GuidesTypeScript API ReferencePython v2 API Reference

AuthorizationAPI | @here/olp-sdk-ts

AuthorizationAPI | @here/olp-sdk-ts
Options
All
  • Public
  • Public/Protected
  • All
Menu

Namespace AuthorizationAPI

Index

Interfaces

Type Aliases

Functions

Type Aliases

EffectEnum

EffectEnum: "allow" | "deny"

EntityTypeEnum

EntityTypeEnum: "user" | "app"

IdentityTypeEnum

IdentityTypeEnum: "user" | "app" | "group"

Relation

Relation: "home" | "reference"

The relation of the resource with the Project.

ResourceRelation

ResourceRelation: "home" | "reference"

The relation of the resource with the Project

StateEnum

StateEnum: "deleted" | "disabled" | "locked" | "enabled"

Type

Type: "catalog" | "pipeline" | "pipeline-template" | "schema" | "artifact" | "flow" | "flow-pattern"

The type of the resource

Functions

addGrant

  • addGrant(builder: RequestBuilder, params: { actionId: string; entityId: string; entityType: string; resourceHrn: string }): Promise<EntityGrant>

  • Grant access to a resource to an entity. The result of this call is that the specified entity will have permission to take the specified action against the specified resource. Restrictions:

    • The realm of the calling principal must match the realm of the requested entity.
    • The calling principal must have permission to take the addGrant:{actionId} OR share action against the specified resource.
    • Example: In order to add a grant for the readResource action against resource hrn:here:data:::my-shared-catalog a permission with the following would be required:
    • "action" : "addGrant:readResource"
    • "resource" : "hrn:here:data:::my-shared-catalog" OR
    • "action" : "share"
    • "resource" : "hrn:here:data:::my-shared-catalog"
    • This API works only with tokens that are not scoped to a project.
    summary

    Grant access to a resource to an entity.

    Parameters

    • builder: RequestBuilder
    • params: { actionId: string; entityId: string; entityType: string; resourceHrn: string }
      • actionId: string
      • entityId: string
      • entityType: string
      • resourceHrn: string

    Returns Promise<EntityGrant>

addGroupMember

  • addGroupMember(builder: RequestBuilder, params: { groupId: string; member: string }): Promise<Response>

  • Add a single member to a group.

    Restrictions:

    • The calling principal must have permission to take the manageMembers action against the group identified by the provided group HRN.

    • Example: In order to add a member to the group, GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a, a permission with the following would be required:

    • "action" : "manageMembers"

    • "resource" : "hrn:here:authorization::myrealm:group/GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a"

    • This API works only with tokens that are not scoped to a project.

    summary

    Add a member to a group

    Parameters

    • builder: RequestBuilder
    • params: { groupId: string; member: string }
      • groupId: string
      • member: string

    Returns Promise<Response>

addProjectMember

  • addProjectMember(builder: RequestBuilder, params: { member: string; project: string; xCorrelationID?: string }): Promise<Response>

  • Add the member to the requested Project.

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the manageMembers action for the specified resource.

    • Example: In order to add a member to the Project, the following permission would be required:

    • "action" : "manageMembers"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • This API works only with tokens that are not scoped to a project.

    summary

    Add the member to the requested Project

    Parameters

    • builder: RequestBuilder
    • params: { member: string; project: string; xCorrelationID?: string }
      • member: string
      • project: string
      • Optional xCorrelationID?: string

    Returns Promise<Response>

addProjectResourceRelation

  • Add the resource to the requested Project as a home or a reference(link).

    Access Control:

    • User Access Token & Client Access Token When relation=home The requested resource will be assigned the requested project as its resource home. The resource MUST NOT already have an existing resource home.

    • The calling principal must have permission to take the manageResourceHome action for the specified project AND the share action for the specified resource.

    • Example: In order to add resource "hrn:here:data::myrealm:my-catalog-0000" to the project "hrn:here:authorization::myrealm:project/my-project-0000", the following permissions would be required:

    • Permission 1:

    • "action" : "manageResourceHome"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • Permission 2:

    • "action" : "share"

    • "resource" : "hrn:here:data::myrealm:my-catalog-0000" When relation=reference Link the resource to the requested Project as a reference(link). The requested resource will be assigned to the requested project as reference(link).

    The resource MUST be available to the caller to attach as a resource reference(link). A resource is referenceable if it has been marked as referenceable and the caller has permission to all reference enabled actions against the resource OR The resource has been made linkable to the project/realm for the project linking enabled action The exclusive list of resources available to the caller to attach as a resource reference(link) is accessible via a call to /resources?referenceable=true or /resources?linkable=true

    • The authorization context must satisfy one of the following:
    • The calling principal has permission to take the manageResourceReferences action for the specified project.
    • Example: In order to add a resource reference to the project "hrn:here:authorization::myrealm:project/my-project-0000", the following permission would be required:
    • "action" : "manageResourceReferences"
    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"
    • The calling principal is a member of the specified project.
    • The calling principal must have permission to attach the resource as a referenceable resource. A resource is referenceable to the caller if:
    • It has been marked as referenceable and The caller has permission to all reference enabled actions against the resource.

    OR

    • The resource has been made linkable to the project/realm for the project linking enabled action
    • This API works only with tokens that are not scoped to a project.
    summary

    Add a resource to the requested Project as a Resource Home or Resource Reference(Link)

    Parameters

    Returns Promise<ResourceRelationResponse>

addRoleEntity

  • addRoleEntity(builder: RequestBuilder, params: { entity: string; role: string }): Promise<Response>

  • Assign the role provided to the given entity. If the provided role is associated with a group, the entity being assigned the role must be a member of the associated group. Restrictions:

    • The calling principal must have permission to take the manageEntities action against the specified role.
    • Example: In order to assign the role, GroupAdmin, to an entity a permission with the following would be required:
    • "action" : "manageEntities"
    • "resource" : "hrn:here:authorization::myrealm:role/ROLE-c1662138-a170-4264-ba18-7b506a708c37"
    • This API works only with tokens that are not scoped to a project.
    summary

    Assign a role to an entity

    Parameters

    • builder: RequestBuilder
    • params: { entity: string; role: string }
      • entity: string
      • role: string

    Returns Promise<Response>

attachProjectPolicyToMember

  • attachProjectPolicyToMember(builder: RequestBuilder, params: { member: string; policy: string; project: string }): Promise<Response>

  • Attaches the Project Policy to the member of the Project.

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the manageMembers action for the specified resource.

