#%RAML 0.8 title: Authorization API baseUri: "https://api.covapp.io/authz/v2" protocols: [HTTPS] schemas: - resourceReference: | { "id" : "http://api.covisint.com/schema/resourceReference", "$schema" : "http://json-schema.org/draft-04/schema", "description" : "Schema representing links", "type" : "object", "properties" : { "id" : { "type" : "string", "description" : "The unique identifier for the resource." }, "type" : { "type" : "string", "description" : "The type of the resource." }, "realm" : { "type" : "string", "description" : "The realm of the resource." } } , "required":[ "id" ] } - namedResourceReference: | { "id" : "http://api.covisint.com/schema/namedScopedResource", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Expands on the basic resource reference and adds internationalized name and description.", "extends" : { "$ref" : "http://api.covisint.com/schema/resourceReference#" }, "properties" : { "name" : { "description": "Internationalized resource name.", "$ref" : "http://api.covisint.com/idm/schema/internationalString#" }, "description" : { "description": "Internationalized resource description.", "$ref" : "http://api.covisint.com/idm/schema/internationalString#" } } } - resource: | { "id" : "http://api.covisint.com/schema/resource", "$schema" : "http://json-schema.org/draft-04/schema", "description" : "Core schema", "definitions" : { "resource" : { "id" : "resource", "type" : "object", "description" : "A basic resource.", "properties" : { "id" : { "type" : "string", "maxLength" : 64, "description" : "The unique identifier for this resource." }, "version": { "type" : "number", "minimum" : 0, "maximum" : 9223372036854775807, "description" : "The current version for this resource. Exists once the resource has been saved. This is mandatory for PUT requests, but should not be supplied for POST requests." }, "creator" : { "type" : "string", "maxLength" : 64, "description" : "The creator of this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor header.", "readonly": true }, "creatorAppId" : { "type" : "string", "maxLength" : 64, "description" : "The id of the application used to create this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor-app header.", "readonly": true }, "creation" : { "type" : "number", "minimum" : 0, "maximum" : 9223372036854775807, "description" : "This read only property is ignored by the server and the system will overlay with the time, in milliseconds since the epoch, when this resource was created.", "readonly": true } } , "required":[ "id", "creator", "creatorAppId", "creation" ] } } } - resourceV2: | { "id" : "http://api.covisint.com/schema/resourceV2", "$schema" : "http://json-schema.org/draft-04/schema", "description" : "Core schema", "definitions" : { "resource" : { "id" : "resourceV2", "type" : "object", "description" : "A basic resource (version V2).", "properties" : { "id" : { "type" : "string", "maxLength" : 64, "description" : "The unique identifier for this resource." }, "version": { "type" : "string", "description" : "The current version for this resource. Exists once the resource has been saved. This is mandatory for PUT requests, but should not be supplied for POST requests." }, "creator" : { "type" : "string", "maxLength" : 64, "description" : "The creator of this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor header.", "readonly": true }, "creatorAppId" : { "type" : "string", "maxLength" : 64, "description" : "The id of the application used to create this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor-app header.", "readonly": true }, "creation" : { "type" : "number", "minimum" : 0, "maximum" : 9223372036854775807, "description" : "This read only property is ignored by the server and the system will overlay with the time, in milliseconds since the epoch, when this resource was created.", "readonly": true } } , "required":[ "id", "creator", "creatorAppId", "creation" ] } } } - realmScopedResource: | { "id" : "http://api.covisint.com/schema/realmScopedResource", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Expands on the base resource and adds a realm attribute.", "extends" : { "$ref" : "http://api.covisint.com/schema/resource#" }, "properties" : { "realm" : { "type" : "string", "maxLength" : 25, "pattern" : "^[A-Za-z0-9]{2,25}$", "description" : "The realm in which this resource is being created. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-realm header.", "readonly": true } } , "required":[ "realm" ] } - realmScopedResourceV2: | { "id" : "http://api.covisint.com/schema/realmScopedResourceV2", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A realm scoped resource (version V2). Expands on the base resource (version V2) and adds a realm attribute.", "extends" : { "$ref" : "http://api.covisint.com/schema/resourceV2#" }, "properties" : { "realm" : { "type" : "string", "maxLength" : 25, "pattern" : "^[A-Za-z0-9]{2,25}$", "description" : "The realm in which this resource is being created. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-realm header.", "readonly": true } } , "required":[ "realm" ] } - errorResponseSchema: | { "id" : "http://api.covisint.com/schema/errorResponseSchema", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Representation of an HTTP 4xx/5xx error response.", "properties" : { "status" : { "type" : "number", "minimum" : 400, "maximum" : 599, "description" : "The HTTP status code." }, "apiMessage" : { "type" : "string", "description" : "A helpful, human-readable description of the error, useful for basic diagnostics." }, "apiStatusCode" : { "type" : "string", "description" : "The API-specific status code." } } , "required":[ "status" ] } - serviceCode: | { "id" : "http://api.covisint.com/schema/serviceCodes", "$schema" : "http://json-schema.org/draft-04/schema", "type": "object", "description": "The site/service/location codes granted along with a service.", "properties": { "code": { "type": "string", "maxLength": 200, "description": "The code value." }, "codeKind": { "type": "string", "maxLength": 36, "description": "The associated business unit." } } , "required":[ "code", "codeKind" ] } - serviceCodes: | { "type" : "array", "description" : "The site/service/location codes granted along with the service, if any.", "items" : { "$ref" : "http://api.covisint.com/schema/serviceCode#"}, "required": false } - address: | { "id" : "http://api.covisint.com/idm/schema/address", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A container for the subject's address elements.", "properties" : { "streets" : { "type" : "array", "description" : "An array of address streets (i.e. address line 1, 2, 3).", "minItems" : 0, "items" : { "type" : "string", "maxLength" : 255 } }, "city" : { "type" : "string", "maxLength" : 60, "description" : "The city name." }, "state" : { "type" : "string", "maxLength" : 60, "description" : "The state/province name or code." }, "postal" : { "type" : "string", "maxLength" : 10, "description" : "The postal or zip code." }, "country" : { "type" : "string", "minLength" : 2, "maxLength" : 3, "description" : "The ISO country code. http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2"} } } - phone: | { "id" : "http://api.covisint.com/idm/schema/phone", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A container for phone number details.", "properties" : { "number" : { "type" : "string","maxLength" : 100, "description" : "The phone number." }, "type" : { "enum" : [ "main", "mobile", "fax" ], "description" : "The phone number type." } }, "required" : [ "type" ] } - internationalString: | { "id": "http://api.covisint.com/idm/schema/internationalString", "$schema": "http://json-schema.org/draft-04/schema", "type": "array", "description" : "An internationalized string value, supporting one or more language translations.", "minItems": 1, "items": { "type": "object", "properties": { "lang": { "type": "string", "maxLength": 10, "description": "The language or locale in which the text is written." }, "text": { "type": "string", "maxLength": 2000, "description": "The internationalized text value." } } } } - tags: | { "id": "http://api.covisint.com/idm/schema/tag", "$schema": "http://json-schema.org/draft-04/schema", "type": "array", "description" : "The tags associated with a resource. This array is read-only, and may be modified on the resource endpoint with the appropriate tagging APIs.", "minItems": 1, "items": { "type": "object", "properties": { "tagName": { "type": "string", "description": "The tag associated with a resource." } } } } - baseDefinitionResource: | { "id" : "http://api.covisint.com/schema/baseDefinitionResource", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A base rule definition(version V1). Expands on the base resource (version V2) and adds a realm attribute.", "extends": { "$ref" : "http://api.covisint.com/schema/realmScopedResourceV2#" }, "properties": { "name": { "description": "The application name (internationalized).", "$ref": "http://api.covisint.com/schema/internationalString#" }, "description": { "description": "The application description (internationalized).", "$ref" : "http://api.covisint.com/idm/schema/internationalString#" }, "properties":{ "type":"array", "description":"Properties used by the implementation.", "minItems":0, "items":[ { "anyOf": [ { "type": "string", "description": "The name of the