Dum engine
Overview
Dum engine API definition
Version information
Version : 1.0.0
Contact information
Contact Email : [email protected]
URI scheme
BasePath : /api/v1
Schemes : HTTP, HTTPS
Tags
- events : Manage events
- groups : Group operations
- permissions : Manage permissions
- persons : Person operations
- policies : Policy operations
- scopes : Manage scopes
Paths
Search for events
GET /events/search
Description
List events.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query | limit optional |
Amount of items to be returned in response. Default value: 10 |
integer | 10 |
Query | offset optional |
Amount of first items to exclude from result. Default value: 0 |
integer | 0 |
Query | query required |
Search query: Format: ?query=search_criteria==value,search_criteria2==value&search_criteria3==value Use & for AND , , for OR Allowed parameters: - person : Identifier of the person for which events should be returned |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Events returned successfully | EventCollection |
Produces
application/json
Tags
- events
Example HTTP request
Request path
/events/search
Request query
json :
{
"limit" : 0,
"offset" : 0,
"query" : "string"
}
Example HTTP response
Response 200
json :
{
"content" : [ {
"id" : "08da67d0-3ceb-414d-8aa4-2afa13c84d38",
"type" : "PolicyAdded",
"occurred" : 1510227577,
"user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:46.0) Gecko/20100101 Firefox/46.0",
"person_id" : "160d8767-b7ea-4706-9738-4dc221658868",
"clientIp" : "127.0.0.1"
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Create a group
POST /groups
Description
Create a group.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body | body required |
Group to be added. | GroupNew |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Group created successfully. | GroupGet |
400 | Bad request | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups
Request body
json :
{
"parent_group_id" : "160d8767-b7ea-4706-9738-4dc221658868",
"custom_attributes" : {
"CrmIdentifier" : "1234567"
},
"name" : "Innosure Back Office"
}
Example HTTP response
Response 201
json :
{
"id" : "235knu4o-k399-6233-5267-k26id3vd0434",
"parent_groups_ids" : [ "160d8767-b7ea-4706-9738-4dc221658868" ],
"name" : "Innosure Back Office"
}
Response 400
json :
{
"Required field missing" : {
"error_code" : 1006,
"error_message" : "One of the parameters is invalid or missing.",
"details" : "Field 'name' cannot be null."
}
}
List groups
GET /groups
Description
List groups.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query | custom_attribute optional |
Custom attribute in the form of name:value. If present the custom attribute criteria is added | string | |
Query | limit optional |
Amount of items to be returned in response. Default value: 10 |
integer | 10 |
Query | offset optional |
Amount of first items to exclude from result. Default value: 0 |
integer | 0 |
Query | sort optional |
Sorts result in ascending or descending order in a form column_name,direction .Allowed direction: asc - ascending order desc - descending order Allowed column names: g_child.name - sort result by group name Example: ?sort=g_child.name,desc - sort groups in descending order |
< string > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Groups returned successfully. | GroupCollection |
400 | The request received by the server was invalid or malformed. Possible errors: 1004 : One or more parameters are invalid. |
ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups
Request query
json :
{
"custom_attribute" : "string",
"limit" : 0,
"offset" : 0,
"sort" : "string"
}
Example HTTP response
Response 200
json :
{
"content" : [ {
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"name" : "Innosure Back Office",
"policy_ids" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"child_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"parent_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"custom_attributes" : {
"CrmIdentifier" : "1234567"
}
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Response 400
json :
{
"code" : 1000,
"message" : "string",
"details" : [ "string" ]
}
Search for groups
GET /groups/search
Description
Search for groups which specified person and identity provider type have permissions to.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query | idp_type required |
The type of the identity provider from which the person identifier originates. 'CIM' value is reserved for Onegini's IdP. | string | |
Query | limit optional |
Amount of items to be returned in response. Default value: 10 |
integer | 10 |
Query | name optional |
Name of a group to be found (may contain % sign at the beginning or/and at the end to search for groups with name that contains the value, eg. %amp% will find company of a name Example and Ampe ) |
string | |
Query | offset optional |
Amount of first items to exclude from result. Default value: 0 |
integer | 0 |
Query | parent_group_id optional |
Identifier of the parent group. As default it's a root group's id | string | |
Query | person_id required |
Identifier of the person for which groups with person permissions should be returned | string | |
Query | sort optional |
Sorts result in ascending or descending order in a form column_name,direction .Allowed direction: asc - ascending order desc - descending order Allowed column names: g_child.name - sort result by group name Example: ?sort=g_child.name,desc - sort groups in descending order |
< string > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Groups returned successfully. | GroupCollection |
400 | The request received by the server was invalid or malformed. Possible errors: 1000 : The request received by the server was invalid or malformed |
ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/search
Request query
json :
{
"idp_type" : "string",
"limit" : 0,
"name" : "string",
"offset" : 0,
"parent_group_id" : "string",
"person_id" : "string",
"sort" : "string"
}
Example HTTP response
Response 200
json :
{
"content" : [ {
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"name" : "Innosure Back Office",
"policy_ids" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"child_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"parent_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"custom_attributes" : {
"CrmIdentifier" : "1234567"
}
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Response 400
json :
{
"code" : 1000,
"message" : "string",
"details" : [ "string" ]
}
Get a group by identifier
GET /groups/{group_id}
Description
Get a group by identifier.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Groups returned successfully. | GroupGet |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string
Example HTTP response
Response 200
json :
{
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"name" : "Innosure Back Office",
"policy_ids" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"child_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"parent_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"custom_attributes" : {
"CrmIdentifier" : "1234567"
}
}
Response 404
json :
{
"Required field missing" : {
"error_code" : 5001,
"error_message" : "Group with given identifier was not found."
