ibm_cloud_iam 1.0.1 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (493) hide show
  1. checksums.yaml +4 -4
  2. data/LICENSE.txt +202 -0
  3. data/README.md +548 -36
  4. data/docs/APIKeysApi.md +714 -0
  5. data/docs/AccessGroupCount.md +20 -0
  6. data/docs/AccountBasedMfaEnrollment.md +24 -0
  7. data/docs/AccountIdpSettings.md +32 -0
  8. data/docs/AccountLimitsApi.md +173 -0
  9. data/docs/AccountLoginSettings.md +18 -0
  10. data/docs/AccountSettingsApi.md +224 -0
  11. data/docs/AccountSettingsAssignedTemplatesSection.md +46 -0
  12. data/docs/AccountSettingsEffectiveSection.md +38 -0
  13. data/docs/AccountSettingsForIdPApi.md +489 -0
  14. data/docs/AccountSettingsMeta.md +24 -0
  15. data/docs/AccountSettingsRequest.md +40 -0
  16. data/docs/AccountSettingsResponse.md +48 -0
  17. data/docs/AccountSettingsTemplateApi.md +720 -0
  18. data/docs/AccountSettingsTemplateAssignmentsApi.md +376 -0
  19. data/docs/AccountSettingsTemplateList.md +30 -0
  20. data/docs/AccountSettingsTemplateRequest.md +24 -0
  21. data/docs/AccountSettingsTemplateResponse.md +44 -0
  22. data/docs/AccountSettingsUserDomainRestriction.md +22 -0
  23. data/docs/AccountSettingsUserMFAResponse.md +28 -0
  24. data/docs/ActionControls.md +22 -0
  25. data/docs/ActionControlsIdentities.md +20 -0
  26. data/docs/ActivitiesApi.md +149 -0
  27. data/docs/Activity.md +20 -0
  28. data/docs/AddAccountIdpSettingRequest.md +22 -0
  29. data/docs/ApiKey.md +44 -33
  30. data/docs/ApiKeyInsideCreateServiceIdRequest.md +18 -13
  31. data/docs/ApiKeyList.md +20 -19
  32. data/docs/ApikeyActivity.md +28 -0
  33. data/docs/ApikeyActivityServiceid.md +20 -0
  34. data/docs/ApikeyActivityUser.md +24 -0
  35. data/docs/AssignedTemplatesAccountSettings.md +40 -0
  36. data/docs/CommonAccountSettingsRequest.md +36 -0
  37. data/docs/CommonAccountSettingsResponse.md +34 -0
  38. data/docs/ConsumersResponse.md +20 -0
  39. data/docs/ConsumersResponseConsumersInner.md +20 -0
  40. data/docs/CreateApiKeyRequest.md +24 -17
  41. data/docs/CreateIdpRequest.md +30 -0
  42. data/docs/CreateIdpRequestProperties.md +20 -0
  43. data/docs/CreateIdpRequestPropertiesIdp.md +26 -0
  44. data/docs/CreateIdpRequestPropertiesSp.md +32 -0
  45. data/docs/CreateIdpRequestPropertiesSpAuthnContext.md +20 -0
  46. data/docs/CreateIdpRequestSecrets.md +20 -0
  47. data/docs/CreateIdpRequestSecretsIdp.md +22 -0
  48. data/docs/CreateIdpRequestSecretsIdpSigningInner.md +20 -0
  49. data/docs/CreateIdpRequestSecretsSp.md +18 -0
  50. data/docs/CreateIdpRequestSecretsSpSigningInner.md +24 -0
  51. data/docs/CreateProfileLinkRequest.md +24 -0
  52. data/docs/CreateProfileLinkRequestLink.md +26 -0
  53. data/docs/CreateServiceIdGroupRequest.md +22 -0
  54. data/docs/CreateServiceIdRequest.md +18 -15
  55. data/docs/CreateTemplateAssignmentRequest.md +24 -0
  56. data/docs/CreateTrustedProfileRequest.md +24 -0
  57. data/docs/EffectiveAccountSettingsResponse.md +26 -0
  58. data/docs/EnityHistoryRecord.md +18 -17
  59. data/docs/EntityActivity.md +22 -0
  60. data/docs/Error.md +14 -13
  61. data/docs/ExceptionResponse.md +14 -13
  62. data/docs/ExceptionResponseContext.md +30 -29
  63. data/docs/IDPManagementApi.md +692 -0
  64. data/docs/IdBasedMfaEnrollment.md +26 -0
  65. data/docs/IdentityCount.md +20 -0
  66. data/docs/IdentityLimitsUsageRequest.md +42 -0
  67. data/docs/IdentityLimitsUsageResponse.md +44 -0
  68. data/docs/IdentityLimitsUsageResponseApikeysPerIdentity.md +20 -0
  69. data/docs/IdentityLimitsUsageResponseClaimRulesPerGroup.md +20 -0
  70. data/docs/IdentityLimitsUsageResponseClaimRulesPerProfile.md +20 -0
  71. data/docs/IdentityLimitsUsageResponseServiceidsPerGroup.md +20 -0
  72. data/docs/IdentityLimitsUsageResponseTemplateVersionsPerTemplate.md +20 -0
  73. data/docs/IdentityPreferenceResponse.md +28 -0
  74. data/docs/IdentityPreferencesApi.md +304 -0
  75. data/docs/IdentityPreferencesResponse.md +18 -0
  76. data/docs/Idp.md +38 -0
  77. data/docs/LimitCount.md +20 -0
  78. data/docs/ListIdPSettings200Response.md +18 -0
  79. data/docs/ListIdps200Response.md +18 -0
  80. data/docs/MFAEnrollmentStatusApi.md +216 -0
  81. data/docs/MFARequirementsResponse.md +12 -11
  82. data/docs/MfaEnrollmentTypeStatus.md +20 -0
  83. data/docs/MfaOptions.md +15 -0
  84. data/docs/OidcExceptionResponse.md +16 -15
  85. data/docs/PolicyTemplateReference.md +20 -0
  86. data/docs/ProfileClaimRule.md +36 -0
  87. data/docs/ProfileClaimRuleConditions.md +22 -0
  88. data/docs/ProfileClaimRuleList.md +20 -0
  89. data/docs/ProfileClaimRuleRequest.md +30 -0
  90. data/docs/ProfileCount.md +20 -0
  91. data/docs/ProfileIdentitiesResponse.md +20 -0
  92. data/docs/ProfileIdentitiesUpdateRequest.md +18 -0
  93. data/docs/ProfileIdentityRequest.md +24 -0
  94. data/docs/ProfileIdentityResponse.md +26 -0
  95. data/docs/ProfileLink.md +32 -0
  96. data/docs/ProfileLinkLink.md +26 -0
  97. data/docs/ProfileLinkList.md +18 -0
  98. data/docs/Report.md +34 -0
  99. data/docs/ReportMfaEnrollmentStatus.md +28 -0
  100. data/docs/ReportReference.md +18 -0
  101. data/docs/ResponseContext.md +28 -27
  102. data/docs/RetrictActions.md +15 -0
  103. data/docs/SamlMetadataImportResponse.md +42 -0
  104. data/docs/ServiceIDGroupsApi.md +347 -0
  105. data/docs/ServiceIDsApi.md +515 -0
  106. data/docs/ServiceId.md +38 -33
  107. data/docs/ServiceIdGroup.md +34 -0
  108. data/docs/ServiceIdGroupCount.md +20 -0
  109. data/docs/ServiceIdGroupList.md +18 -0
  110. data/docs/ServiceIdList.md +20 -19
  111. data/docs/ShareScope.md +20 -0
  112. data/docs/TemplateAccountSettings.md +40 -0
  113. data/docs/TemplateAccountSettingsAllOfRestrictUserDomains.md +20 -0
  114. data/docs/TemplateAssignmentListResponse.md +30 -0
  115. data/docs/TemplateAssignmentResource.md +18 -0
  116. data/docs/TemplateAssignmentResourceError.md +24 -0
  117. data/docs/TemplateAssignmentResponse.md +48 -0