    • Example: In order to attach a custom policy in a Project to a member, the following permissions would be required:

    • "action" : "manageMembers"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000" AND

    • "action" : "managePolicies"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • In the Project workflow, the above permission is granted to all Project Admins and Resource Managers

    • This API works only with tokens that are not scoped to a project.

    summary

    Attach Project Policy to Member

    Parameters

    • builder: RequestBuilder
    • params: { member: string; policy: string; project: string }
      • member: string
      • policy: string
      • project: string

    Returns Promise<Response>

cancelRealmMemberInvite

  • cancelRealmMemberInvite(builder: RequestBuilder, params: { invite: string; realm: string }): Promise<Response>

  • Cancel an invitation to the realm. Restrictions:

    • The calling principal must have permission to take the manageInvites action against the specified realm.
    example:

    In order to delete an invitation to the realm, MyRealm, a permission with the following would be required:

    • "action" : "manageInvites"
    • "resource" : "hrn:here:account::myrealm:realm/myrealm"
    • This API works only with tokens that are not scoped to a project.
    summary

    Cancel a user invitation to a realm

    Parameters

    • builder: RequestBuilder
    • params: { invite: string; realm: string }
      • invite: string
      • realm: string

    Returns Promise<Response>

checkProjectExistance

  • checkProjectExistance(builder: RequestBuilder, params: { project: string; xCorrelationID?: string }): Promise<Response>

  • Checks whether a project exists with requested project hrn in caller realm.

    If project does not exist in the same realm it will return 404.

    • This API works only with tokens that are not scoped to a project.
    summary

    Checks the existance of a project in caller realm.

    Parameters

    • builder: RequestBuilder
    • params: { project: string; xCorrelationID?: string }
      • project: string
      • Optional xCorrelationID?: string

    Returns Promise<Response>

createGroup

  • Create a group within the realm that is associated with the calling party. The calling party will be made a member and an administrator of the created group.

    Restrictions:

    • The calling principal must have permission to take the createGroup action against the realm associated with the calling party.

    • Example: In order to create a group within the calling party's realm a permission with the following would be required:

    • "action" : "createGroup"

    • "resource" : "hrn:here:account::myrealm:realm/myrealm"

    • This API works only with tokens that are not scoped to a project.

    summary

    Create group

    Parameters

    Returns Promise<Group>

createProject

  • Create the requested Project in the callers realm Access Control:

    • User Access Token & Client Access Token
    • The calling principal must have permission to take the createProject action for the specified project.
    • Example: In order to create a Project, the following permission would be required:
    • "action" : "createProject"
    • This API works only with tokens that are not scoped to a project.
    summary

    Create the requested Project

    Parameters

    Returns Promise<ProjectResponse>

createProjectPolicy

  • Create the requested custom policy in the Project

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the managePolicies action for the specified resource.

    • Example: In order to create a custom policy in a Project, the following permission would be required:

    • "action" : "managePolicies"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • In the Project workflow, the above permission is granted to all Project Admins and Resource Managers

    • This API works only with tokens that are not scoped to a project.

    summary

    Create the requested Project Policy

    Parameters

    Returns Promise<ProjectPolicyResponse>

createRealmMemberInvite

  • Create and send an invitation to add a new member to the realm, optionally assign membership to one or more groups if the Inviter is also a GroupAdmin for the group. Restrictions:

    • The calling principal must have permission to take the manageInvites action against the specified realm.
    example:

    In order to invite a new user to the realm, MyRealm, a permission with the following would be required:

    • "action" : "manageInvites"
    • "resource" : "hrn:here:account::myrealm:realm/myrealm"
    example:

    In order to invite a new user to the realm, MyRealm, as a member of the group GROUP-a3dee2fe-fb38-4183-b686-14fdea5964c0, the following permissions would be required:

    • "action" : "manageInvites"
    • "resource" : "hrn:here:account::myrealm:realm/myrealm"
    • "action" : "manageMembers"
    • "resource" : "hrn:here:authorization::myrealm:group/GROUP-a3dee2fe-fb38-4183-b686-14fdea5964c"
    • This API works only with tokens that are not scoped to a project.
    summary

    Create and send a user invitation for a realm

    Parameters

    Returns Promise<RealmAuthInviteResponse>

deleteGroup

  • deleteGroup(builder: RequestBuilder, params: { groupId: string }): Promise<Response>

  • Delete the group identified by the provided group HRN.

    Restrictions:

    • The calling principal must have permission to take the deleteGroup action against the group identified by the provided group HRN.

    • Example: In order to delete the group, GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a, a permission with the following would be required:

    • "action" : "deleteGroup"

    • "resource" : "hrn:here:authorization::myrealm:group/GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a"

    • This API works only with tokens that are not scoped to a project.

    summary

    delete group

    Parameters

    Returns Promise<Response>

deleteProject

  • deleteProject(builder: RequestBuilder, params: { project: string; xCorrelationID?: string }): Promise<Response>

  • Delete the specified Project Access Control:

    • User Access Token & Client Access Token
    • The calling principal must have permission to take the manage action for the specified resource.
    • Example: In order to delete a Project, the following permission would be required:
    • "action" : "manage"
    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"
    • This API works only with tokens that are not scoped to a project.
    summary

    Delete the specified Project

    Parameters

    • builder: RequestBuilder
    • params: { project: string; xCorrelationID?: string }
      • project: string
      • Optional xCorrelationID?: string

    Returns Promise<Response>

deleteProjectMember

  • deleteProjectMember(builder: RequestBuilder, params: { member: string; project: string; xCorrelationID?: string }): Promise<Response>

  • Remove the member from the specified Project Access Control:

    • User Access Token & Client Access Token
    • The calling principal must have permission to take the manageMembers action for the specified resource.
    • Example: In order to remove a member from a Project, the following permission would be required:
    • "action" : "manageMembers"
    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"
    • This API works only with tokens that are not scoped to a project.
    summary

    Remove the member from the specified Project

    Parameters

    • builder: RequestBuilder
    • params: { member: string; project: string; xCorrelationID?: string }
      • member: string
      • project: string
      • Optional xCorrelationID?: string

    Returns Promise<Response>

deleteProjectPolicy

  • deleteProjectPolicy(builder: RequestBuilder, params: { policy: string; project: string }): Promise<Response>

  • Delete the custom policy in the Project

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the managePolicies action for the specified resource.

    • Example: In order to update a custom policy in a Project, the following permission would be required:

    • "action" : "managePolicies"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • In the Project workflow, the above permission is granted to all Project Admins and Resource Managers

    • This API works only with tokens that are not scoped to a project.

    summary

    Delete the custom Project Policy

    Parameters

    • builder: RequestBuilder
    • params: { policy: string; project: string }
      • policy: string
      • project: string

    Returns Promise<Response>

deleteProjectResourceReference

  • deleteProjectResourceReference(builder: RequestBuilder, params: { body: ResourceLinkActionBody; project: string; relation: string; resource: string; xCorrelationID?: string }): Promise<Response>

  • Remove the resource from the project. The requested resource may only be linked as a reference, removing a home resource requires deleting the resource from the resource service.

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the manageResourceReferences action for the specified project.

