Domain Principal
An Object
| Note |
Parent
This Domain Principal is contained within a Domain.
Properties
The following properties are available:
| Property | Type | Default | Read-Only | Description |
|---|---|---|---|---|
| _doc | string | No | The primary ID | |
| _system | object | No | Metadata maintained by the system | |
| authorities | array | No | ||
| name | string | No | ||
| type | string | No |
Methods
The following methods are available:
- Adds a principal to a group
- Check
- Check
- Check Permission
- Check Single Authority
- Check multiple Authorities
- Check multiple Permissions
- Create Domain Principal
- Delete Domain Principal
- Deletes an attachment
- Downloads a preview stream of a principal attachment
- Downloads an attachment
- Grant Authority
- Invites a user to a domain
- List Teams
- Lists Domain Principal
- Lists the attachments for a principal
- Lists the groups that a principal belongs to
- Lists the principals belonging to a group
- Query
- Read ACL
- Read ACL for Principal
- Read Authorities Report
- Read Domain Principal
- Removes a principal from a group
- Retrieves an access policy summary for a user
- Revoke Authority
- Starts an export job for this resource
- Starts an import job for this resource
- Update Domain Principal
- Uploads an attachment
- Uploads one or more attachments
Adds a principal to a group
Adds a principal to a group
POST /domains/{domainId}/principals/{principalId}/members/add
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string | |
| id | true | string |
Response
{
"type": "object",
"description": "Status of Operation",
"properties": {
"ok": {
"type": "boolean",
"description": "Indicates whether the operation succeeded or not"
}
}
}Check
POST /domains/{domainId}/principals/membership/check
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | The ID of the domain |
Response
{}Check
POST /domains/{domainId}/principals/memberships/check
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | The ID of the domain |
Response
{}Check Permission
Checks whether an actor has a permission over a principal
POST /domains/{domainId}/principals/{permissionedId}/permissions/{permissionId}/check
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | The ID of the domain |
| permissionedId | true | string | |
| permissionId | true | string | |
| id | true | string |
Response
{
"type": "object",
"description": "Check",
"extends": "status",
"properties": {
"check": {
"type": "boolean"
},
"ok": null
}
}Check Single Authority
Checks whether an actor has an authority over a principal
POST /domains/{domainId}/principals/{permissionedId}/authorities/{authorityId}/check
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| permissionedId | true | string | |
| authorityId | true | string | |
| id | true | string |
Response
{
"type": "object",
"description": "Check",
"extends": "status",
"properties": {
"check": {
"type": "boolean"
},
"ok": null
}
}Check multiple Authorities
Checks whether one or more authorities against the specified principal are granted for a given set of users
POST /domains/{domainId}/principals/authorities/check
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | The ID of the domain |
Response
{
"type": "object",
"description": "Check Multiple Authorities Out",
"properties": {
"checks": {
"type": "array",
"items": {
"type": "object",
"properties": {
"permissionedId": {
"type": "string"
},
"principalId": {
"type": "string"
},
"authorityId": {
"type": "string"
},
"result": {
"type": "boolean"
}
}
}
}
}
}Check multiple Permissions
Checks whether multiple actors have permissions over a principal
POST /domains/{domainId}/principals/permissions/check
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | The ID of the domain |
| HTTP Payload | true | string | HTTP Payload |
Response
{
"type": "object",
"description": "List of Principals to Check",
"properties": {
"results": {
"type": "array",
"items": {
"type": "object",
"properties": {
"permissionedId": {
"type": "string"
},
"principalId": {
"type": "string"
},
"permissionId": {
"type": "string"
},
"result": {
"type": "boolean"
}
}
}
}
}
}Create Domain Principal
Creates a new Domain Principal
POST /domains/{domainId}/principals
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string |
|
Response
{
"type": "object",
"description": "Status of Operation",
"properties": {
"ok": {
"type": "boolean",
"description": "Indicates whether the operation succeeded or not"
}
}
}Delete Domain Principal
Deletes an existing Domain Principal
DELETE /domains/{domainId}/principals/{principalId}
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string |
