Dum engine

Overview

Dum engine API definition

Version information

Version : 1.0.0

Contact information

Contact Email : developers@onegini.com

URI scheme

BasePath : /api/v1
Schemes : HTTP, HTTPS

Tags

  • groups : Group operations
  • permissions : Manage permissions
  • persons : Person operations
  • policies : Policy operations
  • scopes : Manage scopes

External Docs

Description : Find out more about Onegini solutions
URL : https://onegini.com/

Paths

Create a group

POST /groups

Description

Create a group.

Parameters

Type Name Description Schema
Body body
required
Group to be added. GroupNew

Responses

HTTP Code Description Schema
201 Group created successfully. GroupGet
400 Bad request ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups
Request body
{
  "name" : "Innosure Back Office",
  "custom_attributes" : {
    "CrmIdentifier" : "1234567"
  },
  "parent_group_id" : "936ed327-5711-4c0f-bd80-23e33878ac5f"
}

Example HTTP response

Response 201
{
  "name" : "Innosure Back Office",
  "custom_attributes" : {
    "CrmIdentifier" : "1234567"
  },
  "id" : "aacbb656-d967-4671-86a9-c691730905e5",
  "policy_ids" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
  "child_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
  "parent_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ]
}
Response 400
{
  "Missing parent group id parameter in body" : {
    "error_code" : 1006,
    "error_message" : "One or more of the body parameters are invalid or missing.",
    "details" : [ "Field 'parent_group_id' cannot be null." ]
  },
  "Missing name parameter in body" : {
    "error_code" : 1006,
    "error_message" : "One or more of the body parameters are invalid or missing.",
    "details" : [ "Field 'name' cannot be null." ]
  }
}

List groups

GET /groups

Description

List groups.

Parameters

Type Name Description Schema Default
Query custom_attribute
optional
Custom attribute in the form of name:value. If present the custom attribute criteria is added.
Example: "c1:v1"
string
Query page
optional
Number of requested page in pagination. integer 0
Query size
optional
Amount of items to be returned in response. integer 10
Query sort
optional
Sorts result in ascending or descending order in a form column_name,direction.
Allowed direction:
ASC - ascending order
DESC - descending order

Example column names:
id - sort result by id
name - sort result by name

Example:
?sort=name,DESC - sort in descending order by name
?sort=name,ASC?&sort=id,DESC - sort in ascending order by name and in descending order by id
< string > array "name,ASC"

Responses

HTTP Code Description Schema
200 Groups returned successfully. GroupCollection
400 Bad request ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups

Example HTTP response

Response 200
{
  "content" : [ {
    "name" : "Innosure Back Office",
    "custom_attributes" : {
      "CrmIdentifier" : "1234567"
    },
    "id" : "aacbb656-d967-4671-86a9-c691730905e5",
    "policy_ids" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
    "child_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
    "parent_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ]
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}
Response 400
{
  "Invalid custom attribute parameter" : {
    "error_code" : 1004,
    "error_message" : "One or more of the request parameters are invalid or missing.",
    "details" : [ "Required string in the form of `name:value` parameter 'custom_attribute' is not present" ]
  }
}

Search for groups

GET /groups/search

Description

Search for groups which specified person and identity provider type have permissions to.

Parameters

Type Name Description Schema Default
Query idp_type
required
The type of the identity provider from which the person identifier originates. 'CIM' value is reserved for Onegini's IdP. string
Query name
optional
Name of a group to be found (may contain % sign at the beginning or/and at the end to search for groups with name that contains the value, eg. %amp% will find company of a name Example and Ampe) string "%"
Query page
optional
Number of requested page in pagination. integer 0
Query parent_group_id
optional
Identifier of the parent group. As default it's a root group's id string "{root_group_id}"
Query person_id
required
Identifier of the person for which groups with person permissions should be returned string
Query size
optional
Amount of items to be returned in response. integer 10
Query sort
optional
Sorts result in ascending or descending order in a form column_name,direction.
Allowed direction:
ASC - ascending order
DESC - descending order

Example column names:
gchild.id - _sort result by id
gchild.name - _sort result by name

Example:
?sort=g_child.name,DESC - sort in descending order by name
?sort=g_child.name,ASC&sort=g_child.id,DESC - sort in ascending order by name and in descending order by id
< string > array "g_child.name,ASC"

Responses

HTTP Code Description Schema
200 Groups returned successfully. GroupCollection
400 Bad request ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/search?idp_type=string&person_id=string

Example HTTP response

Response 200
{
  "content" : [ {
    "name" : "Innosure Back Office",
    "custom_attributes" : {
      "CrmIdentifier" : "1234567"
    },
    "id" : "aacbb656-d967-4671-86a9-c691730905e5",
    "policy_ids" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
    "child_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
    "parent_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ]
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}
Response 400
{
  "Missing person id" : {
    "error_code" : 1004,
    "error_message" : "One or more of the request parameters are invalid or missing.",
    "details" : [ "Person id parameter is required" ]
  },
  "Missing idp type" : {
    "error_code" : 1004,
    "error_message" : "One or more of the request parameters are invalid or missing.",
    "details" : [ "Idp type parameter is required" ]
  },
  "Wrong sort parameter" : {
    "error_code" : 1009,
    "error_message" : "Wrong sort parameter."
  }
}

Get a group by identifier

GET /groups/{group_id}

Description

Get a group by identifier.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string

Responses

HTTP Code Description Schema
200 Groups returned successfully. GroupGet
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string

Example HTTP response

Response 200
{
  "name" : "Innosure Back Office",
  "custom_attributes" : {
    "CrmIdentifier" : "1234567"
  },
  "id" : "aacbb656-d967-4671-86a9-c691730905e5",
  "policy_ids" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
  "child_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
  "parent_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ]
}
Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  }
}

Update a group

PUT /groups/{group_id}

Description

Update a group.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Body body
required
Group to be updated. GroupEdit