property." }, { "type": "string", "description": "The value of the property." } ] } ] } , "required":[ "items" ] } , "required":[ "name" ] } - baseActionDefinitionResource: | { "id" : "http://api.covisint.com/schema/baseActionDefinitionResource", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A base action action definition. Expands on the base definition resource ", "extends": { "$ref" : "http://api.covisint.com/schema/baseDefinitionResource#" }, "properties": { "type": { "description": "Type of action definition.", "enum": [ "SEND_APPLICATION_NOTIFICATION", "SEND_COMMAND", "SEND_NOTIFICATION" ], "required": true } } , "required":[ "type" ] } - baseTriggerDefinitionResource: | { "id" : "http://api.covisint.com/schema/baseTriggerDefinitionResource", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A base action trigger definition. Expands on the base definition resource ", "extends": { "$ref" : "http://api.covisint.com/schema/baseDefinitionResource#" }, "properties": { "type": { "description": "Type of trigger definition.", "enum": [ "DEVICE_SEND_EVENT", "DEVICE_LIFECYCLE_STATE_CHANGE", "DEVICE_OPERATIONAL_STATE_CHANGE" ] } } , "required":[ "type" ] } - dataType: | { "id" : "http://api.covisint.com/schema/dataType", "$schema" : "http://json-schema.org/draft-04/schema", "description" : "Data type enum.", "enum":[ "string", "integer", "bool", "decimal" ] } - attribute: | { "id" : "http://api.covisint.com/schema/attribute", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "An attribute.", "properties" : { "oneOf" : [ { "attributeTypeId" : { "type" : "string", "description" : "The attribute type id." } }, { "attributeType" : { "description" : "The full attribute type definition.", "$ref" : "http://api.covisint.com/schema/attributeType#" } } ], "value" : { "type" : "any", "description" : "The attribute value." } } , "required":[ "attributeTypeId" ] } - attributes: | { "id" : "http://api.covisint.com/schema/attributes", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "array", "description" : "Collection of attributes.", "items" : { "$ref" : "http://api.covisint.com/schema/attribute#" } } - expression: | { "id" : "http://api.covisint.com/schema/expression#", "$schema" : "http://json-schema.org/draft-04/schema", "description" : "The DSL for defining conditional expressions.", "oneOf" : [ { "type" : "object", "properties" : { "any" : { "type" : "array", "description" : "An aggregate expression representing an 'any' condition.", "items" : { "$ref" : "http://api.covisint.com/schema/expression#" } } } }, { "type" : "object", "properties" : { "all" : { "type" : "array", "description" : "An aggregate expression representing an 'all' condition.", "items" : { "$ref" : "http://api.covisint.com/schema/expression#" } } } }, { "type" : "object", "description" : "A simple leaf-node expression. The format of this expression is: '(f:, v:())'. The supported expressions are: equal, notEqual, startsWith, endsWith, matches, greaterThan, greaterThanOrEqual, lessThan, lessThanOrEqual. The field name can be a simple field name i.e. 'id' or hierarchical field name using dot-notation like 'resource.id' / 'resource.tag[0]' . The value corresponding to the field name provided should always be a simple data type and cannot be an array or an object.", "properties" : { "expr" : { "type" : "string" } } , "required":[ "expr" ] } ] } - authorizationRequest: | { "id" : "http://api.covisint.com/schema/authorizationRequest/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema respresenting an authorization request.", "properties" : { "subject": { "description": "The subject requesting the authorization.", "$ref": "http://api.covisint.com/schema/resourceReference#", "properties":{ "type" : { "enum": [ "PERSON", "DEVICE" ] } } , "required": [ "type" ] }, "resource": { "description": "The resource for which authorization is requested.", "$ref": "http://api.covisint.com/schema/resourceReference#", "properties":{ "type" : { "enum": [ "PERSON", "DEVICE" ] } } }, "action": { "type": "string", "description": "The requested action." }, "environmentAttributes": { "type": "array", "description": "The environment context attributes.", "items": { "type": "object", "properties": { "name": { "type": "string" , "description": "The environment attribute name." }, "value": { "type": "string" , "description": "The environment attribute value." } } , "required": [ "name", "value" ] } } } , "required": [ "subject", "resource", "action" ] } - authorizationResponse: | { "id" : "http://api.covisint.com/schema/authorizationResponse/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema respresenting an authorization