    • Example: In order to remove a resource reference(link) from the project "hrn:here:authorization::myrealm:project/my-project-0000", the following permission would be required:

    • "action" : "manageResourceReferences"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • This API works only with tokens that are not scoped to a project.

    summary

    Remove a Resource Reference(Link) from a project

    Parameters

    Returns Promise<Response>

deleteRoleEntity

  • deleteRoleEntity(builder: RequestBuilder, params: { entity: string; role: string }): Promise<Response>

  • Remove the role provided to from the given member. Restrictions:

    • The calling principal must have permission to take the manageEntities action against the specified role.
    • Example: In order to revoke the role, GroupAdmin, from an entity a permission with the following would be required:
    • "action" : "manageEntities"
    • "resource" : "hrn:here:authorization::myrealm:role/ROLE-c1662138-a170-4264-ba18-7b506a708c37"
    • This API works only with tokens that are not scoped to a project.
    summary

    Revoke a role from an entity

    Parameters

    • builder: RequestBuilder
    • params: { entity: string; role: string }
      • entity: string
      • role: string

    Returns Promise<Response>

detachProjectPolicyFromMember

  • detachProjectPolicyFromMember(builder: RequestBuilder, params: { member: string; policy: string; project: string }): Promise<Response>

  • Detached the requested custom Project Policy from a Membber

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the manageMembers action for the specified resource.

    • Example: In order to detach a custom policy in a Project from a member, the following permissions would be required:

    • "action" : "manageMembers"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000" AND

    • "action" : "managePolicies"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • In the Project workflow, the above permission is granted to all Project Admins and Resource Managers

    • This API works only with tokens that are not scoped to a project.

    summary

    Detach the Project Policy from a Member

    Parameters

    • builder: RequestBuilder
    • params: { member: string; policy: string; project: string }
      • member: string
      • policy: string
      • project: string

    Returns Promise<Response>

getAllProjectList

  • Get the list of all Projects in the Org

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the listAllProjects action for the specified resource.

    • Example: In order to get a list of projects, the following permission would be required:

    • "action" : "listAllProjects"

    • This API works only with tokens that are not scoped to a project.

    summary

    Get the list of all Projects in the Org

    Parameters

    • builder: RequestBuilder
    • params: { limit?: number; pageToken?: string; xCorrelationID?: string }
      • Optional limit?: number
      • Optional pageToken?: string
      • Optional xCorrelationID?: string

    Returns Promise<ProjectListWithPageToken>

getAllProjectMembersWithAttachedPolicy

  • Get the list of all Project Members with the attached Policy

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the read action for the specified resource.

    • Example: In order to read the list of all members attached to a project policy, the following permission would be required:

    • "action" : "read"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • In the Project workflow, the above permission is granted to all Project Members, Project Admins, Org Admins

    • This API works only with tokens that are not scoped to a project.

    summary

    Get the list of all Project Members with the attached Policy

    Parameters

    • builder: RequestBuilder
    • params: { limit?: number; pageToken?: string; policy: string; project: string; xCorrelationID?: string }
      • Optional limit?: number
      • Optional pageToken?: string
      • policy: string
      • project: string
      • Optional xCorrelationID?: string

    Returns Promise<ProjectMemberListWithPageToken>

getAttachedProjectPoliciesForMember

  • getAttachedProjectPoliciesForMember(builder: RequestBuilder, params: { limit?: number; member: string; pageToken?: string; project: string; xCorrelationID?: string }): Promise<ProjectPolicyListResponse>

  • Get the list of Attached Project Policies For a Member

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the read action for the specified resource.

    • Example: In order to read the list of the attached project policies, the following permission would be required:

    • "action" : "read"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • In the Project workflow, the above permission is granted to all Project Members, Project Admins, Org Admins

    • This API works only with tokens that are not scoped to a project.

    summary

    Get the list of Attached Project Policies For a Member

    Parameters

    • builder: RequestBuilder
    • params: { limit?: number; member: string; pageToken?: string; project: string; xCorrelationID?: string }
      • Optional limit?: number
      • member: string
      • Optional pageToken?: string
      • project: string
      • Optional xCorrelationID?: string

    Returns Promise<ProjectPolicyListResponse>

getAttachedProjectPolicyForMember

  • getAttachedProjectPolicyForMember(builder: RequestBuilder, params: { member: string; policy: string; project: string }): Promise<AttachedPolicy>

  • Get the attached Project Policy For a Member

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the read action for the specified resource.

    • Example: In order to read the attached project policy, the following permission would be required:

    • "action" : "read"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • In the Project workflow, the above permission is granted to all Project Members, Project Admins, Org Admins

    • This API works only with tokens that are not scoped to a project.

    summary

    Get the attached Project Policy for a Member

    Parameters

    • builder: RequestBuilder
    • params: { member: string; policy: string; project: string }
      • member: string
      • policy: string
      • project: string

    Returns Promise<AttachedPolicy>

getEntityGroupMembership

  • getEntityGroupMembership(builder: RequestBuilder, params: { count?: number; member: string; pageToken?: string; realm: string }): Promise<GroupPageWToken>

  • Retrieve the groups a given entity is a member of. Restrictions: The calling principal must have permission to take the readGroups action against the specified entity.

    example:

    In order to retrieve the groups a user, HERE-4ba9aca3-fdf9-4cad-a3da-534494d6198f, is a member of, a permission with the following would be required: "action" : "readGroups" "resource" : "hrn:here:account::myrealm:user/HERE-4ba9aca3-fdf9-4cad-a3da-534494d6198f" This API works only with tokens that are not scoped to a project

    summary

    Get entity group membership

    Parameters

    • builder: RequestBuilder
    • params: { count?: number; member: string; pageToken?: string; realm: string }
      • Optional count?: number
      • member: string
      • Optional pageToken?: string
      • realm: string

    Returns Promise<GroupPageWToken>

getEntityManagedGroups

  • getEntityManagedGroups(builder: RequestBuilder, params: { count?: number; member: string; pageToken?: string; realm: string }): Promise<GroupPageWToken>

  • Retrieve the list of groups over which the provided entity has been granted the role of GroupAdmin. Restrictions:

    • The calling principal must have permission to take the readGroups action against the specified entity.
    example:

    In order to retrieve the groups a user, HERE-4ba9aca3-fdf9-4cad-a3da-534494d6198f, is an admin of, a permission with the following would be required:

    • "action" : "readGroups"
    • "resource" : "hrn:here:account::myrealm:user/HERE-4ba9aca3-fdf9-4cad-a3da-534494d6198f"
    • This API works only with tokens that are not scoped to a project.
    summary

    Get entity managed group

    Parameters

    • builder: RequestBuilder
    • params: { count?: number; member: string; pageToken?: string; realm: string }
      • Optional count?: number
      • member: string
      • Optional pageToken?: string
      • realm: string

    Returns Promise<GroupPageWToken>

getGrant

  • getGrant(builder: RequestBuilder, params: { actionId: string; entityId: string; entityType: string; resourceHrn: string }): Promise<EntityGrant>

  • Get a single grant given to an entity. This calls returns any permission to take the specified action against the specified resource on the requested entity. Restrictions:

    • The realm of the calling principal must match the realm of the requested app.
    • The calling principal must have permission to take the listGrants OR share action against the specified resource.
    • In order to get a grant against resource hrn:here:data:::my-shared-catalog a permission with the following would be required:
    • "action" : "listGrants"
    • "resource" : "hrn:here:data:::my-shared-catalog" OR
    • "action" : "share"
    • "resource" : "hrn:here:data:::my-shared-catalog"
    • This API works only with tokens that are not scoped to a project.
    summary

    Get a single grant given to an entity

    Parameters

    • builder: RequestBuilder
    • params: { actionId: string; entityId: string; entityType: string; resourceHrn: string }
      • actionId: string
      • entityId: string
      • entityType: string
      • resourceHrn: string

    Returns Promise<EntityGrant>

getGrants

  • getGrants(builder: RequestBuilder, params: { entityId: string; entityType: string; resourceHrn: string }): Promise<EntityGrant>

  • Get grants. This call describes the permissions assigned to the specified entity that grant access to the specified resource.

