ibm_cloud_iam 1.0.1 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (493) hide show
  1. checksums.yaml +4 -4
  2. data/LICENSE.txt +202 -0
  3. data/README.md +548 -36
  4. data/docs/APIKeysApi.md +714 -0
  5. data/docs/AccessGroupCount.md +20 -0
  6. data/docs/AccountBasedMfaEnrollment.md +24 -0
  7. data/docs/AccountIdpSettings.md +32 -0
  8. data/docs/AccountLimitsApi.md +173 -0
  9. data/docs/AccountLoginSettings.md +18 -0
  10. data/docs/AccountSettingsApi.md +224 -0
  11. data/docs/AccountSettingsAssignedTemplatesSection.md +46 -0
  12. data/docs/AccountSettingsEffectiveSection.md +38 -0
  13. data/docs/AccountSettingsForIdPApi.md +489 -0
  14. data/docs/AccountSettingsMeta.md +24 -0
  15. data/docs/AccountSettingsRequest.md +40 -0
  16. data/docs/AccountSettingsResponse.md +48 -0
  17. data/docs/AccountSettingsTemplateApi.md +720 -0
  18. data/docs/AccountSettingsTemplateAssignmentsApi.md +376 -0
  19. data/docs/AccountSettingsTemplateList.md +30 -0
  20. data/docs/AccountSettingsTemplateRequest.md +24 -0
  21. data/docs/AccountSettingsTemplateResponse.md +44 -0
  22. data/docs/AccountSettingsUserDomainRestriction.md +22 -0
  23. data/docs/AccountSettingsUserMFAResponse.md +28 -0
  24. data/docs/ActionControls.md +22 -0
  25. data/docs/ActionControlsIdentities.md +20 -0
  26. data/docs/ActivitiesApi.md +149 -0
  27. data/docs/Activity.md +20 -0
  28. data/docs/AddAccountIdpSettingRequest.md +22 -0
  29. data/docs/ApiKey.md +44 -33
  30. data/docs/ApiKeyInsideCreateServiceIdRequest.md +18 -13
  31. data/docs/ApiKeyList.md +20 -19
  32. data/docs/ApikeyActivity.md +28 -0
  33. data/docs/ApikeyActivityServiceid.md +20 -0
  34. data/docs/ApikeyActivityUser.md +24 -0
  35. data/docs/AssignedTemplatesAccountSettings.md +40 -0
  36. data/docs/CommonAccountSettingsRequest.md +36 -0
  37. data/docs/CommonAccountSettingsResponse.md +34 -0
  38. data/docs/ConsumersResponse.md +20 -0
  39. data/docs/ConsumersResponseConsumersInner.md +20 -0
  40. data/docs/CreateApiKeyRequest.md +24 -17
  41. data/docs/CreateIdpRequest.md +30 -0
  42. data/docs/CreateIdpRequestProperties.md +20 -0
  43. data/docs/CreateIdpRequestPropertiesIdp.md +26 -0
  44. data/docs/CreateIdpRequestPropertiesSp.md +32 -0
  45. data/docs/CreateIdpRequestPropertiesSpAuthnContext.md +20 -0
  46. data/docs/CreateIdpRequestSecrets.md +20 -0
  47. data/docs/CreateIdpRequestSecretsIdp.md +22 -0
  48. data/docs/CreateIdpRequestSecretsIdpSigningInner.md +20 -0
  49. data/docs/CreateIdpRequestSecretsSp.md +18 -0
  50. data/docs/CreateIdpRequestSecretsSpSigningInner.md +24 -0
  51. data/docs/CreateProfileLinkRequest.md +24 -0
  52. data/docs/CreateProfileLinkRequestLink.md +26 -0
  53. data/docs/CreateServiceIdGroupRequest.md +22 -0
  54. data/docs/CreateServiceIdRequest.md +18 -15
  55. data/docs/CreateTemplateAssignmentRequest.md +24 -0
  56. data/docs/CreateTrustedProfileRequest.md +24 -0
  57. data/docs/EffectiveAccountSettingsResponse.md +26 -0
  58. data/docs/EnityHistoryRecord.md +18 -17
  59. data/docs/EntityActivity.md +22 -0
  60. data/docs/Error.md +14 -13
  61. data/docs/ExceptionResponse.md +14 -13
  62. data/docs/ExceptionResponseContext.md +30 -29
  63. data/docs/IDPManagementApi.md +692 -0
  64. data/docs/IdBasedMfaEnrollment.md +26 -0
  65. data/docs/IdentityCount.md +20 -0
  66. data/docs/IdentityLimitsUsageRequest.md +42 -0
  67. data/docs/IdentityLimitsUsageResponse.md +44 -0
  68. data/docs/IdentityLimitsUsageResponseApikeysPerIdentity.md +20 -0
  69. data/docs/IdentityLimitsUsageResponseClaimRulesPerGroup.md +20 -0
  70. data/docs/IdentityLimitsUsageResponseClaimRulesPerProfile.md +20 -0
  71. data/docs/IdentityLimitsUsageResponseServiceidsPerGroup.md +20 -0
  72. data/docs/IdentityLimitsUsageResponseTemplateVersionsPerTemplate.md +20 -0
  73. data/docs/IdentityPreferenceResponse.md +28 -0
  74. data/docs/IdentityPreferencesApi.md +304 -0
  75. data/docs/IdentityPreferencesResponse.md +18 -0
  76. data/docs/Idp.md +38 -0
  77. data/docs/LimitCount.md +20 -0
  78. data/docs/ListIdPSettings200Response.md +18 -0
  79. data/docs/ListIdps200Response.md +18 -0
  80. data/docs/MFAEnrollmentStatusApi.md +216 -0
  81. data/docs/MFARequirementsResponse.md +12 -11
  82. data/docs/MfaEnrollmentTypeStatus.md +20 -0
  83. data/docs/MfaOptions.md +15 -0
  84. data/docs/OidcExceptionResponse.md +16 -15
  85. data/docs/PolicyTemplateReference.md +20 -0
  86. data/docs/ProfileClaimRule.md +36 -0
  87. data/docs/ProfileClaimRuleConditions.md +22 -0
  88. data/docs/ProfileClaimRuleList.md +20 -0
  89. data/docs/ProfileClaimRuleRequest.md +30 -0
  90. data/docs/ProfileCount.md +20 -0
  91. data/docs/ProfileIdentitiesResponse.md +20 -0
  92. data/docs/ProfileIdentitiesUpdateRequest.md +18 -0
  93. data/docs/ProfileIdentityRequest.md +24 -0
  94. data/docs/ProfileIdentityResponse.md +26 -0
  95. data/docs/ProfileLink.md +32 -0
  96. data/docs/ProfileLinkLink.md +26 -0
  97. data/docs/ProfileLinkList.md +18 -0
  98. data/docs/Report.md +34 -0
  99. data/docs/ReportMfaEnrollmentStatus.md +28 -0
  100. data/docs/ReportReference.md +18 -0
  101. data/docs/ResponseContext.md +28 -27
  102. data/docs/RetrictActions.md +15 -0
  103. data/docs/SamlMetadataImportResponse.md +42 -0
  104. data/docs/ServiceIDGroupsApi.md +347 -0
  105. data/docs/ServiceIDsApi.md +515 -0
  106. data/docs/ServiceId.md +38 -33
  107. data/docs/ServiceIdGroup.md +34 -0
  108. data/docs/ServiceIdGroupCount.md +20 -0
  109. data/docs/ServiceIdGroupList.md +18 -0
  110. data/docs/ServiceIdList.md +20 -19
  111. data/docs/ShareScope.md +20 -0
  112. data/docs/TemplateAccountSettings.md +40 -0
  113. data/docs/TemplateAccountSettingsAllOfRestrictUserDomains.md +20 -0
  114. data/docs/TemplateAssignmentListResponse.md +30 -0
  115. data/docs/TemplateAssignmentResource.md +18 -0
  116. data/docs/TemplateAssignmentResourceError.md +24 -0
  117. data/docs/TemplateAssignmentResponse.md +48 -0
  118. data/docs/TemplateAssignmentResponseResource.md +24 -0
  119. data/docs/TemplateAssignmentResponseResourceDetail.md +26 -0
  120. data/docs/TemplateCount.md +20 -0
  121. data/docs/TemplateProfileComponentRequest.md +26 -0
  122. data/docs/TemplateProfileComponentResponse.md +26 -0
  123. data/docs/TestResult.md +28 -0
  124. data/docs/TestResultStepsInner.md +24 -0
  125. data/docs/TestTriggerResponse.md +20 -0
  126. data/docs/TokenResponse.md +18 -17
  127. data/docs/TokenRetrievalApi.md +461 -0
  128. data/docs/TrustedProfile.md +50 -0
  129. data/docs/TrustedProfileTemplateApi.md +720 -0
  130. data/docs/TrustedProfileTemplateAssignmentsApi.md +376 -0
  131. data/docs/TrustedProfileTemplateClaimRule.md +26 -0
  132. data/docs/TrustedProfileTemplateList.md +30 -0
  133. data/docs/TrustedProfileTemplateRequest.md +28 -0
  134. data/docs/TrustedProfileTemplateResponse.md +48 -0
  135. data/docs/TrustedProfilesApi.md +1414 -0
  136. data/docs/TrustedProfilesList.md +30 -0
  137. data/docs/UpdateAccountIdpSettingRequest.md +22 -0
  138. data/docs/UpdateAccountLoginSettings.md +18 -0
  139. data/docs/UpdateApiKeyRequest.md +16 -9
  140. data/docs/UpdateIdPRequest.md +28 -0
