summaryrefslogtreecommitdiffstats
path: root/docs
diff options
context:
space:
mode:
authorrn509j <rn509j@att.com>2017-10-11 13:05:39 -0400
committerrn509j <rn509j@att.com>2017-10-11 13:06:51 -0400
commit7b5adf32e2ff118e07b47d740215137f90dd460f (patch)
tree84f4e52d7edbe6565d4b3446a2039ee37321d73c /docs
parent72aacefc4bc68a82a6d7fd6b6889411a3480b559 (diff)
modified AAF-API-Documentation file
AAF-84 Signed-off-by: rn509j <rn509j@att.com> Change-Id: I257fc3e2dcd25640d358bf991e0bff4cc0310348
Diffstat (limited to 'docs')
-rw-r--r--docs/AAF-API-Documentation/AAF-API-Documentation.rst3383
1 files changed, 205 insertions, 3178 deletions
diff --git a/docs/AAF-API-Documentation/AAF-API-Documentation.rst b/docs/AAF-API-Documentation/AAF-API-Documentation.rst
index 05d516ec..c4fcded1 100644
--- a/docs/AAF-API-Documentation/AAF-API-Documentation.rst
+++ b/docs/AAF-API-Documentation/AAF-API-Documentation.rst
@@ -1,25 +1,18 @@
-AT&T Auth Tool
-==============
-
---------------
-
AAF 2.0 RESTful interface
=========================
---------------
-
Accessing RESTful
-----------------
-AAF RESTful service is secured by the following:
-
-The Client must utilize HTTP/S. Non Secure HTTP is not acceptable
+-AAF RESTful service is secured by the following:
+-The Client must utilize HTTP/S. Non Secure HTTP is not acceptable
+-The Client MUST supply an Identity validated by one of the following mechanisms
-The Client MUST supply an Identity validated by one of the following mechanisms
-
-- Valid Global Login Cookie (CSP)
-- BASIC AUTH protocol using CSO Registered MechID, provisioned in AAF
-- (Near Future) Application level Certificate & oAuth
+ - Valid Global Login Cookie (CSP)
+ - BASIC AUTH protocol using CSO Registered MechID, provisioned in AAF
+ - BASIC AUTH protocol using ATTUID@csp.att.com, Global Login Password
+ - (Available 3rd Qtr 2015) Valid tGuard Login Cookie
+ - (Near Future) Application level Certificate
Responses
@@ -29,9 +22,9 @@ Each API call may respond with JSON or XML. Choose the ContentType/Accept that h
XSDs for Versions
-
AAF can support multiple Versions of the API. Choose the ContentType/Accept that has the appropriate version=?.?
+All Errors coming from AAF return AT&T Standard Error Message as a String: `JSON <./example/YXBwbGljYXRpb24vRXJyb3IranNvbg==>`__ `XML <./example/YXBwbGljYXRpb24vRXJyb3IreG1s>`__ (does not apply to errors from Container)
Character Restrictions
@@ -42,3165 +35,199 @@ Character Restrictions
Ask for a Consultation on how these are typically used, or, if your tool is the only Enforcement Point, if set may be expanded
-+--------------------+--------------------+--------------------+--------------------+
-| Entity | Method | Path Info | Description |
-+====================+====================+====================+====================+
-| PERMISSION | POST | /authz/perm | Create a |
-| | | | Permission |
-| | | | |
-| | | | Permission |
-| | | | consists of: |
-| | | | |
-| | | | - type - a |
-| | | | Namespace |
-| | | | qualified |
-| | | | identifier |
-| | | | specifying what |
-| | | | kind of |
-| | | | resource is |
-| | | | being protected |
-| | | | - instance - a |
-| | | | key, possibly |
-| | | | multi-dimension |
-| | | | al, |
-| | | | that identifies |
-| | | | a specific |
-| | | | instance of the |
-| | | | type |
-| | | | - action - what |
-| | | | kind of action |
-| | | | is allowed |
-| | | | |
-| | | | Note: instance and |
-| | | | action can be an |
-| | | | \* |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 201 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406, 409 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybVJ |
-| | | | lcXVlc3QranNvbjtxP |
-| | | | TEuMDtjaGFyc2V0PXV |
-| | | | 0Zi04O3ZlcnNpb249M |
-| | | | i4wLGFwcGxpY2F0aW9 |
-| | | | uL2pzb247cT0xLjA7d |
-| | | | mVyc2lvbj0yLjAsKi8 |
-| | | | qO3E9MS4w>`__\ app |
-| | | | lication/PermReque |
-| | | | st+json;q=1.0;char |
-| | | | set=utf-8;version= |
-| | | | 2.0,application/js |
-| | | | on;q=1.0;version=2 |
-| | | | .0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybVJ |
-| | | | lcXVlc3QreG1sO3E9M |
-| | | | S4wO2NoYXJzZXQ9dXR |
-| | | | mLTg7dmVyc2lvbj0yL |
-| | | | jAsdGV4dC94bWw7cT0 |
-| | | | xLjA7dmVyc2lvbj0yL |
-| | | | jA=>`__\ applicati |
-| | | | on/PermRequest+xml |
-| | | | ;q=1.0;charset=utf |
-| | | | -8;version=2.0,tex |
-| | | | t/xml;q=1.0;versio |
-| | | | n=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | PUT | /authz/perm | Set Description |
-| | | | for Permission |
-| | | | |
-| | | | Add Description |
-| | | | Data to Perm |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybVJ |
-| | | | lcXVlc3QranNvbjtxP |
-| | | | TEuMDtjaGFyc2V0PXV |
-| | | | 0Zi04O3ZlcnNpb249M |
-| | | | i4wLGFwcGxpY2F0aW9 |
-| | | | uL2pzb247cT0xLjA7d |
-| | | | mVyc2lvbj0yLjAsKi8 |
-| | | | qO3E9MS4w>`__\ app |
-| | | | lication/PermReque |
-| | | | st+json;q=1.0;char |
-| | | | set=utf-8;version= |
-| | | | 2.0,application/js |
-| | | | on;q=1.0;version=2 |
-| | | | .0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybVJ |
-| | | | lcXVlc3QreG1sO3E9M |
-| | | | S4wO2NoYXJzZXQ9dXR |
-| | | | mLTg7dmVyc2lvbj0yL |
-| | | | jAsdGV4dC94bWw7cT0 |
-| | | | xLjA7dmVyc2lvbj0yL |
-| | | | jA=>`__\ applicati |
-| | | | on/PermRequest+xml |
-| | | | ;q=1.0;charset=utf |
-| | | | -8;version=2.0,tex |
-| | | | t/xml;q=1.0;versio |
-| | | | n=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | DELETE | /authz/perm | Delete a |
-| | | | Permission |
-| | | | |
-| | | | Delete the |
-| | | | Permission |
-| | | | referenced by |
-| | | | PermKey. |
-| | | | |
-| | | | You cannot |
-| | | | normally delete a |
-| | | | permission which |
-| | | | is still granted |
-| | | | to roles, |
-| | | | |
-| | | | however the |
-| | | | "force" property |
-| | | | allows you to do |
-| | | | just that. To do |
-| | | | this: Add |
-| | | | |
-| | | | 'force=true' as a |
-| | | | query parameter. |
-| | | | |
-| | | | WARNING: Using |
-| | | | force will ungrant |
-| | | | this permission |
-| | | | from all roles. |
-| | | | Use with care. |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybVJ |
-| | | | lcXVlc3QranNvbjtxP |
-| | | | TEuMDtjaGFyc2V0PXV |
-| | | | 0Zi04O3ZlcnNpb249M |
-| | | | i4wLGFwcGxpY2F0aW9 |
-| | | | uL2pzb247cT0xLjA7d |
-| | | | mVyc2lvbj0yLjAsKi8 |
-| | | | qO3E9MS4w>`__\ app |
-| | | | lication/PermReque |
-| | | | st+json;q=1.0;char |
-| | | | set=utf-8;version= |
-| | | | 2.0,application/js |
-| | | | on;q=1.0;version=2 |
-| | | | .0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybVJ |
-| | | | lcXVlc3QreG1sO3E9M |
-| | | | S4wO2NoYXJzZXQ9dXR |
-| | | | mLTg7dmVyc2lvbj0yL |
-| | | | jAsdGV4dC94bWw7cT0 |
-| | | | xLjA7dmVyc2lvbj0yL |
-| | | | jA=>`__\ applicati |
-| | | | on/PermRequest+xml |
-| | | | ;q=1.0;charset=utf |
-| | | | -8;version=2.0,tex |
-| | | | t/xml;q=1.0;versio |
-| | | | n=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | DELETE | /authz/perm/:name/ | Delete a |
-| | | :type/:action | Permission |
-| | | | |
-| | | | Delete the |
-| | | | Permission |
-| | | | referenced by |
-| | | | :type :instance |
-| | | | :action |
-| | | | |
-| | | | You cannot |
-| | | | normally delete a |
-| | | | permission which |
-| | | | is still granted |
-| | | | to roles, |
-| | | | |
-| | | | however the |
-| | | | "force" property |
-| | | | allows you to do |
-| | | | just that. To do |
-| | | | this: Add |
-| | | | |
-| | | | 'force=true' as a |
-| | | | query parameter |
-| | | | |
-| | | | WARNING: Using |
-| | | | force will ungrant |
-| | | | this permission |
-| | | | from all roles. |
-| | | | Use with care. |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | type : string |
-| | | | (Required) |
-| | | | |
-| | | | instance : string |
-| | | | (Required) |
-| | | | |
-| | | | action : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybUt |
-| | | | leStqc29uO3E9MS4wO |
-| | | | 2NoYXJzZXQ9dXRmLTg |
-| | | | 7dmVyc2lvbj0yLjAsY |
-| | | | XBwbGljYXRpb24vanN |
-| | | | vbjtxPTEuMDt2ZXJza |
-| | | | W9uPTIuMCwqLyo7cT0 |
-| | | | xLjA=>`__\ applica |
-| | | | tion/PermKey+json; |
-| | | | q=1.0;charset=utf- |
-| | | | 8;version=2.0,appl |
-| | | | ication/json;q=1.0 |
-| | | | ;version=2.0,\*/\* |
-| | | | ;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybUt |
-| | | | leSt4bWw7cT0xLjA7Y |
-| | | | 2hhcnNldD11dGYtODt |
-| | | | 2ZXJzaW9uPTIuMCx0Z |
-| | | | Xh0L3htbDtxPTEuMDt |
-| | | | 2ZXJzaW9uPTIuMA==> |
-| | | | `__\ application/P |
-| | | | ermKey+xml;q=1.0;c |
-| | | | harset=utf-8;versi |
-| | | | on=2.0,text/xml;q= |
-| | | | 1.0;version=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | PUT | /authz/perm/:type/ | Update a |
-| | | :instance/:action | Permission |
-| | | | |
-| | | | Rename the |
-| | | | Permission |
-| | | | referenced by |
-| | | | :type :instance |
-| | | | :action, and |
-| | | | rename |
-| | | | (copy/delete) to |
-| | | | the Permission |
