Identity
An Object
| Note |
Parent
This Identity is contained within a Directory.
Properties
The following properties are available:
| Property | Type | Default | Read-Only | Description |
|---|---|---|---|---|
| _doc | string | No | The primary ID | |
| _system | object | No | Metadata maintained by the system | |
| authenticationEnabled | boolean | No | ||
| encryptedPassword | string | No | ||
| policyId | string | No |
Methods
The following methods are available:
- Change Password
- Check Permission
- Check Single Authority
- Check multiple Authorities
- Check multiple Permissions
- Grant Authority
- Lists Identity
- Queries for Identity
- Read ACL
- Read ACL for Principal
- Read Authorities Report
- Read Identity
- Resethistory
- Revoke Authority
- Starts an export job for this resource
- Starts an import job for this resource
- Tenants
- User
- Users
- Users
Change Password
Changes the password for an authenticated identity with optional validation of the current password
POST /directories/{directoryId}/identities/{identityId}/changepassword
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
The incoming JSON should be:
{
"password": "{new password}",
"verifyPassword": "{verify password}",
"validateCurrentPassword": false,
"currentPassword": "{current password}",
}
The current user must either be an administrator or be the owner of the identity.
The password and verifyPassword fields must match.
Current password validation is optional. If validateCurrentPassword is set to true, then the currentPassword will be validated ahead of changing the password.
Response
{}Check Permission
Checks whether one or more authorities against the specified identity are granted for a given set of users
POST /directories/{directoryId}/identities/{identityId}/permissions/{permissionId}/check
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
| permissionId | true | string | The ID of the permission |
| id | true | string |
Response
{
"$ref": "#/components/schemas/checkPermission"
}Check Single Authority
Checks whether a single authority is granted against the specified identity for the given user
POST /directories/{directoryId}/identities/{identityId}/authorities/{authorityId}/check
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
| authorityId | true | string | The ID or authority key for the authority |
| id | true | string |
Response
{
"type": "object",
"description": "Check",
"extends": "status",
"properties": {
"check": {
"type": "boolean"
},
"ok": null
}
}Check multiple Authorities
Checks whether one or more authorities against the specified identity are granted for a given set of users
POST /directories/{directoryId}/identities/authorities/check
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
Response
{
"type": "object",
"description": "Check Multiple Authorities Out",
"properties": {
"checks": {
"type": "array",
"items": {
"type": "object",
"properties": {
"permissionedId": {
"type": "string"
},
"principalId": {
"type": "string"
},
"authorityId": {
"type": "string"
},
"result": {
"type": "boolean"
}
}
}
}
}
}Check multiple Permissions
Checks whether one or more permissions against the specified identity are granted for a given set of users
POST /directories/{directoryId}/identities/permissions/check
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
Response
{
"type": "object",
"description": "Check Multiple Permissions Out",
"properties": {
"checks": {
"type": "array",
"items": {
"type": "object",
"properties": {
"permissionedId": {
"type": "string"
},
"principalId": {
"type": "string"
},
"permissionId": {
"type": "string"
},
"result": {
"type": "boolean"
}
}
}
}
}
}Grant Authority
Grants an authority against the specified identity to a given user
POST /directories/{directoryId}/identities/{identityId}/authorities/{authorityId}/grant
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
| authorityId | true | string | The ID or authority key for the authority |
| id | true | string |
Response
{
"type": "object",
"description": "Status of Operation",
"properties": {
"ok": {
"type": "boolean",
"description": "Indicates whether the operation succeeded or not"
}
}
}Lists Identity
Retrieves a list of Identity instances
GET /directories/{directoryId}/identities
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| sort | false | object | Defines how to sort fields in the result set |
| skip | false | number | Skips the result set cursor ahead the specified number of records |
| limit | false | number | Specifies the number of records to be handed back in the result set |
This method supports pagination.
Response
{
"type": "object",
"description": "Result Map",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"$ref": "#/components/schemas/resultmap_identity"
}
}
}
}Queries for Identity
Queries for instances of type Identity
POST /directories/{directoryId}/identities/query
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| sort | false | object | Defines how to sort fields in the result set |
| skip | false | number | Skips the result set cursor ahead the specified number of records |
| limit | false | number | Specifies the number of records to be handed back in the result set |
This method supports pagination.