}
}
Update a group
PUT /groups/{group_id}
Description
Update a group.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Body | body required |
Group to be updated. | GroupEdit |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Group updated successfully. | GroupGet |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string
Request body
json :
{
"name" : "Innosure Back Office",
"custom_attributes" : {
"CrmIdentifier" : "1234567"
}
}
Example HTTP response
Response 200
json :
{
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"name" : "Innosure Back Office",
"policy_ids" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"child_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"parent_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"custom_attributes" : {
"CrmIdentifier" : "1234567"
}
}
Response 404
json :
{
"Required field missing" : {
"error_code" : 5001,
"error_message" : "Group with given identifier was not found.",
"details" : [ "Group with id 160d8767-b7ea-4706-9738-4dc221658868 not found." ]
}
}
Delete group
DELETE /groups/{group_id}
Description
Delete group.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Group deleted successfully. | No Content |
404 | Group not found. | No Content |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string
Set a custom attribute on a group
POST /groups/{group_id}/custom-attributes
Description
The name and value are free-form and can be used to store custom data on the group itself. A custom attribute contains a name and a value
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Body | CustomAttribute required |
The request has a JSON body containing a custom attribute | CustomAttribute |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Custom attribute added successfully | No Content |
400 | Bad request | ErrorResponse |
404 | Not found | ErrorResponse |
409 | Custom attribute already exists | ErrorResponse |
Consumes
application/json
Security
Type | Name |
---|---|
Unknown | basic_auth |
Example HTTP request
Request path
/groups/string/custom-attributes
Request body
json :
{
"name" : "CrmIdentifier",
"value" : "1234567"
}
Example HTTP response
Response 400
json :
{
"Response" : {
"error_code" : 1006,
"error_message" : "One of the parameters is invalid or missing.",
"details" : [ "Field 'name' cannot be null." ]
}
}
Response 404
json :
{
"Response" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id 1f0917d4-3e3e-476c-8b30-a94e0b06bfef not found." ]
}
}
Response 409
json :
{
"Response" : {
"error_code" : 6002,
"error_message" : "Custom attribute with given name already exists."
}
}
Update custom attribute on a group
PUT /groups/{group_id}/custom-attributes/{custom_attribute_name}
Description
To update an identifier, the custom_attribute_name is used to identify the custom attribute within the groups custom attributes
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | custom_attribute_name required |
Name of updated custom attribute. | string |
Path | group_id required |
Identifier of the group. | string |
Body | UpdatedCustomAttributeValue required |
The request has a JSON body containing a custom attribute value | UpdatedCustomAttributeValue |
Name | Description | Schema |
---|---|---|
value required |
Example : "1234567" |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Custom attribute updated successfully | No Content |
400 | Bad request | ErrorResponse |
404 | Not found | ErrorResponse |
409 | Custom attribute does not exist | ErrorResponse |
Consumes
application/json
Security
Type | Name |
---|---|
Unknown | basic_auth |
Example HTTP request
Request path
/groups/string/custom-attributes/string
Request body
json :
{
"value" : "1234567"
}
Example HTTP response
Response 400
json :
{
"Response" : {
"error_code" : 1006,
"error_message" : "One of the parameters is invalid or missing.",
"details" : [ "Field 'value' cannot be null." ]
}
}
Response 404
json :
{
"Response" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id 1f0917d4-3e3e-476c-8b30-a94e0b06bfef not found." ]
}
}
Response 409
json :
{
"Response" : {
"error_code" : 6001,
"error_message" : "Custom attribute with given name not found."
}
}
Delete custom attribute on a group
DELETE /groups/{group_id}/custom-attributes/{custom_attribute_name}
Description
To delete an identifier, the custom_attribute_name is used to identify the custom attribute within the groups custom attributes
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | custom_attribute_name required |
Name of deleted custom attribute. | string |
Path | group_id required |
Identifier of the group. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Custom attribute deleted successfully | No Content |
404 | Not found | ErrorResponse |
409 | Custom attribute does not exist | ErrorResponse |
Consumes
application/json
Security
Type | Name |
---|---|
Unknown | basic_auth |
Example HTTP request
Request path
/groups/string/custom-attributes/string
Example HTTP response
Response 404
json :
{
"Response" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id 1f0917d4-3e3e-476c-8b30-a94e0b06bfef not found." ]
}
}
Response 409
json :
{
"Response" : {
"error_code" : 6001,
"error_message" : "Custom attribute with given name not found."