-| | | | described in |
-| | | | PermRequest |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | type : string |
-| | | | (Required) |
-| | | | |
-| | | | instance : string |
-| | | | (Required) |
-| | | | |
-| | | | action : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406, 409 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybVJ |
-| | | | lcXVlc3QranNvbjtxP |
-| | | | TEuMDtjaGFyc2V0PXV |
-| | | | 0Zi04O3ZlcnNpb249M |
-| | | | i4wLGFwcGxpY2F0aW9 |
-| | | | uL2pzb247cT0xLjA7d |
-| | | | mVyc2lvbj0yLjAsKi8 |
-| | | | qO3E9MS4w>`__\ app |
-| | | | lication/PermReque |
-| | | | st+json;q=1.0;char |
-| | | | set=utf-8;version= |
-| | | | 2.0,application/js |
-| | | | on;q=1.0;version=2 |
-| | | | .0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybVJ |
-| | | | lcXVlc3QreG1sO3E9M |
-| | | | S4wO2NoYXJzZXQ9dXR |
-| | | | mLTg7dmVyc2lvbj0yL |
-| | | | jAsdGV4dC94bWw7cT0 |
-| | | | xLjA7dmVyc2lvbj0yL |
-| | | | jA=>`__\ applicati |
-| | | | on/PermRequest+xml |
-| | | | ;q=1.0;charset=utf |
-| | | | -8;version=2.0,tex |
-| | | | t/xml;q=1.0;versio |
-| | | | n=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/perms/:type | Get Permissions by |
-| | | | Type |
-| | | | |
-| | | | List All |
-| | | | Permissions that |
-| | | | match the :type |
-| | | | element of the key |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | type : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybXM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MS4 |
-| | | | w>`__\ application |
-| | | | /Perms+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybXM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Perms |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/perms/:type | Get Permissions by |
-| | | /:instance/:action | Key |
-| | | | |
-| | | | List Permissions |
-| | | | that match key; |
-| | | | :type, :instance |
-| | | | and :action |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | type : string |
-| | | | (Required) |
-| | | | |
-| | | | instance : string |
-| | | | (Required) |
-| | | | |
-| | | | action : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybXM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MS4 |
-| | | | w>`__\ application |
-| | | | /Perms+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybXM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Perms |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/perms/ns/:n | Get PermsByNS |
-| | | s | |
-| | | | List All |
-| | | | Permissions that |
-| | | | are in Namespace |
-| | | | :ns |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | ns : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybXM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MC4 |
-| | | | y>`__\ application |
-| | | | /Perms+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=0.2 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybXM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Perms |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/perms/role/ | Get Permissions by |
-| | | :role | Role |
-| | | | |
-| | | | List All |
-| | | | Permissions that |
-| | | | are granted to |
-| | | | :role |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | role : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybXM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MS4 |
-| | | | w>`__\ application |
-| | | | /Perms+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybXM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Perms |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | POST | /authz/perms/user/ | Get Permissions by |
-| | | :user | User, Query AAF |
-| | | | Perms |
-| | | | |
-| | | | List All |
-| | | | Permissions that |
-| | | | match user :user |
-| | | | |
-| | | | 'user' must be |
-| | | | expressed as full |
-| | | | identity (ex: |
-| | | | id@full.domain.com |
-| | | | ) |
-| | | | |
-| | | | Present Queries as |
-| | | | one or more |
-| | | | Permissions (see |
-| | | | ContentType Links |
-| | | | below for format). |
-| | | | |
-| | | | If the Caller is |
-| | | | Granted this |
-| | | | specific |
-| | | | Permission, and |
-| | | | the Permission is |
-| | | | valid |
-| | | | |
-| | | | for the User, it |
-| | | | will be included |
-| | | | in response |
-| | | | Permissions, along |
-| | | | with |
-| | | | |
-| | | | all the normal |
-| | | | permissions on the |
-| | | | 'GET' version of |
-| | | | this call. If it |
-| | | | is not |
-| | | | |
-| | | | valid, or Caller |
-| | | | does not have |
-| | | | permission to see, |
-| | | | it will be removed |
-| | | | from the list |
-| | | | |
-| | | | \*Note: This |
-| | | | design allows you |
-| | | | to make one call |
-| | | | for all expected |
-| | | | permissions |
-| | | | |
-| | | | The permission to |
-| | | | be included MUST |
-| | | | be: |
-| | | | |
-| | | | .access\|:[:key]\| |
-| | | | |
-| | | | examples: |
-| | | | |
-| | | | com.onap.myns.acces |
-| | | | s\|:ns\|write |
-| | | | |
-| | | | com.onap.myns.acces |
-| | | | s\|:role:myrole\|c |
-| | | | reate |
-| | | | |
-| | | | com.onap.myns.acces |
-| | | | s\|:perm:mytype:my |
-| | | | instance:myaction\ |
-| | | | |read |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | user : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybXM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MS4 |
-| | | | w>`__\ application |
-| | | | /Perms+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybXM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Perms |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/perms/user/ | Get Permissions by |
-| | | :user | User |
-| | | | |
-| | | | List All |
-| | | | Permissions that |
-| | | | match user :user |
-| | | | |
-| | | | 'user' must be |
-| | | | expressed as full |
-| | | | identity (ex: |
-| | | | id@full.domain.com |
-| | | | ) |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | user : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybXM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MC4 |
-| | | | y>`__\ application |
-| | | | /Perms+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=0.2 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUGVybXM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Perms |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| ROLE | POST | /authz/role | Create Role |
-| | | | |
-| | | | Roles are part of |
-| | | | Namespaces |
-| | | | |
-| | | | Examples: |
-| | | | |
-| | | | - com.onap.aaf - |
-| | | | The team that |
-| | | | created and |
-| | | | maintains AAF |
-| | | | - com.onap.csp - |
-| | | | The team that |
-| | | | created Global |
-| | | | Login |
-| | | | |
-| | | | Roles do not |
-| | | | include implied |
-| | | | permissions for an |
-| | | | App. Instead, they |
-| | | | contain explicit |
-| | | | Granted |
-| | | | Permissions by any |
-| | | | Namespace in AAF |
-| | | | (See Permissions) |
-| | | | |
-| | | | Restrictions on |
-| | | | Role Names: |
-| | | | |
-| | | | - Must start with |
-| | | | valid Namespace |
-| | | | name, |
-| | | | terminated by . |
-| | | | (dot/period) |
-| | | | - Allowed |
-| | | | Characters are |
-| | | | a-zA-Z0-9.\_- |
-| | | | - role names are |
-| | | | Case Sensitive |
-| | | | |
-| | | | The right |
-| | | | questions to ask |
-| | | | for defining and |
-| | | | populating a Role |
-| | | | in AAF, therefore, |
-| | | | are: |
-| | | | |
-| | | | - 'What Job |
-| | | | Function does |
-| | | | this |
-| | | | represent?' |
-| | | | - 'Does this |
-| | | | person perform |
-| | | | this Job |
-| | | | Function?' |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 201 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406, 409 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZVJ |
-| | | | lcXVlc3QranNvbjtxP |
-| | | | TEuMDtjaGFyc2V0PXV |
-| | | | 0Zi04O3ZlcnNpb249M |
-| | | | i4wLGFwcGxpY2F0aW9 |
-| | | | uL2pzb247cT0xLjA7d |
-| | | | mVyc2lvbj0yLjAsKi8 |
-| | | | qO3E9MS4w>`__\ app |
-| | | | lication/RoleReque |
-| | | | st+json;q=1.0;char |
-| | | | set=utf-8;version= |
-| | | | 2.0,application/js |
-| | | | on;q=1.0;version=2 |
-| | | | .0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZVJ |
-| | | | lcXVlc3QreG1sO3E9M |
-| | | | S4wO2NoYXJzZXQ9dXR |
-| | | | mLTg7dmVyc2lvbj0yL |
-| | | | jAsdGV4dC94bWw7cT0 |
-| | | | xLjA7dmVyc2lvbj0yL |
-| | | | jA=>`__\ applicati |
-| | | | on/RoleRequest+xml |
-| | | | ;q=1.0;charset=utf |
-| | | | -8;version=2.0,tex |
-| | | | t/xml;q=1.0;versio |
-| | | | n=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | PUT | /authz/role | Set Description |
-| | | | for role |
-| | | | |
-| | | | Add Description |
-| | | | Data to a Role |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZVJ |
-| | | | lcXVlc3QranNvbjtxP |
-| | | | TEuMDtjaGFyc2V0PXV |
-| | | | 0Zi04O3ZlcnNpb249M |
-| | | | i4wLGFwcGxpY2F0aW9 |
-| | | | uL2pzb247cT0xLjA7d |
-| | | | mVyc2lvbj0yLjAsKi8 |