  141. data/docs/UpdateIdPRequestProperties.md +20 -0
  142. data/docs/UpdateIdPRequestPropertiesIdp.md +24 -0
  143. data/docs/UpdateIdPRequestSecrets.md +20 -0
  144. data/docs/UpdateIdPRequestSecretsIdp.md +20 -0
  145. data/docs/UpdatePreferenceRequest.md +20 -0
  146. data/docs/UpdateServiceIdGroupRequest.md +20 -0
  147. data/docs/UpdateServiceIdRequest.md +12 -11
  148. data/docs/UpdateTemplateAssignmentRequest.md +18 -0
  149. data/docs/UpdateTrustedProfileRequest.md +22 -0
  150. data/docs/UserActivity.md +26 -0
  151. data/docs/UserMFAResolved.md +24 -0
  152. data/docs/UserMfa.md +20 -0
  153. data/docs/UserMfaEnrollments.md +24 -0
  154. data/docs/UserReportMfaEnrollmentStatus.md +30 -0
  155. data/docs/UserVisbilityRetrictActions.md +15 -0
  156. data/docs/UserVisbilityRetrictActionsForTemplate.md +15 -0
  157. data/git_push.sh +3 -4
  158. data/ibm_cloud_iam.gemspec +6 -5
  159. data/lib/ibm_cloud_iam/api/account_limits_api.rb +208 -0
  160. data/lib/ibm_cloud_iam/api/account_settings_api.rb +262 -0
  161. data/lib/ibm_cloud_iam/api/account_settings_for_id_p_api.rb +571 -0
  162. data/lib/ibm_cloud_iam/api/account_settings_template_api.rb +823 -0
  163. data/lib/ibm_cloud_iam/api/account_settings_template_assignments_api.rb +422 -0
  164. data/lib/ibm_cloud_iam/api/activities_api.rb +174 -0
  165. data/lib/ibm_cloud_iam/api/api_keys_api.rb +786 -0
  166. data/lib/ibm_cloud_iam/api/identity_preferences_api.rb +357 -0
  167. data/lib/ibm_cloud_iam/api/idp_management_api.rb +744 -0
  168. data/lib/ibm_cloud_iam/api/mfa_enrollment_status_api.rb +248 -0
  169. data/lib/ibm_cloud_iam/api/service_id_groups_api.rb +392 -0
  170. data/lib/ibm_cloud_iam/api/service_ids_api.rb +575 -0
  171. data/lib/ibm_cloud_iam/api/token_retrieval_api.rb +557 -0
  172. data/lib/ibm_cloud_iam/api/trusted_profile_template_api.rb +823 -0
  173. data/lib/ibm_cloud_iam/api/trusted_profile_template_assignments_api.rb +422 -0
  174. data/lib/ibm_cloud_iam/api/trusted_profiles_api.rb +1630 -0
  175. data/lib/ibm_cloud_iam/api_client.rb +74 -65
  176. data/lib/ibm_cloud_iam/api_error.rb +4 -3
  177. data/lib/ibm_cloud_iam/api_model_base.rb +88 -0
  178. data/lib/ibm_cloud_iam/configuration.rb +75 -15
  179. data/lib/ibm_cloud_iam/models/access_group_count.rb +159 -0
  180. data/lib/ibm_cloud_iam/models/account_based_mfa_enrollment.rb +243 -0
  181. data/lib/ibm_cloud_iam/models/account_idp_settings.rb +244 -0
  182. data/lib/ibm_cloud_iam/models/account_login_settings.rb +147 -0
  183. data/lib/ibm_cloud_iam/models/account_settings_assigned_templates_section.rb +377 -0
  184. data/lib/ibm_cloud_iam/models/account_settings_effective_section.rb +282 -0
  185. data/lib/ibm_cloud_iam/models/account_settings_meta.rb +179 -0
  186. data/lib/ibm_cloud_iam/models/account_settings_request.rb +301 -0
  187. data/lib/ibm_cloud_iam/models/account_settings_response.rb +567 -0
  188. data/lib/ibm_cloud_iam/models/account_settings_template_list.rb +256 -0
  189. data/lib/ibm_cloud_iam/models/account_settings_template_request.rb +178 -0
  190. data/lib/ibm_cloud_iam/models/account_settings_template_response.rb +416 -0
  191. data/lib/ibm_cloud_iam/models/account_settings_user_domain_restriction.rb +188 -0
  192. data/lib/ibm_cloud_iam/models/account_settings_user_mfa_response.rb +261 -0
  193. data/lib/ibm_cloud_iam/models/action_controls.rb +199 -0
  194. data/lib/ibm_cloud_iam/models/action_controls_identities.rb +190 -0
  195. data/lib/ibm_cloud_iam/models/activity.rb +175 -0
  196. data/lib/ibm_cloud_iam/models/add_account_idp_setting_request.rb +243 -0
  197. data/lib/ibm_cloud_iam/models/api_key.rb +188 -104
  198. data/lib/ibm_cloud_iam/models/api_key_inside_create_service_id_request.rb +70 -99
  199. data/lib/ibm_cloud_iam/models/api_key_list.rb +46 -95
  200. data/lib/ibm_cloud_iam/models/apikey_activity.rb +231 -0
  201. data/lib/ibm_cloud_iam/models/apikey_activity_serviceid.rb +159 -0
  202. data/lib/ibm_cloud_iam/models/apikey_activity_user.rb +179 -0
  203. data/lib/ibm_cloud_iam/models/assigned_templates_account_settings.rb +296 -0
  204. data/lib/ibm_cloud_iam/models/common_account_settings_request.rb +272 -0
  205. data/lib/ibm_cloud_iam/models/common_account_settings_response.rb +260 -0
  206. data/lib/ibm_cloud_iam/models/consumers_response.rb +158 -0
  207. data/lib/ibm_cloud_iam/models/consumers_response_consumers_inner.rb +158 -0
  208. data/lib/ibm_cloud_iam/models/create_api_key_request.rb +92 -99
  209. data/lib/ibm_cloud_iam/models/create_idp_request.rb +283 -0
  210. data/lib/ibm_cloud_iam/models/create_idp_request_properties.rb +157 -0
  211. data/lib/ibm_cloud_iam/models/create_idp_request_properties_idp.rb +189 -0
  212. data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp.rb +222 -0
  213. data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp_authn_context.rb +163 -0
  214. data/lib/ibm_cloud_iam/models/create_idp_request_secrets.rb +157 -0
  215. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp.rb +173 -0
  216. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp_signing_inner.rb +192 -0
  217. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp.rb +151 -0
  218. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp_signing_inner.rb +212 -0
  219. data/lib/ibm_cloud_iam/models/create_profile_link_request.rb +211 -0
  220. data/lib/ibm_cloud_iam/models/create_profile_link_request_link.rb +206 -0
  221. data/lib/ibm_cloud_iam/models/create_service_id_group_request.rb +203 -0
  222. data/lib/ibm_cloud_iam/models/create_service_id_request.rb +68 -95
  223. data/lib/ibm_cloud_iam/models/create_template_assignment_request.rb +280 -0
  224. data/lib/ibm_cloud_iam/models/create_trusted_profile_request.rb +213 -0
  225. data/lib/ibm_cloud_iam/models/effective_account_settings_response.rb +239 -0
  226. data/lib/ibm_cloud_iam/models/enity_history_record.rb +112 -101
  227. data/lib/ibm_cloud_iam/models/entity_activity.rb +185 -0
  228. data/lib/ibm_cloud_iam/models/error.rb +69 -94
  229. data/lib/ibm_cloud_iam/models/exception_response.rb +57 -94
  230. data/lib/ibm_cloud_iam/models/exception_response_context.rb +33 -94
  231. data/lib/ibm_cloud_iam/models/id_based_mfa_enrollment.rb +270 -0
  232. data/lib/ibm_cloud_iam/models/identity_count.rb +159 -0
  233. data/lib/ibm_cloud_iam/models/identity_limits_usage_request.rb +283 -0
  234. data/lib/ibm_cloud_iam/models/identity_limits_usage_response.rb +265 -0
  235. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_apikeys_per_identity.rb +178 -0
  236. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_group.rb +178 -0
  237. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_profile.rb +178 -0
  238. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_serviceids_per_group.rb +178 -0
  239. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_template_versions_per_template.rb +178 -0
  240. data/lib/ibm_cloud_iam/models/identity_preference_response.rb +200 -0
  241. data/lib/ibm_cloud_iam/models/identity_preferences_response.rb +167 -0
  242. data/lib/ibm_cloud_iam/models/idp.rb +239 -0