  118. data/docs/TemplateAssignmentResponseResource.md +24 -0
  119. data/docs/TemplateAssignmentResponseResourceDetail.md +26 -0
  120. data/docs/TemplateCount.md +20 -0
  121. data/docs/TemplateProfileComponentRequest.md +26 -0
  122. data/docs/TemplateProfileComponentResponse.md +26 -0
  123. data/docs/TestResult.md +28 -0
  124. data/docs/TestResultStepsInner.md +24 -0
  125. data/docs/TestTriggerResponse.md +20 -0
  126. data/docs/TokenResponse.md +18 -17
  127. data/docs/TokenRetrievalApi.md +461 -0
  128. data/docs/TrustedProfile.md +50 -0
  129. data/docs/TrustedProfileTemplateApi.md +720 -0
  130. data/docs/TrustedProfileTemplateAssignmentsApi.md +376 -0
  131. data/docs/TrustedProfileTemplateClaimRule.md +26 -0
  132. data/docs/TrustedProfileTemplateList.md +30 -0
  133. data/docs/TrustedProfileTemplateRequest.md +28 -0
  134. data/docs/TrustedProfileTemplateResponse.md +48 -0
  135. data/docs/TrustedProfilesApi.md +1414 -0
  136. data/docs/TrustedProfilesList.md +30 -0
  137. data/docs/UpdateAccountIdpSettingRequest.md +22 -0
  138. data/docs/UpdateAccountLoginSettings.md +18 -0
  139. data/docs/UpdateApiKeyRequest.md +16 -9
  140. data/docs/UpdateIdPRequest.md +28 -0
  141. data/docs/UpdateIdPRequestProperties.md +20 -0
  142. data/docs/UpdateIdPRequestPropertiesIdp.md +24 -0
  143. data/docs/UpdateIdPRequestSecrets.md +20 -0
  144. data/docs/UpdateIdPRequestSecretsIdp.md +20 -0
  145. data/docs/UpdatePreferenceRequest.md +20 -0
  146. data/docs/UpdateServiceIdGroupRequest.md +20 -0
  147. data/docs/UpdateServiceIdRequest.md +12 -11
  148. data/docs/UpdateTemplateAssignmentRequest.md +18 -0
  149. data/docs/UpdateTrustedProfileRequest.md +22 -0
  150. data/docs/UserActivity.md +26 -0
  151. data/docs/UserMFAResolved.md +24 -0
  152. data/docs/UserMfa.md +20 -0
  153. data/docs/UserMfaEnrollments.md +24 -0
  154. data/docs/UserReportMfaEnrollmentStatus.md +30 -0
  155. data/docs/UserVisbilityRetrictActions.md +15 -0
  156. data/docs/UserVisbilityRetrictActionsForTemplate.md +15 -0
  157. data/git_push.sh +3 -4
  158. data/ibm_cloud_iam.gemspec +6 -5
  159. data/lib/ibm_cloud_iam/api/account_limits_api.rb +208 -0
  160. data/lib/ibm_cloud_iam/api/account_settings_api.rb +262 -0
  161. data/lib/ibm_cloud_iam/api/account_settings_for_id_p_api.rb +571 -0
  162. data/lib/ibm_cloud_iam/api/account_settings_template_api.rb +823 -0
  163. data/lib/ibm_cloud_iam/api/account_settings_template_assignments_api.rb +422 -0
  164. data/lib/ibm_cloud_iam/api/activities_api.rb +174 -0
  165. data/lib/ibm_cloud_iam/api/api_keys_api.rb +786 -0
  166. data/lib/ibm_cloud_iam/api/identity_preferences_api.rb +357 -0
  167. data/lib/ibm_cloud_iam/api/idp_management_api.rb +744 -0
  168. data/lib/ibm_cloud_iam/api/mfa_enrollment_status_api.rb +248 -0
  169. data/lib/ibm_cloud_iam/api/service_id_groups_api.rb +392 -0
  170. data/lib/ibm_cloud_iam/api/service_ids_api.rb +575 -0
  171. data/lib/ibm_cloud_iam/api/token_retrieval_api.rb +557 -0
  172. data/lib/ibm_cloud_iam/api/trusted_profile_template_api.rb +823 -0
  173. data/lib/ibm_cloud_iam/api/trusted_profile_template_assignments_api.rb +422 -0
  174. data/lib/ibm_cloud_iam/api/trusted_profiles_api.rb +1630 -0
  175. data/lib/ibm_cloud_iam/api_client.rb +74 -65
  176. data/lib/ibm_cloud_iam/api_error.rb +4 -3
  177. data/lib/ibm_cloud_iam/api_model_base.rb +88 -0
  178. data/lib/ibm_cloud_iam/configuration.rb +75 -15
  179. data/lib/ibm_cloud_iam/models/access_group_count.rb +159 -0
  180. data/lib/ibm_cloud_iam/models/account_based_mfa_enrollment.rb +243 -0
  181. data/lib/ibm_cloud_iam/models/account_idp_settings.rb +244 -0
  182. data/lib/ibm_cloud_iam/models/account_login_settings.rb +147 -0
  183. data/lib/ibm_cloud_iam/models/account_settings_assigned_templates_section.rb +377 -0
  184. data/lib/ibm_cloud_iam/models/account_settings_effective_section.rb +282 -0
  185. data/lib/ibm_cloud_iam/models/account_settings_meta.rb +179 -0
  186. data/lib/ibm_cloud_iam/models/account_settings_request.rb +301 -0
  187. data/lib/ibm_cloud_iam/models/account_settings_response.rb +567 -0
  188. data/lib/ibm_cloud_iam/models/account_settings_template_list.rb +256 -0
  189. data/lib/ibm_cloud_iam/models/account_settings_template_request.rb +178 -0
  190. data/lib/ibm_cloud_iam/models/account_settings_template_response.rb +416 -0
  191. data/lib/ibm_cloud_iam/models/account_settings_user_domain_restriction.rb +188 -0
  192. data/lib/ibm_cloud_iam/models/account_settings_user_mfa_response.rb +261 -0
  193. data/lib/ibm_cloud_iam/models/action_controls.rb +199 -0
  194. data/lib/ibm_cloud_iam/models/action_controls_identities.rb +190 -0
  195. data/lib/ibm_cloud_iam/models/activity.rb +175 -0
  196. data/lib/ibm_cloud_iam/models/add_account_idp_setting_request.rb +243 -0
  197. data/lib/ibm_cloud_iam/models/api_key.rb +188 -104
  198. data/lib/ibm_cloud_iam/models/api_key_inside_create_service_id_request.rb +70 -99
  199. data/lib/ibm_cloud_iam/models/api_key_list.rb +46 -95
  200. data/lib/ibm_cloud_iam/models/apikey_activity.rb +231 -0
  201. data/lib/ibm_cloud_iam/models/apikey_activity_serviceid.rb +159 -0
  202. data/lib/ibm_cloud_iam/models/apikey_activity_user.rb +179 -0
  203. data/lib/ibm_cloud_iam/models/assigned_templates_account_settings.rb +296 -0
  204. data/lib/ibm_cloud_iam/models/common_account_settings_request.rb +272 -0
  205. data/lib/ibm_cloud_iam/models/common_account_settings_response.rb +260 -0
  206. data/lib/ibm_cloud_iam/models/consumers_response.rb +158 -0
  207. data/lib/ibm_cloud_iam/models/consumers_response_consumers_inner.rb +158 -0
  208. data/lib/ibm_cloud_iam/models/create_api_key_request.rb +92 -99
  209. data/lib/ibm_cloud_iam/models/create_idp_request.rb +283 -0
  210. data/lib/ibm_cloud_iam/models/create_idp_request_properties.rb +157 -0
  211. data/lib/ibm_cloud_iam/models/create_idp_request_properties_idp.rb +189 -0
  212. data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp.rb +222 -0