Responses

HTTP Code Description Schema
200 Group updated successfully. GroupGet
404 Not found ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string
Request body
{
  "name" : "Innosure Back Office",
  "custom_attributes" : {
    "CrmIdentifier" : "1234567"
  }
}

Example HTTP response

Response 200
{
  "name" : "Innosure Back Office",
  "custom_attributes" : {
    "CrmIdentifier" : "1234567"
  },
  "id" : "aacbb656-d967-4671-86a9-c691730905e5",
  "policy_ids" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
  "child_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
  "parent_groups_ids" : [ "f530f30d-8322-47d1-93ff-19f4fea37c79", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ]
}
Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  }
}

Delete group

DELETE /groups/{group_id}

Description

Delete group.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string

Responses

HTTP Code Description Schema
204 Group deleted successfully. No Content
404 Not found ErrorResponse

Tags

  • groups

Example HTTP request

Request path
/groups/string

Example HTTP response

Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  }
}

Set a custom attribute on a group

POST /groups/{group_id}/custom-attributes

Description

The name and value are free-form and can be used to store custom data on the group itself. A custom attribute contains a name and a value

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Body CustomAttribute
required
The request has a JSON body containing a custom attribute CustomAttribute

Responses

HTTP Code Description Schema
204 Custom attribute added successfully No Content
400 Bad request ErrorResponse
404 Not found ErrorResponse
409 Custom attribute already exists ErrorResponse

Consumes

  • application/json

Tags

  • groups

Security

Type Name
basic BasicAuth

Example HTTP request

Request path
/groups/string/custom-attributes
Request body
{
  "name" : "CrmIdentifier",
  "value" : "1234567"
}

Example HTTP response

Response 400
{
  "Missing value and name parameter in body" : {
    "error_code" : 1006,
    "error_message" : "One or more of the body parameters are invalid or missing.",
    "details" : [ "Field 'value' cannot be null.", "Field 'name' cannot be null." ]
  }
}
Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  }
}
Response 409
{
  "Custom attribute already exists" : {
    "error_code" : 6002,
    "error_message" : "Custom attribute with given name already exists."
  }
}

Update custom attribute on a group

PUT /groups/{group_id}/custom-attributes/{custom_attribute_name}

Description

To update an identifier, the custom_attribute_name is used to identify the custom attribute within the groups custom attributes

Parameters

Type Name Description Schema
Path custom_attribute_name
required
Name of updated custom attribute. string
Path group_id
required
Identifier of the group. string
Body UpdatedCustomAttributeValue
required
The request has a JSON body containing a custom attribute value UpdatedCustomAttributeValue

UpdatedCustomAttributeValue

Name Description Schema
value
required
Example : "1234567" string

Responses

HTTP Code Description Schema
204 Custom attribute updated successfully No Content
400 Bad request ErrorResponse
404 Not found ErrorResponse
409 Custom attribute does not exist ErrorResponse

Consumes

  • application/json

Tags

  • groups

Security

Type Name
basic BasicAuth

Example HTTP request

Request path
/groups/string/custom-attributes/string
Request body
{
  "value" : "1234567"
}

Example HTTP response

Response 400
{
  "Missing value parameter in body" : {
    "error_code" : 1006,
    "error_message" : "One or more of the body parameters are invalid or missing.",
    "details" : [ "Field 'name' cannot be null." ]
  }
}
Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  }
}
Response 409
{
  "Response" : {
    "error_code" : 6001,
    "error_message" : "Custom attribute with given name not found."
  }
}

Delete custom attribute on a group

DELETE /groups/{group_id}/custom-attributes/{custom_attribute_name}

Description

To delete an identifier, the custom_attribute_name is used to identify the custom attribute within the groups custom attributes

Parameters

Type Name Description Schema
Path custom_attribute_name
required
Name of deleted custom attribute. string
Path group_id
required
Identifier of the group. string

Responses

HTTP Code Description Schema
204 Custom attribute deleted successfully No Content
404 Not found ErrorResponse
409 Custom attribute does not exist ErrorResponse

Tags

  • groups

Security

Type Name
basic BasicAuth

Example HTTP request

Request path
/groups/string/custom-attributes/string

Example HTTP response

Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  }
}
Response 409
{
  "Response" : {
    "error_code" : 6001,
    "error_message" : "Custom attribute with given name not found."
  }
}

Add a Onegini IdP person to a group

POST /groups/{group_id}/persons

Description

Add a Onegini IdP person to a group.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Body body
required
Person information to be added, eg. first and last name PersonIdAndName

Responses

HTTP Code Description Schema
201 Person successfully added to group. No Content
400 Bad request ErrorResponse
404 Not found ErrorResponse
409 Conflict ErrorResponse

Consumes

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/persons
Request body
{
  "person_id" : "577a42f9-a43f-438d-ad51-fae46fbe1bf7",
  "first_name" : "John",
  "last_name" : "Smith"
}

Example HTTP response

Response 400
{
  "Missing person id parameter in body" : {
    "error_code" : 1006,
    "error_message" : "One or more of the body parameters are invalid or missing.",
    "details" : [ "Invalid personId!" ]
  },
  "Missing first and last name parameter in body" : {
    "error_code" : 1006,
    "error_message" : "One or more of the body parameters are invalid or missing.",
    "details" : [ "Field 'first_name' cannot be empty.", "Field 'last_name' cannot be empty." ]
  }
}
Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  }
}
Response 409
{
  "Group member already exists" : {
    "error_code" : 5003,
    "error_message" : "Person with given id is already group member."
  }
}

List group members.

GET /groups/{group_id}/persons

Description

List persons who are members of the given group.