    Restrictions:

    • The realm of the calling principal must match the realm of the requested entity.
    • The calling principal must have permission to take the listGrants OR share action against the specified resource.
    • Example: In order to get grants against resource hrn:here:data:::my-shared-catalog a permission with the following would be required:
    • "action" : "listGrants"
    • "resource" : "hrn:here:data:::my-shared-catalog" OR
    • "action" : "share"
    • "resource" : "hrn:here:data:::my-shared-catalog"
    • This API works only with tokens that are not scoped to a project.
    summary

    Get grants given to a user, app, or group

    Parameters

    • builder: RequestBuilder
    • params: { entityId: string; entityType: string; resourceHrn: string }
      • entityId: string
      • entityType: string
      • resourceHrn: string

    Returns Promise<EntityGrant>

getGroup

  • Retrieve the group identified by the provided group HRN.

    Restrictions:

    • The calling principal must have permission to take the readMembers action against the realm associated with the calling party.

    • Example: In order to retrieve a group within the calling party's realm a permission with the following would be required:

    • "action" : "readMembers"

    • "resource" : "hrn:here:account::myrealm:realm/myrealm"

    • This API works only with tokens that are not scoped to a project.

    summary

    Get single group

    Parameters

    Returns Promise<Group>

getGroupMember

  • Retrieve a single group member.

    Restrictions:

    • The calling principal must have permission to take the readMembers action against the group identified by the provided group HRN.

    • Example: In order to retrieve a single member of the group, GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a, a permission with the following would be required:

    • "action" : "readMembers"

    • "resource" : "hrn:here:authorization::myrealm:group/GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a"

    • This API works only with tokens that are not scoped to a project.

    summary

    Get single Group member

    Parameters

    • builder: RequestBuilder
    • params: { groupId: string; member: string }
      • groupId: string
      • member: string

    Returns Promise<GroupMember>

getGroupMembers

  • Retrieve the list of members of the group identified by the provided group HRN.

    Restrictions:

    • The calling principal must have permission to take the readMembers action against the group identified by the provided group HRN.

    • Example: In order to retrieve the members of the group, GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a, a permission with the following would be required:

    • "action" : "readMembers"

    • "resource" : "hrn:here:authorization::myrealm:group/GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a"

    • This API works only with tokens that are not scoped to a project.

    summary

    Get Group members

    Parameters

    • builder: RequestBuilder
    • params: { count?: number; entityType?: string; groupId: string; pageToken?: string }
      • Optional count?: number
      • Optional entityType?: string
      • groupId: string
      • Optional pageToken?: string

    Returns Promise<GroupMemberPageWToken>

getGroupRoles

  • List the roles which are associated with the provided group.

    Restrictions:

    • The calling principal must have permission to take the readRoles action against the specified group.
    • Example: In order list the roles associated with the group, GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a, a permission with the following would be required:
    • "action" : "readRoles"
    • "resource" : "hrn:here:authorization::myrealm:group/GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a"
    • This API works only with tokens that are not scoped to a project.
    summary

    Get group roles

    Parameters

    • builder: RequestBuilder
    • params: { count?: number; groupId: string; pageToken?: string }
      • Optional count?: number
      • groupId: string
      • Optional pageToken?: string

    Returns Promise<RolePageWToken>

getGroups

  • Retrieve the list of groups within the realm associated with the calling party.

    Restrictions:

    • The calling principal must have permission to take the readMembers action against the realm associated with the calling party.

    • Example: In order to list the groups within the calling party's realm a permission with the following would be required:

    • "action" : "readMembers"

    • "resource" : "hrn:here:account::myrealm:realm/myrealm"

    • This API works only with tokens that are not scoped to a project.

    summary

    Get groups

    Parameters

    • builder: RequestBuilder
    • Optional params: { count?: number; pageToken?: string; q?: string }
      • Optional count?: number
      • Optional pageToken?: string
      • Optional q?: string

    Returns Promise<GroupPageWToken>

getListOfWaysResourceIsLinkable

  • getListOfWaysResourceIsLinkable(builder: RequestBuilder, params: { limit?: number; pageToken?: string; resource: string; xCorrelationID?: string }): Promise<LinkableResourceList>

  • Get a list of ways this resource has been made linkable

    Access Control:

    • The calling principal must have permission to take all the "requiredToMakeLinkable" actions against the service inferred via the reserved resource prefix of the resource in the path in the scope of the home project of the resource.

    • Example: In order to make a catalog linkable, the following permission would be required:

    • "action" : "manageResource"

    • "resource" : "hrn:here:data::olp-here:my-shared-catalog"

    This API works only with tokens that are scoped to the home project of the resource.

    summary

    Get a list of ways the resource has been made linkable

    Parameters

    • builder: RequestBuilder
    • params: { limit?: number; pageToken?: string; resource: string; xCorrelationID?: string }
      • Optional limit?: number
      • Optional pageToken?: string
      • resource: string
      • Optional xCorrelationID?: string

    Returns Promise<LinkableResourceList>

getMyGroups

getMyRoles

getProject

  • Get the requested Project

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the read action for the specified resource.