  213. data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp_authn_context.rb +163 -0
  214. data/lib/ibm_cloud_iam/models/create_idp_request_secrets.rb +157 -0
  215. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp.rb +173 -0
  216. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp_signing_inner.rb +192 -0
  217. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp.rb +151 -0
  218. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp_signing_inner.rb +212 -0
  219. data/lib/ibm_cloud_iam/models/create_profile_link_request.rb +211 -0
  220. data/lib/ibm_cloud_iam/models/create_profile_link_request_link.rb +206 -0
  221. data/lib/ibm_cloud_iam/models/create_service_id_group_request.rb +203 -0
  222. data/lib/ibm_cloud_iam/models/create_service_id_request.rb +68 -95
  223. data/lib/ibm_cloud_iam/models/create_template_assignment_request.rb +280 -0
  224. data/lib/ibm_cloud_iam/models/create_trusted_profile_request.rb +213 -0
  225. data/lib/ibm_cloud_iam/models/effective_account_settings_response.rb +239 -0
  226. data/lib/ibm_cloud_iam/models/enity_history_record.rb +112 -101
  227. data/lib/ibm_cloud_iam/models/entity_activity.rb +185 -0
  228. data/lib/ibm_cloud_iam/models/error.rb +69 -94
  229. data/lib/ibm_cloud_iam/models/exception_response.rb +57 -94
  230. data/lib/ibm_cloud_iam/models/exception_response_context.rb +33 -94
  231. data/lib/ibm_cloud_iam/models/id_based_mfa_enrollment.rb +270 -0
  232. data/lib/ibm_cloud_iam/models/identity_count.rb +159 -0
  233. data/lib/ibm_cloud_iam/models/identity_limits_usage_request.rb +283 -0
  234. data/lib/ibm_cloud_iam/models/identity_limits_usage_response.rb +265 -0
  235. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_apikeys_per_identity.rb +178 -0
  236. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_group.rb +178 -0
  237. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_profile.rb +178 -0
  238. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_serviceids_per_group.rb +178 -0
  239. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_template_versions_per_template.rb +178 -0
  240. data/lib/ibm_cloud_iam/models/identity_preference_response.rb +200 -0
  241. data/lib/ibm_cloud_iam/models/identity_preferences_response.rb +167 -0
  242. data/lib/ibm_cloud_iam/models/idp.rb +239 -0
  243. data/lib/ibm_cloud_iam/models/limit_count.rb +176 -0
  244. data/lib/ibm_cloud_iam/models/list_id_p_settings200_response.rb +149 -0
  245. data/lib/ibm_cloud_iam/models/list_idps200_response.rb +149 -0
  246. data/lib/ibm_cloud_iam/models/mfa_enrollment_type_status.rb +192 -0
  247. data/lib/ibm_cloud_iam/models/mfa_options.rb +45 -0
  248. data/lib/ibm_cloud_iam/models/mfa_requirements_response.rb +69 -94
  249. data/lib/ibm_cloud_iam/models/oidc_exception_response.rb +57 -94
  250. data/lib/ibm_cloud_iam/models/policy_template_reference.rb +193 -0
  251. data/lib/ibm_cloud_iam/models/profile_claim_rule.rb +342 -0
  252. data/lib/ibm_cloud_iam/models/profile_claim_rule_conditions.rb +219 -0
  253. data/lib/ibm_cloud_iam/models/profile_claim_rule_list.rb +176 -0
  254. data/lib/ibm_cloud_iam/models/profile_claim_rule_request.rb +243 -0
  255. data/lib/ibm_cloud_iam/models/profile_count.rb +159 -0
  256. data/lib/ibm_cloud_iam/models/profile_identities_response.rb +160 -0
  257. data/lib/ibm_cloud_iam/models/profile_identities_update_request.rb +150 -0
  258. data/lib/ibm_cloud_iam/models/profile_identity_request.rb +238 -0
  259. data/lib/ibm_cloud_iam/models/profile_identity_response.rb +265 -0
  260. data/lib/ibm_cloud_iam/models/profile_link.rb +320 -0
  261. data/lib/ibm_cloud_iam/models/profile_link_link.rb +188 -0
  262. data/lib/ibm_cloud_iam/models/profile_link_list.rb +167 -0
  263. data/lib/ibm_cloud_iam/models/report.rb +321 -0
  264. data/lib/ibm_cloud_iam/models/report_mfa_enrollment_status.rb +268 -0
  265. data/lib/ibm_cloud_iam/models/report_reference.rb +165 -0
  266. data/lib/ibm_cloud_iam/models/response_context.rb +33 -94
  267. data/lib/ibm_cloud_iam/models/retrict_actions.rb +41 -0
  268. data/lib/ibm_cloud_iam/models/saml_metadata_import_response.rb +494 -0
  269. data/lib/ibm_cloud_iam/models/service_id.rb +184 -108
  270. data/lib/ibm_cloud_iam/models/service_id_group.rb +313 -0
  271. data/lib/ibm_cloud_iam/models/service_id_group_count.rb +159 -0
  272. data/lib/ibm_cloud_iam/models/service_id_group_list.rb +167 -0
  273. data/lib/ibm_cloud_iam/models/service_id_list.rb +47 -96
  274. data/lib/ibm_cloud_iam/models/share_scope.rb +190 -0
  275. data/lib/ibm_cloud_iam/models/template_account_settings.rb +296 -0
  276. data/lib/ibm_cloud_iam/models/template_account_settings_all_of_restrict_user_domains.rb +159 -0
  277. data/lib/ibm_cloud_iam/models/template_assignment_list_response.rb +227 -0
  278. data/lib/ibm_cloud_iam/models/template_assignment_resource.rb +149 -0
  279. data/lib/ibm_cloud_iam/models/template_assignment_resource_error.rb +179 -0
  280. data/lib/ibm_cloud_iam/models/template_assignment_response.rb +506 -0
  281. data/lib/ibm_cloud_iam/models/template_assignment_response_resource.rb +196 -0
  282. data/lib/ibm_cloud_iam/models/template_assignment_response_resource_detail.rb +203 -0
  283. data/lib/ibm_cloud_iam/models/template_count.rb +159 -0
  284. data/lib/ibm_cloud_iam/models/template_profile_component_request.rb +210 -0
  285. data/lib/ibm_cloud_iam/models/template_profile_component_response.rb +210 -0
  286. data/lib/ibm_cloud_iam/models/test_result.rb +194 -0
  287. data/lib/ibm_cloud_iam/models/test_result_steps_inner.rb +174 -0
  288. data/lib/ibm_cloud_iam/models/test_trigger_response.rb +156 -0
  289. data/lib/ibm_cloud_iam/models/token_response.rb +33 -94
  290. data/lib/ibm_cloud_iam/models/trusted_profile.rb +411 -0
  291. data/lib/ibm_cloud_iam/models/trusted_profile_template_claim_rule.rb +248 -0
  292. data/lib/ibm_cloud_iam/models/trusted_profile_template_list.rb +256 -0
