identity
Create an identity
- Blog
- FAQ
- Product Demos
- API Guide
- GETGet an agent by name
- DELDelete an agent by name
- PATCHPerform a Patch on an agent by name
- GETQuery agent health
- GETGet all agents
- POSTCreate an agent
- POSTGet all agents based on a query
- GETGet the access report for an agent by name
- GETGet available permissions for an agent
- GETGet an audit context by name
- PATCHPerform a Patch on an audit context by name
- GETGet all audit contexts
- POSTCreate an audit context
- POSTGet all audit contexts based on a query
- GETGet the access report for an audit context by name
- GETGet available permissions for an audit context
- GETGet a cloud account by name
- DELDelete an cloud account by name
- PATCHPerform a Patch on a cloud account by name
- GETGet all cloud accounts
- POSTCreate a cloud account
- POSTGet all cloud accounts based on a query
- GETGet the access report for a cloud account by name
- GETGet available permissions for a cloud account resource type
- GETGet a domain by name
- DELDelete a domain by name
- PATCHPerform a Patch on a domain by name
- GETGet all domains
- POSTCreate a domain
- POSTGet all domains based on a query
- GETGet the access report for a domain by name
- GETGet available permissions for a domain resource type
- GETGet a group by name
- DELDelete a group by name
- PATCHPerform a Patch on a group by name
- GETGet all groups
- POSTCreate a group
- POSTGet all groups based on a query
- GETGet the access report for a group by name
- GETGet available permissions for a group resource type
- GETGet a GVC by name
- DELDelete a GVC by name
- PATCHPerform a Patch on a GVC by name
- GETGet all GVCs
- POSTCreate a GVC
- POSTGet all GVCs based on a query
- GETGet the access report for a GVC by name
- GETGet available permissions for a GVC resource type
- GETGet an identity by GVC and name
- DELDelete an identity by GVC and name
- PATCHPerform a Patch on an identity by name
- GETGet all identities in a GVC
- POSTCreate an identity
- GETGet all identities from all GVCs
- POSTGet all GVC identities based on a query
- GETGet the access report for an identity by GVC and name
- GETGet available permissions for an identity
- GETGet a image by name
- DELDelete an image by name
- PATCHPerform a Patch on an image by name
- GETGet all images
- POSTGet all images based on a query
- GETGet the access report for an image by name
- GETGet available permissions for an image resource type
- GETGet a location by name
- PATCHPerform a Patch on a location by name
- GETGet all locations
- POSTGet all locations based on a query
- GETGet the access report for a location by name
- GETGet available permissions for a location resource type
- GETGet an org by name
- PATCHPerform a Patch on an org by name
- GETGet all orgs
- POSTCreate an org
- POSTGet all orgs based on a query
- GETGet the access report for an org by name
- GETGet available permissions for an org resource type
- GETGet a policy by name
- DELDelete a policy by name
- PATCHPerform a Patch on a policy by name
- GETGet all policies
- POSTCreate a policy
- POSTGet all policies based on a query
- GETGet the access report for a policy by name
- GETGet available permissions for a policy resource type
- GETGet a quota by ID
- GETGet all quotas
- POSTGet all quotas based on a query
- GETGet available permissions for a quota resource type
- GETGet a secret by name
- DELDelete a secret by name
- PATCHPerform a Patch on a secret by name
- GETGet all secrets
- POSTCreate a secret
- GETGet the sensitive content of a secret by name
- POSTGet all secrets based on a query
- GETGet the access report for a secret by name
- GETGet available permissions for a secret resource type
- GETGet a service account by name
- DELDelete a service account by name
- PATCHPerform a Patch on a service account by name
- GETGet all service accounts
- POSTCreate a service account
- POSTGet all service accounts based on a query
- GETGet the access report for a service account by name
- POSTAdd a key to a service account
- GETGet available permissions for a service account resource type
- GETList tasks that you can accept to refuse
- GETList tasks that you can accept to refuse in a specific org
- GETGet a task by ID
- POSTPost
- DELDelete/Cancel a task by ID
- GETGet all tasks
- POSTGet all tasks based on a query
- GETGet available permissions for a task resource type
- GETGet a user by name
- DELDelete a user by name
- PATCHPerform a Patch on a user by name
- GETGet all users
- POSTGet all users based on a query
- POSTInvite users to this org
- GETGet the access report for a user by name
- GETGet available permissions for a user resource type
- GETGet a volumeset by GVC and name
- DELDelete a volumeset by name
