Ttp5UzXHBygaCvkV-G91KxMnXTl2AUOKuTyRXDAQ'
Example response
HTTP/1.1 200 OK
Custom Roles Grants
Find Custom Role Grants
GET /custom-role-grants
Returns a set of {@link CustomRoleGrant}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read
action on the custom-role-grant
resource type.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
customRoleId |
Object |
true |
Filters results to grants to one of the specified {@link CustomRole}s. |
customRoleIds |
Object |
true |
Deprecated.. |
identityId |
Object |
true |
Filters results to those granted to one of the specified identity ids. |
identityIds |
Object |
true |
Deprecated.. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].identityId |
String |
false |
|
[].customRoleId |
String |
false |
|
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link CustomRoleGrant} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link CustomRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was deleted. This will be null for an {@link CustomRoleGrant} that has not been deleted. If this property is not null, then the {@link CustomRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJ3c3N1ckVhMnlJNVFQcV80d3VqVndRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImNkNjdkYjE0LWNhMDAtNGUwMC1iYjJhLTY0NmUwOTVjMjQzNiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOSwiZXhwIjoxNjc0ODU1MTI5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYTUzZjI3NjktNjg5NS00YzM3LWJiYjAtMGQyNjIxYTRiNmQ1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.RgZQZCHNwrArNr4JZhqsLIOgerHRmG0Yzc3I8Bhc-ci10BGE_6tXxZDC5AqqkHbTHDz4cyr2n_M87kssmxDfjNVYvvLQnimSq_x2fwzV60XgKyOWBbiOQLrr_saV8AQjWlI_SD1_-rO561nwIjRKXxQY1DqQtPud5vNF1V06AvVez8QtvxwhKMvCFwGv2CZGOUEC1yy5x8cdjSr9JJVxOe1HNdfgSjXuGY0uaRjzRABZM0Ck5UCKLc5KQwLXIXrtPBO5DWcs57PelcvVMvuezhkzsESm4FRp-6b2l6eTS-EtVPi-dqgEtJZVz-2qp7VM2y4m-AF0H4MIMd3BLGUVew'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1415
[ {
"id" : "eb9a8541-a3a2-4cc0-a236-c286a2f38d21",
"identityId" : "16f645d6-e5ec-4d27-a542-64891f58b3a8",
"customRoleId" : "233ae92e-4b5d-4cab-9549-5d55fd1cbf6c",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:58.895849Z",
"updatedAt" : "2023-01-27T20:31:58.895849Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read-Only, ALL Auth Domain Resources to identity 16f645d6-e5ec-4d27-a542-64891f58b3a8"
}, {
"id" : "ce841df8-d27b-4499-abc4-8619f1f23a4d",
"identityId" : "e5f14eba-5792-4a1a-bcf1-9fa176637dd5",
"customRoleId" : "233ae92e-4b5d-4cab-9549-5d55fd1cbf6c",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:58.897348Z",
"updatedAt" : "2023-01-27T20:31:58.897348Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read-Only, ALL Auth Domain Resources to identity e5f14eba-5792-4a1a-bcf1-9fa176637dd5"
}, {
"id" : "78a9239b-da7a-4bb6-9ef9-5ec9e48068a1",
"identityId" : "83d8cce9-1ad2-4ec1-ae23-9d1f3d28f2ba",
"customRoleId" : "233ae92e-4b5d-4cab-9549-5d55fd1cbf6c",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:59.089697Z",
"updatedAt" : "2023-01-27T20:31:59.089697Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Read-Only, ALL Auth Domain Resources to identity 83d8cce9-1ad2-4ec1-ae23-9d1f3d28f2ba"
} ]
Get Custom Role Grant
GET /custom-role-grants/{id}
Authorization
This endpoint requires read
action on the custom-role-grant
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
|
customRoleId |
String |
false |
|
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link CustomRoleGrant} was created. |
updatedAt |
String |
false |
The date-time at which this {@link CustomRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was deleted. This will be null for an {@link CustomRoleGrant} that has not been deleted. If this property is not null, then the {@link CustomRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants/8327c2de-5340-4cff-9bba-40a2e5c1673c' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJSTmlUNWpjTHE1dkd5ZmxJRk5rN2NnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjkxM2ViYjNiLTE3MzktNDRlNy04MjE2LWU1MTY1ODU3NzIxMCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOSwiZXhwIjoxNjc0ODU1MTI5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiZWU2NTUzMjktM2JmYy00NTdhLWE2MzctNDA5ZTViNjFmZTBhXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.ZBz-fpmip9FqAmHQzV6Egij_kDSfkl_oyOrxVlVQQg5IBJqgXQAtvGLTRrO_m_Yifuxi764tqEBLb740_JDVIBWzeTS0kxeniOlHhmxRyYkXERvmPPGlUGoqPAE_dsUpZFcu6DYGLSq3enno6iQQRNasTy4rgJq3HgtIJuZqyhejvL0-8DPJb1mCtAobZLffhPFB5i89quHadcQmusQTs7ThP-nfyEz2ZvoTbtsuRoPcUSDvU_KGVAgi0FYtW9_Q3bJF17B3Cu68Og737FxO7Wwz69SA-MMFH0dFD1ELUWHzUOQNqSJeJdy3AwLSHS9qRd5nOvTb6SnEqjnsWNEfbw'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 452
{
"id" : "8327c2de-5340-4cff-9bba-40a2e5c1673c",
"identityId" : "b0d7a3de-aabe-417c-b269-fc89fdae1045",
"customRoleId" : "3a573168-f404-4c16-bf70-54d95a21609f",
"createdBy" : "54cd4501-e892-4bd3-9b44-4d8be2d96499",
"createdAt" : "2023-01-27T20:32:09.605713Z",
"updatedAt" : "2023-01-27T20:32:09.605713Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Custom Role 43 to identity b0d7a3de-aabe-417c-b269-fc89fdae1045"
}
Create Custom Role Grant
POST /custom-role-grants
Authorization
This endpoint requires the following actions:
-
create
action on thecustom-role-grant
resource type -
read
action on thecustom-role
resource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
customRoleId |
String |
false |
Client must have |
identityId |
String |
false |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
|
customRoleId |
String |
false |
|
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link CustomRoleGrant} was created. |
updatedAt |
String |
false |
The date-time at which this {@link CustomRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link CustomRoleGrant} was deleted. This will be null for an {@link CustomRoleGrant} that has not been deleted. If this property is not null, then the {@link CustomRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJvM09lRVNEUGNlN1UtdkY3UEpzSWVnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjFhYjM3YzQ2LTM2ZmYtNDAyZi1iYjA2LTQ4MWRjM2Y5M2EyYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOSwiZXhwIjoxNjc0ODU1MTI5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMWVkMzBkYzEtNzJlMS00YjhhLTliNWUtZDJiZTAyZjZkMjY3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiMmIxODFkNmQtZTkzNC00MGYwLTk3ZjgtMWQzNDExNDA4MzRmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.AtkToUOjfEOicaDw2CEYDqcDt4nAORpCEhEwlq1bLmzsZRuxuc5CQw5-MSAQyGVXP76D-2h5lB3rzRgURhYYCTSNg5PwSo2jh2S3za9F70OCzjmm675aYfZDqgExnDmt0aulW0kSF0Ac426UMn03d2PWAIOiKdYF_ipAKVW2NfyG6QXQjDgvee7n-877B1VxKd8KLgJ13m3NFJHyrh6Yap0se25mkr3rnRpXAUi3Fz9ZEa9bGf6RkfqElqzBB-jtOSgZv6-Kn4onrvTN0KX-YDkQAt2MyIjOrATCtXjra_nzaiXBYxVVMQG7SYUI-w4mdX9F91yCg_zuuyA3nxXpOw' \
-d '{"customRoleId":"2080c250-edf4-4230-b436-75f165c86650","identityId":"cf5c409c-6475-47b1-8c4e-bb560e6d112e"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 452
{
"id" : "23c83f8e-1c8d-44cc-8bd0-a245378d0dfc",
"identityId" : "cf5c409c-6475-47b1-8c4e-bb560e6d112e",
"customRoleId" : "2080c250-edf4-4230-b436-75f165c86650",
"createdBy" : "1ab37c46-36ff-402f-bb06-481dc3f93a2c",
"createdAt" : "2023-01-27T20:32:09.741949Z",
"updatedAt" : "2023-01-27T20:32:09.741949Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Custom Role 45 to identity cf5c409c-6475-47b1-8c4e-bb560e6d112e"
}
Delete Custom Role Grant
DELETE /custom-role-grants/{id}
Authorization
This endpoint requires delete
action on the custom-role-grant
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/custom-role-grants/f9618bfe-4281-403e-918f-87151b69c247' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiI3YU15Yi02WExWUmtwZ3hNQjhLU2tBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImRjZmQ0NjEwLTgyNTAtNDQ0NC05ZTlhLTUxMTY1NTA1NGM1ZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOSwiZXhwIjoxNjc0ODU1MTI5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNDg2ZTUzY2ItNzRlNi00MDIwLWE1ZmMtMzk4ZGY1OWJhZGM4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.GHXeC3x0zxPNx0WUD99mO14CeR8icR38aZ-wmwAxGyOgyAckCkxEFrS8pYH0Hj3vRsf89o3BASNlK7woMdArqDi-zidV5mIiBVPm1-9HJk3lLEa4s2oeMo0dlCOA_2VJ6WWF1PX0dtJVXhmZyHbEy4ZNvSuM-4e6GKfm1zu4FXFKpdVdOoZgnoyGoAcwLhzFdDdB8Ez9_YRIT1G3Y8r2BdDdS21k7pDyBoTGqnvbs4AvnDRE2n1CtsLcdjonfzU9fWkB6-1LLyxslD40PFYLAnY2d2UuPSfbaMHr98rjka6wh65EAnIr7H_mza9cMaXQxH-QTYTHN6MrSVjRIc6uvg'
Example response
HTTP/1.1 200 OK
Standard Roles
Find Standard Roles
GET /standard-roles
Returns a set of {@link StandardRole}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read
action on the standard-role
resource type.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
standardRoleTypeId |
Object |
true |
