Contents x
    Policy List
    • 09 Apr 2024
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Policy List

    • Updated on 09 Apr 2024
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Post
    /api/runtime/policies/v3

    The Policy List API call returns for each input object the relevant policies with their meta data

    Notice

    When accessing the Authorization APIs, the URL base/prefix, according to your PlainID PDP Location
    • United States Cloud PDP - `https://tenant-name.us1.plainid.io`
    • Canadian Cloud PDP - `https://tenant-name.ca1.plainid.io`
    • European Cloud PDP - `https://tenant-name.eu1.plainid.io`
    • Local PAA - `https://your-paa.acme.local`

    For more information on which Asset Types to use with your PAA or Cloud PDP, refer to Managing Asset Types.
    Body parameters

    Expand All
    object
    clientId
    string 

    Client ID of the Scope

    clientSecret
    string 

    Client Secret ID of the Scope

    objects
    Array of object Required
    object
    type
    string Required
    Valid values[ "Identity", "Asset" ]
    data
    objectRequired

    All Access Token and UserList request parameters

    asset
    object
    resourceType
    string 

    Asset Template ID (required)

    path
    string 

    Unique Identifier of the Asset (required)

    actions
    Array

    Name of the Action (optional)


    assetAttributes
    object

    (optional)

    attribute_1
    Array of string 
    string 
    attribute_2
    Array of string 
    string 
    entityId
    string 

    Unique identifier of the Identity

    Min length1
    entityTypeId
    string 

    Identity Template ID

    Min length1
    entityAttributes
    object

    List of Identity Attributes and their values.

    If not defined, Dynamic groups based on virtual attributes will not be considered in the Access Decision.

    string
    Array

    contextData
    object

    Identity Context data for this request.

    When specifying this parameter, you are requesting information based on a specific parameter and its value.

    For example, Location where the contextData equals a specific branch.

    If not defined, Dynamic groups based on context data will not be considered in the Access Decision.

    string
    Array

    environment
    object

    Environmental parameters need to be defined in policies as request. (in asset rules or conditions) and also sent in the authorization request. Only the assets that match what will be sent in the request will come back.

    If not defined, parametes based on emviromental data will not be considered in the Access Decision.

    string
    Array

    remoteIp
    string (ipv4) 

    IP address to be used when validating a policy. Ensure that your IP Ranges are correct based on an IP calculator. If not defined, the IP considered in the calculation is taken from the X-Forwarded-For (Request header). If not defined, the IP considered in the calculation is taken from the X-Forwarded-For (Request header).

    Min length1
    timeZoneOffset
    number 

    To define the offset from UTC time zone. Used in Time Condition.

    Default"0"
    Example-12
    useCache
    boolean 

    The attribute will determines if the response will consider the cache settings or override the cache and preforming full calculation.

    Default"True"
    key
    string 

    An auto-generated key to set the correlation between the requested object and the response object (optional).

    Responses
    200

    Each object input gets a list of policies

    Expand All
    object
    data
    Array of object 
    object
    object
    object
    type
    string 
    Valid values[ "Identity", "Asset" ]
    data
    object

    All Access Token and UserList request parameters

    AnyOf
    object

    key
    string 

    An auto-generated key to set the correlation between the requested object and the response object (optional).

    object

    asset
    object
    resourceType
    string 

    Asset Template ID (required)

    path
    string 

    Unique Identifier of the Asset (required)

    actions
    Array

    Name of the Action (optional)


    assetAttributes
    object

    (optional)

    attribute_1
    string 
    attribute_2
    string 
    entityId
    string 

    Unique identifier of the Identity

    Min length1
    clientId
    string 

    Client ID of the Scope

    Min length1
    clientSecret
    string 

    Client Secret ID of the Scope

    Min length1
    entityTypeId
    string 

    Identity Template ID

    Min length1
    entityAttributes
    object

    List of Identity Attributes and their values.

    If not defined, Dynamic groups based on virtual attributes will not be considered in the Access Decision.

    string
    Array

    contextData
    object

    Identity Context data for this request.

    When specifying this parameter, you are requesting information based on a specific parameter and its value.

    For example, Location where the contextData equals a specific branch.

    If not defined, Dynamic groups based on context data will not be considered in the Access Decision.

    string
    Array

    environment
    object

    Environmental parameters need to be defined in policies as request. (in asset rules or conditions) and also sent in the authorization request. Only the assets that match what will be sent in the request will come back.

    If not defined, parametes based on emviromental data will not be considered in the Access Decision.

    string
    Array

    remoteIp
    string (ipv4) 

    IP address to be used when validating a policy. Ensure that your IP Ranges are correct based on an IP calculator. If not defined, the IP considered in the calculation is taken from the X-Forwarded-For (Request header). If not defined, the IP considered in the calculation is taken from the X-Forwarded-For (Request header).

    Min length1
    timeZoneOffset
    number 

    To define the offset from UTC time zone. Used in Time Condition.

    Default"0"
    Example-12
    assetList
    object

    Contains a list of the Asset's unique identifier and attributes:

    template
    string 

    Asset Template ID

    path
    string 

    Asset Unique Identifier

    assetAttributes
    object
    attribute_1
    Array of string 
    string 
    attribute_2
    Array of string 
    string 
    useCache
    boolean 

    The attribute will determines if the response will consider the cache settings or override the cache and preforming full calculation.

    Default"True"
    response
    object
    permissions
    Array of object 
    object
    permissionId
    string 
    permission
    string 
    accessType
    string 
    Valid values[ "allow", "restrict" ]
    metadata
    object

    error
    string 
    400

    Bad Request

    401

    Unauthorized

    403

    Forbidden

    404

    Not Found

    500

    Internal Server Error

    501

    Not Implemented

    Was this article helpful?
    What's Next