Dum engine

Overview

Dum engine API definition

Version information

Version : 1.0.0

Contact information

Contact Email : [email protected]

URI scheme

BasePath : /api/v1
Schemes : HTTP, HTTPS

Tags

  • events : Manage events
  • groups : Group operations
  • permissions : Manage permissions
  • persons : Person operations
  • policies : Policy operations
  • scopes : Manage scopes

Paths

Search for events

GET /events/search

Description

List events.

Parameters

Type Name Description Schema Default
Query limit
optional
Amount of items to be returned in response.

Default value: 10
integer 10
Query offset
optional
Amount of first items to exclude from result.

Default value: 0
integer 0
Query query
required
Search query:

Format: ?query=search_criteria==value,search_criteria2==value&search_criteria3==value
Use & for AND, , for OR


Allowed parameters:
- person: Identifier of the person for which events should be returned
string

Responses

HTTP Code Description Schema
200 Events returned successfully EventCollection

Produces

  • application/json

Tags

  • events

Example HTTP request

Request path
/events/search
Request query
json :
{
  "limit" : 0,
  "offset" : 0,
  "query" : "string"
}

Example HTTP response

Response 200
json :
{
  "content" : [ {
    "id" : "08da67d0-3ceb-414d-8aa4-2afa13c84d38",
    "type" : "PolicyAdded",
    "occurred" : 1510227577,
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:46.0) Gecko/20100101 Firefox/46.0",
    "person_id" : "160d8767-b7ea-4706-9738-4dc221658868",
    "clientIp" : "127.0.0.1"
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}

Create a group

POST /groups

Description

Create a group.

Parameters

Type Name Description Schema
Body body
required
Group to be added. GroupNew

Responses

HTTP Code Description Schema
201 Group created successfully. GroupGet
400 Bad request ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups
Request body
json :
{
  "parent_group_id" : "160d8767-b7ea-4706-9738-4dc221658868",
  "custom_attributes" : {
    "CrmIdentifier" : "1234567"
  },
  "name" : "Innosure Back Office"
}

Example HTTP response

Response 201
json :
{
  "id" : "235knu4o-k399-6233-5267-k26id3vd0434",
  "parent_groups_ids" : [ "160d8767-b7ea-4706-9738-4dc221658868" ],
  "name" : "Innosure Back Office"
}
Response 400
json :
{
  "Required field missing" : {
    "error_code" : 1006,
    "error_message" : "One of the parameters is invalid or missing.",
    "details" : "Field 'name' cannot be null."
  }
}

List groups

GET /groups

Description

List groups.

Parameters

Type Name Description Schema Default
Query custom_attribute
optional
Custom attribute in the form of name:value. If present the custom attribute criteria is added string
Query limit
optional
Amount of items to be returned in response.

Default value: 10
integer 10
Query offset
optional
Amount of first items to exclude from result.

Default value: 0
integer 0
Query sort
optional
Sorts result in ascending or descending order in a form column_name,direction.
Allowed direction:
asc - ascending order
desc - descending order

Allowed column names:
g_child.name - sort result by group name

Example:
?sort=g_child.name,desc - sort groups in descending order
< string > array

Responses

HTTP Code Description Schema
200 Groups returned successfully. GroupCollection
400 The request received by the server was invalid or malformed.

Possible errors:
1004: One or more parameters are invalid.
ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups
Request query
json :
{
  "custom_attribute" : "string",
  "limit" : 0,
  "offset" : 0,
  "sort" : "string"
}

Example HTTP response

Response 200
json :
{
  "content" : [ {
    "id" : "160d8767-b7ea-4706-9738-4dc221658868",
    "name" : "Innosure Back Office",
    "policy_ids" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "child_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "parent_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "custom_attributes" : {
      "CrmIdentifier" : "1234567"
    }
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}
Response 400
json :
{
  "code" : 1000,
  "message" : "string",
  "details" : [ "string" ]
}

Search for groups

GET /groups/search

Description

Search for groups which specified person and identity provider type have permissions to.

Parameters

Type Name Description Schema Default
Query idp_type
required
The type of the identity provider from which the person identifier originates. 'CIM' value is reserved for Onegini's IdP. string
Query limit
optional
Amount of items to be returned in response.

Default value: 10
integer 10
Query name
optional
Name of a group to be found (may contain % sign at the beginning or/and at the end to search for groups with name that contains the value, eg. %amp% will find company of a name Example and Ampe) string
Query offset
optional
Amount of first items to exclude from result.

Default value: 0
integer 0
Query parent_group_id
optional
Identifier of the parent group. As default it's a root group's id string
Query person_id
required
Identifier of the person for which groups with person permissions should be returned string
Query sort
optional
Sorts result in ascending or descending order in a form column_name,direction.
Allowed direction:
asc - ascending order
desc - descending order

Allowed column names:
g_child.name - sort result by group name

Example:
?sort=g_child.name,desc - sort groups in descending order
< string > array

Responses

HTTP Code Description Schema
200 Groups returned successfully. GroupCollection
400 The request received by the server was invalid or malformed.

