ibm_cloud_iam 1.0.2 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (491) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +548 -36
  3. data/docs/APIKeysApi.md +714 -0
  4. data/docs/AccessGroupCount.md +20 -0
  5. data/docs/AccountBasedMfaEnrollment.md +24 -0
  6. data/docs/AccountIdpSettings.md +32 -0
  7. data/docs/AccountLimitsApi.md +173 -0
  8. data/docs/AccountLoginSettings.md +18 -0
  9. data/docs/AccountSettingsApi.md +224 -0
  10. data/docs/AccountSettingsAssignedTemplatesSection.md +46 -0
  11. data/docs/AccountSettingsEffectiveSection.md +38 -0
  12. data/docs/AccountSettingsForIdPApi.md +489 -0
  13. data/docs/AccountSettingsMeta.md +24 -0
  14. data/docs/AccountSettingsRequest.md +40 -0
  15. data/docs/AccountSettingsResponse.md +48 -0
  16. data/docs/AccountSettingsTemplateApi.md +720 -0
  17. data/docs/AccountSettingsTemplateAssignmentsApi.md +376 -0
  18. data/docs/AccountSettingsTemplateList.md +30 -0
  19. data/docs/AccountSettingsTemplateRequest.md +24 -0
  20. data/docs/AccountSettingsTemplateResponse.md +44 -0
  21. data/docs/AccountSettingsUserDomainRestriction.md +22 -0
  22. data/docs/AccountSettingsUserMFAResponse.md +28 -0
  23. data/docs/ActionControls.md +22 -0
  24. data/docs/ActionControlsIdentities.md +20 -0
  25. data/docs/ActivitiesApi.md +149 -0
  26. data/docs/Activity.md +20 -0
  27. data/docs/AddAccountIdpSettingRequest.md +22 -0
  28. data/docs/ApiKey.md +44 -33
  29. data/docs/ApiKeyInsideCreateServiceIdRequest.md +18 -13
  30. data/docs/ApiKeyList.md +20 -19
  31. data/docs/ApikeyActivity.md +28 -0
  32. data/docs/ApikeyActivityServiceid.md +20 -0
  33. data/docs/ApikeyActivityUser.md +24 -0
  34. data/docs/AssignedTemplatesAccountSettings.md +40 -0
  35. data/docs/CommonAccountSettingsRequest.md +36 -0
  36. data/docs/CommonAccountSettingsResponse.md +34 -0
  37. data/docs/ConsumersResponse.md +20 -0
  38. data/docs/ConsumersResponseConsumersInner.md +20 -0
  39. data/docs/CreateApiKeyRequest.md +24 -17
  40. data/docs/CreateIdpRequest.md +30 -0
  41. data/docs/CreateIdpRequestProperties.md +20 -0
  42. data/docs/CreateIdpRequestPropertiesIdp.md +26 -0
  43. data/docs/CreateIdpRequestPropertiesSp.md +32 -0
  44. data/docs/CreateIdpRequestPropertiesSpAuthnContext.md +20 -0
  45. data/docs/CreateIdpRequestSecrets.md +20 -0
  46. data/docs/CreateIdpRequestSecretsIdp.md +22 -0
  47. data/docs/CreateIdpRequestSecretsIdpSigningInner.md +20 -0
  48. data/docs/CreateIdpRequestSecretsSp.md +18 -0
  49. data/docs/CreateIdpRequestSecretsSpSigningInner.md +24 -0
  50. data/docs/CreateProfileLinkRequest.md +24 -0
  51. data/docs/CreateProfileLinkRequestLink.md +26 -0
  52. data/docs/CreateServiceIdGroupRequest.md +22 -0
  53. data/docs/CreateServiceIdRequest.md +18 -15
  54. data/docs/CreateTemplateAssignmentRequest.md +24 -0
  55. data/docs/CreateTrustedProfileRequest.md +24 -0
  56. data/docs/EffectiveAccountSettingsResponse.md +26 -0
  57. data/docs/EnityHistoryRecord.md +18 -17
  58. data/docs/EntityActivity.md +22 -0
  59. data/docs/Error.md +14 -13
  60. data/docs/ExceptionResponse.md +14 -13
  61. data/docs/ExceptionResponseContext.md +30 -29
  62. data/docs/IDPManagementApi.md +692 -0
