This API is designed to support CREATE and UPDATE operations to the indicated Environment. An import operation occurs when a new identityAttributeId is used. An update operation occurs if the identityTemplateId already exists or templateId already in use.
Notice
Accessing the APIs is through a dedicated domain/URL, according to your PlainID Tenant LocationUsing HTML Encoded Special Characters
Use HTML encoded patterns when working with values that contain special characters like spaces, dashes, etc. Refer to this HTML URL Encoding Reference for a full list.
Important note about headers
Refer to the headers below to modify your cURL sample. Check if the following headers are in the sample, if not, ensure you add it to your cURL sample before pasting into your API tool.
Headers
*Required| Header | Value | cURL Line |
|---|---|---|
| Accept | `application/json` | `-H "Accept:application/json"` |
| Content-Type | `application/json` | `-H "Content-Type:application/json"` |
cURL Sample Guidelines
In order for the relevant parameters to appear in the cURL sample, you can input the values in the interactive API console on the right. They will then appear in the cURL sample on the bottom of the page in the correct format.
For more details about Administration API Authentication, check out the Authentication APIs documentation. Provide your bearer token in the Authorization header when making requests to protected resources. Example: Authorization: Bearer 123
The Environment ID can be found under the Details Tab in the Environment Settings.
Identity Workspace ID. This can be found in your Identity Workspace Settings under Workspace ID.
Identity Template to import.
{
"templateId": "CaCIdentity",
"attributes": [
{
"attributeId": "userAccount",
"displayName": "userAccount",
"description": "user account id",
"type": "NUMERIC",
"isAvailableForPolicies": true,
"nameForRequest": "userAccount",
"isUsedInAccessRequest": false
},
{
"attributeId": "userRole",
"displayName": "User Role",
"description": "user role name",
"type": "STRING",
"isAvailableForPolicies": true,
"nameForRequest": "userRole",
"isUsedInAccessRequest": false
}
]
}Identity Template
A unique string for the Identity Template.
Attribute
A display name that acts as a label for your Attribute.
Attribute description.
The Attribute ID. This can be found in Identity Settings.
Attribute Data Type
Indicates if the Attribute is allowed for Policies.
Indicates if the Attribute is used in an Access Request.
The name of the Attribute as it should appear in an Authorization Request.
Successful operation
{
"templateId": "CaCIdentity",
"attributes": [
{
"attributeId": "userAccount",
"displayName": "userAccount",
"description": "user account id",
"type": "NUMERIC",
"isAvailableForPolicies": true,
"isUsedInAccessRequest": false,
"nameForRequest": "userAccount"
},
{
"attributeId": "userRole",
"displayName": "User Role",
"description": "user role name",
"type": "STRING",
"isAvailableForPolicies": true,
"isUsedInAccessRequest": false,
"nameForRequest": "userRole"
}
]
}Identity template
Identity Template
A unique string for the Identity Template.
Attribute
A display name that acts as a label for your Attribute.
Attribute description.
The Attribute ID. This can be found in Identity Settings.
Attribute Data Type
Indicates if the Attribute is allowed for Policies.
Indicates if the Attribute is used in an Access Request.
The name of the Attribute as it should appear in an Authorization Request.
Validation Error
{
"errors": [
{
"code": "EMIT-007",
"id": "EQ7CMX",
"status": "404",
"name": "IdentityAttributeUserIdCannotBeEdited",
"message": "Default Identity Template Attribute ID: [attribueKeyNew] Display name cannot be edited. Hint: Revert back to: [attribueKeyOld]"
}
]
}Response object
Unauthorized
Forbidden
Object not found
Payload Validation Error
Internal Server Error