Parameters

Type Name Description Schema Default
Path group_id
required
Identifier of the group. string
Query page
optional
Number of requested page in pagination. integer 0
Query size
optional
Amount of items to be returned in response. integer
Query sort
optional
Sorts result in ascending or descending order in a form column_name,direction.
Allowed direction:
ASC - ascending order
DESC - descending order

Allowed column names:
firstName - sort result by first name
lastName - sort result by last name

Example:
* ?sort=firstName,ASC&sort=lastName,DESC - sort result in ascending order by first and in descending order by last name
< string > array

Responses

HTTP Code Description Schema
200 Group members returned successfully. PersonNameCollection
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/persons

Example HTTP response

Response 200
{
  "content" : [ {
    "person_id" : "577a42f9-a43f-438d-ad51-fae46fbe1bf7",
    "idp_type" : "CIM",
    "first_name" : "John",
    "last_name" : "Smith"
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}
Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  }
}

Search group members.

GET /groups/{group_id}/persons/search

Description

Search persons who are members of the given group.

Parameters

Type Name Description Schema Default
Path group_id
required
Identifier of the group. string
Query name
optional
Name of a user to be found (may contain % sign at the beginning or/and at the end to search for users with name that contains the value, eg. %amp% will find users of a name Example and Ampe) string "%"
Query page
optional
Number of requested page in pagination. integer 0
Query size
optional
Amount of items to be returned in response. integer 10
Query sort
optional
Sorts result in ascending or descending order in a form column_name,direction.
Allowed direction:
ASC - ascending order
DESC - descending order

Allowed column names:
firstName - sort result by first name
lastName - sort result by last name

Example:
* ?sort=firstName,ASC&sort=lastName,DESC - sort result in ascending order by first and in descending order by last name
< string > array

Responses

HTTP Code Description Schema
200 Group members returned successfully. PersonNameCollection
400 Bad request ErrorResponse
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/persons/search

Example HTTP response

Response 200
{
  "content" : [ {
    "person_id" : "577a42f9-a43f-438d-ad51-fae46fbe1bf7",
    "idp_type" : "CIM",
    "first_name" : "John",
    "last_name" : "Smith"
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}
Response 400
{
  "One of the parameters has invalid value" : {
    "error_code" : 1008,
    "error_message" : "Unexpected error.",
    "details" : [ "No property `{prop_value}` found for type Person!" ]
  }
}
Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  }
}

Update permissions in batch request

POST /groups/{group_id}/persons/{idp_type}/{person_id}/permissions/batch

Description

Update permissions in batch request

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Path idp_type
required
Identity provider type string
Path person_id
required
Identifier of the person. string
Body body
required
List of permissions to be created or removed. PermissionsBatchUpdate

Responses

HTTP Code Description Schema
200 Permissions updated with success PermissionCollection
400 Bad request ErrorResponse
404 Not found ErrorResponse
409 Conflict ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/persons/string/string/permissions/batch
Request body
{
  "create" : [ "GROUP_MANAGE" ],
  "delete" : [ "SCOPE_MANAGE" ]
}

Example HTTP response

Response 200
{
  "content" : [ {
    "id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
    "permission" : "GROUP_MANAGE",
    "group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
    "person" : {
      "idp_type" : "CIM",
      "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
      "first_name" : "John",
      "last_name" : "Smith"
    }
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}
Response 400
{
  "Permission from body not found" : {
    "error_code" : 1001,
    "error_message" : "One or more of the required fields are invalid or missing."
  }
}
Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  },
  "Person does not exist" : {
    "error_code" : 4006,
    "error_message" : "Person with given identifier not found",
    "details" : [ "Person of type `{idp_type}` with id `{person_id}` not found." ]
  }
}
Response 409
{
  "Cannot delete or create permission" : {
    "error_code" : 2002,
    "error_message" : "Permission already exists."
  }
}

Remove a group member.

DELETE /groups/{group_id}/persons/{person_id}

Description

Remove a group member.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Path person_id
required
Identifier of the person. string

Responses

HTTP Code Description Schema
204 Group member successfully removed. No Content
404 Not found ErrorResponse

Tags

  • groups

Example HTTP request

Request path
/groups/string/persons/string

Example HTTP response

Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  },
  "Path param `person_id` missing" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
    "details" : [ "Invalid personId!" ]
  },
  "Person is not group member" : {
    "error_code" : 5004,
    "error_message" : "Person with given id is not group member."
  }
}

Get person report for a specific group

GET /groups/{group_id}/persons/{person_id}/report

Description

Loads personal data (identifier, first name, last name, etc.), policies that belongs to the person, permissions for specific group.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Path person_id
required
Identifier of the person. string

Responses

HTTP Code Description Schema
200 Report returned successfully PersonReport
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/persons/string/report

Example HTTP response

Response 200
{
  "person" : {
    "idp_type" : "CIM",
    "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "group_permissions" : [ {
    "id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
    "permissions" : [ "GROUP_MANAGE", "GROUP_POLICY_MANAGE", "PERMISSION_MANAGE" ],
    "custom_attributes" : { }
  } ],
  "policies" : [ {
    "id" : "160d8767-b7ea-4706-9738-4dc221658868",
    "name" : "Organisation policy",
    "scopes" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
    "subject" : {
      "type" : "PERSON",
      "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
    }
  } ]
}
Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  },
  "Path param `person_id` missing" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
    "details" : [ "Invalid personId!" ]
  }
}

Assign a new policy to a group.

POST /groups/{group_id}/policies

Description

Creates a new policy which is based on the given parent policy and assigns it to a group. The newly created policy will have a reference to the parent.