  293. data/lib/ibm_cloud_iam/models/trusted_profile_template_request.rb +199 -0
  294. data/lib/ibm_cloud_iam/models/trusted_profile_template_response.rb +369 -0
  295. data/lib/ibm_cloud_iam/models/trusted_profiles_list.rb +227 -0
  296. data/lib/ibm_cloud_iam/models/update_account_idp_setting_request.rb +202 -0
  297. data/lib/ibm_cloud_iam/models/update_account_login_settings.rb +148 -0
  298. data/lib/ibm_cloud_iam/models/update_api_key_request.rb +68 -99
  299. data/lib/ibm_cloud_iam/models/update_id_p_request.rb +198 -0
  300. data/lib/ibm_cloud_iam/models/update_id_p_request_properties.rb +157 -0
  301. data/lib/ibm_cloud_iam/models/update_id_p_request_properties_idp.rb +179 -0
  302. data/lib/ibm_cloud_iam/models/update_id_p_request_secrets.rb +157 -0
  303. data/lib/ibm_cloud_iam/models/update_id_p_request_secrets_idp.rb +163 -0
  304. data/lib/ibm_cloud_iam/models/update_preference_request.rb +161 -0
  305. data/lib/ibm_cloud_iam/models/update_service_id_group_request.rb +176 -0
  306. data/lib/ibm_cloud_iam/models/update_service_id_request.rb +34 -95
  307. data/lib/ibm_cloud_iam/models/update_template_assignment_request.rb +175 -0
  308. data/lib/ibm_cloud_iam/models/update_trusted_profile_request.rb +169 -0
  309. data/lib/ibm_cloud_iam/models/user_activity.rb +222 -0
  310. data/lib/ibm_cloud_iam/models/user_mfa.rb +179 -0
  311. data/lib/ibm_cloud_iam/models/user_mfa_enrollments.rb +193 -0
  312. data/lib/ibm_cloud_iam/models/user_mfa_resolved.rb +178 -0
  313. data/lib/ibm_cloud_iam/models/user_report_mfa_enrollment_status.rb +291 -0
  314. data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions.rb +40 -0
  315. data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions_for_template.rb +41 -0
  316. data/lib/ibm_cloud_iam/version.rb +4 -4
  317. data/lib/ibm_cloud_iam.rb +140 -9
  318. data/spec/api/account_limits_api_spec.rb +75 -0
  319. data/spec/api/account_settings_api_spec.rb +80 -0
  320. data/spec/api/account_settings_for_id_p_api_spec.rb +132 -0
  321. data/spec/api/account_settings_template_api_spec.rb +184 -0
  322. data/spec/api/account_settings_template_assignments_api_spec.rb +112 -0
  323. data/spec/api/activities_api_spec.rb +64 -0
  324. data/spec/api/api_keys_api_spec.rb +182 -0
  325. data/spec/api/identity_preferences_api_spec.rb +98 -0
  326. data/spec/api/idp_management_api_spec.rb +166 -0
  327. data/spec/api/mfa_enrollment_status_api_spec.rb +77 -0
  328. data/spec/api/service_id_groups_api_spec.rb +102 -0
  329. data/spec/api/service_ids_api_spec.rb +143 -0
  330. data/spec/api/token_retrieval_api_spec.rb +134 -0
  331. data/spec/api/trusted_profile_template_api_spec.rb +184 -0
  332. data/spec/api/trusted_profile_template_assignments_api_spec.rb +112 -0
  333. data/spec/api/trusted_profiles_api_spec.rb +328 -0
  334. data/spec/models/access_group_count_spec.rb +42 -0
  335. data/spec/models/account_based_mfa_enrollment_spec.rb +54 -0
  336. data/spec/models/account_idp_settings_spec.rb +82 -0
  337. data/spec/models/account_login_settings_spec.rb +36 -0
  338. data/spec/models/account_settings_assigned_templates_section_spec.rb +120 -0
  339. data/spec/models/account_settings_effective_section_spec.rb +96 -0
  340. data/spec/models/account_settings_meta_spec.rb +54 -0
  341. data/spec/models/account_settings_request_spec.rb +102 -0
  342. data/spec/models/account_settings_response_spec.rb +126 -0
  343. data/spec/models/account_settings_template_list_spec.rb +72 -0
  344. data/spec/models/account_settings_template_request_spec.rb +54 -0
  345. data/spec/models/account_settings_template_response_spec.rb +114 -0
  346. data/spec/models/account_settings_user_domain_restriction_spec.rb +48 -0
  347. data/spec/models/account_settings_user_mfa_response_spec.rb +66 -0
  348. data/spec/models/action_controls_identities_spec.rb +42 -0
  349. data/spec/models/action_controls_spec.rb +48 -0
  350. data/spec/models/activity_spec.rb +42 -0
  351. data/spec/models/add_account_idp_setting_request_spec.rb +52 -0
  352. data/spec/models/api_key_inside_create_service_id_request_spec.rb +24 -17
  353. data/spec/models/api_key_list_spec.rb +15 -20
  354. data/spec/models/api_key_spec.rb +52 -27
  355. data/spec/models/apikey_activity_serviceid_spec.rb +42 -0
  356. data/spec/models/apikey_activity_spec.rb +66 -0
  357. data/spec/models/apikey_activity_user_spec.rb +54 -0
  358. data/spec/models/assigned_templates_account_settings_spec.rb +102 -0
  359. data/spec/models/common_account_settings_request_spec.rb +90 -0
  360. data/spec/models/common_account_settings_response_spec.rb +84 -0
  361. data/spec/models/consumers_response_consumers_inner_spec.rb +42 -0
  362. data/spec/models/consumers_response_spec.rb +42 -0
  363. data/spec/models/create_api_key_request_spec.rb +32 -19
  364. data/spec/models/create_idp_request_properties_idp_spec.rb +60 -0
  365. data/spec/models/create_idp_request_properties_sp_authn_context_spec.rb +42 -0
  366. data/spec/models/create_idp_request_properties_sp_spec.rb +78 -0
  367. data/spec/models/create_idp_request_properties_spec.rb +42 -0
  368. data/spec/models/create_idp_request_secrets_idp_signing_inner_spec.rb +46 -0
  369. data/spec/models/create_idp_request_secrets_idp_spec.rb +48 -0
  370. data/spec/models/create_idp_request_secrets_sp_signing_inner_spec.rb +58 -0
  371. data/spec/models/create_idp_request_secrets_sp_spec.rb +36 -0
  372. data/spec/models/create_idp_request_secrets_spec.rb +42 -0
  373. data/spec/models/create_idp_request_spec.rb +76 -0
  374. data/spec/models/create_profile_link_request_link_spec.rb +60 -0
  375. data/spec/models/create_profile_link_request_spec.rb +54 -0
  376. data/spec/models/create_service_id_group_request_spec.rb +48 -0
  377. data/spec/models/create_service_id_request_spec.rb +19 -18
  378. data/spec/models/create_template_assignment_request_spec.rb +58 -0
  379. data/spec/models/create_trusted_profile_request_spec.rb +54 -0