}
}
List permissions for group
GET /groups/{group_id}/permissions
Description
List permissions for group.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query | limit optional |
Amount of items to be returned in response. Default value: 10 |
integer | 10 |
Query | offset optional |
Amount of first items to exclude from result. Default value: 0 |
integer | 0 |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Events returned successfully | PermissionCollection |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/{group_id}/permissions
Request query
json :
{
"limit" : 0,
"offset" : 0
}
Example HTTP response
Response 200
json :
{
"content" : [ {
"id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
"permission" : { },
"group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
"person" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
}
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Search for permissions
GET /groups/{group_id}/permissions/search
Description
Search for permissions.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query | limit optional |
Amount of items to be returned in response. Default value: 10 |
integer | 10 |
Query | offset optional |
Amount of first items to exclude from result. Default value: 0 |
integer | 0 |
Query | query required |
Search query. Format: ?query=search_criteria==value,search_criteria2==value&search_criteria3==value Use & for AND , , for OR Allowed parameters: - person_id : Identifier of the person for which permissions should be returned. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Events returned successfully | PermissionCollection |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/{group_id}/permissions/search
Request query
json :
{
"limit" : 0,
"offset" : 0,
"query" : "string"
}
Example HTTP response
Response 200
json :
{
"content" : [ {
"id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
"permission" : { },
"group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
"person" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
}
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Add a Onegini IdP person to a group
POST /groups/{group_id}/persons
Description
Add a Onegini IdP person to a group.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Body | body required |
Person information to be added, eg. first and last name | PersonName |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Person successfully added to group. | No Content |
400 | Bad request | ErrorResponse |
404 | Not found | ErrorResponse |
409 | Conflict | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/persons
Request body
json :
{
"person_id" : "577a42f9-a43f-438d-ad51-fae46fbe1bf7",
"idp_type" : "CIM",
"first_name" : "John",
"last_name" : "Smith"
}
Example HTTP response
Response 400
json :
{
"Required field missing" : {
"error_code" : 1006,
"error_message" : "One or more required fields is missing.",
"details" : [ "Field 'last_name' cannot be empty.", "Field 'first_name' cannot be empty." ]
}
}
Response 404
json :
{
"Person identifier is invalid" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
"details" : "Invalid personId!"
},
"Group with not found" : {
"error_code" : 5001,
"error_message" : "Group with given identifier was not found.",
"details" : [ "Group with id 160d8767-b7ea-4706-9738-4dc221658868 not found." ]
}
}
Response 409
json :
{
"Group member already exists" : {
"error_code" : 5003,
"error_message" : "Person with given id is already group member."
}
}
List group members.
GET /groups/{group_id}/persons
Description
List persons who are members of the given group.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path | group_id required |
Identifier of the group. | string | |
Query | limit optional |
Amount of items to be returned in response. Default value: 10 |
integer | 10 |
Query | offset optional |
Amount of first items to exclude from result. Default value: 0 |
integer | 0 |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Group members returned successfully. | PersonNameCollection |
404 | Not found. | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/persons
Request query
json :
{
"limit" : 0,
"offset" : 0
}
Example HTTP response
Response 200
json :
{
"content" : [ {
"person_id" : "577a42f9-a43f-438d-ad51-fae46fbe1bf7",
"idp_type" : "CIM",
"first_name" : "John",
"last_name" : "Smith"
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Response 404
json :
{
"Required field missing" : {
"error_code" : 5001,
"error_message" : "Group with given identifier was not found."
}
}
Search group members.
GET /groups/{group_id}/persons/search
Description
List persons who are members of the given group.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path | group_id required |
Identifier of the group. | string | |
Query | limit optional |
Amount of items to be returned in response. Default value: 10 |
integer | 10 |
Query | offset optional |
Amount of first items to exclude from result. Default value: 0 |
integer | 0 |
Query | query required |
Search query. Format: ?query=search_criteria==value,search_criteria2==value&search_criteria3==value Use & for AND , , for OR Allowed parameters: - name : String to match person first and/or last name with. |
string | |
Query | sort optional |
Sorts result in ascending or descending order in a form column_name,direction .Allowed direction: asc - ascending order desc - descending order Allowed column names: firstName - sort result by first name lastName - sort result by last name Example: * ?sort=firstName,asc&sort=lastName,asc - sort result in ascending order by first and last name |
< string > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Group members returned successfully. | PersonNameCollection |
404 | Not found. | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/persons/search
Request query
json :
{
"limit" : 0,
"offset" : 0,
"query" : "string",
"sort" : "string"
}
Example HTTP response
Response 200
json :
{
"content" : [ {
"person_id" : "577a42f9-a43f-438d-ad51-fae46fbe1bf7",
"idp_type" : "CIM",
"first_name" : "John",
"last_name" : "Smith"
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Response 404
json :
{
"Required field missing" : {
"error_code" : 5001,
"error_message" : "Group with given identifier was not found."
}
}
Update permissions in batch request
POST /groups/{group_id}/persons/{idpType}/{person_id}/permissions/batch
Description
Update permissions in batch request
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Path | idpType required |
Identity provider type | string |
Path | person_id required |
Identifier of the person. | string |
Body | body required |
List of permissions to be created or removed. | PermissionsBatchUpdate |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Permissions updated with success | PermissionCollection |
400 | Bad request | ErrorResponse |
Consumes
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/persons/string/string/permissions/batch
Request body
json :
{
"create" : [ "GROUP_MANAGE" ],
"delete" : [ "SCOPE_MANAGE" ]
}
Example HTTP response
Response 200
json :
{
"content" : [ {
"id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
"permission" : { },
"group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
"person" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
}
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Response 400
json :
{
"Person does not exist" : {
"error_code" : 4006,
"error_message" : "Person with given identifier not found",
"details" : "Person of type LDAP with id 160d8767-b7ea-4706-9738-4dc221658868 not found."
