Authorization API
Authorization API
- Rohit Sinha
Owned by Rohit Sinha
Last updated: Mar 16, 2016
CLI: Security CLI commands
| Operation | REST API | Body | Response |
|---|---|---|---|
| grant | POST /security/authorization/grant | GrantRequest {
"entity": {
"namespace": "ns1",
"entity": "NAMESPACE"
},
"principal": {
"name": "admin",
"type": "ROLE"
},
"actions": [
"READ"
]
}
| 200: Granted the action on the entity for the principal |
| revoke | POST /security/authorization/revoke | RevokeRequest {
"entity": {
"namespace": "ns1",
"entity": "NAMESPACE"
},
"principal": {
"name": "admin",
"type": "ROLE"
},
"actions": [
"READ"
]
}
| 200: Revoked the actions on the entity for the principal |
| Role Based Access Control | |||
| create role | PUT /security/authorization/roles/<role-name> | N/A | 200: Created the role 409: role already exists |
| delete role | DELETE /security/authorization/roles/<role-name> | N/A | 200: Deleted the role 404: role is not found |
| List roles | GET /security/authorization/roles/ | N/A | 200: List of roles Roles ["Role", "Role2"] |
| add role to principal | PUT /security/authorization/<principal-type>/<principal-name>/roles/<role-name> |
| 200: Added role to principal 404: role not found 404: principal not found |
| remove role from principal | DELETE /security/authorization/<principal-type>/<principal-name>/roles/<role-name> |
| 200: removed role from principal 404: role not found 404: principal not found |
| List roles for principal | GET /security/authorization/<principal-type>/<principal-name>/roles | N/A | 200: List of roles Roles ["Role", "Role2"] 404: Principal not found |
| List privileges for role | GET /security/authorization/roles/<role-name>/privileges | N/A | 200: List of privileges for the role Privileges ["Privilege1", "Privilege2"] 404: role not found Privilege /**
* Represents a privilege granted to a {@link Principal user}, {@link Principal group} or a role. It determines * if the user or group can perform a given {@link Action} on an
* {@link EntityId}. It also determines if this privilege also gives the user or group the permission to grant * the same privilege to other users or groups.
*/
public class Privilege {
private final EntityId entity;
private final Action action;
private final boolean withGrantOption;
}
|
, multiple selections available,
Related content
Authorization
Authorization
More like this
Authorization Policies
Authorization Policies
More like this
Authorization policies
Authorization policies
More like this
Authorization - CDAP 3.4
Authorization - CDAP 3.4
More like this
no authorization REST endpoints after 4.3
no authorization REST endpoints after 4.3
More like this
Java Client API
Java Client API
Read with this
Created in 2020 by Google Inc.