  380. data/spec/models/effective_account_settings_response_spec.rb +60 -0
  381. data/spec/models/enity_history_record_spec.rb +14 -19
  382. data/spec/models/entity_activity_spec.rb +48 -0
  383. data/spec/models/error_spec.rb +12 -17
  384. data/spec/models/exception_response_context_spec.rb +20 -25
  385. data/spec/models/exception_response_spec.rb +12 -17
  386. data/spec/models/id_based_mfa_enrollment_spec.rb +64 -0
  387. data/spec/models/identity_count_spec.rb +42 -0
  388. data/spec/models/identity_limits_usage_request_spec.rb +108 -0
  389. data/spec/models/identity_limits_usage_response_apikeys_per_identity_spec.rb +42 -0
  390. data/spec/models/identity_limits_usage_response_claim_rules_per_group_spec.rb +42 -0
  391. data/spec/models/identity_limits_usage_response_claim_rules_per_profile_spec.rb +42 -0
  392. data/spec/models/identity_limits_usage_response_serviceids_per_group_spec.rb +42 -0
  393. data/spec/models/identity_limits_usage_response_spec.rb +114 -0
  394. data/spec/models/identity_limits_usage_response_template_versions_per_template_spec.rb +42 -0
  395. data/spec/models/identity_preference_response_spec.rb +66 -0
  396. data/spec/models/identity_preferences_response_spec.rb +36 -0
  397. data/spec/models/idp_spec.rb +96 -0
  398. data/spec/models/limit_count_spec.rb +42 -0
  399. data/spec/models/list_id_p_settings200_response_spec.rb +36 -0
  400. data/spec/models/list_idps200_response_spec.rb +36 -0
  401. data/spec/models/mfa_enrollment_type_status_spec.rb +42 -0
  402. data/spec/models/mfa_options_spec.rb +30 -0
  403. data/spec/models/mfa_requirements_response_spec.rb +11 -16
  404. data/spec/models/oidc_exception_response_spec.rb +13 -18
  405. data/spec/models/policy_template_reference_spec.rb +42 -0
  406. data/spec/models/profile_claim_rule_conditions_spec.rb +48 -0
  407. data/spec/models/profile_claim_rule_list_spec.rb +42 -0
  408. data/spec/models/profile_claim_rule_request_spec.rb +72 -0
  409. data/spec/models/profile_claim_rule_spec.rb +90 -0
  410. data/spec/models/profile_count_spec.rb +42 -0
  411. data/spec/models/profile_identities_response_spec.rb +42 -0
  412. data/spec/models/profile_identities_update_request_spec.rb +36 -0
  413. data/spec/models/profile_identity_request_spec.rb +58 -0
  414. data/spec/models/profile_identity_response_spec.rb +64 -0
  415. data/spec/models/profile_link_link_spec.rb +60 -0
  416. data/spec/models/profile_link_list_spec.rb +36 -0
  417. data/spec/models/profile_link_spec.rb +78 -0
  418. data/spec/models/report_mfa_enrollment_status_spec.rb +66 -0
  419. data/spec/models/report_reference_spec.rb +36 -0
  420. data/spec/models/report_spec.rb +84 -0
  421. data/spec/models/response_context_spec.rb +19 -24
  422. data/spec/models/retrict_actions_spec.rb +30 -0
  423. data/spec/models/saml_metadata_import_response_spec.rb +112 -0
  424. data/spec/models/service_id_group_count_spec.rb +42 -0
  425. data/spec/models/service_id_group_list_spec.rb +36 -0
  426. data/spec/models/service_id_group_spec.rb +84 -0
  427. data/spec/models/service_id_list_spec.rb +15 -20
  428. data/spec/models/service_id_spec.rb +34 -27
  429. data/spec/models/share_scope_spec.rb +46 -0
  430. data/spec/models/template_account_settings_all_of_restrict_user_domains_spec.rb +42 -0
  431. data/spec/models/template_account_settings_spec.rb +102 -0
  432. data/spec/models/template_assignment_list_response_spec.rb +72 -0
  433. data/spec/models/template_assignment_resource_error_spec.rb +54 -0
  434. data/spec/models/template_assignment_resource_spec.rb +36 -0
  435. data/spec/models/template_assignment_response_resource_detail_spec.rb +60 -0
  436. data/spec/models/template_assignment_response_resource_spec.rb +54 -0
  437. data/spec/models/template_assignment_response_spec.rb +126 -0
  438. data/spec/models/template_count_spec.rb +42 -0
  439. data/spec/models/template_profile_component_request_spec.rb +60 -0
  440. data/spec/models/template_profile_component_response_spec.rb +60 -0
  441. data/spec/models/test_result_spec.rb +66 -0
  442. data/spec/models/test_result_steps_inner_spec.rb +54 -0
  443. data/spec/models/test_trigger_response_spec.rb +42 -0
  444. data/spec/models/token_response_spec.rb +14 -19
  445. data/spec/models/trusted_profile_spec.rb +132 -0
  446. data/spec/models/trusted_profile_template_claim_rule_spec.rb +64 -0
  447. data/spec/models/trusted_profile_template_list_spec.rb +72 -0
  448. data/spec/models/trusted_profile_template_request_spec.rb +66 -0
  449. data/spec/models/trusted_profile_template_response_spec.rb +126 -0
  450. data/spec/models/trusted_profiles_list_spec.rb +72 -0
  451. data/spec/models/update_account_idp_setting_request_spec.rb +52 -0
  452. data/spec/models/update_account_login_settings_spec.rb +36 -0
  453. data/spec/models/update_api_key_request_spec.rb +28 -15
  454. data/spec/models/update_id_p_request_properties_idp_spec.rb +54 -0
  455. data/spec/models/update_id_p_request_properties_spec.rb +42 -0
  456. data/spec/models/update_id_p_request_secrets_idp_spec.rb +42 -0
  457. data/spec/models/update_id_p_request_secrets_spec.rb +42 -0
  458. data/spec/models/update_id_p_request_spec.rb +66 -0
  459. data/spec/models/update_preference_request_spec.rb +42 -0
  460. data/spec/models/update_service_id_group_request_spec.rb +42 -0
  461. data/spec/models/update_service_id_request_spec.rb +11 -16
  462. data/spec/models/update_template_assignment_request_spec.rb +36 -0
  463. data/spec/models/update_trusted_profile_request_spec.rb +48 -0
  464. data/spec/models/user_activity_spec.rb +60 -0
  465. data/spec/models/user_mfa_enrollments_spec.rb +54 -0
  466. data/spec/models/user_mfa_resolved_spec.rb +54 -0
  467. data/spec/models/user_mfa_spec.rb +42 -0
  468. data/spec/models/user_report_mfa_enrollment_status_spec.rb +72 -0
  469. data/spec/models/user_visbility_retrict_actions_for_template_spec.rb +30 -0
  470. data/spec/models/user_visbility_retrict_actions_spec.rb +30 -0
