ibm_cloud_iam 1.0.2 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +548 -36
- data/docs/APIKeysApi.md +714 -0
- data/docs/AccessGroupCount.md +20 -0
- data/docs/AccountBasedMfaEnrollment.md +24 -0
- data/docs/AccountIdpSettings.md +32 -0
- data/docs/AccountLimitsApi.md +173 -0
- data/docs/AccountLoginSettings.md +18 -0
- data/docs/AccountSettingsApi.md +224 -0
- data/docs/AccountSettingsAssignedTemplatesSection.md +46 -0
- data/docs/AccountSettingsEffectiveSection.md +38 -0
- data/docs/AccountSettingsForIdPApi.md +489 -0
- data/docs/AccountSettingsMeta.md +24 -0
- data/docs/AccountSettingsRequest.md +40 -0
- data/docs/AccountSettingsResponse.md +48 -0
- data/docs/AccountSettingsTemplateApi.md +720 -0
- data/docs/AccountSettingsTemplateAssignmentsApi.md +376 -0
- data/docs/AccountSettingsTemplateList.md +30 -0
- data/docs/AccountSettingsTemplateRequest.md +24 -0
- data/docs/AccountSettingsTemplateResponse.md +44 -0
- data/docs/AccountSettingsUserDomainRestriction.md +22 -0
- data/docs/AccountSettingsUserMFAResponse.md +28 -0
- data/docs/ActionControls.md +22 -0
- data/docs/ActionControlsIdentities.md +20 -0
- data/docs/ActivitiesApi.md +149 -0
- data/docs/Activity.md +20 -0
- data/docs/AddAccountIdpSettingRequest.md +22 -0
- data/docs/ApiKey.md +44 -33
- data/docs/ApiKeyInsideCreateServiceIdRequest.md +18 -13
- data/docs/ApiKeyList.md +20 -19
- data/docs/ApikeyActivity.md +28 -0
- data/docs/ApikeyActivityServiceid.md +20 -0
- data/docs/ApikeyActivityUser.md +24 -0
- data/docs/AssignedTemplatesAccountSettings.md +40 -0
- data/docs/CommonAccountSettingsRequest.md +36 -0
- data/docs/CommonAccountSettingsResponse.md +34 -0
- data/docs/ConsumersResponse.md +20 -0
- data/docs/ConsumersResponseConsumersInner.md +20 -0
- data/docs/CreateApiKeyRequest.md +24 -17
- data/docs/CreateIdpRequest.md +30 -0
- data/docs/CreateIdpRequestProperties.md +20 -0
- data/docs/CreateIdpRequestPropertiesIdp.md +26 -0
- data/docs/CreateIdpRequestPropertiesSp.md +32 -0
- data/docs/CreateIdpRequestPropertiesSpAuthnContext.md +20 -0
- data/docs/CreateIdpRequestSecrets.md +20 -0
- data/docs/CreateIdpRequestSecretsIdp.md +22 -0
- data/docs/CreateIdpRequestSecretsIdpSigningInner.md +20 -0
- data/docs/CreateIdpRequestSecretsSp.md +18 -0
- data/docs/CreateIdpRequestSecretsSpSigningInner.md +24 -0
- data/docs/CreateProfileLinkRequest.md +24 -0
- data/docs/CreateProfileLinkRequestLink.md +26 -0
- data/docs/CreateServiceIdGroupRequest.md +22 -0
- data/docs/CreateServiceIdRequest.md +18 -15
- data/docs/CreateTemplateAssignmentRequest.md +24 -0
- data/docs/CreateTrustedProfileRequest.md +24 -0
- data/docs/EffectiveAccountSettingsResponse.md +26 -0
- data/docs/EnityHistoryRecord.md +18 -17
- data/docs/EntityActivity.md +22 -0
- data/docs/Error.md +14 -13
- data/docs/ExceptionResponse.md +14 -13
- data/docs/ExceptionResponseContext.md +30 -29
- data/docs/IDPManagementApi.md +692 -0
- data/docs/IdBasedMfaEnrollment.md +26 -0
- data/docs/IdentityCount.md +20 -0
- data/docs/IdentityLimitsUsageRequest.md +42 -0
- data/docs/IdentityLimitsUsageResponse.md +44 -0
- data/docs/IdentityLimitsUsageResponseApikeysPerIdentity.md +20 -0
- data/docs/IdentityLimitsUsageResponseClaimRulesPerGroup.md +20 -0
- data/docs/IdentityLimitsUsageResponseClaimRulesPerProfile.md +20 -0
- data/docs/IdentityLimitsUsageResponseServiceidsPerGroup.md +20 -0
- data/docs/IdentityLimitsUsageResponseTemplateVersionsPerTemplate.md +20 -0
- data/docs/IdentityPreferenceResponse.md +28 -0
- data/docs/IdentityPreferencesApi.md +304 -0
- data/docs/IdentityPreferencesResponse.md +18 -0
- data/docs/Idp.md +38 -0
- data/docs/LimitCount.md +20 -0
- data/docs/ListIdPSettings200Response.md +18 -0
- data/docs/ListIdps200Response.md +18 -0
- data/docs/MFAEnrollmentStatusApi.md +216 -0
- data/docs/MFARequirementsResponse.md +12 -11
- data/docs/MfaEnrollmentTypeStatus.md +20 -0
- data/docs/MfaOptions.md +15 -0
- data/docs/OidcExceptionResponse.md +16 -15
- data/docs/PolicyTemplateReference.md +20 -0
- data/docs/ProfileClaimRule.md +36 -0
- data/docs/ProfileClaimRuleConditions.md +22 -0
- data/docs/ProfileClaimRuleList.md +20 -0
- data/docs/ProfileClaimRuleRequest.md +30 -0
- data/docs/ProfileCount.md +20 -0
- data/docs/ProfileIdentitiesResponse.md +20 -0
- data/docs/ProfileIdentitiesUpdateRequest.md +18 -0
- data/docs/ProfileIdentityRequest.md +24 -0
- data/docs/ProfileIdentityResponse.md +26 -0
- data/docs/ProfileLink.md +32 -0
- data/docs/ProfileLinkLink.md +26 -0
- data/docs/ProfileLinkList.md +18 -0
- data/docs/Report.md +34 -0
- data/docs/ReportMfaEnrollmentStatus.md +28 -0
- data/docs/ReportReference.md +18 -0
- data/docs/ResponseContext.md +28 -27
- data/docs/RetrictActions.md +15 -0
- data/docs/SamlMetadataImportResponse.md +42 -0
- data/docs/ServiceIDGroupsApi.md +347 -0
- data/docs/ServiceIDsApi.md +515 -0
- data/docs/ServiceId.md +38 -33
- data/docs/ServiceIdGroup.md +34 -0
- data/docs/ServiceIdGroupCount.md +20 -0
- data/docs/ServiceIdGroupList.md +18 -0
- data/docs/ServiceIdList.md +20 -19
- data/docs/ShareScope.md +20 -0
- data/docs/TemplateAccountSettings.md +40 -0
- data/docs/TemplateAccountSettingsAllOfRestrictUserDomains.md +20 -0
- data/docs/TemplateAssignmentListResponse.md +30 -0
- data/docs/TemplateAssignmentResource.md +18 -0
- data/docs/TemplateAssignmentResourceError.md +24 -0
- data/docs/TemplateAssignmentResponse.md +48 -0
- data/docs/TemplateAssignmentResponseResource.md +24 -0
- data/docs/TemplateAssignmentResponseResourceDetail.md +26 -0
- data/docs/TemplateCount.md +20 -0
- data/docs/TemplateProfileComponentRequest.md +26 -0
- data/docs/TemplateProfileComponentResponse.md +26 -0
- data/docs/TestResult.md +28 -0
- data/docs/TestResultStepsInner.md +24 -0
- data/docs/TestTriggerResponse.md +20 -0
- data/docs/TokenResponse.md +18 -17
- data/docs/TokenRetrievalApi.md +461 -0
- data/docs/TrustedProfile.md +50 -0
- data/docs/TrustedProfileTemplateApi.md +720 -0
