Dum engine
Overview
Dum engine API definition
Version information
Version : 1.0.0
Contact information
Contact Email : [email protected]
URI scheme
BasePath : /api/v1
Schemes : HTTP, HTTPS
Tags
- groups : Group operations
- permissions : Manage permissions
- persons : Person operations
- policies : Policy operations
- scopes : Manage scopes
External Docs
Description : Find out more about Onegini solutions
URL : https://onegini.com/
Paths
Create a group
POST /groups
Description
Create a group.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body | body required |
Group to be added. | GroupNew |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Group created successfully. | GroupGet |
400 | Bad request | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups
Request body
{
"name" : "Innosure Back Office",
"custom_attributes" : {
"CrmIdentifier" : "1234567"
},
"parent_group_id" : "936ed327-5711-4c0f-bd80-23e33878ac5f"
}
Example HTTP response
Response 201
{
"name" : "Innosure Back Office",
"custom_attributes" : {
"CrmIdentifier" : "1234567"
},
"id" : "aacbb656-d967-4671-86a9-c691730905e5",
"policy_ids" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
"child_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
"parent_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ]
}
Response 400
{
"Missing parent group id parameter in body" : {
"error_code" : 1006,
"error_message" : "One or more of the body parameters are invalid or missing.",
"details" : [ "Field 'parent_group_id' cannot be null." ]
},
"Missing name parameter in body" : {
"error_code" : 1006,
"error_message" : "One or more of the body parameters are invalid or missing.",
"details" : [ "Field 'name' cannot be null." ]
}
}
List groups
GET /groups
Description
List groups.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query | custom_attribute optional |
Custom attribute in the form of name:value. If present the custom attribute criteria is added. Example: "c1:v1" |
string | |
Query | page optional |
Number of requested page in pagination. | integer | 0 |
Query | size optional |
Amount of items to be returned in response. | integer | 10 |
Query | sort optional |
Sorts result in ascending or descending order in a form column_name,direction .Allowed direction: ASC - ascending order DESC - descending order Example column names: id - sort result by id name - sort result by name Example: ?sort=name,DESC - sort in descending order by name?sort=name,ASC?&sort=id,DESC - sort in ascending order by name and in descending order by id |
< string > array | "name,ASC" |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Groups returned successfully. | GroupCollection |
400 | Bad request | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups
Example HTTP response
Response 200
{
"content" : [ {
"name" : "Innosure Back Office",
"custom_attributes" : {
"CrmIdentifier" : "1234567"
},
"id" : "aacbb656-d967-4671-86a9-c691730905e5",
"policy_ids" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
"child_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
"parent_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ]
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Response 400
{
"Invalid custom attribute parameter" : {
"error_code" : 1004,
"error_message" : "One or more of the request parameters are invalid or missing.",
"details" : [ "Required string in the form of `name:value` parameter 'custom_attribute' is not present" ]
}
}
Search for groups
GET /groups/search
Description
Search for groups which specified person and identity provider type have permissions to.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query | idp_type required |
The type of the identity provider from which the person identifier originates. 'CIM' value is reserved for Onegini's IdP. | string | |
Query | name optional |
Name of a group to be found (may contain % sign at the beginning or/and at the end to search for groups with name that contains the value, eg. %amp% will find company of a name Example and Ampe ) |
string | "%" |
Query | page optional |
Number of requested page in pagination. | integer | 0 |
Query | parent_group_id optional |
Identifier of the parent group. As default it's a root group's id | string | "{root_group_id}" |
Query | person_id required |
Identifier of the person for which groups with person permissions should be returned | string | |
Query | size optional |
Amount of items to be returned in response. | integer | 10 |
Query | sort optional |
Sorts result in ascending or descending order in a form column_name,direction .Allowed direction: ASC - ascending order DESC - descending order Example column names: gchild.id - _sort result by id gchild.name - _sort result by name Example: ?sort=g_child.name,DESC - sort in descending order by name?sort=g_child.name,ASC&sort=g_child.id,DESC - sort in ascending order by name and in descending order by id |
< string > array | "g_child.name,ASC" |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Groups returned successfully. | GroupCollection |
400 | Bad request | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/search?idp_type=string&person_id=string
Example HTTP response
Response 200
{
"content" : [ {
"name" : "Innosure Back Office",
"custom_attributes" : {
"CrmIdentifier" : "1234567"
},
"id" : "aacbb656-d967-4671-86a9-c691730905e5",
"policy_ids" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
"child_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
"parent_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ]
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Response 400
{
"Missing person id" : {
"error_code" : 1004,
"error_message" : "One or more of the request parameters are invalid or missing.",
"details" : [ "Person id parameter is required" ]
},
"Missing idp type" : {
"error_code" : 1004,
"error_message" : "One or more of the request parameters are invalid or missing.",
"details" : [ "Idp type parameter is required" ]
},
"Wrong sort parameter" : {
"error_code" : 1009,
"error_message" : "Wrong sort parameter."