Response
{
"type": "object",
"description": "Status of Operation",
"properties": {
"ok": {
"type": "boolean",
"description": "Indicates whether the operation succeeded or not"
}
}
}Deletes an attachment
Deletes an attachment
DELETE /domains/{domainId}/principals/{principalId}/attachments/{attachmentId}
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string | |
| attachmentId | true | string |
Response
{
"type": "object",
"description": "Status of Operation",
"properties": {
"ok": {
"type": "boolean",
"description": "Indicates whether the operation succeeded or not"
}
}
}Downloads a preview stream of a principal attachment
Downloads a preview stream of a principal attachment
GET /domains/{domainId}/principals/{principalId}/preview/{name}
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string | |
| name | true | string | |
| mimetype | false | string | The mimetype to be streamed back (defaults to 'image/png') |
| size | false | number | For image mimetypes, the max width of the generated image (defaults to 64) |
| attachment | false | string | The ID of the attachment that serves as the source for the preview (default to 'default') |
| force | false | boolean | Forces the re-generation of the preview stream, even if previously saved |
| save | false | boolean | Specifies whether to save the generated preview stream as an attachment (defaults to true) |
| fallback | false | boolean | A fallback URL that should be redirected to in the event that a preview stream cannot be generated |
Response
{}Downloads an attachment
Downloads an attachment
GET /domains/{domainId}/principals/{principalId}/attachments/{attachmentId}
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string | |
| attachmentId | true | string | |
| a | false | string | If true, the 'Content-Disposition' header will be set |
Response
{}Grant Authority
Grants an authority over a principal to an actor
POST /domains/{domainId}/principals/{permissionedId}/authorities/{authorityId}/grant
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| permissionedId | true | string | |
| authorityId | true | string | |
| id | true | string |
Response
{
"type": "object",
"description": "Status of Operation",
"properties": {
"ok": {
"type": "boolean",
"description": "Indicates whether the operation succeeded or not"
}
}
}Invites a user to a domain
Invites a user to a domain
POST /domains/{domainId}/principals/invite
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| id | true | string |
Response
{
"type": "object",
"description": "Status of Operation (with ID)",
"extends": "status",
"properties": {
"_doc": {
"type": "string"
},
"ok": null
}
}List Teams
Lists the teams that a principal belongs to against a given teamable
GET /domains/{domainId}/principals/{principalId}/teams
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string | The ID of the principal |
| teamableType | true | string | |
| teamableId | true | string | |
| sort | false | object | Defines how to sort fields in the result set |
| skip | false | number | Skips the result set cursor ahead the specified number of records |
| limit | false | number | Specifies the number of records to be handed back in the result set |
Response
{
"type": "object",
"description": "Result Map",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"$ref": "#/components/schemas/resultmap_domainprincipal"
}
}
}
}Lists Domain Principal
Retrieves a list of Domain Principal instances
GET /domains/{domainId}/principals
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| groups | false | string | |
| sort | false | object | Defines how to sort fields in the result set |
| skip | false | number | Skips the result set cursor ahead the specified number of records |
| limit | false | number | Specifies the number of records to be handed back in the result set |
Response
{
"type": "object",
"description": "Result Map",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"$ref": "#/components/schemas/resultmap_domainprincipal"
}
}
}
}Lists the attachments for a principal
Lists the attachments for a principal
GET /domains/{domainId}/principals/{principalId}/attachments
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string |
Response
{
"type": "object",
"description": "Result Map",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"$ref": "#/components/schemas/resultmap_attachment"
}
}
}
}Lists the groups that a principal belongs to
Lists the groups that a principal belongs to
GET /domains/{domainId}/principals/{principalId}/memberships
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string | |