}
}
Remove a group member.
DELETE /groups/{group_id}/persons/{person_id}
Description
Remove a group member.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Path | person_id required |
Identifier of the person. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Group member successfully removed. | No Content |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/persons/string
Example HTTP response
Response 404
json :
{
"Required field missing" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
"details" : "Invalid personId!"
},
"Person is not group member" : {
"error_code" : 5004,
"error_message" : "Person with given id is not group member."
}
}
Get person report for a specific group
GET /groups/{group_id}/persons/{person_id}/report
Description
Loads personal data (identifier, first name, last name, etc.), policies that belongs to the person, permissions for specific group.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Path | person_id required |
Identifier of the person. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Report returned successfully | PersonReport |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/persons/string/report
Example HTTP response
Response 200
json :
{
"person" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
},
"group_permissions" : [ {
"id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
"child_group_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"parent_group_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"permissions" : "[\"GROUP_MANAGE\",\"GROUP_POLICY_MANAGE\",\"PERMISSION_MANAGE\"]",
"custom_attributes" : { }
} ],
"policies" : [ {
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"name" : "Organisation policy",
"scopes" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}
} ]
}
Response 404
json :
{
"Required field missing" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
"details" : "Invalid personId!"
},
"Required field missing 2" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id f530f30d-8322-47d1-93ff-19f4fea37c79 not found." ]
}
}
Assign a new policy to a group.
POST /groups/{group_id}/policies
Description
Creates a new policy which is based on the given parent policy and assigns it to a group. The newly created policy will have a reference to the parent.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | group_id required |
Identifier of the group. | string |
Body | body required |
Parent policy from which the newly created one should inherit from and the principal. | PolicyAssign |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Policy assigned to a group successfully. | PolicyGet |
404 | Not found | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/policies
Request body
json :
{
"principal" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
},
"parent_policy_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}
Example HTTP response
Response 201
json :
{
"name" : "Organisation policy",
"principal" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
},
"scopes" : [ "string" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
},
"assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"parent_id" : "160d8767-b7ea-4706-9738-4dc221658868"
}
Response 404
json :
{
"Required field missing" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id 160d8767-b7ea-4706-9738-4dc221658868 not found." ]
}
}
List group policies
GET /groups/{group_id}/policies
Description
Lists all policies which concerns given groupId as a subject.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path | group_id required |
Identifier of the group. | string | |
Query | limit optional |
Amount of items to be returned in response. Default value: 10 |
integer | 10 |
Query | offset optional |
Amount of first items to exclude from result. Default value: 0 |
integer | 0 |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Policies returned successfully. | PolicyCollection |
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/groups/string/policies
Request query
json :
{
"limit" : 0,
"offset" : 0
}
Example HTTP response
Response 200
json :
{
"content" : [ {
"name" : "Organisation policy",
"principal" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
},
"scopes" : [ "string" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
},
"assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"parent_id" : "160d8767-b7ea-4706-9738-4dc221658868"
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Assign a permission to a person
POST /permissions
Description
Assign a permission to a person
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body | body required |
Permission to be assigned | PermissionNew |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Permission assigned successfully | PermissionGet |
400 | Bad request | ErrorResponse |
Tags
- permissions
Example HTTP request
Request path
/permissions
Request body
json :
{
"permission" : { },
"group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
"person" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
}
}
Example HTTP response
Response 200
json :
{
"id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
"permission" : { },
"group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
"person" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
}
}
Response 400
json :
{
"Required field missing" : {
"error_code" : 1001,
"error_message" : "One or more required fields is missing."
},
"Unsupported media type" : {
"error_code" : 1002,
"error_message" : "Unsupported media type. Please use `Content-Type: application/json`"
},
"Operation not supported" : {
"error_code" : 1003,
"error_message" : "Operation not supported."
}
}
Delete permission
DELETE /permissions/{permissionId}
Description
Delete permission.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | permissionId required |
Identifier of the permission. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Permission deleted successfully | No Content |
Tags
- permissions
Example HTTP request
Request path
/permissions/string
List permissions for person and idp type
GET /persons/{idp_type}:{person_id}/permissions
Description
List permissions for person.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query | limit optional |
Amount of items to be returned in response. Default value: 10 |
integer | 10 |
Query | offset optional |
Amount of first items to exclude from result. Default value: 0 |
integer | 0 |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Permissions returned successfully | PermissionCollection |
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/{idp_type}:{person_id}/permissions
Request query
json :
{
"limit" : 0,
"offset" : 0
}
Example HTTP response
Response 200
json :
{
"content" : [ {
"id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
"permission" : { },
"group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
"person" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
}
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Update person details
PUT /persons/{person_id}
Description
Update person's first name and last name.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | person_id required |
Identifier of the person. | string |
Body | body required |
Person first name and last name to update | AssignPersonName |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Person updated successfully | Person |
400 | Bad request | ErrorResponse |
404 | Not found | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/string
Request body
json :
{
"first_name" : "John",
"last_name" : "Smith"
}
Example HTTP response
Response 200
json :
{
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
}
Response 400
json :
{
"Required field missing" : {
"error_code" : 1006,
"error_message" : "One or more required fields is missing.",
"details" : [ "Field 'last_name' cannot be empty.", "Field 'first_name' cannot be empty." ]
}
}
Response 404
json :
{
"Required field missing" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
"details" : "Invalid personId!"