}
}
Get a group by identifier
GET /groups/{group_id}
Description
Get a group by identifier.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Groups returned successfully. | GroupGet |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string
Example HTTP response
Response 200
{
"name" : "Innosure Back Office",
"custom_attributes" : {
"CrmIdentifier" : "1234567"
},
"id" : "aacbb656-d967-4671-86a9-c691730905e5",
"policy_ids" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
"child_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
"parent_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ]
}
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
}
}
Update a group
PUT /groups/{group_id}
Description
Update a group.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Body | body required |
Group to be updated. | GroupEdit |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Group updated successfully. | GroupGet |
404 | Not found | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string
Request body
{
"name" : "Innosure Back Office",
"custom_attributes" : {
"CrmIdentifier" : "1234567"
}
}
Example HTTP response
Response 200
{
"name" : "Innosure Back Office",
"custom_attributes" : {
"CrmIdentifier" : "1234567"
},
"id" : "aacbb656-d967-4671-86a9-c691730905e5",
"policy_ids" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
"child_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
"parent_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ]
}
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
}
}
Delete group
DELETE /groups/{group_id}
Description
Delete group.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Group deleted successfully. | No Content |
404 | Not found | ErrorResponse |
Tags
- groups
Example HTTP request
Request path
/groups/string
Example HTTP response
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
}
}
Set a custom attribute on a group
POST /groups/{group_id}/custom-attributes
Description
The name and value are free-form and can be used to store custom data on the group itself. A custom attribute contains a name and a value
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Body | CustomAttribute required |
The request has a JSON body containing a custom attribute | CustomAttribute |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Custom attribute added successfully | No Content |
400 | Bad request | ErrorResponse |
404 | Not found | ErrorResponse |
409 | Custom attribute already exists | ErrorResponse |
Consumes
application/json
Tags
- groups
Security
Type | Name |
---|---|
basic | BasicAuth |
Example HTTP request
Request path
/groups/string/custom-attributes
Request body
{
"name" : "CrmIdentifier",
"value" : "1234567"
}
Example HTTP response
Response 400
{
"Missing value and name parameter in body" : {
"error_code" : 1006,
"error_message" : "One or more of the body parameters are invalid or missing.",
"details" : [ "Field 'value' cannot be null.", "Field 'name' cannot be null." ]
}
}
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
}
}
Response 409
{
"Custom attribute already exists" : {
"error_code" : 6002,
"error_message" : "Custom attribute with given name already exists."
}
}
Update custom attribute on a group
PUT /groups/{group_id}/custom-attributes/{custom_attribute_name}
Description
To update an identifier, the custom_attribute_name is used to identify the custom attribute within the groups custom attributes
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | custom_attribute_name required |
Name of updated custom attribute. | string |
Path | group_id required |
Identifier of the group. | string |
Body | UpdatedCustomAttributeValue required |
The request has a JSON body containing a custom attribute value | UpdatedCustomAttributeValue |
Name | Description | Schema |
---|---|---|
value required |
Example : "1234567" |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Custom attribute updated successfully | No Content |
400 | Bad request | ErrorResponse |
404 | Not found | ErrorResponse |
409 | Custom attribute does not exist | ErrorResponse |
Consumes
application/json
Tags
- groups
Security
Type | Name |
---|---|
basic | BasicAuth |
Example HTTP request
Request path
/groups/string/custom-attributes/string
Request body
{
"value" : "1234567"
}
Example HTTP response
Response 400
{
"Missing value parameter in body" : {
"error_code" : 1006,
"error_message" : "One or more of the body parameters are invalid or missing.",
"details" : [ "Field 'name' cannot be null." ]
}
}
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
}
}
Response 409
{
"Response" : {
"error_code" : 6001,
"error_message" : "Custom attribute with given name not found."
}
}
Delete custom attribute on a group
DELETE /groups/{group_id}/custom-attributes/{custom_attribute_name}
Description
To delete an identifier, the custom_attribute_name is used to identify the custom attribute within the groups custom attributes
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | custom_attribute_name required |
Name of deleted custom attribute. | string |
Path | group_id required |
Identifier of the group. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Custom attribute deleted successfully | No Content |
404 | Not found | ErrorResponse |
409 | Custom attribute does not exist | ErrorResponse |
Tags
- groups
Security
Type | Name |
---|---|
basic | BasicAuth |
Example HTTP request
Request path
/groups/string/custom-attributes/string
Example HTTP response
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
}
}
Response 409
{
"Response" : {
"error_code" : 6001,
"error_message" : "Custom attribute with given name not found."
}
}
Add a Onegini IdP person to a group
POST /groups/{group_id}/persons
Description
Add a Onegini IdP person to a group.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Body | body required |
Person information to be added, eg. first and last name | PersonIdAndName |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Person successfully added to group. | No Content |
400 | Bad request | ErrorResponse |
404 | Not found | ErrorResponse |
409 | Conflict | ErrorResponse |
Consumes
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/persons
Request body
{
"person_id" : "577a42f9-a43f-438d-ad51-fae46fbe1bf7",
"first_name" : "John",
"last_name" : "Smith"
}
Example HTTP response
Response 400
{
"Missing person id parameter in body" : {
"error_code" : 1006,
"error_message" : "One or more of the body parameters are invalid or missing.",
"details" : [ "Invalid personId!" ]
},
"Missing first and last name parameter in body" : {
"error_code" : 1006,
"error_message" : "One or more of the body parameters are invalid or missing.",
"details" : [ "Field 'first_name' cannot be empty.", "Field 'last_name' cannot be empty." ]
}
}
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
}
}
Response 409
{
"Group member already exists" : {
"error_code" : 5003,
"error_message" : "Person with given id is already group member."