response.", "properties" : { "instant" : { "type" : "number", "description" : "The time, in milliseconds since the epoch, when the authorization took place." }, "authorizationRequest": { "description": "The authorization request associated with this response.", "$ref": "http://api.covisint.com/schema/authorizationRequest/v1#" }, "authorizationResult" : { "type" : "string", "enum" : [ "PERMIT", "DENY", "INDETERMINATE", "NOT_APPLICABLE" ], "description" : "The status of the authorization request." } } } - authorizationPolicy: | { "id" : "http://api.covisint.com/schema/authorization/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema respresenting an authorization policy resource.", "extends" : { "$ref" : "http://api.covisint.com/schema/realmScopedResourceV2#" }, "properties" : { "name": { "description": "The authorization policy name (internationalized).", "$ref": "http://api.covisint.com/idm/schema/internationalString#" }, "description": { "description": "The authorization policy description (internationalized).", "$ref": "http://api.covisint.com/idm/schema/internationalString#" }, "active":{ "type" : "boolean", "description": "Indicates whether this authorization policy is active. Defaults to false.", "default": false }, "subjectTypes": { "type": "array", "minItems": 1, "description": "The subject types associated with this authorization policy. The type ANY indicates that this authorization policy can be evaluated for any subject type, and it cannot be combined with other subject types for a policy.", "items": { "type": "string" }, "enum": ["PERSON", "DEVICE", "ANY"] }, "resourceTypes": { "type": "array", "minItems": 1, "description": "The resource types associated with this authorization policy. The type ANY indicates that this authorization policy can be evaluated for any resource type, and it cannot be combined with other subject types for a policy.", "items": { "type": "string" }, "enum": ["PERSON", "DEVICE", "ANY"] }, "actions": { "type": "array", "minItems": 1, "description": "The actions that this authorization policy can be evaluated against. An action ANY indicated that this authorization policy can be evaluated for any action, and it cannot be combined with other actions for a policy.", "items": { "type": "string" } }, "script": { "type": "string", "minLength": 1, "description": "The base64 encoded authorization javascript that will perform the actual evaluation logic." }, "policyVersion": { "type": "string", "description": "The unique version of authorization policy which should be in format X.X.X e.g. 0.0.3" }, "creationDate": { "type": "string", "description": "The date and time when policy is created" } } , "required": [ "name", "subjectTypes", "resourceTypes", "actions", "script", "policyVersion" ] } - policyManifest: | { "id" : "http://api.covisint.com/schema/authorization/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema respresenting a policy manifest resource.", "extends" : { "$ref" : "http://api.covisint.com/schema/resourceV2#" }, "properties" : { "pipUrl": { "type": "string", "minLength": 1, "description": "The policy information point service url associated with this policy manifest." } } , "required": [ "pipUrl" ] } - pipMetadata: | { "id" : "http://api.covisint.com/schema/pipMetadata/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema respresenting a policy information point metadata.", "properties" : { "metadata" : { "type" : "object", "description" : "The metadata associated with a resource type." } } } traits: - secured: displayName: secured - unsecured: displayName: unsecured - getResponse: displayName: getResponse - getSearchResponse: displayName: getSearchResponse - postResponse: displayName: postResponse - deleteResponse: displayName: deleteResponse - putResponse: displayName: putResponse - putResponseV2: displayName: putResponseV2 - putCreateResponse: displayName: putCreateResponse - taskResponse: displayName: taskResponse - pagableRequest: displayName: pagableRequest - taggable: displayName: taggable - sortable: displayName: sortable - searchable: displayName: searchable /authorizationPolicies: description: Collection endpoint for authorization policies. is: [secured] get: description: "Search authorization policies.