}
}
List permissions for Onegini IDP person
GET /persons/{person_id}/permissions
Description
List permissions for person.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query | limit optional |
Amount of items to be returned in response. Default value: 10 |
integer | 10 |
Query | offset optional |
Amount of first items to exclude from result. Default value: 0 |
integer | 0 |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Permissions returned successfully | PermissionCollection |
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/{person_id}/permissions
Request query
json :
{
"limit" : 0,
"offset" : 0
}
Example HTTP response
Response 200
json :
{
"content" : [ {
"id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
"permission" : { },
"group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
"person" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
}
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Add new child policy
POST /persons/{person_id}/policies
Description
Creates a new child policy and relates it with specified parent policyId.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | person_id required |
Identifier of the person. | string |
Body | body required |
Policy to be added | PolicyAssign |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Policy added to group successfully | PolicyGet |
404 | Not found | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/string/policies
Request body
json :
{
"principal" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
},
"parent_policy_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}
Example HTTP response
Response 201
json :
{
"name" : "Organisation policy",
"principal" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
},
"scopes" : [ "string" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
},
"assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"parent_id" : "160d8767-b7ea-4706-9738-4dc221658868"
}
Response 404
json :
{
"Required field missing" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM."
}
}
Verifies relation between given person identifiers.
GET /persons/{person_id}/relations/{related_person_id}
Description
Verifies correlation between given person identifiers. Relation to another person exists if that person has a policy assigned from any group the current person has permissions to or that person has a policy assigned by the current person or that person has permission in any group the current person has any permission to.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | person_id required |
Identifier of the person. | string |
Path | related_person_id required |
Identifier of the related person. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | In case the relation with person exists, person object is returned. | Response 200 |
404 | Not found | ErrorResponse |
Name | Description | Schema |
---|---|---|
person required |
Example : "[personget](#personget)" |
PersonGet |
relation_exists required |
Example : true |
boolean |
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/string/relations/string
Example HTTP response
Response 200
json :
"object"
Response 404
json :
{
"Required field missing" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM."
}
}
Get person report
GET /persons/{person_id}/report
Description
Loads personal data (identifier, first name, last name, etc.), policies that belongs to the person, groups in which user has permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | person_id required |
Identifier of the person. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Report returned successfully | PersonReport |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/string/report
Example HTTP response
Response 200
json :
{
"person" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
},
"group_permissions" : [ {
"id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
"child_group_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"parent_group_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"permissions" : "[\"GROUP_MANAGE\",\"GROUP_POLICY_MANAGE\",\"PERMISSION_MANAGE\"]",
"custom_attributes" : { }
} ],
"policies" : [ {
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"name" : "Organisation policy",
"scopes" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}
} ]
}
Response 404
json :
{
"Required field missing" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
"details" : "Invalid personId!"
}
}
Get person report without person related data, endpoint meant to be used by external services that are aware of the person identity
GET /persons/{person_id}/report-omit-identity
Description
Loads policies and groups that belongs to the specified person
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | person_id required |
Identifier of the person. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Report returned successfully | PersonReportWithoutPersonProperty |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- persons
Example HTTP request
Request path
/persons/string/report-omit-identity
Example HTTP response
Response 200
json :
{
"group_permissions" : [ {
"id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
"child_group_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"parent_group_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"permissions" : "[\"GROUP_MANAGE\",\"GROUP_POLICY_MANAGE\",\"PERMISSION_MANAGE\"]",
"custom_attributes" : { }
} ],
"policies" : [ {
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"name" : "Organisation policy",
"scopes" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}
} ]
}
Response 404
json :
{
"Required field missing" : {
"error_code" : 1005,
"error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
"details" : "Invalid personId!"
}
}
Add new policy
POST /policies
Description
Add new policy.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body | body required |
Policy to be added | PolicyNew |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Policy added to group successfully | PolicyGet |
400 | Bad request | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- policies
Example HTTP request
Request path
/policies
Request body
json :
{
"name" : "Organisation policy",
"principal" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
},
"scopes" : [ "string" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
},
"assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}
Example HTTP response
Response 201
json :
{
"name" : "Organisation policy",
"principal" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
},
"scopes" : [ "string" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
},
"assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"parent_id" : "160d8767-b7ea-4706-9738-4dc221658868"
}
Response 400
json :
{
"Required field missing" : {
"error_code" : 1006,
"error_message" : "One of the parameters is invalid or missing.",
"details" : "Field 'principal' cannot be empty."