}
}
List group members.
GET /groups/{group_id}/persons
Description
List persons who are members of the given group.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path | group_id required |
Identifier of the group. | string | |
Query | page optional |
Number of requested page in pagination. | integer | 0 |
Query | size optional |
Amount of items to be returned in response. | integer | |
Query | sort optional |
Sorts result in ascending or descending order in a form column_name,direction .Allowed direction: ASC - ascending order DESC - descending order Allowed column names: firstName - sort result by first name lastName - sort result by last name Example: * ?sort=firstName,ASC&sort=lastName,DESC - sort result in ascending order by first and in descending order by last name |
< string > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Group members returned successfully. | PersonNameCollection |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/persons
Example HTTP response
Response 200
{
"content" : [ {
"person_id" : "577a42f9-a43f-438d-ad51-fae46fbe1bf7",
"idp_type" : "CIM",
"first_name" : "John",
"last_name" : "Smith"
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
}
}
Search group members.
GET /groups/{group_id}/persons/search
Description
Search persons who are members of the given group.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path | group_id required |
Identifier of the group. | string | |
Query | name optional |
Name of a user to be found (may contain % sign at the beginning or/and at the end to search for users with name that contains the value, eg. %amp% will find users of a name Example and Ampe ) |
string | "%" |
Query | page optional |
Number of requested page in pagination. | integer | 0 |
Query | size optional |
Amount of items to be returned in response. | integer | 10 |
Query | sort optional |
Sorts result in ascending or descending order in a form column_name,direction .Allowed direction: ASC - ascending order DESC - descending order Allowed column names: firstName - sort result by first name lastName - sort result by last name Example: * ?sort=firstName,ASC&sort=lastName,DESC - sort result in ascending order by first and in descending order by last name |
< string > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Group members returned successfully. | PersonNameCollection |
400 | Bad request | ErrorResponse |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/persons/search
Example HTTP response
Response 200
{
"content" : [ {
"person_id" : "577a42f9-a43f-438d-ad51-fae46fbe1bf7",
"idp_type" : "CIM",
"first_name" : "John",
"last_name" : "Smith"
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Response 400
{
"One of the parameters has invalid value" : {
"error_code" : 1008,
"error_message" : "Unexpected error.",
"details" : [ "No property `{prop_value}` found for type Person!" ]
}
}
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
}
}
Update permissions in batch request
POST /groups/{group_id}/persons/{idp_type}/{person_id}/permissions/batch
Description
Update permissions in batch request
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Path | idp_type required |
Identity provider type | string |
Path | person_id required |
Identifier of the person. | string |
Body | body required |
List of permissions to be created or removed. | PermissionsBatchUpdate |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Permissions updated with success | PermissionCollection |
400 | Bad request | ErrorResponse |
404 | Not found | ErrorResponse |
409 | Conflict | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/persons/string/string/permissions/batch
Request body
{
"create" : [ "GROUP_MANAGE" ],
"delete" : [ "SCOPE_MANAGE" ]
}
Example HTTP response
Response 200
{
"content" : [ {
"id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
"permission" : "GROUP_MANAGE",
"group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
"person" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
}
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Response 400
{
"Permission from body not found" : {
"error_code" : 1001,
"error_message" : "One or more of the required fields are invalid or missing."
}
}
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
},
"Person does not exist" : {
"error_code" : 4006,
"error_message" : "Person with given identifier not found",
"details" : [ "Person of type `{idp_type}` with id `{person_id}` not found." ]
}
}
Response 409
{
"Cannot delete or create permission" : {
"error_code" : 2002,
"error_message" : "Permission already exists."
}
}
Remove a group member.
DELETE /groups/{group_id}/persons/{person_id}
Description
Remove a group member.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Path | person_id required |
Identifier of the person. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Group member successfully removed. | No Content |
404 | Not found | ErrorResponse |
Tags
- groups
Example HTTP request
Request path
/groups/string/persons/string
Example HTTP response
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
},
"Path param `person_id` missing" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
"details" : [ "Invalid personId!" ]
},
"Person is not group member" : {
"error_code" : 5004,
"error_message" : "Person with given id is not group member."
}
}
Get person report for a specific group
GET /groups/{group_id}/persons/{person_id}/report
Description
Loads personal data (identifier, first name, last name, etc.), policies that belongs to the person, permissions for specific group.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Path | person_id required |
Identifier of the person. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Report returned successfully | PersonReport |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/persons/string/report
Example HTTP response
Response 200
{
"person" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
},
"group_permissions" : [ {
"id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
"permissions" : [ "GROUP_MANAGE", "GROUP_POLICY_MANAGE", "PERMISSION_MANAGE" ],
"custom_attributes" : { }
} ],
"policies" : [ {
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"name" : "Organisation policy",
"scopes" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}
} ]
}
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
},
"Path param `person_id` missing" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
"details" : [ "Invalid personId!" ]
}
}
Assign a new policy to a group.
