- 09 Apr 2024
- 4 Minutes to read
- Print
- DarkLight
- PDF
User List
- Updated on 09 Apr 2024
- 4 Minutes to read
- Print
- DarkLight
- PDF
The User List API call is an open-ended question for a specific Asset. It returns the list of users, their associated attributes and which action they are allowed to perform on a specific Asset.
Note: The User List end point is used primarily for reporting data. There are time and amount constraints based on your identity sources.
Notice
When accessing the Authorization APIs, the URL base/prefix, according to your PlainID PDP Location- United States Cloud PDP - `https://tenant-name.us1.plainid.io`
- Canadian Cloud PDP - `https://tenant-name.ca1.plainid.io`
- European Cloud PDP - `https://tenant-name.eu1.plainid.io`
- Local PAA - `https://your-paa.acme.local`
For more information on which Asset Types to use with your PAA or Cloud PDP, refer to Managing Asset Types.
{
"clientId": "string",
"clientSecret": "string",
"asset": {
"resourceType": "Account US",
"path": "Transfer US 5000",
"actions": [
"Access"
],
"assetAttributes": {
"attribute_1": [
"string"
],
"attribute_2": [
"string"
]
}
},
"contextData": {
"string": [
"string"
]
},
"environment": {
"string": [
"string"
]
},
"remoteIp": "string",
"timeZoneOffset": 0.0,
"entityTypes": [
"string"
],
"includeContext": false,
"includeAccessPolicy": false,
"includeAsset": false,
"includeInActiveIdentities": false,
"includeIdentityAttributes": false,
"accessTokenFormat": "JSON",
"useCache": true,
"calculateCorrelationAttributes": [
"string"
]
}
Client ID of the Scope
Client Secret ID of the Scope
Asset Template ID (required)
Unique Identifier of the Asset (required)
Name of the Action (optional)
(optional)
Identity Context data for this request.
When specifying this parameter, you are requesting information based on a specific parameter and its value.
For example, Location where the contextData equals a specific branch.
If not defined, Dynamic groups based on context data will not be considered in the Access Decision.
Environmental parameters need to be defined in policies as request.
If not defined, parameters based on environmental data will not be considered in the Access Decision.
IP address to be used when validating a policy. Ensure that your IP Ranges are correct based on an IP calculator. If not defined, the IP considered in the calculation is taken from the X-Forwarded-For (Request header). If not defined,the IP considered in the calculation is taken from the X-Forwarded-For (Request header).
To define the offset from UTC time zone.
Used in Time Condition.
Because the full payload of the response can be very large, this parameter enables you to decrease the payload size by including a list of Identity Types and their attributes, that will return in the response.
If not specified, all identities from all Identity Types will be included in the response.
Show/hide the context data in the response.
Show/hide the name of the Policy in the response that has granted the specified access.
Show/hide the external id of the Policy in the response that granted the specified access.
Show/hide the asset attribute of the assets from the request.
Show/hide the inactive users in the response.
Show/hide the identity attribute of the identity in the response.
Determines the format of the response – whether JSON
, JWT
, or StandardJWT
.
The attribute will deter-mine if the response will consider the cache settings or override the cache and perform a full calculation.
Provides the ability to present the attribute that is responsible for the investigated access, based on defined correlation attributes. according to the
· entityType
· entityAttribute
· resourceAttribute
These operational filters should affect the Runtime behavior and results by applying additional filtering which is not directly related to Authorization logic.
Input your sourceID/s here. For information on where to locate the sourceID, check out Managing Attribute Sources in our documentation.
For information on where to locate the sourceID, check out Managing Attribute Sources in our documentation.
For more information on where to locate attributes, see Managing Identity Attributes.
OK
{
"response": [
{
"action": "Access",
"entities": [
{
"entityType": "bank_users",
"uid": "UX-12349"
},
{
"entityType": "bank_users",
"uid": "UX-12348"
},
{
"entityType": "bank_users",
"uid": "UX-12347"
},
{
"entityType": "bank_users",
"uid": "UX-12346"
},
{
"entityType": "bank_users",
"uid": "UX-12345"
}
]
},
{
"action": "TestAction",
"entities": []
}
]
}
{
"response": [
{
"action": "Access",
"entities": [
{
"entityType": "bank_users",
"uid": "UX-12349",
"attributes": {
"uid": [
"UX-12349"
],
"location": [
"Alabama"
],
"department": [
"Mortgage"
],
"branch": [
"vitae nisl"
]
}
},
{
"entityType": "bank_users",
"uid": "UX-12348",
"attributes": {
"uid": [
"UX-12348"
],
"location": [
"Alabama"
],
"department": [
"Loans"
],
"branch": [
"varius integer"
]
}
},
{
"entityType": "bank_users",
"uid": "UX-12347",
"attributes": {
"uid": [
"UX-12347"
],
"location": [
"Alabama"
],
"department": [
"Savings"
],
"branch": [
"egestas metus"
]
}
},
{
"entityType": "bank_users",
"uid": "UX-12346",
"attributes": {
"uid": [
"UX-12346"
],
"location": [
"Alabama"
],
"department": [
"Mortgage"
],
"branch": [
"ac est"
]
}
},
{
"entityType": "bank_users",
"uid": "UX-12345",
"attributes": {
"uid": [
"UX-12345"
],
"location": [
"Alabama"
],
"department": [
"Savings"
],
"branch": [
"sapien quis"
]
}
}
]
},
{
"action": "TestAction",
"entities": []
}
]
}
{
"response": [
{
"action": "Access",
"entities": [
{
"entityType": "bank_users",
"uid": "UX-12349",
"permissions": {
"permission": [
"Manage consumers accounts in branch"
],
"permissionId": [
"p1"
]
}
},
{
"entityType": "bank_users",
"uid": "UX-12348",
"permissions": {
"permission": [
"Manage consumers accounts in branch"
],
"permissionId": [
"p1"
]
}
},
{
"entityType": "bank_users",
"uid": "UX-12347",
"permissions": {
"permission": [
"Manage consumers accounts in branch"
],
"permissionId": [
"p1"
]
}
},
{
"entityType": "bank_users",
"uid": "UX-12346",
"permissions": {
"permission": [
"Manage consumers accounts in branch"
],
"permissionId": [
"p1"
]
}
},
{
"entityType": "bank_users",
"uid": "UX-12345",
"permissions": {
"permission": [
"Manage consumers accounts in branch"
],
"permissionId": [
"p1"
]
}
}
]
},
{
"action": "TestAction",
"entities": []
}
]
}
Asset Template ID (required)
Unique Identifier of the Asset (required)
(optional)
Basic Request - 400 - Bad Request
{}
Unauthorized
Forbidden
Not Found
Internal Server Error
Not Implemented