Possible errors:
1000: The request received by the server was invalid or malformed
ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/search
Request query
json :
{
  "idp_type" : "string",
  "limit" : 0,
  "name" : "string",
  "offset" : 0,
  "parent_group_id" : "string",
  "person_id" : "string",
  "sort" : "string"
}

Example HTTP response

Response 200
json :
{
  "content" : [ {
    "id" : "160d8767-b7ea-4706-9738-4dc221658868",
    "name" : "Innosure Back Office",
    "policy_ids" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "child_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "parent_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "custom_attributes" : {
      "CrmIdentifier" : "1234567"
    }
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}
Response 400
json :
{
  "code" : 1000,
  "message" : "string",
  "details" : [ "string" ]
}

Get a group by identifier

GET /groups/{group_id}

Description

Get a group by identifier.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string

Responses

HTTP Code Description Schema
200 Groups returned successfully. GroupGet
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string

Example HTTP response

Response 200
json :
{
  "id" : "160d8767-b7ea-4706-9738-4dc221658868",
  "name" : "Innosure Back Office",
  "policy_ids" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
  "child_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
  "parent_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
  "custom_attributes" : {
    "CrmIdentifier" : "1234567"
  }
}
Response 404
json :
{
  "Required field missing" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier was not found."
  }
}

Update a group

PUT /groups/{group_id}

Description

Update a group.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Body body
required
Group to be updated. GroupEdit

Responses

HTTP Code Description Schema
200 Group updated successfully. GroupGet
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string
Request body
json :
{
  "name" : "Innosure Back Office",
  "custom_attributes" : {
    "CrmIdentifier" : "1234567"
  }
}

Example HTTP response

Response 200
json :
{
  "id" : "160d8767-b7ea-4706-9738-4dc221658868",
  "name" : "Innosure Back Office",
  "policy_ids" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
  "child_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
  "parent_groups_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
  "custom_attributes" : {
    "CrmIdentifier" : "1234567"
  }
}
Response 404
json :
{
  "Required field missing" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier was not found.",
    "details" : [ "Group with id 160d8767-b7ea-4706-9738-4dc221658868 not found." ]
  }
}

Delete group

DELETE /groups/{group_id}

Description

Delete group.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string

Responses

HTTP Code Description Schema
204 Group deleted successfully. No Content
404 Group not found. No Content

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string

Set a custom attribute on a group

POST /groups/{group_id}/custom-attributes

Description

The name and value are free-form and can be used to store custom data on the group itself. A custom attribute contains a name and a value

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Body CustomAttribute
required
The request has a JSON body containing a custom attribute CustomAttribute

Responses

HTTP Code Description Schema
204 Custom attribute added successfully No Content
400 Bad request ErrorResponse
404 Not found ErrorResponse
409 Custom attribute already exists ErrorResponse

Consumes

  • application/json

Security

Type Name
Unknown basic_auth

Example HTTP request

Request path
/groups/string/custom-attributes
Request body
json :
{
  "name" : "CrmIdentifier",
  "value" : "1234567"
}

Example HTTP response

Response 400
json :
{
  "Response" : {
    "error_code" : 1006,
    "error_message" : "One of the parameters is invalid or missing.",
    "details" : [ "Field 'name' cannot be null." ]
  }
}
Response 404
json :
{
  "Response" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id 1f0917d4-3e3e-476c-8b30-a94e0b06bfef not found." ]
  }
}
Response 409
json :
{
  "Response" : {
    "error_code" : 6002,
    "error_message" : "Custom attribute with given name already exists."
  }
}

Update custom attribute on a group

PUT /groups/{group_id}/custom-attributes/{custom_attribute_name}

Description

To update an identifier, the custom_attribute_name is used to identify the custom attribute within the groups custom attributes

Parameters

Type Name Description Schema
Path custom_attribute_name
required
Name of updated custom attribute. string
Path group_id
required
Identifier of the group. string
Body UpdatedCustomAttributeValue
required
The request has a JSON body containing a custom attribute value UpdatedCustomAttributeValue

UpdatedCustomAttributeValue

Name Description Schema
value
required
Example : "1234567" string

Responses

HTTP Code Description Schema
204 Custom attribute updated successfully No Content
400 Bad request ErrorResponse
404 Not found ErrorResponse
409 Custom attribute does not exist ErrorResponse

Consumes

  • application/json

Security

Type Name
Unknown basic_auth

Example HTTP request

Request path
/groups/string/custom-attributes/string
Request body
json :
{
  "value" : "1234567"
}

Example HTTP response

Response 400
json :
{
  "Response" : {
    "error_code" : 1006,
    "error_message" : "One of the parameters is invalid or missing.",
    "details" : [ "Field 'value' cannot be null." ]
  }
}
Response 404
json :
{
  "Response" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id 1f0917d4-3e3e-476c-8b30-a94e0b06bfef not found." ]
  }
}
Response 409
json :
{
  "Response" : {
    "error_code" : 6001,
    "error_message" : "Custom attribute with given name not found."
  }
}

Delete custom attribute on a group

DELETE /groups/{group_id}/custom-attributes/{custom_attribute_name}

Description

To delete an identifier, the custom_attribute_name is used to identify the custom attribute within the groups custom attributes

Parameters

Type Name Description Schema
Path custom_attribute_name
required
Name of deleted custom attribute. string
Path group_id
required
Identifier of the group. string

Responses

HTTP Code Description Schema
204 Custom attribute deleted successfully No Content
404 Not found ErrorResponse
409 Custom attribute does not exist ErrorResponse

Consumes

  • application/json

Security

Type Name
Unknown basic_auth

Example HTTP request

Request path
/groups/string/custom-attributes/string

Example HTTP response

Response 404
json :
{
  "Response" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id 1f0917d4-3e3e-476c-8b30-a94e0b06bfef not found." ]
  }
}
Response 409
json :
{
  "Response" : {
    "error_code" : 6001,
    "error_message" : "Custom attribute with given name not found."
  }
}

List permissions for group

GET /groups/{group_id}/permissions

Description

List permissions for group.

Parameters

Type Name Description Schema Default
Query limit
optional
Amount of items to be returned in response.

Default value: 10
integer 10
Query offset
optional
Amount of first items to exclude from result.

Default value: 0
integer 0

Responses

HTTP Code Description Schema
200 Events returned successfully PermissionCollection

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/{group_id}/permissions
Request query
json :
{
  "limit" : 0,
  "offset" : 0
}

Example HTTP response

Response 200
json :
{
  "content" : [ {
    "id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
    "permission" : { },
    "group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
    "person" : {
      "idp_type" : "CIM",
      "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
      "first_name" : "John",
      "last_name" : "Smith"
    }
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}

Search for permissions

GET /groups/{group_id}/permissions/search

Description

Search for permissions.