Filters results to those that are of one of the specified {@link StandardRoleType}s. |
identityId |
Object |
true |
Filters results to those which have been granted to one of the specified identities. |
resourceId |
Object |
true |
Filters results to those that specifically target one of the specified resources. |
path |
Object |
true |
Filters results to those that target any resource along the specified path. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].standardRoleTypeId |
String |
false |
The 'type' of this {@link StandardRole}. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link StandardRole} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link StandardRole} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link StandardRole} was deleted. This will be null for an {@link StandardRole} that has not been deleted. If this property is not null, then the {@link StandardRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[].path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link StandardRole} targets. For example, if this {@link StandardRole} is "ACME Corporation Account Manager" then this property defines the (id) path of/to the "ACME Corporation" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to this {@link StandardRole#standardRoleType}'s resource type. Both must target the same {@link ResourceType}. |
[].path[].resourceId |
String |
false |
|
[].path[].resourceTypeId |
String |
true |
|
[].type |
String |
true |
|
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJvdUtiQmthWUVJQ0Y5MWNpSk9saGF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImQ1OGMyZDc1LTNhYWQtNDk0OS1iNmRlLTY4ZDQ4MTE4ODY4YyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOSwiZXhwIjoxNjc0ODU1MTI5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiY2FjYzFiMzUtNWQ0ZS00OGVhLWIwYzQtYjMzZTUwYTljMTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.nlL6xZ0JpovfMGHoUvSVgrwnkSEEBhfkXGShUXHuCtEOxdQ1vYYhZDRSN15cQVzZftLNBO9-s8NSKXlHb1rUuifLyjB-xsKtAZoR8_oJDSQlz_L1rcwtkCVUtuyivGOmRal5RrCxPLO7i1PhRDAkYnoAqYwiQ_Ay4uK3plATZJK0JawuRgVsl6HHzFthcUDIMFJqZPAoxHwURf_GM4vD_HSIuA456RLW4gyj9i4_JsooR-H-wzhHgnaKinyhWCWzX73vxnILJWUIyY14pOOdZgRmn1WPiLIHMg_hFccHSJDYGEjF-vsTKXQyTXFrQ9ay5pAWe-X4GtYFhN0vp7-VaQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1793
[ {
"id" : "3fa9c782-ffa6-4ea9-900b-efb1dd41c3a5",
"standardRoleTypeId" : "45e3154a-ba71-4c85-baba-23015c94d15c",
"createdBy" : "4d43f759-b021-4973-92d9-0ebb1b1eb166",
"createdAt" : "2023-01-27T20:32:08.980112Z",
"updatedAt" : "2023-01-27T20:32:08.980112Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "9c326112-0c95-471f-9e8d-328cd21be175",
"resourceTypeId" : "b4535812-b473-4be6-9794-edd5d956a211"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Test Type 29 Admin - 9c326112-0c95-471f-9e8d-328cd21be175"
}, {
"id" : "30b572c8-1a65-4d6e-8a67-b7fe6065182a",
"standardRoleTypeId" : "c91fa2f3-4e30-41f3-ac19-27a7e0e8ec07",
"createdBy" : "6bf464c6-1034-4849-acae-da9c2f791838",
"createdAt" : "2023-01-27T20:32:08.396151Z",
"updatedAt" : "2023-01-27T20:32:08.396151Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "9bf633ce-c5c2-4a16-a02c-5d784f915240",
"resourceTypeId" : "d42e2a30-afaa-4526-9c46-d45906f16e41"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Test Type 19 Admin - 9bf633ce-c5c2-4a16-a02c-5d784f915240"
}, {
"id" : "023a79fe-e76d-4e58-9df3-83f4eede73da",
"standardRoleTypeId" : "6dda5e0a-e161-4348-be0d-1b47c2bcb916",
"createdBy" : "25345b32-6188-4c8a-bf79-5ed246d59817",
"createdAt" : "2023-01-27T20:32:08.554528Z",
"updatedAt" : "2023-01-27T20:32:08.554528Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "e428929b-bad3-46f2-bd70-7e6620069719",
"resourceTypeId" : "c41b2f1a-6f20-4fb6-a483-a1bd32fc105a"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Test Type 21 Admin - e428929b-bad3-46f2-bd70-7e6620069719"
} ]
Get Standard Role
GET /standard-roles/{id}
Authorization
This endpoint requires read
action on the standard-role
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
standardRoleTypeId |
String |
false |
The 'type' of this {@link StandardRole}. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link StandardRole} was created. |
updatedAt |
String |
false |
The date-time at which this {@link StandardRole} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link StandardRole} was deleted. This will be null for an {@link StandardRole} that has not been deleted. If this property is not null, then the {@link StandardRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link StandardRole} targets. For example, if this {@link StandardRole} is "ACME Corporation Account Manager" then this property defines the (id) path of/to the "ACME Corporation" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to this {@link StandardRole#standardRoleType}'s resource type. Both must target the same {@link ResourceType}. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles/f5a4e32b-29fc-4b22-a19f-a0ce1f42afff' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiI4MkZibEpnaE1wdE01VzJ3N2RkVVJBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImYwMTVkMWM5LTU2ODktNDIzMi05MWNhLWJiOTRmNzdhYjNhYiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOCwiZXhwIjoxNjc0ODU1MTI4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMDI0OGUzMTUtMTU4My00ZjYxLThmNTItZmYwZTU3NDgwZGI3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.r5kefcWuGTrlddvMToZH_B-Y_06eqZBlltl5AC_2kid0h0PKxFVxhrRZofj7OuoBGN0a28aSMW0J6Rvp0zxdieHdERtJg-zODYX536uBaYGgu2JxAWefBIB2QUtL4FZYAaSRkZQdQ5lEPF_kj5KnKSyi5tLRluybY21GEAUXYUo00UeyKAlyhoqsdEFw5MZUr7QGsvmQVvCm6SfUXHbldoT5Yu_0deIX9SShFXeLT8kVdiCtJYbfI-0sg2a-wGRnWLyigBrJMjWMeiB8d1TCsLPMu_YaHky0Qujf62rSRA8t20gGN2zScWWiHQCu_VM2tMEd07ovHXG-DqMWs0GGLg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 595
{
"id" : "f5a4e32b-29fc-4b22-a19f-a0ce1f42afff",
"standardRoleTypeId" : "c1869553-6564-4cf4-8a0c-2e4b4cf9d70c",
"createdBy" : "d9d9b6ae-6d1b-4872-bf2e-44bce3d6f40d",
"createdAt" : "2023-01-27T20:32:08.820578Z",
"updatedAt" : "2023-01-27T20:32:08.820578Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "65a6f46c-963c-40ba-a47f-b2bfbba99a53",
"resourceTypeId" : "d4fe8681-57de-4fa6-9d39-30ce063c06c7"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Test Type 27 Admin - 65a6f46c-963c-40ba-a47f-b2bfbba99a53"
}
Create Standard Role
POST /standard-roles
Authorization
This endpoint requires the following actions:
-
create
action on thestandard-role
resource type -
read
action on thestandard-role-type
resource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
standardRoleTypeId |
String |
false |
Client must have |
path |
Array[Object] |
false |
|
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
standardRoleTypeId |
String |
false |
The 'type' of this {@link StandardRole}. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link StandardRole} was created. |
updatedAt |
String |
false |
The date-time at which this {@link StandardRole} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link StandardRole} was deleted. This will be null for an {@link StandardRole} that has not been deleted. If this property is not null, then the {@link StandardRole} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
path |
Array[Object] |
false |
The path (ordered pairs of resource type and id) from resource tree root to the target resource that this {@link StandardRole} targets. For example, if this {@link StandardRole} is "ACME Corporation Account Manager" then this property defines the (id) path of/to the "ACME Corporation" resource. The path, specifically the ordered list of resource types that it contains, is co-variant to this {@link StandardRole#standardRoleType}'s resource type. Both must target the same {@link ResourceType}. |
path[].resourceId |
String |
false |
|
path[].resourceTypeId |
String |
true |
|
type |
String |
true |
|
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJ6cW9wZXcwY1NFREduNDJCTXEySlNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjRkNDNmNzU5LWIwMjEtNDk3My05MmQ5LTBlYmIxYjFlYjE2NiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOCwiZXhwIjoxNjc0ODU1MTI4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMThhYTJlOTktYmJlNC00ZWU4LWIyNWUtZTU0ZGNjNWMwYTg5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fSx7XCJpZFwiOlwiNTYzOTNmMGMtNjRiMy00MzdkLWIzZTQtNzcyNTJiNjk1MGQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.YPK4NXbyPteJkiBh7WaqOMmox4T-sSWuVL9VPyTIMQd4oR6pSzHJDg8OF8UngygGYaZigYNgdId8VASO91REDDnm5KN0uSQ862hvZI7C6asTXlaSN5KxJm4Ah-8qE-HQuR78HNVlKShIaZILvm3jLC8Cl14ni1O3Ji5GtbjmEYSJNt46qm1RiwKpT_oRPtSRhoI54JmM4t4zBaklYKExumDgDFPUSOlvO3dDbucCx0Krgq7lf87z4htzgiWg1617BGKjL-H2UKmHunZjRUTgszo1gfk4e9-vM2cR1YkMJbYLofK4H0g562-u10AaYGpMrFjAjPLRbjcm2Vfbc94H7g' \