  471. data/spec/spec_helper.rb +3 -3
  472. metadata +550 -36
  473. data/docs/IdentityOperationsApi.md +0 -828
  474. data/docs/InlineObject.md +0 -19
  475. data/docs/InlineObject1.md +0 -23
  476. data/docs/InlineObject2.md +0 -21
  477. data/docs/InlineObject3.md +0 -25
  478. data/docs/TokenOperationsApi.md +0 -226
  479. data/ibm_cloud_iam-1.0.0.gem +0 -0
  480. data/lib/ibm_cloud_iam/api/identity_operations_api.rb +0 -1083
  481. data/lib/ibm_cloud_iam/api/token_operations_api.rb +0 -351
  482. data/lib/ibm_cloud_iam/models/inline_object.rb +0 -229
  483. data/lib/ibm_cloud_iam/models/inline_object1.rb +0 -254
  484. data/lib/ibm_cloud_iam/models/inline_object2.rb +0 -244
  485. data/lib/ibm_cloud_iam/models/inline_object3.rb +0 -269
  486. data/spec/api/identity_operations_api_spec.rb +0 -253
  487. data/spec/api/token_operations_api_spec.rb +0 -94
  488. data/spec/api_client_spec.rb +0 -226
  489. data/spec/configuration_spec.rb +0 -42
  490. data/spec/models/inline_object1_spec.rb +0 -59
  491. data/spec/models/inline_object2_spec.rb +0 -53
  492. data/spec/models/inline_object3_spec.rb +0 -65
  493. data/spec/models/inline_object_spec.rb +0 -47
@@ -0,0 +1,342 @@
1
+ =begin
2
+ #IAM Identity Services
3
+
4
+ #  ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
5
+
6
+ The version of the OpenAPI document: 1.0.0
7
+
8
+ Generated by: https://openapi-generator.tech
9
+ Generator version: 7.23.0
10
+
11
+ =end
12
+
13
+ require 'date'
14
+ require 'time'
15
+
16
+ module IbmCloudIam
17
+ class ProfileClaimRule < ApiModelBase
18
+ # the unique identifier of the claim rule
19
+ attr_accessor :id
20
+
21
+ # version of the claim rule
22
+ attr_accessor :entity_tag
23
+
24
+ # If set contains a date time string of the creation date in ISO format.
25
+ attr_accessor :created_at
26
+
27
+ # If set contains a date time string of the last modification date in ISO format.
28
+ attr_accessor :modified_at
29
+
30
+ # The optional claim rule name
31
+ attr_accessor :name
32
+
33
+ # Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'
34
+ attr_accessor :type
35
+
36
+ # The realm name of the Idp this claim rule applies to
37
+ attr_accessor :realm_name
38
+
39
+ # Session expiration in seconds
40
+ attr_accessor :expiration
41
+
42
+ # The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, PVS, BMS, IKS_SA, ROKS_SA, CE.
43
+ attr_accessor :cr_type
44
+
45
+ # Conditions of this claim rule.
46
+ attr_accessor :conditions
47
+
48
+ # Attribute mapping from ruby-style variable name to JSON key.
49
+ def self.attribute_map
50
+ {
51
+ :'id' => :'id',
52
+ :'entity_tag' => :'entity_tag',
53
+ :'created_at' => :'created_at',
54
+ :'modified_at' => :'modified_at',
55
+ :'name' => :'name',
56
+ :'type' => :'type',
57
+ :'realm_name' => :'realm_name',
58
+ :'expiration' => :'expiration',
59
+ :'cr_type' => :'cr_type',
60
+ :'conditions' => :'conditions'
61
+ }
62
+ end
63
+
64
+ # Returns attribute mapping this model knows about
65
+ def self.acceptable_attribute_map
66
+ attribute_map
67
+ end
68
+
69
+ # Returns all the JSON keys this model knows about
70
+ def self.acceptable_attributes
71
+ acceptable_attribute_map.values
72
+ end
73
+
74
+ # Attribute type mapping.
75
+ def self.openapi_types
76
+ {
77
+ :'id' => :'String',
78
+ :'entity_tag' => :'String',
79
+ :'created_at' => :'Time',
80
+ :'modified_at' => :'Time',
81
+ :'name' => :'String',
82
+ :'type' => :'String',
83
+ :'realm_name' => :'String',
84
+ :'expiration' => :'Integer',
85
+ :'cr_type' => :'String',
86
+ :'conditions' => :'Array<ProfileClaimRuleConditions>'
87
+ }
88
+ end
89
+
90
+ # List of attributes with nullable: true
91
+ def self.openapi_nullable
92
+ Set.new([
93
+ ])
94
+ end
95
+
96
+ # Initializes the object
97
+ # @param [Hash] attributes Model attributes in the form of hash
98
+ def initialize(attributes = {})
99
+ if (!attributes.is_a?(Hash))
100
+ fail ArgumentError, "The input argument (attributes) must be a hash in `IbmCloudIam::ProfileClaimRule` initialize method"
101
+ end
102
+
103
+ # check to see if the attribute exists and convert string to symbol for hash key
104
+ acceptable_attribute_map = self.class.acceptable_attribute_map
105
+ attributes = attributes.each_with_object({}) { |(k, v), h|
106
+ if (!acceptable_attribute_map.key?(k.to_sym))
107
+ fail ArgumentError, "`#{k}` is not a valid attribute in `IbmCloudIam::ProfileClaimRule`. Please check the name to make sure it's valid. List of attributes: " + acceptable_attribute_map.keys.inspect
108
+ end
109
+ h[k.to_sym] = v
110
+ }
111
+
112
+ if attributes.key?(:'id')
113
+ self.id = attributes[:'id']
114
+ else
115
+ self.id = nil
116
+ end
117
+
118
+ if attributes.key?(:'entity_tag')
119
+ self.entity_tag = attributes[:'entity_tag']
120
+ else
121
+ self.entity_tag = nil
122
+ end
123
+
124
+ if attributes.key?(:'created_at')
125
+ self.created_at = attributes[:'created_at']
126
+ else
127
+ self.created_at = nil
128
+ end
129
+
130
+ if attributes.key?(:'modified_at')
131
+ self.modified_at = attributes[:'modified_at']
132
+ end
133
+
134
+ if attributes.key?(:'name')
135
+ self.name = attributes[:'name']
136
+ end
137
+
138
+ if attributes.key?(:'type')
139
+ self.type = attributes[:'type']
140
+ else
141
+ self.type = nil
142
+ end
143
+
144
+ if attributes.key?(:'realm_name')
145
+ self.realm_name = attributes[:'realm_name']
146
+ end
147
+
148
+ if attributes.key?(:'expiration')
149
+ self.expiration = attributes[:'expiration']
150
+ else
151
+ self.expiration = nil
152
+ end
153
+
154
+ if attributes.key?(:'cr_type')
155
+ self.cr_type = attributes[:'cr_type']
156
+ end
157
+
158
+ if attributes.key?(:'conditions')
159
+ if (value = attributes[:'conditions']).is_a?(Array)
160
+ self.conditions = value
161
+ end
162
+ else
163
+ self.conditions = nil
164
+ end
165
+ end
166
+
167
+ # Show invalid properties with the reasons. Usually used together with valid?