Parameters

Type Name Description Schema Default
Query limit
optional
Amount of items to be returned in response.

Default value: 10
integer 10
Query offset
optional
Amount of first items to exclude from result.

Default value: 0
integer 0
Query query
required
Search query.

Format: ?query=search_criteria==value,search_criteria2==value&search_criteria3==value
Use & for AND, , for OR


Allowed parameters:
- person_id: Identifier of the person for which permissions should be returned.
string

Responses

HTTP Code Description Schema
200 Events returned successfully PermissionCollection

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/{group_id}/permissions/search
Request query
json :
{
  "limit" : 0,
  "offset" : 0,
  "query" : "string"
}

Example HTTP response

Response 200
json :
{
  "content" : [ {
    "id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
    "permission" : { },
    "group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
    "person" : {
      "idp_type" : "CIM",
      "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
      "first_name" : "John",
      "last_name" : "Smith"
    }
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}

Add a Onegini IdP person to a group

POST /groups/{group_id}/persons

Description

Add a Onegini IdP person to a group.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Body body
required
Person information to be added, eg. first and last name PersonName

Responses

HTTP Code Description Schema
201 Person successfully added to group. No Content
400 Bad request ErrorResponse
404 Not found ErrorResponse
409 Conflict ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/persons
Request body
json :
{
  "person_id" : "577a42f9-a43f-438d-ad51-fae46fbe1bf7",
  "idp_type" : "CIM",
  "first_name" : "John",
  "last_name" : "Smith"
}

Example HTTP response

Response 400
json :
{
  "Required field missing" : {
    "error_code" : 1006,
    "error_message" : "One or more required fields is missing.",
    "details" : [ "Field 'last_name' cannot be empty.", "Field 'first_name' cannot be empty." ]
  }
}
Response 404
json :
{
  "Person identifier is invalid" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
    "details" : "Invalid personId!"
  },
  "Group with not found" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier was not found.",
    "details" : [ "Group with id 160d8767-b7ea-4706-9738-4dc221658868 not found." ]
  }
}
Response 409
json :
{
  "Group member already exists" : {
    "error_code" : 5003,
    "error_message" : "Person with given id is already group member."
  }
}

List group members.

GET /groups/{group_id}/persons

Description

List persons who are members of the given group.

Parameters

Type Name Description Schema Default
Path group_id
required
Identifier of the group. string
Query limit
optional
Amount of items to be returned in response.

Default value: 10
integer 10
Query offset
optional
Amount of first items to exclude from result.

Default value: 0
integer 0

Responses

HTTP Code Description Schema
200 Group members returned successfully. PersonNameCollection
404 Not found. ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/persons
Request query
json :
{
  "limit" : 0,
  "offset" : 0
}

Example HTTP response

Response 200
json :
{
  "content" : [ {
    "person_id" : "577a42f9-a43f-438d-ad51-fae46fbe1bf7",
    "idp_type" : "CIM",
    "first_name" : "John",
    "last_name" : "Smith"
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}
Response 404
json :
{
  "Required field missing" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier was not found."
  }
}

Search group members.

GET /groups/{group_id}/persons/search

Description

List persons who are members of the given group.

Parameters

Type Name Description Schema Default
Path group_id
required
Identifier of the group. string
Query limit
optional
Amount of items to be returned in response.

Default value: 10
integer 10
Query offset
optional
Amount of first items to exclude from result.

Default value: 0
integer 0
Query query
required
Search query.

Format: ?query=search_criteria==value,search_criteria2==value&search_criteria3==value
Use & for AND, , for OR


Allowed parameters:
- name: String to match person first and/or last name with.
string
Query sort
optional
Sorts result in ascending or descending order in a form column_name,direction.
Allowed direction:
asc - ascending order
desc - descending order

Allowed column names:
firstName - sort result by first name
lastName - sort result by last name

Example:
* ?sort=firstName,asc&sort=lastName,asc - sort result in ascending order by first and last name
< string > array

Responses

HTTP Code Description Schema
200 Group members returned successfully. PersonNameCollection
404 Not found. ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/persons/search
Request query
json :
{
  "limit" : 0,
  "offset" : 0,
  "query" : "string",
  "sort" : "string"
}

Example HTTP response

Response 200
json :
{
  "content" : [ {
    "person_id" : "577a42f9-a43f-438d-ad51-fae46fbe1bf7",
    "idp_type" : "CIM",
    "first_name" : "John",
    "last_name" : "Smith"
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}
Response 404
json :
{
  "Required field missing" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier was not found."
  }
}

Update permissions in batch request

POST /groups/{group_id}/persons/{idpType}/{person_id}/permissions/batch

Description

Update permissions in batch request

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Path idpType
required
Identity provider type string
Path person_id
required
Identifier of the person. string
Body body
required
List of permissions to be created or removed. PermissionsBatchUpdate

Responses

HTTP Code Description Schema
200 Permissions updated with success PermissionCollection
400 Bad request ErrorResponse

Consumes

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/persons/string/string/permissions/batch
Request body
json :
{
  "create" : [ "GROUP_MANAGE" ],
  "delete" : [ "SCOPE_MANAGE" ]
}

Example HTTP response

Response 200
json :
{
  "content" : [ {
    "id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
    "permission" : { },
    "group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
    "person" : {
      "idp_type" : "CIM",
      "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
      "first_name" : "John",
      "last_name" : "Smith"
    }
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}
Response 400
json :
{
  "Person does not exist" : {
    "error_code" : 4006,
    "error_message" : "Person with given identifier not found",
    "details" : "Person of type LDAP with id 160d8767-b7ea-4706-9738-4dc221658868 not found."
  }
}

Remove a group member.