    • Example: In order to get a project, the following permission would be required:

    • "action" : "read"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • This API works only with tokens that are not scoped to a project.

    summary

    Get the requested Project

    Parameters

    • builder: RequestBuilder
    • params: { project: string; xCorrelationID?: string }
      • project: string
      • Optional xCorrelationID?: string

    Returns Promise<ProjectResponse>

getProjectList

  • Get the list of Projects you are a project admin or a member based on the "canManage" or "isMember" parameter's value.

    note

    If neither "canManage" nor "isMember" is specified, "isMember=true" projects are returned. Supported values for "canManage" / "isMember" is : [true]

    Access Control:

    • User Access Token & Client Access Token
    • This API works only with tokens that are not scoped to a project.
    summary

    Get the list of Projects that you are a project admin or a member based on the "canManage" or "isMember" parameter's value

    Parameters

    • builder: RequestBuilder
    • params: { canManage?: boolean; isMember?: boolean; limit?: number; pageToken?: string; xCorrelationID?: string }
      • Optional canManage?: boolean
      • Optional isMember?: boolean
      • Optional limit?: number
      • Optional pageToken?: string
      • Optional xCorrelationID?: string

    Returns Promise<ProjectListWithPageToken>

getProjectMember

  • getProjectMember(builder: RequestBuilder, params: { member: string; project: string; xCorrelationID?: string }): Promise<ProjectMember>

  • Get the requested Project Member

    Access Control:

    • User Access Token & Client Access Token
    • The calling principal must have permission to take the read action for the specified resource.
    • Example: In order to get a member of a Project, the following permission would be required:
    • "action" : "read"
    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"
    • This API works only with tokens that are not scoped to a project.
    summary

    Get the requested Project Member

    Parameters

    • builder: RequestBuilder
    • params: { member: string; project: string; xCorrelationID?: string }
      • member: string
      • project: string
      • Optional xCorrelationID?: string

    Returns Promise<ProjectMember>

getProjectPolicy

  • Get the requested Project Policy

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the read action for the specified resource.

    • Example: In order to read a project policy, the following permission would be required:

    • "action" : "read"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • In the Project workflow, the above permission is granted to all Project Members, Project Admins, Org Admins

    • This API works only with tokens that are not scoped to a project.

    summary

    Get the Project Policy

    Parameters

    • builder: RequestBuilder
    • params: { policy: string; project: string }
      • policy: string
      • project: string

    Returns Promise<ProjectPolicyResponse>

getProjectPolicyList

  • getProjectPolicyList(builder: RequestBuilder, params: { limit?: number; pageToken?: string; project: string; projectPolicyType?: string; xCorrelationID?: string }): Promise<ProjectPolicyListResponse>

  • List the Policies that can be attached to members of the Project. This list will contain all the HERE provided policies and any custom user defined policies created in the Project.

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the read action for the specified resource.

    • Example: In order to read a policy list of a Project, the following permission would be required:

    • "action" : "read"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • In the Project workflow, the above permission is granted to all Project Members, Project Admins, Org Admins

    • This API works only with tokens that are not scoped to a project.

    summary

    List the Policies in a Project

    Parameters

    • builder: RequestBuilder
    • params: { limit?: number; pageToken?: string; project: string; projectPolicyType?: string; xCorrelationID?: string }
      • Optional limit?: number
      • Optional pageToken?: string
      • project: string
      • Optional projectPolicyType?: string
      • Optional xCorrelationID?: string

    Returns Promise<ProjectPolicyListResponse>

getProjectResource

  • Get the resource that is linked to the requested Project.

    The requested resource may be linked as either a home or a reference(link).

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the read action for the specified project

    • Example: In order to get resource "hrn:here:data::myrealm:my-catalog-0000" in the project "hrn:here:authorization::myrealm:project/my-project-0000", the following permission would be required:

    • "action" : "read"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • This API works only with tokens that are not scoped to a project.

    summary

    Get a resource that is linked to a Project as either a Resource Home or Resource Reference(Link)

    Parameters

    • builder: RequestBuilder
    • params: { project: string; relation?: "home" | "reference"; resource: string; xCorrelationID?: string }
      • project: string
      • Optional relation?: "home" | "reference"
      • resource: string
      • Optional xCorrelationID?: string

    Returns Promise<ResourceInProjectResponse>

getRealmMember

  • Retrieve the user or application details of the member defined by memberId. Restrictions:

    • The calling principal must have permission to take the readMembers action against the specified realm.
    example:

    In order to retrieve a member of the realm, MyRealm, a permission with the following would be required:

    • "action" : "readMembers"
    • "resource" : "hrn:here:account::myrealm:realm/myrealm"
    • This API works only with tokens that are not scoped to a project.
    summary

    Get realm member

    Parameters

    • builder: RequestBuilder
    • params: { member: string; realm: string }
      • member: string
      • realm: string

    Returns Promise<RealmMember>

getRealmMembers

  • getRealmMembers(builder: RequestBuilder, params: { count?: number; entityType?: string; pageToken?: string; q?: string; realm: string; state?: string }): Promise<RealmMemberPageWToken>

  • Retrieve the list of members within the realm. Restrictions:

    • The calling principal must have permission to take the readMembers action against the specified realm.
    example:

    In order to list the members of the realm, MyRealm, a permission with the following would be required:

    • "action" : "readMembers"
    • "resource" : "hrn:here:account::myrealm:realm/myrealm"
    • This API works only with tokens that are not scoped to a project.
    summary

    Get realm members

    Parameters

    • builder: RequestBuilder
    • params: { count?: number; entityType?: string; pageToken?: string; q?: string; realm: string; state?: string }
      • Optional count?: number
      • Optional entityType?: string
      • Optional pageToken?: string
      • Optional q?: string
      • realm: string
      • Optional state?: string

    Returns Promise<RealmMemberPageWToken>

getResource

  • Get the Resource that the caller is allowed to see based on the input query parameters

    This API works only with tokens that are not scoped to a project.

    summary

    Get a single resource

    Parameters

    • builder: RequestBuilder
    • params: { referenceable: boolean; resource: string; xCorrelationID?: string }
      • referenceable: boolean
      • resource: string
      • Optional xCorrelationID?: string

    Returns Promise<ResourceResponse>

getResourceActionsForProject

  • getResourceActionsForProject(builder: RequestBuilder, params: { project: string; resource: string; type: string; xCorrelationID?: string }): Promise<string[]>

  • Gets the actions list for the resource for the project based on the query parameters.

    The list of available actions are filtered based on the relation of the resource, either home or reference with the allowed actions. This API provides a list of available actions during project workflows like linking or project policy creation.

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the read action for the specified project

    • Example: In order to get resource "hrn:here:data::myrealm:my-catalog-0000" in the project "hrn:here:authorization::myrealm:project/my-project-0000", the following permission would be required:

    • "action" : "read"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • This API works only with tokens that are not scoped to a project.

    summary

    Get a list of actions that are allowed for the project resource

    Parameters

    • builder: RequestBuilder
    • params: { project: string; resource: string; type: string; xCorrelationID?: string }
      • project: string
      • resource: string
      • type: string
      • Optional xCorrelationID?: string

    Returns Promise<string[]>

getResourceLinkability

  • getResourceLinkability(builder: RequestBuilder, params: { availableToHrn: string; resource: string; xCorrelationID?: string }): Promise<LinkableResource>

  • Get the availability for linking this resource to either a project or realm.

    Access Control:

    • The calling principal must have permission to take all the "requiredToMakeLinkable" actions against the service inferred via the reserved resource prefix of the resource in the path in the scope of the home project of the resource.