  243. data/lib/ibm_cloud_iam/models/limit_count.rb +176 -0
  244. data/lib/ibm_cloud_iam/models/list_id_p_settings200_response.rb +149 -0
  245. data/lib/ibm_cloud_iam/models/list_idps200_response.rb +149 -0
  246. data/lib/ibm_cloud_iam/models/mfa_enrollment_type_status.rb +192 -0
  247. data/lib/ibm_cloud_iam/models/mfa_options.rb +45 -0
  248. data/lib/ibm_cloud_iam/models/mfa_requirements_response.rb +69 -94
  249. data/lib/ibm_cloud_iam/models/oidc_exception_response.rb +57 -94
  250. data/lib/ibm_cloud_iam/models/policy_template_reference.rb +193 -0
  251. data/lib/ibm_cloud_iam/models/profile_claim_rule.rb +342 -0
  252. data/lib/ibm_cloud_iam/models/profile_claim_rule_conditions.rb +219 -0
  253. data/lib/ibm_cloud_iam/models/profile_claim_rule_list.rb +176 -0
  254. data/lib/ibm_cloud_iam/models/profile_claim_rule_request.rb +243 -0
  255. data/lib/ibm_cloud_iam/models/profile_count.rb +159 -0
  256. data/lib/ibm_cloud_iam/models/profile_identities_response.rb +160 -0
  257. data/lib/ibm_cloud_iam/models/profile_identities_update_request.rb +150 -0
  258. data/lib/ibm_cloud_iam/models/profile_identity_request.rb +238 -0
  259. data/lib/ibm_cloud_iam/models/profile_identity_response.rb +265 -0
  260. data/lib/ibm_cloud_iam/models/profile_link.rb +320 -0
  261. data/lib/ibm_cloud_iam/models/profile_link_link.rb +188 -0
  262. data/lib/ibm_cloud_iam/models/profile_link_list.rb +167 -0
  263. data/lib/ibm_cloud_iam/models/report.rb +321 -0
  264. data/lib/ibm_cloud_iam/models/report_mfa_enrollment_status.rb +268 -0
  265. data/lib/ibm_cloud_iam/models/report_reference.rb +165 -0
  266. data/lib/ibm_cloud_iam/models/response_context.rb +33 -94
  267. data/lib/ibm_cloud_iam/models/retrict_actions.rb +41 -0
  268. data/lib/ibm_cloud_iam/models/saml_metadata_import_response.rb +494 -0
  269. data/lib/ibm_cloud_iam/models/service_id.rb +184 -108
  270. data/lib/ibm_cloud_iam/models/service_id_group.rb +313 -0
  271. data/lib/ibm_cloud_iam/models/service_id_group_count.rb +159 -0
  272. data/lib/ibm_cloud_iam/models/service_id_group_list.rb +167 -0
  273. data/lib/ibm_cloud_iam/models/service_id_list.rb +47 -96
  274. data/lib/ibm_cloud_iam/models/share_scope.rb +190 -0
  275. data/lib/ibm_cloud_iam/models/template_account_settings.rb +296 -0
  276. data/lib/ibm_cloud_iam/models/template_account_settings_all_of_restrict_user_domains.rb +159 -0
  277. data/lib/ibm_cloud_iam/models/template_assignment_list_response.rb +227 -0
  278. data/lib/ibm_cloud_iam/models/template_assignment_resource.rb +149 -0
  279. data/lib/ibm_cloud_iam/models/template_assignment_resource_error.rb +179 -0
  280. data/lib/ibm_cloud_iam/models/template_assignment_response.rb +506 -0
  281. data/lib/ibm_cloud_iam/models/template_assignment_response_resource.rb +196 -0
  282. data/lib/ibm_cloud_iam/models/template_assignment_response_resource_detail.rb +203 -0
  283. data/lib/ibm_cloud_iam/models/template_count.rb +159 -0
  284. data/lib/ibm_cloud_iam/models/template_profile_component_request.rb +210 -0
  285. data/lib/ibm_cloud_iam/models/template_profile_component_response.rb +210 -0
  286. data/lib/ibm_cloud_iam/models/test_result.rb +194 -0
  287. data/lib/ibm_cloud_iam/models/test_result_steps_inner.rb +174 -0
  288. data/lib/ibm_cloud_iam/models/test_trigger_response.rb +156 -0
  289. data/lib/ibm_cloud_iam/models/token_response.rb +33 -94
  290. data/lib/ibm_cloud_iam/models/trusted_profile.rb +411 -0
  291. data/lib/ibm_cloud_iam/models/trusted_profile_template_claim_rule.rb +248 -0
  292. data/lib/ibm_cloud_iam/models/trusted_profile_template_list.rb +256 -0
  293. data/lib/ibm_cloud_iam/models/trusted_profile_template_request.rb +199 -0
  294. data/lib/ibm_cloud_iam/models/trusted_profile_template_response.rb +369 -0
  295. data/lib/ibm_cloud_iam/models/trusted_profiles_list.rb +227 -0
  296. data/lib/ibm_cloud_iam/models/update_account_idp_setting_request.rb +202 -0
  297. data/lib/ibm_cloud_iam/models/update_account_login_settings.rb +148 -0
  298. data/lib/ibm_cloud_iam/models/update_api_key_request.rb +68 -99
  299. data/lib/ibm_cloud_iam/models/update_id_p_request.rb +198 -0
  300. data/lib/ibm_cloud_iam/models/update_id_p_request_properties.rb +157 -0
  301. data/lib/ibm_cloud_iam/models/update_id_p_request_properties_idp.rb +179 -0
  302. data/lib/ibm_cloud_iam/models/update_id_p_request_secrets.rb +157 -0
  303. data/lib/ibm_cloud_iam/models/update_id_p_request_secrets_idp.rb +163 -0
  304. data/lib/ibm_cloud_iam/models/update_preference_request.rb +161 -0
  305. data/lib/ibm_cloud_iam/models/update_service_id_group_request.rb +176 -0
  306. data/lib/ibm_cloud_iam/models/update_service_id_request.rb +34 -95
  307. data/lib/ibm_cloud_iam/models/update_template_assignment_request.rb +175 -0
  308. data/lib/ibm_cloud_iam/models/update_trusted_profile_request.rb +169 -0
  309. data/lib/ibm_cloud_iam/models/user_activity.rb +222 -0
  310. data/lib/ibm_cloud_iam/models/user_mfa.rb +179 -0
  311. data/lib/ibm_cloud_iam/models/user_mfa_enrollments.rb +193 -0
  312. data/lib/ibm_cloud_iam/models/user_mfa_resolved.rb +178 -0
  313. data/lib/ibm_cloud_iam/models/user_report_mfa_enrollment_status.rb +291 -0
  314. data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions.rb +40 -0
  315. data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions_for_template.rb +41 -0
  316. data/lib/ibm_cloud_iam/version.rb +4 -4
  317. data/lib/ibm_cloud_iam.rb +140 -9
  318. data/spec/api/account_limits_api_spec.rb +75 -0
  319. data/spec/api/account_settings_api_spec.rb +80 -0
  320. data/spec/api/account_settings_for_id_p_api_spec.rb +132 -0
  321. data/spec/api/account_settings_template_api_spec.rb +184 -0
  322. data/spec/api/account_settings_template_assignments_api_spec.rb +112 -0
  323. data/spec/api/activities_api_spec.rb +64 -0
  324. data/spec/api/api_keys_api_spec.rb +182 -0
  325. data/spec/api/identity_preferences_api_spec.rb +98 -0
  326. data/spec/api/idp_management_api_spec.rb +166 -0
  327. data/spec/api/mfa_enrollment_status_api_spec.rb +77 -0
  328. data/spec/api/service_id_groups_api_spec.rb +102 -0
  329. data/spec/api/service_ids_api_spec.rb +143 -0
  330. data/spec/api/token_retrieval_api_spec.rb +134 -0
  331. data/spec/api/trusted_profile_template_api_spec.rb +184 -0
  332. data/spec/api/trusted_profile_template_assignments_api_spec.rb +112 -0
  333. data/spec/api/trusted_profiles_api_spec.rb +328 -0
  334. data/spec/models/access_group_count_spec.rb +42 -0
  335. data/spec/models/account_based_mfa_enrollment_spec.rb +54 -0
  336. data/spec/models/account_idp_settings_spec.rb +82 -0
  337. data/spec/models/account_login_settings_spec.rb +36 -0
  338. data/spec/models/account_settings_assigned_templates_section_spec.rb +120 -0
  339. data/spec/models/account_settings_effective_section_spec.rb +96 -0
  340. data/spec/models/account_settings_meta_spec.rb +54 -0
  341. data/spec/models/account_settings_request_spec.rb +102 -0
  342. data/spec/models/account_settings_response_spec.rb +126 -0
  343. data/spec/models/account_settings_template_list_spec.rb +72 -0
