Community Support Portal YouTube Start a free trial

Access Controls

PreviousAPI Reference NextGroup Assignments

Was this helpful?

Retrieving all access controls

get

Retrieves all access controls available for the tenant. The results can be filtered by using query parameters. You can expand the result by resolving the role and resource references.

Required scopes

iam.access_read

Authorizations

Path parameters

tenantstring · min: 3 · max: 16Required

Your Emporix tenant's name.

Note: The tenant name should always be written in lowercase.

Pattern: ^[a-z][a-z0-9]+$

Query parameters

pageNumberinteger · min: 1Optional

Page number to be retrieved. The number of the first page is 1.

Default: 1

pageSizeinteger · min: 1Optional

Number of items to be retrieved per page.

Default: 60

metadataModifiedAtstringOptional

Search by given resources that contain the metadata.modifiedAt date field with a date later than the specified value. The format is as follows: ''yyyy-MM-dd''.

Example: 2022-01-01

roleIdstringOptional

Search by access controls with the roleId field equal to the specified value.

Example: 1rl5e52e-6e27-4ac5-9471-2467d3fb7503

resourceIdstringOptional

Search by the id of a given resource.

expandstring · enumOptional

Adds expanded resource and/or role objects to the response.

Example: role,resourcePossible values:

Header parameters

X-Total-CountbooleanOptional

Flag indicating whether the total number of retrieved items should be returned.

Default: falseExample: true

Accept-LanguagestringOptional

List of language codes acceptable for the response. You can specify factors that indicate which language should be retrieved if the one with a higher factor was not found in the localized fields. If the value is specified, then it must be present in the tenant configuration.

If the header is set to a particular language or a list of languages, all localized fields are retrieved as strings.
If the header is set to *, all localized fields are retrieved as maps of translations, where the keys are language codes and values are the fields in their respective languages.
If the header is empty, localized fields are retrieved in the default language defined in the Configuration Service.

Responses

200

The request was successful. A list of access controls is returned.

application/json

400

Unsupported language provided.

application/json

401

Given request is unauthorized - the authorization token is invalid or has expired. It usually means that tenant from the token does not match tenant from path.

application/json

403

Scope validation failed, details will be provided in response message

application/json

get

GET /iam/{tenant}/access-controls HTTP/1.1
Host: api.emporix.io
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

[
  {
    "id": "I981dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
    "roleId": "Z843dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
    "resourceId": "S843dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
    "name": {
      "en": "Example name",
      "de": "Beispielname"
    },
    "role": {
      "id": "Z843dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
      "name": {
        "en": "Example name",
        "de": "Beispielname"
      },
      "description": {
        "en": "Example role description",
        "de": "Beispiel Berechtigungsbeschreibung"
      },
      "permissions": [
        {
          "id": "F243dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
          "applicablePermissionResources": [
            "Q1233dc9e-a3f6-4573-bb01-a8ae21d2d43g"
          ]
        },
        {
          "id": "F343dc9e-a3f6-4573-bb01-a8ae21d2d4ae"
        }
      ],
      "metadata": {
        "version": 1,
        "createdAt": "2022-01-04 10:44:51.871Z",
        "modifiedAt": "2022-01-05 12:44:51.456Z"
      }
    },
    "resource": {
      "id": "S843dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
      "name": {
        "en": "Example name",
        "de": "Beispielname"
      },
      "description": {
        "en": "Example resource description",
        "de": "Beispiel Domainbeschreibung 2"
      },
      "code": "serviceName.resource",
      "metadata": {
        "version": 1,
        "createdAt": "2022-01-04 10:44:51.871Z",
        "modifiedAt": "2022-01-05 12:44:51.456Z"
      }
    },
    "metadata": {
      "version": 1,
      "createdAt": "2019-08-24T14:15:22Z",
      "modifiedAt": "2019-08-24T14:15:22Z"
    }
  },
  {
    "id": "PO43dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
    "roleId": "Rvsf43dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
    "resourceId": "L343dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
    "name": {
      "en": "Example name 2",
      "de": "Beispielname 2"
    },
    "role": {
      "id": "Rvsf43dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
      "name": {
        "en": "Example name 2",
        "de": "Beispielname 2"
      },
      "description": {
        "en": "Example role description 2",
        "de": "Beispiel Berechtigungsbeschreibung 2"
      },
      "permissions": [
        {
          "id": "M243dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
          "applicablePermissionResources": [
            "N943dc9e-a3f6-4573-bb01-a8ae21d2d43g"
          ]
        },
        {
          "id": "Z243dc9e-a3f6-4573-bb01-a8ae21d2d4ae"
        }
      ],
      "metadata": {
        "version": 1,
        "createdAt": "2022-01-04 10:44:51.871Z",
        "modifiedAt": "2022-01-05 12:44:51.456Z"
      }
    },
    "resource": {
      "id": "L343dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
      "name": {
        "en": "Example name 2",
        "de": "Beispielname 2"
      },
      "description": {
        "en": "Example resource description 2",
        "de": "Beispiel Domainbeschreibung 2"
      },
      "code": "serviceName.resource",
      "metadata": {
        "version": 1,
        "createdAt": "2022-01-04 10:44:51.871Z",
        "modifiedAt": "2022-01-05 12:44:51.456Z"
      }
    },
    "metadata": {
      "version": 1,
      "createdAt": "2019-08-24T14:15:22Z",
      "modifiedAt": "2019-08-24T14:15:22Z"
    }
  }
]