-d '{"standardRoleTypeId":"45e3154a-ba71-4c85-baba-23015c94d15c","path":[{"resourceId":"9c326112-0c95-471f-9e8d-328cd21be175","resourceTypeId":"b4535812-b473-4be6-9794-edd5d956a211"}]}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 595
{
"id" : "3fa9c782-ffa6-4ea9-900b-efb1dd41c3a5",
"standardRoleTypeId" : "45e3154a-ba71-4c85-baba-23015c94d15c",
"createdBy" : "4d43f759-b021-4973-92d9-0ebb1b1eb166",
"createdAt" : "2023-01-27T20:32:08.980112Z",
"updatedAt" : "2023-01-27T20:32:08.980112Z",
"deletedAt" : null,
"deletedBy" : null,
"path" : [ {
"resourceId" : "9c326112-0c95-471f-9e8d-328cd21be175",
"resourceTypeId" : "b4535812-b473-4be6-9794-edd5d956a211"
} ],
"type" : "io.netfoundry.auth.domainv2.standardrole.StandardRole",
"_title" : "Test Type 29 Admin - 9c326112-0c95-471f-9e8d-328cd21be175"
}
Delete Standard Role
DELETE /standard-roles/{id}
Authorization
This endpoint requires delete
action on the standard-role
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-roles/3846a90f-a263-4c54-b699-80ef28e0f88c' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJxbEZSSW5PalJoVl91enNycVY4TmF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImE2OGZjOTRiLWEwMWEtNDFkMC05YmU1LWQxYzcyNjk5YWMwYiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOSwiZXhwIjoxNjc0ODU1MTI5LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYzMzMWQ0NTgtNmUxNy00ZWE3LTgzNWItMTYzZjM5NDk4ZmFlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.r3UzrdmrggpXP6kFkKO8Rji8BOmm3Jq3Hv56OI08E_PmC97zw7a6JklbvAdHfObuRMZvKMpQFnKXsuRlgqcghia2AlRWNuZkz0uFhGusgf46YOzBVJ-tIulbaB-85YwadeQv-1GyDJ4xrNjvmyWqXKKWUOy1vaWBA_ZpXRRgWWspjxcQwtBEmbdRudBxV6OfrNNZaNVCIXWGT8iX9_ojN8FdyZqe_hkW9eUe1ovQEOY6VKPvV2gmIQ2re02vgfoBovCo8Wzvite1OtSXN5OuylEbhdAJv4SYylVifTkLIUYu5aGQ-UjoKyjBBRZoNcBej751QDKB9W62kPeDKKNSzg'
Example response
HTTP/1.1 200 OK
Standard Roles Grants
Find Standard Role Grants
GET /standard-role-grants
Returns a set of {@link StandardRoleGrant}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read
action on the standard-role-grant
resource type.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
standardRoleId |
Object |
true |
Filters results to grants to one of the specified {@link StandardRole}s. |
standardRoleIds |
Object |
true |
Deprecated.. |
identityId |
Object |
true |
Filters results to those granted to one of the specified identity ids. |
identityIds |
Object |
true |
Deprecated.. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].identityId |
String |
false |
|
[].standardRoleId |
String |
false |
|
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link StandardRoleGrant} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link StandardRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was deleted. This will be null for an {@link StandardRoleGrant} that has not been deleted. If this property is not null, then the {@link StandardRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJxS0JiYTVMQ01rdHVGRl9rYWJvRm1nIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImYwOWMzNDc0LTZkOTItNDk0Mi04MDg0LTU0M2Y2ZDhlYTkxYSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOCwiZXhwIjoxNjc0ODU1MTI4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiMGNmMTU3YmUtOGRiOS00ODRhLWJkOTEtMDM4MmY1OTZiMzc1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.IStGRiIJn50_WpjDrcJNm9A21mcS_NfHhBeP6E9txaINDuGwRTkT1B_CsXhbuYATWRqR0DHsm0EHaG6e3ndIGJ55WpuyUBVYFNwqFiMptB5ZaogiJATcfm0F1UTgJ0Nnytfdpdw0t-TsOWNAVxi9vMdlU-aGH4XorKdpW7eUcQTpNhkdkuPbSddjkxB_bSIFe_RMh-OPU4NK1X6sOayvuEGNwp-PdjBQQR6eZ_LoG-TJs1TVRhmVZuasOmxkuxP8XFJfsK_yGanRTNAJ34RMATglw1b0LCXyd4uEMyzPO8j93032qlgQL8baS_q34HEjS8cc9nO8_9hv4NBX_NwD_Q'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 496
[ {
"id" : "15d86762-76ff-4e39-9884-49fcbc48aa51",
"identityId" : "7da94cb3-e50c-4077-92ea-12a143ad4089",
"standardRoleId" : "30b572c8-1a65-4d6e-8a67-b7fe6065182a",
"createdBy" : "834f50f4-166d-4b06-8f38-02c0e09e06f4",
"createdAt" : "2023-01-27T20:32:08.430651Z",
"updatedAt" : "2023-01-27T20:32:08.430651Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Type 19 Admin - 9bf633ce-c5c2-4a16-a02c-5d784f915240 to identity 7da94cb3-e50c-4077-92ea-12a143ad4089"
} ]
Get Standard Role Grant
GET /standard-role-grants/{id}
Authorization
This endpoint requires read
action on the standard-role-grant
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
|
standardRoleId |
String |
false |
|
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link StandardRoleGrant} was created. |
updatedAt |
String |
false |
The date-time at which this {@link StandardRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was deleted. This will be null for an {@link StandardRoleGrant} that has not been deleted. If this property is not null, then the {@link StandardRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants/114d25ab-6855-4cdf-99fd-bd613111ce6b' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiItcGRpME52eUNEd2tfOEtFdkpxTG1BIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImE4NGIzMmM4LWRlZjQtNDQzOS05N2Y1LTYwMTNhNDRkM2M2MSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOCwiZXhwIjoxNjc0ODU1MTI4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNzBhMDU0Y2QtNzJjZC00YmYyLWFkYWMtYzY4ZGY0Mzc1MDk0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.v5EOosWqBO7qbTEEqxDaTeUisoePvoB6WcNoave7sy4CBcBCti8WccEmT6nDbQ8tB_79XPxssVsAjRPgX3_ja8NQ5rvdKESDQKtDaJhbKo7y_Cp6lO-GQ8t9r6qm1nrvAiB-uRwUFw5iVrSgaJwj6XYhsuxMTSNe8egEvRzfjySBopDYcYd9r4ePUuliVbx6pFLD9-oqa-pWZOfifVV75ACufSQOr68PZy2ADEIo5Bq8xflZhNAjh9-b6ujG-k3dKVtB2N64Jyvpwzit6hH8K5-EsXuTMCAzr7Zm7QyyIst-BdGPY-oelyE8FrIVz-NKl42LBDSwern9zyjBIRuv7A'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 492
{
"id" : "114d25ab-6855-4cdf-99fd-bd613111ce6b",
"identityId" : "d085a324-ef08-47a1-91b1-aecef4e562b1",
"standardRoleId" : "023a79fe-e76d-4e58-9df3-83f4eede73da",
"createdBy" : "9b76ff2e-15c6-434f-af45-5ccc98dce7ae",
"createdAt" : "2023-01-27T20:32:08.558802Z",
"updatedAt" : "2023-01-27T20:32:08.558802Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Type 21 Admin - e428929b-bad3-46f2-bd70-7e6620069719 to identity d085a324-ef08-47a1-91b1-aecef4e562b1"
}
Create Standard Role Grant
POST /standard-role-grants
Authorization
This endpoint requires the following actions:
-
create
action on thestandard-role-grant
resource type -
read
action on thestandard-role
resource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
standardRoleId |
String |
false |
Client must have |
identityId |
String |
false |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
identityId |
String |
false |
|
standardRoleId |
String |
false |
|
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link StandardRoleGrant} was created. |
updatedAt |
String |
false |
The date-time at which this {@link StandardRoleGrant} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link StandardRoleGrant} was deleted. This will be null for an {@link StandardRoleGrant} that has not been deleted. If this property is not null, then the {@link StandardRoleGrant} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiI4V3ItRlA5MklHSll5WEUxa1gyeUZRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjgzNGY1MGY0LTE2NmQtNGIwNi04ZjM4LTAyYzBlMDllMDZmNCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOCwiZXhwIjoxNjc0ODU1MTI4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNTVjOTEwZjAtYTA5ZS00YmZlLTk1ZDItNDY1NzExYWUwODJjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fSx7XCJpZFwiOlwiNDI4ODRmNmMtZTU0ZC00MGEyLWI5ZmUtNGQ0MjY1NDc5MmE0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.GkcIvGr5oB95LGJM75cgAJTAMUe-LrgYB5pDJ02jdcQwpBJifF6gW9ovfoTSL0PE8hdba6vHnzGwaXi9QEf4QSVUZVorR45CbD2cq03XIYOjIjkANeIhci0opshBoa4gLwtfDf68k0Z0eRtAy-XTOcL5Gd_1hLRgZExNMZNUDKQh5o9y7yxrOkTtnfUgVPXaHGKol9Sw9IzQY-vYVQ4SKsi8IWOI1X_LcNWVziWdm-0r-yM7Ta13QvQEB9P1on6Q42NNFvWvdE5CbPmCjbN4qnFBR3s8vKrq6CfsKSY3fu0bdYXRzI-ziZoyUr0DztWmd-Sw1k3I8PXeBXkrnsiGCA' \
-d '{"standardRoleId":"30b572c8-1a65-4d6e-8a67-b7fe6065182a","identityId":"7da94cb3-e50c-4077-92ea-12a143ad4089"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 492
{
"id" : "15d86762-76ff-4e39-9884-49fcbc48aa51",
"identityId" : "7da94cb3-e50c-4077-92ea-12a143ad4089",
"standardRoleId" : "30b572c8-1a65-4d6e-8a67-b7fe6065182a",
"createdBy" : "834f50f4-166d-4b06-8f38-02c0e09e06f4",
"createdAt" : "2023-01-27T20:32:08.430651Z",
"updatedAt" : "2023-01-27T20:32:08.430651Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Grant Test Type 19 Admin - 9bf633ce-c5c2-4a16-a02c-5d784f915240 to identity 7da94cb3-e50c-4077-92ea-12a143ad4089"
}
Delete Standard Role Grant
DELETE /standard-role-grants/{id}
Authorization
This endpoint requires delete