Parameters

Type Name Description Schema
Path group_id
required
Identifier of the group. string
Body body
required
Parent policy from which the newly created one should inherit from and the principal. PolicyAssign

Responses

HTTP Code Description Schema
201 Policy assigned to a group successfully. PolicyGroupGet
400 Bad request ErrorResponse
404 Not found ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/policies
Request body
{
  "principal" : {
    "idp_type" : "CIM",
    "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "parent_policy_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}

Example HTTP response

Response 201
{
  "id" : "298a8648-a8bc-4034-a292-98ae46d75074",
  "parent_id" : "b2efac6f-71ce-4525-ae59-d2d90f99dfc9",
  "name" : "Organisation policy",
  "principal" : {
    "idp_type" : "CIM",
    "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "scopes" : [ "string" ],
  "subject" : {
    "type" : "GROUP",
    "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
  }
}
Response 400
{
  "Missing parent policy id parameter in body" : {
    "error_code" : 1006,
    "error_message" : "One or more of the body parameters are invalid or missing.",
    "details" : [ "Field 'parent_policy_id' cannot be null." ]
  },
  "Missing principal.person_id parameter in body" : {
    "error_code" : 1006,
    "error_message" : "One or more of the body parameters are invalid or missing.",
    "details" : [ "Field 'principal.person_id' cannot be null.", "Field 'principal.idp_type' cannot be null." ]
  }
}
Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  }
}

List group policies

GET /groups/{group_id}/policies

Description

Lists all policies which concerns given groupId as a subject.

Parameters

Type Name Description Schema Default
Path group_id
required
Identifier of the group. string
Query page
optional
Number of requested page in pagination. integer 0
Query size
optional
Amount of items to be returned in response. integer

Responses

HTTP Code Description Schema
200 Policies returned successfully. PolicyCollection
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • groups

Example HTTP request

Request path
/groups/string/policies

Example HTTP response

Response 200
{
  "content" : [ {
    "name" : "Organisation policy",
    "principal" : {
      "idp_type" : "CIM",
      "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
      "first_name" : "John",
      "last_name" : "Smith"
    },
    "scopes" : [ "string" ],
    "subject" : {
      "type" : "PERSON",
      "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
    },
    "assignee_id" : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63",
    "id" : "298a8648-a8bc-4034-a292-98ae46d75074",
    "parent_id" : "b2efac6f-71ce-4525-ae59-d2d90f99dfc9"
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}
Response 404
{
  "Group with `group_id` does not exist" : {
    "error_code" : 5001,
    "error_message" : "Group with given identifier not found.",
    "details" : [ "Group with id '{group_id}' not found." ]
  }
}

Assign a permission to a person

POST /permissions

Description

Assign a permission to a person

Parameters

Type Name Description Schema
Body body
required
Permission to be assigned PermissionNew

Responses

HTTP Code Description Schema
200 Permission assigned successfully PermissionGet
400 Bad request ErrorResponse
409 Permission already exists ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • permissions

Example HTTP request

Request path
/permissions
Request body
{
  "permission" : "GROUP_MANAGE",
  "group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
  "person" : {
    "idp_type" : "CIM",
    "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
    "first_name" : "John",
    "last_name" : "Smith"
  }
}

Example HTTP response

Response 200
{
  "id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
  "permission" : "GROUP_MANAGE",
  "group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
  "person" : {
    "idp_type" : "CIM",
    "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
    "first_name" : "John",
    "last_name" : "Smith"
  }
}
Response 400
{
  "Permission field invalid" : {
    "error_code" : 1001,
    "error_message" : "One or more of the required fields are invalid or missing."
  },
  "Required field missing" : {
    "error_code" : 1006,
    "error_message" : "One or more of the body parameters are invalid or missing.",
    "details" : [ "Field 'group_id' cannot be empty.", "Field 'person' cannot be empty." ]
  }
}
Response 409
{
  "Permission already exists" : {
    "error_code" : 2002,
    "error_message" : "Permission already exists."
  }
}

Delete permission

DELETE /permissions/{permission_id}

Description

Delete permission.

Parameters

Type Name Description Schema
Path permission_id
required
Identifier of the permission. string

Responses

HTTP Code Description Schema
204 Permission deleted successfully No Content
400 Bad request ErrorResponse

Tags

  • permissions

Example HTTP request

Request path
/permissions/string

Example HTTP response

Response 400
{
  "Required field missing" : {
    "error_code" : 1004,
    "error_message" : "One or more of the request parameters are invalid or missing.",
    "details" : [ "Permission with id `permission_id` not found." ]
  }
}

List permissions for given person and idp type

GET /persons/{idp_type}/{person_id}/permissions

Description

List permissions for person.

Parameters

Type Name Description Schema Default
Path idp_type
required
Identity provider type string
Path person_id
required
Identifier of the person. string
Query page
optional
Number of requested page in pagination. integer 0
Query size
optional
Amount of items to be returned in response. integer

Responses

HTTP Code Description Schema
200 Permissions returned successfully PermissionCollection

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/string/string/permissions

Example HTTP response

Response 200
{
  "content" : [ {
    "id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
    "permission" : "GROUP_MANAGE",
    "group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
    "person" : {
      "idp_type" : "CIM",
      "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
      "first_name" : "John",
      "last_name" : "Smith"
    }
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}

List all permissions for given person and idp type

GET /persons/{idp_type}/{person_id}/permissions_recursive

Description

List all person's permissions.

Parameters

Type Name Description Schema
Path idp_type
required
Identity provider type string
Path person_id
required
Identifier of the person. string

Responses

HTTP Code Description Schema
200 Permissions returned successfully GroupPermissionCollection
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/string/string/permissions_recursive

Example HTTP response

Response 200
{
  "content" : [ {
    "id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
    "permissions" : [ "GROUP_MANAGE", "GROUP_POLICY_MANAGE", "PERMISSION_MANAGE" ],
    "custom_attributes" : { }
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}
Response 404
{
  "Person does not exist" : {
    "error_code" : 4006,
    "error_message" : "Person with given identifier not found",
    "details" : [ "Person of type `{idp_type}` with id `{person_id}` not found." ]
  }
}

Update person details

PUT /persons/{person_id}

Description

Update person's first name and last name.