POST /groups/{group_id}/policies
Description
Creates a new policy which is based on the given parent policy and assigns it to a group. The newly created policy will have a reference to the parent.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Body | body required |
Parent policy from which the newly created one should inherit from and the principal. | PolicyAssign |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Policy assigned to a group successfully. | PolicyGroupGet |
400 | Bad request | ErrorResponse |
404 | Not found | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/policies
Request body
{
"principal" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
},
"parent_policy_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}
Example HTTP response
Response 201
{
"id" : "298a8648-a8bc-4034-a292-98ae46d75074",
"parent_id" : "b2efac6f-71ce-4525-ae59-d2d90f99dfc9",
"name" : "Organisation policy",
"principal" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
},
"scopes" : [ "string" ],
"subject" : {
"type" : "GROUP",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}
}
Response 400
{
"Missing parent policy id parameter in body" : {
"error_code" : 1006,
"error_message" : "One or more of the body parameters are invalid or missing.",
"details" : [ "Field 'parent_policy_id' cannot be null." ]
},
"Missing principal.person_id parameter in body" : {
"error_code" : 1006,
"error_message" : "One or more of the body parameters are invalid or missing.",
"details" : [ "Field 'principal.person_id' cannot be null.", "Field 'principal.idp_type' cannot be null." ]
}
}
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
}
}
List group policies
GET /groups/{group_id}/policies
Description
Lists all policies which concerns given groupId as a subject.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path | group_id required |
Identifier of the group. | string | |
Query | page optional |
Number of requested page in pagination. | integer | 0 |
Query | size optional |
Amount of items to be returned in response. | integer |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Policies returned successfully. | PolicyCollection |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/policies
Example HTTP response
Response 200
{
"content" : [ {
"name" : "Organisation policy",
"principal" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
},
"scopes" : [ "string" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
},
"assignee_id" : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63",
"id" : "298a8648-a8bc-4034-a292-98ae46d75074",
"parent_id" : "b2efac6f-71ce-4525-ae59-d2d90f99dfc9"
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Response 404
{
"Group with `group_id` does not exist" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id '{group_id}' not found." ]
}
}
Assign a permission to a person
POST /permissions
Description
Assign a permission to a person
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body | body required |
Permission to be assigned | PermissionNew |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Permission assigned successfully | PermissionGet |
400 | Bad request | ErrorResponse |
409 | Permission already exists | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- permissions
Example HTTP request
Request path
/permissions
Request body
{
"permission" : "GROUP_MANAGE",
"group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
"person" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
}
}
Example HTTP response
Response 200
{
"id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
"permission" : "GROUP_MANAGE",
"group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
"person" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
}
}
Response 400
{
"Permission field invalid" : {
"error_code" : 1001,
"error_message" : "One or more of the required fields are invalid or missing."
},
"Required field missing" : {
"error_code" : 1006,
"error_message" : "One or more of the body parameters are invalid or missing.",
"details" : [ "Field 'group_id' cannot be empty.", "Field 'person' cannot be empty." ]
}
}
Response 409
{
"Permission already exists" : {
"error_code" : 2002,
"error_message" : "Permission already exists."
}
}
Delete permission
DELETE /permissions/{permission_id}
Description
Delete permission.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | permission_id required |
Identifier of the permission. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Permission deleted successfully | No Content |
400 | Bad request | ErrorResponse |
Tags
- permissions
Example HTTP request
Request path
/permissions/string
Example HTTP response
Response 400
{
"Required field missing" : {
"error_code" : 1004,
"error_message" : "One or more of the request parameters are invalid or missing.",
"details" : [ "Permission with id `permission_id` not found." ]
}
}
List permissions for given person and idp type
GET /persons/{idp_type}/{person_id}/permissions
Description
List permissions for person.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path | idp_type required |
Identity provider type | string | |
Path | person_id required |
Identifier of the person. | string | |
Query | page optional |
Number of requested page in pagination. | integer | 0 |
Query | size optional |
Amount of items to be returned in response. | integer |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Permissions returned successfully | PermissionCollection |
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/string/string/permissions
Example HTTP response
Response 200
{
"content" : [ {
"id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
"permission" : "GROUP_MANAGE",
"group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
"person" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
}
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
List all permissions for given person and idp type
GET /persons/{idp_type}/{person_id}/permissions_recursive
Description
List all person's permissions.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | idp_type required |
Identity provider type | string |
Path | person_id required |
Identifier of the person. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Permissions returned successfully | GroupPermissionCollection |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/string/string/permissions_recursive
Example HTTP response
Response 200
{
"content" : [ {
"id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
"permissions" : [ "GROUP_MANAGE", "GROUP_POLICY_MANAGE", "PERMISSION_MANAGE" ],
"custom_attributes" : { }
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Response 404
{
"Person does not exist" : {
"error_code" : 4006,
"error_message" : "Person with given identifier not found",
"details" : [ "Person of type `{idp_type}` with id `{person_id}` not found." ]
}
}
Update person details
PUT /persons/{person_id}
Description
Update person's first name and last name.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | person_id required |
Identifier of the person. | string |
Body | body required |
Person first name and last name to update | PersonDetails |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Person updated successfully | Person |
400 | Bad request | ErrorResponse |
404 | Not found | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/string
Request body
{
"first_name" : "John",
"last_name" : "Smith"
}
Example HTTP response
Response 200
{
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
}
Response 400
{
"Update details from body not found" : {
"error_code" : 1001,
"error_message" : "One or more of the required fields are invalid or missing."
