ibm_cloud_iam 1.0.2 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (491) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +548 -36
  3. data/docs/APIKeysApi.md +714 -0
  4. data/docs/AccessGroupCount.md +20 -0
  5. data/docs/AccountBasedMfaEnrollment.md +24 -0
  6. data/docs/AccountIdpSettings.md +32 -0
  7. data/docs/AccountLimitsApi.md +173 -0
  8. data/docs/AccountLoginSettings.md +18 -0
  9. data/docs/AccountSettingsApi.md +224 -0
  10. data/docs/AccountSettingsAssignedTemplatesSection.md +46 -0
  11. data/docs/AccountSettingsEffectiveSection.md +38 -0
  12. data/docs/AccountSettingsForIdPApi.md +489 -0
  13. data/docs/AccountSettingsMeta.md +24 -0
  14. data/docs/AccountSettingsRequest.md +40 -0
  15. data/docs/AccountSettingsResponse.md +48 -0
  16. data/docs/AccountSettingsTemplateApi.md +720 -0
  17. data/docs/AccountSettingsTemplateAssignmentsApi.md +376 -0
  18. data/docs/AccountSettingsTemplateList.md +30 -0
  19. data/docs/AccountSettingsTemplateRequest.md +24 -0
  20. data/docs/AccountSettingsTemplateResponse.md +44 -0
  21. data/docs/AccountSettingsUserDomainRestriction.md +22 -0
  22. data/docs/AccountSettingsUserMFAResponse.md +28 -0
  23. data/docs/ActionControls.md +22 -0
  24. data/docs/ActionControlsIdentities.md +20 -0
  25. data/docs/ActivitiesApi.md +149 -0
  26. data/docs/Activity.md +20 -0
  27. data/docs/AddAccountIdpSettingRequest.md +22 -0
  28. data/docs/ApiKey.md +44 -33
  29. data/docs/ApiKeyInsideCreateServiceIdRequest.md +18 -13
  30. data/docs/ApiKeyList.md +20 -19
  31. data/docs/ApikeyActivity.md +28 -0
  32. data/docs/ApikeyActivityServiceid.md +20 -0
  33. data/docs/ApikeyActivityUser.md +24 -0
  34. data/docs/AssignedTemplatesAccountSettings.md +40 -0
  35. data/docs/CommonAccountSettingsRequest.md +36 -0
  36. data/docs/CommonAccountSettingsResponse.md +34 -0
  37. data/docs/ConsumersResponse.md +20 -0
  38. data/docs/ConsumersResponseConsumersInner.md +20 -0
  39. data/docs/CreateApiKeyRequest.md +24 -17
  40. data/docs/CreateIdpRequest.md +30 -0
  41. data/docs/CreateIdpRequestProperties.md +20 -0
  42. data/docs/CreateIdpRequestPropertiesIdp.md +26 -0
  43. data/docs/CreateIdpRequestPropertiesSp.md +32 -0
  44. data/docs/CreateIdpRequestPropertiesSpAuthnContext.md +20 -0
  45. data/docs/CreateIdpRequestSecrets.md +20 -0
  46. data/docs/CreateIdpRequestSecretsIdp.md +22 -0
  47. data/docs/CreateIdpRequestSecretsIdpSigningInner.md +20 -0
  48. data/docs/CreateIdpRequestSecretsSp.md +18 -0
  49. data/docs/CreateIdpRequestSecretsSpSigningInner.md +24 -0
  50. data/docs/CreateProfileLinkRequest.md +24 -0
  51. data/docs/CreateProfileLinkRequestLink.md +26 -0
  52. data/docs/CreateServiceIdGroupRequest.md +22 -0
  53. data/docs/CreateServiceIdRequest.md +18 -15
  54. data/docs/CreateTemplateAssignmentRequest.md +24 -0
  55. data/docs/CreateTrustedProfileRequest.md +24 -0
  56. data/docs/EffectiveAccountSettingsResponse.md +26 -0
  57. data/docs/EnityHistoryRecord.md +18 -17
  58. data/docs/EntityActivity.md +22 -0
  59. data/docs/Error.md +14 -13
  60. data/docs/ExceptionResponse.md +14 -13
  61. data/docs/ExceptionResponseContext.md +30 -29
  62. data/docs/IDPManagementApi.md +692 -0
  63. data/docs/IdBasedMfaEnrollment.md +26 -0
  64. data/docs/IdentityCount.md +20 -0
  65. data/docs/IdentityLimitsUsageRequest.md +42 -0
  66. data/docs/IdentityLimitsUsageResponse.md +44 -0
  67. data/docs/IdentityLimitsUsageResponseApikeysPerIdentity.md +20 -0
  68. data/docs/IdentityLimitsUsageResponseClaimRulesPerGroup.md +20 -0
  69. data/docs/IdentityLimitsUsageResponseClaimRulesPerProfile.md +20 -0
  70. data/docs/IdentityLimitsUsageResponseServiceidsPerGroup.md +20 -0
  71. data/docs/IdentityLimitsUsageResponseTemplateVersionsPerTemplate.md +20 -0
  72. data/docs/IdentityPreferenceResponse.md +28 -0
  73. data/docs/IdentityPreferencesApi.md +304 -0
  74. data/docs/IdentityPreferencesResponse.md +18 -0
  75. data/docs/Idp.md +38 -0
  76. data/docs/LimitCount.md +20 -0
  77. data/docs/ListIdPSettings200Response.md +18 -0
  78. data/docs/ListIdps200Response.md +18 -0
  79. data/docs/MFAEnrollmentStatusApi.md +216 -0
  80. data/docs/MFARequirementsResponse.md +12 -11
  81. data/docs/MfaEnrollmentTypeStatus.md +20 -0
  82. data/docs/MfaOptions.md +15 -0
  83. data/docs/OidcExceptionResponse.md +16 -15
  84. data/docs/PolicyTemplateReference.md +20 -0
  85. data/docs/ProfileClaimRule.md +36 -0
  86. data/docs/ProfileClaimRuleConditions.md +22 -0
  87. data/docs/ProfileClaimRuleList.md +20 -0
  88. data/docs/ProfileClaimRuleRequest.md +30 -0
  89. data/docs/ProfileCount.md +20 -0
  90. data/docs/ProfileIdentitiesResponse.md +20 -0
  91. data/docs/ProfileIdentitiesUpdateRequest.md +18 -0
  92. data/docs/ProfileIdentityRequest.md +24 -0
  93. data/docs/ProfileIdentityResponse.md +26 -0
  94. data/docs/ProfileLink.md +32 -0
  95. data/docs/ProfileLinkLink.md +26 -0
  96. data/docs/ProfileLinkList.md +18 -0
  97. data/docs/Report.md +34 -0
  98. data/docs/ReportMfaEnrollmentStatus.md +28 -0
  99. data/docs/ReportReference.md +18 -0
  100. data/docs/ResponseContext.md +28 -27
  101. data/docs/RetrictActions.md +15 -0
  102. data/docs/SamlMetadataImportResponse.md +42 -0
  103. data/docs/ServiceIDGroupsApi.md +347 -0
  104. data/docs/ServiceIDsApi.md +515 -0
  105. data/docs/ServiceId.md +38 -33
  106. data/docs/ServiceIdGroup.md +34 -0
  107. data/docs/ServiceIdGroupCount.md +20 -0
  108. data/docs/ServiceIdGroupList.md +18 -0
  109. data/docs/ServiceIdList.md +20 -19
  110. data/docs/ShareScope.md +20 -0
  111. data/docs/TemplateAccountSettings.md +40 -0
  112. data/docs/TemplateAccountSettingsAllOfRestrictUserDomains.md +20 -0
  113. data/docs/TemplateAssignmentListResponse.md +30 -0
  114. data/docs/TemplateAssignmentResource.md +18 -0
  115. data/docs/TemplateAssignmentResourceError.md +24 -0
  116. data/docs/TemplateAssignmentResponse.md +48 -0
  117. data/docs/TemplateAssignmentResponseResource.md +24 -0
  118. data/docs/TemplateAssignmentResponseResourceDetail.md +26 -0
  119. data/docs/TemplateCount.md +20 -0
  120. data/docs/TemplateProfileComponentRequest.md +26 -0
  121. data/docs/TemplateProfileComponentResponse.md +26 -0
  122. data/docs/TestResult.md +28 -0
  123. data/docs/TestResultStepsInner.md +24 -0
  124. data/docs/TestTriggerResponse.md +20 -0
  125. data/docs/TokenResponse.md +18 -17
  126. data/docs/TokenRetrievalApi.md +461 -0
  127. data/docs/TrustedProfile.md +50 -0
  128. data/docs/TrustedProfileTemplateApi.md +720 -0
  129. data/docs/TrustedProfileTemplateAssignmentsApi.md +376 -0
  130. data/docs/TrustedProfileTemplateClaimRule.md +26 -0
  131. data/docs/TrustedProfileTemplateList.md +30 -0
  132. data/docs/TrustedProfileTemplateRequest.md +28 -0
  133. data/docs/TrustedProfileTemplateResponse.md +48 -0
  134. data/docs/TrustedProfilesApi.md +1414 -0
  135. data/docs/TrustedProfilesList.md +30 -0
  136. data/docs/UpdateAccountIdpSettingRequest.md +22 -0
  137. data/docs/UpdateAccountLoginSettings.md +18 -0
  138. data/docs/UpdateApiKeyRequest.md +16 -9
  139. data/docs/UpdateIdPRequest.md +28 -0
  140. data/docs/UpdateIdPRequestProperties.md +20 -0
  141. data/docs/UpdateIdPRequestPropertiesIdp.md +24 -0
  142. data/docs/UpdateIdPRequestSecrets.md +20 -0
  143. data/docs/UpdateIdPRequestSecretsIdp.md +20 -0
  144. data/docs/UpdatePreferenceRequest.md +20 -0
  145. data/docs/UpdateServiceIdGroupRequest.md +20 -0
  146. data/docs/UpdateServiceIdRequest.md +12 -11
  147. data/docs/UpdateTemplateAssignmentRequest.md +18 -0
  148. data/docs/UpdateTrustedProfileRequest.md +22 -0
  149. data/docs/UserActivity.md +26 -0
  150. data/docs/UserMFAResolved.md +24 -0
  151. data/docs/UserMfa.md +20 -0
  152. data/docs/UserMfaEnrollments.md +24 -0
  153. data/docs/UserReportMfaEnrollmentStatus.md +30 -0
  154. data/docs/UserVisbilityRetrictActions.md +15 -0
  155. data/docs/UserVisbilityRetrictActionsForTemplate.md +15 -0
  156. data/git_push.sh +3 -4
  157. data/ibm_cloud_iam.gemspec +6 -6
  158. data/lib/ibm_cloud_iam/api/account_limits_api.rb +208 -0
  159. data/lib/ibm_cloud_iam/api/account_settings_api.rb +262 -0
  160. data/lib/ibm_cloud_iam/api/account_settings_for_id_p_api.rb +571 -0
  161. data/lib/ibm_cloud_iam/api/account_settings_template_api.rb +823 -0
  162. data/lib/ibm_cloud_iam/api/account_settings_template_assignments_api.rb +422 -0
  163. data/lib/ibm_cloud_iam/api/activities_api.rb +174 -0
  164. data/lib/ibm_cloud_iam/api/api_keys_api.rb +786 -0
  165. data/lib/ibm_cloud_iam/api/identity_preferences_api.rb +357 -0
  166. data/lib/ibm_cloud_iam/api/idp_management_api.rb +744 -0
  167. data/lib/ibm_cloud_iam/api/mfa_enrollment_status_api.rb +248 -0
  168. data/lib/ibm_cloud_iam/api/service_id_groups_api.rb +392 -0
  169. data/lib/ibm_cloud_iam/api/service_ids_api.rb +575 -0
  170. data/lib/ibm_cloud_iam/api/token_retrieval_api.rb +557 -0
  171. data/lib/ibm_cloud_iam/api/trusted_profile_template_api.rb +823 -0
  172. data/lib/ibm_cloud_iam/api/trusted_profile_template_assignments_api.rb +422 -0
  173. data/lib/ibm_cloud_iam/api/trusted_profiles_api.rb +1630 -0
  174. data/lib/ibm_cloud_iam/api_client.rb +74 -65
  175. data/lib/ibm_cloud_iam/api_error.rb +4 -3
  176. data/lib/ibm_cloud_iam/api_model_base.rb +88 -0
  177. data/lib/ibm_cloud_iam/configuration.rb +75 -15
  178. data/lib/ibm_cloud_iam/models/access_group_count.rb +159 -0
  179. data/lib/ibm_cloud_iam/models/account_based_mfa_enrollment.rb +243 -0
  180. data/lib/ibm_cloud_iam/models/account_idp_settings.rb +244 -0
  181. data/lib/ibm_cloud_iam/models/account_login_settings.rb +147 -0
  182. data/lib/ibm_cloud_iam/models/account_settings_assigned_templates_section.rb +377 -0
  183. data/lib/ibm_cloud_iam/models/account_settings_effective_section.rb +282 -0
  184. data/lib/ibm_cloud_iam/models/account_settings_meta.rb +179 -0
  185. data/lib/ibm_cloud_iam/models/account_settings_request.rb +301 -0
  186. data/lib/ibm_cloud_iam/models/account_settings_response.rb +567 -0
  187. data/lib/ibm_cloud_iam/models/account_settings_template_list.rb +256 -0
  188. data/lib/ibm_cloud_iam/models/account_settings_template_request.rb +178 -0
  189. data/lib/ibm_cloud_iam/models/account_settings_template_response.rb +416 -0
  190. data/lib/ibm_cloud_iam/models/account_settings_user_domain_restriction.rb +188 -0
  191. data/lib/ibm_cloud_iam/models/account_settings_user_mfa_response.rb +261 -0
  192. data/lib/ibm_cloud_iam/models/action_controls.rb +199 -0
  193. data/lib/ibm_cloud_iam/models/action_controls_identities.rb +190 -0
  194. data/lib/ibm_cloud_iam/models/activity.rb +175 -0
  195. data/lib/ibm_cloud_iam/models/add_account_idp_setting_request.rb +243 -0
  196. data/lib/ibm_cloud_iam/models/api_key.rb +188 -104
  197. data/lib/ibm_cloud_iam/models/api_key_inside_create_service_id_request.rb +70 -99
  198. data/lib/ibm_cloud_iam/models/api_key_list.rb +46 -95
  199. data/lib/ibm_cloud_iam/models/apikey_activity.rb +231 -0
  200. data/lib/ibm_cloud_iam/models/apikey_activity_serviceid.rb +159 -0
  201. data/lib/ibm_cloud_iam/models/apikey_activity_user.rb +179 -0
  202. data/lib/ibm_cloud_iam/models/assigned_templates_account_settings.rb +296 -0
  203. data/lib/ibm_cloud_iam/models/common_account_settings_request.rb +272 -0
  204. data/lib/ibm_cloud_iam/models/common_account_settings_response.rb +260 -0
  205. data/lib/ibm_cloud_iam/models/consumers_response.rb +158 -0
  206. data/lib/ibm_cloud_iam/models/consumers_response_consumers_inner.rb +158 -0
  207. data/lib/ibm_cloud_iam/models/create_api_key_request.rb +92 -99
  208. data/lib/ibm_cloud_iam/models/create_idp_request.rb +283 -0
  209. data/lib/ibm_cloud_iam/models/create_idp_request_properties.rb +157 -0
  210. data/lib/ibm_cloud_iam/models/create_idp_request_properties_idp.rb +189 -0
  211. data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp.rb +222 -0
  212. data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp_authn_context.rb +163 -0
  213. data/lib/ibm_cloud_iam/models/create_idp_request_secrets.rb +157 -0
  214. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp.rb +173 -0
  215. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp_signing_inner.rb +192 -0
  216. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp.rb +151 -0
  217. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp_signing_inner.rb +212 -0
  218. data/lib/ibm_cloud_iam/models/create_profile_link_request.rb +211 -0
  219. data/lib/ibm_cloud_iam/models/create_profile_link_request_link.rb +206 -0
  220. data/lib/ibm_cloud_iam/models/create_service_id_group_request.rb +203 -0
  221. data/lib/ibm_cloud_iam/models/create_service_id_request.rb +68 -95
  222. data/lib/ibm_cloud_iam/models/create_template_assignment_request.rb +280 -0
  223. data/lib/ibm_cloud_iam/models/create_trusted_profile_request.rb +213 -0
  224. data/lib/ibm_cloud_iam/models/effective_account_settings_response.rb +239 -0
  225. data/lib/ibm_cloud_iam/models/enity_history_record.rb +112 -101
  226. data/lib/ibm_cloud_iam/models/entity_activity.rb +185 -0
  227. data/lib/ibm_cloud_iam/models/error.rb +69 -94
  228. data/lib/ibm_cloud_iam/models/exception_response.rb +57 -94
  229. data/lib/ibm_cloud_iam/models/exception_response_context.rb +33 -94
  230. data/lib/ibm_cloud_iam/models/id_based_mfa_enrollment.rb +270 -0
  231. data/lib/ibm_cloud_iam/models/identity_count.rb +159 -0
  232. data/lib/ibm_cloud_iam/models/identity_limits_usage_request.rb +283 -0
  233. data/lib/ibm_cloud_iam/models/identity_limits_usage_response.rb +265 -0
  234. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_apikeys_per_identity.rb +178 -0
  235. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_group.rb +178 -0
  236. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_profile.rb +178 -0
  237. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_serviceids_per_group.rb +178 -0
  238. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_template_versions_per_template.rb +178 -0
  239. data/lib/ibm_cloud_iam/models/identity_preference_response.rb +200 -0
  240. data/lib/ibm_cloud_iam/models/identity_preferences_response.rb +167 -0
  241. data/lib/ibm_cloud_iam/models/idp.rb +239 -0
  242. data/lib/ibm_cloud_iam/models/limit_count.rb +176 -0
  243. data/lib/ibm_cloud_iam/models/list_id_p_settings200_response.rb +149 -0
  244. data/lib/ibm_cloud_iam/models/list_idps200_response.rb +149 -0
  245. data/lib/ibm_cloud_iam/models/mfa_enrollment_type_status.rb +192 -0
  246. data/lib/ibm_cloud_iam/models/mfa_options.rb +45 -0
  247. data/lib/ibm_cloud_iam/models/mfa_requirements_response.rb +69 -94
  248. data/lib/ibm_cloud_iam/models/oidc_exception_response.rb +57 -94
  249. data/lib/ibm_cloud_iam/models/policy_template_reference.rb +193 -0
  250. data/lib/ibm_cloud_iam/models/profile_claim_rule.rb +342 -0
  251. data/lib/ibm_cloud_iam/models/profile_claim_rule_conditions.rb +219 -0
  252. data/lib/ibm_cloud_iam/models/profile_claim_rule_list.rb +176 -0
  253. data/lib/ibm_cloud_iam/models/profile_claim_rule_request.rb +243 -0
  254. data/lib/ibm_cloud_iam/models/profile_count.rb +159 -0
  255. data/lib/ibm_cloud_iam/models/profile_identities_response.rb +160 -0
  256. data/lib/ibm_cloud_iam/models/profile_identities_update_request.rb +150 -0
  257. data/lib/ibm_cloud_iam/models/profile_identity_request.rb +238 -0
  258. data/lib/ibm_cloud_iam/models/profile_identity_response.rb +265 -0
  259. data/lib/ibm_cloud_iam/models/profile_link.rb +320 -0
  260. data/lib/ibm_cloud_iam/models/profile_link_link.rb +188 -0
  261. data/lib/ibm_cloud_iam/models/profile_link_list.rb +167 -0
  262. data/lib/ibm_cloud_iam/models/report.rb +321 -0
  263. data/lib/ibm_cloud_iam/models/report_mfa_enrollment_status.rb +268 -0
  264. data/lib/ibm_cloud_iam/models/report_reference.rb +165 -0
  265. data/lib/ibm_cloud_iam/models/response_context.rb +33 -94
  266. data/lib/ibm_cloud_iam/models/retrict_actions.rb +41 -0
  267. data/lib/ibm_cloud_iam/models/saml_metadata_import_response.rb +494 -0
  268. data/lib/ibm_cloud_iam/models/service_id.rb +184 -108
  269. data/lib/ibm_cloud_iam/models/service_id_group.rb +313 -0
  270. data/lib/ibm_cloud_iam/models/service_id_group_count.rb +159 -0
  271. data/lib/ibm_cloud_iam/models/service_id_group_list.rb +167 -0
  272. data/lib/ibm_cloud_iam/models/service_id_list.rb +47 -96
  273. data/lib/ibm_cloud_iam/models/share_scope.rb +190 -0
  274. data/lib/ibm_cloud_iam/models/template_account_settings.rb +296 -0
  275. data/lib/ibm_cloud_iam/models/template_account_settings_all_of_restrict_user_domains.rb +159 -0
  276. data/lib/ibm_cloud_iam/models/template_assignment_list_response.rb +227 -0
  277. data/lib/ibm_cloud_iam/models/template_assignment_resource.rb +149 -0
  278. data/lib/ibm_cloud_iam/models/template_assignment_resource_error.rb +179 -0
  279. data/lib/ibm_cloud_iam/models/template_assignment_response.rb +506 -0
  280. data/lib/ibm_cloud_iam/models/template_assignment_response_resource.rb +196 -0
  281. data/lib/ibm_cloud_iam/models/template_assignment_response_resource_detail.rb +203 -0
  282. data/lib/ibm_cloud_iam/models/template_count.rb +159 -0
  283. data/lib/ibm_cloud_iam/models/template_profile_component_request.rb +210 -0
  284. data/lib/ibm_cloud_iam/models/template_profile_component_response.rb +210 -0
  285. data/lib/ibm_cloud_iam/models/test_result.rb +194 -0
  286. data/lib/ibm_cloud_iam/models/test_result_steps_inner.rb +174 -0
  287. data/lib/ibm_cloud_iam/models/test_trigger_response.rb +156 -0
  288. data/lib/ibm_cloud_iam/models/token_response.rb +34 -105
  289. data/lib/ibm_cloud_iam/models/trusted_profile.rb +411 -0
  290. data/lib/ibm_cloud_iam/models/trusted_profile_template_claim_rule.rb +248 -0
  291. data/lib/ibm_cloud_iam/models/trusted_profile_template_list.rb +256 -0
  292. data/lib/ibm_cloud_iam/models/trusted_profile_template_request.rb +199 -0
  293. data/lib/ibm_cloud_iam/models/trusted_profile_template_response.rb +369 -0
  294. data/lib/ibm_cloud_iam/models/trusted_profiles_list.rb +227 -0
  295. data/lib/ibm_cloud_iam/models/update_account_idp_setting_request.rb +202 -0
  296. data/lib/ibm_cloud_iam/models/update_account_login_settings.rb +148 -0
  297. data/lib/ibm_cloud_iam/models/update_api_key_request.rb +68 -99
  298. data/lib/ibm_cloud_iam/models/update_id_p_request.rb +198 -0
  299. data/lib/ibm_cloud_iam/models/update_id_p_request_properties.rb +157 -0
  300. data/lib/ibm_cloud_iam/models/update_id_p_request_properties_idp.rb +179 -0
  301. data/lib/ibm_cloud_iam/models/update_id_p_request_secrets.rb +157 -0
  302. data/lib/ibm_cloud_iam/models/update_id_p_request_secrets_idp.rb +163 -0
  303. data/lib/ibm_cloud_iam/models/update_preference_request.rb +161 -0
  304. data/lib/ibm_cloud_iam/models/update_service_id_group_request.rb +176 -0
  305. data/lib/ibm_cloud_iam/models/update_service_id_request.rb +34 -95
  306. data/lib/ibm_cloud_iam/models/update_template_assignment_request.rb +175 -0
  307. data/lib/ibm_cloud_iam/models/update_trusted_profile_request.rb +169 -0
  308. data/lib/ibm_cloud_iam/models/user_activity.rb +222 -0
  309. data/lib/ibm_cloud_iam/models/user_mfa.rb +179 -0
  310. data/lib/ibm_cloud_iam/models/user_mfa_enrollments.rb +193 -0
  311. data/lib/ibm_cloud_iam/models/user_mfa_resolved.rb +178 -0
  312. data/lib/ibm_cloud_iam/models/user_report_mfa_enrollment_status.rb +291 -0
  313. data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions.rb +40 -0
  314. data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions_for_template.rb +41 -0
  315. data/lib/ibm_cloud_iam/version.rb +4 -4
  316. data/lib/ibm_cloud_iam.rb +140 -9
  317. data/spec/api/account_limits_api_spec.rb +75 -0
  318. data/spec/api/account_settings_api_spec.rb +80 -0
  319. data/spec/api/account_settings_for_id_p_api_spec.rb +132 -0
  320. data/spec/api/account_settings_template_api_spec.rb +184 -0
  321. data/spec/api/account_settings_template_assignments_api_spec.rb +112 -0
  322. data/spec/api/activities_api_spec.rb +64 -0
  323. data/spec/api/api_keys_api_spec.rb +182 -0
  324. data/spec/api/identity_preferences_api_spec.rb +98 -0
  325. data/spec/api/idp_management_api_spec.rb +166 -0
  326. data/spec/api/mfa_enrollment_status_api_spec.rb +77 -0
  327. data/spec/api/service_id_groups_api_spec.rb +102 -0
  328. data/spec/api/service_ids_api_spec.rb +143 -0
  329. data/spec/api/token_retrieval_api_spec.rb +134 -0
  330. data/spec/api/trusted_profile_template_api_spec.rb +184 -0
  331. data/spec/api/trusted_profile_template_assignments_api_spec.rb +112 -0
  332. data/spec/api/trusted_profiles_api_spec.rb +328 -0
  333. data/spec/models/access_group_count_spec.rb +42 -0
  334. data/spec/models/account_based_mfa_enrollment_spec.rb +54 -0
  335. data/spec/models/account_idp_settings_spec.rb +82 -0
  336. data/spec/models/account_login_settings_spec.rb +36 -0
  337. data/spec/models/account_settings_assigned_templates_section_spec.rb +120 -0
  338. data/spec/models/account_settings_effective_section_spec.rb +96 -0
  339. data/spec/models/account_settings_meta_spec.rb +54 -0
  340. data/spec/models/account_settings_request_spec.rb +102 -0
  341. data/spec/models/account_settings_response_spec.rb +126 -0
  342. data/spec/models/account_settings_template_list_spec.rb +72 -0
  343. data/spec/models/account_settings_template_request_spec.rb +54 -0
  344. data/spec/models/account_settings_template_response_spec.rb +114 -0
  345. data/spec/models/account_settings_user_domain_restriction_spec.rb +48 -0
  346. data/spec/models/account_settings_user_mfa_response_spec.rb +66 -0
  347. data/spec/models/action_controls_identities_spec.rb +42 -0
  348. data/spec/models/action_controls_spec.rb +48 -0
  349. data/spec/models/activity_spec.rb +42 -0
  350. data/spec/models/add_account_idp_setting_request_spec.rb +52 -0
  351. data/spec/models/api_key_inside_create_service_id_request_spec.rb +24 -17
  352. data/spec/models/api_key_list_spec.rb +15 -20
  353. data/spec/models/api_key_spec.rb +52 -27
  354. data/spec/models/apikey_activity_serviceid_spec.rb +42 -0
  355. data/spec/models/apikey_activity_spec.rb +66 -0
  356. data/spec/models/apikey_activity_user_spec.rb +54 -0
  357. data/spec/models/assigned_templates_account_settings_spec.rb +102 -0
  358. data/spec/models/common_account_settings_request_spec.rb +90 -0
  359. data/spec/models/common_account_settings_response_spec.rb +84 -0
  360. data/spec/models/consumers_response_consumers_inner_spec.rb +42 -0
  361. data/spec/models/consumers_response_spec.rb +42 -0
  362. data/spec/models/create_api_key_request_spec.rb +32 -19
  363. data/spec/models/create_idp_request_properties_idp_spec.rb +60 -0
  364. data/spec/models/create_idp_request_properties_sp_authn_context_spec.rb +42 -0
  365. data/spec/models/create_idp_request_properties_sp_spec.rb +78 -0
  366. data/spec/models/create_idp_request_properties_spec.rb +42 -0
  367. data/spec/models/create_idp_request_secrets_idp_signing_inner_spec.rb +46 -0
  368. data/spec/models/create_idp_request_secrets_idp_spec.rb +48 -0
  369. data/spec/models/create_idp_request_secrets_sp_signing_inner_spec.rb +58 -0
  370. data/spec/models/create_idp_request_secrets_sp_spec.rb +36 -0
  371. data/spec/models/create_idp_request_secrets_spec.rb +42 -0
  372. data/spec/models/create_idp_request_spec.rb +76 -0
  373. data/spec/models/create_profile_link_request_link_spec.rb +60 -0
  374. data/spec/models/create_profile_link_request_spec.rb +54 -0
  375. data/spec/models/create_service_id_group_request_spec.rb +48 -0
  376. data/spec/models/create_service_id_request_spec.rb +19 -18
  377. data/spec/models/create_template_assignment_request_spec.rb +58 -0
  378. data/spec/models/create_trusted_profile_request_spec.rb +54 -0
  379. data/spec/models/effective_account_settings_response_spec.rb +60 -0
  380. data/spec/models/enity_history_record_spec.rb +14 -19
  381. data/spec/models/entity_activity_spec.rb +48 -0
  382. data/spec/models/error_spec.rb +12 -17
  383. data/spec/models/exception_response_context_spec.rb +20 -25
  384. data/spec/models/exception_response_spec.rb +12 -17
  385. data/spec/models/id_based_mfa_enrollment_spec.rb +64 -0
  386. data/spec/models/identity_count_spec.rb +42 -0
  387. data/spec/models/identity_limits_usage_request_spec.rb +108 -0
  388. data/spec/models/identity_limits_usage_response_apikeys_per_identity_spec.rb +42 -0
  389. data/spec/models/identity_limits_usage_response_claim_rules_per_group_spec.rb +42 -0
  390. data/spec/models/identity_limits_usage_response_claim_rules_per_profile_spec.rb +42 -0
  391. data/spec/models/identity_limits_usage_response_serviceids_per_group_spec.rb +42 -0
  392. data/spec/models/identity_limits_usage_response_spec.rb +114 -0
  393. data/spec/models/identity_limits_usage_response_template_versions_per_template_spec.rb +42 -0
  394. data/spec/models/identity_preference_response_spec.rb +66 -0
  395. data/spec/models/identity_preferences_response_spec.rb +36 -0
  396. data/spec/models/idp_spec.rb +96 -0
  397. data/spec/models/limit_count_spec.rb +42 -0
  398. data/spec/models/list_id_p_settings200_response_spec.rb +36 -0
  399. data/spec/models/list_idps200_response_spec.rb +36 -0
  400. data/spec/models/mfa_enrollment_type_status_spec.rb +42 -0
  401. data/spec/models/mfa_options_spec.rb +30 -0
  402. data/spec/models/mfa_requirements_response_spec.rb +11 -16
  403. data/spec/models/oidc_exception_response_spec.rb +13 -18
  404. data/spec/models/policy_template_reference_spec.rb +42 -0
  405. data/spec/models/profile_claim_rule_conditions_spec.rb +48 -0
  406. data/spec/models/profile_claim_rule_list_spec.rb +42 -0
  407. data/spec/models/profile_claim_rule_request_spec.rb +72 -0
  408. data/spec/models/profile_claim_rule_spec.rb +90 -0
  409. data/spec/models/profile_count_spec.rb +42 -0
  410. data/spec/models/profile_identities_response_spec.rb +42 -0
  411. data/spec/models/profile_identities_update_request_spec.rb +36 -0
  412. data/spec/models/profile_identity_request_spec.rb +58 -0
  413. data/spec/models/profile_identity_response_spec.rb +64 -0
  414. data/spec/models/profile_link_link_spec.rb +60 -0
  415. data/spec/models/profile_link_list_spec.rb +36 -0
  416. data/spec/models/profile_link_spec.rb +78 -0
  417. data/spec/models/report_mfa_enrollment_status_spec.rb +66 -0
  418. data/spec/models/report_reference_spec.rb +36 -0
  419. data/spec/models/report_spec.rb +84 -0
  420. data/spec/models/response_context_spec.rb +19 -24
  421. data/spec/models/retrict_actions_spec.rb +30 -0
  422. data/spec/models/saml_metadata_import_response_spec.rb +112 -0
  423. data/spec/models/service_id_group_count_spec.rb +42 -0
  424. data/spec/models/service_id_group_list_spec.rb +36 -0
  425. data/spec/models/service_id_group_spec.rb +84 -0
  426. data/spec/models/service_id_list_spec.rb +15 -20
  427. data/spec/models/service_id_spec.rb +34 -27
  428. data/spec/models/share_scope_spec.rb +46 -0
  429. data/spec/models/template_account_settings_all_of_restrict_user_domains_spec.rb +42 -0
  430. data/spec/models/template_account_settings_spec.rb +102 -0
  431. data/spec/models/template_assignment_list_response_spec.rb +72 -0
  432. data/spec/models/template_assignment_resource_error_spec.rb +54 -0
  433. data/spec/models/template_assignment_resource_spec.rb +36 -0
  434. data/spec/models/template_assignment_response_resource_detail_spec.rb +60 -0
  435. data/spec/models/template_assignment_response_resource_spec.rb +54 -0
  436. data/spec/models/template_assignment_response_spec.rb +126 -0
  437. data/spec/models/template_count_spec.rb +42 -0
  438. data/spec/models/template_profile_component_request_spec.rb +60 -0
  439. data/spec/models/template_profile_component_response_spec.rb +60 -0
  440. data/spec/models/test_result_spec.rb +66 -0
  441. data/spec/models/test_result_steps_inner_spec.rb +54 -0
  442. data/spec/models/test_trigger_response_spec.rb +42 -0
  443. data/spec/models/token_response_spec.rb +14 -19
  444. data/spec/models/trusted_profile_spec.rb +132 -0
  445. data/spec/models/trusted_profile_template_claim_rule_spec.rb +64 -0
  446. data/spec/models/trusted_profile_template_list_spec.rb +72 -0
  447. data/spec/models/trusted_profile_template_request_spec.rb +66 -0
  448. data/spec/models/trusted_profile_template_response_spec.rb +126 -0
  449. data/spec/models/trusted_profiles_list_spec.rb +72 -0
  450. data/spec/models/update_account_idp_setting_request_spec.rb +52 -0
  451. data/spec/models/update_account_login_settings_spec.rb +36 -0
  452. data/spec/models/update_api_key_request_spec.rb +28 -15
  453. data/spec/models/update_id_p_request_properties_idp_spec.rb +54 -0
  454. data/spec/models/update_id_p_request_properties_spec.rb +42 -0
  455. data/spec/models/update_id_p_request_secrets_idp_spec.rb +42 -0
  456. data/spec/models/update_id_p_request_secrets_spec.rb +42 -0
  457. data/spec/models/update_id_p_request_spec.rb +66 -0
  458. data/spec/models/update_preference_request_spec.rb +42 -0
  459. data/spec/models/update_service_id_group_request_spec.rb +42 -0
  460. data/spec/models/update_service_id_request_spec.rb +11 -16
  461. data/spec/models/update_template_assignment_request_spec.rb +36 -0
  462. data/spec/models/update_trusted_profile_request_spec.rb +48 -0
  463. data/spec/models/user_activity_spec.rb +60 -0
  464. data/spec/models/user_mfa_enrollments_spec.rb +54 -0
  465. data/spec/models/user_mfa_resolved_spec.rb +54 -0
  466. data/spec/models/user_mfa_spec.rb +42 -0
  467. data/spec/models/user_report_mfa_enrollment_status_spec.rb +72 -0
  468. data/spec/models/user_visbility_retrict_actions_for_template_spec.rb +30 -0
  469. data/spec/models/user_visbility_retrict_actions_spec.rb +30 -0
  470. data/spec/spec_helper.rb +3 -3
  471. metadata +549 -35
  472. data/docs/IdentityOperationsApi.md +0 -828
  473. data/docs/InlineObject.md +0 -19
  474. data/docs/InlineObject1.md +0 -23
  475. data/docs/InlineObject2.md +0 -21
  476. data/docs/InlineObject3.md +0 -25
  477. data/docs/TokenOperationsApi.md +0 -226
  478. data/lib/ibm_cloud_iam/api/identity_operations_api.rb +0 -1083
  479. data/lib/ibm_cloud_iam/api/token_operations_api.rb +0 -351
  480. data/lib/ibm_cloud_iam/models/inline_object.rb +0 -229
  481. data/lib/ibm_cloud_iam/models/inline_object1.rb +0 -254
  482. data/lib/ibm_cloud_iam/models/inline_object2.rb +0 -244
  483. data/lib/ibm_cloud_iam/models/inline_object3.rb +0 -269
  484. data/spec/api/identity_operations_api_spec.rb +0 -253
  485. data/spec/api/token_operations_api_spec.rb +0 -94
  486. data/spec/api_client_spec.rb +0 -226
  487. data/spec/configuration_spec.rb +0 -42
  488. data/spec/models/inline_object1_spec.rb +0 -59
  489. data/spec/models/inline_object2_spec.rb +0 -53
  490. data/spec/models/inline_object3_spec.rb +0 -65
  491. data/spec/models/inline_object_spec.rb +0 -47
@@ -0,0 +1,147 @@
1
+ =begin
2
+ #IAM Identity Services
3
+
4
+ #  ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
5
+
6
+ The version of the OpenAPI document: 1.0.0
7
+
8
+ Generated by: https://openapi-generator.tech
9
+ Generator version: 7.23.0
10
+
11
+ =end
12
+
13
+ require 'date'
14
+ require 'time'
15
+
16
+ module IbmCloudIam
17
+ class AccountLoginSettings < ApiModelBase
18
+ attr_accessor :_alias
19
+
20
+ # Attribute mapping from ruby-style variable name to JSON key.
21
+ def self.attribute_map
22
+ {
23
+ :'_alias' => :'alias'
24
+ }
25
+ end
26
+
27
+ # Returns attribute mapping this model knows about
28
+ def self.acceptable_attribute_map
29
+ attribute_map
30
+ end
31
+
32
+ # Returns all the JSON keys this model knows about
33
+ def self.acceptable_attributes
34
+ acceptable_attribute_map.values
35
+ end
36
+
37
+ # Attribute type mapping.
38
+ def self.openapi_types
39
+ {
40
+ :'_alias' => :'String'
41
+ }
42
+ end
43
+
44
+ # List of attributes with nullable: true
45
+ def self.openapi_nullable
46
+ Set.new([
47
+ ])
48
+ end
49
+
50
+ # Initializes the object
51
+ # @param [Hash] attributes Model attributes in the form of hash
52
+ def initialize(attributes = {})
53
+ if (!attributes.is_a?(Hash))
54
+ fail ArgumentError, "The input argument (attributes) must be a hash in `IbmCloudIam::AccountLoginSettings` initialize method"
55
+ end
56
+
57
+ # check to see if the attribute exists and convert string to symbol for hash key
58
+ acceptable_attribute_map = self.class.acceptable_attribute_map
59
+ attributes = attributes.each_with_object({}) { |(k, v), h|
60
+ if (!acceptable_attribute_map.key?(k.to_sym))
61
+ fail ArgumentError, "`#{k}` is not a valid attribute in `IbmCloudIam::AccountLoginSettings`. Please check the name to make sure it's valid. List of attributes: " + acceptable_attribute_map.keys.inspect
62
+ end
63
+ h[k.to_sym] = v
64
+ }
65
+
66
+ if attributes.key?(:'_alias')
67
+ self._alias = attributes[:'_alias']
68
+ end
69
+ end
70
+
71
+ # Show invalid properties with the reasons. Usually used together with valid?
72
+ # @return Array for valid properties with the reasons
73
+ def list_invalid_properties
74
+ warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
75
+ invalid_properties = Array.new
76
+ invalid_properties
77
+ end
78
+
79
+ # Check to see if the all the properties in the model are valid
80
+ # @return true if the model is valid
81
+ def valid?
82
+ warn '[DEPRECATED] the `valid?` method is obsolete'
83
+ true
84
+ end
85
+
86
+ # Checks equality by comparing each attribute.
87
+ # @param [Object] Object to be compared
88
+ def ==(o)
89
+ return true if self.equal?(o)
90
+ self.class == o.class &&
91
+ _alias == o._alias
92
+ end
93
+
94
+ # @see the `==` method
95
+ # @param [Object] Object to be compared
96
+ def eql?(o)
97
+ self == o
98
+ end
99
+
100
+ # Calculates hash code according to all attributes.
101
+ # @return [Integer] Hash code
102
+ def hash
103
+ [_alias].hash
104
+ end
105
+
106
+ # Builds the object from hash
107
+ # @param [Hash] attributes Model attributes in the form of hash
108
+ # @return [Object] Returns the model itself
109
+ def self.build_from_hash(attributes)
110
+ return nil unless attributes.is_a?(Hash)
111
+ attributes = attributes.transform_keys(&:to_sym)
112
+ transformed_hash = {}
113
+ openapi_types.each_pair do |key, type|
114
+ if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
115
+ transformed_hash["#{key}"] = nil
116
+ elsif type =~ /\AArray<(.*)>/i
117
+ # check to ensure the input is an array given that the attribute
118
+ # is documented as an array but the input is not
119
+ if attributes[attribute_map[key]].is_a?(Array)
120
+ transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
121
+ end
122
+ elsif !attributes[attribute_map[key]].nil?
123
+ transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
124
+ end
125
+ end
126
+ new(transformed_hash)
127
+ end
128
+
129
+ # Returns the object in the form of hash
130
+ # @return [Hash] Returns the object in the form of hash
131
+ def to_hash
132
+ hash = {}
133
+ self.class.attribute_map.each_pair do |attr, param|
134
+ value = self.send(attr)
135
+ if value.nil?
136
+ is_nullable = self.class.openapi_nullable.include?(attr)
137
+ next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
138
+ end
139
+
140
+ hash[param] = _to_hash(value)
141
+ end
142
+ hash
143
+ end
144
+
145
+ end
146
+
147
+ end
@@ -0,0 +1,377 @@
1
+ =begin
2
+ #IAM Identity Services
3
+
4
+ #  ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
5
+
6
+ The version of the OpenAPI document: 1.0.0
7
+
8
+ Generated by: https://openapi-generator.tech
9
+ Generator version: 7.23.0
10
+
11
+ =end
12
+
13
+ require 'date'
14
+ require 'time'
15
+
16
+ module IbmCloudIam
17
+ class AccountSettingsAssignedTemplatesSection < ApiModelBase
18
+ attr_accessor :restrict_create_service_id
19
+
20
+ attr_accessor :restrict_create_platform_apikey
21
+
22
+ # Defines the IP addresses and subnets from which IAM tokens can be created for the account.
23
+ attr_accessor :allowed_ip_addresses
24
+
25
+ attr_accessor :mfa
26
+
27
+ # Defines the session expiration in seconds for the account. Valid values: * Any whole number between between '900' and '86400' * NOT_SET - To unset account setting and use service default
28
+ attr_accessor :session_expiration_in_seconds
29
+
30
+ # Defines the period of time in seconds in which a session will be invalidated due to inactivity. Valid values: * Any whole number between '900' and '7200' * NOT_SET - To unset account setting and use service default
31
+ attr_accessor :session_invalidation_in_seconds
32
+
33
+ # Defines the max allowed sessions per identity required by the account. Valid values: * Any whole number greater than 0 * NOT_SET - To unset account setting and use service default
34
+ attr_accessor :max_sessions_per_identity
35
+
36
+ # Defines the access token expiration in seconds. Valid values: * Any whole number between '900' and '3600' * NOT_SET - To unset account setting and use service default
37
+ attr_accessor :system_access_token_expiration_in_seconds
38
+
39
+ # Defines the refresh token expiration in seconds. Valid values: * Any whole number between '900' and '259200' * NOT_SET - To unset account setting and use service default
40
+ attr_accessor :system_refresh_token_expiration_in_seconds
41
+
42
+ attr_accessor :restrict_user_list_visibility
43
+
44
+ # List of users that are exempted from the MFA requirement of the account.
45
+ attr_accessor :user_mfa
46
+
47
+ attr_accessor :restrict_user_domains
48
+
49
+ # Template Id
50
+ attr_accessor :template_id
51
+
52
+ # Template version
53
+ attr_accessor :template_version
54
+
55
+ # Template name
56
+ attr_accessor :template_name
57
+
58
+ class EnumAttributeValidator
59
+ attr_reader :datatype
60
+ attr_reader :allowable_values
61
+
62
+ def initialize(datatype, allowable_values)
63
+ @allowable_values = allowable_values.map do |value|
64
+ case datatype.to_s
65
+ when /Integer/i
66
+ value.to_i
67
+ when /Float/i
68
+ value.to_f
69
+ else
70
+ value
71
+ end
72
+ end
73
+ end
74
+
75
+ def valid?(value)
76
+ !value || allowable_values.include?(value)
77
+ end
78
+ end
79
+
80
+ # Attribute mapping from ruby-style variable name to JSON key.
81
+ def self.attribute_map
82
+ {
83
+ :'restrict_create_service_id' => :'restrict_create_service_id',
84
+ :'restrict_create_platform_apikey' => :'restrict_create_platform_apikey',
85
+ :'allowed_ip_addresses' => :'allowed_ip_addresses',
86
+ :'mfa' => :'mfa',
87
+ :'session_expiration_in_seconds' => :'session_expiration_in_seconds',
88
+ :'session_invalidation_in_seconds' => :'session_invalidation_in_seconds',
89
+ :'max_sessions_per_identity' => :'max_sessions_per_identity',
90
+ :'system_access_token_expiration_in_seconds' => :'system_access_token_expiration_in_seconds',
91
+ :'system_refresh_token_expiration_in_seconds' => :'system_refresh_token_expiration_in_seconds',
92
+ :'restrict_user_list_visibility' => :'restrict_user_list_visibility',
93
+ :'user_mfa' => :'user_mfa',
94
+ :'restrict_user_domains' => :'restrict_user_domains',
95
+ :'template_id' => :'template_id',
96
+ :'template_version' => :'template_version',
97
+ :'template_name' => :'template_name'
98
+ }
99
+ end
100
+
101
+ # Returns attribute mapping this model knows about
102
+ def self.acceptable_attribute_map
103
+ attribute_map
104
+ end
105
+
106
+ # Returns all the JSON keys this model knows about
107
+ def self.acceptable_attributes
108
+ acceptable_attribute_map.values
109
+ end
110
+
111
+ # Attribute type mapping.
112
+ def self.openapi_types
113
+ {
114
+ :'restrict_create_service_id' => :'RetrictActions',
115
+ :'restrict_create_platform_apikey' => :'RetrictActions',
116
+ :'allowed_ip_addresses' => :'String',
117
+ :'mfa' => :'MfaOptions',
118
+ :'session_expiration_in_seconds' => :'String',
119
+ :'session_invalidation_in_seconds' => :'String',
120
+ :'max_sessions_per_identity' => :'String',
121
+ :'system_access_token_expiration_in_seconds' => :'String',
122
+ :'system_refresh_token_expiration_in_seconds' => :'String',
123
+ :'restrict_user_list_visibility' => :'UserVisbilityRetrictActionsForTemplate',
124
+ :'user_mfa' => :'Array<AccountSettingsUserMFAResponse>',
125
+ :'restrict_user_domains' => :'TemplateAccountSettingsAllOfRestrictUserDomains',
126
+ :'template_id' => :'String',
127
+ :'template_version' => :'Integer',
128
+ :'template_name' => :'String'
129
+ }
130
+ end
131
+
132
+ # List of attributes with nullable: true
133
+ def self.openapi_nullable
134
+ Set.new([
135
+ ])
136
+ end
137
+
138
+ # List of class defined in allOf (OpenAPI v3)
139
+ def self.openapi_all_of
140
+ [
141
+ :'AssignedTemplatesAccountSettings'
142
+ ]
143
+ end
144
+
145
+ # Initializes the object
146
+ # @param [Hash] attributes Model attributes in the form of hash
147
+ def initialize(attributes = {})
148
+ if (!attributes.is_a?(Hash))
149
+ fail ArgumentError, "The input argument (attributes) must be a hash in `IbmCloudIam::AccountSettingsAssignedTemplatesSection` initialize method"
150
+ end
151
+
152
+ # check to see if the attribute exists and convert string to symbol for hash key
153
+ acceptable_attribute_map = self.class.acceptable_attribute_map
154
+ attributes = attributes.each_with_object({}) { |(k, v), h|
155
+ if (!acceptable_attribute_map.key?(k.to_sym))
156
+ fail ArgumentError, "`#{k}` is not a valid attribute in `IbmCloudIam::AccountSettingsAssignedTemplatesSection`. Please check the name to make sure it's valid. List of attributes: " + acceptable_attribute_map.keys.inspect
157
+ end
158
+ h[k.to_sym] = v
159
+ }
160
+
161
+ if attributes.key?(:'restrict_create_service_id')
162
+ self.restrict_create_service_id = attributes[:'restrict_create_service_id']
163
+ else
164
+ self.restrict_create_service_id = 'NOT_SET'
165
+ end
166
+
167
+ if attributes.key?(:'restrict_create_platform_apikey')
168
+ self.restrict_create_platform_apikey = attributes[:'restrict_create_platform_apikey']
169
+ else
170
+ self.restrict_create_platform_apikey = 'NOT_SET'
171
+ end
172
+
173
+ if attributes.key?(:'allowed_ip_addresses')
174
+ self.allowed_ip_addresses = attributes[:'allowed_ip_addresses']
175
+ end
176
+
177
+ if attributes.key?(:'mfa')
178
+ self.mfa = attributes[:'mfa']
179
+ end
180
+
181
+ if attributes.key?(:'session_expiration_in_seconds')
182
+ self.session_expiration_in_seconds = attributes[:'session_expiration_in_seconds']
183
+ else
184
+ self.session_expiration_in_seconds = '86400'
185
+ end
186
+
187
+ if attributes.key?(:'session_invalidation_in_seconds')
188
+ self.session_invalidation_in_seconds = attributes[:'session_invalidation_in_seconds']
189
+ else
190
+ self.session_invalidation_in_seconds = '7200'
191
+ end
192
+
193
+ if attributes.key?(:'max_sessions_per_identity')
194
+ self.max_sessions_per_identity = attributes[:'max_sessions_per_identity']
195
+ end
196
+
197
+ if attributes.key?(:'system_access_token_expiration_in_seconds')
198
+ self.system_access_token_expiration_in_seconds = attributes[:'system_access_token_expiration_in_seconds']
199
+ else
200
+ self.system_access_token_expiration_in_seconds = '3600'
201
+ end
202
+
203
+ if attributes.key?(:'system_refresh_token_expiration_in_seconds')
204
+ self.system_refresh_token_expiration_in_seconds = attributes[:'system_refresh_token_expiration_in_seconds']
205
+ else
206
+ self.system_refresh_token_expiration_in_seconds = '259200'
207
+ end
208
+
209
+ if attributes.key?(:'restrict_user_list_visibility')
210
+ self.restrict_user_list_visibility = attributes[:'restrict_user_list_visibility']
211
+ end
212
+
213
+ if attributes.key?(:'user_mfa')
214
+ if (value = attributes[:'user_mfa']).is_a?(Array)
215
+ self.user_mfa = value
216
+ end
217
+ end
218
+
219
+ if attributes.key?(:'restrict_user_domains')
220
+ self.restrict_user_domains = attributes[:'restrict_user_domains']
221
+ end
222
+
223
+ if attributes.key?(:'template_id')
224
+ self.template_id = attributes[:'template_id']
225
+ else
226
+ self.template_id = nil
227
+ end
228
+
229
+ if attributes.key?(:'template_version')
230
+ self.template_version = attributes[:'template_version']
231
+ else
232
+ self.template_version = nil
233
+ end
234
+
235
+ if attributes.key?(:'template_name')
236
+ self.template_name = attributes[:'template_name']
237
+ else
238
+ self.template_name = nil
239
+ end
240
+ end
241
+
242
+ # Show invalid properties with the reasons. Usually used together with valid?
243
+ # @return Array for valid properties with the reasons
244
+ def list_invalid_properties
245
+ warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
246
+ invalid_properties = Array.new
247
+ if @template_id.nil?
248
+ invalid_properties.push('invalid value for "template_id", template_id cannot be nil.')
249
+ end
250
+
251
+ if @template_version.nil?
252
+ invalid_properties.push('invalid value for "template_version", template_version cannot be nil.')
253
+ end
254
+
255
+ if @template_name.nil?
256
+ invalid_properties.push('invalid value for "template_name", template_name cannot be nil.')
257
+ end
258
+
259
+ invalid_properties
260
+ end
261
+
262
+ # Check to see if the all the properties in the model are valid
263
+ # @return true if the model is valid
264
+ def valid?
265
+ warn '[DEPRECATED] the `valid?` method is obsolete'
266
+ return false if @template_id.nil?
267
+ return false if @template_version.nil?
268
+ return false if @template_name.nil?
269
+ true
270
+ end
271
+
272
+ # Custom attribute writer method with validation
273
+ # @param [Object] template_id Value to be assigned
274
+ def template_id=(template_id)
275
+ if template_id.nil?
276
+ fail ArgumentError, 'template_id cannot be nil'
277
+ end
278
+
279
+ @template_id = template_id
280
+ end
281
+
282
+ # Custom attribute writer method with validation
283
+ # @param [Object] template_version Value to be assigned
284
+ def template_version=(template_version)
285
+ if template_version.nil?
286
+ fail ArgumentError, 'template_version cannot be nil'
287
+ end
288
+
289
+ @template_version = template_version
290
+ end
291
+
292
+ # Custom attribute writer method with validation
293
+ # @param [Object] template_name Value to be assigned
294
+ def template_name=(template_name)
295
+ if template_name.nil?
296
+ fail ArgumentError, 'template_name cannot be nil'
297
+ end
298
+
299
+ @template_name = template_name
300
+ end
301
+
302
+ # Checks equality by comparing each attribute.
303
+ # @param [Object] Object to be compared
304
+ def ==(o)
305
+ return true if self.equal?(o)
306
+ self.class == o.class &&
307
+ restrict_create_service_id == o.restrict_create_service_id &&
308
+ restrict_create_platform_apikey == o.restrict_create_platform_apikey &&
309
+ allowed_ip_addresses == o.allowed_ip_addresses &&
310
+ mfa == o.mfa &&
311
+ session_expiration_in_seconds == o.session_expiration_in_seconds &&
312
+ session_invalidation_in_seconds == o.session_invalidation_in_seconds &&
313
+ max_sessions_per_identity == o.max_sessions_per_identity &&
314
+ system_access_token_expiration_in_seconds == o.system_access_token_expiration_in_seconds &&
315
+ system_refresh_token_expiration_in_seconds == o.system_refresh_token_expiration_in_seconds &&
316
+ restrict_user_list_visibility == o.restrict_user_list_visibility &&
317
+ user_mfa == o.user_mfa &&
318
+ restrict_user_domains == o.restrict_user_domains &&
319
+ template_id == o.template_id &&
320
+ template_version == o.template_version &&
321
+ template_name == o.template_name
322
+ end
323
+
324
+ # @see the `==` method
325
+ # @param [Object] Object to be compared
326
+ def eql?(o)
327
+ self == o
328
+ end
329
+
330
+ # Calculates hash code according to all attributes.
331
+ # @return [Integer] Hash code
332
+ def hash
333
+ [restrict_create_service_id, restrict_create_platform_apikey, allowed_ip_addresses, mfa, session_expiration_in_seconds, session_invalidation_in_seconds, max_sessions_per_identity, system_access_token_expiration_in_seconds, system_refresh_token_expiration_in_seconds, restrict_user_list_visibility, user_mfa, restrict_user_domains, template_id, template_version, template_name].hash
334
+ end
335
+
336
+ # Builds the object from hash
337
+ # @param [Hash] attributes Model attributes in the form of hash
338
+ # @return [Object] Returns the model itself
339
+ def self.build_from_hash(attributes)
340
+ return nil unless attributes.is_a?(Hash)
341
+ attributes = attributes.transform_keys(&:to_sym)
342
+ transformed_hash = {}
343
+ openapi_types.each_pair do |key, type|
344
+ if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
345
+ transformed_hash["#{key}"] = nil
346
+ elsif type =~ /\AArray<(.*)>/i
347
+ # check to ensure the input is an array given that the attribute
348
+ # is documented as an array but the input is not
349
+ if attributes[attribute_map[key]].is_a?(Array)
350
+ transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
351
+ end
352
+ elsif !attributes[attribute_map[key]].nil?
353
+ transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
354
+ end
355
+ end
356
+ new(transformed_hash)
357
+ end
358
+
359
+ # Returns the object in the form of hash
360
+ # @return [Hash] Returns the object in the form of hash
361
+ def to_hash
362
+ hash = {}
363
+ self.class.attribute_map.each_pair do |attr, param|
364
+ value = self.send(attr)
365
+ if value.nil?
366
+ is_nullable = self.class.openapi_nullable.include?(attr)
367
+ next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
368
+ end
369
+
370
+ hash[param] = _to_hash(value)
371
+ end
372
+ hash
373
+ end
374
+
375
+ end
376
+
377
+ end