-| | | | qO3E9MS4w>`__\ app |
-| | | | lication/RoleReque |
-| | | | st+json;q=1.0;char |
-| | | | set=utf-8;version= |
-| | | | 2.0,application/js |
-| | | | on;q=1.0;version=2 |
-| | | | .0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZVJ |
-| | | | lcXVlc3QreG1sO3E9M |
-| | | | S4wO2NoYXJzZXQ9dXR |
-| | | | mLTg7dmVyc2lvbj0yL |
-| | | | jAsdGV4dC94bWw7cT0 |
-| | | | xLjA7dmVyc2lvbj0yL |
-| | | | jA=>`__\ applicati |
-| | | | on/RoleRequest+xml |
-| | | | ;q=1.0;charset=utf |
-| | | | -8;version=2.0,tex |
-| | | | t/xml;q=1.0;versio |
-| | | | n=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | DELETE | /authz/role | Delete Role |
-| | | | |
-| | | | Delete the Role |
-| | | | referenced by |
-| | | | RoleKey |
-| | | | |
-| | | | You cannot |
-| | | | normally delete a |
-| | | | role which still |
-| | | | has permissions |
-| | | | granted or users |
-| | | | assigned to it, |
-| | | | |
-| | | | however the |
-| | | | "force" property |
-| | | | allows you to do |
-| | | | just that. To do |
-| | | | this: Add |
-| | | | 'force=true' |
-| | | | |
-| | | | as a query |
-| | | | parameter. |
-| | | | |
-| | | | WARNING: Using |
-| | | | force will remove |
-| | | | all users and |
-| | | | permission from |
-| | | | this role. Use |
-| | | | with care. |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZVJ |
-| | | | lcXVlc3QranNvbjtxP |
-| | | | TEuMDtjaGFyc2V0PXV |
-| | | | 0Zi04O3ZlcnNpb249M |
-| | | | i4wLGFwcGxpY2F0aW9 |
-| | | | uL2pzb247cT0xLjA7d |
-| | | | mVyc2lvbj0yLjAsKi8 |
-| | | | qO3E9MS4w>`__\ app |
-| | | | lication/RoleReque |
-| | | | st+json;q=1.0;char |
-| | | | set=utf-8;version= |
-| | | | 2.0,application/js |
-| | | | on;q=1.0;version=2 |
-| | | | .0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZVJ |
-| | | | lcXVlc3QreG1sO3E9M |
-| | | | S4wO2NoYXJzZXQ9dXR |
-| | | | mLTg7dmVyc2lvbj0yL |
-| | | | jAsdGV4dC94bWw7cT0 |
-| | | | xLjA7dmVyc2lvbj0yL |
-| | | | jA=>`__\ applicati |
-| | | | on/RoleRequest+xml |
-| | | | ;q=1.0;charset=utf |
-| | | | -8;version=2.0,tex |
-| | | | t/xml;q=1.0;versio |
-| | | | n=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | DELETE | /authz/role/:role | Delete Role |
-| | | | |
-| | | | Delete the Role |
-| | | | named :role |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | role : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZSt |
-| | | | qc29uO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsYXBwb |
-| | | | GljYXRpb24vanNvbjt |
-| | | | xPTEuMDt2ZXJzaW9uP |
-| | | | TIuMCwqLyo7cT0xLjA |
-| | | | =>`__\ application |
-| | | | /Role+json;q=1.0;c |
-| | | | harset=utf-8;versi |
-| | | | on=2.0,application |
-| | | | /json;q=1.0;versio |
-| | | | n=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZSt |
-| | | | 4bWw7cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCx0ZXh0L |
-| | | | 3htbDtxPTEuMDt2ZXJ |
-| | | | zaW9uPTIuMA==>`__\ |
-| | | | application/Role+ |
-| | | | xml;q=1.0;charset= |
-| | | | utf-8;version=2.0, |
-| | | | text/xml;q=1.0;ver |
-| | | | sion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | DELETE | /authz/role/:role/ | Delete Permission |
-| | | perm | from Role |
-| | | | |
-| | | | Ungrant a |
-| | | | permission from |
-| | | | Role :role |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | role : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZVB |
-| | | | lcm1SZXF1ZXN0K2pzb |
-| | | | 247cT0xLjA7Y2hhcnN |
-| | | | ldD11dGYtODt2ZXJza |
-| | | | W9uPTIuMCxhcHBsaWN |
-| | | | hdGlvbi9qc29uO3E9M |
-| | | | S4wO3ZlcnNpb249Mi4 |
-| | | | wLCovKjtxPTEuMA==> |
-| | | | `__\ application/R |
-| | | | olePermRequest+jso |
-| | | | n;q=1.0;charset=ut |
-| | | | f-8;version=2.0,ap |
-| | | | plication/json;q=1 |
-| | | | .0;version=2.0,\*/ |
-| | | | \*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZVB |
-| | | | lcm1SZXF1ZXN0K3htb |
-| | | | DtxPTEuMDtjaGFyc2V |
-| | | | 0PXV0Zi04O3ZlcnNpb |
-| | | | 249Mi4wLHRleHQveG1 |
-| | | | sO3E9MS4wO3ZlcnNpb |
-| | | | 249Mi4w>`__\ appli |
-| | | | cation/RolePermReq |
-| | | | uest+xml;q=1.0;cha |
-| | | | rset=utf-8;version |
-| | | | =2.0,text/xml;q=1. |
-| | | | 0;version=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | POST | /authz/role/perm | Add Permission to |
-| | | | Role |
-| | | | |
-| | | | Grant a Permission |
-| | | | to a Role |
-| | | | |
-| | | | Permission |
-| | | | consists of: |
-| | | | |
-| | | | - type - a |
-| | | | Namespace |
-| | | | qualified |
-| | | | identifier |
-| | | | specifying what |
-| | | | kind of |
-| | | | resource is |
-| | | | being protected |
-| | | | - instance - a |
-| | | | key, possibly |
-| | | | multi-dimension |
-| | | | al, |
-| | | | that identifies |
-| | | | a specific |
-| | | | instance of the |
-| | | | type |
-| | | | - action - what |
-| | | | kind of action |
-| | | | is allowed |
-| | | | |
-| | | | Note: instance and |
-| | | | action can be an |
-| | | | \* |
-| | | | |
-| | | | Note: Using the |
-| | | | "force" property |
-| | | | will create the |
-| | | | Permission, if it |
-| | | | doesn't exist AND |
-| | | | the requesting ID |
-| | | | is allowed to |
-| | | | create. It will |
-| | | | then grant |
-| | | | |
-| | | | the permission to |
-| | | | the role in one |
-| | | | step. To do this: |
-| | | | add 'force=true' |
-| | | | as a query |
-| | | | parameter. |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 201 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406, 409 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZVB |
-| | | | lcm1SZXF1ZXN0K2pzb |
-| | | | 247cT0xLjA7Y2hhcnN |
-| | | | ldD11dGYtODt2ZXJza |
-| | | | W9uPTIuMCxhcHBsaWN |
-| | | | hdGlvbi9qc29uO3E9M |
-| | | | S4wO3ZlcnNpb249Mi4 |
-| | | | wLCovKjtxPTEuMA==> |
-| | | | `__\ application/R |
-| | | | olePermRequest+jso |
-| | | | n;q=1.0;charset=ut |
-| | | | f-8;version=2.0,ap |
-| | | | plication/json;q=1 |
-| | | | .0;version=2.0,\*/ |
-| | | | \*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZVB |
-| | | | lcm1SZXF1ZXN0K3htb |
-| | | | DtxPTEuMDtjaGFyc2V |
-| | | | 0PXV0Zi04O3ZlcnNpb |
-| | | | 249Mi4wLHRleHQveG1 |
-| | | | sO3E9MS4wO3ZlcnNpb |
-| | | | 249Mi4w>`__\ appli |
-| | | | cation/RolePermReq |
-| | | | uest+xml;q=1.0;cha |
-| | | | rset=utf-8;version |
-| | | | =2.0,text/xml;q=1. |
-| | | | 0;version=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | PUT | /authz/role/perm | Set a Permission's |
-| | | | Roles |
-| | | | |
-| | | | Set a permission's |
-| | | | roles to roles |
-| | | | given |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 201 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406, 409 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZVB |
-| | | | lcm1SZXF1ZXN0K2pzb |
-| | | | 247cT0xLjA7Y2hhcnN |
-| | | | ldD11dGYtODt2ZXJza |
-| | | | W9uPTIuMCxhcHBsaWN |
-| | | | hdGlvbi9qc29uO3E9M |
-| | | | S4wO3ZlcnNpb249Mi4 |
-| | | | wLCovKjtxPTEuMA==> |
-| | | | `__\ application/R |
-| | | | olePermRequest+jso |
-| | | | n;q=1.0;charset=ut |
-| | | | f-8;version=2.0,ap |
-| | | | plication/json;q=1 |
-| | | | .0;version=2.0,\*/ |
-| | | | \*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZVB |
-| | | | lcm1SZXF1ZXN0K3htb |
-| | | | DtxPTEuMDtjaGFyc2V |
-| | | | 0PXV0Zi04O3ZlcnNpb |
-| | | | 249Mi4wLHRleHQveG1 |
-| | | | sO3E9MS4wO3ZlcnNpb |
-| | | | 249Mi4w>`__\ appli |
-| | | | cation/RolePermReq |
-| | | | uest+xml;q=1.0;cha |
-| | | | rset=utf-8;version |
-| | | | =2.0,text/xml;q=1. |
-| | | | 0;version=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/roles/:role | GetRolesByFullName |
-| | | | |
-| | | | List Roles that |
-| | | | match :role |
-| | | | |
-| | | | Note: You must |
-| | | | have permission to |
-| | | | see any given role |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | role : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZXM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MS4 |
-| | | | w>`__\ application |
-| | | | /Roles+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZXM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Roles |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/roles/name/ | GetRolesByNameOnly |
-| | | :name | |
-| | | | List all Roles for |
-| | | | only the Name of |
-| | | | Role (without |
-| | | | Namespace) |
-| | | | |
-| | | | Note: You must |
-| | | | have permission to |
-| | | | see any given role |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | name : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZXM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MS4 |
-| | | | w>`__\ application |
-| | | | /Roles+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZXM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Roles |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/roles/ns/:n | GetRolesByNS |
-| | | s | |
-| | | | List all Roles for |
-| | | | the Namespace :ns |
-| | | | |
-| | | | Note: You must |
-| | | | have permission to |