Retrieving an access control

get

Retrieves details of a specified access control. You can expand the result by resolving the role and resource references.

Required scopes

iam.access_read

Authorizations

Path parameters

tenantstring · min: 3 · max: 16Required

Your Emporix tenant's name.

Note: The tenant name should always be written in lowercase.

Pattern: ^[a-z][a-z0-9]+$

accessControlIdstringRequired

Unique identifier of an access control, generated when the access control is created.

Example: 084bcaf6-66b8-4ddd-9489-65c5f6449e94

Query parameters

expandstring · enumOptional

Adds expanded resource and/or role objects to the response.

Example: role,resourcePossible values:

Header parameters

Accept-LanguagestringOptional

If the header is set to a particular language or a list of languages, all localized fields are retrieved as strings.
If the header is set to *, all localized fields are retrieved as maps of translations, where the keys are language codes and values are the fields in their respective languages.
If the header is empty, localized fields are retrieved in the default language defined in the Configuration Service.

Responses

200

The request was successful. Access control details are returned.

application/json

400

Unsupported language provided.

application/json

401

Given request is unauthorized - the authorization token is invalid or has expired. It usually means that tenant from the token does not match tenant from path.

application/json

403

Scope validation failed, details will be provided in response message

application/json

404

Given resources cannot be found.

application/json

get

GET /iam/{tenant}/access-controls/{accessControlId} HTTP/1.1
Host: api.emporix.io
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

{
  "id": "I981dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
  "roleId": "Z843dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
  "resourceId": "S843dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
  "name": {
    "en": "Example name",
    "de": "Beispielname"
  },
  "role": {
    "id": "Z843dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
    "name": {
      "en": "Example name",
      "de": "Beispielname"
    },
    "description": {
      "en": "Example role description",
      "de": "Beispiel Berechtigungsbeschreibung"
    },
    "permissions": [
      {
        "id": "F243dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
        "applicablePermissionResources": [
          "Q1233dc9e-a3f6-4573-bb01-a8ae21d2d43g"
        ]
      },
      {
        "id": "F343dc9e-a3f6-4573-bb01-a8ae21d2d4ae"
      }
    ],
    "metadata": {
      "version": 1,
      "createdAt": "2022-01-04 10:44:51.871Z",
      "modifiedAt": "2022-01-05 12:44:51.456Z"
    }
  },
  "resource": {
    "id": "S843dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
    "name": {
      "en": "Example name",
      "de": "Beispielname"
    },
    "description": {
      "en": "Example resource description",
      "de": "Beispiel Domainbeschreibung 2"
    },
    "code": "serviceName.resource",
    "metadata": {
      "version": 1,
      "createdAt": "2022-01-04 10:44:51.871Z",
      "modifiedAt": "2022-01-05 12:44:51.456Z"
    }
  },
  "scopes": [
    "resource.resource_permission"
  ],
  "metadata": {
    "version": 1,
    "createdAt": "2019-08-24T14:15:22Z",
    "modifiedAt": "2019-08-24T14:15:22Z"
  }
}