Parameters

Type Name Description Schema
Path person_id
required
Identifier of the person. string
Body body
required
Person first name and last name to update PersonDetails

Responses

HTTP Code Description Schema
200 Person updated successfully Person
400 Bad request ErrorResponse
404 Not found ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/string
Request body
{
  "first_name" : "John",
  "last_name" : "Smith"
}

Example HTTP response

Response 200
{
  "idp_type" : "CIM",
  "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
  "first_name" : "John",
  "last_name" : "Smith"
}
Response 400
{
  "Update details from body not found" : {
    "error_code" : 1001,
    "error_message" : "One or more of the required fields are invalid or missing."
  },
  "Required field missing" : {
    "error_code" : 1006,
    "error_message" : "One or more of the required fields are invalid or missing.",
    "details" : [ "Field 'last_name' cannot be empty.", "Field 'first_name' cannot be empty." ]
  }
}
Response 404
{
  "Person with `person_id` does not exist" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
    "details" : [ "Invalid personId!" ]
  }
}

List permissions for Onegini IDP person

GET /persons/{person_id}/permissions

Description

List permissions for person.

Parameters

Type Name Description Schema Default
Path person_id
required
Identifier of the person. string
Query page
optional
Number of requested page in pagination. integer 0
Query size
optional
Amount of items to be returned in response. integer 10

Responses

HTTP Code Description Schema
200 Permissions returned successfully PermissionCollection
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/string/permissions

Example HTTP response

Response 200
{
  "content" : [ {
    "id" : "533a42f9-a43f-438d-ad51-fae46fbe1bf7",
    "permission" : "GROUP_MANAGE",
    "group_id" : "37a1af3d-08f9-4028-8728-f47d6084de77",
    "person" : {
      "idp_type" : "CIM",
      "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
      "first_name" : "John",
      "last_name" : "Smith"
    }
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
}
Response 404
{
  "Person with `person_id` does not exist" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
    "details" : [ "Invalid personId!" ]
  }
}

Add new child policy

POST /persons/{person_id}/policies

Description

Creates a new child policy and relates it with specified parent policyId.

Parameters

Type Name Description Schema
Path person_id
required
Identifier of the person. string
Body body
required
Policy to be added PolicyAssign

Responses

HTTP Code Description Schema
201 Policy added to person successfully PolicyGet
400 Bad request ErrorResponse
404 Not found ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/string/policies
Request body
{
  "principal" : {
    "idp_type" : "CIM",
    "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "parent_policy_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
}

Example HTTP response

Response 201
{
  "name" : "Organisation policy",
  "principal" : {
    "idp_type" : "CIM",
    "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "scopes" : [ "string" ],
  "subject" : {
    "type" : "PERSON",
    "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
  },
  "assignee_id" : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63",
  "id" : "298a8648-a8bc-4034-a292-98ae46d75074",
  "parent_id" : "b2efac6f-71ce-4525-ae59-d2d90f99dfc9"
}
Response 400
{
  "Update details from body not found" : {
    "error_code" : 1001,
    "error_message" : "One or more of the required fields are invalid or missing."
  },
  "Required field missing" : {
    "error_code" : 1006,
    "error_message" : "One or more of the required fields are invalid or missing.",
    "details" : [ "Field 'parent_policy_id' cannot be empty.", "Field 'principal' cannot be empty." ]
  }
}
Response 404
{
  "Person with `person_id` does not exist" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
    "details" : [ "Invalid personId!" ]
  }
}

Get person report

GET /persons/{person_id}/report

Description

Loads personal data (identifier, first name, last name, etc.), policies that belongs to the person, groups in which user has permissions

Parameters

Type Name Description Schema
Path person_id
required
Identifier of the person. string

Responses

HTTP Code Description Schema
200 Report returned successfully PersonReport
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/string/report

Example HTTP response

Response 200
{
  "person" : {
    "idp_type" : "CIM",
    "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "group_permissions" : [ {
    "id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
    "permissions" : [ "GROUP_MANAGE", "GROUP_POLICY_MANAGE", "PERMISSION_MANAGE" ],
    "custom_attributes" : { }
  } ],
  "policies" : [ {
    "id" : "160d8767-b7ea-4706-9738-4dc221658868",
    "name" : "Organisation policy",
    "scopes" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
    "subject" : {
      "type" : "PERSON",
      "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
    }
  } ]
}
Response 404
{
  "Person with `person_id` does not exist" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
    "details" : [ "Invalid personId!" ]
  }
}

GET /persons/{person_id}/report-omit-identity

Description

Loads policies and groups that belongs to the specified person

Parameters

Type Name Description Schema
Path person_id
required
Identifier of the person. string

Responses

HTTP Code Description Schema
200 Report returned successfully PersonReportWithoutPersonProperty
404 Not found ErrorResponse

Produces

  • application/json

Tags

  • persons

Example HTTP request

Request path
/persons/string/report-omit-identity

Example HTTP response

Response 200
{
  "group_permissions" : [ {
    "id" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
    "permissions" : [ "GROUP_MANAGE", "GROUP_POLICY_MANAGE", "PERMISSION_MANAGE" ],
    "custom_attributes" : { }
  } ],
  "policies" : [ {
    "id" : "160d8767-b7ea-4706-9738-4dc221658868",
    "name" : "Organisation policy",
    "scopes" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ],
    "subject" : {
      "type" : "PERSON",
      "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
    }
  } ]
}
Response 404
{
  "Person with `person_id` does not exist" : {
    "error_code" : 1005,
    "error_message" : "Person identifier is invalid, check if person with specified id exists in CIM.",
    "details" : [ "Invalid personId!" ]
  }
}

Add new policy

POST /policies

Description

Add new policy.