-| | | | see any given role |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | ns : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZXM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MC4 |
-| | | | y>`__\ application |
-| | | | /Roles+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=0.2 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZXM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Roles |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/roles/perm/ | GetRolesByPerm |
-| | | :type/:instance/:a | |
-| | | ction | Find all Roles |
-| | | | containing the |
-| | | | given |
-| | | | Permission.Permiss |
-| | | | ion |
-| | | | consists of: |
-| | | | |
-| | | | - type - a |
-| | | | Namespace |
-| | | | qualified |
-| | | | identifier |
-| | | | specifying what |
-| | | | kind of |
-| | | | resource is |
-| | | | being protected |
-| | | | - instance - a |
-| | | | key, possibly |
-| | | | multi-dimension |
-| | | | al, |
-| | | | that identifies |
-| | | | a specific |
-| | | | instance of the |
-| | | | type |
-| | | | - action - what |
-| | | | kind of action |
-| | | | is allowed |
-| | | | |
-| | | | Notes: instance |
-| | | | and action can be |
-| | | | an \* |
-| | | | |
-| | | | You must have |
-| | | | permission to see |
-| | | | any given role |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | type : string |
-| | | | (Required) |
-| | | | |
-| | | | instance : string |
-| | | | (Required) |
-| | | | |
-| | | | action : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZXM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MS4 |
-| | | | w>`__\ application |
-| | | | /Roles+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZXM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Roles |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/roles/user/ | GetRolesByUser |
-| | | :name | |
-| | | | List all Roles |
-| | | | that match user |
-| | | | :name |
-| | | | |
-| | | | 'user' must be |
-| | | | expressed as full |
-| | | | identity (ex: |
-| | | | id@full.domain.com |
-| | | | ) |
-| | | | |
-| | | | Note: You must |
-| | | | have permission to |
-| | | | see any given role |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | name : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZXM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MS4 |
-| | | | w>`__\ application |
-| | | | /Roles+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vUm9sZXM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Roles |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | POST | /authz/userRole | Request User Role |
-| | | | Access |
-| | | | |
-| | | | Create a UserRole |
-| | | | relationship (add |
-| | | | User to Role) |
-| | | | |
-| | | | A UserRole is an |
-| | | | object |
-| | | | Representation of |
-| | | | membership of a |
-| | | | Role for limited |
-| | | | time. |
-| | | | |
-| | | | If a shorter |
-| | | | amount of time for |
-| | | | Role ownership is |
-| | | | required, use the |
-| | | | 'End' field. |
-| | | | |
-| | | | \*\* Note: Owners |
-| | | | of Namespaces will |
-| | | | be required to |
-| | | | revalidate users |
-| | | | in these roles |
-| | | | |
-| | | | before Expirations |
-| | | | expire. Namespace |
-| | | | owners will be |
-| | | | notified by email. |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 201 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406, 409 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlclJ |
-| | | | vbGVSZXF1ZXN0K2pzb |
-| | | | 247cT0xLjA7Y2hhcnN |
-| | | | ldD11dGYtODt2ZXJza |
-| | | | W9uPTIuMCxhcHBsaWN |
-| | | | hdGlvbi9qc29uO3E9M |
-| | | | S4wO3ZlcnNpb249Mi4 |
-| | | | wLCovKjtxPTEuMA==> |
-| | | | `__\ application/U |
-| | | | serRoleRequest+jso |
-| | | | n;q=1.0;charset=ut |
-| | | | f-8;version=2.0,ap |
-| | | | plication/json;q=1 |
-| | | | .0;version=2.0,\*/ |
-| | | | \*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlclJ |
-| | | | vbGVSZXF1ZXN0K3htb |
-| | | | DtxPTEuMDtjaGFyc2V |
-| | | | 0PXV0Zi04O3ZlcnNpb |
-| | | | 249Mi4wLHRleHQveG1 |
-| | | | sO3E9MS4wO3ZlcnNpb |
-| | | | 249Mi4w>`__\ appli |
-| | | | cation/UserRoleReq |
-| | | | uest+xml;q=1.0;cha |
-| | | | rset=utf-8;version |
-| | | | =2.0,text/xml;q=1. |
-| | | | 0;version=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/userRole/:u | Get if User is In |
-| | | ser/:role | Role |
-| | | | |
-| | | | Returns the User |
-| | | | (with Expiration |
-| | | | date from listed |
-| | | | User/Role) if it |
-| | | | exists |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | user : string |
-| | | | (Required) |
-| | | | |
-| | | | role : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlcnM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MS4 |
-| | | | w>`__\ application |
-| | | | /Users+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlcnM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Users |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | DELETE | /authz/userRole/:u | Delete User Role |
-| | | ser/:role | |
-| | | | Remove Role :role |
-| | | | from User :user. |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | user : string |
-| | | | (Required) |
-| | | | |
-| | | | role : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | qc29uO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsYXBwb |
-| | | | GljYXRpb24vanNvbjt |
-| | | | xPTEuMDt2ZXJzaW9uP |
-| | | | TIuMCwqLyo7cT0xLjA |
-| | | | =>`__\ application |
-| | | | /Void+json;q=1.0;c |
-| | | | harset=utf-8;versi |
-| | | | on=2.0,application |
-| | | | /json;q=1.0;versio |
-| | | | n=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | 4bWw7cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCx0ZXh0L |
-| | | | 3htbDtxPTEuMDt2ZXJ |
-| | | | zaW9uPTIuMA==>`__\ |
-| | | | application/Void+ |
-| | | | xml;q=1.0;charset= |
-| | | | utf-8;version=2.0, |
-| | | | text/xml;q=1.0;ver |
-| | | | sion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | PUT | /authz/userRole/ex | Extend Expiration |
-| | | tend/:user/:role | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | qc29uO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsYXBwb |
-| | | | GljYXRpb24vanNvbjt |
-| | | | xPTEuMDt2ZXJzaW9uP |
-| | | | TIuMCwqLyo7cT0xLjA |
-| | | | =>`__\ application |
-| | | | /Void+json;q=1.0;c |
-| | | | harset=utf-8;versi |
-| | | | on=2.0,application |
-| | | | /json;q=1.0;versio |
-| | | | n=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | 4bWw7cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCx0ZXh0L |
-| | | | 3htbDtxPTEuMDt2ZXJ |
-| | | | zaW9uPTIuMA==>`__\ |
-| | | | application/Void+ |
-| | | | xml;q=1.0;charset= |
-| | | | utf-8;version=2.0, |
-| | | | text/xml;q=1.0;ver |
-| | | | sion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | PUT | /authz/userRole/ro | Update Users for a |
-| | | le | role |
-| | | | |
-| | | | Set a Role's users |
-| | | | to the users |
-| | | | specified in the |
-| | | | UserRoleRequest |
-| | | | object. |
-| | | | |
-| | | | WARNING: Users |
-| | | | supplied will be |
-| | | | the ONLY users |
-| | | | attached to this |
-| | | | role |
-| | | | |
-| | | | If no users are |
-| | | | supplied, role's |
-| | | | users are reset. |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlclJ |
-| | | | vbGVSZXF1ZXN0K2pzb |
-| | | | 247cT0xLjA7Y2hhcnN |
-| | | | ldD11dGYtODt2ZXJza |
-| | | | W9uPTIuMCxhcHBsaWN |
-| | | | hdGlvbi9qc29uO3E9M |
-| | | | S4wO3ZlcnNpb249Mi4 |
-| | | | wLCovKjtxPTEuMA==> |
-| | | | `__\ application/U |
-| | | | serRoleRequest+jso |
-| | | | n;q=1.0;charset=ut |
-| | | | f-8;version=2.0,ap |
-| | | | plication/json;q=1 |
-| | | | .0;version=2.0,\*/ |
-| | | | \*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlclJ |
-| | | | vbGVSZXF1ZXN0K3htb |
-| | | | DtxPTEuMDtjaGFyc2V |
-| | | | 0PXV0Zi04O3ZlcnNpb |
-| | | | 249Mi4wLHRleHQveG1 |
-| | | | sO3E9MS4wO3ZlcnNpb |
-| | | | 249Mi4w>`__\ appli |
-| | | | cation/UserRoleReq |
-| | | | uest+xml;q=1.0;cha |
-| | | | rset=utf-8;version |
-| | | | =2.0,text/xml;q=1. |
-| | | | 0;version=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | PUT | /authz/userRole/us | Update Roles for a |
-| | | er | user |
-| | | | |
-| | | | Set a User's roles |
-| | | | to the roles |
-| | | | specified in the |
-| | | | UserRoleRequest |
-| | | | object. |
-| | | | |
-| | | | WARNING: Roles |
-| | | | supplied will be |
-| | | | the ONLY roles |
-| | | | attached to this |
-| | | | user |
-| | | | |
-| | | | If no roles are |
-| | | | supplied, user's |
-| | | | roles are reset. |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlclJ |
-| | | | vbGVSZXF1ZXN0K2pzb |
-| | | | 247cT0xLjA7Y2hhcnN |
-| | | | ldD11dGYtODt2ZXJza |
-| | | | W9uPTIuMCxhcHBsaWN |
-| | | | hdGlvbi9qc29uO3E9M |
-| | | | S4wO3ZlcnNpb249Mi4 |
-| | | | wLCovKjtxPTEuMA==> |
-| | | | `__\ application/U |
-| | | | serRoleRequest+jso |
-| | | | n;q=1.0;charset=ut |
-| | | | f-8;version=2.0,ap |
-| | | | plication/json;q=1 |