DELETE /groups/{group_id}/persons/{person_id}

Description

Remove a group member.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Path person_id
required
Identifier of the person. string

Responses

HTTP Code Description Schema
204 Group member successfully removed. No Content
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/persons/string

Example HTTP response

Response 404
json :
{
  "Required field missing" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
    "details" : "Invalid personId!"
  },
  "Person is not group member" : {
    "error_code" : 5004,
    "error_message" : "Person with given id is not group member."
  }
}

Get person report for a specific group

GET /groups/{group_id}/persons/{person_id}/report

Description

Loads personal data (identifier, first name, last name, etc.), policies that belongs to the person, permissions for specific group.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Path person_id
required
Identifier of the person. string

Responses

HTTP Code Description Schema
200 Report returned successfully PersonReport
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/persons/string/report

Example HTTP response

Response 200
json :
{
  "person" : {
    "idp_type" : "CIM",
    "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "group_permissions" : [ {
    "id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
    "child_group_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "parent_group_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "permissions" : "[\"GROUP_MANAGE\",\"GROUP_POLICY_MANAGE\",\"PERMISSION_MANAGE\"]",
    "custom_attributes" : { }
  } ],
  "policies" : [ {
    "id" : "160d8767-b7ea-4706-9738-4dc221658868",
    "name" : "Organisation policy",
    "scopes" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "subject" : {
      "type" : "PERSON",
      "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
    }
  } ]
}
Response 404
json :
{
  "Required field missing" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
    "details" : "Invalid personId!"
  },
  "Required field missing 2" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id f530f30d-8322-47d1-93ff-19f4fea37c79 not found." ]
  }
}

Assign a new policy to a group.

POST /groups/{group_id}/policies

Description

Creates a new policy which is based on the given parent policy and assigns it to a group. The newly created policy will have a reference to the parent.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Body body
required
Parent policy from which the newly created one should inherit from and the principal. PolicyAssign

Responses

HTTP Code Description Schema
201 Policy assigned to a group successfully. PolicyGet
404 Not found ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/policies
Request body
json :
{
  "principal" : {
    "idp_type" : "CIM",
    "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "parent_policy_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}

Example HTTP response

Response 201
json :
{
  "name" : "Organisation policy",
  "principal" : {
    "idp_type" : "CIM",
    "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "scopes" : [ "string" ],
  "subject" : {
    "type" : "PERSON",
    "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
  },
  "assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
  "id" : "160d8767-b7ea-4706-9738-4dc221658868",
  "parent_id" : "160d8767-b7ea-4706-9738-4dc221658868"
}
Response 404
json :
{
  "Required field missing" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id 160d8767-b7ea-4706-9738-4dc221658868 not found." ]
  }
}

List group policies

GET /groups/{group_id}/policies

Description

Lists all policies which concerns given groupId as a subject.

Parameters

Type Name Description Schema Default
Path group_id
required
Identifier of the group. string
Query limit
optional
Amount of items to be returned in response.

Default value: 10
integer 10
Query offset
optional
Amount of first items to exclude from result.

Default value: 0
integer 0

Responses

HTTP Code Description Schema
200 Policies returned successfully. PolicyCollection

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/policies
Request query
json :
{
  "limit" : 0,
  "offset" : 0
}

Example HTTP response

Response 200
json :
{
  "content" : [ {
    "name" : "Organisation policy",
    "principal" : {
      "idp_type" : "CIM",
      "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
      "first_name" : "John",
      "last_name" : "Smith"
    },
    "scopes" : [ "string" ],
    "subject" : {
      "type" : "PERSON",
      "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
    },
    "assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
    "id" : "160d8767-b7ea-4706-9738-4dc221658868",
    "parent_id" : "160d8767-b7ea-4706-9738-4dc221658868"
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}

Assign a permission to a person

POST /permissions

Description

Assign a permission to a person

Parameters

Type Name Description Schema
Body body
required
Permission to be assigned PermissionNew

Responses

HTTP Code Description Schema
200 Permission assigned successfully PermissionGet
400 Bad request ErrorResponse

Tags

  • permissions

Example HTTP request

Request path
/permissions
Request body
json :
{
  "permission" : { },
  "group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
  "person" : {
    "idp_type" : "CIM",
    "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
    "first_name" : "John",
    "last_name" : "Smith"
  }
}

Example HTTP response

Response 200
json :
{
  "id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
  "permission" : { },
  "group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
  "person" : {
    "idp_type" : "CIM",
    "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
    "first_name" : "John",
    "last_name" : "Smith"
  }
}
Response 400
json :
{
  "Required field missing" : {
    "error_code" : 1001,
    "error_message" : "One or more required fields is missing."
  },
  "Unsupported media type" : {
    "error_code" : 1002,
    "error_message" : "Unsupported media type. Please use `Content-Type: application/json`"
  },
  "Operation not supported" : {
    "error_code" : 1003,
    "error_message" : "Operation not supported."
  }
}

Delete permission

DELETE /permissions/{permissionId}

Description

Delete permission.

Parameters

Type Name Description Schema
Path permissionId
required
Identifier of the permission. string

Responses

HTTP Code Description Schema
200 Permission deleted successfully No Content

Tags

  • permissions

Example HTTP request

Request path
/permissions/string

List permissions for person and idp type

GET /persons/{idp_type}:{person_id}/permissions

Description

List permissions for person.

Parameters

Type Name Description Schema Default
Query limit
optional
Amount of items to be returned in response.

Default value: 10
integer 10
Query offset
optional
Amount of first items to exclude from result.