},
"Required field missing" : {
"error_code" : 1006,
"error_message" : "One or more of the required fields are invalid or missing.",
"details" : [ "Field 'last_name' cannot be empty.", "Field 'first_name' cannot be empty." ]
}
}
Response 404
{
"Person with `person_id` does not exist" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
"details" : [ "Invalid personId!" ]
}
}
List permissions for Onegini IDP person
GET /persons/{person_id}/permissions
Description
List permissions for person.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path | person_id required |
Identifier of the person. | string | |
Query | page optional |
Number of requested page in pagination. | integer | 0 |
Query | size optional |
Amount of items to be returned in response. | integer | 10 |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Permissions returned successfully | PermissionCollection |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/string/permissions
Example HTTP response
Response 200
{
"content" : [ {
"id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
"permission" : "GROUP_MANAGE",
"group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
"person" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
}
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Response 404
{
"Person with `person_id` does not exist" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
"details" : [ "Invalid personId!" ]
}
}
Add new child policy
POST /persons/{person_id}/policies
Description
Creates a new child policy and relates it with specified parent policyId.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | person_id required |
Identifier of the person. | string |
Body | body required |
Policy to be added | PolicyAssign |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Policy added to person successfully | PolicyGet |
400 | Bad request | ErrorResponse |
404 | Not found | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/string/policies
Request body
{
"principal" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
},
"parent_policy_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}
Example HTTP response
Response 201
{
"name" : "Organisation policy",
"principal" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
},
"scopes" : [ "string" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
},
"assignee_id" : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63",
"id" : "298a8648-a8bc-4034-a292-98ae46d75074",
"parent_id" : "b2efac6f-71ce-4525-ae59-d2d90f99dfc9"
}
Response 400
{
"Update details from body not found" : {
"error_code" : 1001,
"error_message" : "One or more of the required fields are invalid or missing."
},
"Required field missing" : {
"error_code" : 1006,
"error_message" : "One or more of the required fields are invalid or missing.",
"details" : [ "Field 'parent_policy_id' cannot be empty.", "Field 'principal' cannot be empty." ]
}
}
Response 404
{
"Person with `person_id` does not exist" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
"details" : [ "Invalid personId!" ]
}
}
Get person report
GET /persons/{person_id}/report
Description
Loads personal data (identifier, first name, last name, etc.), policies that belongs to the person, groups in which user has permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | person_id required |
Identifier of the person. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Report returned successfully | PersonReport |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/string/report
Example HTTP response
Response 200
{
"person" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
},
"group_permissions" : [ {
"id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
"permissions" : [ "GROUP_MANAGE", "GROUP_POLICY_MANAGE", "PERMISSION_MANAGE" ],
"custom_attributes" : { }
} ],
"policies" : [ {
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"name" : "Organisation policy",
"scopes" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}
} ]
}
Response 404
{
"Person with `person_id` does not exist" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
"details" : [ "Invalid personId!" ]
}
}
Get person report without person related data, endpoint meant to be used by external services that are aware of the person identity
GET /persons/{person_id}/report-omit-identity
Description
Loads policies and groups that belongs to the specified person
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | person_id required |
Identifier of the person. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Report returned successfully | PersonReportWithoutPersonProperty |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/string/report-omit-identity
Example HTTP response
Response 200
{
"group_permissions" : [ {
"id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
"permissions" : [ "GROUP_MANAGE", "GROUP_POLICY_MANAGE", "PERMISSION_MANAGE" ],
"custom_attributes" : { }
} ],
"policies" : [ {
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"name" : "Organisation policy",
"scopes" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}
} ]
}
Response 404
{
"Person with `person_id` does not exist" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
"details" : [ "Invalid personId!" ]
}
}
Add new policy
POST /policies
Description
Add new policy.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body | body required |
Policy to be added | PolicyNew |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Policy added successfully | PolicyGet |