-| | | | .0;version=2.0,\*/ |
-| | | | \*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlclJ |
-| | | | vbGVSZXF1ZXN0K3htb |
-| | | | DtxPTEuMDtjaGFyc2V |
-| | | | 0PXV0Zi04O3ZlcnNpb |
-| | | | 249Mi4wLHRleHQveG1 |
-| | | | sO3E9MS4wO3ZlcnNpb |
-| | | | 249Mi4w>`__\ appli |
-| | | | cation/UserRoleReq |
-| | | | uest+xml;q=1.0;cha |
-| | | | rset=utf-8;version |
-| | | | =2.0,text/xml;q=1. |
-| | | | 0;version=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/userRoles/r | Get UserRoles by |
-| | | ole/:role | Role |
-| | | | |
-| | | | List all Users |
-| | | | that are attached |
-| | | | to Role specified |
-| | | | in :role |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | role : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlclJ |
-| | | | vbGVzK2pzb247cT0xL |
-| | | | jA7Y2hhcnNldD11dGY |
-| | | | tODt2ZXJzaW9uPTIuM |
-| | | | CxhcHBsaWNhdGlvbi9 |
-| | | | qc29uO3E9MS4wO3Zlc |
-| | | | nNpb249Mi4wLCovKjt |
-| | | | xPTAuMg==>`__\ app |
-| | | | lication/UserRoles |
-| | | | +json;q=1.0;charse |
-| | | | t=utf-8;version=2. |
-| | | | 0,application/json |
-| | | | ;q=1.0;version=2.0 |
-| | | | ,\*/\*;q=0.2 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlclJ |
-| | | | vbGVzK3htbDtxPTEuM |
-| | | | DtjaGFyc2V0PXV0Zi0 |
-| | | | 4O3ZlcnNpb249Mi4wL |
-| | | | HRleHQveG1sO3E9MS4 |
-| | | | wO3ZlcnNpb249Mi4w> |
-| | | | `__\ application/U |
-| | | | serRoles+xml;q=1.0 |
-| | | | ;charset=utf-8;ver |
-| | | | sion=2.0,text/xml; |
-| | | | q=1.0;version=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/userRoles/u | Get UserRoles by |
-| | | ser/:user | User |
-| | | | |
-| | | | List all UserRoles |
-| | | | for :user |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | role : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlclJ |
-| | | | vbGVzK2pzb247cT0xL |
-| | | | jA7Y2hhcnNldD11dGY |
-| | | | tODt2ZXJzaW9uPTIuM |
-| | | | CxhcHBsaWNhdGlvbi9 |
-| | | | qc29uO3E9MS4wO3Zlc |
-| | | | nNpb249Mi4wLCovKjt |
-| | | | xPTAuMg==>`__\ app |
-| | | | lication/UserRoles |
-| | | | +json;q=1.0;charse |
-| | | | t=utf-8;version=2. |
-| | | | 0,application/json |
-| | | | ;q=1.0;version=2.0 |
-| | | | ,\*/\*;q=0.2 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlclJ |
-| | | | vbGVzK3htbDtxPTEuM |
-| | | | DtjaGFyc2V0PXV0Zi0 |
-| | | | 4O3ZlcnNpb249Mi4wL |
-| | | | HRleHQveG1sO3E9MS4 |
-| | | | wO3ZlcnNpb249Mi4w> |
-| | | | `__\ application/U |
-| | | | serRoles+xml;q=1.0 |
-| | | | ;charset=utf-8;ver |
-| | | | sion=2.0,text/xml; |
-| | | | q=1.0;version=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| NAMESPACE | POST | /authz/ns | Create a Namespace |
-| | | | |
-| | | | Namespace consists |
-| | | | of: |
-| | | | |
-| | | | - name - What you |
-| | | | want to call |
-| | | | this Namespace |
-| | | | - responsible(s) |
-| | | | - Person(s) who |
-| | | | receive |
-| | | | Notifications |
-| | | | and approves |
-| | | | Requests |
-| | | | |
-| | | | regarding this |
-| | | | Namespace. |
-| | | | Companies have |
-| | | | Policies as to |
-| | | | who may take on |
-| | | | |
-| | | | this |
-| | | | Responsibility. |
-| | | | Separate |
-| | | | multiple |
-| | | | identities with |
-| | | | commas |
-| | | | |
-| | | | - admin(s) - |
-| | | | Person(s) who |
-| | | | are allowed to |
-| | | | make changes on |
-| | | | the namespace, |
-| | | | |
-| | | | including |
-| | | | creating Roles, |
-| | | | Permissions and |
-| | | | Credentials. |
-| | | | Separate |
-| | | | multiple |
-| | | | |
-| | | | identities with |
-| | | | commas |
-| | | | |
-| | | | Note: Namespaces |
-| | | | are dot-delimited |
-| | | | (i.e. |
-| | | | com.myCompany.myAp |
-| | | | p) |
-| | | | and must be |
-| | | | |
-| | | | created with |
-| | | | parent credentials |
-| | | | (i.e. To create |
-| | | | com.myCompany.myAp |
-| | | | p, |
-| | | | you must |
-| | | | |
-| | | | be an admin of |
-| | | | com.myCompany or |
-| | | | com |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 201 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406, 409 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNSZXF |
-| | | | 1ZXN0K2pzb247cT0xL |
-| | | | jA7Y2hhcnNldD11dGY |
-| | | | tODt2ZXJzaW9uPTIuM |
-| | | | CxhcHBsaWNhdGlvbi9 |
-| | | | qc29uO3E9MS4wO3Zlc |
-| | | | nNpb249Mi4wLCovKjt |
-| | | | xPTEuMA==>`__\ app |
-| | | | lication/NsRequest |
-| | | | +json;q=1.0;charse |
-| | | | t=utf-8;version=2. |
-| | | | 0,application/json |
-| | | | ;q=1.0;version=2.0 |
-| | | | ,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNSZXF |
-| | | | 1ZXN0K3htbDtxPTEuM |
-| | | | DtjaGFyc2V0PXV0Zi0 |
-| | | | 4O3ZlcnNpb249Mi4wL |
-| | | | HRleHQveG1sO3E9MS4 |
-| | | | wO3ZlcnNpb249Mi4w> |
-| | | | `__\ application/N |
-| | | | sRequest+xml;q=1.0 |
-| | | | ;charset=utf-8;ver |
-| | | | sion=2.0,text/xml; |
-| | | | q=1.0;version=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | PUT | /authz/ns | Set a Description |
-| | | | for a Namespace |
-| | | | |
-| | | | Replace the |
-| | | | Current |
-| | | | Description of a |
-| | | | Namespace with a |
-| | | | new one |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNSZXF |
-| | | | 1ZXN0K2pzb247cT0xL |
-| | | | jA7Y2hhcnNldD11dGY |
-| | | | tODt2ZXJzaW9uPTIuM |
-| | | | CxhcHBsaWNhdGlvbi9 |
-| | | | qc29uO3E9MS4wO3Zlc |
-| | | | nNpb249Mi4wLCovKjt |
-| | | | xPTEuMA==>`__\ app |
-| | | | lication/NsRequest |
-| | | | +json;q=1.0;charse |
-| | | | t=utf-8;version=2. |
-| | | | 0,application/json |
-| | | | ;q=1.0;version=2.0 |
-| | | | ,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNSZXF |
-| | | | 1ZXN0K3htbDtxPTEuM |
-| | | | DtjaGFyc2V0PXV0Zi0 |
-| | | | 4O3ZlcnNpb249Mi4wL |
-| | | | HRleHQveG1sO3E9MS4 |
-| | | | wO3ZlcnNpb249Mi4w> |
-| | | | `__\ application/N |
-| | | | sRequest+xml;q=1.0 |
-| | | | ;charset=utf-8;ver |
-| | | | sion=2.0,text/xml; |
-| | | | q=1.0;version=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | DELETE | /authz/ns/:ns | Delete a Namespace |
-| | | | |
-| | | | Delete the |
-| | | | Namespace :ns. |
-| | | | Namespaces cannot |
-| | | | normally be |
-| | | | deleted when there |
-| | | | |
-| | | | are still |
-| | | | credentials |
-| | | | associated with |
-| | | | them, but they can |
-| | | | be deleted by |
-| | | | setting |
-| | | | |
-| | | | the "force" |
-| | | | property. To do |
-| | | | this: Add |
-| | | | 'force=true' as a |
-| | | | query parameter |
-| | | | |
-| | | | WARNING: Using |
-| | | | force will delete |
-| | | | all credentials |
-| | | | attached to this |
-| | | | namespace. Use |
-| | | | with care. |
-| | | | |
-| | | | if the "force" |
-| | | | property is set to |
-| | | | 'force=move', then |
-| | | | Permissions and |
-| | | | Roles are not |
-| | | | deleted,but are |
-| | | | retained, and |
-| | | | assigned to the |
-| | | | Parent Namespace. |
-| | | | 'force=move' is |
-| | | | not permitted at |
-| | | | or below |
-| | | | Application Scope |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | ns : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 424 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | qc29uO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsYXBwb |
-| | | | GljYXRpb24vanNvbjt |
-| | | | xPTEuMDt2ZXJzaW9uP |
-| | | | TIuMCwqLyo7cT0xLjA |
-| | | | =>`__\ application |
-| | | | /Void+json;q=1.0;c |
-| | | | harset=utf-8;versi |
-| | | | on=2.0,application |
-| | | | /json;q=1.0;versio |
-| | | | n=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | 4bWw7cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCx0ZXh0L |
-| | | | 3htbDtxPTEuMDt2ZXJ |
-| | | | zaW9uPTIuMA==>`__\ |
-| | | | application/Void+ |
-| | | | xml;q=1.0;charset= |
-| | | | utf-8;version=2.0, |
-| | | | text/xml;q=1.0;ver |
-| | | | sion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | POST | /authz/ns/:ns/admi | Add an Admin to a |
-| | | n/:id | Namespace |
-| | | | |
-| | | | Add an Identity |
-| | | | :id to the list of |
-| | | | Admins for the |
-| | | | Namespace :ns |
-| | | | |
-| | | | Note: :id must be |
-| | | | fully qualified |
-| | | | |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | ns : string |
-| | | | (Required) |
-| | | | |
-| | | | id : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 201 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406, 409 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | qc29uO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsYXBwb |
-| | | | GljYXRpb24vanNvbjt |
-| | | | xPTEuMDt2ZXJzaW9uP |
-| | | | TIuMCwqLyo7cT0xLjA |
-| | | | =>`__\ application |
-| | | | /Void+json;q=1.0;c |
-| | | | harset=utf-8;versi |
-| | | | on=2.0,application |
-| | | | /json;q=1.0;versio |
-| | | | n=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | 4bWw7cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCx0ZXh0L |
-| | | | 3htbDtxPTEuMDt2ZXJ |
-| | | | zaW9uPTIuMA==>`__\ |
-| | | | application/Void+ |
-| | | | xml;q=1.0;charset= |