  344. data/spec/models/account_settings_template_request_spec.rb +54 -0
  345. data/spec/models/account_settings_template_response_spec.rb +114 -0
  346. data/spec/models/account_settings_user_domain_restriction_spec.rb +48 -0
  347. data/spec/models/account_settings_user_mfa_response_spec.rb +66 -0
  348. data/spec/models/action_controls_identities_spec.rb +42 -0
  349. data/spec/models/action_controls_spec.rb +48 -0
  350. data/spec/models/activity_spec.rb +42 -0
  351. data/spec/models/add_account_idp_setting_request_spec.rb +52 -0
  352. data/spec/models/api_key_inside_create_service_id_request_spec.rb +24 -17
  353. data/spec/models/api_key_list_spec.rb +15 -20
  354. data/spec/models/api_key_spec.rb +52 -27
  355. data/spec/models/apikey_activity_serviceid_spec.rb +42 -0
  356. data/spec/models/apikey_activity_spec.rb +66 -0
  357. data/spec/models/apikey_activity_user_spec.rb +54 -0
  358. data/spec/models/assigned_templates_account_settings_spec.rb +102 -0
  359. data/spec/models/common_account_settings_request_spec.rb +90 -0
  360. data/spec/models/common_account_settings_response_spec.rb +84 -0
  361. data/spec/models/consumers_response_consumers_inner_spec.rb +42 -0
  362. data/spec/models/consumers_response_spec.rb +42 -0
  363. data/spec/models/create_api_key_request_spec.rb +32 -19
  364. data/spec/models/create_idp_request_properties_idp_spec.rb +60 -0
  365. data/spec/models/create_idp_request_properties_sp_authn_context_spec.rb +42 -0
  366. data/spec/models/create_idp_request_properties_sp_spec.rb +78 -0
  367. data/spec/models/create_idp_request_properties_spec.rb +42 -0
  368. data/spec/models/create_idp_request_secrets_idp_signing_inner_spec.rb +46 -0
  369. data/spec/models/create_idp_request_secrets_idp_spec.rb +48 -0
  370. data/spec/models/create_idp_request_secrets_sp_signing_inner_spec.rb +58 -0
  371. data/spec/models/create_idp_request_secrets_sp_spec.rb +36 -0
  372. data/spec/models/create_idp_request_secrets_spec.rb +42 -0
  373. data/spec/models/create_idp_request_spec.rb +76 -0
  374. data/spec/models/create_profile_link_request_link_spec.rb +60 -0
  375. data/spec/models/create_profile_link_request_spec.rb +54 -0
  376. data/spec/models/create_service_id_group_request_spec.rb +48 -0
  377. data/spec/models/create_service_id_request_spec.rb +19 -18
  378. data/spec/models/create_template_assignment_request_spec.rb +58 -0
  379. data/spec/models/create_trusted_profile_request_spec.rb +54 -0
  380. data/spec/models/effective_account_settings_response_spec.rb +60 -0
  381. data/spec/models/enity_history_record_spec.rb +14 -19
  382. data/spec/models/entity_activity_spec.rb +48 -0
  383. data/spec/models/error_spec.rb +12 -17
  384. data/spec/models/exception_response_context_spec.rb +20 -25
  385. data/spec/models/exception_response_spec.rb +12 -17
  386. data/spec/models/id_based_mfa_enrollment_spec.rb +64 -0
  387. data/spec/models/identity_count_spec.rb +42 -0
  388. data/spec/models/identity_limits_usage_request_spec.rb +108 -0
  389. data/spec/models/identity_limits_usage_response_apikeys_per_identity_spec.rb +42 -0
  390. data/spec/models/identity_limits_usage_response_claim_rules_per_group_spec.rb +42 -0
  391. data/spec/models/identity_limits_usage_response_claim_rules_per_profile_spec.rb +42 -0
  392. data/spec/models/identity_limits_usage_response_serviceids_per_group_spec.rb +42 -0
  393. data/spec/models/identity_limits_usage_response_spec.rb +114 -0
  394. data/spec/models/identity_limits_usage_response_template_versions_per_template_spec.rb +42 -0
  395. data/spec/models/identity_preference_response_spec.rb +66 -0
  396. data/spec/models/identity_preferences_response_spec.rb +36 -0
  397. data/spec/models/idp_spec.rb +96 -0
  398. data/spec/models/limit_count_spec.rb +42 -0
  399. data/spec/models/list_id_p_settings200_response_spec.rb +36 -0
  400. data/spec/models/list_idps200_response_spec.rb +36 -0
  401. data/spec/models/mfa_enrollment_type_status_spec.rb +42 -0
  402. data/spec/models/mfa_options_spec.rb +30 -0
  403. data/spec/models/mfa_requirements_response_spec.rb +11 -16
  404. data/spec/models/oidc_exception_response_spec.rb +13 -18
  405. data/spec/models/policy_template_reference_spec.rb +42 -0
  406. data/spec/models/profile_claim_rule_conditions_spec.rb +48 -0
  407. data/spec/models/profile_claim_rule_list_spec.rb +42 -0
  408. data/spec/models/profile_claim_rule_request_spec.rb +72 -0
  409. data/spec/models/profile_claim_rule_spec.rb +90 -0
  410. data/spec/models/profile_count_spec.rb +42 -0
  411. data/spec/models/profile_identities_response_spec.rb +42 -0
  412. data/spec/models/profile_identities_update_request_spec.rb +36 -0
  413. data/spec/models/profile_identity_request_spec.rb +58 -0
  414. data/spec/models/profile_identity_response_spec.rb +64 -0
  415. data/spec/models/profile_link_link_spec.rb +60 -0
  416. data/spec/models/profile_link_list_spec.rb +36 -0
  417. data/spec/models/profile_link_spec.rb +78 -0
  418. data/spec/models/report_mfa_enrollment_status_spec.rb +66 -0
  419. data/spec/models/report_reference_spec.rb +36 -0
  420. data/spec/models/report_spec.rb +84 -0
  421. data/spec/models/response_context_spec.rb +19 -24
  422. data/spec/models/retrict_actions_spec.rb +30 -0
  423. data/spec/models/saml_metadata_import_response_spec.rb +112 -0
  424. data/spec/models/service_id_group_count_spec.rb +42 -0
  425. data/spec/models/service_id_group_list_spec.rb +36 -0
  426. data/spec/models/service_id_group_spec.rb +84 -0
  427. data/spec/models/service_id_list_spec.rb +15 -20
  428. data/spec/models/service_id_spec.rb +34 -27
  429. data/spec/models/share_scope_spec.rb +46 -0
  430. data/spec/models/template_account_settings_all_of_restrict_user_domains_spec.rb +42 -0
  431. data/spec/models/template_account_settings_spec.rb +102 -0
  432. data/spec/models/template_assignment_list_response_spec.rb +72 -0
  433. data/spec/models/template_assignment_resource_error_spec.rb +54 -0
  434. data/spec/models/template_assignment_resource_spec.rb +36 -0
  435. data/spec/models/template_assignment_response_resource_detail_spec.rb +60 -0
  436. data/spec/models/template_assignment_response_resource_spec.rb +54 -0
  437. data/spec/models/template_assignment_response_spec.rb +126 -0
  438. data/spec/models/template_count_spec.rb +42 -0
  439. data/spec/models/template_profile_component_request_spec.rb +60 -0
  440. data/spec/models/template_profile_component_response_spec.rb +60 -0
  441. data/spec/models/test_result_spec.rb +66 -0
  442. data/spec/models/test_result_steps_inner_spec.rb +54 -0
  443. data/spec/models/test_trigger_response_spec.rb +42 -0
  444. data/spec/models/token_response_spec.rb +14 -19
  445. data/spec/models/trusted_profile_spec.rb +132 -0
  446. data/spec/models/trusted_profile_template_claim_rule_spec.rb +64 -0
  447. data/spec/models/trusted_profile_template_list_spec.rb +72 -0
  448. data/spec/models/trusted_profile_template_request_spec.rb +66 -0
  449. data/spec/models/trusted_profile_template_response_spec.rb +126 -0
  450. data/spec/models/trusted_profiles_list_spec.rb +72 -0