action on the standard-role-grant
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-grants/549b2abe-0971-4982-93f0-4dcc4158a08b' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJ2cVV2SzFhTDhQMDlZMDV6cU5CYU13IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImQwN2RhYWRhLTFmN2MtNDUxNy04MzcyLTgwYjYzMTI1ODFlZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOCwiZXhwIjoxNjc0ODU1MTI4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYjUxOGQwMDEtMWQ4Mi00OWM0LWFlYjItN2JhODA4ZDg3NmNkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.DrEW5DWEy3uIn_92LrbNxltYFS9hz8BLXp-lcCh9LGUPxTZw49vxpkwFOZsX0sHFi-C2mL-uheELWRenbdAJd46ZfY3Is-nK5bj5U5UI_NnW1DipcYJ7TtM7fQuR8VomQkxWTFR48xrSP40gZ2LkbTccvEbbe-fEsDF1zPg8Nf8jzQEm2BnNe_Ytr55HjjqMZFy7i0-b_bvBW3HKRi9SUCE63uwSQPSahfMjYSsQLAATzAHRxe9vSRRORzDR1b67yVd3GYoOwe0ZC59eHj7Lhr6kpxHWMO3hkzIskbbeC6UFLC0pEBny_zYYP0L_95_mQNG0i016hQK_ot0GYDF3Ag'
Example response
HTTP/1.1 200 OK
Standard Role Types
Find Standard Role Types
GET /standard-role-types
Returns a set of {@link StandardRoleType}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read
action on the standard-role-type
resource type.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
resourceTypeId |
Object |
true |
Filters results to those that target one of the specified {@link ResourceType}s. |
resourceTypeIds |
Object |
true |
Deprecated.. |
authorizationStrategyName |
Object |
true |
Filters results to those that are of one of the specified strategies. |
authorizationStrategyNames |
Object |
true |
Deprecated.. |
includedByStandardRoleTypeId |
Object |
true |
Filters results to those whose actions are fully included by the specified {@link StandardRoleType}. In other words, all returned {@link StandardRoleType}s are logical sub-sets of the {@link StandardRoleType} specified by this query parameter. |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].resourceTypeId |
String |
false |
|
[].authorizationStrategyName |
String |
false |
Size must be between 1 and 64 inclusive. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link StandardRoleType} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link StandardRoleType} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-types' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiIxY2JkTUpjcldpcmYxRDZZazNFWHhRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImQ0OTkxYTFhLTZkNjctNDFhMi1iZDI1LTBjMzE4N2ZlZjNkYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNzZmYTMzOTgtZDNhNy00ZDFhLWI0MjktOWUyNzI3ODljMDgyXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.ay8q8VJZtrIL4_R9ZyWICFgtnaODp9Q4RNIfZ8ygmI9rvimzCcvJ8cDrv8epcrp0xO8IYczxUtGKICpc-dHfRDf8mwEgia6GXdDb4E2dTIFg-98s08oVgwoa2E7NnLuTS0T8Z6eb8eBOg2UkQS2BZWB32Ukvki9J2hbGOmWFjVth9x2ZdFgsJpulTxWzgpPUN3uOgs8sbgKPeLikqeEfKU9eIdbqum0DA0x7tfsVg-TxexkWJhqoHov80G35j-_FHnyUKmylJx-B_J9g1dA7U6anvyooxs_2mcqJqzFAj_3PjhHaequT7ezCQG8vmi3Ypw9qcWS1PWTNS30bMDrjyA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1032
[ {
"id" : "de20bb27-d830-4878-a16e-e0aa3f0d262c",
"resourceTypeId" : "f1b76ef2-403a-424a-b848-aca7dccd0d88",
"authorizationStrategyName" : "Admin",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:58.926423Z",
"updatedAt" : "2023-01-27T20:31:58.926423Z",
"_title" : "Standard Role Admin"
}, {
"id" : "45e3154a-ba71-4c85-baba-23015c94d15c",
"resourceTypeId" : "b4535812-b473-4be6-9794-edd5d956a211",
"authorizationStrategyName" : "Admin",
"createdBy" : "855d96ba-4140-4768-a35d-b87a84ec3224",
"createdAt" : "2023-01-27T20:32:08.952959Z",
"updatedAt" : "2023-01-27T20:32:08.952959Z",
"_title" : "Test Type 29 Admin"
}, {
"id" : "22c724c7-2a68-4196-93fc-314d0748d4cf",
"resourceTypeId" : "b613a44d-71a5-40bd-a63f-e022f46c6c75",
"authorizationStrategyName" : "Read-Only",
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:58.506002Z",
"updatedAt" : "2023-01-27T20:31:58.506002Z",
"_title" : "Network Group Read-Only"
} ]
Get Standard Role Type
GET /standard-role-types/{id}
Authorization
This endpoint requires read
action on the standard-role-type
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
resourceTypeId |
String |
false |
|
authorizationStrategyName |
String |
false |
Size must be between 1 and 64 inclusive. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link StandardRoleType} was created. |
updatedAt |
String |
false |
The date-time at which this {@link StandardRoleType} was updated. The only supported 'update' on this bean is to mark it as deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-types/7927720e-c099-44fc-b4b9-3c5829d26cfb' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJsZ0J3R0FmMXFreDd4aEtLUE5GRGVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjUyNDE3Y2YyLTliM2EtNDNlMS04MTE0LWEwMDVlZTA2MzAwYyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNjEyYTE2MjMtNWJhZC00YmFiLTliMGEtNDYyOGJmZjgxYzY2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.A6rWtYya2C28JcgYfa7YUhYTOMc-ahF3GlNesUTHiydSBLn5_rNzgyxd2_EuUwGYc1_ymnOdjF0zaqerilCIHT_S52B4nAy63kWdaZS36QECtp6dxTvgrXJCGGMPOV-B9ADG7haXNE2F0gL-5e2pHFkLTWdjk6BUmrzdokaRrX4WKj6DJzE5EW-IcR8xBdtxkSSp9lBPxddwt-qjY11oGgKeTziLxACSv2MbFxvjBsa3d7kaH2QtMZWpoj6219z_04-2CNPbxpRclVCnD_zXD9yVsYjScSjvxHOH9ywXnQMwGVqg-5jDdARtcpIcebDz382rTuXbslaDH7zVMWX6MA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 338
{
"id" : "7927720e-c099-44fc-b4b9-3c5829d26cfb",
"resourceTypeId" : "bb407ecd-1dad-4104-8629-db0fe705090e",
"authorizationStrategyName" : "Admin",
"createdBy" : "2daf3afc-8575-4889-adcd-f81fd4d79f8b",
"createdAt" : "2023-01-27T20:32:10.757144Z",
"updatedAt" : "2023-01-27T20:32:10.757144Z",
"_title" : "Test Type 57 Admin"
}
Create Standard Role Type
POST /standard-role-types
Authorization
This endpoint requires the following actions:
-
create
action on thestandard-role-type
resource type -
read
action on theresource-type
resource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
resourceTypeId |
String |
false |
Client must have |
authorizationStrategy |
String |
false |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
resourceTypeId |
String |
false |
|
authorizationStrategyName |
String |
false |
Size must be between 1 and 64 inclusive. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link StandardRoleType} was created. |
updatedAt |
String |
false |
The date-time at which this {@link StandardRoleType} was updated. The only supported 'update' on this bean is to mark it as deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/standard-role-types' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJTeUpOQmtHVnZqVl9WVUx3OXhTcVdRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijk2OTNjYTcwLTY0YTAtNGI1NC05ZDA5LTE0YjkxZWY2ODg2NSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcIjdkMmZmNzM4LTVhMTktNDE3Zi1hMDdlLTIxOTBmODI2YjM0OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH0se1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjY1ZmZmOWYxLTFhODctNDVmNy05YzU3LTFlNDZhNGE5M2I5MFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyOX0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiNzJmOGVjYzAtNTRkNy00OTBiLWFlNTktYmU3YjRhYmIyZjgwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiOWMzNTljOGEtZWQ3MS00ZTZhLTkxMjctYTNjMThlNjZlZWRkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.jMVyFUmypT0y6IlF4mqiJ-Q3pQDgeWT3Atxcwyb2RCfTM1dGSZued28zTS8lz93iJ_8I3B8jdsmota1u-n3DtbkM0gBOGXQtQ9ndMElkHTo4oVaa7ipQx3axFTOsokmYhZatJi7mvyl9qE41JAVwvu44au6vkldWqz2DS9NJpJkzykr27JBUhSdOogI5bF_xmXw7sCdo_K1hepOiH9LblHCbiq-94K0ngRTEtPjOl_Ps_k_HDDehaiB9f6Km_JPXtwymGXvVwgZVPaUEP9kn6WpHplu7STOdAnUczhMxKFTvkIxQQ4-Z6m6--R3amZ7pFqRfbufM1KPH6XrPBZ9Mjw' \
-d '{"resourceTypeId":"3f9ae78f-844c-4ce9-ac54-a5187715b4ea","authorizationStrategy":"Admin"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 335
{
"id" : "ab03e96e-5d85-47d5-82f8-4bbfa82f4763",
"resourceTypeId" : "3f9ae78f-844c-4ce9-ac54-a5187715b4ea",
"authorizationStrategyName" : "Admin",
"createdBy" : "9693ca70-64a0-4b54-9d09-14b91ef68865",
"createdAt" : "2023-01-27T20:32:10.709167Z",
"updatedAt" : "2023-01-27T20:32:10.709167Z",
"_title" : "Test Type Admin"
}
Resource Action Inclusions in Standard Roles
Find Action Inclusions
GET /action-inclusions
Returns a set of {@link ActionInclusion}s that the client is authorized to read and which match the specified (optional) query parameters.
If multiple query parameters are specified, then results must match each query parameter that is set. If a query parameter supports multiple values, then a result must match at least one of the values. In other words, distinct query parameters are AND’d while value matching within a single query parameter act as an OR condition. For example a query parameter "?x=1,2&y=3" becomes (X == 1 OR X == 2) AND (Y == 3).