Default value: 0
integer 0

Responses

HTTP Code Description Schema
200 Permissions returned successfully PermissionCollection

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/{idp_type}:{person_id}/permissions
Request query
json :
{
  "limit" : 0,
  "offset" : 0
}

Example HTTP response

Response 200
json :
{
  "content" : [ {
    "id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
    "permission" : { },
    "group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
    "person" : {
      "idp_type" : "CIM",
      "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
      "first_name" : "John",
      "last_name" : "Smith"
    }
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}

Update person details

PUT /persons/{person_id}

Description

Update person's first name and last name.

Parameters

Type Name Description Schema
Path person_id
required
Identifier of the person. string
Body body
required
Person first name and last name to update AssignPersonName

Responses

HTTP Code Description Schema
200 Person updated successfully Person
400 Bad request ErrorResponse
404 Not found ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/string
Request body
json :
{
  "first_name" : "John",
  "last_name" : "Smith"
}

Example HTTP response

Response 200
json :
{
  "idp_type" : "CIM",
  "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
  "first_name" : "John",
  "last_name" : "Smith"
}
Response 400
json :
{
  "Required field missing" : {
    "error_code" : 1006,
    "error_message" : "One or more required fields is missing.",
    "details" : [ "Field 'last_name' cannot be empty.", "Field 'first_name' cannot be empty." ]
  }
}
Response 404
json :
{
  "Required field missing" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
    "details" : "Invalid personId!"
  }
}

List permissions for Onegini IDP person

GET /persons/{person_id}/permissions

Description

List permissions for person.

Parameters

Type Name Description Schema Default
Query limit
optional
Amount of items to be returned in response.

Default value: 10
integer 10
Query offset
optional
Amount of first items to exclude from result.

Default value: 0
integer 0

Responses

HTTP Code Description Schema
200 Permissions returned successfully PermissionCollection

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/{person_id}/permissions
Request query
json :
{
  "limit" : 0,
  "offset" : 0
}

Example HTTP response

Response 200
json :
{
  "content" : [ {
    "id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
    "permission" : { },
    "group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
    "person" : {
      "idp_type" : "CIM",
      "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
      "first_name" : "John",
      "last_name" : "Smith"
    }
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}

Add new child policy

POST /persons/{person_id}/policies

Description

Creates a new child policy and relates it with specified parent policyId.

Parameters

Type Name Description Schema
Path person_id
required
Identifier of the person. string
Body body
required
Policy to be added PolicyAssign

Responses

HTTP Code Description Schema
201 Policy added to group successfully PolicyGet
404 Not found ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/string/policies
Request body
json :
{
  "principal" : {
    "idp_type" : "CIM",
    "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "parent_policy_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}

Example HTTP response

Response 201
json :
{
  "name" : "Organisation policy",
  "principal" : {
    "idp_type" : "CIM",
    "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "scopes" : [ "string" ],
  "subject" : {
    "type" : "PERSON",
    "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
  },
  "assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
  "id" : "160d8767-b7ea-4706-9738-4dc221658868",
  "parent_id" : "160d8767-b7ea-4706-9738-4dc221658868"
}
Response 404
json :
{
  "Required field missing" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM."
  }
}

Verifies relation between given person identifiers.

GET /persons/{person_id}/relations/{related_person_id}

Description

Verifies correlation between given person identifiers. Relation to another person exists if that person has a policy assigned from any group the current person has permissions to or that person has a policy assigned by the current person or that person has permission in any group the current person has any permission to.

Parameters

Type Name Description Schema
Path person_id
required
Identifier of the person. string
Path related_person_id
required
Identifier of the related person. string

Responses

HTTP Code Description Schema
200 In case the relation with person exists, person object is returned. Response 200
404 Not found ErrorResponse

Response 200

Name Description Schema
person
required
Example : "[personget](#personget)" PersonGet
relation_exists
required
Example : true boolean

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/string/relations/string

Example HTTP response

Response 200
json :
"object"
Response 404
json :
{
  "Required field missing" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM."
  }
}

Get person report

GET /persons/{person_id}/report

Description

Loads personal data (identifier, first name, last name, etc.), policies that belongs to the person, groups in which user has permissions

Parameters

Type Name Description Schema
Path person_id
required
Identifier of the person. string

Responses

HTTP Code Description Schema
200 Report returned successfully PersonReport
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/string/report

Example HTTP response

Response 200
json :
{
  "person" : {
    "idp_type" : "CIM",
    "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "group_permissions" : [ {
    "id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
    "child_group_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "parent_group_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "permissions" : "[\"GROUP_MANAGE\",\"GROUP_POLICY_MANAGE\",\"PERMISSION_MANAGE\"]",
    "custom_attributes" : { }
  } ],
  "policies" : [ {
    "id" : "160d8767-b7ea-4706-9738-4dc221658868",
    "name" : "Organisation policy",
    "scopes" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "subject" : {
      "type" : "PERSON",
      "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
    }
  } ]
}
Response 404
json :
{
  "Required field missing" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
    "details" : "Invalid personId!"
  }
}

GET /persons/{person_id}/report-omit-identity

Description

Loads policies and groups that belongs to the specified person

Parameters

Type Name Description Schema
Path person_id
required
Identifier of the person. string

Responses

HTTP Code Description Schema
200 Report returned successfully PersonReportWithoutPersonProperty
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/string/report-omit-identity

Example HTTP response

Response 200
json :
{
  "group_permissions" : [ {
    "id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
    "child_group_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "parent_group_ids" : "[\"f530f30d-8322-47d1-93ff-19f4fea37c79\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "permissions" : "[\"GROUP_MANAGE\",\"GROUP_POLICY_MANAGE\",\"PERMISSION_MANAGE\"]",
    "custom_attributes" : { }
  } ],
  "policies" : [ {
    "id" : "160d8767-b7ea-4706-9738-4dc221658868",
    "name" : "Organisation policy",
    "scopes" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]",
    "subject" : {
      "type" : "PERSON",
      "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
    }
  } ]
}
Response 404
json :
{
  "Required field missing" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
    "details" : "Invalid personId!"
  }
}

Add new policy

POST /policies

Description

Add new policy.