}
}
Delete policy
DELETE /policies
Description
Delete policy and it's children.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | policyId required |
Identifier of the policy. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Policy deleted successfully. | No Content |
404 | Policy not found. | No Content |
Produces
application/json
Tags
- policies
Example HTTP request
Request path
/policies
Batch policies update
POST /policies/batch
Description
Creates or deletes a set of given policies.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body | body required |
Set of policies to be removed or added. | PolicyBatchUpdate |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Policy added to group successfully | No Content |
404 | Not found | ErrorResponse |
Consumes
application/json
Produces
application/json
Tags
- groups
Example HTTP request
Request path
/policies/batch
Request body
json :
{
"create" : [ {
"name" : "Organisation policy",
"principal" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
},
"scopes" : [ "string" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
},
"assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
} ],
"delete" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]"
}
Example HTTP response
Response 404
json :
{
"Required field missing" : {
"error_code" : 5001,
"error_message" : "Group with given identifier not found.",
"details" : [ "Group with id f530f30d-8322-47d1-93ff-19f4fea37c79 not found." ]
}
}
Search for policies
GET /policies/search
Description
Search for policies.
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Query | limit optional |
Amount of items to be returned in response. Default value: 10 |
integer | 10 |
Query | offset optional |
Amount of first items to exclude from result. Default value: 0 |
integer | 0 |
Query | query required |
Search query. Format: ?query=search_criteria==value,search_criteria2==value&search_criteria3==value aUse & for AND , , for OR Allowed parameters: - principal : Identifier of the person that is principal for the policy- subject_id : Identifier of the subject for the policyEither principal or subject_id are required. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Policies returned successfully | PolicyCollection |
Produces
application/json
Tags
- policies
Example HTTP request
Request path
/policies/search
Request query
json :
{
"limit" : 0,
"offset" : 0,
"query" : "string"
}
Example HTTP response
Response 200
json :
{
"content" : [ {
"name" : "Organisation policy",
"principal" : {
"idp_type" : "CIM",
"person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"first_name" : "John",
"last_name" : "Smith"
},
"scopes" : [ "string" ],
"subject" : {
"type" : "PERSON",
"subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
},
"assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
"id" : "160d8767-b7ea-4706-9738-4dc221658868",
"parent_id" : "160d8767-b7ea-4706-9738-4dc221658868"
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
}
Add scope
POST /scopes
Description
Add new scope.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body | body required |
Scope to be added | ScopeNew |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Scope added successfully | ScopeGet |
409 | Conflict | ErrorResponse |
Tags
- scopes
Example HTTP request
Request path
/scopes
Request body
json :
{
"name" : "READ"
}
Example HTTP response
Response 201
json :
{
"id" : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4",
"name" : "READ"
}
Response 409
json :
{
"Scope already exists" : {
"error_code" : 3002,
"error_message" : "Scope with given name already exist."
}
}
List scopes
GET /scopes
Description
List available scopes.
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Scopes returned successfully | < ScopeCollection > array |
Produces
application/json
Tags
- scopes
Example HTTP request
Request path
/scopes
Example HTTP response
Response 200
json :
[ {
"content" : [ {
"id" : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4",
"name" : "READ"
} ],
"total_elements" : 0,
"total_pages" : 0,
"last" : true,
"first" : true,
"size" : 0,
"number" : 0,
"number_of_elements" : 0
} ]
Update scope
PUT /scopes/{scopeId}
Description
Update scope.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | scopeId required |
Identifier of the scope. | string |
Body | body required |
Scope to be updated. | ScopeUpdate |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Scope added successfully. | ScopeGet |
409 | Conflict | ErrorResponse |
Tags
- scopes
Example HTTP request
Request path
/scopes/string
Request body
json :
{
"name" : "READ"
}
Example HTTP response
Response 200
json :
{
"id" : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4",
"name" : "READ"
}
Response 409
json :
{
"Scope already exists" : {
"error_code" : 3002,
"error_message" : "Scope with given name already exist."
}
}
Delete scope
DELETE /scopes/{scopeId}
Description
Delete scope.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | scopeId required |
Identifier of the scope. | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Scope deleted successfully | No Content |
404 | Not found | ErrorResponse |
Produces
application/json
Tags
- scopes
Example HTTP request
Request path
/scopes/string
Example HTTP response
Response 404
json :
{
"Scope already exists" : {
"error_code" : 3001,
"error_message" : "Scope with given identifier not found."
}
}
Definitions
AssignPersonName
Name | Description | Schema |
---|---|---|
first_name required |
Onegini IDP person's first name. Example : "John" |
string |
last_name required |
Onegini IDP person's last name. Example : "Smith" |
string |
CollectionResult
Collection result used for pagination.