Authorization
This endpoint requires read
action on the action-inclusion
resource type.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
resourceActionId |
Object |
true |
Filters results to those that apply to one of the specified {@link ResourceAction}s. |
authorizationStrategyName |
Object |
true |
Filters results to those that apply to one of the specified strategies. |
isDeleted |
Boolean |
true |
When true, returns only those that are marked as deleted. When false, returns only those that are not marked deleted. When not set, returns all those that are otherwise matching, whether they are marked deleted or not. |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].resourceActionId |
String |
false |
|
[].authorizationStrategyName |
String |
false |
Size must be between 1 and 64 inclusive. |
[].includeWhenAbove |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is above the {@link StandardRoleType}'s {@link ResourceType}. |
[].includeWhenAt |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is the same as the {@link StandardRoleType}'s {@link ResourceType}. |
[].includeWhenBelow |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is below the {@link StandardRoleType}'s {@link ResourceType}. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link ActionInclusion} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link ActionInclusion} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link ActionInclusion} was deleted. This will be null for an {@link ActionInclusion} that has not been deleted. If this property is not null, then the {@link ActionInclusion} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJod2xJaHcya1FfR0U0SGx4YkMzZFdRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImQwNmMzNzAxLTgyMWItNDI0NS04ZGQ1LTc4MjFmNjAxOWYwNCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyNywiZXhwIjoxNjc0ODU1MTI3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiM2RmOWNiNDYtMzhmZS00OTBjLWE4OGMtYzdjMjA5Y2FlMWYzXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.hxRuaXxjhQMNQqi62m2sM6-ztYOnd_NKWlKH0dqZUqnp4PE7fFxyMYsHpTapydlZwW6LMSfxA36BQrp7hL8M4MPqNdxF_b8FHWWZX0C-vNLLapnedPuqU7cz4ZkC3g6MnaBkUqe35EZIr8coDPvlQYwgf9AAA2IWtwDwfASQGKHNDXuFTekxLvbS5j7tdDlpjLrGu-_8XXZfCsOYzzUwRzQBEE4N5zD2hRNU3AY6cZJgTIP5mUXZfL-zyQGPCP2eGIA8KZaJZDlpwdymPG8hs4mh_69pElijC7ll8bCJc_6EawuI5n8X7CSs744tuc-HRjnRxRaEVmqQfoFpgNhSiw'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1562
[ {
"id" : "6d2be10a-dba3-4412-92a7-5f45057ecf57",
"resourceActionId" : "d2acdfdb-0997-4312-9748-1939dcdb3d6b",
"authorizationStrategyName" : "Admin",
"includeWhenAbove" : false,
"includeWhenAt" : true,
"includeWhenBelow" : true,
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:32:00.052069Z",
"updatedAt" : "2023-01-27T20:32:00.052069Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Update App Data in Admin Standard Roles"
}, {
"id" : "eb39db4d-0707-4787-a9e6-be4bb88e74d4",
"resourceActionId" : "8f229a6b-d3aa-45c9-8223-2df3503e456f",
"authorizationStrategyName" : "Admin",
"includeWhenAbove" : false,
"includeWhenAt" : false,
"includeWhenBelow" : true,
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:59.048890Z",
"updatedAt" : "2023-01-27T20:31:59.048890Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Create As Code AppWan in Admin Standard Roles"
}, {
"id" : "5c08a157-fdb9-42fc-8590-f274835a71a4",
"resourceActionId" : "94ec3b71-a474-4016-bbaa-a1f34103a172",
"authorizationStrategyName" : "Contributor",
"includeWhenAbove" : false,
"includeWhenAt" : false,
"includeWhenBelow" : true,
"createdBy" : "0ab1b47d-a5de-4f39-a3bd-7b130cacf401",
"createdAt" : "2023-01-27T20:31:59.158890Z",
"updatedAt" : "2023-01-27T20:31:59.158890Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Update Public Grant in Contributor Standard Roles"
} ]
Get Action Inclusion
GET /action-inclusions/{id}
Authorization
This endpoint requires read
action on the action-inclusion
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
resourceActionId |
String |
false |
|
authorizationStrategyName |
String |
false |
Size must be between 1 and 64 inclusive. |
includeWhenAbove |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is above the {@link StandardRoleType}'s {@link ResourceType}. |
includeWhenAt |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is the same as the {@link StandardRoleType}'s {@link ResourceType}. |
includeWhenBelow |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is below the {@link StandardRoleType}'s {@link ResourceType}. |
createdBy |
String |
false |
The identity id that created this resource. |
createdAt |
String |
false |
The date-time at which this {@link ActionInclusion} was created. |
updatedAt |
String |
false |
The date-time at which this {@link ActionInclusion} was updated. The only supported 'update' on this bean is to mark it as deleted. |
deletedAt |
String |
true |
The date-time at which this {@link ActionInclusion} was deleted. This will be null for an {@link ActionInclusion} that has not been deleted. If this property is not null, then the {@link ActionInclusion} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
_title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions/b0663591-0698-4c2e-bd86-b861aa344cbb' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJkU3NndHVTU25vWHpHSWhtN3A5eDBBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjFhMDZmYTE1LTU1YWEtNGY2My1hYzdmLWNkNWNmNjQzMmU2ZCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyNywiZXhwIjoxNjc0ODU1MTI3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiY2M5MmQwZjktNzVhMi00ZGY0LWFkM2YtZTZhYjEzNjcwNzNmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.jQKuHQnmp8qD3LeXOTgfKn2hIBoQBRUFkqMzTqQP0qyHr_PDdZgS7Pjo8eIv6uFcv2pUCRP_iPZ__ZD9LHjYPhAU4K1W29Bj8y8TNMZF9fVNjMDg3gCMfhML7qVbR26sE5KCeCQTjB02MqMybMyPQMXlreQauM4gk6rihrLtIMA9_-bK9RzCpUB9920uvaCecaOVk6xrl9oZgQ00iNTuxODpUY8ecCBflorg0cHujfiEYDioOXJuuzvoNn6bu5my5kB6fizKHW7ErvZ6Vd0IphvtwpTt-4zdghfDkg-JtESW-vAA1xxM_zCcSALihlv3AOQZWBwl0wxfv4t1uHNG_Q'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 522
{
"id" : "b0663591-0698-4c2e-bd86-b861aa344cbb",
"resourceActionId" : "d1ced3f5-81cd-410d-9b70-8f34dc595683",
"authorizationStrategyName" : "Admin",
"includeWhenAbove" : false,
"includeWhenAt" : true,
"includeWhenBelow" : true,
"createdBy" : "e81e4a3d-fcbc-4c1a-99c1-0af8b578fb80",
"createdAt" : "2023-01-27T20:32:07.911601Z",
"updatedAt" : "2023-01-27T20:32:07.911601Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Test Action 11 Test Type 10 in Admin Standard Roles"
}
Create Action Inclusion
POST /action-inclusions
Authorization
This endpoint requires the following actions:
-
create
action on theaction-inclusion
resource type -
read
action on theresource-action
resource type
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
resourceActionId |
String |
false |
Client must have |
includeWhen |
Map |
false |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
|
[].resourceActionId |
String |
false |
|
[].authorizationStrategyName |
String |
false |
Size must be between 1 and 64 inclusive. |
[].includeWhenAbove |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is above the {@link StandardRoleType}'s {@link ResourceType}. |
[].includeWhenAt |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is the same as the {@link StandardRoleType}'s {@link ResourceType}. |
[].includeWhenBelow |
Boolean |
true |
True if the linked {@link ResourceAction} should be included in {@link StandardRole}s where this {@link ResourceAction}'s {@link ResourceType} is below the {@link StandardRoleType}'s {@link ResourceType}. |
[].createdBy |
String |
false |
The identity id that created this resource. |
[].createdAt |
String |
false |
The date-time at which this {@link ActionInclusion} was created. |
[].updatedAt |
String |
false |
The date-time at which this {@link ActionInclusion} was updated. The only supported 'update' on this bean is to mark it as deleted. |
[].deletedAt |
String |
true |
The date-time at which this {@link ActionInclusion} was deleted. This will be null for an {@link ActionInclusion} that has not been deleted. If this property is not null, then the {@link ActionInclusion} is 'marked' as being deleted. For data retention reasons, we never actually delete a resource. |
[].deletedBy |
String |
true |
The identity id that deleted this resource. This will be null until the resource is marked deleted. |
[]._title |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJfbEdSNkhVOHVIVGktdkdFR0ZHRVJRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijk4ZDQ4NmQyLTMzMjktNGQyNC04MTE3LTY5YzM2YzIzYzQ3MyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyOCwiZXhwIjoxNjc0ODU1MTI4LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiOWM4ZGNkNTEtNTU2Ni00NjRkLTljY2EtNGViNDlmYjRmZjRjXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fSx7XCJpZFwiOlwiZGM3Njc0NWYtYmNlNi00MWZhLWJlYTAtMTNjYWVmMGMyMDc3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI4fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.PGioa1p4kKChvAQR_15Kzh3V8P-efmL2E7v2rRziA2VqzGJnLNRn0RtAoEwlQUnOsL054GTG7H_RPCOmILTYoqJuqQnd3dhy5qle4EOPOd_w4UPy-qFjVO5cuOZSHpe7_cafyiUPl5avnj7wQtXcj1KPNni4gJeOJjRiHNQH7aAhi1mqrA0LMsSA6QIH_p3lca-W8fWZ21WD6oZ-Wgn5QAR0WYM7VJjZa3M99JwiBvZdBUyRgGqK_RHiheP6ZrnXE_sXsIxawB83F4I7fz1mDmrm_2MnPlTOdz78z0BU-CfIRJQjUPQNRBMy7p71muwqsHM-nOPi3AcBJDBBEHIwGA' \
-d '{"resourceActionId":"64b5e9a9-fcb3-491c-ac82-4cea7938c263","includeWhen":{"Admin":{"above":false,"at":true,"below":true}}}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 526
[ {
"id" : "e76b3df6-63dd-4eb2-a848-c1ea4c375092",