  451. data/spec/models/update_account_idp_setting_request_spec.rb +52 -0
  452. data/spec/models/update_account_login_settings_spec.rb +36 -0
  453. data/spec/models/update_api_key_request_spec.rb +28 -15
  454. data/spec/models/update_id_p_request_properties_idp_spec.rb +54 -0
  455. data/spec/models/update_id_p_request_properties_spec.rb +42 -0
  456. data/spec/models/update_id_p_request_secrets_idp_spec.rb +42 -0
  457. data/spec/models/update_id_p_request_secrets_spec.rb +42 -0
  458. data/spec/models/update_id_p_request_spec.rb +66 -0
  459. data/spec/models/update_preference_request_spec.rb +42 -0
  460. data/spec/models/update_service_id_group_request_spec.rb +42 -0
  461. data/spec/models/update_service_id_request_spec.rb +11 -16
  462. data/spec/models/update_template_assignment_request_spec.rb +36 -0
  463. data/spec/models/update_trusted_profile_request_spec.rb +48 -0
  464. data/spec/models/user_activity_spec.rb +60 -0
  465. data/spec/models/user_mfa_enrollments_spec.rb +54 -0
  466. data/spec/models/user_mfa_resolved_spec.rb +54 -0
  467. data/spec/models/user_mfa_spec.rb +42 -0
  468. data/spec/models/user_report_mfa_enrollment_status_spec.rb +72 -0
  469. data/spec/models/user_visbility_retrict_actions_for_template_spec.rb +30 -0
  470. data/spec/models/user_visbility_retrict_actions_spec.rb +30 -0
  471. data/spec/spec_helper.rb +3 -3
  472. metadata +550 -36
  473. data/docs/IdentityOperationsApi.md +0 -828
  474. data/docs/InlineObject.md +0 -19
  475. data/docs/InlineObject1.md +0 -23
  476. data/docs/InlineObject2.md +0 -21
  477. data/docs/InlineObject3.md +0 -25
  478. data/docs/TokenOperationsApi.md +0 -226
  479. data/ibm_cloud_iam-1.0.0.gem +0 -0
  480. data/lib/ibm_cloud_iam/api/identity_operations_api.rb +0 -1083
  481. data/lib/ibm_cloud_iam/api/token_operations_api.rb +0 -351
  482. data/lib/ibm_cloud_iam/models/inline_object.rb +0 -229
  483. data/lib/ibm_cloud_iam/models/inline_object1.rb +0 -254
  484. data/lib/ibm_cloud_iam/models/inline_object2.rb +0 -244
  485. data/lib/ibm_cloud_iam/models/inline_object3.rb +0 -269
  486. data/spec/api/identity_operations_api_spec.rb +0 -253
  487. data/spec/api/token_operations_api_spec.rb +0 -94
  488. data/spec/api_client_spec.rb +0 -226
  489. data/spec/configuration_spec.rb +0 -42
  490. data/spec/models/inline_object1_spec.rb +0 -59
  491. data/spec/models/inline_object2_spec.rb +0 -53
  492. data/spec/models/inline_object3_spec.rb +0 -65
  493. data/spec/models/inline_object_spec.rb +0 -47
@@ -0,0 +1,461 @@
1
+ # IbmCloudIam::TokenRetrievalApi
2
+
3
+ All URIs are relative to *https://iam.cloud.ibm.com*
4
+
5
+ | Method | HTTP request | Description |
6
+ | ------ | ------------ | ----------- |
7
+ | [**get_token_api_key**](TokenRetrievalApi.md#get_token_api_key) | **POST** /identity/token#apikey | Create an IAM access token for a user or service ID using an API key |
8
+ | [**get_token_api_key_delegated_refresh_token**](TokenRetrievalApi.md#get_token_api_key_delegated_refresh_token) | **POST** /identity/token#apikey-delegated-refresh-token | Create an IAM access token and delegated refresh token for a user or service ID |
9
+ | [**get_token_assume**](TokenRetrievalApi.md#get_token_assume) | **POST** /identity/token#assume | Create an IAM access token for a Trusted Profile based on the provided entity. Provided entity can be a identity based token which can be a user token, service id token or a cookie. |
10
+ | [**get_token_cr_token**](TokenRetrievalApi.md#get_token_cr_token) | **POST** /identity/token#cr-token | Create an IAM access token for a Trusted Profile based on the provided Compute Resource token |
11
+ | [**get_token_iam_authz**](TokenRetrievalApi.md#get_token_iam_authz) | **POST** /identity/token#iam-authz | Create an IAM access token based on an authorization policy |
12
+ | [**get_token_password**](TokenRetrievalApi.md#get_token_password) | **POST** /identity/token#password | Create an IAM access token for a user using username / password credentials and an optional account identifier |
13
+
14
+
15
+ ## get_token_api_key
16
+
17
+ > <TokenResponse> get_token_api_key(grant_type, apikey, opts)
18
+
19
+ Create an IAM access token for a user or service ID using an API key
20
+
21
+ Creates a non-opaque access token for an API key.
22
+
23
+ ### Examples
24
+
25
+ ```ruby
26
+ require 'time'
27
+ require 'ibm_cloud_iam'
28
+
29
+ api_instance = IbmCloudIam::TokenRetrievalApi.new
30
+ grant_type = 'grant_type_example' # String | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:apikey`.
31
+ apikey = 'apikey_example' # String | The value of the api key.
32
+ opts = {
33
+ ibm_cloud_tenant: 'ibm_cloud_tenant_example' # String | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the API key can only be created if the account id or enterprise id of the API key is contained in this header.
34
+ }
35
+
36
+ begin
37
+ # Create an IAM access token for a user or service ID using an API key
38
+ result = api_instance.get_token_api_key(grant_type, apikey, opts)
39
+ p result
40
+ rescue IbmCloudIam::ApiError => e
41
+ puts "Error when calling TokenRetrievalApi->get_token_api_key: #{e}"
42
+ end
43
+ ```
44
+
45
+ #### Using the get_token_api_key_with_http_info variant
46
+
47
+ This returns an Array which contains the response data, status code and headers.
48
+
49
+ > <Array(<TokenResponse>, Integer, Hash)> get_token_api_key_with_http_info(grant_type, apikey, opts)
50
+
51
+ ```ruby
52
+ begin
53
+ # Create an IAM access token for a user or service ID using an API key
54
+ data, status_code, headers = api_instance.get_token_api_key_with_http_info(grant_type, apikey, opts)
55
+ p status_code # => 2xx
56
+ p headers # => { ... }
57
+ p data # => <TokenResponse>
58
+ rescue IbmCloudIam::ApiError => e
59
+ puts "Error when calling TokenRetrievalApi->get_token_api_key_with_http_info: #{e}"
60
+ end
61
+ ```
62
+
63
+ ### Parameters
64
+
65
+ | Name | Type | Description | Notes |
66
+ | ---- | ---- | ----------- | ----- |
67
+ | **grant_type** | **String** | Grant type for this API call. You must set the grant type to &#x60;urn:ibm:params:oauth:grant-type:apikey&#x60;. | |
68
+ | **apikey** | **String** | The value of the api key. | |
69
+ | **ibm_cloud_tenant** | **String** | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the API key can only be created if the account id or enterprise id of the API key is contained in this header. | [optional] |
70
+
71
+ ### Return type
72
+
73
+ [**TokenResponse**](TokenResponse.md)
74
+
75
+ ### Authorization
76
+
77
+ No authorization required
78
+
79
+ ### HTTP request headers
80
+
81
+ - **Content-Type**: application/x-www-form-urlencoded
82
+ - **Accept**: application/json
83
+
84
+
85
+ ## get_token_api_key_delegated_refresh_token
86
+
87
+ > <TokenResponse> get_token_api_key_delegated_refresh_token(grant_type, apikey, response_type, receiver_client_ids, opts)
88
+
89
+ Create an IAM access token and delegated refresh token for a user or service ID
90
+
91
+ Creates a non-opaque access token and a delegated refresh token for an API key.