| sort | false | object | Defines how to sort fields in the result set |
| skip | false | number | Skips the result set cursor ahead the specified number of records |
| limit | false | number | Specifies the number of records to be handed back in the result set |
Response
{
"type": "object",
"description": "Result Map",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"$ref": "#/components/schemas/resultmap_domainprincipal"
}
}
}
}Lists the principals belonging to a group
Lists the principals belonging to a group
GET /domains/{domainId}/principals/{principalId}/members
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string | |
| sort | false | object | Defines how to sort fields in the result set |
| skip | false | number | Skips the result set cursor ahead the specified number of records |
| limit | false | number | Specifies the number of records to be handed back in the result set |
Response
{
"type": "object",
"description": "Result Map",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"$ref": "#/components/schemas/resultmap_domainprincipal"
}
}
}
}Query
Queries for matches
POST /domains/{domainId}/principals/query
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| groups | false | string | |
| sort | false | object | Defines how to sort fields in the result set |
| skip | false | number | Skips the result set cursor ahead the specified number of records |
| limit | false | number | Specifies the number of records to be handed back in the result set |
Response
{
"type": "object",
"description": "Result Map",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"$ref": "#/components/schemas/resultmap_domainprincipal"
}
}
}
}Read ACL
Read the Access Control List for the specified principal
GET /domains/{domainId}/principals/{permissionedId}/acl/list
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| permissionedId | true | string |
Response
{
"type": "object",
"description": "Result Map of ACL entries",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"type": "object",
"properties": {
"_doc": {
"type": "string",
"title": "Principal ID"
},
"name": {
"type": "string",
"title": "Principal Name"
},
"type": {
"type": "string",
"title": "Principal Type"
},
"domainId": {
"type": "string"
},
"domainQualifiedId": {
"type": "string"
},
"domainQualifiedName": {
"type": "string"
},
"principalId": {
"type": "string",
"title": "Principal ID"
},
"userEmail": {
"type": "string"
},
"userFirstName": {
"type": "string"
},
"userLastName": {
"type": "string"
},
"authorities": {
"type": "array",
"title": "Authorities",
"items": {
"type": "string",
"title": "Authority Key"
}
}
}
}
}
}
}Read ACL for Principal
Reads the ACL for a principal and specific actor
GET /domains/{domainId}/principals/{permissionedId}/acl
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| permissionedId | true | string | |
| id | true | string |
Response
{
"type": "object",
"description": "Result Map of Authority Keys",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"type": "string",
"description": "Authority Key"
}
}
}
}Read Authorities Report
Generates an authority report for a set of principals
POST /domains/{domainId}/principals/{permissionedId}/authorities
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| permissionedId | true | string | |
| HTTP Payload | true | string | HTTP Payload |
Response
{
"$ref": "#/components/schemas/authorityreport"
}Read Domain Principal
Reads an instance of a Domain Principal
GET /domains/{domainId}/principals/{principalId}
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string | |
| groups | false | string |
Response
{
"type": "object",
"extends": "document",
"description": "Domain Principal",
"container": "domain",
"properties": {
"name": {
"type": "string"
},
"type": {
"type": "string"
},
"authorities": {
"type": "array",
"items": {
"type": "string",
"description": "Authority Key"
}
},
"_doc": null,
"_system": null
}
}Removes a principal from a group
Removes a principal from a group
POST /domains/{domainId}/principals/{principalId}/members/remove
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string | |
| id | true | string |
Response
{
"type": "object",
"description": "Status of Operation",
"properties": {
"ok": {
"type": "boolean",
"description": "Indicates whether the operation succeeded or not"
}
}
}Retrieves an access policy summary for a user
Retrieves an access policy summary for a user
GET /domains/{domainId}/principals/{principalId}/access/policies/summary
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string | |
| scope | false | string | |
| info | false | string |
Response
{
"type": "object",