- data/docs/TrustedProfileTemplateAssignmentsApi.md +376 -0
- data/docs/TrustedProfileTemplateClaimRule.md +26 -0
- data/docs/TrustedProfileTemplateList.md +30 -0
- data/docs/TrustedProfileTemplateRequest.md +28 -0
- data/docs/TrustedProfileTemplateResponse.md +48 -0
- data/docs/TrustedProfilesApi.md +1414 -0
- data/docs/TrustedProfilesList.md +30 -0
- data/docs/UpdateAccountIdpSettingRequest.md +22 -0
- data/docs/UpdateAccountLoginSettings.md +18 -0
- data/docs/UpdateApiKeyRequest.md +16 -9
- data/docs/UpdateIdPRequest.md +28 -0
- data/docs/UpdateIdPRequestProperties.md +20 -0
- data/docs/UpdateIdPRequestPropertiesIdp.md +24 -0
- data/docs/UpdateIdPRequestSecrets.md +20 -0
- data/docs/UpdateIdPRequestSecretsIdp.md +20 -0
- data/docs/UpdatePreferenceRequest.md +20 -0
- data/docs/UpdateServiceIdGroupRequest.md +20 -0
- data/docs/UpdateServiceIdRequest.md +12 -11
- data/docs/UpdateTemplateAssignmentRequest.md +18 -0
- data/docs/UpdateTrustedProfileRequest.md +22 -0
- data/docs/UserActivity.md +26 -0
- data/docs/UserMFAResolved.md +24 -0
- data/docs/UserMfa.md +20 -0
- data/docs/UserMfaEnrollments.md +24 -0
- data/docs/UserReportMfaEnrollmentStatus.md +30 -0
- data/docs/UserVisbilityRetrictActions.md +15 -0
- data/docs/UserVisbilityRetrictActionsForTemplate.md +15 -0
- data/git_push.sh +3 -4
- data/ibm_cloud_iam.gemspec +6 -6
- data/lib/ibm_cloud_iam/api/account_limits_api.rb +208 -0
- data/lib/ibm_cloud_iam/api/account_settings_api.rb +262 -0
- data/lib/ibm_cloud_iam/api/account_settings_for_id_p_api.rb +571 -0
- data/lib/ibm_cloud_iam/api/account_settings_template_api.rb +823 -0
- data/lib/ibm_cloud_iam/api/account_settings_template_assignments_api.rb +422 -0
- data/lib/ibm_cloud_iam/api/activities_api.rb +174 -0
- data/lib/ibm_cloud_iam/api/api_keys_api.rb +786 -0
- data/lib/ibm_cloud_iam/api/identity_preferences_api.rb +357 -0
- data/lib/ibm_cloud_iam/api/idp_management_api.rb +744 -0
- data/lib/ibm_cloud_iam/api/mfa_enrollment_status_api.rb +248 -0
- data/lib/ibm_cloud_iam/api/service_id_groups_api.rb +392 -0
- data/lib/ibm_cloud_iam/api/service_ids_api.rb +575 -0
- data/lib/ibm_cloud_iam/api/token_retrieval_api.rb +557 -0
- data/lib/ibm_cloud_iam/api/trusted_profile_template_api.rb +823 -0
- data/lib/ibm_cloud_iam/api/trusted_profile_template_assignments_api.rb +422 -0
- data/lib/ibm_cloud_iam/api/trusted_profiles_api.rb +1630 -0
- data/lib/ibm_cloud_iam/api_client.rb +74 -65
- data/lib/ibm_cloud_iam/api_error.rb +4 -3
- data/lib/ibm_cloud_iam/api_model_base.rb +88 -0
- data/lib/ibm_cloud_iam/configuration.rb +75 -15
- data/lib/ibm_cloud_iam/models/access_group_count.rb +159 -0
- data/lib/ibm_cloud_iam/models/account_based_mfa_enrollment.rb +243 -0
- data/lib/ibm_cloud_iam/models/account_idp_settings.rb +244 -0
- data/lib/ibm_cloud_iam/models/account_login_settings.rb +147 -0
- data/lib/ibm_cloud_iam/models/account_settings_assigned_templates_section.rb +377 -0
- data/lib/ibm_cloud_iam/models/account_settings_effective_section.rb +282 -0
- data/lib/ibm_cloud_iam/models/account_settings_meta.rb +179 -0
- data/lib/ibm_cloud_iam/models/account_settings_request.rb +301 -0
- data/lib/ibm_cloud_iam/models/account_settings_response.rb +567 -0
- data/lib/ibm_cloud_iam/models/account_settings_template_list.rb +256 -0
- data/lib/ibm_cloud_iam/models/account_settings_template_request.rb +178 -0
- data/lib/ibm_cloud_iam/models/account_settings_template_response.rb +416 -0
- data/lib/ibm_cloud_iam/models/account_settings_user_domain_restriction.rb +188 -0
- data/lib/ibm_cloud_iam/models/account_settings_user_mfa_response.rb +261 -0
- data/lib/ibm_cloud_iam/models/action_controls.rb +199 -0
- data/lib/ibm_cloud_iam/models/action_controls_identities.rb +190 -0
- data/lib/ibm_cloud_iam/models/activity.rb +175 -0
- data/lib/ibm_cloud_iam/models/add_account_idp_setting_request.rb +243 -0
- data/lib/ibm_cloud_iam/models/api_key.rb +188 -104
- data/lib/ibm_cloud_iam/models/api_key_inside_create_service_id_request.rb +70 -99
- data/lib/ibm_cloud_iam/models/api_key_list.rb +46 -95
- data/lib/ibm_cloud_iam/models/apikey_activity.rb +231 -0
- data/lib/ibm_cloud_iam/models/apikey_activity_serviceid.rb +159 -0
- data/lib/ibm_cloud_iam/models/apikey_activity_user.rb +179 -0
- data/lib/ibm_cloud_iam/models/assigned_templates_account_settings.rb +296 -0
- data/lib/ibm_cloud_iam/models/common_account_settings_request.rb +272 -0
- data/lib/ibm_cloud_iam/models/common_account_settings_response.rb +260 -0
- data/lib/ibm_cloud_iam/models/consumers_response.rb +158 -0
- data/lib/ibm_cloud_iam/models/consumers_response_consumers_inner.rb +158 -0
- data/lib/ibm_cloud_iam/models/create_api_key_request.rb +92 -99
- data/lib/ibm_cloud_iam/models/create_idp_request.rb +283 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_properties.rb +157 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_properties_idp.rb +189 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp.rb +222 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp_authn_context.rb +163 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_secrets.rb +157 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp.rb +173 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp_signing_inner.rb +192 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp.rb +151 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp_signing_inner.rb +212 -0
- data/lib/ibm_cloud_iam/models/create_profile_link_request.rb +211 -0
- data/lib/ibm_cloud_iam/models/create_profile_link_request_link.rb +206 -0
- data/lib/ibm_cloud_iam/models/create_service_id_group_request.rb +203 -0
- data/lib/ibm_cloud_iam/models/create_service_id_request.rb +68 -95
- data/lib/ibm_cloud_iam/models/create_template_assignment_request.rb +280 -0
- data/lib/ibm_cloud_iam/models/create_trusted_profile_request.rb +213 -0
- data/lib/ibm_cloud_iam/models/effective_account_settings_response.rb +239 -0