-| | | | utf-8;version=2.0, |
-| | | | text/xml;q=1.0;ver |
-| | | | sion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | DELETE | /authz/ns/:ns/admi | Remove an Admin |
-| | | n/:id | from a Namespace |
-| | | | |
-| | | | Remove an Identity |
-| | | | :id from the list |
-| | | | of Admins for the |
-| | | | Namespace :ns |
-| | | | |
-| | | | Note: :id must be |
-| | | | fully qualified |
-| | | | |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | ns : string |
-| | | | (Required) |
-| | | | |
-| | | | id : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | qc29uO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsYXBwb |
-| | | | GljYXRpb24vanNvbjt |
-| | | | xPTEuMDt2ZXJzaW9uP |
-| | | | TIuMCwqLyo7cT0xLjA |
-| | | | =>`__\ application |
-| | | | /Void+json;q=1.0;c |
-| | | | harset=utf-8;versi |
-| | | | on=2.0,application |
-| | | | /json;q=1.0;versio |
-| | | | n=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | 4bWw7cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCx0ZXh0L |
-| | | | 3htbDtxPTEuMDt2ZXJ |
-| | | | zaW9uPTIuMA==>`__\ |
-| | | | application/Void+ |
-| | | | xml;q=1.0;charset= |
-| | | | utf-8;version=2.0, |
-| | | | text/xml;q=1.0;ver |
-| | | | sion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | DELETE | /authz/ns/:ns/attr | delete an |
-| | | ib/:key | Attribute from a |
-| | | | Namespace |
-| | | | |
-| | | | Delete an |
-| | | | attribute in the |
-| | | | Namespace |
-| | | | |
-| | | | You must be given |
-| | | | direct permission |
-| | | | for key by AAF |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | ns : string |
-| | | | (Required) |
-| | | | |
-| | | | key : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | qc29uO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsYXBwb |
-| | | | GljYXRpb24vanNvbjt |
-| | | | xPTEuMDt2ZXJzaW9uP |
-| | | | TIuMCwqLyo7cT0xLjA |
-| | | | =>`__\ application |
-| | | | /Void+json;q=1.0;c |
-| | | | harset=utf-8;versi |
-| | | | on=2.0,application |
-| | | | /json;q=1.0;versio |
-| | | | n=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | 4bWw7cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCx0ZXh0L |
-| | | | 3htbDtxPTEuMDt2ZXJ |
-| | | | zaW9uPTIuMA==>`__\ |
-| | | | application/Void+ |
-| | | | xml;q=1.0;charset= |
-| | | | utf-8;version=2.0, |
-| | | | text/xml;q=1.0;ver |
-| | | | sion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | POST | /authz/ns/:ns/attr | Add an Attribute |
-| | | ib/:key/:value | from a Namespace |
-| | | | |
-| | | | Create an |
-| | | | attribute in the |
-| | | | Namespace |
-| | | | |
-| | | | You must be given |
-| | | | direct permission |
-| | | | for key by AAF |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | ns : string |
-| | | | (Required) |
-| | | | |
-| | | | key : string |
-| | | | (Required) |
-| | | | |
-| | | | value : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 201 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406, 409 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | qc29uO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsYXBwb |
-| | | | GljYXRpb24vanNvbjt |
-| | | | xPTEuMDt2ZXJzaW9uP |
-| | | | TIuMCwqLyo7cT0xLjA |
-| | | | =>`__\ application |
-| | | | /Void+json;q=1.0;c |
-| | | | harset=utf-8;versi |
-| | | | on=2.0,application |
-| | | | /json;q=1.0;versio |
-| | | | n=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | 4bWw7cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCx0ZXh0L |
-| | | | 3htbDtxPTEuMDt2ZXJ |
-| | | | zaW9uPTIuMA==>`__\ |
-| | | | application/Void+ |
-| | | | xml;q=1.0;charset= |
-| | | | utf-8;version=2.0, |
-| | | | text/xml;q=1.0;ver |
-| | | | sion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | PUT | /authz/ns/:ns/attr | update an |
-| | | ib/:key/:value | Attribute from a |
-| | | | Namespace |
-| | | | |
-| | | | Update Value on an |
-| | | | existing attribute |
-| | | | in the Namespace |
-| | | | |
-| | | | You must be given |
-| | | | direct permission |
-| | | | for key by AAF |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | ns : string |
-| | | | (Required) |
-| | | | |
-| | | | key : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | qc29uO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsYXBwb |
-| | | | GljYXRpb24vanNvbjt |
-| | | | xPTEuMDt2ZXJzaW9uP |
-| | | | TIuMCwqLyo7cT0xLjA |
-| | | | =>`__\ application |
-| | | | /Void+json;q=1.0;c |
-| | | | harset=utf-8;versi |
-| | | | on=2.0,application |
-| | | | /json;q=1.0;versio |
-| | | | n=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | 4bWw7cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCx0ZXh0L |
-| | | | 3htbDtxPTEuMDt2ZXJ |
-| | | | zaW9uPTIuMA==>`__\ |
-| | | | application/Void+ |
-| | | | xml;q=1.0;charset= |
-| | | | utf-8;version=2.0, |
-| | | | text/xml;q=1.0;ver |
-| | | | sion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | POST | /authz/ns/:ns/resp | Add a Responsible |
-| | | onsible/:id | Identity to a |
-| | | | Namespace |
-| | | | |
-| | | | Add an Identity |
-| | | | :id to the list of |
-| | | | Responsibles for |
-| | | | the Namespace :ns |
-| | | | |
-| | | | Note: :id must be |
-| | | | fully qualified |
-| | | | |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | ns : string |
-| | | | (Required) |
-| | | | |
-| | | | id : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 201 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406, 409 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | qc29uO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsYXBwb |
-| | | | GljYXRpb24vanNvbjt |
-| | | | xPTEuMDt2ZXJzaW9uP |
-| | | | TIuMCwqLyo7cT0xLjA |
-| | | | =>`__\ application |
-| | | | /Void+json;q=1.0;c |
-| | | | harset=utf-8;versi |
-| | | | on=2.0,application |
-| | | | /json;q=1.0;versio |
-| | | | n=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | 4bWw7cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCx0ZXh0L |
-| | | | 3htbDtxPTEuMDt2ZXJ |
-| | | | zaW9uPTIuMA==>`__\ |
-| | | | application/Void+ |
-| | | | xml;q=1.0;charset= |
-| | | | utf-8;version=2.0, |
-| | | | text/xml;q=1.0;ver |
-| | | | sion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | DELETE | /authz/ns/:ns/resp | Remove a |
-| | | onsible/:id | Responsible |
-| | | | Identity from |
-| | | | Namespace |
-| | | | |
-| | | | Remove an Identity |
-| | | | :id to the list of |
-| | | | Responsibles for |
-| | | | the Namespace :ns |
-| | | | |
-| | | | Note: :id must be |
-| | | | fully qualified |
-| | | | |
-| | | | |
-| | | | Note: A namespace |
-| | | | must have at least |
-| | | | 1 responsible |
-| | | | party |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | ns : string |
-| | | | (Required) |
-| | | | |
-| | | | id : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | qc29uO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsYXBwb |
-| | | | GljYXRpb24vanNvbjt |
-| | | | xPTEuMDt2ZXJzaW9uP |
-| | | | TIuMCwqLyo7cT0xLjA |
-| | | | =>`__\ application |
-| | | | /Void+json;q=1.0;c |
-| | | | harset=utf-8;versi |
-| | | | on=2.0,application |
-| | | | /json;q=1.0;versio |
-| | | | n=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVm9pZCt |
-| | | | 4bWw7cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCx0ZXh0L |
-| | | | 3htbDtxPTEuMDt2ZXJ |
-| | | | zaW9uPTIuMA==>`__\ |
-| | | | application/Void+ |
-| | | | xml;q=1.0;charset= |
-| | | | utf-8;version=2.0, |
-| | | | text/xml;q=1.0;ver |
-| | | | sion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/ns/attrib/: | get Ns Key List |
-| | | key | From Attribute |
-| | | | |
-| | | | Read Attributes |
-| | | | for Namespace |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | key : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vS2V5cyt |
-| | | | qc29uO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsYXBwb |
-| | | | GljYXRpb24vanNvbjt |
-| | | | xPTEuMDt2ZXJzaW9uP |
-| | | | TIuMCwqLyo7cT0xLjA |
-| | | | =>`__\ application |
-| | | | /Keys+json;q=1.0;c |
-| | | | harset=utf-8;versi |
-| | | | on=2.0,application |
-| | | | /json;q=1.0;versio |
-| | | | n=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vS2V5cyt |
-| | | | 4bWw7cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCx0ZXh0L |
-| | | | 3htbDtxPTEuMDt2ZXJ |
-| | | | zaW9uPTIuMA==>`__\ |
-| | | | application/Keys+ |
-| | | | xml;q=1.0;charset= |
-| | | | utf-8;version=2.0, |
-| | | | text/xml;q=1.0;ver |
-| | | | sion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/nss/:id | Return Information |
-| | | | about Namespaces |
-| | | | |
-| | | | Lists the |
-| | | | Admin(s), |
-| | | | Responsible |
-| | | | Party(s), Role(s), |
-| | | | Permission(s) |
-| | | | |
-| | | | Credential(s) and |
-| | | | Expiration of |
-| | | | Credential(s) in |
-| | | | Namespace :id |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | id : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNzK2p |
-| | | | zb247cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCxhcHBsa |
-| | | | WNhdGlvbi9qc29uO3E |
-| | | | 9MS4wO3ZlcnNpb249M |
-| | | | i4wLCovKjtxPTEuMA= |
-| | | | =>`__\ application |
-| | | | /Nss+json;q=1.0;ch |
-| | | | arset=utf-8;versio |
-| | | | n=2.0,application/ |
-| | | | json;q=1.0;version |
-| | | | =2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNzK3h |
-| | | | tbDtxPTEuMDtjaGFyc |
-| | | | 2V0PXV0Zi04O3ZlcnN |
-| | | | pb249Mi4wLHRleHQve |
-| | | | G1sO3E9MS4wO3ZlcnN |
-| | | | pb249Mi4w>`__\ app |
-| | | | lication/Nss+xml;q |
-| | | | =1.0;charset=utf-8 |
-| | | | ;version=2.0,text/ |
-| | | | xml;q=1.0;version= |
-| | | | 2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/nss/admin/: | Return Namespaces |
-| | | user | where User is an |
-| | | | Admin |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNzK2p |
-| | | | zb247cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCxhcHBsa |
-| | | | WNhdGlvbi9qc29uO3E |
-| | | | 9MS4wO3ZlcnNpb249M |
-| | | | i4wLCovKjtxPTEuMA= |
-| | | | =>`__\ application |
-| | | | /Nss+json;q=1.0;ch |
-| | | | arset=utf-8;versio |
-| | | | n=2.0,application/ |
-| | | | json;q=1.0;version |
-| | | | =2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNzK3h |
-| | | | tbDtxPTEuMDtjaGFyc |
-| | | | 2V0PXV0Zi04O3ZlcnN |
-| | | | pb249Mi4wLHRleHQve |
-| | | | G1sO3E9MS4wO3ZlcnN |
-| | | | pb249Mi4w>`__\ app |
-| | | | lication/Nss+xml;q |
-| | | | =1.0;charset=utf-8 |
-| | | | ;version=2.0,text/ |
-| | | | xml;q=1.0;version= |
-| | | | 2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/nss/childre | Return Child |
-| | | n/:id | Namespaces |
-| | | | |
-| | | | Lists all Child |
-| | | | Namespaces of |
-| | | | Namespace :id |
-| | | | |
-| | | | Note: This is not |
-| | | | a cached read |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | id : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNzK2p |
-| | | | zb247cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCxhcHBsa |
-| | | | WNhdGlvbi9qc29uO3E |
-| | | | 9MS4wO3ZlcnNpb249M |
-| | | | i4wLCovKjtxPTEuMA= |
-| | | | =>`__\ application |
-| | | | /Nss+json;q=1.0;ch |
-| | | | arset=utf-8;versio |
-| | | | n=2.0,application/ |
-| | | | json;q=1.0;version |
-| | | | =2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNzK3h |
-| | | | tbDtxPTEuMDtjaGFyc |
-| | | | 2V0PXV0Zi04O3ZlcnN |
-| | | | pb249Mi4wLHRleHQve |
-| | | | G1sO3E9MS4wO3ZlcnN |
-| | | | pb249Mi4w>`__\ app |
-| | | | lication/Nss+xml;q |
-| | | | =1.0;charset=utf-8 |
-| | | | ;version=2.0,text/ |
-| | | | xml;q=1.0;version= |
-| | | | 2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/nss/either/ | Return Namespaces |
-| | | :user | where User Admin |
-| | | | or Owner |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNzK2p |
-| | | | zb247cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCxhcHBsa |
-| | | | WNhdGlvbi9qc29uO3E |
-| | | | 9MS4wO3ZlcnNpb249M |
-| | | | i4wLCovKjtxPTAuOA= |
-| | | | =>`__\ application |
-| | | | /Nss+json;q=1.0;ch |
-| | | | arset=utf-8;versio |
-| | | | n=2.0,application/ |
-| | | | json;q=1.0;version |
-| | | | =2.0,\*/\*;q=0.8 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNzK3h |
-| | | | tbDtxPTEuMDtjaGFyc |
-| | | | 2V0PXV0Zi04O3ZlcnN |
-| | | | pb249Mi4wLHRleHQve |
-| | | | G1sO3E9MS4wO3ZlcnN |
-| | | | pb249Mi4w>`__\ app |
-| | | | lication/Nss+xml;q |
-| | | | =1.0;charset=utf-8 |
-| | | | ;version=2.0,text/ |
-| | | | xml;q=1.0;version= |
-| | | | 2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/nss/respons | Return Namespaces |
-| | | ible/:user | where User is |
-| | | | Responsible |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNzK2p |
-| | | | zb247cT0xLjA7Y2hhc |
-| | | | nNldD11dGYtODt2ZXJ |
-| | | | zaW9uPTIuMCxhcHBsa |
-| | | | WNhdGlvbi9qc29uO3E |
-| | | | 9MS4wO3ZlcnNpb249M |
-| | | | i4wLCovKjtxPTEuMA= |
-| | | | =>`__\ application |
-| | | | /Nss+json;q=1.0;ch |
-| | | | arset=utf-8;versio |
-| | | | n=2.0,application/ |
-| | | | json;q=1.0;version |
-| | | | =2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vTnNzK3h |
-| | | | tbDtxPTEuMDtjaGFyc |
-| | | | 2V0PXV0Zi04O3ZlcnN |
-| | | | pb249Mi4wLHRleHQve |
-| | | | G1sO3E9MS4wO3ZlcnN |
-| | | | pb249Mi4w>`__\ app |
-| | | | lication/Nss+xml;q |
-| | | | =1.0;charset=utf-8 |
-| | | | ;version=2.0,text/ |
-| | | | xml;q=1.0;version= |
-| | | | 2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| USER | GET | /authn/basicAuth | Is given BasicAuth |
-| | | | valid? |
-| | | | |
-| | | | !!!! DEPRECATED |
-| | | | without X509 |
-| | | | Authentication |
-| | | | STOP USING THIS |
-| | | | API BY DECEMBER |
-| | | | 2017, or use |
-| | | | Certificates !!!! |
-| | | | Use |
-| | | | /authn/validate |
-| | | | instead Note: |
-| | | | Validate a |
-| | | | Password using |
-| | | | BasicAuth Base64 |
-| | | | encoded Header. |
-| | | | This HTTP/S call |
-| | | | is intended as a |
-| | | | fast User/Password |
-| | | | lookup for |
-| | | | Security |
-| | | | Frameworks, and |
-| | | | responds 200 if it |
-| | | | passes BasicAuth |
-| | | | security, and 403 |
-| | | | if it does not. |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | text/plain |
-+--------------------+--------------------+--------------------+--------------------+
-| | POST | /authn/validate | Is given |
-| | | | Credential valid? |
-| | | | |
-| | | | Validate a |
-| | | | Credential given a |
-| | | | Credential |
-| | | | Structure. This is |
-| | | | a more |
-| | | | comprehensive |
-| | | | validation, can do |
-| | | | more than |
-| | | | BasicAuth as |
-| | | | Credential types |
-| | | | exp |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403 |
-| | | | |
-| | | | ContentType: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vQ3JlZFJ |
-| | | | lcXVlc3QranNvbjtxP |
-| | | | TEuMDtjaGFyc2V0PXV |
-| | | | 0Zi04O3ZlcnNpb249M |
-| | | | i4wLGFwcGxpY2F0aW9 |
-| | | | uL2pzb247cT0xLjA7d |
-| | | | mVyc2lvbj0yLjAsKi8 |
-| | | | qO3E9MS4w>`__\ app |
-| | | | lication/CredReque |
-| | | | st+json;q=1.0;char |
-| | | | set=utf-8;version= |
-| | | | 2.0,application/js |
-| | | | on;q=1.0;version=2 |
-| | | | .0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vQ3JlZFJ |
-| | | | lcXVlc3QreG1sO3E9M |
-| | | | S4wO2NoYXJzZXQ9dXR |
-| | | | mLTg7dmVyc2lvbj0yL |
-| | | | jAsdGV4dC94bWw7cT0 |
-| | | | xLjA7dmVyc2lvbj0yL |
-| | | | jA=>`__\ applicati |
-| | | | on/CredRequest+xml |
-| | | | ;q=1.0;charset=utf |
-| | | | -8;version=2.0,tex |
-| | | | t/xml;q=1.0;versio |
-| | | | n=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/users/:user | Get if User is In |
-| | | /:role | Role |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlcnM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MS4 |
-| | | | w>`__\ application |
-| | | | /Users+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlcnM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Users |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/users/perm/ | Get Users By |
-| | | :type/:instance/:a | Permission |
-| | | ction | |
-| | | | List all Users |
-| | | | that have |
-| | | | Permission |
-| | | | specified by :type |
-| | | | :instance :action |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | type : string |
-| | | | (Required) |
-| | | | |
-| | | | instance : string |
-| | | | (Required) |
-| | | | |
-| | | | action : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlcnM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MS4 |
-| | | | w>`__\ application |
-| | | | /Users+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=1.0 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlcnM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Users |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-| | GET | /authz/users/role/ | Get Users By Role |
-| | | :role | |
-| | | | Returns the User |
-| | | | (with Expiration |
-| | | | date from listed |
-| | | | User/Role) if it |
-| | | | exists |
-| | | | |
-| | | | -------------- |
-| | | | |
-| | | | Parameters |
-| | | | |
-| | | | user : string |
-| | | | (Required) |
-| | | | |
-| | | | role : string |
-| | | | (Required) |
-| | | | |
-| | | | Expected HTTP Code |
-| | | | |
-| | | | 200 |
-| | | | |
-| | | | Explicit HTTP |
-| | | | Error Codes |
-| | | | |
-| | | | 403, 404, 406 |
-| | | | |
-| | | | Accept: |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlcnM |
-| | | | ranNvbjtxPTEuMDtja |
-| | | | GFyc2V0PXV0Zi04O3Z |
-| | | | lcnNpb249Mi4wLGFwc |
-| | | | GxpY2F0aW9uL2pzb24 |
-| | | | 7cT0xLjA7dmVyc2lvb |
-| | | | j0yLjAsKi8qO3E9MC4 |
-| | | | y>`__\ application |
-| | | | /Users+json;q=1.0; |
-| | | | charset=utf-8;vers |
-| | | | ion=2.0,applicatio |
-| | | | n/json;q=1.0;versi |
-| | | | on=2.0,\*/\*;q=0.2 |
-| | | | |
-| | | | ` <./example/YXBwb |
-| | | | GljYXRpb24vVXNlcnM |
-| | | | reG1sO3E9MS4wO2NoY |
-| | | | XJzZXQ9dXRmLTg7dmV |
-| | | | yc2lvbj0yLjAsdGV4d |
-| | | | C94bWw7cT0xLjA7dmV |
-| | | | yc2lvbj0yLjA=>`__\ |
