search
Log in|Playground

Policies

get

List Policies

chevron-right
lockRequired scopes
This endpoint requires the following scopes:
Authorizations
AuthorizationstringRequired
Responses
chevron-right
200

ListPoliciesResponse contains a list of policies with entity counts.

application/json
claimRolestringOptional

Optional claim role for the policy.

createdBystringRead-onlyOptional

Email of the user who created the policy.

createdTimestampstring · date-timeRead-onlyOptional

Timestamp when the policy was created.

descriptionstringOptional

Optional description of the policy.

namestringRequired

Name of the policy.

readOnlybooleanRead-onlyOptional

Indicates if the policy is read-only (system managed).

revisionNumberinteger · int32Read-onlyOptional

Revision number for optimistic locking.

tenantUuidstringRead-onlyOptional

Tenant associated with the policy.

updatedBystringRead-onlyOptional

Email of the user who last updated the policy.

updatedTimestampstring · date-timeRead-onlyOptional

Timestamp when the policy was last updated.

uuidstringRead-onlyOptional

Unique identifier for the policy.

entityCountinteger · int64Read-onlyOptional

Number of entities (users/service accounts) this policy is applied to.

get
/api/rbac/policies/list
get

Get Policy by ID

chevron-right
lockRequired scopes
This endpoint requires the following scopes:
Authorizations
AuthorizationstringRequired
Path parameters
idstringRequired

UUID of the policy to retrieve

Responses
chevron-right
200

Add response wrapper definition ---

application/json
claimRolestringOptional

Optional claim role for the policy.

createdBystringRead-onlyOptional

Email of the user who created the policy.

createdTimestampstring · date-timeRead-onlyOptional

Timestamp when the policy was created.

descriptionstringOptional

Optional description of the policy.

namestringRequired

Name of the policy.

readOnlybooleanRead-onlyOptional

Indicates if the policy is read-only (system managed).

revisionNumberinteger · int32Read-onlyOptional

Revision number for optimistic locking.

tenantUuidstringRead-onlyOptional

Tenant associated with the policy.

updatedBystringRead-onlyOptional

Email of the user who last updated the policy.

updatedTimestampstring · date-timeRead-onlyOptional

Timestamp when the policy was last updated.

uuidstringRead-onlyOptional

Unique identifier for the policy.

get
/api/rbac/policy/{id}
put

Update Policy

chevron-right
lockRequired scopes
This endpoint requires the following scopes:
Authorizations
AuthorizationstringRequired
Path parameters
idstringRequired

UUID of the policy to update

Body
claimRolestringOptional

Optional new claim role for the policy.

currentRevisioninteger · int32Optional

The current revision number of the policy being updated (for optimistic locking).

descriptionstringOptional

Optional new description for the policy.

namestringRequired

New name for the policy.

Responses
put
/api/rbac/policy/{id}
post

Apply Policies to Users

chevron-right
lockRequired scopes
This endpoint requires the following scopes:
Authorizations
AuthorizationstringRequired
Body
emailsstring[] · min: 1Required

List of user emails to apply policies to.

overridebooleanOptional

If true, replaces existing policies; otherwise appends.

policyUUIDsstring[] · min: 1Required

List of policy UUIDs to apply.

Responses
chevron-right
200Success
application/json
post
/api/rbac/policy/apply
No content
delete

Delete Policy

chevron-right
lockRequired scopes
This endpoint requires the following scopes:
Authorizations
AuthorizationstringRequired
Path parameters
idstringRequired

UUID of the policy to delete

Responses
chevron-right
200

NoContentResponse indicates success but that no response body is expected or included.

No content
delete
/api/rbac/policy/{id}
No content
post

Create Policy

chevron-right
lockRequired scopes
This endpoint requires the following scopes:
Authorizations
AuthorizationstringRequired
Body
claimRolestringOptional

Optional claim role for the policy.

descriptionstringOptional

Optional description for the policy.

namestringRequired

Name of the policy.

Responses
post
/api/rbac/policy/create

Last updated