168
+ # @return Array for valid properties with the reasons
169
+ def list_invalid_properties
170
+ warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
171
+ invalid_properties = Array.new
172
+ if @id.nil?
173
+ invalid_properties.push('invalid value for "id", id cannot be nil.')
174
+ end
175
+
176
+ if @entity_tag.nil?
177
+ invalid_properties.push('invalid value for "entity_tag", entity_tag cannot be nil.')
178
+ end
179
+
180
+ if @created_at.nil?
181
+ invalid_properties.push('invalid value for "created_at", created_at cannot be nil.')
182
+ end
183
+
184
+ if @type.nil?
185
+ invalid_properties.push('invalid value for "type", type cannot be nil.')
186
+ end
187
+
188
+ if @expiration.nil?
189
+ invalid_properties.push('invalid value for "expiration", expiration cannot be nil.')
190
+ end
191
+
192
+ if @conditions.nil?
193
+ invalid_properties.push('invalid value for "conditions", conditions cannot be nil.')
194
+ end
195
+
196
+ invalid_properties
197
+ end
198
+
199
+ # Check to see if the all the properties in the model are valid
200
+ # @return true if the model is valid
201
+ def valid?
202
+ warn '[DEPRECATED] the `valid?` method is obsolete'
203
+ return false if @id.nil?
204
+ return false if @entity_tag.nil?
205
+ return false if @created_at.nil?
206
+ return false if @type.nil?
207
+ return false if @expiration.nil?
208
+ return false if @conditions.nil?
209
+ true
210
+ end
211
+
212
+ # Custom attribute writer method with validation
213
+ # @param [Object] id Value to be assigned
214
+ def id=(id)
215
+ if id.nil?
216
+ fail ArgumentError, 'id cannot be nil'
217
+ end
218
+
219
+ @id = id
220
+ end
221
+
222
+ # Custom attribute writer method with validation
223
+ # @param [Object] entity_tag Value to be assigned
224
+ def entity_tag=(entity_tag)
225
+ if entity_tag.nil?
226
+ fail ArgumentError, 'entity_tag cannot be nil'
227
+ end
228
+
229
+ @entity_tag = entity_tag
230
+ end
231
+
232
+ # Custom attribute writer method with validation
233
+ # @param [Object] created_at Value to be assigned
234
+ def created_at=(created_at)
235
+ if created_at.nil?
236
+ fail ArgumentError, 'created_at cannot be nil'
237
+ end
238
+
239
+ @created_at = created_at
240
+ end
241
+
242
+ # Custom attribute writer method with validation
243
+ # @param [Object] type Value to be assigned
244
+ def type=(type)
245
+ if type.nil?
246
+ fail ArgumentError, 'type cannot be nil'
247
+ end
248
+
249
+ @type = type
250
+ end
251
+
252
+ # Custom attribute writer method with validation
253
+ # @param [Object] expiration Value to be assigned
254
+ def expiration=(expiration)
255
+ if expiration.nil?
256
+ fail ArgumentError, 'expiration cannot be nil'
257
+ end
258
+
259
+ @expiration = expiration
260
+ end
261
+
262
+ # Custom attribute writer method with validation
263
+ # @param [Object] conditions Value to be assigned
264
+ def conditions=(conditions)
265
+ if conditions.nil?
266
+ fail ArgumentError, 'conditions cannot be nil'
267
+ end
268
+
269
+ @conditions = conditions
270
+ end
271
+
272
+ # Checks equality by comparing each attribute.
273
+ # @param [Object] Object to be compared
274
+ def ==(o)
275
+ return true if self.equal?(o)
276
+ self.class == o.class &&
277
+ id == o.id &&
278
+ entity_tag == o.entity_tag &&
279
+ created_at == o.created_at &&
280
+ modified_at == o.modified_at &&
281
+ name == o.name &&
282
+ type == o.type &&
283
+ realm_name == o.realm_name &&
284
+ expiration == o.expiration &&
285
+ cr_type == o.cr_type &&
286
+ conditions == o.conditions
287
+ end
288
+
289
+ # @see the `==` method
290
+ # @param [Object] Object to be compared
291
+ def eql?(o)
292
+ self == o
293
+ end
294
+
295
+ # Calculates hash code according to all attributes.
296
+ # @return [Integer] Hash code
297
+ def hash
298
+ [id, entity_tag, created_at, modified_at, name, type, realm_name, expiration, cr_type, conditions].hash
299
+ end
300
+
301
+ # Builds the object from hash
302
+ # @param [Hash] attributes Model attributes in the form of hash
303
+ # @return [Object] Returns the model itself
304
+ def self.build_from_hash(attributes)
305
+ return nil unless attributes.is_a?(Hash)
306
+ attributes = attributes.transform_keys(&:to_sym)
307
+ transformed_hash = {}
308
+ openapi_types.each_pair do |key, type|
309
+ if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
310
+ transformed_hash["#{key}"] = nil
311
+ elsif type =~ /\AArray<(.*)>/i
312
+ # check to ensure the input is an array given that the attribute
313
+ # is documented as an array but the input is not
314
+ if attributes[attribute_map[key]].is_a?(Array)
315
+ transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
316
+ end
317
+ elsif !attributes[attribute_map[key]].nil?
318
+ transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
319
+ end
320
+ end
321
+ new(transformed_hash)
322
+ end
323
+
324
+ # Returns the object in the form of hash
325
+ # @return [Hash] Returns the object in the form of hash
326
+ def to_hash
327
+ hash = {}
328
+ self.class.attribute_map.each_pair do |attr, param|
329
+ value = self.send(attr)
330
+ if value.nil?