Parameters

Type Name Description Schema
Body body
required
Policy to be added PolicyNew

Responses

HTTP Code Description Schema
201 Policy added to group successfully PolicyGet
400 Bad request ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • policies

Example HTTP request

Request path
/policies
Request body
json :
{
  "name" : "Organisation policy",
  "principal" : {
    "idp_type" : "CIM",
    "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "scopes" : [ "string" ],
  "subject" : {
    "type" : "PERSON",
    "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
  },
  "assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}

Example HTTP response

Response 201
json :
{
  "name" : "Organisation policy",
  "principal" : {
    "idp_type" : "CIM",
    "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "scopes" : [ "string" ],
  "subject" : {
    "type" : "PERSON",
    "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
  },
  "assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
  "id" : "160d8767-b7ea-4706-9738-4dc221658868",
  "parent_id" : "160d8767-b7ea-4706-9738-4dc221658868"
}
Response 400
json :
{
  "Required field missing" : {
    "error_code" : 1006,
    "error_message" : "One of the parameters is invalid or missing.",
    "details" : "Field 'principal' cannot be empty."
  }
}

Delete policy

DELETE /policies

Description

Delete policy and it's children.

Parameters

Type Name Description Schema
Path policyId
required
Identifier of the policy. string

Responses

HTTP Code Description Schema
204 Policy deleted successfully. No Content
404 Policy not found. No Content

Produces

  • application/json

Tags

  • policies

Example HTTP request

Request path
/policies

Batch policies update

POST /policies/batch

Description

Creates or deletes a set of given policies.

Parameters

Type Name Description Schema
Body body
required
Set of policies to be removed or added. PolicyBatchUpdate

Responses

HTTP Code Description Schema
200 Policy added to group successfully No Content
404 Not found ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/policies/batch
Request body
json :
{
  "create" : [ {
    "name" : "Organisation policy",
    "principal" : {
      "idp_type" : "CIM",
      "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
      "first_name" : "John",
      "last_name" : "Smith"
    },
    "scopes" : [ "string" ],
    "subject" : {
      "type" : "PERSON",
      "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
    },
    "assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
  } ],
  "delete" : "[\"145fabf0-8b05-4a4d-be15-95c7b568da63\",\"fe987430-8f0f-4fe6-948c-3d77cf05279a\",\"7b10aea0-6ca5-40f6-8fd5-acd060dfad95\"]"
}

Example HTTP response

Response 404
json :
{
  "Required field missing" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id f530f30d-8322-47d1-93ff-19f4fea37c79 not found." ]
  }
}

Search for policies

GET /policies/search

Description

Search for policies.

Parameters

Type Name Description Schema Default
Query limit
optional
Amount of items to be returned in response.

Default value: 10
integer 10
Query offset
optional
Amount of first items to exclude from result.

Default value: 0
integer 0
Query query
required
Search query.

Format: ?query=search_criteria==value,search_criteria2==value&search_criteria3==valuea
Use & for AND, , for OR


Allowed parameters:
- principal: Identifier of the person that is principal for the policy
- subject_id: Identifier of the subject for the policy
Either principal or subject_id are required.
string

Responses

HTTP Code Description Schema
200 Policies returned successfully PolicyCollection

Produces

  • application/json

Tags

  • policies

Example HTTP request

Request path
/policies/search
Request query
json :
{
  "limit" : 0,
  "offset" : 0,
  "query" : "string"
}

Example HTTP response

Response 200
json :
{
  "content" : [ {
    "name" : "Organisation policy",
    "principal" : {
      "idp_type" : "CIM",
      "person_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
      "first_name" : "John",
      "last_name" : "Smith"
    },
    "scopes" : [ "string" ],
    "subject" : {
      "type" : "PERSON",
      "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
    },
    "assignee_id" : "13db83a6-bb3f-493a-b614-e86a404c2142",
    "id" : "160d8767-b7ea-4706-9738-4dc221658868",
    "parent_id" : "160d8767-b7ea-4706-9738-4dc221658868"
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}

Add scope

POST /scopes

Description

Add new scope.

Parameters

Type Name Description Schema
Body body
required
Scope to be added ScopeNew

Responses

HTTP Code Description Schema
201 Scope added successfully ScopeGet
409 Conflict ErrorResponse

Tags

  • scopes

Example HTTP request

Request path
/scopes
Request body
json :
{
  "name" : "READ"
}

Example HTTP response

Response 201
json :
{
  "id" : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4",
  "name" : "READ"
}
Response 409
json :
{
  "Scope already exists" : {
    "error_code" : 3002,
    "error_message" : "Scope with given name already exist."
  }
}

List scopes

GET /scopes

Description

List available scopes.

Responses

HTTP Code Description Schema
200 Scopes returned successfully < ScopeCollection > array

Produces

  • application/json

Tags

  • scopes

Example HTTP request

Request path
/scopes

Example HTTP response

Response 200
json :
[ {
  "content" : [ {
    "id" : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4",
    "name" : "READ"
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
} ]

Update scope

PUT /scopes/{scopeId}

Description

Update scope.

Parameters

Type Name Description Schema
Path scopeId
required
Identifier of the scope. string
Body body
required
Scope to be updated. ScopeUpdate

Responses

HTTP Code Description Schema
200 Scope added successfully. ScopeGet
409 Conflict ErrorResponse

Tags

  • scopes

Example HTTP request

Request path
/scopes/string
Request body
json :
{
  "name" : "READ"
}

Example HTTP response

Response 200
json :
{
  "id" : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4",
  "name" : "READ"
}
Response 409
json :
{
  "Scope already exists" : {
    "error_code" : 3002,
    "error_message" : "Scope with given name already exist."
  }
}

Delete scope

DELETE /scopes/{scopeId}

Description

Delete scope.