"resourceActionId" : "64b5e9a9-fcb3-491c-ac82-4cea7938c263",
"authorizationStrategyName" : "Admin",
"includeWhenAbove" : false,
"includeWhenAt" : true,
"includeWhenBelow" : true,
"createdBy" : "98d486d2-3329-4d24-8117-69c36c23c473",
"createdAt" : "2023-01-27T20:32:08.059652Z",
"updatedAt" : "2023-01-27T20:32:08.059652Z",
"deletedAt" : null,
"deletedBy" : null,
"_title" : "Inclusion Rules for Test Action 17 Test Type 16 in Admin Standard Roles"
} ]
Delete Action Inclusion
DELETE /action-inclusions/{id}
Authorization
This endpoint requires delete
action on the action-inclusion
resource type.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client must have |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/action-inclusions/3122b38a-e69c-410a-88b9-de10f431c544' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJzT3ZrOFZNcU5sQVl2Q2VHUE1RLXlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijg1NmE4MjliLTg3NjQtNDhlMS05NzkyLWMyNjkwNTMzM2VlOCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyNywiZXhwIjoxNjc0ODU1MTI3LCJncmFudHMtc3VwZXIiOiJbXSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbe1wiaWRcIjpcImE2NGY1MWIzLWQxMjYtNGJkNS1iYTFiLTBiMmE1MGUyMTg1OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjZhNjA0ZmFjLWU1YzItNDUyZi1iZmZkLWQ3MjJlNzJiOGU1NFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImNkMzMwYTE2LTMxMDUtNGYyNS1iOTVlLThlZDljMDJiNDAwNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImFhOGMyOGJkLTU2YzctNDczMy1hZWFhLTEzOWU5ZjI3MjRhN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcIjE0YzBlZGQxLWFiNDAtNDZkMy05MzhiLTEzYjE4MzlmODYwZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcImMwZmQzNmU4LWM1ZmUtNDZkMi05MmU3LTViMTIxODdkMzUxNlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyMH0se1wiaWRcIjpcIjExMDRiNjlkLTc2OGYtNDE1ZS04YjE0LTg3OTM4YjljMTNlNVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjEzNGRiNjUyLWRmMmUtNDU0Mi1iMjBlLTAxYjA0OGRhMTBmZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOX0se1wiaWRcIjpcIjllYTkxMTM3LWRmNWUtNDgzYS1hMjQ4LTQwOTcyYjljOTFkZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUxOH0se1wiaWRcIjpcImU0NTAxYzRiLWExMDItNDBjNS1hNmI5LTgwYTI2MWMwMWUyZlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyM31dIiwiZ3JhbnRzLWFjdGlvbiI6Ilt7XCJpZFwiOlwiYWYwNjkwMzktMGZiYy00OTM5LWJiMTktYjc5ODk5N2JjNmE4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI3fV0iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.z_qChljqF04kZhnbMQTJj_GQXarE4NDd_61XFrftCZUNcWux9R52WsHuM7dphVc-6afdlaoL9ZmsOKZm44IvXhkcljKD59Ivnkf1SG6sOqWrJxdXJ03obIK9gxA44MGh9d4rBwP9KHgKszoR4HNuh2R1JvGdbA4xz_ePbaZWrVhRnXucDPFf1vii2uL6sSKuCymQ5svPCEbNzRW-FQnDQSmCKl_9RYb7vF6mjDNiR2BMOfrYKjFOk40ljdMxkPBtCwETWe36PYmZBg37sv06l-YuyfnfNSqatVSvTd0iTKoJ9Hbk5jypm8CkgtYF1_vLYib7I5GUCOADCQgQgjF7Eg'
Example response
HTTP/1.1 200 OK
Deprecated Resources
Resources
Find Resources
GET /resources
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
nameLike |
String |
true |
|
descriptionLike |
String |
true |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
|
description |
String |
false |
|
resourceTemplateId |
String |
true |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resources' -i -X GET
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1164
{
"content" : [ {
"id" : "045f36af-fc6a-4b05-9152-ddc5a02f1153",
"name" : "nfrn:tests:*:random61:*",
"description" : "All Random61",
"resourceTemplateId" : null,
"createdAt" : "2023-01-27T20:32:11.173504Z"
}, {
"id" : "161dc7be-be2e-4ce6-abbf-46dbc8d03951",
"name" : "nfrn:tests:*:random59:*",
"description" : "All Random59",
"resourceTemplateId" : null,
"createdAt" : "2023-01-27T20:32:11.136075Z"
}, {
"id" : "2b374a00-bf8d-4874-8cb5-5ce67adff0e0",
"name" : "nfrn:orgs:*:nets:*:gateway-clusters:*:endpoints:*",
"description" : "All Gateway Cluster Endpoints",
"resourceTemplateId" : null,
"createdAt" : "2023-01-27T20:31:57.780684Z"
} ],
"pageable" : {
"sort" : {
"unsorted" : true,
"sorted" : false,
"empty" : true
},
"pageNumber" : 0,
"pageSize" : 20,
"offset" : 0,
"paged" : true,
"unpaged" : false
},
"last" : false,
"totalPages" : 3,
"totalElements" : 50,
"numberOfElements" : 20,
"first" : true,
"number" : 0,
"sort" : {
"unsorted" : true,
"sorted" : false,
"empty" : true
},
"size" : 20,
"empty" : false
}
Get Resource
GET /resources/{idOrName}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
idOrName |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
|
description |
String |
false |
|
resourceTemplateId |
String |
true |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resources/d03e8e7c-41e5-4cb0-96db-c938eda8f893' -i -X GET
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 193
{
"id" : "d03e8e7c-41e5-4cb0-96db-c938eda8f893",
"name" : "nfrn:tests:*:foos:*",
"description" : "All Foos",
"resourceTemplateId" : null,
"createdAt" : "2023-01-27T20:32:03.812218Z"
}
Create Resource
POST /resources
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
false |
|
description |
String |
false |
|
audience |
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
|
description |
String |
false |
|
resourceTemplateId |
String |
true |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resources' -i -X POST \
-H 'Content-Type: application/json' \
-d '{"name":"nfrn:tests:*:random:*","description":"random test resource","audience":"io.netfoundry.tests"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 207
{
"id" : "20bb7f7c-65ee-46a0-beda-84b2e0be633c",
"name" : "nfrn:tests:*:random:*",
"description" : "random test resource",
"resourceTemplateId" : null,
"createdAt" : "2023-01-27T20:32:12.042387Z"
}
Delete Resource
DELETE /resources/{id}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/resources/ae752037-42d3-4dcf-957c-e9289373535c' -i -X DELETE
Example response
HTTP/1.1 200 OK
Actions
Find Actions
GET /actions
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
nameLike |
String |
true |
|
descriptionLike |
String |
true |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
Must match the regular expression |
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/actions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJ4Q053ZkpZdXozZFZjQ1JuZlFJSFJBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM4ZjFhYzY0LWUwZDEtNGNkMy04MGU0LTZjYzM3NDQ0OTdiMiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMCwiZXhwIjoxNjc0ODU1MTMwLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjVkMTM3N2VlLWVmMjktNGZjOC1iODkyLThhMzg5ODA2NGI2N1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMH1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiN2QyZmY3MzgtNWExOS00MTdmLWEwN2UtMjE5MGY4MjZiMzQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNjVmZmY5ZjEtMWE4Ny00NWY3LTljNTctMWU0NmE0YTkzYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.AJQVB5BOZbV3NOV0qIUmLtqgpdQpKgBCvyoXzoTT8_ZyXdzkmNo7-myWD1PgmbZBrkuJ8X0fq51au7JpLmSttErC4XIkD4GOk_pa3Ja3qy9SMc11xF6NqQuGaClSkkrmxf637gU0ZYLhMOuuvVwkwnA1ASdehDoEeIWtrIW171PsyPbTpGDwjqLHb0PXs-Oss8E7NoX2CHiRIopl1V1sjbLvtxtkEELFPRaRPmqdjjGSo1VUJrhhJLndfKyPVu8xtZ_bzxHlhR3ZeMJop5vL2ORUHo2E3BFJcWQAOvpVgmacWCYB4_oXgekXIHQEwVGTg-LA8_xir5jwJIoln-atlA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1050
{
"content" : [ {
"id" : "0a7199d7-30f6-4c77-b9a8-a1a8c90f71d3",
"name" : "networkconfigs:get-networkconfig-mds",
"description" : "Get Network Config Metadatas",
"createdAt" : "2023-01-27T20:31:58.567404Z"
}, {
"id" : "65010eca-0d5d-4ad4-8699-df2626a2857c",
"name" : "tests:create-foo",
"description" : "Create Foo",
"createdAt" : "2023-01-27T20:32:03.798254Z"
}, {
"id" : "98adc172-3138-4583-8632-c03340efb543",
"name" : "networkconfigs:*",
"description" : "All Network Config Actions",
"createdAt" : "2023-01-27T20:31:58.567132Z"
} ],
"pageable" : {
"sort" : {
"unsorted" : true,
"sorted" : false,
"empty" : true
},
"pageNumber" : 0,
"pageSize" : 20,
"offset" : 0,
"paged" : true,
"unpaged" : false
},
"last" : false,
"totalPages" : 9,
"totalElements" : 167,
"numberOfElements" : 20,
"first" : true,
"number" : 0,
"sort" : {
"unsorted" : true,
"sorted" : false,
"empty" : true
},
"size" : 20,
"empty" : false
}
Get Action
GET /actions/{idOrName}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
idOrName |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
Must match the regular expression |
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/actions/65010eca-0d5d-4ad4-8699-df2626a2857c' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiI4Y2RJY3IydGN4WFlra2hneV9kM3FBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjUyYWNiNTUyLTU3ODMtNGE0YS1hOTA2LTZmNWRjODUzNjNlMCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImJiMTdhYzYyLWY4ZTgtNGI1YS04OWYxLTkyNDRhMDJkZjgzZVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiN2QyZmY3MzgtNWExOS00MTdmLWEwN2UtMjE5MGY4MjZiMzQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNjVmZmY5ZjEtMWE4Ny00NWY3LTljNTctMWU0NmE0YTkzYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.zCCamaYtIQ7JfyTZZOAiLY26XE-FgpU_3xKDmENrvxQJtxRHZfY-TGPQZeceaSef2zIshmEvidtzcYlzWOL50PuOqc-O91nNmuLeaFiVI0jhgCb__5-P76yYzxW_5y5Xw-De19yCyktDxFxo3OYxwGgz9qAcmhGq2uC9av1quOnaEQsOw_frEaGaFMhyfUay1AxGkWIFca5h29i2pRlTc8kDn0S0ko54Bpy4xtxr0zs1PH7htKCbauiqiiyLT-J13UIiqEgAecCY6EuKK06dfcq5wtbOwNXlmw4CAF0W81EdTmF1GF_lGt6Ne0x_0GOQNl8LZEdTMm8rjMAiZU2juQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 161
{
"id" : "65010eca-0d5d-4ad4-8699-df2626a2857c",
"name" : "tests:create-foo",
"description" : "Create Foo",
"createdAt" : "2023-01-27T20:32:03.798254Z"
}
Create Action
POST /actions
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
false |
Must match the regular expression |