-| | | | application/Users |
-| | | | +xml;q=1.0;charset |
-| | | | =utf-8;version=2.0 |
-| | | | ,text/xml;q=1.0;ve |
-| | | | rsion=2.0 |
-+--------------------+--------------------+--------------------+--------------------+
-
++--------------------+--------------------+--------------------+---------------------------------------------------+
+| Entity | Method | Path Info | Description |
++====================+====================+====================+===================================================+
+| PERMISSION | POST | /authz/perm | Create a Permission |
+| | | | Permission consists of: |
+| | | | - type - a Namespace qualified identifier |
+| | | | specifying what kind of resource is being |
+| | | | protected |
+| | | | - instance - a key, possibly multi-dimensional |
+| | | | that identifies a specific instance of the |
+| | | | type |
+| | | | - action - what kind of action is allowed |
+| | | | Note: instance and action can be an \* |
+| | | | Expected HTTP Code |
+| | | | 201 |
+| | | | Explicit HTTP Error Codes |
+| | | | 403, 404, 406, 409 |
++--------------------+--------------------+--------------------+---------------------------------------------------+
+| | PUT | /authz/perm | Set Description for Permission |
+| | | | Add Description Data to Perm |
+| | | | Expected HTTP Code |
+| | | | 200 |
+| | | | Explicit HTTP Error Codes |
+| | | | 404, 406 |
++--------------------+--------------------+--------------------+---------------------------------------------------+
+| | DELETE | /authz/perm | Delete a Permission |
+| | | | Delete the Permission referenced by PermKey. |
+| | | | You cannot normally delete a permission which |
+| | | | is still granted to roles, however the |
+| | | | "force" property allows you to do just that. To |
+| | | | do this: Add |
+| | | | 'force=true' as a query parameter. |
+| | | | **WARNING**: Using force will ungrant this |
+| | | | permission from all roles. Use with care. |
+| | | | Expected HTTP Code |
+| | | | 200 |
+| | | | Explicit HTTP Error Codes |
+| | | | 404, 406 |
++--------------------+--------------------+--------------------+---------------------------------------------------+
+| | DELETE | /authz/perm/:name/ | Delete a Permission |
+| | | :type/:action | Delete the Permission referenced by :type |
+| | | | :instance: action |
+| | | | You cannot normally delete a permission which |
+| | | | is still granted to roles, however the |
+| | | | "force" property allows you to do |
+| | | | just that. To do this: Add 'force=true' as a |
+| | | | query parameter |
+| | | | |
+| | | | WARNING: Using force will ungrant this permission |
+| | | | from all roles. Use with care. |
+| | | | ------------------------------------------------- |
+| | | | Parameters |
+| | | | type : string (Required) |
+| | | | instance : string (Required) |
+| | | | action : string (Required) |
+| | | | Expected HTTP Code |
+| | | | 200 |
+| | | | Explicit HTTP Error Codes |
+| | | | 404, 406 |
++--------------------+--------------------+--------------------+---------------------------------------------------+
+| | PUT | /authz/perm/:type/ | Update a Permission |
+| | | :instance/:action | Rename the Permission referenced by |
+| | | | :type :instance :action, and rename |
+| | | | (copy/delete) to the Permission described in |
+| | | | PermRequest |
+| | | | ----------------------------------------------- |
+| | | | Parameters |
+| | | | type : string (Required) |
+| | | | instance : string (Required) |
+| | | | action : string (Required) |
+| | | | Expected HTTP Code |
+| | | | 200 |
+| | | | Explicit HTTP Error Codes |
+| | | | 404, 406 ,409 |
++--------------------+--------------------+--------------------+---------------------------------------------------+
+| | GET | /authz/perms/:type | Get Permissions by Type |
+| | | | |
+| | | | List All Permissions that match the :type |
+| | | | element of the key |
+| | | | ------------------------------------------------- |
+| | | | Parameters |
+| | | | type : string (Required) |
+| | | | Expected HTTP Code |
+| | | | 200 |
+| | | | Explicit HTTP Error Codes |
+| | | | 404, 406 |
++--------------------+--------------------+--------------------+---------------------------------------------------+
+| | GET | /authz/perms/:type | Get Permissions by Key |
+| | | /:instance/:action | List Permissions that match key; |
+| | | | :type, :instance and :action |
+| | | | --------------------------------------------------|
+| | | | Parameters |
+| | | | type : string (Required) |
+| | | | instance : string (Required) |
+| | | | action : string (Required) |
+| | | | Expected HTTP Code |
+| | | | 200 |
+| | | | Explicit HTTP Error Codes |
+| | | | 404, 406 |
++--------------------+--------------------+--------------------+---------------------------------------------------+
+| | GET | /authz/perms/ns/:n | Get PermsByNS |
+| | | s | List All Permissions that are in Namespace :ns |
+| | | | --------------------------------------------------|
+| | | | Parameters |
+| | | | type : ns (Required) |
+| | | | Expected HTTP Code |
+| | | | 200 |
+| | | | Explicit HTTP Error Codes |
+| | | | 404, 406 |
++--------------------+--------------------+--------------------+---------------------------------------------------+
+| | GET | /authz/perms/role/ | Get Permissions by Role |
+| | | :role | List All Permissions that are granted to :role |
+| | | | --------------------------------------------------|
+| | | | Parameters |
+| | | | role : string (Required) |
+| | | | Expected HTTP Code |
+| | | | 200 |
+| | | | Explicit HTTP Error Codes |
+| | | | 404, 406 |
++--------------------+--------------------+--------------------+---------------------------------------------------+
+| | POST | /authz/perms/user/ | Get Permissions by User, Query AAF Perms |
+| | | :user | |
+| | | | List All Permissions that match user :user |
+| | | | |
+| | | | 'user' must be expressed as full |
+| | | | identity (ex: id@full.domain.com) |
+| | | | Present Queries as one or more Permissions (see |
+| | | | ContentType Links below for format). If the |
+| | | | Caller is Granted this specific Permission, and |
+| | | | the Permission is valid for the User, it will be |
+| | | | included in response permissions,along with all |
+| | | | the normal permissions on the 'GET' version of |
+| | | | this call. If it is not valid,or caller does not |
+| | | | permission to see, it will be removed from the |
+| | | | list. |
+| | | | \*Note: This design allows you to make one call |
+| | | | for all expected permissions |
+| | | | |
+| | | | The permission to be included MUST be: |
+| | | | .access\|:[:key]\| |
+| | | | |
+| | | | examples: |
+| | | | |
+| | | | com.att.myns.access|:ns|write |
+| | | | com.att.myns.access\|:role:myrole\|create |
+| | | | com.att.myns.access\|:perm:mytype:myinstance: |
+| | | | myaction\|read |
+| | | | --------------------------------------------------|
+| | | | Parameters |
+| | | | user:string(Required) |
+| | | | Expected HTTP Code |
+| | | | 200 |
+| | | | Explicit HTTP Error Codes |
+| | | | 404, 406 |
++--------------------+--------------------+--------------------+---------------------------------------------------+
+| | GET | /authz/perms/user/ | Get Permissions by User |
+| | | :user | |
+| | | | List All Permissions that match user :user |
+| | | | 'user' must be expressed as full |
+| | | | identity (ex:id@full.domain.com) |
+| | | | --------------------------------------------------|
+| | | | Parameters |
+| | | | user:string(Required) |
+| | | | Expected HTTP Code |
+| | | | 200 |
+| | | | Explicit HTTP Error Codes |
+| | | | 404, 406 |
++--------------------+--------------------+--------------------+---------------------------------------------------+
+| ROLE | POST | /authz/role | Create Role |
+| | | | |
+| | | | Roles are part of Namespaces |
+| | | | Examples: |
+| | | | |
+| | | | - com.att.aaf - The team that created and |
+| | | | maintains AAF |
+| | | | |
+| | | | Roles do not include implied permissions for an |
+| | | | App. Instead, they contain explicit Granted |
+| | | | Permissions by any Namespace in AAF |
+| | | | Restrictions on Role Names: |
+| | | | - Must start with valid Namespace name, |
+| | | | terminated by .(dot/period) |
+| | | | - Allowed Characters are a-zA-Z0-9._- |
+| | | | - role names are Case Sensitive |
+| | | | Expected HTTP Code |
+| | | | 201 |
+| | | | Explicit HTTP Error Codes |
+| | | | 403, 404, 406, 409 |
++--------------------+--------------------+--------------------+---------------------------------------------------+
+| | PUT | /authz/role | Set Description for role |
+| | | | Add Description Data to a Role |
+| | | | Expected HTTP Code |
+| | | | 200 |
+| | | | Explicit HTTP Error Codes |
+| | | | 404, 406 |
++--------------------+--------------------+--------------------+---------------------------------------------------+