Response
{
"type": "object",
"description": "Result Map",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"$ref": "#/components/schemas/resultmap_identity"
}
}
}
}Read ACL
Read the Access Control List for the specified identity
GET /directories/{directoryId}/identities/{identityId}/acl/list
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
Response
{
"type": "object",
"description": "Result Map of ACL entries",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"type": "object",
"properties": {
"_doc": {
"type": "string",
"title": "Principal ID"
},
"name": {
"type": "string",
"title": "Principal Name"
},
"type": {
"type": "string",
"title": "Principal Type"
},
"domainId": {
"type": "string"
},
"domainQualifiedId": {
"type": "string"
},
"domainQualifiedName": {
"type": "string"
},
"principalId": {
"type": "string",
"title": "Principal ID"
},
"userEmail": {
"type": "string"
},
"userFirstName": {
"type": "string"
},
"userLastName": {
"type": "string"
},
"authorities": {
"type": "array",
"title": "Authorities",
"items": {
"type": "string",
"title": "Authority Key"
}
}
}
}
}
}
}Read ACL for Principal
Reads the ACL for an identity and specific actor
GET /directories/{directoryId}/identities/{identityId}/acl
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
| id | true | string |
Response
{
"type": "object",
"description": "Result Map of Authority Keys",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"type": "string",
"description": "Authority Key"
}
}
}
}Read Authorities Report
Read the Authorities Report for the specified identity
POST /directories/{directoryId}/identities/{identityId}/authorities
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
Response
{
"type": "object",
"description": "Authority Report",
"properties": {
"principalId": {
"type": "object",
"properties": {
"id": {
"type": "object",
"properties": {
"role-key": {
"type": "string"
},
"principal": {
"type": "string"
},
"permissioned": {
"type": "string"
},
"inheritsFrom": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"principal": {
"type": "string"
},
"permissioned": {
"type": "string"
}
}
}
}
}
}
}
}
}Read Identity
Reads an instance of a Identity
GET /directories/{directoryId}/identities/{identityId}
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
Response
{
"type": "object",
"extends": "document",
"container": "directory",
"description": "Identity",
"properties": {
"encryptedPassword": {
"type": "string"
},
"authenticationEnabled": {
"type": "boolean"
},
"policyId": {
"type": "string"
},
"_doc": null,
"_system": null
}
}Resethistory
POST /directories/{directoryId}/identities/{identityId}/resethistory
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
Response
{}Revoke Authority
Revokes an authority against the specified identity from a given user
POST /directories/{directoryId}/identities/{identityId}/authorities/{authorityId}/revoke
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
| authorityId | true | string | The ID or authority key for the authority |
| id | true | string |
Response
{
"type": "object",
"description": "Status of Operation",
"properties": {
"ok": {
"type": "boolean",
"description": "Indicates whether the operation succeeded or not"
}
}
}Starts an export job for this resource
Starts an export job for this resource
POST /directories/{directoryId}/identities/{identityId}/export
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
| groupId | false | string | The Group ID to be assigned to the exported archive |
| artifactId | false | string | The Artifact ID to be assigned to the exported archive |
| versionId | false | string | The Version ID to be assigned to the exported archive |
| vaultId | false | string | The ID of the vault where the exported archive should be saved |
| schedule | false | string | Whether to run the job immediately or in the background (either 'synchronous' or 'asynchronous') |
Response
{
"type": "object",
"description": "Export Configuration",
"properties": {
"startDate": {
"type": "object"
},
"endDate": {
"type": "object"
},
"startChangeset": {
"type": "string"
},
"endChangeset": {
"type": "string"
},
"includeACLs": {
"type": "boolean"
},
"includeTeams": {
"type": "boolean"
},
"includeActivities": {
"type": "boolean"
},
"includeBinaries": {
"type": "boolean"
},
"includeAttachments": {
"type": "boolean"
},
"artifactDependencies": {
"type": "array",
"items": {
"type": "object"
}
},
"artifactIncludes": {
"type": "array",
"items": {
"type": "object"
}
},
"forceIncludes": {
"type": "boolean"
}
}
}Starts an import job for this resource
Starts an import job for this resource
POST /directories/{directoryId}/identities/{identityId}/import
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
| groupId | false | string | The Group ID to be assigned to the exported archive |
| artifactId | false | string | The Artifact ID to be assigned to the exported archive |
| versionId | false | string | The Version ID to be assigned to the exported archive |
| vaultId | false | string | The ID of the vault where the exported archive should be saved |
| schedule | false | string | Whether to run the job immediately or in the background (either 'synchronous' or 'asynchronous') |
Response
{
"type": "object",
"description": "Import Configuration",
"properties": {
"includeACLs": {
"type": "boolean"
},
"includeTeams": {
"type": "boolean"
},
"includeActivities": {
"type": "boolean"
},
"includeBinaries": {
"type": "boolean"
},
"includeAttachments": {
"type": "boolean"
},
"strategy": {
"type": "array",
"items": {
"type": "string"
}
},
"substitutions": {
"type": "string"
}
}
}Tenants
GET /directories/{directoryId}/identities/{identityId}/policy/tenants
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
| registrarId | false | string | The ID of the registrar |
| authorityId | false | string | The ID or authority key for the authority |
Response
{}User
GET /directories/{directoryId}/identities/{identityId}/policy/user
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
| tenantId | true | string | The ID of the tenant |
Response
{}Users
GET /directories/{directoryId}/identities/{identityId}/policy/users
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
| tenantId | false | string | The ID of the tenant |
Response
{}Users
GET /directories/{directoryId}/identities/{identityId}/users
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| directoryId | true | string | The ID of the directory |
| identityId | true | string | The ID of the identity |
Response
{}Schema
{
"type": "object",
"extends": "document",
"container": "directory",
"description": "Identity",
"properties": {
"encryptedPassword": {
"type": "string"
},
"authenticationEnabled": {
"type": "boolean"
},
"policyId": {
"type": "string"
},
"_doc": null,
"_system": null
},
"id": "identity"
}