92
+
93
+ ### Examples
94
+
95
+ ```ruby
96
+ require 'time'
97
+ require 'ibm_cloud_iam'
98
+
99
+ api_instance = IbmCloudIam::TokenRetrievalApi.new
100
+ grant_type = 'grant_type_example' # String | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:apikey`.
101
+ apikey = 'apikey_example' # String | The value of the API key.
102
+ response_type = 'response_type_example' # String | Either 'delegated_refresh_token' to receive a delegated refresh token only, or 'cloud_iam delegated_refresh_token' to receive both an IAM access token and a delegated refresh token in one API call.
103
+ receiver_client_ids = 'receiver_client_ids_example' # String | A comma separated list of one or more client IDs that will be able to consume the delegated refresh token. The service that accepts a delegated refresh token as API parameter must expose its client ID to allow this API call. The receiver of the delegated refresh token will be able to use the refresh token until it expires.
104
+ opts = {
105
+ ibm_cloud_tenant: 'ibm_cloud_tenant_example', # String | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the API key can only be created if the account id or enterprise id of the API key is contained in this header.
106
+ delegated_refresh_token_expiry: 56 # Integer | Expiration in seconds until the delegated refresh token must be consumed by the receiver client IDs. After the expiration, no client ID can consume the delegated refresh token, even if the life time of the refresh token inside is still not expired. The default, if not specified, is 518,400 seconds which corresponds to 6 days.
107
+ }
108
+
109
+ begin
110
+ # Create an IAM access token and delegated refresh token for a user or service ID
111
+ result = api_instance.get_token_api_key_delegated_refresh_token(grant_type, apikey, response_type, receiver_client_ids, opts)
112
+ p result
113
+ rescue IbmCloudIam::ApiError => e
114
+ puts "Error when calling TokenRetrievalApi->get_token_api_key_delegated_refresh_token: #{e}"
115
+ end
116
+ ```
117
+
118
+ #### Using the get_token_api_key_delegated_refresh_token_with_http_info variant
119
+
120
+ This returns an Array which contains the response data, status code and headers.
121
+
122
+ > <Array(<TokenResponse>, Integer, Hash)> get_token_api_key_delegated_refresh_token_with_http_info(grant_type, apikey, response_type, receiver_client_ids, opts)
123
+
124
+ ```ruby
125
+ begin
126
+ # Create an IAM access token and delegated refresh token for a user or service ID
127
+ data, status_code, headers = api_instance.get_token_api_key_delegated_refresh_token_with_http_info(grant_type, apikey, response_type, receiver_client_ids, opts)
128
+ p status_code # => 2xx
129
+ p headers # => { ... }
130
+ p data # => <TokenResponse>
131
+ rescue IbmCloudIam::ApiError => e
132
+ puts "Error when calling TokenRetrievalApi->get_token_api_key_delegated_refresh_token_with_http_info: #{e}"
133
+ end
134
+ ```
135
+
136
+ ### Parameters
137
+
138
+ | Name | Type | Description | Notes |
139
+ | ---- | ---- | ----------- | ----- |
140
+ | **grant_type** | **String** | Grant type for this API call. You must set the grant type to &#x60;urn:ibm:params:oauth:grant-type:apikey&#x60;. | |
141
+ | **apikey** | **String** | The value of the API key. | |
142
+ | **response_type** | **String** | Either &#39;delegated_refresh_token&#39; to receive a delegated refresh token only, or &#39;cloud_iam delegated_refresh_token&#39; to receive both an IAM access token and a delegated refresh token in one API call. | |
143
+ | **receiver_client_ids** | **String** | A comma separated list of one or more client IDs that will be able to consume the delegated refresh token. The service that accepts a delegated refresh token as API parameter must expose its client ID to allow this API call. The receiver of the delegated refresh token will be able to use the refresh token until it expires. | |
144
+ | **ibm_cloud_tenant** | **String** | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the API key can only be created if the account id or enterprise id of the API key is contained in this header. | [optional] |
145
+ | **delegated_refresh_token_expiry** | **Integer** | Expiration in seconds until the delegated refresh token must be consumed by the receiver client IDs. After the expiration, no client ID can consume the delegated refresh token, even if the life time of the refresh token inside is still not expired. The default, if not specified, is 518,400 seconds which corresponds to 6 days. | [optional] |
146
+
147
+ ### Return type
148
+
149
+ [**TokenResponse**](TokenResponse.md)
150
+
151
+ ### Authorization
152
+
153
+ No authorization required
154
+
155
+ ### HTTP request headers
156
+
157
+ - **Content-Type**: application/x-www-form-urlencoded
158
+ - **Accept**: application/json
159
+
160
+
161
+ ## get_token_assume
162
+
163
+ > <TokenResponse> get_token_assume(grant_type, opts)
164
+
165
+ Create an IAM access token for a Trusted Profile based on the provided entity. Provided entity can be a identity based token which can be a user token, service id token or a cookie.
166
+
167
+ Creates a non-opaque access token for a profile.
168
+
169
+ ### Examples
170
+
171
+ ```ruby
172
+ require 'time'
173
+ require 'ibm_cloud_iam'
174
+
175
+ api_instance = IbmCloudIam::TokenRetrievalApi.new
176
+ grant_type = 'grant_type_example' # String | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:assume`.
177
+ opts = {
178
+ access_token: 'access_token_example', # String | Pass one of 'access_token', 'refresh_token' or 'cookie' to get a token for the profile. Provided access_token/refresh_token/iam_cookie need to be generated for the user or service id that has trust relationship with the profile. If the profile being assumed must satisfy an MFA requirement for the account, the access_token/refresh_token (...etc) used to assume the profile must meet the same requirement, using the same level MFA or higher.
179
+ refresh_token: 'refresh_token_example', # String | see 'access_token'
180
+ cookie: 'cookie_example', # String | see 'access_token'
181
+ profile_id: 'profile_id_example', # String | Pass one of 'profile_id', 'profile_crn' or 'profile_name' and 'account' to select which profile should be used for this IAM token. If you pass a 'profile_id' or 'profile_crn', then the profile must exist in the same account. If you pass a 'profile_name' then 'account' need to be passed in the request where the profile is looked up based on the account.
182
+ profile_name: 'profile_name_example', # String | see 'profile_id'
183
+ profile_crn: 'profile_crn_example', # String | see 'profile_id'
184
+ account: 'account_example' # String | ID of the account the profile belongs to
185
+ }
186
+
187
+ begin
188
+ # Create an IAM access token for a Trusted Profile based on the provided entity. Provided entity can be a identity based token which can be a user token, service id token or a cookie.
189
+ result = api_instance.get_token_assume(grant_type, opts)
190
+ p result
191
+ rescue IbmCloudIam::ApiError => e
192
+ puts "Error when calling TokenRetrievalApi->get_token_assume: #{e}"
193
+ end
194
+ ```
195
+
196
+ #### Using the get_token_assume_with_http_info variant
197
+
198
+ This returns an Array which contains the response data, status code and headers.
199
+
200
+ > <Array(<TokenResponse>, Integer, Hash)> get_token_assume_with_http_info(grant_type, opts)
201
+
202
+ ```ruby
203
+ begin
204
+ # Create an IAM access token for a Trusted Profile based on the provided entity. Provided entity can be a identity based token which can be a user token, service id token or a cookie.
