Contents x
    Policy Resolution
    • 09 Apr 2024
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Policy Resolution

    • Updated on 09 Apr 2024
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Get
    /api/runtime/resolution/v3

    The Policy Resolution API enables you to create your own enforcement points when need to support access to large amounts of data (SQL, search engines, big data, etc.) or enforcement need to be done by another system/platform. It is designed to answer questions like: "What access filters need to be set up for a specific user to access an asset?". The response is expected to show the logical filtering of data and/or the list of allowed data items for the user.

    Notice

    When accessing the Authorization APIs, the URL base/prefix, according to your PlainID PDP Location
  • United States Cloud PDP - `https://tenant-name.us1.plainid.io`
  • Canadian Cloud PDP - `https://tenant-name.ca1.plainid.io`
  • European Cloud PDP - `https://tenant-name.eu1.plainid.io`
  • Local PAA Agent - `https://your-paa.acme.local`

    • For more information on which Asset Types to use with your PAA or Cloud PDP, refer to Managing Asset Types.
    Query parameters
    entityId
    string

    Unique identifier of the Identity

    clientId
    string

    Client ID of the Scope

    clientSecret
    string

    Client Secret ID of the Scope

    entityTypeId
    string

    Identity Template ID

    remoteIp
    string

    IP address to be used when validating a policy. Ensure that your IP Ranges are correct based on an IP calculator. If not defined, the IP considered in the calculation is taken from the X-Forwarded-For (Request header). If not defined,the IP considered in the calculation is taken from the X-Forwarded-For (Request header).

    includeIdentity
    string

    Show/hide the identity attribute of the identity in the response.

    includeAssetAttributes
    string

    Show/hide the asset attribute of the assets in the response.

    resourceTypes
    string

    Because the full payload of the response can be very large, this parameter enables you to decrease the payload size by including a list of Asset Types and their attributes, that will return in the response. If not specified, all resources from all resource types will be included.

    Responses
    200

    OK

    400

    Bad Request

    401

    Unauthorized

    403

    Forbidden

    404

    Not Found

    500

    Internal Server Error

    501

    Not Implemented

    Was this article helpful?
    What's Next