Parameters

Type Name Description Schema
Body body
required
Policy to be added PolicyNew

Responses

HTTP Code Description Schema
201 Policy added successfully PolicyGet
400 Bad request ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • policies

Example HTTP request

Request path
/policies
Request body
{
  "name" : "Organisation policy",
  "principal" : {
    "idp_type" : "CIM",
    "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "scopes" : [ "string" ],
  "subject" : {
    "type" : "PERSON",
    "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
  },
  "assignee_id" : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63"
}

Example HTTP response

Response 201
{
  "name" : "Organisation policy",
  "principal" : {
    "idp_type" : "CIM",
    "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
    "first_name" : "John",
    "last_name" : "Smith"
  },
  "scopes" : [ "string" ],
  "subject" : {
    "type" : "PERSON",
    "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
  },
  "assignee_id" : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63",
  "id" : "298a8648-a8bc-4034-a292-98ae46d75074",
  "parent_id" : "b2efac6f-71ce-4525-ae59-d2d90f99dfc9"
}
Response 400
{
  "Required field missing" : {
    "error_code" : 1006,
    "error_message" : "One or more of the body parameters are invalid or missing.",
    "details" : [ "Field 'scopes' cannot be empty.", "Field 'principal' cannot be empty.", "Field 'subject' cannot be empty." ]
  }
}

Batch policies update

POST /policies/batch

Description

Creates or deletes a set of given policies.

Parameters

Type Name Description Schema
Body body
required
Set of policies to be removed or added. PolicyBatchUpdate

Responses

HTTP Code Description Schema
200 Policy added to group successfully No Content
400 Bad request ErrorResponse

Consumes

  • application/json

Tags

  • policies

Example HTTP request

Request path
/policies/batch
Request body
{
  "create" : [ {
    "name" : "Organisation policy",
    "principal" : {
      "idp_type" : "CIM",
      "person_id" : "8e272e60-2f67-4737-9212-f4f13e6b01eb",
      "first_name" : "John",
      "last_name" : "Smith"
    },
    "scopes" : [ "string" ],
    "subject" : {
      "type" : "PERSON",
      "subject_id" : "13db83a6-bb3f-493a-b614-e86a404c2142"
    },
    "assignee_id" : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63"
  } ],
  "delete" : [ "145fabf0-8b05-4a4d-be15-95c7b568da63", "fe987430-8f0f-4fe6-948c-3d77cf05279a", "7b10aea0-6ca5-40f6-8fd5-acd060dfad95" ]
}

Example HTTP response

Response 400
{
  "Required field missing" : {
    "error_code" : 1006,
    "error_message" : "One or more of the body parameters are invalid or missing.",
    "details" : [ "Field 'scopes' cannot be empty.", "Field 'principal' cannot be empty.", "Field 'subject' cannot be empty." ]
  }
}

Delete policy

DELETE /policies/{policy_id}

Description

Delete policy and it's children.

Parameters

Type Name Description Schema
Path policy_id
required
Identifier of the policy. string

Responses

HTTP Code Description Schema
204 Policy deleted successfully. No Content
404 Not found ErrorResponse

Tags

  • policies

Example HTTP request

Request path
/policies/string

Example HTTP response

Response 404
{
  "Person with `policy_id` does not exist" : {
    "error_code" : 4003,
    "error_message" : "Policy with given identifier not found",
    "details" : [ "Policy with id `{policy_id}` not found" ]
  }
}

Add scope

POST /scopes

Description

Add new scope.

Parameters

Type Name Description Schema
Body body
required
Scope to be added ScopeNew

Responses

HTTP Code Description Schema
201 Scope added successfully ScopeGet
409 Conflict ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • scopes

Example HTTP request

Request path
/scopes
Request body
{
  "name" : "READ"
}

Example HTTP response

Response 201
{
  "id" : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4",
  "name" : "READ"
}
Response 409
{
  "Scope already exists" : {
    "error_code" : 3002,
    "error_message" : "Scope with given name already exist."
  }
}

List scopes

GET /scopes

Description

List available scopes.

Responses

HTTP Code Description Schema
200 Scopes returned successfully < ScopeCollection > array

Produces

  • application/json

Tags

  • scopes

Example HTTP request

Request path
/scopes

Example HTTP response

Response 200
[ {
  "content" : [ {
    "id" : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4",
    "name" : "READ"
  } ],
  "total_elements" : 0,
  "total_pages" : 0,
  "last" : true,
  "first" : true,
  "size" : 0,
  "number" : 0,
  "number_of_elements" : 0
} ]

Update scope

PUT /scopes/{scope_id}

Description

Update scope.

Parameters

Type Name Description Schema
Path scope_id
required
Identifier of the scope. string
Body body
required
Scope to be updated. ScopeUpdate

Responses

HTTP Code Description Schema
200 Scope updated successfully. ScopeGet
409 Conflict ErrorResponse

Consumes

  • application/json

Produces

  • application/json

Tags

  • scopes

Example HTTP request

Request path
/scopes/string
Request body
{
  "name" : "READ"
}

Example HTTP response

Response 200
{
  "id" : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4",
  "name" : "READ"
}
Response 409
{
  "Scope already exists" : {
    "error_code" : 3002,
    "error_message" : "Scope with given name already exist."
  }
}

Delete scope

DELETE /scopes/{scope_id}

Description

Delete scope.

Parameters

Type Name Description Schema
Path scope_id
required
Identifier of the scope. string

Responses

HTTP Code Description Schema
200 Scope deleted successfully No Content
404 Not found ErrorResponse

Tags

  • scopes

Example HTTP request

Request path
/scopes/string

Example HTTP response

Response 404
{
  "Scope already exists" : {
    "error_code" : 3001,
    "error_message" : "Scope with given identifier not found."
  }
}

Definitions

AssignPersonName

Name Description Schema
first_name
required
Onegini IDP person's first name.
Example : "John"
string
last_name
required
Onegini IDP person's last name.
Example : "Smith"
string

CollectionResult

Collection result used for pagination.