205
+ data, status_code, headers = api_instance.get_token_assume_with_http_info(grant_type, opts)
206
+ p status_code # => 2xx
207
+ p headers # => { ... }
208
+ p data # => <TokenResponse>
209
+ rescue IbmCloudIam::ApiError => e
210
+ puts "Error when calling TokenRetrievalApi->get_token_assume_with_http_info: #{e}"
211
+ end
212
+ ```
213
+
214
+ ### Parameters
215
+
216
+ | Name | Type | Description | Notes |
217
+ | ---- | ---- | ----------- | ----- |
218
+ | **grant_type** | **String** | Grant type for this API call. You must set the grant type to &#x60;urn:ibm:params:oauth:grant-type:assume&#x60;. | |
219
+ | **access_token** | **String** | Pass one of &#39;access_token&#39;, &#39;refresh_token&#39; or &#39;cookie&#39; to get a token for the profile. Provided access_token/refresh_token/iam_cookie need to be generated for the user or service id that has trust relationship with the profile. If the profile being assumed must satisfy an MFA requirement for the account, the access_token/refresh_token (...etc) used to assume the profile must meet the same requirement, using the same level MFA or higher. | [optional] |
220
+ | **refresh_token** | **String** | see &#39;access_token&#39; | [optional] |
221
+ | **cookie** | **String** | see &#39;access_token&#39; | [optional] |
222
+ | **profile_id** | **String** | Pass one of &#39;profile_id&#39;, &#39;profile_crn&#39; or &#39;profile_name&#39; and &#39;account&#39; to select which profile should be used for this IAM token. If you pass a &#39;profile_id&#39; or &#39;profile_crn&#39;, then the profile must exist in the same account. If you pass a &#39;profile_name&#39; then &#39;account&#39; need to be passed in the request where the profile is looked up based on the account. | [optional] |
223
+ | **profile_name** | **String** | see &#39;profile_id&#39; | [optional] |
224
+ | **profile_crn** | **String** | see &#39;profile_id&#39; | [optional] |
225
+ | **account** | **String** | ID of the account the profile belongs to | [optional] |
226
+
227
+ ### Return type
228
+
229
+ [**TokenResponse**](TokenResponse.md)
230
+
231
+ ### Authorization
232
+
233
+ No authorization required
234
+
235
+ ### HTTP request headers
236
+
237
+ - **Content-Type**: application/x-www-form-urlencoded
238
+ - **Accept**: application/json
239
+
240
+
241
+ ## get_token_cr_token
242
+
243
+ > <TokenResponse> get_token_cr_token(grant_type, cr_token, opts)
244
+
245
+ Create an IAM access token for a Trusted Profile based on the provided Compute Resource token
246
+
247
+ Creates a non-opaque access token without a refresh token for a Trusted Profile
248
+
249
+ ### Examples
250
+
251
+ ```ruby
252
+ require 'time'
253
+ require 'ibm_cloud_iam'
254
+
255
+ api_instance = IbmCloudIam::TokenRetrievalApi.new
256
+ grant_type = 'grant_type_example' # String | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:cr-token`.
257
+ cr_token = 'cr_token_example' # String | The value of the Compute Resource token. As this is a JWT token, the string can get very long.
258
+ opts = {
259
+ authorization: 'authorization_example', # String | IBM Services can pass in a Basic Authorization Header representing a client id with a secret. For customers, omit this header parameter. To build a valid Basic Authorization Header, concatenate the client id with a colon and the secret, i.e. `client_id:client_secret`. This sequence must be Base64 encoded, and prefixed with `Basic`, so that a valid Basic Authorization Header would be: `Authorization: Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=`
260
+ ibm_cloud_tenant: 'ibm_cloud_tenant_example', # String | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the Trusted Profile can only be created if the Trusted Profile is part of one of the account ids or enterprise ids provided in this header.
261
+ profile_id: 'profile_id_example', # String | Pass one of 'profile_id', 'profile_name' or 'profile_crn to select which profile should be used for this IAM token. This call can only succeed if you have also linked the Trusted Profile to the Compute Resource, or you have created a Trust Rule from the Trusted Profile to the Compute Resource. If you pass a 'profile_name', then the profile is looked up based on the account_id of the Compute resource. If you pass a 'profile_id' or 'profile_crn', then the profile must exist in the same account like the Compute Resource.
262
+ profile_name: 'profile_name_example', # String | see 'profile_id'
263
+ profile_crn: 'profile_crn_example' # String | see 'profile_id'
264
+ }
265
+
266
+ begin
267
+ # Create an IAM access token for a Trusted Profile based on the provided Compute Resource token
268
+ result = api_instance.get_token_cr_token(grant_type, cr_token, opts)
269
+ p result
270
+ rescue IbmCloudIam::ApiError => e
271
+ puts "Error when calling TokenRetrievalApi->get_token_cr_token: #{e}"
272
+ end
273
+ ```
274
+
275
+ #### Using the get_token_cr_token_with_http_info variant
276
+
277
+ This returns an Array which contains the response data, status code and headers.
278
+
279
+ > <Array(<TokenResponse>, Integer, Hash)> get_token_cr_token_with_http_info(grant_type, cr_token, opts)
280
+
281
+ ```ruby
282
+ begin
283
+ # Create an IAM access token for a Trusted Profile based on the provided Compute Resource token
284
+ data, status_code, headers = api_instance.get_token_cr_token_with_http_info(grant_type, cr_token, opts)
285
+ p status_code # => 2xx
286
+ p headers # => { ... }
287
+ p data # => <TokenResponse>
288
+ rescue IbmCloudIam::ApiError => e
289
+ puts "Error when calling TokenRetrievalApi->get_token_cr_token_with_http_info: #{e}"
290
+ end
291
+ ```
292
+
293
+ ### Parameters
294
+
295
+ | Name | Type | Description | Notes |
296
+ | ---- | ---- | ----------- | ----- |
297
+ | **grant_type** | **String** | Grant type for this API call. You must set the grant type to &#x60;urn:ibm:params:oauth:grant-type:cr-token&#x60;. | |
298
+ | **cr_token** | **String** | The value of the Compute Resource token. As this is a JWT token, the string can get very long. | |
299
+ | **authorization** | **String** | IBM Services can pass in a Basic Authorization Header representing a client id with a secret. For customers, omit this header parameter. To build a valid Basic Authorization Header, concatenate the client id with a colon and the secret, i.e. &#x60;client_id:client_secret&#x60;. This sequence must be Base64 encoded, and prefixed with &#x60;Basic&#x60;, so that a valid Basic Authorization Header would be: &#x60;Authorization: Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ&#x3D;&#x60; | [optional] |
300
+ | **ibm_cloud_tenant** | **String** | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the Trusted Profile can only be created if the Trusted Profile is part of one of the account ids or enterprise ids provided in this header. | [optional] |
301
+ | **profile_id** | **String** | Pass one of &#39;profile_id&#39;, &#39;profile_name&#39; or &#39;profile_crn to select which profile should be used for this IAM token. This call can only succeed if you have also linked the Trusted Profile to the Compute Resource, or you have created a Trust Rule from the Trusted Profile to the Compute Resource. If you pass a &#39;profile_name&#39;, then the profile is looked up based on the account_id of the Compute resource. If you pass a &#39;profile_id&#39; or &#39;profile_crn&#39;, then the profile must exist in the same account like the Compute Resource. | [optional] |
302
+ | **profile_name** | **String** | see &#39;profile_id&#39; | [optional] |
303
+ | **profile_crn** | **String** | see &#39;profile_id&#39; | [optional] |
304
+
305
+ ### Return type
306
+
307
+ [**TokenResponse**](TokenResponse.md)
308
+
309
+ ### Authorization
310
+
311
+ No authorization required
312
+
313
+ ### HTTP request headers
314
+
315
+ - **Content-Type**: application/x-www-form-urlencoded
316
+ - **Accept**: application/json
317
+
318
+
319
+ ## get_token_iam_authz
320
+
321
+ > <TokenResponse> get_token_iam_authz(grant_type, access_token, desired_iam_id)
322
+
323
+ Create an IAM access token based on an authorization policy
324
+
325
+ Creates a non-opaque access token, if an appropriate authorization policy is in place. This kind of IAM access token is typically used for access between services.
326
+
327
+ ### Examples
328
+
329
+ ```ruby
330
+ require 'time'
331
+ require 'ibm_cloud_iam'
332
+
333
+ api_instance = IbmCloudIam::TokenRetrievalApi.new
334
+ grant_type = 'grant_type_example' # String | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:iam-authz`.
335
+ access_token = 'access_token_example' # String | The IAM access token of the identity that has the appropriate authorization to create an IAM access token for a given resource.
336
+ desired_iam_id = 'desired_iam_id_example' # String | The IAM ID of the IAM access token identity that should be created. The desired_iam_id identifies a resource identity. The IAM ID consists of the prefix crn- and the CRN of the target identity, e.g. crn-crn:v1:bluemix:public:cloud-object-storage:global:a/59bcbfa6ea2f006b4ed7094c1a08dcdd:1a0ec336-f391-4091-a6fb-5e084a4c56f4::.
337
+
338
+ begin
339
+ # Create an IAM access token based on an authorization policy
340
+ result = api_instance.get_token_iam_authz(grant_type, access_token, desired_iam_id)
341
+ p result
342
+ rescue IbmCloudIam::ApiError => e
343
+ puts "Error when calling TokenRetrievalApi->get_token_iam_authz: #{e}"
344
+ end
345
+ ```
346
+
347
+ #### Using the get_token_iam_authz_with_http_info variant
348
+
349
+ This returns an Array which contains the response data, status code and headers.
