ibm_cloud_iam 1.0.2 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +548 -36
- data/docs/APIKeysApi.md +714 -0
- data/docs/AccessGroupCount.md +20 -0
- data/docs/AccountBasedMfaEnrollment.md +24 -0
- data/docs/AccountIdpSettings.md +32 -0
- data/docs/AccountLimitsApi.md +173 -0
- data/docs/AccountLoginSettings.md +18 -0
- data/docs/AccountSettingsApi.md +224 -0
- data/docs/AccountSettingsAssignedTemplatesSection.md +46 -0
- data/docs/AccountSettingsEffectiveSection.md +38 -0
- data/docs/AccountSettingsForIdPApi.md +489 -0
- data/docs/AccountSettingsMeta.md +24 -0
- data/docs/AccountSettingsRequest.md +40 -0
- data/docs/AccountSettingsResponse.md +48 -0
- data/docs/AccountSettingsTemplateApi.md +720 -0
- data/docs/AccountSettingsTemplateAssignmentsApi.md +376 -0
- data/docs/AccountSettingsTemplateList.md +30 -0
- data/docs/AccountSettingsTemplateRequest.md +24 -0
- data/docs/AccountSettingsTemplateResponse.md +44 -0
- data/docs/AccountSettingsUserDomainRestriction.md +22 -0
- data/docs/AccountSettingsUserMFAResponse.md +28 -0
- data/docs/ActionControls.md +22 -0
- data/docs/ActionControlsIdentities.md +20 -0
- data/docs/ActivitiesApi.md +149 -0
- data/docs/Activity.md +20 -0
- data/docs/AddAccountIdpSettingRequest.md +22 -0
- data/docs/ApiKey.md +44 -33
- data/docs/ApiKeyInsideCreateServiceIdRequest.md +18 -13
- data/docs/ApiKeyList.md +20 -19
- data/docs/ApikeyActivity.md +28 -0
- data/docs/ApikeyActivityServiceid.md +20 -0
- data/docs/ApikeyActivityUser.md +24 -0
- data/docs/AssignedTemplatesAccountSettings.md +40 -0
- data/docs/CommonAccountSettingsRequest.md +36 -0
- data/docs/CommonAccountSettingsResponse.md +34 -0
- data/docs/ConsumersResponse.md +20 -0
- data/docs/ConsumersResponseConsumersInner.md +20 -0
- data/docs/CreateApiKeyRequest.md +24 -17
- data/docs/CreateIdpRequest.md +30 -0
- data/docs/CreateIdpRequestProperties.md +20 -0
- data/docs/CreateIdpRequestPropertiesIdp.md +26 -0
- data/docs/CreateIdpRequestPropertiesSp.md +32 -0
- data/docs/CreateIdpRequestPropertiesSpAuthnContext.md +20 -0
- data/docs/CreateIdpRequestSecrets.md +20 -0
- data/docs/CreateIdpRequestSecretsIdp.md +22 -0
- data/docs/CreateIdpRequestSecretsIdpSigningInner.md +20 -0
- data/docs/CreateIdpRequestSecretsSp.md +18 -0
- data/docs/CreateIdpRequestSecretsSpSigningInner.md +24 -0
- data/docs/CreateProfileLinkRequest.md +24 -0
- data/docs/CreateProfileLinkRequestLink.md +26 -0
- data/docs/CreateServiceIdGroupRequest.md +22 -0
- data/docs/CreateServiceIdRequest.md +18 -15
- data/docs/CreateTemplateAssignmentRequest.md +24 -0
- data/docs/CreateTrustedProfileRequest.md +24 -0
- data/docs/EffectiveAccountSettingsResponse.md +26 -0
- data/docs/EnityHistoryRecord.md +18 -17
- data/docs/EntityActivity.md +22 -0
- data/docs/Error.md +14 -13
- data/docs/ExceptionResponse.md +14 -13
- data/docs/ExceptionResponseContext.md +30 -29
- data/docs/IDPManagementApi.md +692 -0
- data/docs/IdBasedMfaEnrollment.md +26 -0
- data/docs/IdentityCount.md +20 -0
- data/docs/IdentityLimitsUsageRequest.md +42 -0
- data/docs/IdentityLimitsUsageResponse.md +44 -0
- data/docs/IdentityLimitsUsageResponseApikeysPerIdentity.md +20 -0
- data/docs/IdentityLimitsUsageResponseClaimRulesPerGroup.md +20 -0
- data/docs/IdentityLimitsUsageResponseClaimRulesPerProfile.md +20 -0
- data/docs/IdentityLimitsUsageResponseServiceidsPerGroup.md +20 -0
- data/docs/IdentityLimitsUsageResponseTemplateVersionsPerTemplate.md +20 -0
- data/docs/IdentityPreferenceResponse.md +28 -0
- data/docs/IdentityPreferencesApi.md +304 -0
- data/docs/IdentityPreferencesResponse.md +18 -0
- data/docs/Idp.md +38 -0
- data/docs/LimitCount.md +20 -0
- data/docs/ListIdPSettings200Response.md +18 -0
- data/docs/ListIdps200Response.md +18 -0
- data/docs/MFAEnrollmentStatusApi.md +216 -0
- data/docs/MFARequirementsResponse.md +12 -11
- data/docs/MfaEnrollmentTypeStatus.md +20 -0
- data/docs/MfaOptions.md +15 -0
- data/docs/OidcExceptionResponse.md +16 -15
- data/docs/PolicyTemplateReference.md +20 -0
- data/docs/ProfileClaimRule.md +36 -0
- data/docs/ProfileClaimRuleConditions.md +22 -0
- data/docs/ProfileClaimRuleList.md +20 -0
- data/docs/ProfileClaimRuleRequest.md +30 -0
- data/docs/ProfileCount.md +20 -0
- data/docs/ProfileIdentitiesResponse.md +20 -0
- data/docs/ProfileIdentitiesUpdateRequest.md +18 -0
- data/docs/ProfileIdentityRequest.md +24 -0
- data/docs/ProfileIdentityResponse.md +26 -0
- data/docs/ProfileLink.md +32 -0
- data/docs/ProfileLinkLink.md +26 -0
- data/docs/ProfileLinkList.md +18 -0
- data/docs/Report.md +34 -0
- data/docs/ReportMfaEnrollmentStatus.md +28 -0
- data/docs/ReportReference.md +18 -0
- data/docs/ResponseContext.md +28 -27
- data/docs/RetrictActions.md +15 -0
- data/docs/SamlMetadataImportResponse.md +42 -0
- data/docs/ServiceIDGroupsApi.md +347 -0
- data/docs/ServiceIDsApi.md +515 -0
- data/docs/ServiceId.md +38 -33
- data/docs/ServiceIdGroup.md +34 -0
- data/docs/ServiceIdGroupCount.md +20 -0
- data/docs/ServiceIdGroupList.md +18 -0
- data/docs/ServiceIdList.md +20 -19
- data/docs/ShareScope.md +20 -0
- data/docs/TemplateAccountSettings.md +40 -0
- data/docs/TemplateAccountSettingsAllOfRestrictUserDomains.md +20 -0
- data/docs/TemplateAssignmentListResponse.md +30 -0
- data/docs/TemplateAssignmentResource.md +18 -0
- data/docs/TemplateAssignmentResourceError.md +24 -0
- data/docs/TemplateAssignmentResponse.md +48 -0
- data/docs/TemplateAssignmentResponseResource.md +24 -0
- data/docs/TemplateAssignmentResponseResourceDetail.md +26 -0
- data/docs/TemplateCount.md +20 -0
- data/docs/TemplateProfileComponentRequest.md +26 -0
- data/docs/TemplateProfileComponentResponse.md +26 -0
- data/docs/TestResult.md +28 -0
- data/docs/TestResultStepsInner.md +24 -0
- data/docs/TestTriggerResponse.md +20 -0
- data/docs/TokenResponse.md +18 -17
- data/docs/TokenRetrievalApi.md +461 -0
- data/docs/TrustedProfile.md +50 -0
- data/docs/TrustedProfileTemplateApi.md +720 -0
- data/docs/TrustedProfileTemplateAssignmentsApi.md +376 -0
- data/docs/TrustedProfileTemplateClaimRule.md +26 -0
- data/docs/TrustedProfileTemplateList.md +30 -0
- data/docs/TrustedProfileTemplateRequest.md +28 -0
- data/docs/TrustedProfileTemplateResponse.md +48 -0
- data/docs/TrustedProfilesApi.md +1414 -0
- data/docs/TrustedProfilesList.md +30 -0
- data/docs/UpdateAccountIdpSettingRequest.md +22 -0
- data/docs/UpdateAccountLoginSettings.md +18 -0
- data/docs/UpdateApiKeyRequest.md +16 -9
- data/docs/UpdateIdPRequest.md +28 -0
- data/docs/UpdateIdPRequestProperties.md +20 -0
- data/docs/UpdateIdPRequestPropertiesIdp.md +24 -0
- data/docs/UpdateIdPRequestSecrets.md +20 -0
- data/docs/UpdateIdPRequestSecretsIdp.md +20 -0
- data/docs/UpdatePreferenceRequest.md +20 -0
- data/docs/UpdateServiceIdGroupRequest.md +20 -0
- data/docs/UpdateServiceIdRequest.md +12 -11
- data/docs/UpdateTemplateAssignmentRequest.md +18 -0
- data/docs/UpdateTrustedProfileRequest.md +22 -0
- data/docs/UserActivity.md +26 -0
- data/docs/UserMFAResolved.md +24 -0
- data/docs/UserMfa.md +20 -0
- data/docs/UserMfaEnrollments.md +24 -0
- data/docs/UserReportMfaEnrollmentStatus.md +30 -0
- data/docs/UserVisbilityRetrictActions.md +15 -0
- data/docs/UserVisbilityRetrictActionsForTemplate.md +15 -0
- data/git_push.sh +3 -4
- data/ibm_cloud_iam.gemspec +6 -6
- data/lib/ibm_cloud_iam/api/account_limits_api.rb +208 -0
- data/lib/ibm_cloud_iam/api/account_settings_api.rb +262 -0
- data/lib/ibm_cloud_iam/api/account_settings_for_id_p_api.rb +571 -0
- data/lib/ibm_cloud_iam/api/account_settings_template_api.rb +823 -0
- data/lib/ibm_cloud_iam/api/account_settings_template_assignments_api.rb +422 -0
- data/lib/ibm_cloud_iam/api/activities_api.rb +174 -0
- data/lib/ibm_cloud_iam/api/api_keys_api.rb +786 -0
- data/lib/ibm_cloud_iam/api/identity_preferences_api.rb +357 -0
- data/lib/ibm_cloud_iam/api/idp_management_api.rb +744 -0
- data/lib/ibm_cloud_iam/api/mfa_enrollment_status_api.rb +248 -0
- data/lib/ibm_cloud_iam/api/service_id_groups_api.rb +392 -0
- data/lib/ibm_cloud_iam/api/service_ids_api.rb +575 -0
- data/lib/ibm_cloud_iam/api/token_retrieval_api.rb +557 -0
- data/lib/ibm_cloud_iam/api/trusted_profile_template_api.rb +823 -0
- data/lib/ibm_cloud_iam/api/trusted_profile_template_assignments_api.rb +422 -0
- data/lib/ibm_cloud_iam/api/trusted_profiles_api.rb +1630 -0
- data/lib/ibm_cloud_iam/api_client.rb +74 -65
- data/lib/ibm_cloud_iam/api_error.rb +4 -3
- data/lib/ibm_cloud_iam/api_model_base.rb +88 -0
- data/lib/ibm_cloud_iam/configuration.rb +75 -15
- data/lib/ibm_cloud_iam/models/access_group_count.rb +159 -0
- data/lib/ibm_cloud_iam/models/account_based_mfa_enrollment.rb +243 -0
- data/lib/ibm_cloud_iam/models/account_idp_settings.rb +244 -0
- data/lib/ibm_cloud_iam/models/account_login_settings.rb +147 -0
- data/lib/ibm_cloud_iam/models/account_settings_assigned_templates_section.rb +377 -0
- data/lib/ibm_cloud_iam/models/account_settings_effective_section.rb +282 -0
- data/lib/ibm_cloud_iam/models/account_settings_meta.rb +179 -0
- data/lib/ibm_cloud_iam/models/account_settings_request.rb +301 -0
- data/lib/ibm_cloud_iam/models/account_settings_response.rb +567 -0
- data/lib/ibm_cloud_iam/models/account_settings_template_list.rb +256 -0
- data/lib/ibm_cloud_iam/models/account_settings_template_request.rb +178 -0
- data/lib/ibm_cloud_iam/models/account_settings_template_response.rb +416 -0
- data/lib/ibm_cloud_iam/models/account_settings_user_domain_restriction.rb +188 -0
- data/lib/ibm_cloud_iam/models/account_settings_user_mfa_response.rb +261 -0
- data/lib/ibm_cloud_iam/models/action_controls.rb +199 -0
- data/lib/ibm_cloud_iam/models/action_controls_identities.rb +190 -0
- data/lib/ibm_cloud_iam/models/activity.rb +175 -0
- data/lib/ibm_cloud_iam/models/add_account_idp_setting_request.rb +243 -0
- data/lib/ibm_cloud_iam/models/api_key.rb +188 -104
- data/lib/ibm_cloud_iam/models/api_key_inside_create_service_id_request.rb +70 -99
- data/lib/ibm_cloud_iam/models/api_key_list.rb +46 -95
- data/lib/ibm_cloud_iam/models/apikey_activity.rb +231 -0
- data/lib/ibm_cloud_iam/models/apikey_activity_serviceid.rb +159 -0
- data/lib/ibm_cloud_iam/models/apikey_activity_user.rb +179 -0
- data/lib/ibm_cloud_iam/models/assigned_templates_account_settings.rb +296 -0
- data/lib/ibm_cloud_iam/models/common_account_settings_request.rb +272 -0
- data/lib/ibm_cloud_iam/models/common_account_settings_response.rb +260 -0
- data/lib/ibm_cloud_iam/models/consumers_response.rb +158 -0
- data/lib/ibm_cloud_iam/models/consumers_response_consumers_inner.rb +158 -0
- data/lib/ibm_cloud_iam/models/create_api_key_request.rb +92 -99
- data/lib/ibm_cloud_iam/models/create_idp_request.rb +283 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_properties.rb +157 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_properties_idp.rb +189 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp.rb +222 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp_authn_context.rb +163 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_secrets.rb +157 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp.rb +173 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp_signing_inner.rb +192 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp.rb +151 -0
- data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp_signing_inner.rb +212 -0
- data/lib/ibm_cloud_iam/models/create_profile_link_request.rb +211 -0
- data/lib/ibm_cloud_iam/models/create_profile_link_request_link.rb +206 -0
- data/lib/ibm_cloud_iam/models/create_service_id_group_request.rb +203 -0
- data/lib/ibm_cloud_iam/models/create_service_id_request.rb +68 -95
- data/lib/ibm_cloud_iam/models/create_template_assignment_request.rb +280 -0
- data/lib/ibm_cloud_iam/models/create_trusted_profile_request.rb +213 -0
- data/lib/ibm_cloud_iam/models/effective_account_settings_response.rb +239 -0
- data/lib/ibm_cloud_iam/models/enity_history_record.rb +112 -101
- data/lib/ibm_cloud_iam/models/entity_activity.rb +185 -0
- data/lib/ibm_cloud_iam/models/error.rb +69 -94
- data/lib/ibm_cloud_iam/models/exception_response.rb +57 -94
- data/lib/ibm_cloud_iam/models/exception_response_context.rb +33 -94
- data/lib/ibm_cloud_iam/models/id_based_mfa_enrollment.rb +270 -0
- data/lib/ibm_cloud_iam/models/identity_count.rb +159 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_request.rb +283 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_response.rb +265 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_response_apikeys_per_identity.rb +178 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_group.rb +178 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_profile.rb +178 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_response_serviceids_per_group.rb +178 -0
- data/lib/ibm_cloud_iam/models/identity_limits_usage_response_template_versions_per_template.rb +178 -0
- data/lib/ibm_cloud_iam/models/identity_preference_response.rb +200 -0
- data/lib/ibm_cloud_iam/models/identity_preferences_response.rb +167 -0
- data/lib/ibm_cloud_iam/models/idp.rb +239 -0
- data/lib/ibm_cloud_iam/models/limit_count.rb +176 -0
- data/lib/ibm_cloud_iam/models/list_id_p_settings200_response.rb +149 -0
- data/lib/ibm_cloud_iam/models/list_idps200_response.rb +149 -0
- data/lib/ibm_cloud_iam/models/mfa_enrollment_type_status.rb +192 -0
- data/lib/ibm_cloud_iam/models/mfa_options.rb +45 -0
- data/lib/ibm_cloud_iam/models/mfa_requirements_response.rb +69 -94
- data/lib/ibm_cloud_iam/models/oidc_exception_response.rb +57 -94
- data/lib/ibm_cloud_iam/models/policy_template_reference.rb +193 -0
- data/lib/ibm_cloud_iam/models/profile_claim_rule.rb +342 -0
- data/lib/ibm_cloud_iam/models/profile_claim_rule_conditions.rb +219 -0
- data/lib/ibm_cloud_iam/models/profile_claim_rule_list.rb +176 -0
- data/lib/ibm_cloud_iam/models/profile_claim_rule_request.rb +243 -0
- data/lib/ibm_cloud_iam/models/profile_count.rb +159 -0
- data/lib/ibm_cloud_iam/models/profile_identities_response.rb +160 -0
- data/lib/ibm_cloud_iam/models/profile_identities_update_request.rb +150 -0
- data/lib/ibm_cloud_iam/models/profile_identity_request.rb +238 -0
- data/lib/ibm_cloud_iam/models/profile_identity_response.rb +265 -0
- data/lib/ibm_cloud_iam/models/profile_link.rb +320 -0
- data/lib/ibm_cloud_iam/models/profile_link_link.rb +188 -0
- data/lib/ibm_cloud_iam/models/profile_link_list.rb +167 -0
- data/lib/ibm_cloud_iam/models/report.rb +321 -0
- data/lib/ibm_cloud_iam/models/report_mfa_enrollment_status.rb +268 -0
- data/lib/ibm_cloud_iam/models/report_reference.rb +165 -0
- data/lib/ibm_cloud_iam/models/response_context.rb +33 -94
- data/lib/ibm_cloud_iam/models/retrict_actions.rb +41 -0
- data/lib/ibm_cloud_iam/models/saml_metadata_import_response.rb +494 -0
- data/lib/ibm_cloud_iam/models/service_id.rb +184 -108
- data/lib/ibm_cloud_iam/models/service_id_group.rb +313 -0
- data/lib/ibm_cloud_iam/models/service_id_group_count.rb +159 -0
- data/lib/ibm_cloud_iam/models/service_id_group_list.rb +167 -0
- data/lib/ibm_cloud_iam/models/service_id_list.rb +47 -96
- data/lib/ibm_cloud_iam/models/share_scope.rb +190 -0
- data/lib/ibm_cloud_iam/models/template_account_settings.rb +296 -0
- data/lib/ibm_cloud_iam/models/template_account_settings_all_of_restrict_user_domains.rb +159 -0
- data/lib/ibm_cloud_iam/models/template_assignment_list_response.rb +227 -0
- data/lib/ibm_cloud_iam/models/template_assignment_resource.rb +149 -0
- data/lib/ibm_cloud_iam/models/template_assignment_resource_error.rb +179 -0
- data/lib/ibm_cloud_iam/models/template_assignment_response.rb +506 -0
- data/lib/ibm_cloud_iam/models/template_assignment_response_resource.rb +196 -0
- data/lib/ibm_cloud_iam/models/template_assignment_response_resource_detail.rb +203 -0
- data/lib/ibm_cloud_iam/models/template_count.rb +159 -0
- data/lib/ibm_cloud_iam/models/template_profile_component_request.rb +210 -0
- data/lib/ibm_cloud_iam/models/template_profile_component_response.rb +210 -0
- data/lib/ibm_cloud_iam/models/test_result.rb +194 -0
- data/lib/ibm_cloud_iam/models/test_result_steps_inner.rb +174 -0
- data/lib/ibm_cloud_iam/models/test_trigger_response.rb +156 -0
- data/lib/ibm_cloud_iam/models/token_response.rb +34 -105
- data/lib/ibm_cloud_iam/models/trusted_profile.rb +411 -0
- data/lib/ibm_cloud_iam/models/trusted_profile_template_claim_rule.rb +248 -0
- data/lib/ibm_cloud_iam/models/trusted_profile_template_list.rb +256 -0
- data/lib/ibm_cloud_iam/models/trusted_profile_template_request.rb +199 -0
- data/lib/ibm_cloud_iam/models/trusted_profile_template_response.rb +369 -0
- data/lib/ibm_cloud_iam/models/trusted_profiles_list.rb +227 -0
- data/lib/ibm_cloud_iam/models/update_account_idp_setting_request.rb +202 -0
- data/lib/ibm_cloud_iam/models/update_account_login_settings.rb +148 -0
- data/lib/ibm_cloud_iam/models/update_api_key_request.rb +68 -99
- data/lib/ibm_cloud_iam/models/update_id_p_request.rb +198 -0
- data/lib/ibm_cloud_iam/models/update_id_p_request_properties.rb +157 -0
- data/lib/ibm_cloud_iam/models/update_id_p_request_properties_idp.rb +179 -0
- data/lib/ibm_cloud_iam/models/update_id_p_request_secrets.rb +157 -0
- data/lib/ibm_cloud_iam/models/update_id_p_request_secrets_idp.rb +163 -0
- data/lib/ibm_cloud_iam/models/update_preference_request.rb +161 -0
- data/lib/ibm_cloud_iam/models/update_service_id_group_request.rb +176 -0
- data/lib/ibm_cloud_iam/models/update_service_id_request.rb +34 -95
- data/lib/ibm_cloud_iam/models/update_template_assignment_request.rb +175 -0
- data/lib/ibm_cloud_iam/models/update_trusted_profile_request.rb +169 -0
- data/lib/ibm_cloud_iam/models/user_activity.rb +222 -0
- data/lib/ibm_cloud_iam/models/user_mfa.rb +179 -0
- data/lib/ibm_cloud_iam/models/user_mfa_enrollments.rb +193 -0
- data/lib/ibm_cloud_iam/models/user_mfa_resolved.rb +178 -0
- data/lib/ibm_cloud_iam/models/user_report_mfa_enrollment_status.rb +291 -0
- data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions.rb +40 -0
- data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions_for_template.rb +41 -0
- data/lib/ibm_cloud_iam/version.rb +4 -4
- data/lib/ibm_cloud_iam.rb +140 -9
- data/spec/api/account_limits_api_spec.rb +75 -0
- data/spec/api/account_settings_api_spec.rb +80 -0
- data/spec/api/account_settings_for_id_p_api_spec.rb +132 -0
- data/spec/api/account_settings_template_api_spec.rb +184 -0
- data/spec/api/account_settings_template_assignments_api_spec.rb +112 -0
- data/spec/api/activities_api_spec.rb +64 -0
- data/spec/api/api_keys_api_spec.rb +182 -0
- data/spec/api/identity_preferences_api_spec.rb +98 -0
- data/spec/api/idp_management_api_spec.rb +166 -0
- data/spec/api/mfa_enrollment_status_api_spec.rb +77 -0
- data/spec/api/service_id_groups_api_spec.rb +102 -0
- data/spec/api/service_ids_api_spec.rb +143 -0
- data/spec/api/token_retrieval_api_spec.rb +134 -0
- data/spec/api/trusted_profile_template_api_spec.rb +184 -0
- data/spec/api/trusted_profile_template_assignments_api_spec.rb +112 -0
- data/spec/api/trusted_profiles_api_spec.rb +328 -0
- data/spec/models/access_group_count_spec.rb +42 -0
- data/spec/models/account_based_mfa_enrollment_spec.rb +54 -0
- data/spec/models/account_idp_settings_spec.rb +82 -0
- data/spec/models/account_login_settings_spec.rb +36 -0
- data/spec/models/account_settings_assigned_templates_section_spec.rb +120 -0
- data/spec/models/account_settings_effective_section_spec.rb +96 -0
- data/spec/models/account_settings_meta_spec.rb +54 -0
- data/spec/models/account_settings_request_spec.rb +102 -0
- data/spec/models/account_settings_response_spec.rb +126 -0
- data/spec/models/account_settings_template_list_spec.rb +72 -0
- data/spec/models/account_settings_template_request_spec.rb +54 -0
- data/spec/models/account_settings_template_response_spec.rb +114 -0
- data/spec/models/account_settings_user_domain_restriction_spec.rb +48 -0
- data/spec/models/account_settings_user_mfa_response_spec.rb +66 -0
- data/spec/models/action_controls_identities_spec.rb +42 -0
- data/spec/models/action_controls_spec.rb +48 -0
- data/spec/models/activity_spec.rb +42 -0
- data/spec/models/add_account_idp_setting_request_spec.rb +52 -0
- data/spec/models/api_key_inside_create_service_id_request_spec.rb +24 -17
- data/spec/models/api_key_list_spec.rb +15 -20
- data/spec/models/api_key_spec.rb +52 -27
- data/spec/models/apikey_activity_serviceid_spec.rb +42 -0
- data/spec/models/apikey_activity_spec.rb +66 -0
- data/spec/models/apikey_activity_user_spec.rb +54 -0
- data/spec/models/assigned_templates_account_settings_spec.rb +102 -0
- data/spec/models/common_account_settings_request_spec.rb +90 -0
- data/spec/models/common_account_settings_response_spec.rb +84 -0
- data/spec/models/consumers_response_consumers_inner_spec.rb +42 -0
- data/spec/models/consumers_response_spec.rb +42 -0
- data/spec/models/create_api_key_request_spec.rb +32 -19
- data/spec/models/create_idp_request_properties_idp_spec.rb +60 -0
- data/spec/models/create_idp_request_properties_sp_authn_context_spec.rb +42 -0
- data/spec/models/create_idp_request_properties_sp_spec.rb +78 -0
- data/spec/models/create_idp_request_properties_spec.rb +42 -0
- data/spec/models/create_idp_request_secrets_idp_signing_inner_spec.rb +46 -0
- data/spec/models/create_idp_request_secrets_idp_spec.rb +48 -0
- data/spec/models/create_idp_request_secrets_sp_signing_inner_spec.rb +58 -0
- data/spec/models/create_idp_request_secrets_sp_spec.rb +36 -0
- data/spec/models/create_idp_request_secrets_spec.rb +42 -0
- data/spec/models/create_idp_request_spec.rb +76 -0
- data/spec/models/create_profile_link_request_link_spec.rb +60 -0
- data/spec/models/create_profile_link_request_spec.rb +54 -0
- data/spec/models/create_service_id_group_request_spec.rb +48 -0
- data/spec/models/create_service_id_request_spec.rb +19 -18
- data/spec/models/create_template_assignment_request_spec.rb +58 -0
- data/spec/models/create_trusted_profile_request_spec.rb +54 -0
- data/spec/models/effective_account_settings_response_spec.rb +60 -0
- data/spec/models/enity_history_record_spec.rb +14 -19
- data/spec/models/entity_activity_spec.rb +48 -0
- data/spec/models/error_spec.rb +12 -17
- data/spec/models/exception_response_context_spec.rb +20 -25
- data/spec/models/exception_response_spec.rb +12 -17
- data/spec/models/id_based_mfa_enrollment_spec.rb +64 -0
- data/spec/models/identity_count_spec.rb +42 -0
- data/spec/models/identity_limits_usage_request_spec.rb +108 -0
- data/spec/models/identity_limits_usage_response_apikeys_per_identity_spec.rb +42 -0
- data/spec/models/identity_limits_usage_response_claim_rules_per_group_spec.rb +42 -0
- data/spec/models/identity_limits_usage_response_claim_rules_per_profile_spec.rb +42 -0
- data/spec/models/identity_limits_usage_response_serviceids_per_group_spec.rb +42 -0
- data/spec/models/identity_limits_usage_response_spec.rb +114 -0
- data/spec/models/identity_limits_usage_response_template_versions_per_template_spec.rb +42 -0
- data/spec/models/identity_preference_response_spec.rb +66 -0
- data/spec/models/identity_preferences_response_spec.rb +36 -0
- data/spec/models/idp_spec.rb +96 -0
- data/spec/models/limit_count_spec.rb +42 -0
- data/spec/models/list_id_p_settings200_response_spec.rb +36 -0
- data/spec/models/list_idps200_response_spec.rb +36 -0
- data/spec/models/mfa_enrollment_type_status_spec.rb +42 -0
- data/spec/models/mfa_options_spec.rb +30 -0
- data/spec/models/mfa_requirements_response_spec.rb +11 -16
- data/spec/models/oidc_exception_response_spec.rb +13 -18
- data/spec/models/policy_template_reference_spec.rb +42 -0
- data/spec/models/profile_claim_rule_conditions_spec.rb +48 -0
- data/spec/models/profile_claim_rule_list_spec.rb +42 -0
- data/spec/models/profile_claim_rule_request_spec.rb +72 -0
- data/spec/models/profile_claim_rule_spec.rb +90 -0
- data/spec/models/profile_count_spec.rb +42 -0
- data/spec/models/profile_identities_response_spec.rb +42 -0
- data/spec/models/profile_identities_update_request_spec.rb +36 -0
- data/spec/models/profile_identity_request_spec.rb +58 -0
- data/spec/models/profile_identity_response_spec.rb +64 -0
- data/spec/models/profile_link_link_spec.rb +60 -0
- data/spec/models/profile_link_list_spec.rb +36 -0
- data/spec/models/profile_link_spec.rb +78 -0
- data/spec/models/report_mfa_enrollment_status_spec.rb +66 -0
- data/spec/models/report_reference_spec.rb +36 -0
- data/spec/models/report_spec.rb +84 -0
- data/spec/models/response_context_spec.rb +19 -24
- data/spec/models/retrict_actions_spec.rb +30 -0
- data/spec/models/saml_metadata_import_response_spec.rb +112 -0
- data/spec/models/service_id_group_count_spec.rb +42 -0
- data/spec/models/service_id_group_list_spec.rb +36 -0
- data/spec/models/service_id_group_spec.rb +84 -0
- data/spec/models/service_id_list_spec.rb +15 -20
- data/spec/models/service_id_spec.rb +34 -27
- data/spec/models/share_scope_spec.rb +46 -0
- data/spec/models/template_account_settings_all_of_restrict_user_domains_spec.rb +42 -0
- data/spec/models/template_account_settings_spec.rb +102 -0
- data/spec/models/template_assignment_list_response_spec.rb +72 -0
- data/spec/models/template_assignment_resource_error_spec.rb +54 -0
- data/spec/models/template_assignment_resource_spec.rb +36 -0
- data/spec/models/template_assignment_response_resource_detail_spec.rb +60 -0
- data/spec/models/template_assignment_response_resource_spec.rb +54 -0
- data/spec/models/template_assignment_response_spec.rb +126 -0
- data/spec/models/template_count_spec.rb +42 -0
- data/spec/models/template_profile_component_request_spec.rb +60 -0
- data/spec/models/template_profile_component_response_spec.rb +60 -0
- data/spec/models/test_result_spec.rb +66 -0
- data/spec/models/test_result_steps_inner_spec.rb +54 -0
- data/spec/models/test_trigger_response_spec.rb +42 -0
- data/spec/models/token_response_spec.rb +14 -19
- data/spec/models/trusted_profile_spec.rb +132 -0
- data/spec/models/trusted_profile_template_claim_rule_spec.rb +64 -0
- data/spec/models/trusted_profile_template_list_spec.rb +72 -0
- data/spec/models/trusted_profile_template_request_spec.rb +66 -0
- data/spec/models/trusted_profile_template_response_spec.rb +126 -0
- data/spec/models/trusted_profiles_list_spec.rb +72 -0
- data/spec/models/update_account_idp_setting_request_spec.rb +52 -0
- data/spec/models/update_account_login_settings_spec.rb +36 -0
- data/spec/models/update_api_key_request_spec.rb +28 -15
- data/spec/models/update_id_p_request_properties_idp_spec.rb +54 -0
- data/spec/models/update_id_p_request_properties_spec.rb +42 -0
- data/spec/models/update_id_p_request_secrets_idp_spec.rb +42 -0
- data/spec/models/update_id_p_request_secrets_spec.rb +42 -0
- data/spec/models/update_id_p_request_spec.rb +66 -0
- data/spec/models/update_preference_request_spec.rb +42 -0
- data/spec/models/update_service_id_group_request_spec.rb +42 -0
- data/spec/models/update_service_id_request_spec.rb +11 -16
- data/spec/models/update_template_assignment_request_spec.rb +36 -0
- data/spec/models/update_trusted_profile_request_spec.rb +48 -0
- data/spec/models/user_activity_spec.rb +60 -0
- data/spec/models/user_mfa_enrollments_spec.rb +54 -0
- data/spec/models/user_mfa_resolved_spec.rb +54 -0
- data/spec/models/user_mfa_spec.rb +42 -0
- data/spec/models/user_report_mfa_enrollment_status_spec.rb +72 -0
- data/spec/models/user_visbility_retrict_actions_for_template_spec.rb +30 -0
- data/spec/models/user_visbility_retrict_actions_spec.rb +30 -0
- data/spec/spec_helper.rb +3 -3
- metadata +549 -35
- data/docs/IdentityOperationsApi.md +0 -828
- data/docs/InlineObject.md +0 -19
- data/docs/InlineObject1.md +0 -23
- data/docs/InlineObject2.md +0 -21
- data/docs/InlineObject3.md +0 -25
- data/docs/TokenOperationsApi.md +0 -226
- data/lib/ibm_cloud_iam/api/identity_operations_api.rb +0 -1083
- data/lib/ibm_cloud_iam/api/token_operations_api.rb +0 -351
- data/lib/ibm_cloud_iam/models/inline_object.rb +0 -229
- data/lib/ibm_cloud_iam/models/inline_object1.rb +0 -254
- data/lib/ibm_cloud_iam/models/inline_object2.rb +0 -244
- data/lib/ibm_cloud_iam/models/inline_object3.rb +0 -269
- data/spec/api/identity_operations_api_spec.rb +0 -253
- data/spec/api/token_operations_api_spec.rb +0 -94
- data/spec/api_client_spec.rb +0 -226
- data/spec/configuration_spec.rb +0 -42
- data/spec/models/inline_object1_spec.rb +0 -59
- data/spec/models/inline_object2_spec.rb +0 -53
- data/spec/models/inline_object3_spec.rb +0 -65
- data/spec/models/inline_object_spec.rb +0 -47
|
@@ -0,0 +1,461 @@
|
|
|
1
|
+
# IbmCloudIam::TokenRetrievalApi
|
|
2
|
+
|
|
3
|
+
All URIs are relative to *https://iam.cloud.ibm.com*
|
|
4
|
+
|
|
5
|
+
| Method | HTTP request | Description |
|
|
6
|
+
| ------ | ------------ | ----------- |
|
|
7
|
+
| [**get_token_api_key**](TokenRetrievalApi.md#get_token_api_key) | **POST** /identity/token#apikey | Create an IAM access token for a user or service ID using an API key |
|
|
8
|
+
| [**get_token_api_key_delegated_refresh_token**](TokenRetrievalApi.md#get_token_api_key_delegated_refresh_token) | **POST** /identity/token#apikey-delegated-refresh-token | Create an IAM access token and delegated refresh token for a user or service ID |
|
|
9
|
+
| [**get_token_assume**](TokenRetrievalApi.md#get_token_assume) | **POST** /identity/token#assume | Create an IAM access token for a Trusted Profile based on the provided entity. Provided entity can be a identity based token which can be a user token, service id token or a cookie. |
|
|
10
|
+
| [**get_token_cr_token**](TokenRetrievalApi.md#get_token_cr_token) | **POST** /identity/token#cr-token | Create an IAM access token for a Trusted Profile based on the provided Compute Resource token |
|
|
11
|
+
| [**get_token_iam_authz**](TokenRetrievalApi.md#get_token_iam_authz) | **POST** /identity/token#iam-authz | Create an IAM access token based on an authorization policy |
|
|
12
|
+
| [**get_token_password**](TokenRetrievalApi.md#get_token_password) | **POST** /identity/token#password | Create an IAM access token for a user using username / password credentials and an optional account identifier |
|
|
13
|
+
|
|
14
|
+
|
|
15
|
+
## get_token_api_key
|
|
16
|
+
|
|
17
|
+
> <TokenResponse> get_token_api_key(grant_type, apikey, opts)
|
|
18
|
+
|
|
19
|
+
Create an IAM access token for a user or service ID using an API key
|
|
20
|
+
|
|
21
|
+
Creates a non-opaque access token for an API key.
|
|
22
|
+
|
|
23
|
+
### Examples
|
|
24
|
+
|
|
25
|
+
```ruby
|
|
26
|
+
require 'time'
|
|
27
|
+
require 'ibm_cloud_iam'
|
|
28
|
+
|
|
29
|
+
api_instance = IbmCloudIam::TokenRetrievalApi.new
|
|
30
|
+
grant_type = 'grant_type_example' # String | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:apikey`.
|
|
31
|
+
apikey = 'apikey_example' # String | The value of the api key.
|
|
32
|
+
opts = {
|
|
33
|
+
ibm_cloud_tenant: 'ibm_cloud_tenant_example' # String | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the API key can only be created if the account id or enterprise id of the API key is contained in this header.
|
|
34
|
+
}
|
|
35
|
+
|
|
36
|
+
begin
|
|
37
|
+
# Create an IAM access token for a user or service ID using an API key
|
|
38
|
+
result = api_instance.get_token_api_key(grant_type, apikey, opts)
|
|
39
|
+
p result
|
|
40
|
+
rescue IbmCloudIam::ApiError => e
|
|
41
|
+
puts "Error when calling TokenRetrievalApi->get_token_api_key: #{e}"
|
|
42
|
+
end
|
|
43
|
+
```
|
|
44
|
+
|
|
45
|
+
#### Using the get_token_api_key_with_http_info variant
|
|
46
|
+
|
|
47
|
+
This returns an Array which contains the response data, status code and headers.
|
|
48
|
+
|
|
49
|
+
> <Array(<TokenResponse>, Integer, Hash)> get_token_api_key_with_http_info(grant_type, apikey, opts)
|
|
50
|
+
|
|
51
|
+
```ruby
|
|
52
|
+
begin
|
|
53
|
+
# Create an IAM access token for a user or service ID using an API key
|
|
54
|
+
data, status_code, headers = api_instance.get_token_api_key_with_http_info(grant_type, apikey, opts)
|
|
55
|
+
p status_code # => 2xx
|
|
56
|
+
p headers # => { ... }
|
|
57
|
+
p data # => <TokenResponse>
|
|
58
|
+
rescue IbmCloudIam::ApiError => e
|
|
59
|
+
puts "Error when calling TokenRetrievalApi->get_token_api_key_with_http_info: #{e}"
|
|
60
|
+
end
|
|
61
|
+
```
|
|
62
|
+
|
|
63
|
+
### Parameters
|
|
64
|
+
|
|
65
|
+
| Name | Type | Description | Notes |
|
|
66
|
+
| ---- | ---- | ----------- | ----- |
|
|
67
|
+
| **grant_type** | **String** | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:apikey`. | |
|
|
68
|
+
| **apikey** | **String** | The value of the api key. | |
|
|
69
|
+
| **ibm_cloud_tenant** | **String** | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the API key can only be created if the account id or enterprise id of the API key is contained in this header. | [optional] |
|
|
70
|
+
|
|
71
|
+
### Return type
|
|
72
|
+
|
|
73
|
+
[**TokenResponse**](TokenResponse.md)
|
|
74
|
+
|
|
75
|
+
### Authorization
|
|
76
|
+
|
|
77
|
+
No authorization required
|
|
78
|
+
|
|
79
|
+
### HTTP request headers
|
|
80
|
+
|
|
81
|
+
- **Content-Type**: application/x-www-form-urlencoded
|
|
82
|
+
- **Accept**: application/json
|
|
83
|
+
|
|
84
|
+
|
|
85
|
+
## get_token_api_key_delegated_refresh_token
|
|
86
|
+
|
|
87
|
+
> <TokenResponse> get_token_api_key_delegated_refresh_token(grant_type, apikey, response_type, receiver_client_ids, opts)
|
|
88
|
+
|
|
89
|
+
Create an IAM access token and delegated refresh token for a user or service ID
|
|
90
|
+
|
|
91
|
+
Creates a non-opaque access token and a delegated refresh token for an API key.
|
|
92
|
+
|
|
93
|
+
### Examples
|
|
94
|
+
|
|
95
|
+
```ruby
|
|
96
|
+
require 'time'
|
|
97
|
+
require 'ibm_cloud_iam'
|
|
98
|
+
|
|
99
|
+
api_instance = IbmCloudIam::TokenRetrievalApi.new
|
|
100
|
+
grant_type = 'grant_type_example' # String | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:apikey`.
|
|
101
|
+
apikey = 'apikey_example' # String | The value of the API key.
|
|
102
|
+
response_type = 'response_type_example' # String | Either 'delegated_refresh_token' to receive a delegated refresh token only, or 'cloud_iam delegated_refresh_token' to receive both an IAM access token and a delegated refresh token in one API call.
|
|
103
|
+
receiver_client_ids = 'receiver_client_ids_example' # String | A comma separated list of one or more client IDs that will be able to consume the delegated refresh token. The service that accepts a delegated refresh token as API parameter must expose its client ID to allow this API call. The receiver of the delegated refresh token will be able to use the refresh token until it expires.
|
|
104
|
+
opts = {
|
|
105
|
+
ibm_cloud_tenant: 'ibm_cloud_tenant_example', # String | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the API key can only be created if the account id or enterprise id of the API key is contained in this header.
|
|
106
|
+
delegated_refresh_token_expiry: 56 # Integer | Expiration in seconds until the delegated refresh token must be consumed by the receiver client IDs. After the expiration, no client ID can consume the delegated refresh token, even if the life time of the refresh token inside is still not expired. The default, if not specified, is 518,400 seconds which corresponds to 6 days.
|
|
107
|
+
}
|
|
108
|
+
|
|
109
|
+
begin
|
|
110
|
+
# Create an IAM access token and delegated refresh token for a user or service ID
|
|
111
|
+
result = api_instance.get_token_api_key_delegated_refresh_token(grant_type, apikey, response_type, receiver_client_ids, opts)
|
|
112
|
+
p result
|
|
113
|
+
rescue IbmCloudIam::ApiError => e
|
|
114
|
+
puts "Error when calling TokenRetrievalApi->get_token_api_key_delegated_refresh_token: #{e}"
|
|
115
|
+
end
|
|
116
|
+
```
|
|
117
|
+
|
|
118
|
+
#### Using the get_token_api_key_delegated_refresh_token_with_http_info variant
|
|
119
|
+
|
|
120
|
+
This returns an Array which contains the response data, status code and headers.
|
|
121
|
+
|
|
122
|
+
> <Array(<TokenResponse>, Integer, Hash)> get_token_api_key_delegated_refresh_token_with_http_info(grant_type, apikey, response_type, receiver_client_ids, opts)
|
|
123
|
+
|
|
124
|
+
```ruby
|
|
125
|
+
begin
|
|
126
|
+
# Create an IAM access token and delegated refresh token for a user or service ID
|
|
127
|
+
data, status_code, headers = api_instance.get_token_api_key_delegated_refresh_token_with_http_info(grant_type, apikey, response_type, receiver_client_ids, opts)
|
|
128
|
+
p status_code # => 2xx
|
|
129
|
+
p headers # => { ... }
|
|
130
|
+
p data # => <TokenResponse>
|
|
131
|
+
rescue IbmCloudIam::ApiError => e
|
|
132
|
+
puts "Error when calling TokenRetrievalApi->get_token_api_key_delegated_refresh_token_with_http_info: #{e}"
|
|
133
|
+
end
|
|
134
|
+
```
|
|
135
|
+
|
|
136
|
+
### Parameters
|
|
137
|
+
|
|
138
|
+
| Name | Type | Description | Notes |
|
|
139
|
+
| ---- | ---- | ----------- | ----- |
|
|
140
|
+
| **grant_type** | **String** | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:apikey`. | |
|
|
141
|
+
| **apikey** | **String** | The value of the API key. | |
|
|
142
|
+
| **response_type** | **String** | Either 'delegated_refresh_token' to receive a delegated refresh token only, or 'cloud_iam delegated_refresh_token' to receive both an IAM access token and a delegated refresh token in one API call. | |
|
|
143
|
+
| **receiver_client_ids** | **String** | A comma separated list of one or more client IDs that will be able to consume the delegated refresh token. The service that accepts a delegated refresh token as API parameter must expose its client ID to allow this API call. The receiver of the delegated refresh token will be able to use the refresh token until it expires. | |
|
|
144
|
+
| **ibm_cloud_tenant** | **String** | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the API key can only be created if the account id or enterprise id of the API key is contained in this header. | [optional] |
|
|
145
|
+
| **delegated_refresh_token_expiry** | **Integer** | Expiration in seconds until the delegated refresh token must be consumed by the receiver client IDs. After the expiration, no client ID can consume the delegated refresh token, even if the life time of the refresh token inside is still not expired. The default, if not specified, is 518,400 seconds which corresponds to 6 days. | [optional] |
|
|
146
|
+
|
|
147
|
+
### Return type
|
|
148
|
+
|
|
149
|
+
[**TokenResponse**](TokenResponse.md)
|
|
150
|
+
|
|
151
|
+
### Authorization
|
|
152
|
+
|
|
153
|
+
No authorization required
|
|
154
|
+
|
|
155
|
+
### HTTP request headers
|
|
156
|
+
|
|
157
|
+
- **Content-Type**: application/x-www-form-urlencoded
|
|
158
|
+
- **Accept**: application/json
|
|
159
|
+
|
|
160
|
+
|
|
161
|
+
## get_token_assume
|
|
162
|
+
|
|
163
|
+
> <TokenResponse> get_token_assume(grant_type, opts)
|
|
164
|
+
|
|
165
|
+
Create an IAM access token for a Trusted Profile based on the provided entity. Provided entity can be a identity based token which can be a user token, service id token or a cookie.
|
|
166
|
+
|
|
167
|
+
Creates a non-opaque access token for a profile.
|
|
168
|
+
|
|
169
|
+
### Examples
|
|
170
|
+
|
|
171
|
+
```ruby
|
|
172
|
+
require 'time'
|
|
173
|
+
require 'ibm_cloud_iam'
|
|
174
|
+
|
|
175
|
+
api_instance = IbmCloudIam::TokenRetrievalApi.new
|
|
176
|
+
grant_type = 'grant_type_example' # String | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:assume`.
|
|
177
|
+
opts = {
|
|
178
|
+
access_token: 'access_token_example', # String | Pass one of 'access_token', 'refresh_token' or 'cookie' to get a token for the profile. Provided access_token/refresh_token/iam_cookie need to be generated for the user or service id that has trust relationship with the profile. If the profile being assumed must satisfy an MFA requirement for the account, the access_token/refresh_token (...etc) used to assume the profile must meet the same requirement, using the same level MFA or higher.
|
|
179
|
+
refresh_token: 'refresh_token_example', # String | see 'access_token'
|
|
180
|
+
cookie: 'cookie_example', # String | see 'access_token'
|
|
181
|
+
profile_id: 'profile_id_example', # String | Pass one of 'profile_id', 'profile_crn' or 'profile_name' and 'account' to select which profile should be used for this IAM token. If you pass a 'profile_id' or 'profile_crn', then the profile must exist in the same account. If you pass a 'profile_name' then 'account' need to be passed in the request where the profile is looked up based on the account.
|
|
182
|
+
profile_name: 'profile_name_example', # String | see 'profile_id'
|
|
183
|
+
profile_crn: 'profile_crn_example', # String | see 'profile_id'
|
|
184
|
+
account: 'account_example' # String | ID of the account the profile belongs to
|
|
185
|
+
}
|
|
186
|
+
|
|
187
|
+
begin
|
|
188
|
+
# Create an IAM access token for a Trusted Profile based on the provided entity. Provided entity can be a identity based token which can be a user token, service id token or a cookie.
|
|
189
|
+
result = api_instance.get_token_assume(grant_type, opts)
|
|
190
|
+
p result
|
|
191
|
+
rescue IbmCloudIam::ApiError => e
|
|
192
|
+
puts "Error when calling TokenRetrievalApi->get_token_assume: #{e}"
|
|
193
|
+
end
|
|
194
|
+
```
|
|
195
|
+
|
|
196
|
+
#### Using the get_token_assume_with_http_info variant
|
|
197
|
+
|
|
198
|
+
This returns an Array which contains the response data, status code and headers.
|
|
199
|
+
|
|
200
|
+
> <Array(<TokenResponse>, Integer, Hash)> get_token_assume_with_http_info(grant_type, opts)
|
|
201
|
+
|
|
202
|
+
```ruby
|
|
203
|
+
begin
|
|
204
|
+
# Create an IAM access token for a Trusted Profile based on the provided entity. Provided entity can be a identity based token which can be a user token, service id token or a cookie.
|
|
205
|
+
data, status_code, headers = api_instance.get_token_assume_with_http_info(grant_type, opts)
|
|
206
|
+
p status_code # => 2xx
|
|
207
|
+
p headers # => { ... }
|
|
208
|
+
p data # => <TokenResponse>
|
|
209
|
+
rescue IbmCloudIam::ApiError => e
|
|
210
|
+
puts "Error when calling TokenRetrievalApi->get_token_assume_with_http_info: #{e}"
|
|
211
|
+
end
|
|
212
|
+
```
|
|
213
|
+
|
|
214
|
+
### Parameters
|
|
215
|
+
|
|
216
|
+
| Name | Type | Description | Notes |
|
|
217
|
+
| ---- | ---- | ----------- | ----- |
|
|
218
|
+
| **grant_type** | **String** | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:assume`. | |
|
|
219
|
+
| **access_token** | **String** | Pass one of 'access_token', 'refresh_token' or 'cookie' to get a token for the profile. Provided access_token/refresh_token/iam_cookie need to be generated for the user or service id that has trust relationship with the profile. If the profile being assumed must satisfy an MFA requirement for the account, the access_token/refresh_token (...etc) used to assume the profile must meet the same requirement, using the same level MFA or higher. | [optional] |
|
|
220
|
+
| **refresh_token** | **String** | see 'access_token' | [optional] |
|
|
221
|
+
| **cookie** | **String** | see 'access_token' | [optional] |
|
|
222
|
+
| **profile_id** | **String** | Pass one of 'profile_id', 'profile_crn' or 'profile_name' and 'account' to select which profile should be used for this IAM token. If you pass a 'profile_id' or 'profile_crn', then the profile must exist in the same account. If you pass a 'profile_name' then 'account' need to be passed in the request where the profile is looked up based on the account. | [optional] |
|
|
223
|
+
| **profile_name** | **String** | see 'profile_id' | [optional] |
|
|
224
|
+
| **profile_crn** | **String** | see 'profile_id' | [optional] |
|
|
225
|
+
| **account** | **String** | ID of the account the profile belongs to | [optional] |
|
|
226
|
+
|
|
227
|
+
### Return type
|
|
228
|
+
|
|
229
|
+
[**TokenResponse**](TokenResponse.md)
|
|
230
|
+
|
|
231
|
+
### Authorization
|
|
232
|
+
|
|
233
|
+
No authorization required
|
|
234
|
+
|
|
235
|
+
### HTTP request headers
|
|
236
|
+
|
|
237
|
+
- **Content-Type**: application/x-www-form-urlencoded
|
|
238
|
+
- **Accept**: application/json
|
|
239
|
+
|
|
240
|
+
|
|
241
|
+
## get_token_cr_token
|
|
242
|
+
|
|
243
|
+
> <TokenResponse> get_token_cr_token(grant_type, cr_token, opts)
|
|
244
|
+
|
|
245
|
+
Create an IAM access token for a Trusted Profile based on the provided Compute Resource token
|
|
246
|
+
|
|
247
|
+
Creates a non-opaque access token without a refresh token for a Trusted Profile
|
|
248
|
+
|
|
249
|
+
### Examples
|
|
250
|
+
|
|
251
|
+
```ruby
|
|
252
|
+
require 'time'
|
|
253
|
+
require 'ibm_cloud_iam'
|
|
254
|
+
|
|
255
|
+
api_instance = IbmCloudIam::TokenRetrievalApi.new
|
|
256
|
+
grant_type = 'grant_type_example' # String | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:cr-token`.
|
|
257
|
+
cr_token = 'cr_token_example' # String | The value of the Compute Resource token. As this is a JWT token, the string can get very long.
|
|
258
|
+
opts = {
|
|
259
|
+
authorization: 'authorization_example', # String | IBM Services can pass in a Basic Authorization Header representing a client id with a secret. For customers, omit this header parameter. To build a valid Basic Authorization Header, concatenate the client id with a colon and the secret, i.e. `client_id:client_secret`. This sequence must be Base64 encoded, and prefixed with `Basic`, so that a valid Basic Authorization Header would be: `Authorization: Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=`
|
|
260
|
+
ibm_cloud_tenant: 'ibm_cloud_tenant_example', # String | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the Trusted Profile can only be created if the Trusted Profile is part of one of the account ids or enterprise ids provided in this header.
|
|
261
|
+
profile_id: 'profile_id_example', # String | Pass one of 'profile_id', 'profile_name' or 'profile_crn to select which profile should be used for this IAM token. This call can only succeed if you have also linked the Trusted Profile to the Compute Resource, or you have created a Trust Rule from the Trusted Profile to the Compute Resource. If you pass a 'profile_name', then the profile is looked up based on the account_id of the Compute resource. If you pass a 'profile_id' or 'profile_crn', then the profile must exist in the same account like the Compute Resource.
|
|
262
|
+
profile_name: 'profile_name_example', # String | see 'profile_id'
|
|
263
|
+
profile_crn: 'profile_crn_example' # String | see 'profile_id'
|
|
264
|
+
}
|
|
265
|
+
|
|
266
|
+
begin
|
|
267
|
+
# Create an IAM access token for a Trusted Profile based on the provided Compute Resource token
|
|
268
|
+
result = api_instance.get_token_cr_token(grant_type, cr_token, opts)
|
|
269
|
+
p result
|
|
270
|
+
rescue IbmCloudIam::ApiError => e
|
|
271
|
+
puts "Error when calling TokenRetrievalApi->get_token_cr_token: #{e}"
|
|
272
|
+
end
|
|
273
|
+
```
|
|
274
|
+
|
|
275
|
+
#### Using the get_token_cr_token_with_http_info variant
|
|
276
|
+
|
|
277
|
+
This returns an Array which contains the response data, status code and headers.
|
|
278
|
+
|
|
279
|
+
> <Array(<TokenResponse>, Integer, Hash)> get_token_cr_token_with_http_info(grant_type, cr_token, opts)
|
|
280
|
+
|
|
281
|
+
```ruby
|
|
282
|
+
begin
|
|
283
|
+
# Create an IAM access token for a Trusted Profile based on the provided Compute Resource token
|
|
284
|
+
data, status_code, headers = api_instance.get_token_cr_token_with_http_info(grant_type, cr_token, opts)
|
|
285
|
+
p status_code # => 2xx
|
|
286
|
+
p headers # => { ... }
|
|
287
|
+
p data # => <TokenResponse>
|
|
288
|
+
rescue IbmCloudIam::ApiError => e
|
|
289
|
+
puts "Error when calling TokenRetrievalApi->get_token_cr_token_with_http_info: #{e}"
|
|
290
|
+
end
|
|
291
|
+
```
|
|
292
|
+
|
|
293
|
+
### Parameters
|
|
294
|
+
|
|
295
|
+
| Name | Type | Description | Notes |
|
|
296
|
+
| ---- | ---- | ----------- | ----- |
|
|
297
|
+
| **grant_type** | **String** | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:cr-token`. | |
|
|
298
|
+
| **cr_token** | **String** | The value of the Compute Resource token. As this is a JWT token, the string can get very long. | |
|
|
299
|
+
| **authorization** | **String** | IBM Services can pass in a Basic Authorization Header representing a client id with a secret. For customers, omit this header parameter. To build a valid Basic Authorization Header, concatenate the client id with a colon and the secret, i.e. `client_id:client_secret`. This sequence must be Base64 encoded, and prefixed with `Basic`, so that a valid Basic Authorization Header would be: `Authorization: Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=` | [optional] |
|
|
300
|
+
| **ibm_cloud_tenant** | **String** | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the Trusted Profile can only be created if the Trusted Profile is part of one of the account ids or enterprise ids provided in this header. | [optional] |
|
|
301
|
+
| **profile_id** | **String** | Pass one of 'profile_id', 'profile_name' or 'profile_crn to select which profile should be used for this IAM token. This call can only succeed if you have also linked the Trusted Profile to the Compute Resource, or you have created a Trust Rule from the Trusted Profile to the Compute Resource. If you pass a 'profile_name', then the profile is looked up based on the account_id of the Compute resource. If you pass a 'profile_id' or 'profile_crn', then the profile must exist in the same account like the Compute Resource. | [optional] |
|
|
302
|
+
| **profile_name** | **String** | see 'profile_id' | [optional] |
|
|
303
|
+
| **profile_crn** | **String** | see 'profile_id' | [optional] |
|
|
304
|
+
|
|
305
|
+
### Return type
|
|
306
|
+
|
|
307
|
+
[**TokenResponse**](TokenResponse.md)
|
|
308
|
+
|
|
309
|
+
### Authorization
|
|
310
|
+
|
|
311
|
+
No authorization required
|
|
312
|
+
|
|
313
|
+
### HTTP request headers
|
|
314
|
+
|
|
315
|
+
- **Content-Type**: application/x-www-form-urlencoded
|
|
316
|
+
- **Accept**: application/json
|
|
317
|
+
|
|
318
|
+
|
|
319
|
+
## get_token_iam_authz
|
|
320
|
+
|
|
321
|
+
> <TokenResponse> get_token_iam_authz(grant_type, access_token, desired_iam_id)
|
|
322
|
+
|
|
323
|
+
Create an IAM access token based on an authorization policy
|
|
324
|
+
|
|
325
|
+
Creates a non-opaque access token, if an appropriate authorization policy is in place. This kind of IAM access token is typically used for access between services.
|
|
326
|
+
|
|
327
|
+
### Examples
|
|
328
|
+
|
|
329
|
+
```ruby
|
|
330
|
+
require 'time'
|
|
331
|
+
require 'ibm_cloud_iam'
|
|
332
|
+
|
|
333
|
+
api_instance = IbmCloudIam::TokenRetrievalApi.new
|
|
334
|
+
grant_type = 'grant_type_example' # String | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:iam-authz`.
|
|
335
|
+
access_token = 'access_token_example' # String | The IAM access token of the identity that has the appropriate authorization to create an IAM access token for a given resource.
|
|
336
|
+
desired_iam_id = 'desired_iam_id_example' # String | The IAM ID of the IAM access token identity that should be created. The desired_iam_id identifies a resource identity. The IAM ID consists of the prefix crn- and the CRN of the target identity, e.g. crn-crn:v1:bluemix:public:cloud-object-storage:global:a/59bcbfa6ea2f006b4ed7094c1a08dcdd:1a0ec336-f391-4091-a6fb-5e084a4c56f4::.
|
|
337
|
+
|
|
338
|
+
begin
|
|
339
|
+
# Create an IAM access token based on an authorization policy
|
|
340
|
+
result = api_instance.get_token_iam_authz(grant_type, access_token, desired_iam_id)
|
|
341
|
+
p result
|
|
342
|
+
rescue IbmCloudIam::ApiError => e
|
|
343
|
+
puts "Error when calling TokenRetrievalApi->get_token_iam_authz: #{e}"
|
|
344
|
+
end
|
|
345
|
+
```
|
|
346
|
+
|
|
347
|
+
#### Using the get_token_iam_authz_with_http_info variant
|
|
348
|
+
|
|
349
|
+
This returns an Array which contains the response data, status code and headers.
|
|
350
|
+
|
|
351
|
+
> <Array(<TokenResponse>, Integer, Hash)> get_token_iam_authz_with_http_info(grant_type, access_token, desired_iam_id)
|
|
352
|
+
|
|
353
|
+
```ruby
|
|
354
|
+
begin
|
|
355
|
+
# Create an IAM access token based on an authorization policy
|
|
356
|
+
data, status_code, headers = api_instance.get_token_iam_authz_with_http_info(grant_type, access_token, desired_iam_id)
|
|
357
|
+
p status_code # => 2xx
|
|
358
|
+
p headers # => { ... }
|
|
359
|
+
p data # => <TokenResponse>
|
|
360
|
+
rescue IbmCloudIam::ApiError => e
|
|
361
|
+
puts "Error when calling TokenRetrievalApi->get_token_iam_authz_with_http_info: #{e}"
|
|
362
|
+
end
|
|
363
|
+
```
|
|
364
|
+
|
|
365
|
+
### Parameters
|
|
366
|
+
|
|
367
|
+
| Name | Type | Description | Notes |
|
|
368
|
+
| ---- | ---- | ----------- | ----- |
|
|
369
|
+
| **grant_type** | **String** | Grant type for this API call. You must set the grant type to `urn:ibm:params:oauth:grant-type:iam-authz`. | |
|
|
370
|
+
| **access_token** | **String** | The IAM access token of the identity that has the appropriate authorization to create an IAM access token for a given resource. | |
|
|
371
|
+
| **desired_iam_id** | **String** | The IAM ID of the IAM access token identity that should be created. The desired_iam_id identifies a resource identity. The IAM ID consists of the prefix crn- and the CRN of the target identity, e.g. crn-crn:v1:bluemix:public:cloud-object-storage:global:a/59bcbfa6ea2f006b4ed7094c1a08dcdd:1a0ec336-f391-4091-a6fb-5e084a4c56f4::. | |
|
|
372
|
+
|
|
373
|
+
### Return type
|
|
374
|
+
|
|
375
|
+
[**TokenResponse**](TokenResponse.md)
|
|
376
|
+
|
|
377
|
+
### Authorization
|
|
378
|
+
|
|
379
|
+
No authorization required
|
|
380
|
+
|
|
381
|
+
### HTTP request headers
|
|
382
|
+
|
|
383
|
+
- **Content-Type**: application/x-www-form-urlencoded
|
|
384
|
+
- **Accept**: application/json
|
|
385
|
+
|
|
386
|
+
|
|
387
|
+
## get_token_password
|
|
388
|
+
|
|
389
|
+
> <TokenResponse> get_token_password(authorization, grant_type, username, password, opts)
|
|
390
|
+
|
|
391
|
+
Create an IAM access token for a user using username / password credentials and an optional account identifier
|
|
392
|
+
|
|
393
|
+
Creates a non-opaque access token for a username and password. To be able to call IBM Cloud APIs, the token must be made account-specific. For this purpose, also pass the 32 character long identifier for your account in the API call. This API call is possible only for non-federated IBMid users.
|
|
394
|
+
|
|
395
|
+
### Examples
|
|
396
|
+
|
|
397
|
+
```ruby
|
|
398
|
+
require 'time'
|
|
399
|
+
require 'ibm_cloud_iam'
|
|
400
|
+
|
|
401
|
+
api_instance = IbmCloudIam::TokenRetrievalApi.new
|
|
402
|
+
authorization = 'authorization_example' # String | Basic Authorization Header containing a valid client ID and secret. If this header is omitted the request fails with BXNIM0308E: 'No authorization header found'. You can use the client ID and secret that is used by the IBM Cloud CLI: `bx / bx`
|
|
403
|
+
grant_type = 'grant_type_example' # String | Grant type for this API call. You must set the grant type to `password`.
|
|
404
|
+
username = 'username_example' # String | The value of the username.
|
|
405
|
+
password = 'password_example' # String | The value of the password.
|
|
406
|
+
opts = {
|
|
407
|
+
ibm_cloud_tenant: 'ibm_cloud_tenant_example', # String | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the username / password / account combination can only be created if the account id matches the passed account or the account is member of the enterprise id in this header.
|
|
408
|
+
account: 'account_example' # String | The 32 character identifier of the account. Specify this parameter to get an account-specific IAM token. IBM Cloud APIs require that IAM tokens are account-specific.
|
|
409
|
+
}
|
|
410
|
+
|
|
411
|
+
begin
|
|
412
|
+
# Create an IAM access token for a user using username / password credentials and an optional account identifier
|
|
413
|
+
result = api_instance.get_token_password(authorization, grant_type, username, password, opts)
|
|
414
|
+
p result
|
|
415
|
+
rescue IbmCloudIam::ApiError => e
|
|
416
|
+
puts "Error when calling TokenRetrievalApi->get_token_password: #{e}"
|
|
417
|
+
end
|
|
418
|
+
```
|
|
419
|
+
|
|
420
|
+
#### Using the get_token_password_with_http_info variant
|
|
421
|
+
|
|
422
|
+
This returns an Array which contains the response data, status code and headers.
|
|
423
|
+
|
|
424
|
+
> <Array(<TokenResponse>, Integer, Hash)> get_token_password_with_http_info(authorization, grant_type, username, password, opts)
|
|
425
|
+
|
|
426
|
+
```ruby
|
|
427
|
+
begin
|
|
428
|
+
# Create an IAM access token for a user using username / password credentials and an optional account identifier
|
|
429
|
+
data, status_code, headers = api_instance.get_token_password_with_http_info(authorization, grant_type, username, password, opts)
|
|
430
|
+
p status_code # => 2xx
|
|
431
|
+
p headers # => { ... }
|
|
432
|
+
p data # => <TokenResponse>
|
|
433
|
+
rescue IbmCloudIam::ApiError => e
|
|
434
|
+
puts "Error when calling TokenRetrievalApi->get_token_password_with_http_info: #{e}"
|
|
435
|
+
end
|
|
436
|
+
```
|
|
437
|
+
|
|
438
|
+
### Parameters
|
|
439
|
+
|
|
440
|
+
| Name | Type | Description | Notes |
|
|
441
|
+
| ---- | ---- | ----------- | ----- |
|
|
442
|
+
| **authorization** | **String** | Basic Authorization Header containing a valid client ID and secret. If this header is omitted the request fails with BXNIM0308E: 'No authorization header found'. You can use the client ID and secret that is used by the IBM Cloud CLI: `bx / bx` | |
|
|
443
|
+
| **grant_type** | **String** | Grant type for this API call. You must set the grant type to `password`. | |
|
|
444
|
+
| **username** | **String** | The value of the username. | |
|
|
445
|
+
| **password** | **String** | The value of the password. | |
|
|
446
|
+
| **ibm_cloud_tenant** | **String** | A comma separated list of enterprise ids and/or account ids. If present, an IAM token for the username / password / account combination can only be created if the account id matches the passed account or the account is member of the enterprise id in this header. | [optional] |
|
|
447
|
+
| **account** | **String** | The 32 character identifier of the account. Specify this parameter to get an account-specific IAM token. IBM Cloud APIs require that IAM tokens are account-specific. | [optional] |
|
|
448
|
+
|
|
449
|
+
### Return type
|
|
450
|
+
|
|
451
|
+
[**TokenResponse**](TokenResponse.md)
|
|
452
|
+
|
|
453
|
+
### Authorization
|
|
454
|
+
|
|
455
|
+
No authorization required
|
|
456
|
+
|
|
457
|
+
### HTTP request headers
|
|
458
|
+
|
|
459
|
+
- **Content-Type**: application/x-www-form-urlencoded
|
|
460
|
+
- **Accept**: application/json
|
|
461
|
+
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
# IbmCloudIam::TrustedProfile
|
|
2
|
+
|
|
3
|
+
## Properties
|
|
4
|
+
|
|
5
|
+
| Name | Type | Description | Notes |
|
|
6
|
+
| ---- | ---- | ----------- | ----- |
|
|
7
|
+
| **context** | [**ResponseContext**](ResponseContext.md) | | [optional] |
|
|
8
|
+
| **id** | **String** | the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c' | |
|
|
9
|
+
| **entity_tag** | **String** | Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates. | |
|
|
10
|
+
| **crn** | **String** | Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c' | |
|
|
11
|
+
| **name** | **String** | Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account. | |
|
|
12
|
+
| **description** | **String** | The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile. | [optional] |
|
|
13
|
+
| **email** | **String** | The optional email of the trusted profile. The 'email' property is only available if an email was provided during a create of a trusted profile. | [optional] |
|
|
14
|
+
| **created_at** | **Time** | If set contains a date time string of the creation date in ISO format. | [optional] |
|
|
15
|
+
| **modified_at** | **Time** | If set contains a date time string of the last modification date in ISO format. | [optional] |
|
|
16
|
+
| **iam_id** | **String** | The iam_id of this trusted profile. | |
|
|
17
|
+
| **account_id** | **String** | ID of the account that this trusted profile belong to. | |
|
|
18
|
+
| **template_id** | **String** | ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account. | [optional] |
|
|
19
|
+
| **assignment_id** | **String** | ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account. | [optional] |
|
|
20
|
+
| **ims_account_id** | **Integer** | IMS acount ID of the trusted profile | [optional] |
|
|
21
|
+
| **ims_user_id** | **Integer** | IMS user ID of the trusted profile | [optional] |
|
|
22
|
+
| **history** | [**Array<EnityHistoryRecord>**](EnityHistoryRecord.md) | History of the trusted profile. | [optional] |
|
|
23
|
+
| **activity** | [**Activity**](Activity.md) | | [optional] |
|
|
24
|
+
|
|
25
|
+
## Example
|
|
26
|
+
|
|
27
|
+
```ruby
|
|
28
|
+
require 'ibm_cloud_iam'
|
|
29
|
+
|
|
30
|
+
instance = IbmCloudIam::TrustedProfile.new(
|
|
31
|
+
context: null,
|
|
32
|
+
id: null,
|
|
33
|
+
entity_tag: null,
|
|
34
|
+
crn: null,
|
|
35
|
+
name: null,
|
|
36
|
+
description: null,
|
|
37
|
+
email: null,
|
|
38
|
+
created_at: null,
|
|
39
|
+
modified_at: null,
|
|
40
|
+
iam_id: null,
|
|
41
|
+
account_id: null,
|
|
42
|
+
template_id: null,
|
|
43
|
+
assignment_id: null,
|
|
44
|
+
ims_account_id: null,
|
|
45
|
+
ims_user_id: null,
|
|
46
|
+
history: null,
|
|
47
|
+
activity: null
|
|
48
|
+
)
|
|
49
|
+
```
|
|
50
|
+
|