    • Example: In order to get the catalog linkability, the following permission would be required:

    • "action" : "manageResource"

    • "resource" : "hrn:here:data::olp-here:my-shared-catalog" This API works only with tokens that are scoped to the home project of the resource.

    summary

    Get the linkability of a resource

    Parameters

    • builder: RequestBuilder
    • params: { availableToHrn: string; resource: string; xCorrelationID?: string }
      • availableToHrn: string
      • resource: string
      • Optional xCorrelationID?: string

    Returns Promise<LinkableResource>

getResourceProjects

  • Get the list of Projects that the resource belongs to or is referenced in(linked to). The returned list will only include projects that are in the caller's realm.

    note

    If the presented access token has a project scope, the response will include:

    • The home project of the resource
    • The list of Projects that the resource has been made linkable to
    • The include the list of Projects that the resource has been linked to

    If the presented access token has no scope, the response will include:

    • The list of Projects filtered out based on the membership of the caller.

    Access Control for project scoped call:

    • The calling principal must have permission to take all the "requiredToMakeLinkable" actions against the service inferred via the reserved resource prefix of the resource in the path in the scope of the home project of the resource.

    • Example: In order to make a catalog linkable, the following permission would be required:

    • "action" : "manageResource"

    • "resource" : "hrn:here:data::olp-here:my-shared-catalog"

    summary

    Get the requested Projects that the resource belongs to or is referenced in(linked to)

    Parameters

    • builder: RequestBuilder
    • params: { limit?: number; pageToken?: string; relation?: "home" | "reference"; resource: string; xCorrelationID?: string }
      • Optional limit?: number
      • Optional pageToken?: string
      • Optional relation?: "home" | "reference"
      • resource: string
      • Optional xCorrelationID?: string

    Returns Promise<ResourceProjectListWithPageToken>

getResourceTypeActionList

  • getResourceTypeActionList(builder: RequestBuilder, params: { resourceType: Type; type: string; xCorrelationID?: string }): Promise<string[]>

getResources

  • Get a list of Resources that the caller is allowed to see based on the input query parameters.

    note

    If the presented access token has a project scope:

    • The response will only include resources from that project or,

    • If referenceable=true or linkable=true, the response will include the resources that are available to the caller to link to the project in the token's project scope.

    • If the presented access token has no scope:

    • The response will include resources from all projects that the caller has access to.

    • For type='catalog' the response will also include resources that exist outside of any project.

    • For all other types, the response will NOT include resources that exist outside of any project.

    • For referenceable=true or linkable=true, the response will ONLY include the HERE public resources that are available to the caller to link to ANY project * This API works with tokens that are scoped and not scoped to a project.

    summary

    Get a list of resources

    Parameters

    • builder: RequestBuilder
    • params: { access?: string; limit?: number; linkable?: boolean; pageToken?: string; referenceable?: boolean; type: Type; xCorrelationID?: string }
      • Optional access?: string
      • Optional limit?: number
      • Optional linkable?: boolean
      • Optional pageToken?: string
      • Optional referenceable?: boolean
      • type: Type
      • Optional xCorrelationID?: string

    Returns Promise<ResourceListDetailedWithPageToken>

getRole

  • Get the role identified by the provided Role HRN.

    Restrictions:

    • The calling principal must have permission to take the readRoles action against the specified realm.

    Example: In order to retrieve a role within the realm, MyRealm, a permission with the following would be required:

    • "action" : "readRoles"
    • "resource" : "hrn:here:account::myrealm:realm/myrealm"
    • This API works only with tokens that are not scoped to a project.
    summary

    Get Role

    Parameters

    Returns Promise<Role>

getRoleEntities

  • Retrieve the list of entities which have been assigned the role as identified by the provided role HRN.

    Restrictions:

    • The calling principal must have permission to take the readEntities action against the specified role.

    Example: In order to list the entities assigned the role, _ hrn:here:authorization::myrealm:role/ROLE-c1662138-a170-4264-ba18-7b506a708c37_, a permission with the following would be required:

    • "action" : "readEntities"
    • "resource" : "hrn:here:authorization::myrealm:role/ROLE-c1662138-a170-4264-ba18-7b506a708c37"
    • This API works only with tokens that are not scoped to a project.
    summary

    Get role entities

    Parameters

    • builder: RequestBuilder
    • params: { count?: number; pageToken?: string; role: string }
      • Optional count?: number
      • Optional pageToken?: string
      • role: string

    Returns Promise<RoleEntityPageWToken>

getRoleEntity

  • Retrieve a single entity which has been assigned the role as identified by the provided role HRN.

    Restrictions:

    • The calling principal must have permission to take the readEntities action against the specified role.
    • Example: In order to retrieve an entity assigned the role, GroupAdmin, a permission with the following would be required:
    • "action" : "readEntities"
    • "resource" : "hrn:here:authorization::myrealm:role/ROLE-c1662138-a170-4264-ba18-7b506a708c37"
    • This API works only with tokens that are not scoped to a project.
    summary

    Get a single role entity

    Parameters

    • builder: RequestBuilder
    • params: { entity: string; role: string }
      • entity: string
      • role: string

    Returns Promise<RoleEntity>

getRolePermission

  • Get a single permission associated with the role identified by the provided Role HRN.

    Restrictions:

    • The calling principal must have permission to take the readPermissions action against the specified role.
    • Example: In order to retrieve a single role permission for the specified role in realm MyRealm, a permission with the following would be required:
    • "action" : "readPermissions"
    • "resource" : "hrn:here:authorization::myrealm:role/ROLE-c1662138-a170-4264-ba18-7b506a708c37"
    • This API works only with tokens that are not scoped to a project.
    summary

    Get Role Permission

    Parameters

    • builder: RequestBuilder
    • params: { permission: string; role: string }
      • permission: string
      • role: string

    Returns Promise<ActivePermission>

getRolePermissions

  • Get the permissions associated with the role identified by the provided Role HRN.

    Restrictions:

    • The calling principal must have permission to take the readPermissions action against the specified role.

    Example: In order to list role permissions for the specified role in realm MyRealm, a permission with the following would be required:

    • "action" : "readPermissions"
    • "resource" : "hrn:here:authorization::myrealm:role/ROLE-c1662138-a170-4264-ba18-7b506a708c37"
    • This API works only with tokens that are not scoped to a project.
    summary

    Get Role Permissions

    Parameters

    • builder: RequestBuilder
    • params: { count?: number; pageToken?: string; role: string }
      • Optional count?: number
      • Optional pageToken?: string
      • role: string

    Returns Promise<PermissionPageWToken>

getRoles

  • getRoles(builder: RequestBuilder, params?: { count?: number; pageToken?: string; resource?: string; roleName?: string }): Promise<RolePageWToken>

  • Retrieve the list of roles within the context of the provided realm.