Name Description Schema
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

CustomAttribute

Name Description Schema
name
required
Attribute name
Example : "CrmIdentifier"
string
value
required
Attribute value
Example : "1234567"
string

CustomAttributeCollection

Collection of group custom attributes

Type : < CustomAttribute > array

ErrorResponse

Name Description Schema
code
optional
Error code identifier
Example : 1000
integer
details
optional
Example : [ "string" ] < string > array
message
optional
Error code description
Example : "One or more of the request parameters are invalid or missing."
string

GroupCollection

Polymorphism : Composition

Name Description Schema
content
optional
Example : [ "[groupget](#groupget)" ] < GroupGet > array
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

GroupCustomAttributes

Name Description Schema
custom_attributes
optional
Collection of group's custom attributes
Example : {<br> "CrmIdentifier" : "1234567"<br>}
< string, string > map

GroupEdit

Polymorphism : Composition

Name Description Schema
custom_attributes
optional
Collection of group's custom attributes
Example : {<br> "CrmIdentifier" : "1234567"<br>}
< string, string > map
name
required
Name of the group
Example : "Innosure Back Office"
string

GroupGet

Polymorphism : Composition

Name Description Schema
child_groups_ids
optional
Child groups
Example : "[groupidcollection](#groupidcollection)"
GroupIdCollection
custom_attributes
optional
Collection of group's custom attributes
Example : {<br> "CrmIdentifier" : "1234567"<br>}
< string, string > map
id
required
Group identifier
Example : "aacbb656-d967-4671-86a9-c691730905e5"
string
name
required
Name of the group
Example : "Innosure Back Office"
string
parent_groups_ids
optional
Parent groups
Example : "[groupidcollection](#groupidcollection)"
GroupIdCollection
policy_ids
optional
Policies assigned to this group
Example : "[policyidcollection](#policyidcollection)"
PolicyIdCollection

GroupIdCollection

Collection of group identifiers

Type : < string > array

GroupName

Name Description Schema
name
required
Name of the group
Example : "Innosure Back Office"
string

GroupNew

Polymorphism : Composition

Name Description Schema
custom_attributes
optional
Collection of group's custom attributes
Example : {<br> "CrmIdentifier" : "1234567"<br>}
< string, string > map
name
required
Name of the group
Example : "Innosure Back Office"
string
parent_group_id
required
Identifier of the parent group
Example : "936ed327-5711-4c0f-bd80-23e33878ac5f"
string

GroupPermission

Name Description Schema
custom_attributes
optional
Example : "[customattributecollection](#customattributecollection)" CustomAttributeCollection
id
optional
Identifier of the group
Example : "f530f30d-8322-47d1-93ff-19f4fea37c79"
string
permissions
optional
Group permissions
Example : "[permissiontypecollection](#permissiontypecollection)"
PermissionTypeCollection

GroupPermissionCollection

Polymorphism : Composition

Name Description Schema
content
optional
Example : [ "[grouppermission](#grouppermission)" ] < GroupPermission > array
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

Permission

Type : enum (GROUP_MANAGE, GROUP_POLICY_MANAGE, PERMISSION_MANAGE, PERSON_POLICY_MANAGE, GROUP_MEMBER_MANAGE, POLICY_MANAGE, SCOPE_MANAGE)

PermissionCollection

Polymorphism : Composition

Name Description Schema
content
optional
Example : [ "[permissionget](#permissionget)" ] < PermissionGet > array
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

PermissionGet

Polymorphism : Composition

Name Description Schema
group_id
required
Group identifier
Example : "37a1af3d-08f9-4028-8728-f47d6084de77"
string
id
required
Permission identifier
Example : "533a42f9-a43f-438d-ad51-fae46fbe1bf7"
string
permission
required
Example : "[permission](#permission)" Permission
person
required
Example : "[person](#person)" Person

PermissionIdCollection

Collection of permission identifiers

Type : < string > array

PermissionNew

Name Description Schema
group_id
required
Group identifier
Example : "37a1af3d-08f9-4028-8728-f47d6084de77"
string
permission
required
Example : "[permission](#permission)" Permission
person
required
Example : "[person](#person)" Person

PermissionTypeCollection

Collection of permissions types

Type : < string > array

PermissionsBatchUpdate

Name Description Schema
create
optional
List of permissions to be added.
Example : [ "GROUP_MANAGE" ]
< Permission > array
delete
optional
List of permissions to be removed.
Example : [ "SCOPE_MANAGE" ]
< Permission > array

Person

Polymorphism : Composition

Name Description Schema
first_name
required
Onegini IDP person's first name.
Example : "John"
string
idp_type
optional
The type of the identity provider from which the person identifier originates. 'CIM' value is reserved for Onegini's IdP.
Example : "CIM"
string
last_name
required
Onegini IDP person's last name.
Example : "Smith"
string
person_id
required
The identifier of the person in whose context this operation is being performed.
Example : "8e272e60-2f67-4737-9212-f4f13e6b01eb"
string

PersonDetails

Name Description Schema
first_name
optional
Onegini IDP person's first name.
Example : "John"
string
last_name
optional
Onegini IDP person's last name.
Example : "Smith"
string

PersonGet

Name Description Schema
permissions
required
Person permissions.
Example : "[permissionidcollection](#permissionidcollection)"
PermissionIdCollection
person_id
required
Onegini IDP person identifier.
Example : "160d8767-b7ea-4706-9738-4dc221658868"
string
policies
optional
Person policies.
Example : "[policyidcollection](#policyidcollection)"
PolicyIdCollection

PersonIdAndName

Polymorphism : Composition

Name Description Schema
first_name
required
Onegini IDP person's first name.
Example : "John"
string
last_name
required
Onegini IDP person's last name.
Example : "Smith"
string
person_id
optional
Identifier of the Onegini's IdP person
Example : "577a42f9-a43f-438d-ad51-fae46fbe1bf7"
string