description |
String |
false |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
Must match the regular expression |
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/actions' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJJanRyVHRqUl92RnlBWkhnSV82OTRBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjQ0NWMzOTdjLTg5ODItNDhkMi04YTU5LTA1ZDk3YWI2ZDQxZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjJhNzQ0OTlkLTlhMDctNDE3MS04OTI2LWM3YThiYjFmMjMwN1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiN2QyZmY3MzgtNWExOS00MTdmLWEwN2UtMjE5MGY4MjZiMzQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNjVmZmY5ZjEtMWE4Ny00NWY3LTljNTctMWU0NmE0YTkzYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.FOHl_oHG6idm7g79X3XBX9R7JGvgnUDbxkCan1mKSmVIek8WQ8AIxntHs5HxGMJQcyLt19uAroS7zTZF36sMP4YHV6qJ02DtejYUFzRP26RMqe-z0Vc_T6o9rllaRjwB_ELijM1SrhU-yUEyqFPTlVflJK6A-12nXXYbjzFncxO6dC9CQOGFhZTnDq-NHyX_YF--CdRWe35rp5-oPJfIkTDibPDQwAamp2RUZi4VHZ5k85BhFO6o53wQmvEv93nmqsD_c9N0rdBs7uaHCp9V0bUanRCgd7wwkAhsmZ4ocND_tfJuyfFBDi6Ch5sC8NC4XPlkYZzUpK9qwnV59GfaYg' \
-d '{"name":"nfrn:get-widget","description":"Getting a widget"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 166
{
"id" : "8754d89b-45e3-4fac-b77a-e093013e53fe",
"name" : "nfrn:get-widget",
"description" : "Getting a widget",
"createdAt" : "2023-01-27T20:32:11.075311Z"
}
Policies
Find Policies
GET /policies
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
resourceIdIn |
Object |
true |
|
actionIdIn |
Object |
true |
|
descriptionLike |
String |
true |
|
roleId |
Object |
true |
|
identityId |
Object |
true |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
resourceId |
String |
false |
|
actionId |
String |
false |
|
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJSTUpTeVE4TjlpQnBuWmNSelRKMlFBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImIzYWVlNmQyLWZhNDAtNDA1ZS04MWY1LWRiZjdjZTgxMGE3NSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjBhMWU0NTllLWNiZDItNGE4My05NWQxLWQzMGNkMTZkMjI0OVwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiN2QyZmY3MzgtNWExOS00MTdmLWEwN2UtMjE5MGY4MjZiMzQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNjVmZmY5ZjEtMWE4Ny00NWY3LTljNTctMWU0NmE0YTkzYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.iXvuCdk1NJIA1z1KZq4bZwOa5NO_rTtlUM1gCpuNv9r6RojhLUg1T3P3LVSI0xxJOTDLRIkmxIcpaFf-gjIrwyVPbatbrJL0IPHhYhQA9HcjBONT7TRn8NcuRtn-HlXvW2T146cbaKBsrnl3zL3h3WEnhy973iaszhMUbJX6cmqVBTKTmsFYsRiix4zLk0s50vjpbK-Ikpg6KudA437zOPr38VVbEI67bvnEyTW55_9lti01RFszI4uStayN1nVXo1fawI-wq_TRC0RfvQadwn60VcB9p1cfQASQym3e0-S_HAMGx7wo8z142TnLxWdkQwVCeeT40p1xgmEDmmXUpg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1215
{
"content" : [ {
"id" : "0597e8f7-be2b-11e9-b33b-d05099466715",
"resourceId" : "d862d360-d75b-11e9-b01a-d05099466715",
"actionId" : "d180d08a-d75b-11e9-b01a-d05099466715",
"description" : "",
"createdAt" : "2023-01-27T20:31:57.814541Z"
}, {
"id" : "0597e924-be2b-11e9-b33b-d05099466715",
"resourceId" : "d862d360-d75b-11e9-b01a-d05099466715",
"actionId" : "d180d1a5-d75b-11e9-b01a-d05099466715",
"description" : "",
"createdAt" : "2023-01-27T20:31:57.814541Z"
}, {
"id" : "0597e934-be2b-11e9-b33b-d05099466715",
"resourceId" : "d862d360-d75b-11e9-b01a-d05099466715",
"actionId" : "d180cffa-d75b-11e9-b01a-d05099466715",
"description" : "",
"createdAt" : "2023-01-27T20:31:57.814541Z"
} ],
"pageable" : {
"sort" : {
"unsorted" : true,
"sorted" : false,
"empty" : true
},
"pageNumber" : 0,
"pageSize" : 20,
"offset" : 0,
"paged" : true,
"unpaged" : false
},
"last" : false,
"totalPages" : 9,
"totalElements" : 171,
"numberOfElements" : 20,
"first" : true,
"number" : 0,
"sort" : {
"unsorted" : true,
"sorted" : false,
"empty" : true
},
"size" : 20,
"empty" : false
}
Get Policy
GET /policies/{id}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
resourceId |
String |
false |
|
actionId |
String |
false |
|
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies/d47487ad-81f3-4b6b-877b-ce06cf8a2687' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJqSWQ0SnBVRmJDQUZ3OWFQQmdSVWdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjA1NjNlYzI1LThjYjktNDhmZi04Njc3LTNlMzZmNTM4NGE1MyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImNhNDM3YTAyLThiOTgtNGJhNC1hZDJmLWYzZWEwOWEzNThhMlwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiN2QyZmY3MzgtNWExOS00MTdmLWEwN2UtMjE5MGY4MjZiMzQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNjVmZmY5ZjEtMWE4Ny00NWY3LTljNTctMWU0NmE0YTkzYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.HkIwass1Hi8h3_xcHSo2C87hJaDfBVm4auqpsYASy4HWydYcNvCNHVg0laFhL_vQr3Sntl2BQdqDGbaX3472Fx94YtWTLW2X9qphDVxQcMTSHpDIId_ZyXHIr3LNol4hFTJeWvKn57NEVDqX1FfdvTooq7WS-zMywAgvcGiaAVHpWwumTnNnz3hNTpqzBAiTcOZn3rWWGcTbvlsSpkJ-GqkN_2f-mkoRRwF5DZxdkMSwLmEt9UhT5fTH27y9sXbn5P3BQy65wIigKagskGepg4-3Y3e4bKnfe-VlcltDWHgtO_ftd4I9BnOMYe5Ors-OsvLztfISR9uVnURlT5wSBQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 255
{
"id" : "d47487ad-81f3-4b6b-877b-ce06cf8a2687",
"resourceId" : "d03e8e7c-41e5-4cb0-96db-c938eda8f893",
"actionId" : "65010eca-0d5d-4ad4-8699-df2626a2857c",
"description" : "Create Foo for All Foos",
"createdAt" : "2023-01-27T20:32:03.821064Z"
}
Create Policy
POST /policies
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
resourceId |
String |
false |
|
actionId |
String |
false |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
resourceId |
String |
false |
|
actionId |
String |
false |
|
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJzaGVTLW05VVhXNWFCNl9tQWNxWFR3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjY1Y2Y2ZTljLTc0MWItNDY5NC1iMTZiLTFlOTc0NzE2OTU2MCIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImE5OWM5ZWJkLWQ4NzQtNDA2Yy04NWQ3LTkyNWE5YWRiNjcwMFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiN2QyZmY3MzgtNWExOS00MTdmLWEwN2UtMjE5MGY4MjZiMzQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNjVmZmY5ZjEtMWE4Ny00NWY3LTljNTctMWU0NmE0YTkzYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.Yqs-gtYMzhZWC1bJP3SdaiMiaL7LKL7inYs7lauUweK0yGq1B7D0JCe28nUVgDMzz0kqZtTSFfJPFIQQy1i4ep4xNuJLA7UNvxQ0MGvBiTG8arUg_zMbxJXy3AD3tY8ctq9sVcdyh8vQdjga7_RXHsGRUnrhdEQZQmdqxgCdcXem1zuVU0rdpo6OdCCZKOHghRTlFVcvXw8MkQeWR1eoQpsCrs0hmnDe--FxYZkY4_AV67lcejvK1xoiCerR6aVqnoH45VFeMYlHEglLJNmdruBBWvcs9Wl6TKdXpJAvyXT7nB9qq626_-fPC1w1py3CkfyyiSS8cGZ3w_b-perBSg' \
-d '{"resourceId":"98f049ba-a6a8-4505-b469-43ee28909bc6","actionId":"1d12a067-2e8f-4c88-9e56-a173f6d82151"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 264
{
"id" : "a2a344a5-2436-484b-b972-1e22c9f1a71f",
"resourceId" : "98f049ba-a6a8-4505-b469-43ee28909bc6",
"actionId" : "1d12a067-2e8f-4c88-9e56-a173f6d82151",
"description" : "Random Action 71 on All Random70",
"createdAt" : "2023-01-27T20:32:11.435433Z"
}
Delete Policy
DELETE /policies/{id}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies/7e9b520d-af1c-4f84-9c7e-9b97d10643da' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJDd1pkQmx1Qm5Fa2czT2VPWDE2blBBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6Ijc2MzFlNzM0LTFkYjctNDgzNC1iNGU4LWQyNDAxNjcxODU4MSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImZhZWU5YTczLWM4ZTAtNDY0OC1hZDZhLTI1NTJmN2VkZGNhZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiN2QyZmY3MzgtNWExOS00MTdmLWEwN2UtMjE5MGY4MjZiMzQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNjVmZmY5ZjEtMWE4Ny00NWY3LTljNTctMWU0NmE0YTkzYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.XCATJhWQTWNDPdzX35D_az3JDhCHVxRe4B_j0yYbaQ_aj1VJe5Bg6PasgY88IAHoNt82U_EbhbdU-q7PpdQ6u75y8pXCSFOXok0zSDUXO7XffQ4LDFuRw-BM8vpIc57yqL70p_2iCi0gx1IvJ9bDwTlTFt_ZSdPTtylCo0uW-IEqrjN_FBuQEATPASFe6e-KhEl1-LGslc13W4Pz4rUGnZmm8BoKcCvoCKLk5XmrqcLcgO8bnqup44WueMDUs12qyNwgMfe8kz1hs_a9C22zRM2bNGrHDcJD8EoO2AKgCboZeBJTUEpWQxIUTMULXWYA7YNHD77_1I6iG86qVC4EtQ'
Example response
HTTP/1.1 200 OK
Grant Policy To Identity
PUT /policies/{id}/identity-grants/{identityId}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
|
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies/8cc60865-9212-4de8-9caa-d40770093d8e/identity-grants/87f124b3-6c65-4604-838d-8685f4651574' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJjaVAyYUpoYmdDYThaS2YzdjAxaTR3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImQ4MTVlYTQ3LTA5NWMtNDQzZC1iODYzLTNkZWQ1NmIzZmI2ZSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImRkMGM3NmUzLTEyNzgtNGQyOC05ZWEyLTU5Mzc5MWYyNzEzOFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiN2QyZmY3MzgtNWExOS00MTdmLWEwN2UtMjE5MGY4MjZiMzQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNjVmZmY5ZjEtMWE4Ny00NWY3LTljNTctMWU0NmE0YTkzYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.w1Y4GQClRs4q1B3kNTaDhS_QdCOmhHMYIG-hSk9XEOKlYFpavdP9ggprSWhh9MyB2u6KCtG2NTamLWVaLAzhUaDzPbTvrZj5byRjSE9cIiXuk5KbWo5iQT5GybydSPga27TngNQGBrk4ihMiLQvdIyQPjtjCmnRU8Cjz9g9B1Jwun_bmi6NhNSmYsHxBEjpkGB0R_auKGfoLiZpDuQGZ8QYhCTr7KqSr8m0yw8jeDLSLEaf5_fSfuAf2J6vJHXw1DZBluR1-juA_f4gvrljmpVeXosicCi6dVCOAAGA0KldMPy_L_vl6h4AzfFPc67aJc8H5t7I3jVF1Eeq_QUu6bg'
Example response
HTTP/1.1 200 OK
Revoke Policy From Identity
DELETE /policies/{id}/identity-grants/{identityId}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
|
