Contents x
    Policy List
    • 13 Jun 2024
    • 4 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Policy List

    • Updated on 13 Jun 2024
    • 4 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Post
    /api/runtime/policies/v3

    The Policy List API call returns the relevant policies for each input object with their meta data.

    Notice

    When accessing the Authorization APIs, the URL base/prefix, according to your PlainID PDP Location
  • United States Cloud PDP - `https://tenant-name.us1.plainid.io`
  • Canadian Cloud PDP - `https://tenant-name.ca1.plainid.io`
  • European Cloud PDP - `https://tenant-name.eu1.plainid.io`
  • Local PAA - `https://your-paa.acme.local`

    • For more information on which Asset Types to use with your PAA or Cloud PDP, refer to Managing Asset Types.

    Important note about headers

    Refer to the headers below to modify your cURL sample. Check if the following headers are in the sample, if not, ensure you add it to your cURL sample before pasting into your API tool.

    Headers

    *Required
    HeaderValuecURL Line
    content-type`application/json``-H 'Content-Type: application/json' `
    Body parameters
    Expand All
    object
    clientId
    string

    Client ID of the Scope

    clientSecret
    string

    Client Secret ID of the Scope

    objects
    Array of object Required
    object
    type
    string Required
    Valid values[ "\"Identity\"", "\"Asset\"" ]
    data
    objectRequired

    All Access Token and UserList request parameters

    asset
    object
    resourceType
    string

    Asset Template ID (required)

    path
    string

    Unique Identifier of the Asset (required)

    actions
    Array

    Name of the Action (optional)

    assetAttributes
    object

    (optional)

    attribute_1
    Array of string
    string
    attribute_2
    Array of string
    string
    entityId
    string

    Unique identifier of the Identity

    Min length1
    entityTypeId
    string

    Identity Template ID

    Min length1
    entityAttributes
    object

    List of Identity Attributes and their values.

    If not defined, Dynamic groups based on virtual attributes will not be considered in the Access Decision.

    string
    Array
    contextData
    object

    Identity Context data for this request.

    When specifying this parameter, you are requesting information based on a specific parameter and its value.

    For example, Location where the contextData equals a specific branch.

    If not defined, Dynamic groups based on context data will not be considered in the Access Decision.

    string
    Array
    environment
    object

    Environmental parameters need to be defined in policies as request. (in Asset rules or Conditions) and also sent in the authorization request. Only the Assets that match what will be sent in the request will come back.

    If not defined, parametes based on emviromental data will not be considered in the Access Decision.

    string
    Array
    remoteIp
    string (ipv4)

    IP address to be used when validating a Policy. Ensure that your IP Ranges are correct based on an IP calculator. If not defined, the IP considered in the calculation is taken from the X-Forwarded-For (Request header). If not defined, the IP considered in the calculation is taken from the X-Forwarded-For (Request header).

    Min length1
    timeZoneOffset
    number

    To define the offset from UTC time zone. Used in Time Condition.

    Default"0"
    Example-12
    useCache
    boolean

    The Attribute will determines if the response will consider the cache settings or override the cache and preforming full calculation.

    Default"True"
    key
    string

    An auto-generated key to set the correlation between the requested object and the response object (optional).

    Responses
    200

    Each object input gets a list of Policies

    Expand All
    object
    data
    Array of object
    object
    object
    object
    type
    string
    Valid values[ "\"Identity\"", "\"Asset\"" ]
    data
    object

    All Access Token and UserList request parameters

    AnyOf
    object
    key
    string

    An auto-generated key to set the correlation between the requested object and the response object (optional).

    object
    asset
    object
    resourceType
    string

    Asset Template ID (required)

    path
    string

    Unique Identifier of the Asset (required)

    actions
    Array

    Name of the Action (optional)

    assetAttributes
    object

    (optional)

    attribute_1
    string
    attribute_2
    string
    entityId
    string

    Unique identifier of the Identity

    Min length1
    clientId
    string

    Client ID of the Scope

    Min length1
    clientSecret
    string

    Client Secret ID of the Scope

    Min length1
    entityTypeId
    string

    Identity Template ID

    Min length1
    entityAttributes
    object

    List of Identity Attributes and their values.

    If not defined, Dynamic groups based on virtual attributes will not be considered in the Access Decision.

    string
    Array
    contextData
    object

    Identity Context data for this request.

    When specifying this parameter, you are requesting information based on a specific parameter and its value.

    For example, Location where the contextData equals a specific branch.

    If not defined, Dynamic groups based on context data will not be considered in the Access Decision.

    string
    Array
    environment
    object

    Environmental parameters need to be defined in policies as request. (in Asset rules or Conditions) and also sent in the authorization request. Only the assets that match what will be sent in the request will come back.

    If not defined, parametes based on emviromental data will not be considered in the Access Decision.

    string
    Array
    remoteIp
    string (ipv4)

    IP address to be used when validating a Policy. Ensure that your IP Ranges are correct based on an IP calculator. If not defined, the IP considered in the calculation is taken from the X-Forwarded-For (Request header). If not defined, the IP considered in the calculation is taken from the X-Forwarded-For (Request header).

    Min length1
    timeZoneOffset
    number

    To define the offset from UTC time zone. Used in Time Condition.

    Default"0"
    Example-12
    assetList
    object

    Contains a list of the Asset's unique identifier and attributes:

    template
    string

    Asset Template ID

    path
    string

    Asset Unique Identifier

    assetAttributes
    object
    attribute_1
    Array of string
    string
    attribute_2
    Array of string
    string
    useCache
    boolean

    The Attribute will determines if the response will consider the cache settings or override the cache and preforming full calculation.

    Default"True"
    response
    object
    permissions
    Array of object
    object
    permissionId
    string
    permission
    string
    accessType
    string
    Valid values[ "\"allow\"", "\"restrict\"" ]
    metadata
    object
    error
    string
    400

    Bad Request

    401

    Unauthorized

    403

    Forbidden

    404

    Not Found

    500

    Internal Server Error

    501

    Not Implemented

    Was this article helpful?
    What's Next