400 | Bad request | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- policies
Example HTTP request
Request path
/policies
Request body
{
"name" : "Organisation policy",
"principal" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
},
"scopes" : [ "string" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
},
"assignee_id" : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63"
}
Example HTTP response
Response 201
{
"name" : "Organisation policy",
"principal" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
},
"scopes" : [ "string" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
},
"assignee_id" : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63",
"id" : "298a8648-a8bc-4034-a292-98ae46d75074",
"parent_id" : "b2efac6f-71ce-4525-ae59-d2d90f99dfc9"
}
Response 400
{
"Required field missing" : {
"error_code" : 1006,
"error_message" : "One or more of the body parameters are invalid or missing.",
"details" : [ "Field 'scopes' cannot be empty.", "Field 'principal' cannot be empty.", "Field 'subject' cannot be empty." ]
}
}
Batch policies update
POST /policies/batch
Description
Creates or deletes a set of given policies.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body | body required |
Set of policies to be removed or added. | PolicyBatchUpdate |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Policy added to group successfully | No Content |
400 | Bad request | ErrorResponse |
Consumes
application/json
Tags
- policies
Example HTTP request
Request path
/policies/batch
Request body
{
"create" : [ {
"name" : "Organisation policy",
"principal" : {
"idp_type" : "CIM",
"person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
"first_name" : "John",
"last_name" : "Smith"
},
"scopes" : [ "string" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
},
"assignee_id" : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63"
} ],
"delete" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ]
}
Example HTTP response
Response 400
{
"Required field missing" : {
"error_code" : 1006,
"error_message" : "One or more of the body parameters are invalid or missing.",
"details" : [ "Field 'scopes' cannot be empty.", "Field 'principal' cannot be empty.", "Field 'subject' cannot be empty." ]
}
}
Delete policy
DELETE /policies/{policy_id}
Description
Delete policy and it's children.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | policy_id required |
Identifier of the policy. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Policy deleted successfully. | No Content |
404 | Not found | ErrorResponse |
Tags
- policies
Example HTTP request
Request path
/policies/string
Example HTTP response
Response 404
{
"Person with `policy_id` does not exist" : {
"error_code" : 4003,
"error_message" : "Policy with given identifier not found",
"details" : [ "Policy with id `{policy_id}` not found" ]
}
}
Add scope
POST /scopes
Description
Add new scope.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body | body required |
Scope to be added | ScopeNew |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Scope added successfully | ScopeGet |
409 | Conflict | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- scopes
Example HTTP request
Request path
/scopes
Request body
{
"name" : "READ"
}
Example HTTP response
Response 201
{
"id" : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4",
"name" : "READ"
}
Response 409
{
"Scope already exists" : {
"error_code" : 3002,
"error_message" : "Scope with given name already exist."
}
}
List scopes
GET /scopes
Description
List available scopes.
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Scopes returned successfully | < ScopeCollection > array |
Produces
application/json
Tags
- scopes
Example HTTP request
Request path
/scopes
Example HTTP response
Response 200
[ {
"content" : [ {
"id" : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4",
"name" : "READ"
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
} ]
Update scope
PUT /scopes/{scope_id}
Description
Update scope.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | scope_id required |
Identifier of the scope. | string |
Body | body required |
Scope to be updated. | ScopeUpdate |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Scope updated successfully. | ScopeGet |
409 | Conflict | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- scopes
Example HTTP request
Request path
/scopes/string
Request body
{
"name" : "READ"
}
Example HTTP response
Response 200
{
"id" : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4",
"name" : "READ"
}
Response 409
{
"Scope already exists" : {
"error_code" : 3002,
"error_message" : "Scope with given name already exist."
}
}
Delete scope
DELETE /scopes/{scope_id}
Description
Delete scope.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | scope_id required |
Identifier of the scope. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Scope deleted successfully | No Content |
404 | Not found | ErrorResponse |
Tags
- scopes
Example HTTP request
Request path
/scopes/string
Example HTTP response
Response 404
{
"Scope already exists" : {
"error_code" : 3001,
"error_message" : "Scope with given identifier not found."
}
}
Definitions
AssignPersonName
Name | Description | Schema |
---|---|---|
first_name required |
Onegini IDP person's first name. Example : "John" |
string |
last_name required |
Onegini IDP person's last name. Example : "Smith" |
string |
CollectionResult
Collection result used for pagination.