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies/a59c44bf-7bb0-4ae0-900d-b79bdfde7826/identity-grants/7a25dfec-5727-49e2-8b6d-9c0a4c39b173' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJsZXRIV01ZZ1RaWmFyT3gwbUNOMFBRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjA1NGVjZmVjLTliZGItNDhjNi1hMTc3LTA5NWI2Mzg4OTQ1NyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcImZmY2JmODY2LWZmMTktNGM2Ny1iM2M2LWQyOTNkNTBhZmVlM1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiN2QyZmY3MzgtNWExOS00MTdmLWEwN2UtMjE5MGY4MjZiMzQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNjVmZmY5ZjEtMWE4Ny00NWY3LTljNTctMWU0NmE0YTkzYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.R4f59WoyxxzHV5xYphwnRLmI3DZIcQN6bvLwy4QA5h8LqzpLRmUvABnyP7CdFQB56sdwLnaptfR-ii-Y7rIc4Ma4xJxnG2gAq39NKIGKYX1QIeRgNUeb--2a0rjG1DNdyLWUitkSQkRGjTu0K-KKDvqWKUkhwWn2lTX9m5M2GejScjRs96hoYyaJK3fWmy8Aw0FiktzD2vNyKTRVo7u0Ta6QjNKq7SRPUAyZFjcdo3tyJf4TwbuyuMAAAiNjxxqFE06RWflcsgzD-bAVs-eb8fvnlIcfRSxhPRXwPzb7fsexyeZsu8W0KxxaqAmEZSFidSyTckt3IhnhgAbJGbyeBQ'
Example response
HTTP/1.1 200 OK
Grant Policy To Role
PUT /policies/{id}/role-grants/{roleId}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
|
roleId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies/d98fa01e-e1f5-4d51-8bff-4ee70be3976a/role-grants/8743140d-757c-4f25-a883-29cb8ee66082' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJBMlhNVk5KR1h0bTFOVWFtbEtsRWF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImI2MzAyOGUyLTI3OGYtNGY2Zi05MzMwLWU3ZGRjM2M4N2Y4OSIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjA4ODg1ZjVlLWJhNTQtNGQyMy04YzQ1LTE3YWU4NDMwM2U1M1wiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiN2QyZmY3MzgtNWExOS00MTdmLWEwN2UtMjE5MGY4MjZiMzQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNjVmZmY5ZjEtMWE4Ny00NWY3LTljNTctMWU0NmE0YTkzYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.cAeBWccHaSXcOUVWPGH-g8SJdUVOYjIcXCuNgaCvDZZSOZvtFVXAlAWFFz9otcEHSSeM0PfERUTqcd9Goqz1uUjDgdLcARP0uXEiPK6Ipwwb-A-9C2Mgn0oVahMMZLQUdBjlQnTQyouNWJSLem8ACjZeLcNagqa0fHSUoqMAM94U_OQQ0RYhK-OL4WEyIrxWtrfJAaajU6zM6q45hTauYsJiiiXHx_ZTy4wTBpPIysRbLFY-JLUaiAAk1TSapYtiyvprSZ5Ukjdrsp1Vyfwd48gTwMjWfmWtUY_uHniXmVA3dpvrL1AcFMp86h9JQN_spiqm9RdDrS_tmCcVlrt2uQ'
Example response
HTTP/1.1 200 OK
Revoke Policy From Role
DELETE /policies/{id}/role-grants/{roleId}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
|
roleId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/policies/09bda907-b714-4315-a054-8fa083be347a/role-grants/dfff2257-d114-417e-b9f8-df09aba161fc' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJ0YnNjcDBBdlZ6dDJaVFM1b2tqQWF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImZlZmZiZDBjLTBlZGUtNDEyZS1hMzQyLThmNzNlZWZhYzYzZiIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUzMSwiZXhwIjoxNjc0ODU1MTMxLCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjQ4NWQ1OTVkLWI1MzQtNDAyNC1hYTg0LTU4ODY4MmUzNGE3OFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUzMX1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiN2QyZmY3MzgtNWExOS00MTdmLWEwN2UtMjE5MGY4MjZiMzQ4XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTMwfSx7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNjVmZmY5ZjEtMWE4Ny00NWY3LTljNTctMWU0NmE0YTkzYjkwXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTI5fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.cjf0ERg55feX9XD-cXFLOY5vEGDmV0JPAkmXlxG4QG-Le9cip_x_PGXU9b_LyNILs2H8hZlHwmbsTdk3Mn9nF3RGupV-lHZ_tv9BesdMMct2RWXeVWExvaTZcuMcEa5U9SDxhHcbiTgDicmbOsxhvNLbAo6v8bBLtBMom0WqhPFmG_-7nrfI6lowb8DV0_gjFsfhbaZ4-bzvu4hpoGMfrTT-6A4_gapNUFJdDLe45rDRDddTbVXUSTIMODLpUhGaSV2yU3MimTfRX7JfiOVV7DSPCapTZoHISRQfUvZJC-FZ2o-gNAyzkLC3XqQBm9-gcl07U23KHdFJqad80jiEWQ'
Example response
HTTP/1.1 200 OK
Roles
Find Roles
GET /roles
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
nameLike |
String |
true |
|
descriptionLike |
String |
true |
|
policyId |
Object |
true |
|
identityId |
Object |
true |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
|
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/roles' -i -X GET
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1018
{
"content" : [ {
"id" : "4d973b6c-54d8-4f2e-8d0a-3ae2fa3fef24",
"name" : "Random Role 1",
"description" : "All random on all tests",
"createdAt" : "2023-01-27T20:32:06.886410Z"
}, {
"id" : "5c5ac179-8c46-4337-9260-3d8701918ef6",
"name" : "Random Role 0",
"description" : "All random on all tests",
"createdAt" : "2023-01-27T20:32:06.818203Z"
}, {
"id" : "b06dbe84-3af8-457b-bccc-78ae6771a0d8",
"name" : "Foo Admin",
"description" : "All Foo related actions",
"createdAt" : "2023-01-27T20:32:03.829574Z"
} ],
"pageable" : {
"sort" : {
"unsorted" : true,
"sorted" : false,
"empty" : true
},
"pageNumber" : 0,
"pageSize" : 20,
"offset" : 0,
"paged" : true,
"unpaged" : false
},
"last" : true,
"totalPages" : 1,
"totalElements" : 8,
"numberOfElements" : 8,
"first" : true,
"number" : 0,
"sort" : {
"unsorted" : true,
"sorted" : false,
"empty" : true
},
"size" : 20,
"empty" : false
}
Get Role
GET /roles/{idOrName}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
idOrName |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
|
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/roles/b06dbe84-3af8-457b-bccc-78ae6771a0d8' -i -X GET
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 167
{
"id" : "b06dbe84-3af8-457b-bccc-78ae6771a0d8",
"name" : "Foo Admin",
"description" : "All Foo related actions",
"createdAt" : "2023-01-27T20:32:03.829574Z"
}
Create Role
POST /roles
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
false |
|
description |
String |
false |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
false |
|
description |
String |
false |
|
createdAt |
String |
false |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/roles' -i -X POST \
-H 'Content-Type: application/json' \
-d '{"name":"Test Role ba56709c-415f-4c98-ab58-860edd9cd1d0","description":"Random test role"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 197
{
"id" : "61c63088-fe5f-4723-a6b9-21b5c02ae009",
"name" : "Test Role ba56709c-415f-4c98-ab58-860edd9cd1d0",
"description" : "Random test role",
"createdAt" : "2023-01-27T20:32:07.111501Z"
}
Delete Role
DELETE /roles/{id}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/roles/dc09feab-c478-49ae-a3cc-e7e35027d616' -i -X DELETE
Example response
HTTP/1.1 200 OK
Grant Role To Identity
PUT /roles/{id}/identity-grants/{identityId}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
|
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/roles/5c5ac179-8c46-4337-9260-3d8701918ef6/identity-grants/2401d50f-7c72-4591-b4d0-85293a203164' -i -X PUT
Example response
HTTP/1.1 200 OK
Revoke Role From Identity
DELETE /roles/{id}/identity-grants/{identityId}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
|
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/roles/4d973b6c-54d8-4f2e-8d0a-3ae2fa3fef24/identity-grants/97e9ed1f-5044-4089-bc8f-adfd418dac66' -i -X DELETE
Example response
HTTP/1.1 200 OK
Claims
Find Claims
GET /claims
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
identityIdIn |
Object |
true |
|
roleIdIn |
Object |
true |
|
policyIdIn |
Object |
true |
|
resourceNameLike |
String |
true |
|
actionNameLike |
String |
true |
|
audience |
String |
true |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
resource |
String |
false |
The policy resource name. |
action |
String |
false |
The policy action name. |
Example request
$ curl 'https://gateway.netFoundry.io/auth/v1/claims' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImY4NjU4MzY5LWI2MzktNGIwNC1hNDhiLTY4NGY4NmM0ZmE2NiJ9.eyJqdGkiOiJsS29rSXFjOEgyQWMyTC1OU2JJOTJ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImYyZTIxOWVhLTZkOTktNDdkNS04ODE2LTAzNWZjMjNlMTE1MyIsImF1ZCI6ImlvLm5ldGZvdW5kcnkuYXV0aCIsImlhdCI6MTY3NDg1MTUyNiwiZXhwIjoxNjc0ODU1MTI2LCJncmFudHMtc3VwZXIiOiJbe1wiaWRcIjpcIjRjYjIzMzQyLWZlMWMtNGI3Ni1hZTI2LTU2ZDI4N2FmZmVkZFwiLFwibGFzdE1vZGlmaWVkXCI6MTY3NDg1MTUyNn1dIiwiZ3JhbnRzLWN1c3RvbSI6IltdIiwiZ3JhbnRzLXB1YmxpYyI6Ilt7XCJpZFwiOlwiYTY0ZjUxYjMtZDEyNi00YmQ1LWJhMWItMGIyYTUwZTIxODU5XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiNmE2MDRmYWMtZTVjMi00NTJmLWJmZmQtZDcyMmU3MmI4ZTU0XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiY2QzMzBhMTYtMzEwNS00ZjI1LWI5NWUtOGVkOWMwMmI0MDA2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiYWE4YzI4YmQtNTZjNy00NzMzLWFlYWEtMTM5ZTlmMjcyNGE3XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiMTRjMGVkZDEtYWI0MC00NmQzLTkzOGItMTNiMTgzOWY4NjBmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiYzBmZDM2ZTgtYzVmZS00NmQyLTkyZTctNWIxMjE4N2QzNTE2XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIwfSx7XCJpZFwiOlwiMTEwNGI2OWQtNzY4Zi00MTVlLThiMTQtODc5MzhiOWMxM2U1XCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiMTM0ZGI2NTItZGYyZS00NTQyLWIyMGUtMDFiMDQ4ZGExMGZkXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE5fSx7XCJpZFwiOlwiOWVhOTExMzctZGY1ZS00ODNhLWEyNDgtNDA5NzJiOWM5MWRlXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTE4fSx7XCJpZFwiOlwiZTQ1MDFjNGItYTEwMi00MGM1LWE2YjktODBhMjYxYzAxZTJmXCIsXCJsYXN0TW9kaWZpZWRcIjoxNjc0ODUxNTIzfV0iLCJncmFudHMtYWN0aW9uIjoiW10iLCJncmFudHMtc3RhbmRhcmQiOiJbXSJ9.sipJ8kA67tGiDxCp-01OJgVtDz0M61nJUhRyLJIxuijvMhFTk6tq5PAI4wVS4WziCO0nccgtt-w42YSJLAJPajFP9Nr9ofBWqDyCMx1xipX5X9MA8Bd32TFBW2Y1iZiLmnSbmzyOHV4ewVJSuAI81MOyBGLyOZd73rudd1keBjewacjS9R773k3SLviaLqF17mRJwTRSUFUHbGWqci24puqE8BCdMIyUGQcqLJ6GpmAPJMQzqm0axAfny6RQG0TfiMqrFz2_O6F6gIiDAYIQ9SxDP2wLP_kH309IR0XJL85-wLAx1qIsq5yws_u3j7AAqKNduIJ9wDBNCLlt5Kv_-A'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 524
{
"content" : [ {
"resource" : "nfrn:tenants:*",
"action" : "tenants:get-tenants"
}, {
"resource" : "nfrn:tests:*:foos:*",
"action" : "tests:create-foo"
}, {
"resource" : "nfrn:tenants:*",
"action" : "tenants:get-tenants"
} ],
"pageable" : "INSTANCE",
"last" : true,
"totalPages" : 1,
"totalElements" : 20,
"numberOfElements" : 20,
"first" : true,
"number" : 0,
"sort" : {
"unsorted" : true,
"sorted" : false,
"empty" : true
},
"size" : 20,
"empty" : false
}