"description": "Result Map",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"$ref": "#/components/schemas/resultmap_accessPolicy"
}
}
}
}Revoke Authority
Revokes an authority over a principal from an actor
POST /domains/{domainId}/principals/{permissionedId}/authorities/{authorityId}/revoke
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| permissionedId | true | string | |
| authorityId | true | string | |
| id | true | string |
Response
{
"type": "object",
"description": "Status of Operation",
"properties": {
"ok": {
"type": "boolean",
"description": "Indicates whether the operation succeeded or not"
}
}
}Starts an export job for this resource
Starts an export job for this resource
POST /domains/{domainId}/principals/{principalId}/export
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string | |
| groupId | false | string | The Group ID to be assigned to the exported archive |
| artifactId | false | string | The Artifact ID to be assigned to the exported archive |
| versionId | false | string | The Version ID to be assigned to the exported archive |
| vaultId | false | string | The ID of the vault where the exported archive should be saved |
| schedule | false | string | Whether to run the job immediately or in the background (either 'synchronous' or 'asynchronous') |
Response
{
"type": "object",
"description": "Export Configuration",
"properties": {
"startDate": {
"type": "object"
},
"endDate": {
"type": "object"
},
"startChangeset": {
"type": "string"
},
"endChangeset": {
"type": "string"
},
"includeACLs": {
"type": "boolean"
},
"includeTeams": {
"type": "boolean"
},
"includeActivities": {
"type": "boolean"
},
"includeBinaries": {
"type": "boolean"
},
"includeAttachments": {
"type": "boolean"
},
"artifactDependencies": {
"type": "array",
"items": {
"type": "object"
}
},
"artifactIncludes": {
"type": "array",
"items": {
"type": "object"
}
},
"forceIncludes": {
"type": "boolean"
}
}
}Starts an import job for this resource
Starts an import job for this resource
POST /domains/{domainId}/principals/{principalId}/import
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string | |
| groupId | false | string | The Group ID to be assigned to the exported archive |
| artifactId | false | string | The Artifact ID to be assigned to the exported archive |
| versionId | false | string | The Version ID to be assigned to the exported archive |
| vaultId | false | string | The ID of the vault where the exported archive should be saved |
| schedule | false | string | Whether to run the job immediately or in the background (either 'synchronous' or 'asynchronous') |
Response
{
"type": "object",
"description": "Import Configuration",
"properties": {
"includeACLs": {
"type": "boolean"
},
"includeTeams": {
"type": "boolean"
},
"includeActivities": {
"type": "boolean"
},
"includeBinaries": {
"type": "boolean"
},
"includeAttachments": {
"type": "boolean"
},
"strategy": {
"type": "array",
"items": {
"type": "string"
}
},
"substitutions": {
"type": "string"
}
}
}Update Domain Principal
Updates an existing Domain Principal
PUT /domains/{domainId}/principals/{principalId}
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string |
|
Response
{
"type": "object",
"description": "Status of Operation",
"properties": {
"ok": {
"type": "boolean",
"description": "Indicates whether the operation succeeded or not"
}
}
}Uploads an attachment
Uploads an attachment
POST /domains/{domainId}/principals/{principalId}/attachments/{attachmentId}
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | |
| principalId | true | string | |
| attachmentId | true | string |
Response
{
"type": "object",
"description": "Status of Operation (with ID)",
"extends": "status",
"properties": {
"_doc": {
"type": "string"
},
"ok": null
}
}Uploads one or more attachments
Uploads one or more attachments
POST /domains/{domainId}/principals/{principalId}/attachments
Parameters
| Name | Required | Type | Description |
|---|---|---|---|
| domainId | true | string | The ID of the domain |
| principalId | true | string |
Response
{
"type": "object",
"description": "Result Map",
"properties": {
"total_rows": {
"type": "number"
},
"offset": {
"type": "number"
},
"size": {
"type": "number"
},
"rows": {
"type": "array",
"items": {
"$ref": "#/components/schemas/resultmap_attachment"
}
}
}
}Schema
{
"type": "object",
"extends": "document",
"description": "Domain Principal",
"container": "domain",
"properties": {
"name": {
"type": "string"
},
"type": {
"type": "string"
},
"authorities": {
"type": "array",
"items": {
"type": "string",
"description": "Authority Key"
}
},
"_doc": null,
"_system": null
},
"id": "principal"
}