    Restrictions:

    • The calling principal must have permission to take the readRoles action against the specified realm.
    • Example: In order to list roles within the realm, MyRealm, a permission with the following would be required:
    • "action" : "readRoles"
    • "resource" : "hrn:here:account::myrealm:realm/myrealm"
    • This API works only with tokens that are not scoped to a project.
    summary

    Get Roles

    Parameters

    • builder: RequestBuilder
    • Optional params: { count?: number; pageToken?: string; resource?: string; roleName?: string }
      • Optional count?: number
      • Optional pageToken?: string
      • Optional resource?: string
      • Optional roleName?: string

    Returns Promise<RolePageWToken>

leaveGroup

  • leaveGroup(builder: RequestBuilder, params: { groupId: string }): Promise<Response>

  • Remove the calling party from the group. This operation will also remove administrative roles from this member. This API works only with tokens that are not scoped to a project.

    summary

    Removes the calling party from a group

    Parameters

    Returns Promise<Response>

leaveProject

  • leaveProject(builder: RequestBuilder, params: { project: string; xCorrelationID?: string }): Promise<Response>

  • Remove the caller from the specified Project

    Access Control:

    • User Access Token & Client Access Token
    • Authorization : None
    • This API works only with tokens that are not scoped to a project.
    summary

    Remove the caller from the specified Project

    Parameters

    • builder: RequestBuilder
    • params: { project: string; xCorrelationID?: string }
      • project: string
      • Optional xCorrelationID?: string

    Returns Promise<Response>

listGrants

  • listGrants(builder: RequestBuilder, params: { count?: number; entityType?: string; pageToken?: string; resourceHrn: string }): Promise<EntityGrants>

  • List grants on user, apps, or groups. This call describes the permissions assigned to any user, app, or group in the same realm as the calling principal that has been granted access to the specified resource through an exact matching permission. Permissions granted through policies and roles are not included. Restrictions:

    • The calling principal must have permission to take the listGrants OR share action against the specified resource.
    • Example: In order to list grants against resource hrn:here:data:::my-shared-catalog a permission with the following would be required:
    • "action" : "listGrants"
    • "resource" : "hrn:here:data:::my-shared-catalog" OR
    • "action" : "share"
    • "resource" : "hrn:here:data:::my-shared-catalog"
    • This API works only with tokens that are not scoped to a project.
    summary

    List grants on users, apps, or groups

    Parameters

    • builder: RequestBuilder
    • params: { count?: number; entityType?: string; pageToken?: string; resourceHrn: string }
      • Optional count?: number
      • Optional entityType?: string
      • Optional pageToken?: string
      • resourceHrn: string

    Returns Promise<EntityGrants>

listProjectMembers

  • Get the list of members of the Project

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the read action for the specified resource.

    • Example: In order to get a list of project members, the following permission would be required:

    • "action" : "read"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • This API works only with tokens that are not scoped to a project.

    • if 'onlyIncludeIdentities' query parameter is set to true, 'total' is NOT returned in Response

    summary

    Get the list of members of the Project

    Parameters

    • builder: RequestBuilder
    • params: { limit?: number; onlyIncludeIdentities?: boolean; pageToken?: string; project: string; xCorrelationID?: string }
      • Optional limit?: number
      • Optional onlyIncludeIdentities?: boolean
      • Optional pageToken?: string
      • project: string
      • Optional xCorrelationID?: string

    Returns Promise<ProjectMemberListWithPageToken>

listProjectResources

  • listProjectResources(builder: RequestBuilder, params: { limit?: number; pageToken?: string; project: string; relation?: "home" | "reference"; type?: "artifact" | "catalog" | "pipeline" | "pipeline-template" | "schema" | "flow" | "flow-pattern"; xCorrelationID?: string }): Promise<ResourceInProjectListWithPageToken>

  • Get the list of resources in the requested Project & referenced in(linked to) the Project

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the read action for the specified resource.

    • Example: In order to get the list of resources in the Project, the following permission would be required:

    • "action" : "read"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • This API works only with tokens that are not scoped to a project.

    summary

    Get the list of resources in the requested Project & referenced in(linked to) the Project

    Parameters

    • builder: RequestBuilder
    • params: { limit?: number; pageToken?: string; project: string; relation?: "home" | "reference"; type?: "artifact" | "catalog" | "pipeline" | "pipeline-template" | "schema" | "flow" | "flow-pattern"; xCorrelationID?: string }
      • Optional limit?: number
      • Optional pageToken?: string
      • project: string
      • Optional relation?: "home" | "reference"
      • Optional type?: "artifact" | "catalog" | "pipeline" | "pipeline-template" | "schema" | "flow" | "flow-pattern"
      • Optional xCorrelationID?: string

    Returns Promise<ResourceInProjectListWithPageToken>

listRealmResources

  • listRealmResources(builder: RequestBuilder, params: { limit?: number; pageToken?: string; type?: "artifact" | "catalog" | "pipeline" | "pipeline-template" | "schema" | "flow" | "flow-pattern"; xCorrelationID?: string }): Promise<ResourceListWithPageToken>

  • Get List of all the resources in the realm of the caller

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the listRealmResources action for the specified resource.

    • Example: In order to get a list of projects, the following permission would be required:

    • "action" : "listRealmResources"

    This API works only with tokens that are scoped to a project.

    summary

    Get List of all the resources in the realm of the caller

    Parameters

    • builder: RequestBuilder
    • params: { limit?: number; pageToken?: string; type?: "artifact" | "catalog" | "pipeline" | "pipeline-template" | "schema" | "flow" | "flow-pattern"; xCorrelationID?: string }
      • Optional limit?: number
      • Optional pageToken?: string
      • Optional type?: "artifact" | "catalog" | "pipeline" | "pipeline-template" | "schema" | "flow" | "flow-pattern"
      • Optional xCorrelationID?: string

    Returns Promise<ResourceListWithPageToken>

makeResourceLinkable

  • Adds a listing to make this resource linkable to either a project or entire realm.

    The resource must belong to a project to be made linkable. Either projectHrn or realmHrn must be provided to make the resource linkable to.

    Access Control:

    • The calling principal must have permission to take all the "requiredToMakeLinkable" actions against the service inferred via the reserved resource prefix of the resource in the path in the scope of the home project of the resource.

    • Example: In order to make a catalog linkable, the following permission would be required:

    • "action" : "manageResource"

    • "resource" : "hrn:here:data::olp-here:my-shared-catalog"

    This API works only with tokens that are scoped to the home project of the resource.

    summary

    Make a resource Linkable

    Parameters

    Returns Promise<LinkableResource>

patchProject

  • Update the specified Project

    Access Control:

    • User Access Token & Client Access Token
    • The calling principal must have permission to take the write action for the specified resource.
    • Example: In order to update a Project, the following permission would be required:
    • "action" : "write"
    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"
    • This API works only with tokens that are not scoped to a project.
    summary

    Update the specified Project

    Parameters

    Returns Promise<ProjectResponse>

removeGrant

  • removeGrant(builder: RequestBuilder, params: { actionId: string; entityId: string; entityType: string; resourceHrn: string }): Promise<Response>

  • Revoke access to a resource from an entity. The result of this call is that the specified entity will have any directly assigned permission to take the specified action against the specified resource removed.