[Since:1.0][Flow-name:authorization-search-policies]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authorization.policy.v1+json, application/vnd.com.covisint.platform.authorization.policy.v1+protobuf Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk queryParameters: id: description: Retrieve authorization policies with the specified id. Multiple parameters are supported and the search results will be a union. type: string required: false repeat: false name: description: Retrieve authorization policies with the specified name. Multiple parameters are supported and the search results will be a union. type: string required: false repeat: false description: description: Retrieve authorization policies with the specified description. Multiple parameters are supported and the search results will be a union. type: string required: false repeat: false active: description: Retrieve the active/inactive authorization policies. type: boolean required: false repeat: false action: description: Retrieve the authorization policies with the specified action. Multiple parameters are supported and the search results will be a union. type: string required: false repeat: false subjectType: description: Retrieve the authorization policies with the specified subject type. Multiple parameters are supported and the search results will be a union. type: string required: false repeat: false resourceType: description: Retrieve the authorization policies with the specified resource type. Multiple parameters are supported and the search results will be a union. type: string required: false repeat: false sortBy: description: Sort the search results. type: string required: false repeat: false enum: [+creation, "-creation"] page: description: Which page to return in the paginated results. The first page is page 1. type: integer required: false repeat: false minimum: 1 default: 1 pageSize: description: How many items per page in the paginated results. type: integer required: false repeat: false minimum: 1 maximum: 2E+2 default: 50 responses: "200": description: All authorization policies that satisfy the query parameters were successfully retrieved (response collection may be empty). body: application/vnd.com.covisint.platform.authorization.policy.v1+json: schema: authorizationPolicy application/vnd.com.covisint.platform.authorization.policy.v1+protobuf: schema: authorizationPolicy "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getSearchResponse, pagableRequest] post: description: "Create a new authorization policy.[Since:1.0][Flow-name:authorization-create-policy]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authorization.policy.v1+json, application/vnd.com.covisint.platform.authorization.policy.v1+protobuf Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk body: application/vnd.com.covisint.platform.authorization.policy.v1+json: schema: authorizationPolicy application/vnd.com.covisint.platform.authorization.policy.v1+protobuf: schema: authorizationPolicy responses: "201": description: The authorization policy was successfully created. body: application/vnd.com.covisint.platform.authorization.policy.v1+json: schema: authorizationPolicy application/vnd.com.covisint.platform.authorization.policy.v1+protobuf: schema: authorizationPolicy "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:data:invalid - The following information should not be part of the resource: {resourceFieldName} + framework:resource:data:illegal - The following information was illegal from the resource: {fieldSpecificError(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + authorization.policy.invalid.subject.type.combination - The type ANY should not be used in combination with other types + authorization.policy.invalid.resource.type.combination - The type ANY should not be used in combination with other types + authorization.policy.invalid.action.combination - The action ANY should not be used in combination with other actions + authorization.policy.invalid.action - The action ANY is allowed only for a default policy + authorization.policy.duplicate - Duplicate policy. Authorization policies are already present for the following [subject, resource, action] - {combinations} + authorization.policy.script.invalid.base64.encoded - The authorization policy script is not Base64 encoded + authorization.policy.script.syntax.error - The authorization policy script has a syntax error + authorization.policy.script.error - The authorization script has an error. {scriptSpecificError(s)} + authorization.invalid.subject.type - The supported types are [{subjectTypes}] + authorization.invalid.resource.type - The supported types are [{resourceTypes}] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [postResponse] /{authorizationPolicyId}: description: Endpoint for an individual authorization policy. uriParameters: authorizationPolicyId: description: The authorization policy id. type: string required: true repeat: false is: [secured] get: description: "Returns an authorization policy by its unique identifier. [Since:1.0][Flow-name:authorization-get-policy]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authorization.policy.v1+json, application/vnd.com.covisint.platform.authorization.policy.v1+protobuf Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk responses: "200": description: The requested authorization policy was found and is returned in the response body. body: application/vnd.com.covisint.platform.authorization.policy.v1+json: schema: authorizationPolicy application/vnd.com.covisint.platform.authorization.policy.v1+protobuf: schema: authorizationPolicy "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] put: description: "Updates an authorization policy.