- data/lib/ibm_cloud_iam/models/enity_history_record.rb +112 -101
- data/lib/ibm_cloud_iam/models/entity_activity.rb +185 -0
- data/lib/ibm_cloud_iam/models/error.rb +69 -94
- data/lib/ibm_cloud_iam/models/exception_response.rb +57 -94
- data/lib/ibm_cloud_iam/models/exception_response_context.rb +33 -94
- data/lib/ibm_cloud_iam/models/id_based_mfa_enrollment.rb +270 -0
- data/lib/ibm_cloud_iam/models/identity_count.rb +159 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_request.rb +283 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_response.rb +265 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_response_apikeys_per_identity.rb +178 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_group.rb +178 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_profile.rb +178 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_response_serviceids_per_group.rb +178 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_response_template_versions_per_template.rb +178 -0
- data/lib/ibm_cloud_iam/models/identity_preference_response.rb +200 -0
- data/lib/ibm_cloud_iam/models/identity_preferences_response.rb +167 -0
- data/lib/ibm_cloud_iam/models/idp.rb +239 -0
- data/lib/ibm_cloud_iam/models/limit_count.rb +176 -0
- data/lib/ibm_cloud_iam/models/list_id_p_settings200_response.rb +149 -0
- data/lib/ibm_cloud_iam/models/list_idps200_response.rb +149 -0
- data/lib/ibm_cloud_iam/models/mfa_enrollment_type_status.rb +192 -0
- data/lib/ibm_cloud_iam/models/mfa_options.rb +45 -0
- data/lib/ibm_cloud_iam/models/mfa_requirements_response.rb +69 -94
- data/lib/ibm_cloud_iam/models/oidc_exception_response.rb +57 -94
- data/lib/ibm_cloud_iam/models/policy_template_reference.rb +193 -0
- data/lib/ibm_cloud_iam/models/profile_claim_rule.rb +342 -0
- data/lib/ibm_cloud_iam/models/profile_claim_rule_conditions.rb +219 -0
- data/lib/ibm_cloud_iam/models/profile_claim_rule_list.rb +176 -0
- data/lib/ibm_cloud_iam/models/profile_claim_rule_request.rb +243 -0
- data/lib/ibm_cloud_iam/models/profile_count.rb +159 -0
- data/lib/ibm_cloud_iam/models/profile_identities_response.rb +160 -0
- data/lib/ibm_cloud_iam/models/profile_identities_update_request.rb +150 -0
- data/lib/ibm_cloud_iam/models/profile_identity_request.rb +238 -0
- data/lib/ibm_cloud_iam/models/profile_identity_response.rb +265 -0
- data/lib/ibm_cloud_iam/models/profile_link.rb +320 -0
- data/lib/ibm_cloud_iam/models/profile_link_link.rb +188 -0
- data/lib/ibm_cloud_iam/models/profile_link_list.rb +167 -0
- data/lib/ibm_cloud_iam/models/report.rb +321 -0
- data/lib/ibm_cloud_iam/models/report_mfa_enrollment_status.rb +268 -0
- data/lib/ibm_cloud_iam/models/report_reference.rb +165 -0
- data/lib/ibm_cloud_iam/models/response_context.rb +33 -94
- data/lib/ibm_cloud_iam/models/retrict_actions.rb +41 -0
- data/lib/ibm_cloud_iam/models/saml_metadata_import_response.rb +494 -0
- data/lib/ibm_cloud_iam/models/service_id.rb +184 -108
- data/lib/ibm_cloud_iam/models/service_id_group.rb +313 -0
- data/lib/ibm_cloud_iam/models/service_id_group_count.rb +159 -0
- data/lib/ibm_cloud_iam/models/service_id_group_list.rb +167 -0
- data/lib/ibm_cloud_iam/models/service_id_list.rb +47 -96
- data/lib/ibm_cloud_iam/models/share_scope.rb +190 -0
- data/lib/ibm_cloud_iam/models/template_account_settings.rb +296 -0
- data/lib/ibm_cloud_iam/models/template_account_settings_all_of_restrict_user_domains.rb +159 -0
- data/lib/ibm_cloud_iam/models/template_assignment_list_response.rb +227 -0
- data/lib/ibm_cloud_iam/models/template_assignment_resource.rb +149 -0
- data/lib/ibm_cloud_iam/models/template_assignment_resource_error.rb +179 -0
- data/lib/ibm_cloud_iam/models/template_assignment_response.rb +506 -0
- data/lib/ibm_cloud_iam/models/template_assignment_response_resource.rb +196 -0
- data/lib/ibm_cloud_iam/models/template_assignment_response_resource_detail.rb +203 -0
- data/lib/ibm_cloud_iam/models/template_count.rb +159 -0
- data/lib/ibm_cloud_iam/models/template_profile_component_request.rb +210 -0
- data/lib/ibm_cloud_iam/models/template_profile_component_response.rb +210 -0
- data/lib/ibm_cloud_iam/models/test_result.rb +194 -0
- data/lib/ibm_cloud_iam/models/test_result_steps_inner.rb +174 -0
- data/lib/ibm_cloud_iam/models/test_trigger_response.rb +156 -0
- data/lib/ibm_cloud_iam/models/token_response.rb +34 -105
- data/lib/ibm_cloud_iam/models/trusted_profile.rb +411 -0
- data/lib/ibm_cloud_iam/models/trusted_profile_template_claim_rule.rb +248 -0
- data/lib/ibm_cloud_iam/models/trusted_profile_template_list.rb +256 -0
- data/lib/ibm_cloud_iam/models/trusted_profile_template_request.rb +199 -0
- data/lib/ibm_cloud_iam/models/trusted_profile_template_response.rb +369 -0
- data/lib/ibm_cloud_iam/models/trusted_profiles_list.rb +227 -0
- data/lib/ibm_cloud_iam/models/update_account_idp_setting_request.rb +202 -0
- data/lib/ibm_cloud_iam/models/update_account_login_settings.rb +148 -0
- data/lib/ibm_cloud_iam/models/update_api_key_request.rb +68 -99
- data/lib/ibm_cloud_iam/models/update_id_p_request.rb +198 -0
- data/lib/ibm_cloud_iam/models/update_id_p_request_properties.rb +157 -0
- data/lib/ibm_cloud_iam/models/update_id_p_request_properties_idp.rb +179 -0
- data/lib/ibm_cloud_iam/models/update_id_p_request_secrets.rb +157 -0
- data/lib/ibm_cloud_iam/models/update_id_p_request_secrets_idp.rb +163 -0
- data/lib/ibm_cloud_iam/models/update_preference_request.rb +161 -0
- data/lib/ibm_cloud_iam/models/update_service_id_group_request.rb +176 -0
- data/lib/ibm_cloud_iam/models/update_service_id_request.rb +34 -95
- data/lib/ibm_cloud_iam/models/update_template_assignment_request.rb +175 -0
- data/lib/ibm_cloud_iam/models/update_trusted_profile_request.rb +169 -0
- data/lib/ibm_cloud_iam/models/user_activity.rb +222 -0
- data/lib/ibm_cloud_iam/models/user_mfa.rb +179 -0
- data/lib/ibm_cloud_iam/models/user_mfa_enrollments.rb +193 -0
- data/lib/ibm_cloud_iam/models/user_mfa_resolved.rb +178 -0
- data/lib/ibm_cloud_iam/models/user_report_mfa_enrollment_status.rb +291 -0
- data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions.rb +40 -0
- data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions_for_template.rb +41 -0
- data/lib/ibm_cloud_iam/version.rb +4 -4
- data/lib/ibm_cloud_iam.rb +140 -9
- data/spec/api/account_limits_api_spec.rb +75 -0
- data/spec/api/account_settings_api_spec.rb +80 -0
- data/spec/api/account_settings_for_id_p_api_spec.rb +132 -0
- data/spec/api/account_settings_template_api_spec.rb +184 -0
- data/spec/api/account_settings_template_assignments_api_spec.rb +112 -0
- data/spec/api/activities_api_spec.rb +64 -0
- data/spec/api/api_keys_api_spec.rb +182 -0
- data/spec/api/identity_preferences_api_spec.rb +98 -0
- data/spec/api/idp_management_api_spec.rb +166 -0
- data/spec/api/mfa_enrollment_status_api_spec.rb +77 -0
- data/spec/api/service_id_groups_api_spec.rb +102 -0
- data/spec/api/service_ids_api_spec.rb +143 -0
- data/spec/api/token_retrieval_api_spec.rb +134 -0
- data/spec/api/trusted_profile_template_api_spec.rb +184 -0
- data/spec/api/trusted_profile_template_assignments_api_spec.rb +112 -0
- data/spec/api/trusted_profiles_api_spec.rb +328 -0
- data/spec/models/access_group_count_spec.rb +42 -0
- data/spec/models/account_based_mfa_enrollment_spec.rb +54 -0
- data/spec/models/account_idp_settings_spec.rb +82 -0
- data/spec/models/account_login_settings_spec.rb +36 -0
- data/spec/models/account_settings_assigned_templates_section_spec.rb +120 -0
- data/spec/models/account_settings_effective_section_spec.rb +96 -0
- data/spec/models/account_settings_meta_spec.rb +54 -0
- data/spec/models/account_settings_request_spec.rb +102 -0
- data/spec/models/account_settings_response_spec.rb +126 -0
- data/spec/models/account_settings_template_list_spec.rb +72 -0
- data/spec/models/account_settings_template_request_spec.rb +54 -0
- data/spec/models/account_settings_template_response_spec.rb +114 -0
- data/spec/models/account_settings_user_domain_restriction_spec.rb +48 -0
- data/spec/models/account_settings_user_mfa_response_spec.rb +66 -0
- data/spec/models/action_controls_identities_spec.rb +42 -0
- data/spec/models/action_controls_spec.rb +48 -0
- data/spec/models/activity_spec.rb +42 -0
- data/spec/models/add_account_idp_setting_request_spec.rb +52 -0
- data/spec/models/api_key_inside_create_service_id_request_spec.rb +24 -17
- data/spec/models/api_key_list_spec.rb +15 -20
- data/spec/models/api_key_spec.rb +52 -27
- data/spec/models/apikey_activity_serviceid_spec.rb +42 -0
- data/spec/models/apikey_activity_spec.rb +66 -0
- data/spec/models/apikey_activity_user_spec.rb +54 -0
- data/spec/models/assigned_templates_account_settings_spec.rb +102 -0
- data/spec/models/common_account_settings_request_spec.rb +90 -0
- data/spec/models/common_account_settings_response_spec.rb +84 -0
- data/spec/models/consumers_response_consumers_inner_spec.rb +42 -0
- data/spec/models/consumers_response_spec.rb +42 -0
- data/spec/models/create_api_key_request_spec.rb +32 -19
- data/spec/models/create_idp_request_properties_idp_spec.rb +60 -0
- data/spec/models/create_idp_request_properties_sp_authn_context_spec.rb +42 -0
- data/spec/models/create_idp_request_properties_sp_spec.rb +78 -0
- data/spec/models/create_idp_request_properties_spec.rb +42 -0
- data/spec/models/create_idp_request_secrets_idp_signing_inner_spec.rb +46 -0
- data/spec/models/create_idp_request_secrets_idp_spec.rb +48 -0
- data/spec/models/create_idp_request_secrets_sp_signing_inner_spec.rb +58 -0
- data/spec/models/create_idp_request_secrets_sp_spec.rb +36 -0
- data/spec/models/create_idp_request_secrets_spec.rb +42 -0
- data/spec/models/create_idp_request_spec.rb +76 -0
- data/spec/models/create_profile_link_request_link_spec.rb +60 -0
- data/spec/models/create_profile_link_request_spec.rb +54 -0
- data/spec/models/create_service_id_group_request_spec.rb +48 -0
- data/spec/models/create_service_id_request_spec.rb +19 -18
- data/spec/models/create_template_assignment_request_spec.rb +58 -0
- data/spec/models/create_trusted_profile_request_spec.rb +54 -0
- data/spec/models/effective_account_settings_response_spec.rb +60 -0
- data/spec/models/enity_history_record_spec.rb +14 -19
- data/spec/models/entity_activity_spec.rb +48 -0
- data/spec/models/error_spec.rb +12 -17
- data/spec/models/exception_response_context_spec.rb +20 -25
- data/spec/models/exception_response_spec.rb +12 -17
- data/spec/models/id_based_mfa_enrollment_spec.rb +64 -0
- data/spec/models/identity_count_spec.rb +42 -0
- data/spec/models/identity_limits_usage_request_spec.rb +108 -0
- data/spec/models/identity_limits_usage_response_apikeys_per_identity_spec.rb +42 -0
- data/spec/models/identity_limits_usage_response_claim_rules_per_group_spec.rb +42 -0
- data/spec/models/identity_limits_usage_response_claim_rules_per_profile_spec.rb +42 -0
- data/spec/models/identity_limits_usage_response_serviceids_per_group_spec.rb +42 -0
- data/spec/models/identity_limits_usage_response_spec.rb +114 -0
- data/spec/models/identity_limits_usage_response_template_versions_per_template_spec.rb +42 -0
- data/spec/models/identity_preference_response_spec.rb +66 -0
- data/spec/models/identity_preferences_response_spec.rb +36 -0
- data/spec/models/idp_spec.rb +96 -0
- data/spec/models/limit_count_spec.rb +42 -0
- data/spec/models/list_id_p_settings200_response_spec.rb +36 -0
- data/spec/models/list_idps200_response_spec.rb +36 -0
- data/spec/models/mfa_enrollment_type_status_spec.rb +42 -0
- data/spec/models/mfa_options_spec.rb +30 -0
- data/spec/models/mfa_requirements_response_spec.rb +11 -16
- data/spec/models/oidc_exception_response_spec.rb +13 -18
- data/spec/models/policy_template_reference_spec.rb +42 -0
- data/spec/models/profile_claim_rule_conditions_spec.rb +48 -0
- data/spec/models/profile_claim_rule_list_spec.rb +42 -0
- data/spec/models/profile_claim_rule_request_spec.rb +72 -0
- data/spec/models/profile_claim_rule_spec.rb +90 -0
- data/spec/models/profile_count_spec.rb +42 -0
- data/spec/models/profile_identities_response_spec.rb +42 -0
- data/spec/models/profile_identities_update_request_spec.rb +36 -0
- data/spec/models/profile_identity_request_spec.rb +58 -0
- data/spec/models/profile_identity_response_spec.rb +64 -0
- data/spec/models/profile_link_link_spec.rb +60 -0
- data/spec/models/profile_link_list_spec.rb +36 -0
- data/spec/models/profile_link_spec.rb +78 -0
- data/spec/models/report_mfa_enrollment_status_spec.rb +66 -0
- data/spec/models/report_reference_spec.rb +36 -0
- data/spec/models/report_spec.rb +84 -0
- data/spec/models/response_context_spec.rb +19 -24
- data/spec/models/retrict_actions_spec.rb +30 -0
- data/spec/models/saml_metadata_import_response_spec.rb +112 -0
- data/spec/models/service_id_group_count_spec.rb +42 -0
- data/spec/models/service_id_group_list_spec.rb +36 -0
- data/spec/models/service_id_group_spec.rb +84 -0
- data/spec/models/service_id_list_spec.rb +15 -20
- data/spec/models/service_id_spec.rb +34 -27
- data/spec/models/share_scope_spec.rb +46 -0
- data/spec/models/template_account_settings_all_of_restrict_user_domains_spec.rb +42 -0
- data/spec/models/template_account_settings_spec.rb +102 -0
- data/spec/models/template_assignment_list_response_spec.rb +72 -0
- data/spec/models/template_assignment_resource_error_spec.rb +54 -0
- data/spec/models/template_assignment_resource_spec.rb +36 -0
- data/spec/models/template_assignment_response_resource_detail_spec.rb +60 -0
- data/spec/models/template_assignment_response_resource_spec.rb +54 -0
- data/spec/models/template_assignment_response_spec.rb +126 -0
- data/spec/models/template_count_spec.rb +42 -0
- data/spec/models/template_profile_component_request_spec.rb +60 -0
- data/spec/models/template_profile_component_response_spec.rb +60 -0
- data/spec/models/test_result_spec.rb +66 -0
- data/spec/models/test_result_steps_inner_spec.rb +54 -0
- data/spec/models/test_trigger_response_spec.rb +42 -0
- data/spec/models/token_response_spec.rb +14 -19
- data/spec/models/trusted_profile_spec.rb +132 -0
- data/spec/models/trusted_profile_template_claim_rule_spec.rb +64 -0
- data/spec/models/trusted_profile_template_list_spec.rb +72 -0
- data/spec/models/trusted_profile_template_request_spec.rb +66 -0
- data/spec/models/trusted_profile_template_response_spec.rb +126 -0
- data/spec/models/trusted_profiles_list_spec.rb +72 -0
- data/spec/models/update_account_idp_setting_request_spec.rb +52 -0
- data/spec/models/update_account_login_settings_spec.rb +36 -0
- data/spec/models/update_api_key_request_spec.rb +28 -15
- data/spec/models/update_id_p_request_properties_idp_spec.rb +54 -0
- data/spec/models/update_id_p_request_properties_spec.rb +42 -0
- data/spec/models/update_id_p_request_secrets_idp_spec.rb +42 -0
- data/spec/models/update_id_p_request_secrets_spec.rb +42 -0
- data/spec/models/update_id_p_request_spec.rb +66 -0
- data/spec/models/update_preference_request_spec.rb +42 -0
- data/spec/models/update_service_id_group_request_spec.rb +42 -0
- data/spec/models/update_service_id_request_spec.rb +11 -16
- data/spec/models/update_template_assignment_request_spec.rb +36 -0
- data/spec/models/update_trusted_profile_request_spec.rb +48 -0
- data/spec/models/user_activity_spec.rb +60 -0
- data/spec/models/user_mfa_enrollments_spec.rb +54 -0
- data/spec/models/user_mfa_resolved_spec.rb +54 -0
- data/spec/models/user_mfa_spec.rb +42 -0
- data/spec/models/user_report_mfa_enrollment_status_spec.rb +72 -0
- data/spec/models/user_visbility_retrict_actions_for_template_spec.rb +30 -0
- data/spec/models/user_visbility_retrict_actions_spec.rb +30 -0
- data/spec/spec_helper.rb +3 -3
- metadata +549 -35
- data/docs/IdentityOperationsApi.md +0 -828
- data/docs/InlineObject.md +0 -19
- data/docs/InlineObject1.md +0 -23
- data/docs/InlineObject2.md +0 -21
- data/docs/InlineObject3.md +0 -25
- data/docs/TokenOperationsApi.md +0 -226
- data/lib/ibm_cloud_iam/api/identity_operations_api.rb +0 -1083
- data/lib/ibm_cloud_iam/api/token_operations_api.rb +0 -351
- data/lib/ibm_cloud_iam/models/inline_object.rb +0 -229
- data/lib/ibm_cloud_iam/models/inline_object1.rb +0 -254
- data/lib/ibm_cloud_iam/models/inline_object2.rb +0 -244
- data/lib/ibm_cloud_iam/models/inline_object3.rb +0 -269
- data/spec/api/identity_operations_api_spec.rb +0 -253
- data/spec/api/token_operations_api_spec.rb +0 -94
- data/spec/api_client_spec.rb +0 -226
- data/spec/configuration_spec.rb +0 -42
- data/spec/models/inline_object1_spec.rb +0 -59
- data/spec/models/inline_object2_spec.rb +0 -53
- data/spec/models/inline_object3_spec.rb +0 -65
- data/spec/models/inline_object_spec.rb +0 -47
|
@@ -0,0 +1,182 @@
|
|
|
1
|
+
=begin
|
|
2
|
+
#IAM Identity Services
|
|
3
|
+
|
|
4
|
+
# ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
|
|
5
|
+
|
|
6
|
+
The version of the OpenAPI document: 1.0.0
|
|
7
|
+
|
|
8
|
+
Generated by: https://openapi-generator.tech
|
|
9
|
+
Generator version: 7.23.0
|
|
10
|
+
|
|
11
|
+
=end
|
|
12
|
+
|
|
13
|
+
require 'spec_helper'
|
|
14
|
+
require 'json'
|
|
15
|
+
|
|
16
|
+
# Unit tests for IbmCloudIam::APIKeysApi
|
|
17
|
+
# Automatically generated by openapi-generator (https://openapi-generator.tech)
|
|
18
|
+
# Please update as you see appropriate
|
|
19
|
+
describe 'APIKeysApi' do
|
|
20
|
+
before do
|
|
21
|
+
# run before each test
|
|
22
|
+
@api_instance = IbmCloudIam::APIKeysApi.new
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
after do
|
|
26
|
+
# run after each test
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
describe 'test an instance of APIKeysApi' do
|
|
30
|
+
it 'should create an instance of APIKeysApi' do
|
|
31
|
+
expect(@api_instance).to be_instance_of(IbmCloudIam::APIKeysApi)
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
# unit tests for create_api_key
|
|
36
|
+
# Create an API key
|
|
37
|
+
# Creates an API key for a UserID or service ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
|
|
38
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
39
|
+
# @param create_api_key_request Request to create an API key.
|
|
40
|
+
# @param [Hash] opts the optional parameters
|
|
41
|
+
# @option opts [String] :entity_lock Indicates if the API key is locked for further write operations. False by default.
|
|
42
|
+
# @option opts [String] :entity_disable Indicates if the API key is disabled. False by default.
|
|
43
|
+
# @return [ApiKey]
|
|
44
|
+
describe 'create_api_key test' do
|
|
45
|
+
it 'should work' do
|
|
46
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
# unit tests for delete_api_key
|
|
51
|
+
# Deletes an API key
|
|
52
|
+
# Deletes an API key. Existing tokens will remain valid until expired. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
|
|
53
|
+
# @param id Unique ID of the API key.
|
|
54
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
55
|
+
# @param [Hash] opts the optional parameters
|
|
56
|
+
# @return [nil]
|
|
57
|
+
describe 'delete_api_key test' do
|
|
58
|
+
it 'should work' do
|
|
59
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
# unit tests for disable_api_key
|
|
64
|
+
# Disable the API key
|
|
65
|
+
# Disable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
|
|
66
|
+
# @param id Unique ID of the API key.
|
|
67
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
68
|
+
# @param [Hash] opts the optional parameters
|
|
69
|
+
# @return [nil]
|
|
70
|
+
describe 'disable_api_key test' do
|
|
71
|
+
it 'should work' do
|
|
72
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
# unit tests for enable_api_key
|
|
77
|
+
# Enable the API key
|
|
78
|
+
# Enable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
|
|
79
|
+
# @param id Unique ID of the API key.
|
|
80
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
81
|
+
# @param [Hash] opts the optional parameters
|
|
82
|
+
# @return [nil]
|
|
83
|
+
describe 'enable_api_key test' do
|
|
84
|
+
it 'should work' do
|
|
85
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
# unit tests for get_api_key
|
|
90
|
+
# Get details of an API key
|
|
91
|
+
# Returns the details of an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
|
|
92
|
+
# @param id Unique ID of the API key.
|
|
93
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
94
|
+
# @param [Hash] opts the optional parameters
|
|
95
|
+
# @option opts [Boolean] :include_history Defines if the entity history is included in the response.
|
|
96
|
+
# @option opts [Boolean] :include_activity Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
|
|
97
|
+
# @return [ApiKey]
|
|
98
|
+
describe 'get_api_key test' do
|
|
99
|
+
it 'should work' do
|
|
100
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
# unit tests for get_api_keys_details
|
|
105
|
+
# Get details of an API key by its value.
|
|
106
|
+
# Returns the details of an API key by its value. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
|
|
107
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
108
|
+
# @param [Hash] opts the optional parameters
|
|
109
|
+
# @option opts [String] :iam_api_key API key value.
|
|
110
|
+
# @option opts [Boolean] :include_history Defines if the entity history is included in the response.
|
|
111
|
+
# @return [ApiKey]
|
|
112
|
+
describe 'get_api_keys_details test' do
|
|
113
|
+
it 'should work' do
|
|
114
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
115
|
+
end
|
|
116
|
+
end
|
|
117
|
+
|
|
118
|
+
# unit tests for list_api_keys
|
|
119
|
+
# Get API keys for a given service or user IAM ID and account ID
|
|
120
|
+
# Returns the list of API key details for a given service or user IAM ID and account ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
|
|
121
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
122
|
+
# @param [Hash] opts the optional parameters
|
|
123
|
+
# @option opts [String] :account_id Account ID of the API keys to query. If a service IAM ID is specified in iam_id then account_id must match the account of the IAM ID. If a user IAM ID is specified in iam_id then then account_id must match the account of the Authorization token.
|
|
124
|
+
# @option opts [String] :iam_id IAM ID of the API keys to be queried. The IAM ID may be that of a user or a service. For a user IAM ID iam_id must match the Authorization token.
|
|
125
|
+
# @option opts [Integer] :pagesize Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
|
|
126
|
+
# @option opts [String] :pagetoken Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
|
|
127
|
+
# @option opts [String] :scope Optional parameter to define the scope of the queried API keys. Can be 'entity' (default) or 'account'.
|
|
128
|
+
# @option opts [String] :type Optional parameter to filter the type of the queried API keys. Can be 'user' or 'serviceid'.
|
|
129
|
+
# @option opts [String] :sort Optional sort property, valid values are name, description, created_at and created_by. If specified, the items are sorted by the value of this property.
|
|
130
|
+
# @option opts [String] :order Optional sort order, valid values are asc and desc. Default: asc.
|
|
131
|
+
# @option opts [Boolean] :include_history Defines if the entity history is included in the response.
|
|
132
|
+
# @option opts [String] :filter An optional filter query parameter used to refine the results of the search operation. For more information see [Filtering list results](#filter-list-results) section.
|
|
133
|
+
# @option opts [String] :group_id Optional group ID of the service ID(s) to which the searched API keys are bound. If this parameter is not provided the default group is applied on service ID API keys. For user API keys this parameter is ignored as they always belong to the default group.
|
|
134
|
+
# @return [ApiKeyList]
|
|
135
|
+
describe 'list_api_keys test' do
|
|
136
|
+
it 'should work' do
|
|
137
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
138
|
+
end
|
|
139
|
+
end
|
|
140
|
+
|
|
141
|
+
# unit tests for lock_api_key
|
|
142
|
+
# Lock the API key
|
|
143
|
+
# Locks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
|
|
144
|
+
# @param id Unique ID of the API key.
|
|
145
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
146
|
+
# @param [Hash] opts the optional parameters
|
|
147
|
+
# @return [nil]
|
|
148
|
+
describe 'lock_api_key test' do
|
|
149
|
+
it 'should work' do
|
|
150
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
151
|
+
end
|
|
152
|
+
end
|
|
153
|
+
|
|
154
|
+
# unit tests for unlock_api_key
|
|
155
|
+
# Unlock the API key
|
|
156
|
+
# Unlocks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
|
|
157
|
+
# @param id Unique ID of the API key.
|
|
158
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
159
|
+
# @param [Hash] opts the optional parameters
|
|
160
|
+
# @return [nil]
|
|
161
|
+
describe 'unlock_api_key test' do
|
|
162
|
+
it 'should work' do
|
|
163
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
164
|
+
end
|
|
165
|
+
end
|
|
166
|
+
|
|
167
|
+
# unit tests for update_api_key
|
|
168
|
+
# Updates an API key
|
|
169
|
+
# Updates properties of an API key. This does NOT affect existing access tokens. Their token content will stay unchanged until the access token is refreshed. To update an API key, pass the property to be modified. To delete one property's value, pass the property with an empty value \"\". Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
|
|
170
|
+
# @param id Unique ID of the API key to be updated.
|
|
171
|
+
# @param if_match Version of the API key to be updated. Specify the version that you retrieved when reading the API key. This value helps identifying parallel usage of this API. Pass * to indicate to update any version available. This might result in stale updates.
|
|
172
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
173
|
+
# @param update_api_key_request Request to update an API key.
|
|
174
|
+
# @param [Hash] opts the optional parameters
|
|
175
|
+
# @return [ApiKey]
|
|
176
|
+
describe 'update_api_key test' do
|
|
177
|
+
it 'should work' do
|
|
178
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
179
|
+
end
|
|
180
|
+
end
|
|
181
|
+
|
|
182
|
+
end
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
=begin
|
|
2
|
+
#IAM Identity Services
|
|
3
|
+
|
|
4
|
+
# ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
|
|
5
|
+
|
|
6
|
+
The version of the OpenAPI document: 1.0.0
|
|
7
|
+
|
|
8
|
+
Generated by: https://openapi-generator.tech
|
|
9
|
+
Generator version: 7.23.0
|
|
10
|
+
|
|
11
|
+
=end
|
|
12
|
+
|
|
13
|
+
require 'spec_helper'
|
|
14
|
+
require 'json'
|
|
15
|
+
|
|
16
|
+
# Unit tests for IbmCloudIam::IdentityPreferencesApi
|
|
17
|
+
# Automatically generated by openapi-generator (https://openapi-generator.tech)
|
|
18
|
+
# Please update as you see appropriate
|
|
19
|
+
describe 'IdentityPreferencesApi' do
|
|
20
|
+
before do
|
|
21
|
+
# run before each test
|
|
22
|
+
@api_instance = IbmCloudIam::IdentityPreferencesApi.new
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
after do
|
|
26
|
+
# run after each test
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
describe 'test an instance of IdentityPreferencesApi' do
|
|
30
|
+
it 'should create an instance of IdentityPreferencesApi' do
|
|
31
|
+
expect(@api_instance).to be_instance_of(IbmCloudIam::IdentityPreferencesApi)
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
# unit tests for delete_preferences_on_scope_account
|
|
36
|
+
# Delete Identity Preference on scope account
|
|
37
|
+
# Delete one Identity Preference on scope `account`. For details about the preferences supported and how the method request is authorized, refer to the description of operation `Update Identity Preference on scope account`.
|
|
38
|
+
# @param account_id Account id to delete preference for
|
|
39
|
+
# @param iam_id IAM id to delete the preference for
|
|
40
|
+
# @param service Service of the preference to be deleted
|
|
41
|
+
# @param preference_id Identifier of preference to be deleted
|
|
42
|
+
# @param [Hash] opts the optional parameters
|
|
43
|
+
# @option opts [String] :authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
44
|
+
# @return [nil]
|
|
45
|
+
describe 'delete_preferences_on_scope_account test' do
|
|
46
|
+
it 'should work' do
|
|
47
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
# unit tests for get_all_preferences_on_scope_account
|
|
52
|
+
# Get all Identity Preferences on scope account
|
|
53
|
+
# Get all Identity Preferences for one account / identity combination. For details about the preferences supported and how the method request is authorized, refer to the description of operation `Get Identity Preference on scope account`. If you are not allowed to read a preference, the call will not fail. Instead, this preference is/ these preferences are not returned in the list call.
|
|
54
|
+
# @param account_id Account id to get preferences for
|
|
55
|
+
# @param iam_id IAM id to get the preferences for
|
|
56
|
+
# @param [Hash] opts the optional parameters
|
|
57
|
+
# @option opts [String] :authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
58
|
+
# @return [IdentityPreferencesResponse]
|
|
59
|
+
describe 'get_all_preferences_on_scope_account test' do
|
|
60
|
+
it 'should work' do
|
|
61
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
# unit tests for get_preferences_on_scope_account
|
|
66
|
+
# Get Identity Preference on scope account
|
|
67
|
+
# Get one Identity Preference on scope `account`. For details about the preferences supported, refer to the description of operation `Update Identity Preference on scope account`. ### Authorization To call this method for the identity type `Trusted Profile`, one of the following conditions must be true: - the Authorization token represents the trusted profile which is addressed by this request - you must be assigned one or more IAM access roles that include the following action on the target resource `account` and resource type `preferences`: - iam-identity.preferences.update By default, the `Administrator` role on service `iam-identity` contains this action. - Services inside the IBM Cloud Console can call this method.
|
|
68
|
+
# @param account_id Account id to get preference for
|
|
69
|
+
# @param iam_id IAM id to get the preference for
|
|
70
|
+
# @param service Service of the preference to be fetched
|
|
71
|
+
# @param preference_id Identifier of preference to be fetched
|
|
72
|
+
# @param [Hash] opts the optional parameters
|
|
73
|
+
# @option opts [String] :authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
74
|
+
# @return [IdentityPreferenceResponse]
|
|
75
|
+
describe 'get_preferences_on_scope_account test' do
|
|
76
|
+
it 'should work' do
|
|
77
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
# unit tests for update_preference_on_scope_account
|
|
82
|
+
# Update Identity Preference on scope account
|
|
83
|
+
# Update one Identity Preference on scope `account`. The following preferences are storing values for identities inside an account, i.e. for each account that an identity is member of, the value stored might be different. This means, **users** who might be member of multiple accounts can have multiple preferences, one per account. Identities like **Service Ids** or **Trusted Profiles** can only exist in one account, therefore they can only have one preference inside their related account. ### Preferences - **console/landing_page** service: `console` preference_id: `landing_page` supported identity types: `Trusted Profile` type: `string` validation: valid path for the IBM Cloud Console (without host part), e.g. `/billing` or `/iam` - **console/global_left_navigation** service: `console` preference_id: `global_left_navigation` supported identity types: `Trusted Profile` type: `list of strings` validation: each entry in the list of strings must match the identifier of one navigation entry in the console; these identifiers are defined and interpreted by the IBM Cloud Console; currently the following entries are supported: `slash,projects,rex,containers,databases,is,logmet,automation,complianceAndSecurity,apis,cp4d,partner-center,sap,satellite,vmWare,watsonx` ### Authorization To call this method for the identity type `Trusted Profile`, you must be assigned one or more IAM access roles that include the following action on the target resource `account` and resource type `preferences`: - iam-identity.preferences.update By default, the `Administrator` role on service `iam-identity` contains this action.
|
|
84
|
+
# @param account_id Account id to update preference for
|
|
85
|
+
# @param iam_id IAM id to update the preference for
|
|
86
|
+
# @param service Service of the preference to be updated
|
|
87
|
+
# @param preference_id Identifier of preference to be updated
|
|
88
|
+
# @param update_preference_request Request to update one identity preference on scope 'acount'.
|
|
89
|
+
# @param [Hash] opts the optional parameters
|
|
90
|
+
# @option opts [String] :authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
|
|
91
|
+
# @return [IdentityPreferenceResponse]
|
|
92
|
+
describe 'update_preference_on_scope_account test' do
|
|
93
|
+
it 'should work' do
|
|
94
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
95
|
+
end
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
end
|
|
@@ -0,0 +1,166 @@
|
|
|
1
|
+
=begin
|
|
2
|
+
#IAM Identity Services
|
|
3
|
+
|
|
4
|
+
# ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
|
|
5
|
+
|
|
6
|
+
The version of the OpenAPI document: 1.0.0
|
|
7
|
+
|
|
8
|
+
Generated by: https://openapi-generator.tech
|
|
9
|
+
Generator version: 7.23.0
|
|
10
|
+
|
|
11
|
+
=end
|
|
12
|
+
|
|
13
|
+
require 'spec_helper'
|
|
14
|
+
require 'json'
|
|
15
|
+
|
|
16
|
+
# Unit tests for IbmCloudIam::IDPManagementApi
|
|
17
|
+
# Automatically generated by openapi-generator (https://openapi-generator.tech)
|
|
18
|
+
# Please update as you see appropriate
|
|
19
|
+
describe 'IDPManagementApi' do
|
|
20
|
+
before do
|
|
21
|
+
# run before each test
|
|
22
|
+
@api_instance = IbmCloudIam::IDPManagementApi.new
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
after do
|
|
26
|
+
# run after each test
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
describe 'test an instance of IDPManagementApi' do
|
|
30
|
+
it 'should create an instance of IDPManagementApi' do
|
|
31
|
+
expect(@api_instance).to be_instance_of(IbmCloudIam::IDPManagementApi)
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
# unit tests for create_idp
|
|
36
|
+
# Create IdP
|
|
37
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Please make sure that the provided token has the required authority for the request.
|
|
38
|
+
# @param create_idp_request Request to create idp
|
|
39
|
+
# @param [Hash] opts the optional parameters
|
|
40
|
+
# @option opts [String] :automation boolean to flag if IdP is created via automation
|
|
41
|
+
# @return [Idp]
|
|
42
|
+
describe 'create_idp test' do
|
|
43
|
+
it 'should work' do
|
|
44
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
# unit tests for delete_idp
|
|
49
|
+
# Delete IdP
|
|
50
|
+
# @param idp_id ID of the IDP
|
|
51
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Please make sure that the provided token has the required authority for the request.
|
|
52
|
+
# @param [Hash] opts the optional parameters
|
|
53
|
+
# @return [nil]
|
|
54
|
+
describe 'delete_idp test' do
|
|
55
|
+
it 'should work' do
|
|
56
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
57
|
+
end
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
# unit tests for export_saml_metadata
|
|
61
|
+
# Export SAML IdP metadata
|
|
62
|
+
# Returns the Service Provider (SP) SAML metadata document for the specified Identity Provider. The generated metadata contains the SP entity ID, signing certificate, supported NameID formats, and Assertion Consumer Service endpoints derived from the Identity Provider configuration.
|
|
63
|
+
# @param idp_id ID of the IDP
|
|
64
|
+
# @param [Hash] opts the optional parameters
|
|
65
|
+
# @option opts [String] :authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Please make sure that the provided token has the required authority for the request.
|
|
66
|
+
# @return [String]
|
|
67
|
+
describe 'export_saml_metadata test' do
|
|
68
|
+
it 'should work' do
|
|
69
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
70
|
+
end
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
# unit tests for get_idp
|
|
74
|
+
# Get IdP
|
|
75
|
+
# @param idp_id ID of the IDP
|
|
76
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Please make sure that the provided token has the required authority for the request.
|
|
77
|
+
# @param [Hash] opts the optional parameters
|
|
78
|
+
# @option opts [String] :include_history include history of the idp
|
|
79
|
+
# @return [Idp]
|
|
80
|
+
describe 'get_idp test' do
|
|
81
|
+
it 'should work' do
|
|
82
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
# unit tests for get_idp_test_result
|
|
87
|
+
# Get IdP test results
|
|
88
|
+
# Get IDP test record.
|
|
89
|
+
# @param idp_id ID of the IDP
|
|
90
|
+
# @param [Hash] opts the optional parameters
|
|
91
|
+
# @option opts [String] :authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Please make sure that the provided token has the required authority for the request.
|
|
92
|
+
# @return [TestResult]
|
|
93
|
+
describe 'get_idp_test_result test' do
|
|
94
|
+
it 'should work' do
|
|
95
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
96
|
+
end
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
# unit tests for import_saml_idp_metadata
|
|
100
|
+
# Import SAML IdP metadata
|
|
101
|
+
# Import a metadata.xml originating from the federated SAML Identity Provider
|
|
102
|
+
# @param idp_id ID of the IDP
|
|
103
|
+
# @param body
|
|
104
|
+
# @param [Hash] opts the optional parameters
|
|
105
|
+
# @option opts [String] :authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Please make sure that the provided token has the required authority for the request.
|
|
106
|
+
# @option opts [Boolean] :parse_only If true, validates and parses the metadata without updating the Identity Provider.
|
|
107
|
+
# @return [SamlMetadataImportResponse]
|
|
108
|
+
describe 'import_saml_idp_metadata test' do
|
|
109
|
+
it 'should work' do
|
|
110
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
111
|
+
end
|
|
112
|
+
end
|
|
113
|
+
|
|
114
|
+
# unit tests for list_consumer_accounts
|
|
115
|
+
# Get consumers of IdP
|
|
116
|
+
# @param idp_id ID of the IDP
|
|
117
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Please make sure that the provided token has the required authority for the request.
|
|
118
|
+
# @param [Hash] opts the optional parameters
|
|
119
|
+
# @return [ConsumersResponse]
|
|
120
|
+
describe 'list_consumer_accounts test' do
|
|
121
|
+
it 'should work' do
|
|
122
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
123
|
+
end
|
|
124
|
+
end
|
|
125
|
+
|
|
126
|
+
# unit tests for list_idps
|
|
127
|
+
# List IdPs
|
|
128
|
+
# @param account_id Account id to query
|
|
129
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Please make sure that the provided token has the required authority for the request.
|
|
130
|
+
# @param [Hash] opts the optional parameters
|
|
131
|
+
# @option opts [String] :include_history include history of the idp
|
|
132
|
+
# @return [ListIdps200Response]
|
|
133
|
+
describe 'list_idps test' do
|
|
134
|
+
it 'should work' do
|
|
135
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
136
|
+
end
|
|
137
|
+
end
|
|
138
|
+
|
|
139
|
+
# unit tests for test_idp
|
|
140
|
+
# Trigger IdP configuration test
|
|
141
|
+
# @param idp_id ID of the IDP
|
|
142
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Please make sure that the provided token has the required authority for the request.
|
|
143
|
+
# @param [Hash] opts the optional parameters
|
|
144
|
+
# @return [TestTriggerResponse]
|
|
145
|
+
describe 'test_idp test' do
|
|
146
|
+
it 'should work' do
|
|
147
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
148
|
+
end
|
|
149
|
+
end
|
|
150
|
+
|
|
151
|
+
# unit tests for update_idp
|
|
152
|
+
# Update IdP
|
|
153
|
+
# @param idp_id ID of the IDP
|
|
154
|
+
# @param if_match Version of the account IdP settings to be updated. Specify the version that you retrieved as entity_tag (ETag header) when reading the account. This value helps identifying parallel usage of this API. Pass * to indicate to update any version available. This might result in stale updates.
|
|
155
|
+
# @param authorization Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Please make sure that the provided token has the required authority for the request.
|
|
156
|
+
# @param update_id_p_request Request to update idp
|
|
157
|
+
# @param [Hash] opts the optional parameters
|
|
158
|
+
# @option opts [Boolean] :force_share_scope_update Enforces sharescope update even if active consumers are removed from the share scope
|
|
159
|
+
# @return [Idp]
|
|
160
|
+
describe 'update_idp test' do
|
|
161
|
+
it 'should work' do
|
|
162
|
+
# assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
|
|
163
|
+
end
|
|
164
|
+
end
|
|
165
|
+
|
|
166
|
+
end
|