331
+ is_nullable = self.class.openapi_nullable.include?(attr)
332
+ next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
333
+ end
334
+
335
+ hash[param] = _to_hash(value)
336
+ end
337
+ hash
338
+ end
339
+
340
+ end
341
+
342
+ end
@@ -0,0 +1,219 @@
1
+ =begin
2
+ #IAM Identity Services
3
+
4
+ #  ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
5
+
6
+ The version of the OpenAPI document: 1.0.0
7
+
8
+ Generated by: https://openapi-generator.tech
9
+ Generator version: 7.23.0
10
+
11
+ =end
12
+
13
+ require 'date'
14
+ require 'time'
15
+
16
+ module IbmCloudIam
17
+ class ProfileClaimRuleConditions < ApiModelBase
18
+ # The claim to evaluate against. [Learn more](/docs/account?topic=account-iam-condition-properties&interface=ui#cr-attribute-names).
19
+ attr_accessor :claim
20
+
21
+ # The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN
22
+ attr_accessor :operator
23
+
24
+ # The stringified JSON value that the claim is compared to using the operator
25
+ attr_accessor :value
26
+
27
+ # Attribute mapping from ruby-style variable name to JSON key.
28
+ def self.attribute_map
29
+ {
30
+ :'claim' => :'claim',
31
+ :'operator' => :'operator',
32
+ :'value' => :'value'
33
+ }
34
+ end
35
+
36
+ # Returns attribute mapping this model knows about
37
+ def self.acceptable_attribute_map
38
+ attribute_map
39
+ end
40
+
41
+ # Returns all the JSON keys this model knows about
42
+ def self.acceptable_attributes
43
+ acceptable_attribute_map.values
44
+ end
45
+
46
+ # Attribute type mapping.
47
+ def self.openapi_types
48
+ {
49
+ :'claim' => :'String',
50
+ :'operator' => :'String',
51
+ :'value' => :'String'
52
+ }
53
+ end
54
+
55
+ # List of attributes with nullable: true
56
+ def self.openapi_nullable
57
+ Set.new([
58
+ ])
59
+ end
60
+
61
+ # Initializes the object
62
+ # @param [Hash] attributes Model attributes in the form of hash
63
+ def initialize(attributes = {})
64
+ if (!attributes.is_a?(Hash))
65
+ fail ArgumentError, "The input argument (attributes) must be a hash in `IbmCloudIam::ProfileClaimRuleConditions` initialize method"
66
+ end
67
+
68
+ # check to see if the attribute exists and convert string to symbol for hash key
69
+ acceptable_attribute_map = self.class.acceptable_attribute_map
70
+ attributes = attributes.each_with_object({}) { |(k, v), h|
71
+ if (!acceptable_attribute_map.key?(k.to_sym))
72
+ fail ArgumentError, "`#{k}` is not a valid attribute in `IbmCloudIam::ProfileClaimRuleConditions`. Please check the name to make sure it's valid. List of attributes: " + acceptable_attribute_map.keys.inspect
73
+ end
74
+ h[k.to_sym] = v
75
+ }
76
+
77
+ if attributes.key?(:'claim')
78
+ self.claim = attributes[:'claim']
79
+ else
80
+ self.claim = nil
81
+ end
82
+
83
+ if attributes.key?(:'operator')
84
+ self.operator = attributes[:'operator']
85
+ else
86
+ self.operator = nil
87
+ end
88
+
89
+ if attributes.key?(:'value')
90
+ self.value = attributes[:'value']
91
+ else
92
+ self.value = nil
93
+ end
94
+ end
95
+
96
+ # Show invalid properties with the reasons. Usually used together with valid?
97
+ # @return Array for valid properties with the reasons
98
+ def list_invalid_properties
99
+ warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
100
+ invalid_properties = Array.new
101
+ if @claim.nil?
102
+ invalid_properties.push('invalid value for "claim", claim cannot be nil.')
103
+ end
104
+
105
+ if @operator.nil?
106
+ invalid_properties.push('invalid value for "operator", operator cannot be nil.')
107
+ end
108
+
109
+ if @value.nil?
110
+ invalid_properties.push('invalid value for "value", value cannot be nil.')
111
+ end
112
+
113
+ invalid_properties
114
+ end
115
+
116
+ # Check to see if the all the properties in the model are valid
117
+ # @return true if the model is valid
118
+ def valid?
119
+ warn '[DEPRECATED] the `valid?` method is obsolete'
120
+ return false if @claim.nil?
121
+ return false if @operator.nil?
122
+ return false if @value.nil?
123
+ true
124
+ end
125
+
126
+ # Custom attribute writer method with validation
127
+ # @param [Object] claim Value to be assigned
128
+ def claim=(claim)
129
+ if claim.nil?
130
+ fail ArgumentError, 'claim cannot be nil'
131
+ end
132
+
133
+ @claim = claim
134
+ end
135
+
136
+ # Custom attribute writer method with validation
137
+ # @param [Object] operator Value to be assigned
138
+ def operator=(operator)
139
+ if operator.nil?
140
+ fail ArgumentError, 'operator cannot be nil'
141
+ end
142
+
143
+ @operator = operator
144
+ end
145
+
146
+ # Custom attribute writer method with validation
147
+ # @param [Object] value Value to be assigned
148
+ def value=(value)
149
+ if value.nil?
150
+ fail ArgumentError, 'value cannot be nil'
151
+ end
152
+
153
+ @value = value
154
+ end
155
+
156
+ # Checks equality by comparing each attribute.
157
+ # @param [Object] Object to be compared
158
+ def ==(o)
159
+ return true if self.equal?(o)
160
+ self.class == o.class &&
161
+ claim == o.claim &&
162
+ operator == o.operator &&
163
+ value == o.value
164
+ end
165
+
166
+ # @see the `==` method
167
+ # @param [Object] Object to be compared
168
+ def eql?(o)
169
+ self == o
170
+ end
171
+
172
+ # Calculates hash code according to all attributes.
173
+ # @return [Integer] Hash code
174
+ def hash
175
+ [claim, operator, value].hash
176
+ end
177
+
178
+ # Builds the object from hash
179
+ # @param [Hash] attributes Model attributes in the form of hash
180
+ # @return [Object] Returns the model itself
181
+ def self.build_from_hash(attributes)
182
+ return nil unless attributes.is_a?(Hash)
183
+ attributes = attributes.transform_keys(&:to_sym)
184
+ transformed_hash = {}
185
+ openapi_types.each_pair do |key, type|
186
+ if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
187
+ transformed_hash["#{key}"] = nil
188
+ elsif type =~ /\AArray<(.*)>/i
189
+ # check to ensure the input is an array given that the attribute
190
+ # is documented as an array but the input is not
191
+ if attributes[attribute_map[key]].is_a?(Array)
192
+ transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
193
+ end
194
+ elsif !attributes[attribute_map[key]].nil?
195
+ transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
196
+ end
197
+ end
198
+ new(transformed_hash)
199
+ end
200
+
201
+ # Returns the object in the form of hash
202
+ # @return [Hash] Returns the object in the form of hash
203
+ def to_hash
204
+ hash = {}
205
+ self.class.attribute_map.each_pair do |attr, param|
206
+ value = self.send(attr)
207
+ if value.nil?
208
+ is_nullable = self.class.openapi_nullable.include?(attr)
209
+ next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
210
+ end
211
+
212
+ hash[param] = _to_hash(value)
213
+ end
214
+ hash
215
+ end
216
+
217
+ end
218
+
219
+ end