[Since:1.0][Flow-name:authorization-update-policy]" headers: Accept: description: Media type type: string required: true repeat: false example: application/vnd.com.covisint.platform.authorization.policy.v1+json, application/vnd.com.covisint.platform.authorization.policy.v1+protobuf Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk body: application/vnd.com.covisint.platform.authorization.policy.v1+json: schema: authorizationPolicy application/vnd.com.covisint.platform.authorization.policy.v1+protobuf: schema: authorizationPolicy responses: "200": description: The authorization policy was successfully updated. body: application/vnd.com.covisint.platform.authorization.policy.v1+json: schema: authorizationPolicy application/vnd.com.covisint.platform.authorization.policy.v1+protobuf: schema: authorizationPolicy "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:data:invalid - The following information should not be part of the resource: {resourceFieldName} + framework:resource:data:illegal - The following information was illegal from the resource: {fieldSpecificError(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + authorization.policy.invalid.subject.type.combination - The type ANY should not be used in combination with other types + authorization.policy.invalid.resource.type.combination - The type ANY should not be used in combination with other types + authorization.policy.invalid.action.combination - The action ANY should not be used in combination with other actions + authorization.policy.invalid.action - The action ANY is allowed only for a default policy + authorization.policy.duplicate - Duplicate policy. Authorization policies are already present for the following [subject, resource, action] - {combinations} + authorization.policy.script.invalid.base64.encoded - The authorization policy script is not Base64 encoded + authorization.policy.script.syntax.error - The authorization policy script has a syntax error + authorization.policy.script.error - The authorization script has an error. {scriptSpecificError(s)} + authorization.invalid.subject.type - The supported types are [{subjectTypes}] + authorization.invalid.resource.type - The supported types are [{resourceTypes}] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "409": description: | There is a conflict in identifying the resource being acted on. The unique identifier in the URL and body are different. + framework:resource:conflict + framework:resource:conflict:id - The ID of the resource in the request, {requestedId}, does not match the ID of the given resource, {resourceId} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [putResponseV2] delete: description: "Deletes an authorization policy.[Since:1.0][Flow-name:authorization-delete-policy]" headers: Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk responses: "204": description: The authorization policy was successfully deleted. "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [deleteResponse] /tasks/activate: description: Authorization policy activation endpoint. is: [secured] post: description: "Activates the specified authorization policy.[Since:1.0][Flow-name:authorization-task-activate-policy]" headers: Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk responses: "204": description: Authorization policy was sucessfully activated. "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:resource:missing - A resource with the following ID was not found: {resourceId} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /tasks/deactivate: description: Authorization policy deactivation endpoint. is: [secured] post: description: "Deactivates the specified authorization policy.[Since:1.0][Flow-name:authorization-task-deactivate-policy]" headers: Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk responses: "204": description: Authorization policy was sucessfully deactivated. "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:resource:missing - A resource with the following ID was not found: {resourceId} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema