ibm_cloud_iam 1.0.2 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (491) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +548 -36
  3. data/docs/APIKeysApi.md +714 -0
  4. data/docs/AccessGroupCount.md +20 -0
  5. data/docs/AccountBasedMfaEnrollment.md +24 -0
  6. data/docs/AccountIdpSettings.md +32 -0
  7. data/docs/AccountLimitsApi.md +173 -0
  8. data/docs/AccountLoginSettings.md +18 -0
  9. data/docs/AccountSettingsApi.md +224 -0
  10. data/docs/AccountSettingsAssignedTemplatesSection.md +46 -0
  11. data/docs/AccountSettingsEffectiveSection.md +38 -0
  12. data/docs/AccountSettingsForIdPApi.md +489 -0
  13. data/docs/AccountSettingsMeta.md +24 -0
  14. data/docs/AccountSettingsRequest.md +40 -0
  15. data/docs/AccountSettingsResponse.md +48 -0
  16. data/docs/AccountSettingsTemplateApi.md +720 -0
  17. data/docs/AccountSettingsTemplateAssignmentsApi.md +376 -0
  18. data/docs/AccountSettingsTemplateList.md +30 -0
  19. data/docs/AccountSettingsTemplateRequest.md +24 -0
  20. data/docs/AccountSettingsTemplateResponse.md +44 -0
  21. data/docs/AccountSettingsUserDomainRestriction.md +22 -0
  22. data/docs/AccountSettingsUserMFAResponse.md +28 -0
  23. data/docs/ActionControls.md +22 -0
  24. data/docs/ActionControlsIdentities.md +20 -0
  25. data/docs/ActivitiesApi.md +149 -0
  26. data/docs/Activity.md +20 -0
  27. data/docs/AddAccountIdpSettingRequest.md +22 -0
  28. data/docs/ApiKey.md +44 -33
  29. data/docs/ApiKeyInsideCreateServiceIdRequest.md +18 -13
  30. data/docs/ApiKeyList.md +20 -19
  31. data/docs/ApikeyActivity.md +28 -0
  32. data/docs/ApikeyActivityServiceid.md +20 -0
  33. data/docs/ApikeyActivityUser.md +24 -0
  34. data/docs/AssignedTemplatesAccountSettings.md +40 -0
  35. data/docs/CommonAccountSettingsRequest.md +36 -0
  36. data/docs/CommonAccountSettingsResponse.md +34 -0
  37. data/docs/ConsumersResponse.md +20 -0
  38. data/docs/ConsumersResponseConsumersInner.md +20 -0
  39. data/docs/CreateApiKeyRequest.md +24 -17
  40. data/docs/CreateIdpRequest.md +30 -0
  41. data/docs/CreateIdpRequestProperties.md +20 -0
  42. data/docs/CreateIdpRequestPropertiesIdp.md +26 -0
  43. data/docs/CreateIdpRequestPropertiesSp.md +32 -0
  44. data/docs/CreateIdpRequestPropertiesSpAuthnContext.md +20 -0
  45. data/docs/CreateIdpRequestSecrets.md +20 -0
  46. data/docs/CreateIdpRequestSecretsIdp.md +22 -0
  47. data/docs/CreateIdpRequestSecretsIdpSigningInner.md +20 -0
  48. data/docs/CreateIdpRequestSecretsSp.md +18 -0
  49. data/docs/CreateIdpRequestSecretsSpSigningInner.md +24 -0
  50. data/docs/CreateProfileLinkRequest.md +24 -0
  51. data/docs/CreateProfileLinkRequestLink.md +26 -0
  52. data/docs/CreateServiceIdGroupRequest.md +22 -0
  53. data/docs/CreateServiceIdRequest.md +18 -15
  54. data/docs/CreateTemplateAssignmentRequest.md +24 -0
  55. data/docs/CreateTrustedProfileRequest.md +24 -0
  56. data/docs/EffectiveAccountSettingsResponse.md +26 -0
  57. data/docs/EnityHistoryRecord.md +18 -17
  58. data/docs/EntityActivity.md +22 -0
  59. data/docs/Error.md +14 -13
  60. data/docs/ExceptionResponse.md +14 -13
  61. data/docs/ExceptionResponseContext.md +30 -29
  62. data/docs/IDPManagementApi.md +692 -0
  63. data/docs/IdBasedMfaEnrollment.md +26 -0
  64. data/docs/IdentityCount.md +20 -0
  65. data/docs/IdentityLimitsUsageRequest.md +42 -0
  66. data/docs/IdentityLimitsUsageResponse.md +44 -0
  67. data/docs/IdentityLimitsUsageResponseApikeysPerIdentity.md +20 -0
  68. data/docs/IdentityLimitsUsageResponseClaimRulesPerGroup.md +20 -0
  69. data/docs/IdentityLimitsUsageResponseClaimRulesPerProfile.md +20 -0
  70. data/docs/IdentityLimitsUsageResponseServiceidsPerGroup.md +20 -0
  71. data/docs/IdentityLimitsUsageResponseTemplateVersionsPerTemplate.md +20 -0
  72. data/docs/IdentityPreferenceResponse.md +28 -0
  73. data/docs/IdentityPreferencesApi.md +304 -0
  74. data/docs/IdentityPreferencesResponse.md +18 -0
  75. data/docs/Idp.md +38 -0
  76. data/docs/LimitCount.md +20 -0
  77. data/docs/ListIdPSettings200Response.md +18 -0
  78. data/docs/ListIdps200Response.md +18 -0
  79. data/docs/MFAEnrollmentStatusApi.md +216 -0
  80. data/docs/MFARequirementsResponse.md +12 -11
  81. data/docs/MfaEnrollmentTypeStatus.md +20 -0
  82. data/docs/MfaOptions.md +15 -0
  83. data/docs/OidcExceptionResponse.md +16 -15
  84. data/docs/PolicyTemplateReference.md +20 -0
  85. data/docs/ProfileClaimRule.md +36 -0
  86. data/docs/ProfileClaimRuleConditions.md +22 -0
  87. data/docs/ProfileClaimRuleList.md +20 -0
  88. data/docs/ProfileClaimRuleRequest.md +30 -0
  89. data/docs/ProfileCount.md +20 -0
  90. data/docs/ProfileIdentitiesResponse.md +20 -0
  91. data/docs/ProfileIdentitiesUpdateRequest.md +18 -0
  92. data/docs/ProfileIdentityRequest.md +24 -0
  93. data/docs/ProfileIdentityResponse.md +26 -0
  94. data/docs/ProfileLink.md +32 -0
  95. data/docs/ProfileLinkLink.md +26 -0
  96. data/docs/ProfileLinkList.md +18 -0
  97. data/docs/Report.md +34 -0
  98. data/docs/ReportMfaEnrollmentStatus.md +28 -0
  99. data/docs/ReportReference.md +18 -0
  100. data/docs/ResponseContext.md +28 -27
  101. data/docs/RetrictActions.md +15 -0
  102. data/docs/SamlMetadataImportResponse.md +42 -0
  103. data/docs/ServiceIDGroupsApi.md +347 -0
  104. data/docs/ServiceIDsApi.md +515 -0
  105. data/docs/ServiceId.md +38 -33
  106. data/docs/ServiceIdGroup.md +34 -0
  107. data/docs/ServiceIdGroupCount.md +20 -0
  108. data/docs/ServiceIdGroupList.md +18 -0
  109. data/docs/ServiceIdList.md +20 -19
  110. data/docs/ShareScope.md +20 -0
  111. data/docs/TemplateAccountSettings.md +40 -0
  112. data/docs/TemplateAccountSettingsAllOfRestrictUserDomains.md +20 -0
  113. data/docs/TemplateAssignmentListResponse.md +30 -0
  114. data/docs/TemplateAssignmentResource.md +18 -0
  115. data/docs/TemplateAssignmentResourceError.md +24 -0
  116. data/docs/TemplateAssignmentResponse.md +48 -0
  117. data/docs/TemplateAssignmentResponseResource.md +24 -0
  118. data/docs/TemplateAssignmentResponseResourceDetail.md +26 -0
  119. data/docs/TemplateCount.md +20 -0
  120. data/docs/TemplateProfileComponentRequest.md +26 -0
  121. data/docs/TemplateProfileComponentResponse.md +26 -0
  122. data/docs/TestResult.md +28 -0
  123. data/docs/TestResultStepsInner.md +24 -0
  124. data/docs/TestTriggerResponse.md +20 -0
  125. data/docs/TokenResponse.md +18 -17
  126. data/docs/TokenRetrievalApi.md +461 -0
  127. data/docs/TrustedProfile.md +50 -0
  128. data/docs/TrustedProfileTemplateApi.md +720 -0
  129. data/docs/TrustedProfileTemplateAssignmentsApi.md +376 -0
  130. data/docs/TrustedProfileTemplateClaimRule.md +26 -0
  131. data/docs/TrustedProfileTemplateList.md +30 -0
  132. data/docs/TrustedProfileTemplateRequest.md +28 -0
  133. data/docs/TrustedProfileTemplateResponse.md +48 -0
  134. data/docs/TrustedProfilesApi.md +1414 -0
  135. data/docs/TrustedProfilesList.md +30 -0
  136. data/docs/UpdateAccountIdpSettingRequest.md +22 -0
  137. data/docs/UpdateAccountLoginSettings.md +18 -0
  138. data/docs/UpdateApiKeyRequest.md +16 -9
  139. data/docs/UpdateIdPRequest.md +28 -0
  140. data/docs/UpdateIdPRequestProperties.md +20 -0
  141. data/docs/UpdateIdPRequestPropertiesIdp.md +24 -0
  142. data/docs/UpdateIdPRequestSecrets.md +20 -0
  143. data/docs/UpdateIdPRequestSecretsIdp.md +20 -0
  144. data/docs/UpdatePreferenceRequest.md +20 -0
  145. data/docs/UpdateServiceIdGroupRequest.md +20 -0
  146. data/docs/UpdateServiceIdRequest.md +12 -11
  147. data/docs/UpdateTemplateAssignmentRequest.md +18 -0
  148. data/docs/UpdateTrustedProfileRequest.md +22 -0
  149. data/docs/UserActivity.md +26 -0
  150. data/docs/UserMFAResolved.md +24 -0
  151. data/docs/UserMfa.md +20 -0
  152. data/docs/UserMfaEnrollments.md +24 -0
  153. data/docs/UserReportMfaEnrollmentStatus.md +30 -0
  154. data/docs/UserVisbilityRetrictActions.md +15 -0
  155. data/docs/UserVisbilityRetrictActionsForTemplate.md +15 -0
  156. data/git_push.sh +3 -4
  157. data/ibm_cloud_iam.gemspec +6 -6
  158. data/lib/ibm_cloud_iam/api/account_limits_api.rb +208 -0
  159. data/lib/ibm_cloud_iam/api/account_settings_api.rb +262 -0
  160. data/lib/ibm_cloud_iam/api/account_settings_for_id_p_api.rb +571 -0
  161. data/lib/ibm_cloud_iam/api/account_settings_template_api.rb +823 -0
  162. data/lib/ibm_cloud_iam/api/account_settings_template_assignments_api.rb +422 -0
  163. data/lib/ibm_cloud_iam/api/activities_api.rb +174 -0
  164. data/lib/ibm_cloud_iam/api/api_keys_api.rb +786 -0
  165. data/lib/ibm_cloud_iam/api/identity_preferences_api.rb +357 -0
  166. data/lib/ibm_cloud_iam/api/idp_management_api.rb +744 -0
  167. data/lib/ibm_cloud_iam/api/mfa_enrollment_status_api.rb +248 -0
  168. data/lib/ibm_cloud_iam/api/service_id_groups_api.rb +392 -0
  169. data/lib/ibm_cloud_iam/api/service_ids_api.rb +575 -0
  170. data/lib/ibm_cloud_iam/api/token_retrieval_api.rb +557 -0
  171. data/lib/ibm_cloud_iam/api/trusted_profile_template_api.rb +823 -0
  172. data/lib/ibm_cloud_iam/api/trusted_profile_template_assignments_api.rb +422 -0
  173. data/lib/ibm_cloud_iam/api/trusted_profiles_api.rb +1630 -0
  174. data/lib/ibm_cloud_iam/api_client.rb +74 -65
  175. data/lib/ibm_cloud_iam/api_error.rb +4 -3
  176. data/lib/ibm_cloud_iam/api_model_base.rb +88 -0
  177. data/lib/ibm_cloud_iam/configuration.rb +75 -15
  178. data/lib/ibm_cloud_iam/models/access_group_count.rb +159 -0
  179. data/lib/ibm_cloud_iam/models/account_based_mfa_enrollment.rb +243 -0
  180. data/lib/ibm_cloud_iam/models/account_idp_settings.rb +244 -0
  181. data/lib/ibm_cloud_iam/models/account_login_settings.rb +147 -0
  182. data/lib/ibm_cloud_iam/models/account_settings_assigned_templates_section.rb +377 -0
  183. data/lib/ibm_cloud_iam/models/account_settings_effective_section.rb +282 -0
  184. data/lib/ibm_cloud_iam/models/account_settings_meta.rb +179 -0
  185. data/lib/ibm_cloud_iam/models/account_settings_request.rb +301 -0
  186. data/lib/ibm_cloud_iam/models/account_settings_response.rb +567 -0
  187. data/lib/ibm_cloud_iam/models/account_settings_template_list.rb +256 -0
  188. data/lib/ibm_cloud_iam/models/account_settings_template_request.rb +178 -0
  189. data/lib/ibm_cloud_iam/models/account_settings_template_response.rb +416 -0
  190. data/lib/ibm_cloud_iam/models/account_settings_user_domain_restriction.rb +188 -0
  191. data/lib/ibm_cloud_iam/models/account_settings_user_mfa_response.rb +261 -0
  192. data/lib/ibm_cloud_iam/models/action_controls.rb +199 -0
  193. data/lib/ibm_cloud_iam/models/action_controls_identities.rb +190 -0
  194. data/lib/ibm_cloud_iam/models/activity.rb +175 -0
  195. data/lib/ibm_cloud_iam/models/add_account_idp_setting_request.rb +243 -0
  196. data/lib/ibm_cloud_iam/models/api_key.rb +188 -104
  197. data/lib/ibm_cloud_iam/models/api_key_inside_create_service_id_request.rb +70 -99
  198. data/lib/ibm_cloud_iam/models/api_key_list.rb +46 -95
  199. data/lib/ibm_cloud_iam/models/apikey_activity.rb +231 -0
  200. data/lib/ibm_cloud_iam/models/apikey_activity_serviceid.rb +159 -0
  201. data/lib/ibm_cloud_iam/models/apikey_activity_user.rb +179 -0
  202. data/lib/ibm_cloud_iam/models/assigned_templates_account_settings.rb +296 -0
  203. data/lib/ibm_cloud_iam/models/common_account_settings_request.rb +272 -0
  204. data/lib/ibm_cloud_iam/models/common_account_settings_response.rb +260 -0
  205. data/lib/ibm_cloud_iam/models/consumers_response.rb +158 -0
  206. data/lib/ibm_cloud_iam/models/consumers_response_consumers_inner.rb +158 -0
  207. data/lib/ibm_cloud_iam/models/create_api_key_request.rb +92 -99
  208. data/lib/ibm_cloud_iam/models/create_idp_request.rb +283 -0
  209. data/lib/ibm_cloud_iam/models/create_idp_request_properties.rb +157 -0
  210. data/lib/ibm_cloud_iam/models/create_idp_request_properties_idp.rb +189 -0
  211. data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp.rb +222 -0
  212. data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp_authn_context.rb +163 -0
  213. data/lib/ibm_cloud_iam/models/create_idp_request_secrets.rb +157 -0
  214. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp.rb +173 -0
  215. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp_signing_inner.rb +192 -0
  216. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp.rb +151 -0
  217. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp_signing_inner.rb +212 -0
  218. data/lib/ibm_cloud_iam/models/create_profile_link_request.rb +211 -0
  219. data/lib/ibm_cloud_iam/models/create_profile_link_request_link.rb +206 -0
  220. data/lib/ibm_cloud_iam/models/create_service_id_group_request.rb +203 -0
  221. data/lib/ibm_cloud_iam/models/create_service_id_request.rb +68 -95
  222. data/lib/ibm_cloud_iam/models/create_template_assignment_request.rb +280 -0
  223. data/lib/ibm_cloud_iam/models/create_trusted_profile_request.rb +213 -0
  224. data/lib/ibm_cloud_iam/models/effective_account_settings_response.rb +239 -0
  225. data/lib/ibm_cloud_iam/models/enity_history_record.rb +112 -101
  226. data/lib/ibm_cloud_iam/models/entity_activity.rb +185 -0
  227. data/lib/ibm_cloud_iam/models/error.rb +69 -94
  228. data/lib/ibm_cloud_iam/models/exception_response.rb +57 -94
  229. data/lib/ibm_cloud_iam/models/exception_response_context.rb +33 -94
  230. data/lib/ibm_cloud_iam/models/id_based_mfa_enrollment.rb +270 -0
  231. data/lib/ibm_cloud_iam/models/identity_count.rb +159 -0
  232. data/lib/ibm_cloud_iam/models/identity_limits_usage_request.rb +283 -0
  233. data/lib/ibm_cloud_iam/models/identity_limits_usage_response.rb +265 -0
  234. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_apikeys_per_identity.rb +178 -0
  235. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_group.rb +178 -0
  236. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_profile.rb +178 -0
  237. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_serviceids_per_group.rb +178 -0
  238. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_template_versions_per_template.rb +178 -0
  239. data/lib/ibm_cloud_iam/models/identity_preference_response.rb +200 -0
  240. data/lib/ibm_cloud_iam/models/identity_preferences_response.rb +167 -0
  241. data/lib/ibm_cloud_iam/models/idp.rb +239 -0
  242. data/lib/ibm_cloud_iam/models/limit_count.rb +176 -0
  243. data/lib/ibm_cloud_iam/models/list_id_p_settings200_response.rb +149 -0
  244. data/lib/ibm_cloud_iam/models/list_idps200_response.rb +149 -0
  245. data/lib/ibm_cloud_iam/models/mfa_enrollment_type_status.rb +192 -0
  246. data/lib/ibm_cloud_iam/models/mfa_options.rb +45 -0
  247. data/lib/ibm_cloud_iam/models/mfa_requirements_response.rb +69 -94
  248. data/lib/ibm_cloud_iam/models/oidc_exception_response.rb +57 -94
  249. data/lib/ibm_cloud_iam/models/policy_template_reference.rb +193 -0
  250. data/lib/ibm_cloud_iam/models/profile_claim_rule.rb +342 -0
  251. data/lib/ibm_cloud_iam/models/profile_claim_rule_conditions.rb +219 -0
  252. data/lib/ibm_cloud_iam/models/profile_claim_rule_list.rb +176 -0
  253. data/lib/ibm_cloud_iam/models/profile_claim_rule_request.rb +243 -0
  254. data/lib/ibm_cloud_iam/models/profile_count.rb +159 -0
  255. data/lib/ibm_cloud_iam/models/profile_identities_response.rb +160 -0
  256. data/lib/ibm_cloud_iam/models/profile_identities_update_request.rb +150 -0
  257. data/lib/ibm_cloud_iam/models/profile_identity_request.rb +238 -0
  258. data/lib/ibm_cloud_iam/models/profile_identity_response.rb +265 -0
  259. data/lib/ibm_cloud_iam/models/profile_link.rb +320 -0
  260. data/lib/ibm_cloud_iam/models/profile_link_link.rb +188 -0
  261. data/lib/ibm_cloud_iam/models/profile_link_list.rb +167 -0
  262. data/lib/ibm_cloud_iam/models/report.rb +321 -0
  263. data/lib/ibm_cloud_iam/models/report_mfa_enrollment_status.rb +268 -0
  264. data/lib/ibm_cloud_iam/models/report_reference.rb +165 -0
  265. data/lib/ibm_cloud_iam/models/response_context.rb +33 -94
  266. data/lib/ibm_cloud_iam/models/retrict_actions.rb +41 -0
  267. data/lib/ibm_cloud_iam/models/saml_metadata_import_response.rb +494 -0
  268. data/lib/ibm_cloud_iam/models/service_id.rb +184 -108
  269. data/lib/ibm_cloud_iam/models/service_id_group.rb +313 -0
  270. data/lib/ibm_cloud_iam/models/service_id_group_count.rb +159 -0
  271. data/lib/ibm_cloud_iam/models/service_id_group_list.rb +167 -0
  272. data/lib/ibm_cloud_iam/models/service_id_list.rb +47 -96
  273. data/lib/ibm_cloud_iam/models/share_scope.rb +190 -0
  274. data/lib/ibm_cloud_iam/models/template_account_settings.rb +296 -0
  275. data/lib/ibm_cloud_iam/models/template_account_settings_all_of_restrict_user_domains.rb +159 -0
  276. data/lib/ibm_cloud_iam/models/template_assignment_list_response.rb +227 -0
  277. data/lib/ibm_cloud_iam/models/template_assignment_resource.rb +149 -0
  278. data/lib/ibm_cloud_iam/models/template_assignment_resource_error.rb +179 -0
  279. data/lib/ibm_cloud_iam/models/template_assignment_response.rb +506 -0
  280. data/lib/ibm_cloud_iam/models/template_assignment_response_resource.rb +196 -0
  281. data/lib/ibm_cloud_iam/models/template_assignment_response_resource_detail.rb +203 -0
  282. data/lib/ibm_cloud_iam/models/template_count.rb +159 -0
  283. data/lib/ibm_cloud_iam/models/template_profile_component_request.rb +210 -0
  284. data/lib/ibm_cloud_iam/models/template_profile_component_response.rb +210 -0
  285. data/lib/ibm_cloud_iam/models/test_result.rb +194 -0
  286. data/lib/ibm_cloud_iam/models/test_result_steps_inner.rb +174 -0
  287. data/lib/ibm_cloud_iam/models/test_trigger_response.rb +156 -0
  288. data/lib/ibm_cloud_iam/models/token_response.rb +34 -105
  289. data/lib/ibm_cloud_iam/models/trusted_profile.rb +411 -0
  290. data/lib/ibm_cloud_iam/models/trusted_profile_template_claim_rule.rb +248 -0
  291. data/lib/ibm_cloud_iam/models/trusted_profile_template_list.rb +256 -0
  292. data/lib/ibm_cloud_iam/models/trusted_profile_template_request.rb +199 -0
  293. data/lib/ibm_cloud_iam/models/trusted_profile_template_response.rb +369 -0
  294. data/lib/ibm_cloud_iam/models/trusted_profiles_list.rb +227 -0
  295. data/lib/ibm_cloud_iam/models/update_account_idp_setting_request.rb +202 -0
  296. data/lib/ibm_cloud_iam/models/update_account_login_settings.rb +148 -0
  297. data/lib/ibm_cloud_iam/models/update_api_key_request.rb +68 -99
  298. data/lib/ibm_cloud_iam/models/update_id_p_request.rb +198 -0
  299. data/lib/ibm_cloud_iam/models/update_id_p_request_properties.rb +157 -0
  300. data/lib/ibm_cloud_iam/models/update_id_p_request_properties_idp.rb +179 -0
  301. data/lib/ibm_cloud_iam/models/update_id_p_request_secrets.rb +157 -0
  302. data/lib/ibm_cloud_iam/models/update_id_p_request_secrets_idp.rb +163 -0
  303. data/lib/ibm_cloud_iam/models/update_preference_request.rb +161 -0
  304. data/lib/ibm_cloud_iam/models/update_service_id_group_request.rb +176 -0
  305. data/lib/ibm_cloud_iam/models/update_service_id_request.rb +34 -95
  306. data/lib/ibm_cloud_iam/models/update_template_assignment_request.rb +175 -0
  307. data/lib/ibm_cloud_iam/models/update_trusted_profile_request.rb +169 -0
  308. data/lib/ibm_cloud_iam/models/user_activity.rb +222 -0
  309. data/lib/ibm_cloud_iam/models/user_mfa.rb +179 -0
  310. data/lib/ibm_cloud_iam/models/user_mfa_enrollments.rb +193 -0
  311. data/lib/ibm_cloud_iam/models/user_mfa_resolved.rb +178 -0
  312. data/lib/ibm_cloud_iam/models/user_report_mfa_enrollment_status.rb +291 -0
  313. data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions.rb +40 -0
  314. data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions_for_template.rb +41 -0
  315. data/lib/ibm_cloud_iam/version.rb +4 -4
  316. data/lib/ibm_cloud_iam.rb +140 -9
  317. data/spec/api/account_limits_api_spec.rb +75 -0
  318. data/spec/api/account_settings_api_spec.rb +80 -0
  319. data/spec/api/account_settings_for_id_p_api_spec.rb +132 -0
  320. data/spec/api/account_settings_template_api_spec.rb +184 -0
  321. data/spec/api/account_settings_template_assignments_api_spec.rb +112 -0
  322. data/spec/api/activities_api_spec.rb +64 -0
  323. data/spec/api/api_keys_api_spec.rb +182 -0
  324. data/spec/api/identity_preferences_api_spec.rb +98 -0
  325. data/spec/api/idp_management_api_spec.rb +166 -0
  326. data/spec/api/mfa_enrollment_status_api_spec.rb +77 -0
  327. data/spec/api/service_id_groups_api_spec.rb +102 -0
  328. data/spec/api/service_ids_api_spec.rb +143 -0
  329. data/spec/api/token_retrieval_api_spec.rb +134 -0
  330. data/spec/api/trusted_profile_template_api_spec.rb +184 -0
  331. data/spec/api/trusted_profile_template_assignments_api_spec.rb +112 -0
  332. data/spec/api/trusted_profiles_api_spec.rb +328 -0
  333. data/spec/models/access_group_count_spec.rb +42 -0
  334. data/spec/models/account_based_mfa_enrollment_spec.rb +54 -0
  335. data/spec/models/account_idp_settings_spec.rb +82 -0
  336. data/spec/models/account_login_settings_spec.rb +36 -0
  337. data/spec/models/account_settings_assigned_templates_section_spec.rb +120 -0
  338. data/spec/models/account_settings_effective_section_spec.rb +96 -0
  339. data/spec/models/account_settings_meta_spec.rb +54 -0
  340. data/spec/models/account_settings_request_spec.rb +102 -0
  341. data/spec/models/account_settings_response_spec.rb +126 -0
  342. data/spec/models/account_settings_template_list_spec.rb +72 -0
  343. data/spec/models/account_settings_template_request_spec.rb +54 -0
  344. data/spec/models/account_settings_template_response_spec.rb +114 -0
  345. data/spec/models/account_settings_user_domain_restriction_spec.rb +48 -0
  346. data/spec/models/account_settings_user_mfa_response_spec.rb +66 -0
  347. data/spec/models/action_controls_identities_spec.rb +42 -0
  348. data/spec/models/action_controls_spec.rb +48 -0
  349. data/spec/models/activity_spec.rb +42 -0
  350. data/spec/models/add_account_idp_setting_request_spec.rb +52 -0
  351. data/spec/models/api_key_inside_create_service_id_request_spec.rb +24 -17
  352. data/spec/models/api_key_list_spec.rb +15 -20
  353. data/spec/models/api_key_spec.rb +52 -27
  354. data/spec/models/apikey_activity_serviceid_spec.rb +42 -0
  355. data/spec/models/apikey_activity_spec.rb +66 -0
  356. data/spec/models/apikey_activity_user_spec.rb +54 -0
  357. data/spec/models/assigned_templates_account_settings_spec.rb +102 -0
  358. data/spec/models/common_account_settings_request_spec.rb +90 -0
  359. data/spec/models/common_account_settings_response_spec.rb +84 -0
  360. data/spec/models/consumers_response_consumers_inner_spec.rb +42 -0
  361. data/spec/models/consumers_response_spec.rb +42 -0
  362. data/spec/models/create_api_key_request_spec.rb +32 -19
  363. data/spec/models/create_idp_request_properties_idp_spec.rb +60 -0
  364. data/spec/models/create_idp_request_properties_sp_authn_context_spec.rb +42 -0
  365. data/spec/models/create_idp_request_properties_sp_spec.rb +78 -0
  366. data/spec/models/create_idp_request_properties_spec.rb +42 -0
  367. data/spec/models/create_idp_request_secrets_idp_signing_inner_spec.rb +46 -0
  368. data/spec/models/create_idp_request_secrets_idp_spec.rb +48 -0
  369. data/spec/models/create_idp_request_secrets_sp_signing_inner_spec.rb +58 -0
  370. data/spec/models/create_idp_request_secrets_sp_spec.rb +36 -0
  371. data/spec/models/create_idp_request_secrets_spec.rb +42 -0
  372. data/spec/models/create_idp_request_spec.rb +76 -0
  373. data/spec/models/create_profile_link_request_link_spec.rb +60 -0
  374. data/spec/models/create_profile_link_request_spec.rb +54 -0
  375. data/spec/models/create_service_id_group_request_spec.rb +48 -0
  376. data/spec/models/create_service_id_request_spec.rb +19 -18
  377. data/spec/models/create_template_assignment_request_spec.rb +58 -0
  378. data/spec/models/create_trusted_profile_request_spec.rb +54 -0
  379. data/spec/models/effective_account_settings_response_spec.rb +60 -0
  380. data/spec/models/enity_history_record_spec.rb +14 -19
  381. data/spec/models/entity_activity_spec.rb +48 -0
  382. data/spec/models/error_spec.rb +12 -17
  383. data/spec/models/exception_response_context_spec.rb +20 -25
  384. data/spec/models/exception_response_spec.rb +12 -17
  385. data/spec/models/id_based_mfa_enrollment_spec.rb +64 -0
  386. data/spec/models/identity_count_spec.rb +42 -0
  387. data/spec/models/identity_limits_usage_request_spec.rb +108 -0
  388. data/spec/models/identity_limits_usage_response_apikeys_per_identity_spec.rb +42 -0
  389. data/spec/models/identity_limits_usage_response_claim_rules_per_group_spec.rb +42 -0
  390. data/spec/models/identity_limits_usage_response_claim_rules_per_profile_spec.rb +42 -0
  391. data/spec/models/identity_limits_usage_response_serviceids_per_group_spec.rb +42 -0
  392. data/spec/models/identity_limits_usage_response_spec.rb +114 -0
  393. data/spec/models/identity_limits_usage_response_template_versions_per_template_spec.rb +42 -0
  394. data/spec/models/identity_preference_response_spec.rb +66 -0
  395. data/spec/models/identity_preferences_response_spec.rb +36 -0
  396. data/spec/models/idp_spec.rb +96 -0
  397. data/spec/models/limit_count_spec.rb +42 -0
  398. data/spec/models/list_id_p_settings200_response_spec.rb +36 -0
  399. data/spec/models/list_idps200_response_spec.rb +36 -0
  400. data/spec/models/mfa_enrollment_type_status_spec.rb +42 -0
  401. data/spec/models/mfa_options_spec.rb +30 -0
  402. data/spec/models/mfa_requirements_response_spec.rb +11 -16
  403. data/spec/models/oidc_exception_response_spec.rb +13 -18
  404. data/spec/models/policy_template_reference_spec.rb +42 -0
  405. data/spec/models/profile_claim_rule_conditions_spec.rb +48 -0
  406. data/spec/models/profile_claim_rule_list_spec.rb +42 -0
  407. data/spec/models/profile_claim_rule_request_spec.rb +72 -0
  408. data/spec/models/profile_claim_rule_spec.rb +90 -0
  409. data/spec/models/profile_count_spec.rb +42 -0
  410. data/spec/models/profile_identities_response_spec.rb +42 -0
  411. data/spec/models/profile_identities_update_request_spec.rb +36 -0
  412. data/spec/models/profile_identity_request_spec.rb +58 -0
  413. data/spec/models/profile_identity_response_spec.rb +64 -0
  414. data/spec/models/profile_link_link_spec.rb +60 -0
  415. data/spec/models/profile_link_list_spec.rb +36 -0
  416. data/spec/models/profile_link_spec.rb +78 -0
  417. data/spec/models/report_mfa_enrollment_status_spec.rb +66 -0
  418. data/spec/models/report_reference_spec.rb +36 -0
  419. data/spec/models/report_spec.rb +84 -0
  420. data/spec/models/response_context_spec.rb +19 -24
  421. data/spec/models/retrict_actions_spec.rb +30 -0
  422. data/spec/models/saml_metadata_import_response_spec.rb +112 -0
  423. data/spec/models/service_id_group_count_spec.rb +42 -0
  424. data/spec/models/service_id_group_list_spec.rb +36 -0
  425. data/spec/models/service_id_group_spec.rb +84 -0
  426. data/spec/models/service_id_list_spec.rb +15 -20
  427. data/spec/models/service_id_spec.rb +34 -27
  428. data/spec/models/share_scope_spec.rb +46 -0
  429. data/spec/models/template_account_settings_all_of_restrict_user_domains_spec.rb +42 -0
  430. data/spec/models/template_account_settings_spec.rb +102 -0
  431. data/spec/models/template_assignment_list_response_spec.rb +72 -0
  432. data/spec/models/template_assignment_resource_error_spec.rb +54 -0
  433. data/spec/models/template_assignment_resource_spec.rb +36 -0
  434. data/spec/models/template_assignment_response_resource_detail_spec.rb +60 -0
  435. data/spec/models/template_assignment_response_resource_spec.rb +54 -0
  436. data/spec/models/template_assignment_response_spec.rb +126 -0
  437. data/spec/models/template_count_spec.rb +42 -0
  438. data/spec/models/template_profile_component_request_spec.rb +60 -0
  439. data/spec/models/template_profile_component_response_spec.rb +60 -0
  440. data/spec/models/test_result_spec.rb +66 -0
  441. data/spec/models/test_result_steps_inner_spec.rb +54 -0
  442. data/spec/models/test_trigger_response_spec.rb +42 -0
  443. data/spec/models/token_response_spec.rb +14 -19
  444. data/spec/models/trusted_profile_spec.rb +132 -0
  445. data/spec/models/trusted_profile_template_claim_rule_spec.rb +64 -0
  446. data/spec/models/trusted_profile_template_list_spec.rb +72 -0
  447. data/spec/models/trusted_profile_template_request_spec.rb +66 -0
  448. data/spec/models/trusted_profile_template_response_spec.rb +126 -0
  449. data/spec/models/trusted_profiles_list_spec.rb +72 -0
  450. data/spec/models/update_account_idp_setting_request_spec.rb +52 -0
  451. data/spec/models/update_account_login_settings_spec.rb +36 -0
  452. data/spec/models/update_api_key_request_spec.rb +28 -15
  453. data/spec/models/update_id_p_request_properties_idp_spec.rb +54 -0
  454. data/spec/models/update_id_p_request_properties_spec.rb +42 -0
  455. data/spec/models/update_id_p_request_secrets_idp_spec.rb +42 -0
  456. data/spec/models/update_id_p_request_secrets_spec.rb +42 -0
  457. data/spec/models/update_id_p_request_spec.rb +66 -0
  458. data/spec/models/update_preference_request_spec.rb +42 -0
  459. data/spec/models/update_service_id_group_request_spec.rb +42 -0
  460. data/spec/models/update_service_id_request_spec.rb +11 -16
  461. data/spec/models/update_template_assignment_request_spec.rb +36 -0
  462. data/spec/models/update_trusted_profile_request_spec.rb +48 -0
  463. data/spec/models/user_activity_spec.rb +60 -0
  464. data/spec/models/user_mfa_enrollments_spec.rb +54 -0
  465. data/spec/models/user_mfa_resolved_spec.rb +54 -0
  466. data/spec/models/user_mfa_spec.rb +42 -0
  467. data/spec/models/user_report_mfa_enrollment_status_spec.rb +72 -0
  468. data/spec/models/user_visbility_retrict_actions_for_template_spec.rb +30 -0
  469. data/spec/models/user_visbility_retrict_actions_spec.rb +30 -0
  470. data/spec/spec_helper.rb +3 -3
  471. metadata +549 -35
  472. data/docs/IdentityOperationsApi.md +0 -828
  473. data/docs/InlineObject.md +0 -19
  474. data/docs/InlineObject1.md +0 -23
  475. data/docs/InlineObject2.md +0 -21
  476. data/docs/InlineObject3.md +0 -25
  477. data/docs/TokenOperationsApi.md +0 -226
  478. data/lib/ibm_cloud_iam/api/identity_operations_api.rb +0 -1083
  479. data/lib/ibm_cloud_iam/api/token_operations_api.rb +0 -351
  480. data/lib/ibm_cloud_iam/models/inline_object.rb +0 -229
  481. data/lib/ibm_cloud_iam/models/inline_object1.rb +0 -254
  482. data/lib/ibm_cloud_iam/models/inline_object2.rb +0 -244
  483. data/lib/ibm_cloud_iam/models/inline_object3.rb +0 -269
  484. data/spec/api/identity_operations_api_spec.rb +0 -253
  485. data/spec/api/token_operations_api_spec.rb +0 -94
  486. data/spec/api_client_spec.rb +0 -226
  487. data/spec/configuration_spec.rb +0 -42
  488. data/spec/models/inline_object1_spec.rb +0 -59
  489. data/spec/models/inline_object2_spec.rb +0 -53
  490. data/spec/models/inline_object3_spec.rb +0 -65
  491. data/spec/models/inline_object_spec.rb +0 -47
@@ -0,0 +1,416 @@
1
+ =begin
2
+ #IAM Identity Services
3
+
4
+ #  ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
5
+
6
+ The version of the OpenAPI document: 1.0.0
7
+
8
+ Generated by: https://openapi-generator.tech
9
+ Generator version: 7.23.0
10
+
11
+ =end
12
+
13
+ require 'date'
14
+ require 'time'
15
+
16
+ module IbmCloudIam
17
+ # Response body format for account settings template REST requests
18
+ class AccountSettingsTemplateResponse < ApiModelBase
19
+ # ID of the the template
20
+ attr_accessor :id
21
+
22
+ # Version of the the template
23
+ attr_accessor :version
24
+
25
+ # ID of the account where the template resides.
26
+ attr_accessor :account_id
27
+
28
+ # The name of the trusted profile template. This is visible only in the enterprise account.
29
+ attr_accessor :name
30
+
31
+ # The description of the trusted profile template. Describe the template for enterprise account users.
32
+ attr_accessor :description
33
+
34
+ # Committed flag determines if the template is ready for assignment
35
+ attr_accessor :committed
36
+
37
+ attr_accessor :account_settings
38
+
39
+ # History of the Template.
40
+ attr_accessor :history
41
+
42
+ # Entity tag for this templateId-version combination
43
+ attr_accessor :entity_tag
44
+
45
+ # Cloud resource name
46
+ attr_accessor :crn
47
+
48
+ # Template Created At
49
+ attr_accessor :created_at
50
+
51
+ # IAMid of the creator
52
+ attr_accessor :created_by_id
53
+
54
+ # Template last modified at
55
+ attr_accessor :last_modified_at
56
+
57
+ # IAMid of the identity that made the latest modification
58
+ attr_accessor :last_modified_by_id
59
+
60
+ # Attribute mapping from ruby-style variable name to JSON key.
61
+ def self.attribute_map
62
+ {
63
+ :'id' => :'id',
64
+ :'version' => :'version',
65
+ :'account_id' => :'account_id',
66
+ :'name' => :'name',
67
+ :'description' => :'description',
68
+ :'committed' => :'committed',
69
+ :'account_settings' => :'account_settings',
70
+ :'history' => :'history',
71
+ :'entity_tag' => :'entity_tag',
72
+ :'crn' => :'crn',
73
+ :'created_at' => :'created_at',
74
+ :'created_by_id' => :'created_by_id',
75
+ :'last_modified_at' => :'last_modified_at',
76
+ :'last_modified_by_id' => :'last_modified_by_id'
77
+ }
78
+ end
79
+
80
+ # Returns attribute mapping this model knows about
81
+ def self.acceptable_attribute_map
82
+ attribute_map
83
+ end
84
+
85
+ # Returns all the JSON keys this model knows about
86
+ def self.acceptable_attributes
87
+ acceptable_attribute_map.values
88
+ end
89
+
90
+ # Attribute type mapping.
91
+ def self.openapi_types
92
+ {
93
+ :'id' => :'String',
94
+ :'version' => :'Integer',
95
+ :'account_id' => :'String',
96
+ :'name' => :'String',
97
+ :'description' => :'String',
98
+ :'committed' => :'Boolean',
99
+ :'account_settings' => :'TemplateAccountSettings',
100
+ :'history' => :'Array<EnityHistoryRecord>',
101
+ :'entity_tag' => :'String',
102
+ :'crn' => :'String',
103
+ :'created_at' => :'String',
104
+ :'created_by_id' => :'String',
105
+ :'last_modified_at' => :'String',
106
+ :'last_modified_by_id' => :'String'
107
+ }
108
+ end
109
+
110
+ # List of attributes with nullable: true
111
+ def self.openapi_nullable
112
+ Set.new([
113
+ ])
114
+ end
115
+
116
+ # Initializes the object
117
+ # @param [Hash] attributes Model attributes in the form of hash
118
+ def initialize(attributes = {})
119
+ if (!attributes.is_a?(Hash))
120
+ fail ArgumentError, "The input argument (attributes) must be a hash in `IbmCloudIam::AccountSettingsTemplateResponse` initialize method"
121
+ end
122
+
123
+ # check to see if the attribute exists and convert string to symbol for hash key
124
+ acceptable_attribute_map = self.class.acceptable_attribute_map
125
+ attributes = attributes.each_with_object({}) { |(k, v), h|
126
+ if (!acceptable_attribute_map.key?(k.to_sym))
127
+ fail ArgumentError, "`#{k}` is not a valid attribute in `IbmCloudIam::AccountSettingsTemplateResponse`. Please check the name to make sure it's valid. List of attributes: " + acceptable_attribute_map.keys.inspect
128
+ end
129
+ h[k.to_sym] = v
130
+ }
131
+
132
+ if attributes.key?(:'id')
133
+ self.id = attributes[:'id']
134
+ else
135
+ self.id = nil
136
+ end
137
+
138
+ if attributes.key?(:'version')
139
+ self.version = attributes[:'version']
140
+ else
141
+ self.version = nil
142
+ end
143
+
144
+ if attributes.key?(:'account_id')
145
+ self.account_id = attributes[:'account_id']
146
+ else
147
+ self.account_id = nil
148
+ end
149
+
150
+ if attributes.key?(:'name')
151
+ self.name = attributes[:'name']
152
+ else
153
+ self.name = nil
154
+ end
155
+
156
+ if attributes.key?(:'description')
157
+ self.description = attributes[:'description']
158
+ end
159
+
160
+ if attributes.key?(:'committed')
161
+ self.committed = attributes[:'committed']
162
+ else
163
+ self.committed = nil
164
+ end
165
+
166
+ if attributes.key?(:'account_settings')
167
+ self.account_settings = attributes[:'account_settings']
168
+ else
169
+ self.account_settings = nil
170
+ end
171
+
172
+ if attributes.key?(:'history')
173
+ if (value = attributes[:'history']).is_a?(Array)
174
+ self.history = value
175
+ end
176
+ end
177
+
178
+ if attributes.key?(:'entity_tag')
179
+ self.entity_tag = attributes[:'entity_tag']
180
+ else
181
+ self.entity_tag = nil
182
+ end
183
+
184
+ if attributes.key?(:'crn')
185
+ self.crn = attributes[:'crn']
186
+ else
187
+ self.crn = nil
188
+ end
189
+
190
+ if attributes.key?(:'created_at')
191
+ self.created_at = attributes[:'created_at']
192
+ end
193
+
194
+ if attributes.key?(:'created_by_id')
195
+ self.created_by_id = attributes[:'created_by_id']
196
+ end
197
+
198
+ if attributes.key?(:'last_modified_at')
199
+ self.last_modified_at = attributes[:'last_modified_at']
200
+ end
201
+
202
+ if attributes.key?(:'last_modified_by_id')
203
+ self.last_modified_by_id = attributes[:'last_modified_by_id']
204
+ end
205
+ end
206
+
207
+ # Show invalid properties with the reasons. Usually used together with valid?
208
+ # @return Array for valid properties with the reasons
209
+ def list_invalid_properties
210
+ warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
211
+ invalid_properties = Array.new
212
+ if @id.nil?
213
+ invalid_properties.push('invalid value for "id", id cannot be nil.')
214
+ end
215
+
216
+ if @version.nil?
217
+ invalid_properties.push('invalid value for "version", version cannot be nil.')
218
+ end
219
+
220
+ if @account_id.nil?
221
+ invalid_properties.push('invalid value for "account_id", account_id cannot be nil.')
222
+ end
223
+
224
+ if @name.nil?
225
+ invalid_properties.push('invalid value for "name", name cannot be nil.')
226
+ end
227
+
228
+ if @committed.nil?
229
+ invalid_properties.push('invalid value for "committed", committed cannot be nil.')
230
+ end
231
+
232
+ if @account_settings.nil?
233
+ invalid_properties.push('invalid value for "account_settings", account_settings cannot be nil.')
234
+ end
235
+
236
+ if @entity_tag.nil?
237
+ invalid_properties.push('invalid value for "entity_tag", entity_tag cannot be nil.')
238
+ end
239
+
240
+ if @crn.nil?
241
+ invalid_properties.push('invalid value for "crn", crn cannot be nil.')
242
+ end
243
+
244
+ invalid_properties
245
+ end
246
+
247
+ # Check to see if the all the properties in the model are valid
248
+ # @return true if the model is valid
249
+ def valid?
250
+ warn '[DEPRECATED] the `valid?` method is obsolete'
251
+ return false if @id.nil?
252
+ return false if @version.nil?
253
+ return false if @account_id.nil?
254
+ return false if @name.nil?
255
+ return false if @committed.nil?
256
+ return false if @account_settings.nil?
257
+ return false if @entity_tag.nil?
258
+ return false if @crn.nil?
259
+ true
260
+ end
261
+
262
+ # Custom attribute writer method with validation
263
+ # @param [Object] id Value to be assigned
264
+ def id=(id)
265
+ if id.nil?
266
+ fail ArgumentError, 'id cannot be nil'
267
+ end
268
+
269
+ @id = id
270
+ end
271
+
272
+ # Custom attribute writer method with validation
273
+ # @param [Object] version Value to be assigned
274
+ def version=(version)
275
+ if version.nil?
276
+ fail ArgumentError, 'version cannot be nil'
277
+ end
278
+
279
+ @version = version
280
+ end
281
+
282
+ # Custom attribute writer method with validation
283
+ # @param [Object] account_id Value to be assigned
284
+ def account_id=(account_id)
285
+ if account_id.nil?
286
+ fail ArgumentError, 'account_id cannot be nil'
287
+ end
288
+
289
+ @account_id = account_id
290
+ end
291
+
292
+ # Custom attribute writer method with validation
293
+ # @param [Object] name Value to be assigned
294
+ def name=(name)
295
+ if name.nil?
296
+ fail ArgumentError, 'name cannot be nil'
297
+ end
298
+
299
+ @name = name
300
+ end
301
+
302
+ # Custom attribute writer method with validation
303
+ # @param [Object] committed Value to be assigned
304
+ def committed=(committed)
305
+ if committed.nil?
306
+ fail ArgumentError, 'committed cannot be nil'
307
+ end
308
+
309
+ @committed = committed
310
+ end
311
+
312
+ # Custom attribute writer method with validation
313
+ # @param [Object] account_settings Value to be assigned
314
+ def account_settings=(account_settings)
315
+ if account_settings.nil?
316
+ fail ArgumentError, 'account_settings cannot be nil'
317
+ end
318
+
319
+ @account_settings = account_settings
320
+ end
321
+
322
+ # Custom attribute writer method with validation
323
+ # @param [Object] entity_tag Value to be assigned
324
+ def entity_tag=(entity_tag)
325
+ if entity_tag.nil?
326
+ fail ArgumentError, 'entity_tag cannot be nil'
327
+ end
328
+
329
+ @entity_tag = entity_tag
330
+ end
331
+
332
+ # Custom attribute writer method with validation
333
+ # @param [Object] crn Value to be assigned
334
+ def crn=(crn)
335
+ if crn.nil?
336
+ fail ArgumentError, 'crn cannot be nil'
337
+ end
338
+
339
+ @crn = crn
340
+ end
341
+
342
+ # Checks equality by comparing each attribute.
343
+ # @param [Object] Object to be compared
344
+ def ==(o)
345
+ return true if self.equal?(o)
346
+ self.class == o.class &&
347
+ id == o.id &&
348
+ version == o.version &&
349
+ account_id == o.account_id &&
350
+ name == o.name &&
351
+ description == o.description &&
352
+ committed == o.committed &&
353
+ account_settings == o.account_settings &&
354
+ history == o.history &&
355
+ entity_tag == o.entity_tag &&
356
+ crn == o.crn &&
357
+ created_at == o.created_at &&
358
+ created_by_id == o.created_by_id &&
359
+ last_modified_at == o.last_modified_at &&
360
+ last_modified_by_id == o.last_modified_by_id
361
+ end
362
+
363
+ # @see the `==` method
364
+ # @param [Object] Object to be compared
365
+ def eql?(o)
366
+ self == o
367
+ end
368
+
369
+ # Calculates hash code according to all attributes.
370
+ # @return [Integer] Hash code
371
+ def hash
372
+ [id, version, account_id, name, description, committed, account_settings, history, entity_tag, crn, created_at, created_by_id, last_modified_at, last_modified_by_id].hash
373
+ end
374
+
375
+ # Builds the object from hash
376
+ # @param [Hash] attributes Model attributes in the form of hash
377
+ # @return [Object] Returns the model itself
378
+ def self.build_from_hash(attributes)
379
+ return nil unless attributes.is_a?(Hash)
380
+ attributes = attributes.transform_keys(&:to_sym)
381
+ transformed_hash = {}
382
+ openapi_types.each_pair do |key, type|
383
+ if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
384
+ transformed_hash["#{key}"] = nil
385
+ elsif type =~ /\AArray<(.*)>/i
386
+ # check to ensure the input is an array given that the attribute
387
+ # is documented as an array but the input is not
388
+ if attributes[attribute_map[key]].is_a?(Array)
389
+ transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
390
+ end
391
+ elsif !attributes[attribute_map[key]].nil?
392
+ transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
393
+ end
394
+ end
395
+ new(transformed_hash)
396
+ end
397
+
398
+ # Returns the object in the form of hash
399
+ # @return [Hash] Returns the object in the form of hash
400
+ def to_hash
401
+ hash = {}
402
+ self.class.attribute_map.each_pair do |attr, param|
403
+ value = self.send(attr)
404
+ if value.nil?
405
+ is_nullable = self.class.openapi_nullable.include?(attr)
406
+ next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
407
+ end
408
+
409
+ hash[param] = _to_hash(value)
410
+ end
411
+ hash
412
+ end
413
+
414
+ end
415
+
416
+ end
@@ -0,0 +1,188 @@
1
+ =begin
2
+ #IAM Identity Services
3
+
4
+ #  ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
5
+
6
+ The version of the OpenAPI document: 1.0.0
7
+
8
+ Generated by: https://openapi-generator.tech
9
+ Generator version: 7.23.0
10
+
11
+ =end
12
+
13
+ require 'date'
14
+ require 'time'
15
+
16
+ module IbmCloudIam
17
+ # Input body parameters for the Account Settings REST request
18
+ class AccountSettingsUserDomainRestriction < ApiModelBase
19
+ # The realm that the restrictions apply to
20
+ attr_accessor :realm_id
21
+
22
+ # The list of allowed email patterns. Wildcard syntax is supported, '*' represents any sequence of zero or more characters in the string, except for '.' and '@'. The sequence ends if a '.' or '@' was found. '**' represents any sequence of zero or more characters in the string - without limit
23
+ attr_accessor :invitation_email_allow_patterns
24
+
25
+ # When true invites will only be possible to the domain patterns provided, otherwise invites are unrestricted
26
+ attr_accessor :restrict_invitation
27
+
28
+ # Attribute mapping from ruby-style variable name to JSON key.
29
+ def self.attribute_map
30
+ {
31
+ :'realm_id' => :'realm_id',
32
+ :'invitation_email_allow_patterns' => :'invitation_email_allow_patterns',
33
+ :'restrict_invitation' => :'restrict_invitation'
34
+ }
35
+ end
36
+
37
+ # Returns attribute mapping this model knows about
38
+ def self.acceptable_attribute_map
39
+ attribute_map
40
+ end
41
+
42
+ # Returns all the JSON keys this model knows about
43
+ def self.acceptable_attributes
44
+ acceptable_attribute_map.values
45
+ end
46
+
47
+ # Attribute type mapping.
48
+ def self.openapi_types
49
+ {
50
+ :'realm_id' => :'String',
51
+ :'invitation_email_allow_patterns' => :'Array<String>',
52
+ :'restrict_invitation' => :'Boolean'
53
+ }
54
+ end
55
+
56
+ # List of attributes with nullable: true
57
+ def self.openapi_nullable
58
+ Set.new([
59
+ ])
60
+ end
61
+
62
+ # Initializes the object
63
+ # @param [Hash] attributes Model attributes in the form of hash
64
+ def initialize(attributes = {})
65
+ if (!attributes.is_a?(Hash))
66
+ fail ArgumentError, "The input argument (attributes) must be a hash in `IbmCloudIam::AccountSettingsUserDomainRestriction` initialize method"
67
+ end
68
+
69
+ # check to see if the attribute exists and convert string to symbol for hash key
70
+ acceptable_attribute_map = self.class.acceptable_attribute_map
71
+ attributes = attributes.each_with_object({}) { |(k, v), h|
72
+ if (!acceptable_attribute_map.key?(k.to_sym))
73
+ fail ArgumentError, "`#{k}` is not a valid attribute in `IbmCloudIam::AccountSettingsUserDomainRestriction`. Please check the name to make sure it's valid. List of attributes: " + acceptable_attribute_map.keys.inspect
74
+ end
75
+ h[k.to_sym] = v
76
+ }
77
+
78
+ if attributes.key?(:'realm_id')
79
+ self.realm_id = attributes[:'realm_id']
80
+ else
81
+ self.realm_id = nil
82
+ end
83
+
84
+ if attributes.key?(:'invitation_email_allow_patterns')
85
+ if (value = attributes[:'invitation_email_allow_patterns']).is_a?(Array)
86
+ self.invitation_email_allow_patterns = value
87
+ end
88
+ end
89
+
90
+ if attributes.key?(:'restrict_invitation')
91
+ self.restrict_invitation = attributes[:'restrict_invitation']
92
+ end
93
+ end
94
+
95
+ # Show invalid properties with the reasons. Usually used together with valid?
96
+ # @return Array for valid properties with the reasons
97
+ def list_invalid_properties
98
+ warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
99
+ invalid_properties = Array.new
100
+ if @realm_id.nil?
101
+ invalid_properties.push('invalid value for "realm_id", realm_id cannot be nil.')
102
+ end
103
+
104
+ invalid_properties
105
+ end
106
+
107
+ # Check to see if the all the properties in the model are valid
108
+ # @return true if the model is valid
109
+ def valid?
110
+ warn '[DEPRECATED] the `valid?` method is obsolete'
111
+ return false if @realm_id.nil?
112
+ true
113
+ end
114
+
115
+ # Custom attribute writer method with validation
116
+ # @param [Object] realm_id Value to be assigned
117
+ def realm_id=(realm_id)
118
+ if realm_id.nil?
119
+ fail ArgumentError, 'realm_id cannot be nil'
120
+ end
121
+
122
+ @realm_id = realm_id
123
+ end
124
+
125
+ # Checks equality by comparing each attribute.
126
+ # @param [Object] Object to be compared
127
+ def ==(o)
128
+ return true if self.equal?(o)
129
+ self.class == o.class &&
130
+ realm_id == o.realm_id &&
131
+ invitation_email_allow_patterns == o.invitation_email_allow_patterns &&
132
+ restrict_invitation == o.restrict_invitation
133
+ end
134
+
135
+ # @see the `==` method
136
+ # @param [Object] Object to be compared
137
+ def eql?(o)
138
+ self == o
139
+ end
140
+
141
+ # Calculates hash code according to all attributes.
142
+ # @return [Integer] Hash code
143
+ def hash
144
+ [realm_id, invitation_email_allow_patterns, restrict_invitation].hash
145
+ end
146
+
147
+ # Builds the object from hash
148
+ # @param [Hash] attributes Model attributes in the form of hash
149
+ # @return [Object] Returns the model itself
150
+ def self.build_from_hash(attributes)
151
+ return nil unless attributes.is_a?(Hash)
152
+ attributes = attributes.transform_keys(&:to_sym)
153
+ transformed_hash = {}
154
+ openapi_types.each_pair do |key, type|
155
+ if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
156
+ transformed_hash["#{key}"] = nil
157
+ elsif type =~ /\AArray<(.*)>/i
158
+ # check to ensure the input is an array given that the attribute
159
+ # is documented as an array but the input is not
160
+ if attributes[attribute_map[key]].is_a?(Array)
161
+ transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
162
+ end
163
+ elsif !attributes[attribute_map[key]].nil?
164
+ transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
165
+ end
166
+ end
167
+ new(transformed_hash)
168
+ end
169
+
170
+ # Returns the object in the form of hash
171
+ # @return [Hash] Returns the object in the form of hash
172
+ def to_hash
173
+ hash = {}
174
+ self.class.attribute_map.each_pair do |attr, param|
175
+ value = self.send(attr)
176
+ if value.nil?
177
+ is_nullable = self.class.openapi_nullable.include?(attr)
178
+ next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
179
+ end
180
+
181
+ hash[param] = _to_hash(value)
182
+ end
183
+ hash
184
+ end
185
+
186
+ end
187
+
188
+ end