Name | Description | Schema |
---|---|---|
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
Condition
Name | Description | Schema |
---|---|---|
id optional |
Identifier of the condition Example : "37c11359-0124-49a0-b221-4eb0c2b4be24" |
string |
policy optional |
Example : "[policyget](#policyget)" |
PolicyGet |
type optional |
Example : "TIME" |
enum (TIME, CUSTOM) |
value optional |
Condition value. Example : "1509494400:1512086400" |
string |
ConditionIdCollection
Collection of condition identifiers
Type : < string > array
CustomAttribute
Name | Description | Schema |
---|---|---|
name required |
Attribute name Example : "CrmIdentifier" |
string |
value required |
Attribute value Example : "1234567" |
string |
CustomAttributeCollection
Collection of group custom attributes
Type : < CustomAttribute > array
ErrorResponse
Name | Description | Schema |
---|---|---|
code optional |
Error code identifier Example : 1000 |
integer |
details optional |
Example : [ "string" ] |
< string > array |
message optional |
Error code description Example : "string" |
string |
Event
Name | Description | Schema |
---|---|---|
clientIp optional |
Example : "127.0.0.1" |
string |
id optional |
Example : "08da67d0-3ceb-414d-8aa4-2afa13c84d38" |
string |
occurred optional |
Example : 1510227577 |
integer (int64) |
person_id optional |
Onegini IDP person identifier. Example : "160d8767-b7ea-4706-9738-4dc221658868" |
string |
type optional |
Example : "PolicyAdded" |
string |
user_agent optional |
Example : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:46.0) Gecko/20100101 Firefox/46.0" |
string |
EventCollection
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
content optional |
Example : [ "[event](#event)" ] |
< Event > array |
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
GroupCollection
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
content optional |
Example : [ "[groupget](#groupget)" ] |
< GroupGet > array |
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
GroupEdit
Name | Description | Schema |
---|---|---|
custom_attributes optional |
Collection of group's custom attributes Example : {<br> "CrmIdentifier" : "1234567"<br>} |
< string, string > map |
name required |
Name of the group Example : "Innosure Back Office" |
string |
GroupGet
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
child_groups_ids optional |
Child groups Example : "[groupidcollection](#groupidcollection)" |
GroupIdCollection |
custom_attributes optional |
Collection of group's custom attributes Example : {<br> "CrmIdentifier" : "1234567"<br>} |
< string, string > map |
id required |
Group identifier Example : "160d8767-b7ea-4706-9738-4dc221658868" |
string |
name required |
Name of the group Example : "Innosure Back Office" |
string |
parent_groups_ids optional |
Parent groups Example : "[groupidcollection](#groupidcollection)" |
GroupIdCollection |
policy_ids optional |
Policies assigned to this group Example : "[policyidcollection](#policyidcollection)" |
PolicyIdCollection |
GroupIdCollection
Collection of group identifiers
Type : < string > array
GroupName
Name of the group
Type : string
GroupNew
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
custom_attributes optional |
Collection of group's custom attributes Example : {<br> "CrmIdentifier" : "1234567"<br>} |
< string, string > map |
name required |
Name of the group Example : "Innosure Back Office" |
string |
parent_group_id optional |
Identifier of the parent group Example : "160d8767-b7ea-4706-9738-4dc221658868" |
string |
GroupPermission
Name | Description | Schema |
---|---|---|
child_group_ids optional |
Example : "[groupidcollection](#groupidcollection)" |
GroupIdCollection |
custom_attributes optional |
Example : "[customattributecollection](#customattributecollection)" |
CustomAttributeCollection |
id optional |
Identifier of the group Example : "f530f30d-8322-47d1-93ff-19f4fea37c79" |
string |
parent_group_ids optional |
Example : "[groupidcollection](#groupidcollection)" |
GroupIdCollection |
permissions optional |
Group permissions Example : "[permissiontypecollection](#permissiontypecollection)" |
PermissionTypeCollection |
Permission
Type : enum (GROUP_MANAGE, GROUP_POLICY_MANAGE, PERMISSION_MANAGE, PERSON_POLICY_MANAGE, GROUP_MEMBER_MANAGE, POLICY_MANAGE, SCOPE_MANAGE)
PermissionCollection
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
content optional |
Example : [ "[permissionget](#permissionget)" ] |
< PermissionGet > array |
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
PermissionGet
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
group_id required |
Group identifier Example : "37a1af3d-08f9-4028-8728-f47d6084de77" |
string |
id required |
Permission identifier Example : "533a42f9-a43f-438d-ad51-fae46fbe1bf7" |
string |
permission required |
Example : "[permission](#permission)" |
Permission |
person required |
Example : "[person](#person)" |
Person |
PermissionIdCollection
Collection of permission identifiers
Type : < string > array
PermissionNew
Name | Description | Schema |
---|---|---|
group_id required |
Group identifier Example : "37a1af3d-08f9-4028-8728-f47d6084de77" |
string |
permission required |
Example : "[permission](#permission)" |
Permission |
person required |
Example : "[person](#person)" |
Person |
PermissionTypeCollection
Collection of permissions types
Type : < string > array
PermissionsBatchUpdate
Name | Description | Schema |
---|---|---|
create optional |
List of permissions to be added. Example : [ "GROUP_MANAGE" ] |
< Permission > array |
delete optional |
List of permissions to be removed. Example : [ "SCOPE_MANAGE" ] |
< Permission > array |
Person
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
first_name required |
Onegini IDP person's first name. Example : "John" |
string |
idp_type optional |
The type of the identity provider from which the person identifier originates. 'CIM' value is reserved for Onegini's IdP. Example : "CIM" |
string |
last_name required |
Onegini IDP person's last name. Example : "Smith" |
string |