    Restrictions:

    • The realm of the calling principal must match the realm of the requested app.

    • The calling principal must have permission to take the removeGrant:{actionId} OR share action against the specified resource.

    • Example: In order to remove a grant for the readResource action against resource hrn:here:data:::my-shared-catalog a permission with the following would be required:

    • "action" : "removeGrant:readResource"

    • "resource" : "hrn:here:data:::my-shared-catalog" OR

    • "action" : "share"

    • "resource" : "hrn:here:data:::my-shared-catalog"

    • This API works only with tokens that are not scoped to a project.

    summary

    Revoke access to a resource from an entity

    Parameters

    • builder: RequestBuilder
    • params: { actionId: string; entityId: string; entityType: string; resourceHrn: string }
      • actionId: string
      • entityId: string
      • entityType: string
      • resourceHrn: string

    Returns Promise<Response>

removeGroupMember

  • removeGroupMember(builder: RequestBuilder, params: { groupId: string; member: string }): Promise<Response>

  • Remove a member from the group. This operation will also remove administrative roles from this member.

    Restrictions:

    • The calling principal must have permission to take the manageMembers action against the group identified by the provided group HRN.

    • Example: In order to remove a member from the group, GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a, a permission with the following would be required:

    • "action" : "manageMembers"

    • "resource" : "hrn:here:authorization::myrealm:group/GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a"

    • This API works only with tokens that are not scoped to a project.

    summary

    Remove a member from the group.

    Parameters

    • builder: RequestBuilder
    • params: { groupId: string; member: string }
      • groupId: string
      • member: string

    Returns Promise<Response>

removeResourceLinkability

  • removeResourceLinkability(builder: RequestBuilder, params: { availableToHrn: string; resource: string; xCorrelationID?: string }): Promise<Response>

  • Remove the linkability of this resource against the requested project or realm.

    note

    This action does not have any impact on pre-existing links.

    Access Control:

    • The calling principal must have permission to take all the "requiredToMakeLinkable" actions against the service inferred via the reserved resource prefix of the resource in the path in the scope of the home project of the resource.
    • Example: In order to remove the catalog linkability, the following permission would be required:
    • "action" : "manageResource"
    • "resource" : "hrn:here:data::olp-here:my-shared-catalog"

    This API works only with tokens that are scoped to the home project of the resource.

    summary

    Remove the linkability of a resource

    Parameters

    • builder: RequestBuilder
    • params: { availableToHrn: string; resource: string; xCorrelationID?: string }
      • availableToHrn: string
      • resource: string
      • Optional xCorrelationID?: string

    Returns Promise<Response>

resendRealmMemberInvite

  • resendRealmMemberInvite(builder: RequestBuilder, params: { invite: string; realm: string }): Promise<Response>

  • Resend an invitation to a new member to the realm. Restrictions:

    • The calling principal must have permission to take the manageInvites action against the specified realm.
    example:

    In order to resend an invite to a new user to the realm, MyRealm, a permission with the following would be required:

    • "action" : "manageInvites"
    • "resource" : "hrn:here:account::myrealm:realm/myrealm"
    • This API works only with tokens that are not scoped to a project.
    summary

    Resend an invitation to a user in a realm

    Parameters

    • builder: RequestBuilder
    • params: { invite: string; realm: string }
      • invite: string
      • realm: string

    Returns Promise<Response>

searchRealmMemberInvites

  • searchRealmMemberInvites(builder: RequestBuilder, params: { count?: number; group?: string; pageToken?: string; q?: string; realm: string }): Promise<InvitePageWToken>

  • Search for invitations in the realm, optionally providing a group. Restrictions:

    • The calling principal must have permission to take the manageInvites action against the realm associated with the calling party.
    example:

    In order to list the invitations within the calling party's realm a permission with the following would be required:

    • "action" : "manageInvites"
    • "resource" : "hrn:here:account::myrealm:realm/myrealm"
    • This API works only with tokens that are not scoped to a project.
    summary

    Search for invitations in a realm

    Parameters

    • builder: RequestBuilder
    • params: { count?: number; group?: string; pageToken?: string; q?: string; realm: string }
      • Optional count?: number
      • Optional group?: string
      • Optional pageToken?: string
      • Optional q?: string
      • realm: string

    Returns Promise<InvitePageWToken>

setAttachedProjectPoliciesToMember

  • Sets the Attached Policies list for the specified Project Member, overwriting any pre-existing Attached Policies. The request body will replace any pre-existing Policy attachment(s), and replace that list with those Policies identified in the request body.

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the manageMembers action for the specified resource.

    • Example: In order to attach a custom policy in a Project to a member, the following permissions would be required:

    • "action" : "manageMembers"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000" AND * "action" : "managePolicies"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • In the Project workflow, the above permission is granted to all Project Admins and Resource Managers

    • This API works only with tokens that are not scoped to a project.

    summary

    Set Attached Policies for Member

    Parameters

    Returns Promise<AttachedPolicy[]>

updateGroup

  • Update the group identified by the provided group HRN by updating all writable group fields including name and description.

    Restrictions:

    • The calling principal must have permission to take the updateGroup action against the group identified by the provided group HRN.

    • Example: In order to modify the group, GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a, a permission with the following would be required:

    • "action" : "updateGroup"

    • "resource" : "hrn:here:authorization::myrealm:group/GROUP-8e270653-f592-45a8-88d7-46d409ccfa8a"

    • This API works only with tokens that are not scoped to a project.

    summary

    Update group

    Parameters

    Returns Promise<Group>

updateProjectPolicy

  • Update the requested custom policy in the Project

    Access Control:

    • User Access Token & Client Access Token

    • The calling principal must have permission to take the managePolicies action for the specified resource.

    • Example: In order to update a custom policy in a Project, the following permission would be required:

    • "action" : "managePolicies"

    • "resource" : "hrn:here:authorization::myrealm:project/my-project-0000"

    • In the Project workflow, the above permission is granted to all Project Admins and Resource Managers

    • This API works only with tokens that are not scoped to a project.

    summary

    Update the requested Project Policy

    Parameters

    Returns Promise<ProjectPolicyResponse>

updateResourceLinkability

  • Update the linkability of this resource against the requested project or realm.

    Access Control: * The calling principal must have permission to take all the "requiredToMakeLinkable" actions against the service inferred via the reserved resource prefix of the resource in the path in the scope of the home project of the resource.

    • Example: In order to update the catalog linkability, the following permission would be required:
    • "action" : "manageResource"
    • "resource" : "hrn:here:data::olp-here:my-shared-catalog"

    This API works only with tokens that are scoped to the home project of the resource.

    summary

    Update the linkability of a resource

    Parameters

    Returns Promise<LinkableResource>

Legend

  • Namespace
  • Variable
  • Function
  • Type alias
  • Class
  • Class with type parameter
  • Enumeration
  • Interface

Settings

Theme

Generated using TypeDoc