- PATCHPerform a Patch on a volumeset by name
- GETList volumesets in a GVC you are authorized to view
- POSTCreate a volumeset
- GETGet all volumesets
- POSTGet all volumesets based on a query
- GETGet the access report for a volumeset by GVC and name
- GETGet available permissions for a volumeset resource type
- GETGet a workload by GVC and name
- DELDelete a workload by name
- PATCHPerform a Patch on a workload by name
- GETGet a deployment by GVC, workload and name
- GETList workloads in a GVC you are authorized to view
- POSTCreate a workload
- GETGet all workloads
- GETList deployments in a workload
- POSTGet all workloads based on a query
- GETGet the access report for a workload by GVC and name
- GETGet available permissions for a workload resource type
Overview
agent
auditctx
cloudaccount
domain
group
gvc
identity
image
location
org
policy
quota
secret
serviceaccount
task
user
volumeset
workload
identity
Create an identity
POST
/
org
/
{org}
/
gvc
/
{gvc}
/
identity
Authorization
string
*
Authorization
Required
string
Service account key can be used as API keys
org
string
*
org
Required
string
gvc
string
*
gvc
Required
string
object
description
string
description
string
tags
object
tags
object
aws
object
aws
object
cloudAccountLink
string
cloudAccountLink
string
policyRefs
array
policyRefs
array
trustPolicy
object
trustPolicy
object
Version
string
Version
string
Statement
array
Statement
array
roleName
string
roleName
string
gcp
object
gcp
object
cloudAccountLink
string
cloudAccountLink
string
scopes
array
scopes
array
serviceAccount
string
serviceAccount
string
bindings
array
bindings
array
azure
object
azure
object
cloudAccountLink
string
cloudAccountLink
string
roleAssignments
array
roleAssignments
array
ngs
object
ngs
object
cloudAccountLink
string
cloudAccountLink
string
pub
object
pub
object
allow
array
allow
array
deny
array
deny
array
sub
object
sub
object
allow
array
allow
array
deny
array
deny
array
resp
object
resp
object
max
integer
max
integer
Number of responses allowed on the replyTo subject, -1 means no limit
ttl
string
ttl
string
Deadline to send replies on the replyTo subject [#ms(millis) | #s(econds) | m(inutes) | h(ours)]. -1 means no restriction
subs
integer
subs
integer
Max number of subscriptions per connection
data
integer
data
integer
Max number of bytes a connection can send
payload
integer
payload
integer
Max message payload
networkResources
array
networkResources
array
nativeNetworkResources
array
nativeNetworkResources
array
memcacheAccess
array
memcacheAccess
array
spicedbAccess
array
spicedbAccess
array
gvc
object
gvc
object
Authorizations
Authorization
string
headerrequiredService account key can be used as API keys
Path Parameters
org
string
requiredgvc
string
requiredBody
application/json
description
string
tags
object
aws
object
aws.cloudAccountLink
string
aws.policyRefs
string[]
aws.trustPolicy
object
aws.trustPolicy.Version
string
default: 2012-10-17aws.trustPolicy.Statement
object[]
aws.roleName
string
gcp
object
gcp.cloudAccountLink
string
gcp.scopes
string[]
gcp.serviceAccount
string
gcp.bindings
object[]
gcp.bindings.resource
string
gcp.bindings.roles
string[]
azure
object
azure.cloudAccountLink
string
azure.roleAssignments
object[]
azure.roleAssignments.scope
string
azure.roleAssignments.roles
string[]
ngs
object
ngs.cloudAccountLink
string
ngs.pub
object
ngs.pub.allow
string[]
ngs.pub.deny
string[]
ngs.sub
object
ngs.sub.allow
string[]
ngs.sub.deny
string[]
ngs.resp
object
ngs.resp.max
integer
Number of responses allowed on the replyTo subject, -1 means no limit
ngs.resp.ttl
string
Deadline to send replies on the replyTo subject [#ms(millis) | #s(econds) | m(inutes) | h(ours)]. -1 means no restriction
ngs.subs
integer
Max number of subscriptions per connection
ngs.data
integer
Max number of bytes a connection can send
ngs.payload
integer
Max message payload
networkResources
object[]
networkResources.name
networkResources.agentLink
string
networkResources.IPs
string[]
networkResources.FQDN
string
networkResources.resolverIP
string
networkResources.ports
integer[]
nativeNetworkResources
object[]
nativeNetworkResources.name
nativeNetworkResources.FQDN
string
nativeNetworkResources.ports
integer[]
nativeNetworkResources.awsPrivateLink
object
nativeNetworkResources.awsPrivateLink.endpointServiceName
string
nativeNetworkResources.gcpServiceConnect
object
nativeNetworkResources.gcpServiceConnect.targetService
string
memcacheAccess
object[]
memcacheAccess.clusterLink
string
memcacheAccess.role
enum<string>
Available options:
readWrite spicedbAccess
object[]
spicedbAccess.clusterLink
string
spicedbAccess.role
enum<string>
Available options:
checkPermission, read, write gvc
object
Response
201 - application/json
The response is of type any.