Parameters

Type Name Description Schema
Path scopeId
required
Identifier of the scope. string

Responses

HTTP Code Description Schema
200 Scope deleted successfully No Content
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • scopes

Example HTTP request

Request path
/scopes/string

Example HTTP response

Response 404
json :
{
  "Scope already exists" : {
    "error_code" : 3001,
    "error_message" : "Scope with given identifier not found."
  }
}

Definitions

AssignPersonName

Name Description Schema
first_name
required
Onegini IDP person's first name.
Example : "John"
string
last_name
required
Onegini IDP person's last name.
Example : "Smith"
string

CollectionResult

Collection result used for pagination.

Name Description Schema
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

Condition

Name Description Schema
id
optional
Identifier of the condition
Example : "37c11359-0124-49a0-b221-4eb0c2b4be24"
string
policy
optional
Example : "[policyget](#policyget)" PolicyGet
type
optional
Example : "TIME" enum (TIME, CUSTOM)
value
optional
Condition value.
Example : "1509494400:1512086400"
string

ConditionIdCollection

Collection of condition identifiers

Type : < string > array

CustomAttribute

Name Description Schema
name
required
Attribute name
Example : "CrmIdentifier"
string
value
required
Attribute value
Example : "1234567"
string

CustomAttributeCollection

Collection of group custom attributes

Type : < CustomAttribute > array

ErrorResponse

Name Description Schema
code
optional
Error code identifier
Example : 1000
integer
details
optional
Example : [ "string" ] < string > array
message
optional
Error code description
Example : "string"
string

Event

Name Description Schema
clientIp
optional
Example : "127.0.0.1" string
id
optional
Example : "08da67d0-3ceb-414d-8aa4-2afa13c84d38" string
occurred
optional
Example : 1510227577 integer (int64)
person_id
optional
Onegini IDP person identifier.
Example : "160d8767-b7ea-4706-9738-4dc221658868"
string
type
optional
Example : "PolicyAdded" string
user_agent
optional
Example : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:46.0) Gecko/20100101 Firefox/46.0" string

EventCollection

Polymorphism : Composition

Name Description Schema
content
optional
Example : [ "[event](#event)" ] < Event > array
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

GroupCollection

Polymorphism : Composition

Name Description Schema
content
optional
Example : [ "[groupget](#groupget)" ] < GroupGet > array
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

GroupEdit

Name Description Schema
custom_attributes
optional
Collection of group's custom attributes
Example : {<br> "CrmIdentifier" : "1234567"<br>}
< string, string > map
name
required
Name of the group
Example : "Innosure Back Office"
string

GroupGet

Polymorphism : Composition

Name Description Schema
child_groups_ids
optional
Child groups
Example : "[groupidcollection](#groupidcollection)"
GroupIdCollection
custom_attributes
optional
Collection of group's custom attributes
Example : {<br> "CrmIdentifier" : "1234567"<br>}
< string, string > map
id
required
Group identifier
Example : "160d8767-b7ea-4706-9738-4dc221658868"
string
name
required
Name of the group
Example : "Innosure Back Office"
string
parent_groups_ids
optional
Parent groups
Example : "[groupidcollection](#groupidcollection)"
GroupIdCollection
policy_ids
optional
Policies assigned to this group
Example : "[policyidcollection](#policyidcollection)"
PolicyIdCollection

GroupIdCollection

Collection of group identifiers

Type : < string > array

GroupName

Name of the group

Type : string

GroupNew

Polymorphism : Composition

Name Description Schema
custom_attributes
optional
Collection of group's custom attributes
Example : {<br> "CrmIdentifier" : "1234567"<br>}
< string, string > map
name
required
Name of the group
Example : "Innosure Back Office"
string
parent_group_id
optional
Identifier of the parent group
Example : "160d8767-b7ea-4706-9738-4dc221658868"
string

GroupPermission

Name Description Schema
child_group_ids
optional
Example : "[groupidcollection](#groupidcollection)" GroupIdCollection
custom_attributes
optional
Example : "[customattributecollection](#customattributecollection)" CustomAttributeCollection
id
optional
Identifier of the group
Example : "f530f30d-8322-47d1-93ff-19f4fea37c79"
string
parent_group_ids
optional
Example : "[groupidcollection](#groupidcollection)" GroupIdCollection
permissions
optional
Group permissions
Example : "[permissiontypecollection](#permissiontypecollection)"
PermissionTypeCollection

Permission

Type : enum (GROUP_MANAGE, GROUP_POLICY_MANAGE, PERMISSION_MANAGE, PERSON_POLICY_MANAGE, GROUP_MEMBER_MANAGE, POLICY_MANAGE, SCOPE_MANAGE)

PermissionCollection

Polymorphism : Composition

Name Description Schema
content
optional
Example : [ "[permissionget](#permissionget)" ] < PermissionGet > array
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

PermissionGet

Polymorphism : Composition

Name Description Schema
group_id
required
Group identifier
Example : "37a1af3d-08f9-4028-8728-f47d6084de77"
string
id
required
Permission identifier
Example : "533a42f9-a43f-438d-ad51-fae46fbe1bf7"
string
permission
required
Example : "[permission](#permission)" Permission
person
required
Example : "[person](#person)" Person

PermissionIdCollection

Collection of permission identifiers

Type : < string > array

PermissionNew

Name Description Schema
group_id
required
Group identifier
Example : "37a1af3d-08f9-4028-8728-f47d6084de77"
string
permission
required
Example : "[permission](#permission)" Permission
person
required
Example : "[person](#person)" Person