person_id required |
The identifier of the person in whose context this operation is being performed. Example : "13db83a6-bb3f-493a-b614-e86a404c2142" |
string |
PersonGet
Name | Description | Schema |
---|---|---|
permissions required |
Person permissions. Example : "[permissionidcollection](#permissionidcollection)" |
PermissionIdCollection |
person_id required |
Onegini IDP person identifier. Example : "160d8767-b7ea-4706-9738-4dc221658868" |
string |
policies optional |
Person policies. Example : "[policyidcollection](#policyidcollection)" |
PolicyIdCollection |
PersonIdCollection
Collection of permission identifiers
Type : < string > array
PersonName
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
first_name required |
Onegini IDP person's first name. Example : "John" |
string |
idp_type optional |
The type of the identity provider from which the person identifier originates. 'CIM' value is reserved for Onegini's IdP. Example : "CIM" |
string |
last_name required |
Onegini IDP person's last name. Example : "Smith" |
string |
person_id optional |
Identifier of the Onegini's IdP person Example : "577a42f9-a43f-438d-ad51-fae46fbe1bf7" |
string |
PersonNameCollection
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
content optional |
Example : [ "[personname](#personname)" ] |
< PersonName > array |
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
PersonReport
Name | Description | Schema |
---|---|---|
group_permissions optional |
Person's permissions in groups. Example : [ "[grouppermission](#grouppermission)" ] |
< GroupPermission > array |
person optional |
Example : "[person](#person)" |
Person |
policies optional |
Policies assigned to person. Example : [ "[policyreportdto](#policyreportdto)" ] |
< PolicyReportDto > array |
PersonReportWithoutPersonProperty
Name | Description | Schema |
---|---|---|
group_permissions optional |
Person's permissions in groups. Example : [ "[grouppermission](#grouppermission)" ] |
< GroupPermission > array |
policies optional |
Policies assigned to person. Example : [ "[policyreportdto](#policyreportdto)" ] |
< PolicyReportDto > array |
PolicyAssign
Name | Description | Schema |
---|---|---|
parent_policy_id required |
Parent policy id. Example : "13db83a6-bb3f-493a-b614-e86a404c2142" |
string |
principal required |
Example : "[person](#person)" |
Person |
PolicyBatchUpdate
Name | Description | Schema |
---|---|---|
create optional |
Policies to add collection. Example : [ "[policynew](#policynew)" ] |
< PolicyNew > array |
delete optional |
Policies to remove collection. Example : "[policyidcollection](#policyidcollection)" |
PolicyIdCollection |
PolicyCollection
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
content optional |
Example : [ "[policyget](#policyget)" ] |
< PolicyGet > array |
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
PolicyGet
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
assignee_id optional |
Identifier of the person to whom this policy is assigned to. Example : "13db83a6-bb3f-493a-b614-e86a404c2142" |
string |
id required |
Identifier of the policy. Example : "160d8767-b7ea-4706-9738-4dc221658868" |
string |
name required |
Policy name. Example : "Organisation policy" |
string |
parent_id optional |
Identifier of parent policy. Example : "160d8767-b7ea-4706-9738-4dc221658868" |
string |
principal required |
Example : "[person](#person)" |
Person |
scopes required |
List of scope identifiers. Example : [ "string" ] |
< string > array |
subject required |
Example : "[subject](#subject)" |
Subject |
PolicyIdCollection
Collection of policy identifiers
Type : < string > array
PolicyNew
Name | Description | Schema |
---|---|---|
assignee_id optional |
Identifier of the person to whom this policy is assigned to. Example : "13db83a6-bb3f-493a-b614-e86a404c2142" |
string |
name required |
Policy name. Example : "Organisation policy" |
string |
principal required |
Example : "[person](#person)" |
Person |
scopes required |
List of scope identifiers. Example : [ "string" ] |
< string > array |
subject required |
Example : "[subject](#subject)" |
Subject |
PolicyReportDto
Name | Description | Schema |
---|---|---|
id optional |
Identifier of the policy. Example : "160d8767-b7ea-4706-9738-4dc221658868" |
string |
name optional |
Policy name. Example : "Organisation policy" |
string |
scopes optional |
List of scope identifiers. Example : "[scopeidcollection](#scopeidcollection)" |
ScopeIdCollection |
subject optional |
Example : "[subject](#subject)" |
Subject |
ResourceIdCollection
Collection of resource identifiers
Type : < string > array
ScopeCollection
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
content optional |
Example : [ "[scopeget](#scopeget)" ] |
< ScopeGet > array |
first optional |
Is this page first? Example : true |
boolean |
last optional |
Is this page last? Example : true |
boolean |
number optional |
Page number. Example : 0 |
integer |
number_of_elements optional |
Actual number of elements on current page. Example : 0 |
integer |
size optional |
Page size. Example : 0 |
integer |
total_elements optional |
Total number of items. Example : 0 |
integer |
total_pages optional |
Total number of pages. Example : 0 |
integer |
ScopeGet
Polymorphism : Composition
Name | Description | Schema |
---|---|---|
id optional |
Identifier of the scope. Example : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4" |
string |
name optional |
Name of the scope. Example : "READ" |
string |
ScopeIdCollection
Collection of scopes identifiers
Type : < string > array
ScopeNew
Name | Description | Schema |
---|---|---|
name optional |
Name of the scope. Example : "READ" |
string |
ScopeUpdate
Name | Description | Schema |
---|---|---|
name optional |
Name of the scope. Example : "READ" |
string |
Subject
Name | Description | Schema |
---|---|---|
subject_id required |
Type of subject. Example : "13db83a6-bb3f-493a-b614-e86a404c2142" |
string |
type optional |
The type of subject. It can be person or group. Example : "PERSON" |
enum (PERSON, GROUP) |
Security
basicAuth
Type : basic