Name | Description | Schema |
---|---|---|
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
CustomAttribute
Name | Description | Schema |
---|---|---|
name required |
Attribute name Example : "CrmIdentifier" |
string |
value required |
Attribute value Example : "1234567" |
string |
CustomAttributeCollection
Collection of group custom attributes
Type : < CustomAttribute > array
ErrorResponse
Name | Description | Schema |
---|---|---|
code optional |
Error code identifier Example : 1000 |
integer |
details optional |
Example : [ "string" ] |
< string > array |
message optional |
Error code description Example : "One or more of the request parameters are invalid or missing." |
string |
GroupCollection
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
content optional |
Example : [ "[groupget](#groupget)" ] |
< GroupGet > array |
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
GroupCustomAttributes
Name | Description | Schema |
---|---|---|
custom_attributes optional |
Collection of group's custom attributes Example : {<br> "CrmIdentifier" : "1234567"<br>} |
< string, string > map |
GroupEdit
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
custom_attributes optional |
Collection of group's custom attributes Example : {<br> "CrmIdentifier" : "1234567"<br>} |
< string, string > map |
name required |
Name of the group Example : "Innosure Back Office" |
string |
GroupGet
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
child_groups_ids optional |
Child groups Example : "[groupidcollection](#groupidcollection)" |
GroupIdCollection |
custom_attributes optional |
Collection of group's custom attributes Example : {<br> "CrmIdentifier" : "1234567"<br>} |
< string, string > map |
id required |
Group identifier Example : "aacbb656-d967-4671-86a9-c691730905e5" |
string |
name required |
Name of the group Example : "Innosure Back Office" |
string |
parent_groups_ids optional |
Parent groups Example : "[groupidcollection](#groupidcollection)" |
GroupIdCollection |
policy_ids optional |
Policies assigned to this group Example : "[policyidcollection](#policyidcollection)" |
PolicyIdCollection |
GroupIdCollection
Collection of group identifiers
Type : < string > array
GroupName
Name | Description | Schema |
---|---|---|
name required |
Name of the group Example : "Innosure Back Office" |
string |
GroupNew
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
custom_attributes optional |
Collection of group's custom attributes Example : {<br> "CrmIdentifier" : "1234567"<br>} |
< string, string > map |
name required |
Name of the group Example : "Innosure Back Office" |
string |
parent_group_id required |
Identifier of the parent group Example : "936ed327-5711-4c0f-bd80-23e33878ac5f" |
string |
GroupPermission
Name | Description | Schema |
---|---|---|
custom_attributes optional |
Example : "[customattributecollection](#customattributecollection)" |
CustomAttributeCollection |
id optional |
Identifier of the group Example : "f530f30d-8322-47d1-93ff-19f4fea37c79" |
string |
permissions optional |
Group permissions Example : "[permissiontypecollection](#permissiontypecollection)" |
PermissionTypeCollection |
GroupPermissionCollection
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
content optional |
Example : [ "[grouppermission](#grouppermission)" ] |
< GroupPermission > array |
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
Permission
Type : enum (GROUP_MANAGE, GROUP_POLICY_MANAGE, PERMISSION_MANAGE, PERSON_POLICY_MANAGE, GROUP_MEMBER_MANAGE, POLICY_MANAGE, SCOPE_MANAGE)
PermissionCollection
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
content optional |
Example : [ "[permissionget](#permissionget)" ] |
< PermissionGet > array |
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
PermissionGet
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
group_id required |
Group identifier Example : "37a1af3d-08f9-4028-8728-f47d6084de77" |
string |
id required |
Permission identifier Example : "533a42f9-a43f-438d-ad51-fae46fbe1bf7" |
string |
permission required |
Example : "[permission](#permission)" |
Permission |
person required |
Example : "[person](#person)" |
Person |
PermissionIdCollection
Collection of permission identifiers
Type : < string > array
PermissionNew
Name | Description | Schema |
---|---|---|
group_id required |
Group identifier Example : "37a1af3d-08f9-4028-8728-f47d6084de77" |
string |
permission required |
Example : "[permission](#permission)" |
Permission |
person required |
Example : "[person](#person)" |
Person |
PermissionTypeCollection
Collection of permissions types
Type : < string > array
PermissionsBatchUpdate
Name | Description | Schema |
---|---|---|
create optional |
List of permissions to be added. Example : [ "GROUP_MANAGE" ] |
< Permission > array |
delete optional |
List of permissions to be removed. Example : [ "SCOPE_MANAGE" ] |
< Permission > array |
Person
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
first_name required |
Onegini IDP person's first name. Example : "John" |
string |
idp_type optional |
The type of the identity provider from which the person identifier originates. 'CIM' value is reserved for Onegini's IdP. Example : "CIM" |
string |
last_name required |
Onegini IDP person's last name. Example : "Smith" |
string |
person_id required |
The identifier of the person in whose context this operation is being performed. Example : "8e272e60-2f67-4737-9212-f4f13e6b01eb" |
string |
PersonDetails
Name | Description | Schema |
---|---|---|
first_name optional |
Onegini IDP person's first name. Example : "John" |
string |
last_name optional |
Onegini IDP person's last name. Example : "Smith" |
string |
PersonGet
Name | Description | Schema |
---|---|---|
permissions required |
Person permissions. Example : "[permissionidcollection](#permissionidcollection)" |
PermissionIdCollection |
person_id required |
Onegini IDP person identifier. Example : "160d8767-b7ea-4706-9738-4dc221658868" |
string |
policies optional |
Person policies. Example : "[policyidcollection](#policyidcollection)" |
PolicyIdCollection |
PersonIdAndName