350
+
351
+ > <Array(<TokenResponse>, Integer, Hash)> get_token_iam_authz_with_http_info(grant_type, access_token, desired_iam_id)
352
+
353
+ ```ruby
354
+ begin
355
+ # Create an IAM access token based on an authorization policy
356
+ data, status_code, headers = api_instance.get_token_iam_authz_with_http_info(grant_type, access_token, desired_iam_id)
357
+ p status_code # => 2xx
358
+ p headers # => { ... }
359
+ p data # => <TokenResponse>
360
+ rescue IbmCloudIam::ApiError => e
361
+ puts "Error when calling TokenRetrievalApi->get_token_iam_authz_with_http_info: #{e}"
362
+ end
363
+ ```
364
+
365
+ ### Parameters
366
+
367
+ | Name | Type | Description | Notes |
368
+ | ---- | ---- | ----------- | ----- |
369
+ | **grant_type** | **String** | Grant type for this API call. You must set the grant type to &#x60;urn:ibm:params:oauth:grant-type:iam-authz&#x60;. | |
370
+ | **access_token** | **String** | The IAM access token of the identity that has the appropriate authorization to create an IAM access token for a given resource. | |
371
+ | **desired_iam_id** | **String** | The IAM ID of the IAM access token identity that should be created. The desired_iam_id identifies a resource identity. The IAM ID consists of the prefix crn- and the CRN of the target identity, e.g. crn-crn:v1:bluemix:public:cloud-object-storage:global:a/59bcbfa6ea2f006b4ed7094c1a08dcdd:1a0ec336-f391-4091-a6fb-5e084a4c56f4::. | |
372
+
373
+ ### Return type
374
+
375
+ [**TokenResponse**](TokenResponse.md)
376
+
377
+ ### Authorization
378
+
379
+ No authorization required
380
+
381
+ ### HTTP request headers
382
+
383
+ - **Content-Type**: application/x-www-form-urlencoded
384
+ - **Accept**: application/json
385
+
386
+
387
+ ## get_token_password
388
+
389
+ > <TokenResponse> get_token_password(authorization, grant_type, username, password, opts)
390
+
391
+ Create an IAM access token for a user using username / password credentials and an optional account identifier
392
+
393
+ Creates a non-opaque access token for a username and password. To be able to call IBM Cloud APIs, the token must be made account-specific. For this purpose, also pass the 32 character long identifier for your account in the API call. This API call is possible only for non-federated IBMid users.
394
+
395
+ ### Examples
396
+
397
+ ```ruby
398
+ require 'time'
399
+ require 'ibm_cloud_iam'
400
+
401
+ api_instance = IbmCloudIam::TokenRetrievalApi.new
402
+ authorization = 'authorization_example' # String | Basic Authorization Header containing a valid client ID and secret. If this header is omitted the request fails with BXNIM0308E: 'No authorization header found'. You can use the client ID and secret that is used by the IBM Cloud CLI: `bx / bx`
403
+ grant_type = 'grant_type_example' # String | Grant type for this API call. You must set the grant type to `password`.
404
+ username = 'username_example' # String | The value of the username.
405
+ password = 'password_example' # String | The value of the password.
406
+ opts = {
407
+ ibm_cloud_tenant: 'ibm_cloud_tenant_example', # String | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the username / password / account combination can only be created if the account id matches the passed account or the account is member of the enterprise id in this header.
408
+ account: 'account_example' # String | The 32 character identifier of the account. Specify this parameter to get an account-specific IAM token. IBM Cloud APIs require that IAM tokens are account-specific.
409
+ }
410
+
411
+ begin
412
+ # Create an IAM access token for a user using username / password credentials and an optional account identifier
413
+ result = api_instance.get_token_password(authorization, grant_type, username, password, opts)
414
+ p result
415
+ rescue IbmCloudIam::ApiError => e
416
+ puts "Error when calling TokenRetrievalApi->get_token_password: #{e}"
417
+ end
418
+ ```
419
+
420
+ #### Using the get_token_password_with_http_info variant
421
+
422
+ This returns an Array which contains the response data, status code and headers.
423
+
424
+ > <Array(<TokenResponse>, Integer, Hash)> get_token_password_with_http_info(authorization, grant_type, username, password, opts)
425
+
426
+ ```ruby
427
+ begin
428
+ # Create an IAM access token for a user using username / password credentials and an optional account identifier
429
+ data, status_code, headers = api_instance.get_token_password_with_http_info(authorization, grant_type, username, password, opts)
430
+ p status_code # => 2xx
431
+ p headers # => { ... }
432
+ p data # => <TokenResponse>
433
+ rescue IbmCloudIam::ApiError => e
434
+ puts "Error when calling TokenRetrievalApi->get_token_password_with_http_info: #{e}"
435
+ end
436
+ ```
437
+
438
+ ### Parameters
439
+
440
+ | Name | Type | Description | Notes |
441
+ | ---- | ---- | ----------- | ----- |
442
+ | **authorization** | **String** | Basic Authorization Header containing a valid client ID and secret. If this header is omitted the request fails with BXNIM0308E: &#39;No authorization header found&#39;. You can use the client ID and secret that is used by the IBM Cloud CLI: &#x60;bx / bx&#x60; | |
443
+ | **grant_type** | **String** | Grant type for this API call. You must set the grant type to &#x60;password&#x60;. | |
444
+ | **username** | **String** | The value of the username. | |
445
+ | **password** | **String** | The value of the password. | |
446
+ | **ibm_cloud_tenant** | **String** | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the username / password / account combination can only be created if the account id matches the passed account or the account is member of the enterprise id in this header. | [optional] |
447
+ | **account** | **String** | The 32 character identifier of the account. Specify this parameter to get an account-specific IAM token. IBM Cloud APIs require that IAM tokens are account-specific. | [optional] |
448
+
449
+ ### Return type
450
+
451
+ [**TokenResponse**](TokenResponse.md)
452
+
453
+ ### Authorization
454
+
455
+ No authorization required
456
+
457
+ ### HTTP request headers
458
+
459
+ - **Content-Type**: application/x-www-form-urlencoded
460
+ - **Accept**: application/json
461
+
@@ -0,0 +1,50 @@
1
+ # IbmCloudIam::TrustedProfile
2
+
3
+ ## Properties
4
+
5
+ | Name | Type | Description | Notes |
6
+ | ---- | ---- | ----------- | ----- |
7
+ | **context** | [**ResponseContext**](ResponseContext.md) | | [optional] |
8
+ | **id** | **String** | the unique identifier of the trusted profile. Example:&#39;Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c&#39; | |
9
+ | **entity_tag** | **String** | Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates. | |
10
+ | **crn** | **String** | Cloud Resource Name of the item. Example Cloud Resource Name: &#39;crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c&#39; | |
11
+ | **name** | **String** | Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account. | |
12
+ | **description** | **String** | The optional description of the trusted profile. The &#39;description&#39; property is only available if a description was provided during a create of a trusted profile. | [optional] |
13
+ | **email** | **String** | The optional email of the trusted profile. The &#39;email&#39; property is only available if an email was provided during a create of a trusted profile. | [optional] |
14
+ | **created_at** | **Time** | If set contains a date time string of the creation date in ISO format. | [optional] |
15
+ | **modified_at** | **Time** | If set contains a date time string of the last modification date in ISO format. | [optional] |
16
+ | **iam_id** | **String** | The iam_id of this trusted profile. | |
17
+ | **account_id** | **String** | ID of the account that this trusted profile belong to. | |
18
+ | **template_id** | **String** | ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account. | [optional] |
19
+ | **assignment_id** | **String** | ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account. | [optional] |
20
+ | **ims_account_id** | **Integer** | IMS acount ID of the trusted profile | [optional] |
21
+ | **ims_user_id** | **Integer** | IMS user ID of the trusted profile | [optional] |
22
+ | **history** | [**Array&lt;EnityHistoryRecord&gt;**](EnityHistoryRecord.md) | History of the trusted profile. | [optional] |
23
+ | **activity** | [**Activity**](Activity.md) | | [optional] |
24
+
25
+ ## Example
26
+
27
+ ```ruby
28
+ require 'ibm_cloud_iam'
29
+
30
+ instance = IbmCloudIam::TrustedProfile.new(
31
+ context: null,
32
+ id: null,
33
+ entity_tag: null,
34
+ crn: null,
35
+ name: null,
36
+ description: null,
37
+ email: null,
38
+ created_at: null,
39
+ modified_at: null,
40
+ iam_id: null,
41
+ account_id: null,
42
+ template_id: null,
43
+ assignment_id: null,
44
+ ims_account_id: null,
45
+ ims_user_id: null,
46
+ history: null,
47
+ activity: null
48
+ )
49
+ ```
50
+