PersonName

Polymorphism : Composition

Name Description Schema
first_name
required
Onegini IDP person's first name.
Example : "John"
string
idp_type
optional
The type of the identity provider from which the person identifier originates. 'CIM' value is reserved for Onegini's IdP.
Example : "CIM"
string
last_name
required
Onegini IDP person's last name.
Example : "Smith"
string
person_id
optional
Identifier of the Onegini's IdP person
Example : "577a42f9-a43f-438d-ad51-fae46fbe1bf7"
string

PersonNameCollection

Polymorphism : Composition

Name Description Schema
content
optional
Example : [ "[personname](#personname)" ] < PersonName > array
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

PersonReport

Name Description Schema
group_permissions
optional
Person's permissions in groups.
Example : [ "[grouppermission](#grouppermission)" ]
< GroupPermission > array
person
optional
Example : "[person](#person)" Person
policies
optional
Policies assigned to person.
Example : [ "[policyreportdto](#policyreportdto)" ]
< PolicyReportDto > array

PersonReportWithoutPersonProperty

Name Description Schema
group_permissions
optional
Person's permissions in groups.
Example : [ "[grouppermission](#grouppermission)" ]
< GroupPermission > array
policies
optional
Policies assigned to person.
Example : [ "[policyreportdto](#policyreportdto)" ]
< PolicyReportDto > array

PolicyAssign

Name Description Schema
parent_policy_id
required
Parent policy id.
Example : "13db83a6-bb3f-493a-b614-e86a404c2142"
string
principal
required
Example : "[person](#person)" Person

PolicyBatchUpdate

Name Description Schema
create
optional
Policies to add collection.
Example : [ "[policynew](#policynew)" ]
< PolicyNew > array
delete
optional
Policies to remove collection.
Example : "[policyidcollection](#policyidcollection)"
PolicyIdCollection

PolicyCollection

Polymorphism : Composition

Name Description Schema
content
optional
Example : [ "[policyget](#policyget)" ] < PolicyGet > array
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

PolicyGet

Polymorphism : Composition

Name Description Schema
assignee_id
optional
Identifier of the person to whom this policy is assigned to.
Example : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63"
string
id
required
Identifier of the policy.
Example : "298a8648-a8bc-4034-a292-98ae46d75074"
string
name
optional
Policy name.
Example : "Organisation policy"
string
parent_id
optional
Identifier of parent policy.
Example : "b2efac6f-71ce-4525-ae59-d2d90f99dfc9"
string
principal
required
Example : "[person](#person)" Person
scopes
required
List of scope identifiers.
Example : [ "string" ]
< string > array
subject
required
Example : "[subject](#subject)" Subject

PolicyGroupGet

Name Description Schema
id
required
Identifier of the policy.
Example : "298a8648-a8bc-4034-a292-98ae46d75074"
string
name
required
Policy name.
Example : "Organisation policy"
string
parent_id
optional
Identifier of parent policy.
Example : "b2efac6f-71ce-4525-ae59-d2d90f99dfc9"
string
principal
required
Example : "[person](#person)" Person
scopes
required
List of scope identifiers.
Example : [ "string" ]
< string > array
subject
required
Example : "[subjectgroup](#subjectgroup)" SubjectGroup

PolicyIdCollection

Collection of policy identifiers

Type : < string > array

PolicyNew

Name Description Schema
assignee_id
optional
Identifier of the person to whom this policy is assigned to.
Example : "bbf14ea5-3951-4451-9038-1f1b7dbbfd63"
string
name
optional
Policy name.
Example : "Organisation policy"
string
principal
required
Example : "[person](#person)" Person
scopes
required
List of scope identifiers.
Example : [ "string" ]
< string > array
subject
required
Example : "[subject](#subject)" Subject

PolicyReportDto

Name Description Schema
id
optional
Identifier of the policy.
Example : "160d8767-b7ea-4706-9738-4dc221658868"
string
name
optional
Policy name.
Example : "Organisation policy"
string
scopes
optional
List of scope identifiers.
Example : "[scopeidcollection](#scopeidcollection)"
ScopeIdCollection
subject
optional
Example : "[subject](#subject)" Subject

ScopeCollection

Polymorphism : Composition

Name Description Schema
content
optional
Example : [ "[scopeget](#scopeget)" ] < ScopeGet > array
first
optional
Is this page first?
Example : true
boolean
last
optional
Is this page last?
Example : true
boolean
number
optional
Page number.
Example : 0
integer
number_of_elements
optional
Actual number of elements on current page.
Example : 0
integer
size
optional
Page size.
Example : 0
integer
total_elements
optional
Total number of items.
Example : 0
integer
total_pages
optional
Total number of pages.
Example : 0
integer

ScopeGet

Polymorphism : Composition

Name Description Schema
id
optional
Identifier of the scope.
Example : "0d31a0fa-ac44-45e9-affd-92edf4b1b5b4"
string
name
optional
Name of the scope.
Example : "READ"
string

ScopeIdCollection

Collection of scopes identifiers

Type : < string > array

ScopeNew

Name Description Schema
name
optional
Name of the scope.
Example : "READ"
string

ScopeUpdate

Name Description Schema
name
optional
Name of the scope.
Example : "READ"
string

Subject

Name Description Schema
subject_id
required
Subject id.
Example : "13db83a6-bb3f-493a-b614-e86a404c2142"
string
type
optional
The type of subject. It can be person or group.
Example : "PERSON"
enum (PERSON, GROUP)

SubjectGroup

Name Description Schema
subject_id
required
Subject id.
Example : "13db83a6-bb3f-493a-b614-e86a404c2142"
string
type
optional
The type of subject. It can be person or group.
Example : "GROUP"
enum (PERSON, GROUP)

Security

BasicAuth

Type : basic