PermissionTypeCollection

Collection of permissions types

Type : < string > array

PermissionsBatchUpdate

Name Description Schema
create
optional
List of permissions to be added.
Example : [ "GROUP_MANAGE" ]
< Permission > array
delete
optional
List of permissions to be removed.
Example : [ "SCOPE_MANAGE" ]
< Permission > array

Person

Polymorphism : Composition

Name Description Schema
first_name
required
Onegini IDP person's first name.
Example : "John"
string
idp_type
optional
The type of the identity provider from which the person identifier originates. 'CIM' value is reserved for Onegini's IdP.
Example : "CIM"
string
last_name
required
Onegini IDP person's last name.
Example : "Smith"
string
person_id
required
The identifier of the person in whose context this operation is being performed.
Example : "13db83a6-bb3f-493a-b614-e86a404c2142"
string

PersonGet

Name Description Schema
permissions
required
Person permissions.
Example : "[permissionidcollection](#permissionidcollection)"
PermissionIdCollection
person_id
required
Onegini IDP person identifier.
Example : "160d8767-b7ea-4706-9738-4dc221658868"
string
policies
optional
Person policies.
Example : "[policyidcollection](#policyidcollection)"
PolicyIdCollection

PersonIdCollection

Collection of permission identifiers

Type : < string > array

PersonName

Polymorphism : Composition

Name Description Schema
first_name
required
Onegini IDP person's first name.
Example : "John"
string
idp_type
optional
The type of the identity provider from which the person identifier originates. 'CIM' value is reserved for Onegini's IdP.
Example : "CIM"
string
last_name
required
Onegini IDP person's last name.
Example : "Smith"
string
person_id
optional
Identifier of the Onegini's IdP person
Example : "577a42f9-a43f-438d-ad51-fae46fbe1bf7"
string

PersonNameCollection

Polymorphism : Composition

Name Description Schema
content
optional
Example : [ "[personname](#personname)" ] < PersonName > array
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

PersonReport

Name Description Schema
group_permissions
optional
Person's permissions in groups.
Example : [ "[grouppermission](#grouppermission)" ]
< GroupPermission > array
person
optional
Example : "[person](#person)" Person
policies
optional
Policies assigned to person.
Example : [ "[policyreportdto](#policyreportdto)" ]
< PolicyReportDto > array

PersonReportWithoutPersonProperty

Name Description Schema
group_permissions
optional
Person's permissions in groups.
Example : [ "[grouppermission](#grouppermission)" ]
< GroupPermission > array
policies
optional
Policies assigned to person.
Example : [ "[policyreportdto](#policyreportdto)" ]
< PolicyReportDto > array

PolicyAssign

Name Description Schema
parent_policy_id
required
Parent policy id.
Example : "13db83a6-bb3f-493a-b614-e86a404c2142"
string
principal
required
Example : "[person](#person)" Person

PolicyBatchUpdate

Name Description Schema
create
optional
Policies to add collection.
Example : [ "[policynew](#policynew)" ]
< PolicyNew > array
delete
optional
Policies to remove collection.
Example : "[policyidcollection](#policyidcollection)"
PolicyIdCollection

PolicyCollection

Polymorphism : Composition

Name Description Schema
content
optional
Example : [ "[policyget](#policyget)" ] < PolicyGet > array
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

PolicyGet

Polymorphism : Composition

Name Description Schema
assignee_id
optional
Identifier of the person to whom this policy is assigned to.
Example : "13db83a6-bb3f-493a-b614-e86a404c2142"
string
id
required
Identifier of the policy.
Example : "160d8767-b7ea-4706-9738-4dc221658868"
string
name
required
Policy name.
Example : "Organisation policy"
string
parent_id
optional
Identifier of parent policy.
Example : "160d8767-b7ea-4706-9738-4dc221658868"
string
principal
required
Example : "[person](#person)" Person
scopes
required
List of scope identifiers.
Example : [ "string" ]
< string > array
subject
required
Example : "[subject](#subject)" Subject

PolicyIdCollection

Collection of policy identifiers

Type : < string > array

PolicyNew

Name Description Schema
assignee_id
optional
Identifier of the person to whom this policy is assigned to.
Example : "13db83a6-bb3f-493a-b614-e86a404c2142"
string
name
required
Policy name.
Example : "Organisation policy"
string
principal
required
Example : "[person](#person)" Person
scopes
required
List of scope identifiers.
Example : [ "string" ]
< string > array
subject
required
Example : "[subject](#subject)" Subject

PolicyReportDto

Name Description Schema
id
optional
Identifier of the policy.
Example : "160d8767-b7ea-4706-9738-4dc221658868"
string
name
optional
Policy name.
Example : "Organisation policy"
string
scopes
optional
List of scope identifiers.
Example : "[scopeidcollection](#scopeidcollection)"
ScopeIdCollection
subject
optional
Example : "[subject](#subject)" Subject

ResourceIdCollection

Collection of resource identifiers

Type : < string > array

ScopeCollection

Polymorphism : Composition

Name Description Schema
content
optional
Example : [ "[scopeget](#scopeget)" ] < ScopeGet > array
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

ScopeGet

Polymorphism : Composition

Name Description Schema
id
optional
Identifier of the scope.
Example : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4"
string
name
optional
Name of the scope.
Example : "READ"
string

ScopeIdCollection

Collection of scopes identifiers

Type : < string > array

ScopeNew

Name Description Schema
name
optional
Name of the scope.
Example : "READ"
string

ScopeUpdate

Name Description Schema
name
optional
Name of the scope.
Example : "READ"
string

Subject

Name Description Schema
subject_id
required
Type of subject.
Example : "13db83a6-bb3f-493a-b614-e86a404c2142"
string
type
optional
The type of subject. It can be person or group.
Example : "PERSON"
enum (PERSON, GROUP)

Security

basicAuth

Type : basic