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
first_name required |
Onegini IDP person's first name. Example : "John" |
string |
last_name required |
Onegini IDP person's last name. Example : "Smith" |
string |
person_id optional |
Identifier of the Onegini's IdP person Example : "577a42f9-a43f-438d-ad51-fae46fbe1bf7" |
string |
PersonName
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
first_name required |
Onegini IDP person's first name. Example : "John" |
string |
idp_type optional |
The type of the identity provider from which the person identifier originates. 'CIM' value is reserved for Onegini's IdP. Example : "CIM" |
string |
last_name required |
Onegini IDP person's last name. Example : "Smith" |
string |
person_id optional |
Identifier of the Onegini's IdP person Example : "577a42f9-a43f-438d-ad51-fae46fbe1bf7" |
string |
PersonNameCollection
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
content optional |
Example : [ "[personname](#personname)" ] |
< PersonName > array |
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
PersonReport
Name | Description | Schema |
---|---|---|
group_permissions optional |
Person's permissions in groups. Example : [ "[grouppermission](#grouppermission)" ] |
< GroupPermission > array |
person optional |
Example : "[person](#person)" |
Person |
policies optional |
Policies assigned to person. Example : [ "[policyreportdto](#policyreportdto)" ] |
< PolicyReportDto > array |
PersonReportWithoutPersonProperty
Name | Description | Schema |
---|---|---|
group_permissions optional |
Person's permissions in groups. Example : [ "[grouppermission](#grouppermission)" ] |
< GroupPermission > array |
policies optional |
Policies assigned to person. Example : [ "[policyreportdto](#policyreportdto)" ] |
< PolicyReportDto > array |
PolicyAssign
Name | Description | Schema |
---|---|---|
parent_policy_id required |
Parent policy id. Example : "13db83a6-bb3f-493a-b614-e86a404c2142" |
string |
principal required |
Example : "[person](#person)" |
Person |
PolicyBatchUpdate
Name | Description | Schema |
---|---|---|
create optional |
Policies to add collection. Example : [ "[policynew](#policynew)" ] |
< PolicyNew > array |
delete optional |
Policies to remove collection. Example : "[policyidcollection](#policyidcollection)" |
PolicyIdCollection |
PolicyCollection
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
content optional |
Example : [ "[policyget](#policyget)" ] |
< PolicyGet > array |
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
PolicyGet
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
assignee_id optional |
Identifier of the person to whom this policy is assigned to. Example : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63" |
string |
id required |
Identifier of the policy. Example : "298a8648-a8bc-4034-a292-98ae46d75074" |
string |
name optional |
Policy name. Example : "Organisation policy" |
string |
parent_id optional |
Identifier of parent policy. Example : "b2efac6f-71ce-4525-ae59-d2d90f99dfc9" |
string |
principal required |
Example : "[person](#person)" |
Person |
scopes required |
List of scope identifiers. Example : [ "string" ] |
< string > array |
subject required |
Example : "[subject](#subject)" |
Subject |
PolicyGroupGet
Name | Description | Schema |
---|---|---|
id required |
Identifier of the policy. Example : "298a8648-a8bc-4034-a292-98ae46d75074" |
string |
name required |
Policy name. Example : "Organisation policy" |
string |
parent_id optional |
Identifier of parent policy. Example : "b2efac6f-71ce-4525-ae59-d2d90f99dfc9" |
string |
principal required |
Example : "[person](#person)" |
Person |
scopes required |
List of scope identifiers. Example : [ "string" ] |
< string > array |
subject required |
Example : "[subjectgroup](#subjectgroup)" |
SubjectGroup |
PolicyIdCollection
Collection of policy identifiers
Type : < string > array
PolicyNew
Name | Description | Schema |
---|---|---|
assignee_id optional |
Identifier of the person to whom this policy is assigned to. Example : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63" |
string |
name optional |
Policy name. Example : "Organisation policy" |
string |
principal required |
Example : "[person](#person)" |
Person |
scopes required |
List of scope identifiers. Example : [ "string" ] |
< string > array |
subject required |
Example : "[subject](#subject)" |
Subject |
PolicyReportDto
Name | Description | Schema |
---|---|---|
id optional |
Identifier of the policy. Example : "160d8767-b7ea-4706-9738-4dc221658868" |
string |
name optional |
Policy name. Example : "Organisation policy" |
string |
scopes optional |
List of scope identifiers. Example : "[scopeidcollection](#scopeidcollection)" |
ScopeIdCollection |
subject optional |
Example : "[subject](#subject)" |
Subject |
ScopeCollection
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
content optional |
Example : [ "[scopeget](#scopeget)" ] |
< ScopeGet > array |
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
ScopeGet
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
id optional |
Identifier of the scope. Example : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4" |
string |
name optional |
Name of the scope. Example : "READ" |
string |
ScopeIdCollection
Collection of scopes identifiers
Type : < string > array
ScopeNew
Name | Description | Schema |
---|---|---|
name optional |
Name of the scope. Example : "READ" |
string |
ScopeUpdate
Name | Description | Schema |
---|---|---|
name optional |
Name of the scope. Example : "READ" |
string |
Subject
Name | Description | Schema |
---|---|---|
subject_id required |
Subject id. Example : "13db83a6-bb3f-493a-b614-e86a404c2142" |
string |
type optional |
The type of subject. It can be person or group. Example : "PERSON" |
enum (PERSON, GROUP) |
SubjectGroup
Name | Description | Schema |
---|---|---|
subject_id required |
Subject id. Example : "13db83a6-bb3f-493a-b614-e86a404c2142" |
string |
type optional |
The type of subject. It can be person or group. Example : "GROUP" |
enum (PERSON, GROUP) |
Security
BasicAuth
Type : basic