  63. data/docs/IdBasedMfaEnrollment.md +26 -0
  64. data/docs/IdentityCount.md +20 -0
  65. data/docs/IdentityLimitsUsageRequest.md +42 -0
  66. data/docs/IdentityLimitsUsageResponse.md +44 -0
  67. data/docs/IdentityLimitsUsageResponseApikeysPerIdentity.md +20 -0
  68. data/docs/IdentityLimitsUsageResponseClaimRulesPerGroup.md +20 -0
  69. data/docs/IdentityLimitsUsageResponseClaimRulesPerProfile.md +20 -0
  70. data/docs/IdentityLimitsUsageResponseServiceidsPerGroup.md +20 -0
  71. data/docs/IdentityLimitsUsageResponseTemplateVersionsPerTemplate.md +20 -0
  72. data/docs/IdentityPreferenceResponse.md +28 -0
  73. data/docs/IdentityPreferencesApi.md +304 -0
  74. data/docs/IdentityPreferencesResponse.md +18 -0
  75. data/docs/Idp.md +38 -0
  76. data/docs/LimitCount.md +20 -0
  77. data/docs/ListIdPSettings200Response.md +18 -0
  78. data/docs/ListIdps200Response.md +18 -0
  79. data/docs/MFAEnrollmentStatusApi.md +216 -0
  80. data/docs/MFARequirementsResponse.md +12 -11
  81. data/docs/MfaEnrollmentTypeStatus.md +20 -0
  82. data/docs/MfaOptions.md +15 -0
  83. data/docs/OidcExceptionResponse.md +16 -15
  84. data/docs/PolicyTemplateReference.md +20 -0
  85. data/docs/ProfileClaimRule.md +36 -0
  86. data/docs/ProfileClaimRuleConditions.md +22 -0
  87. data/docs/ProfileClaimRuleList.md +20 -0
  88. data/docs/ProfileClaimRuleRequest.md +30 -0
  89. data/docs/ProfileCount.md +20 -0
  90. data/docs/ProfileIdentitiesResponse.md +20 -0
  91. data/docs/ProfileIdentitiesUpdateRequest.md +18 -0
  92. data/docs/ProfileIdentityRequest.md +24 -0
  93. data/docs/ProfileIdentityResponse.md +26 -0
  94. data/docs/ProfileLink.md +32 -0
  95. data/docs/ProfileLinkLink.md +26 -0
  96. data/docs/ProfileLinkList.md +18 -0
  97. data/docs/Report.md +34 -0
  98. data/docs/ReportMfaEnrollmentStatus.md +28 -0
  99. data/docs/ReportReference.md +18 -0
  100. data/docs/ResponseContext.md +28 -27
  101. data/docs/RetrictActions.md +15 -0
  102. data/docs/SamlMetadataImportResponse.md +42 -0
  103. data/docs/ServiceIDGroupsApi.md +347 -0
  104. data/docs/ServiceIDsApi.md +515 -0
  105. data/docs/ServiceId.md +38 -33
  106. data/docs/ServiceIdGroup.md +34 -0
  107. data/docs/ServiceIdGroupCount.md +20 -0
  108. data/docs/ServiceIdGroupList.md +18 -0
  109. data/docs/ServiceIdList.md +20 -19
  110. data/docs/ShareScope.md +20 -0
  111. data/docs/TemplateAccountSettings.md +40 -0
  112. data/docs/TemplateAccountSettingsAllOfRestrictUserDomains.md +20 -0
  113. data/docs/TemplateAssignmentListResponse.md +30 -0
  114. data/docs/TemplateAssignmentResource.md +18 -0
  115. data/docs/TemplateAssignmentResourceError.md +24 -0
  116. data/docs/TemplateAssignmentResponse.md +48 -0
  117. data/docs/TemplateAssignmentResponseResource.md +24 -0
  118. data/docs/TemplateAssignmentResponseResourceDetail.md +26 -0
  119. data/docs/TemplateCount.md +20 -0
  120. data/docs/TemplateProfileComponentRequest.md +26 -0
  121. data/docs/TemplateProfileComponentResponse.md +26 -0
  122. data/docs/TestResult.md +28 -0
  123. data/docs/TestResultStepsInner.md +24 -0
  124. data/docs/TestTriggerResponse.md +20 -0
  125. data/docs/TokenResponse.md +18 -17
  126. data/docs/TokenRetrievalApi.md +461 -0
  127. data/docs/TrustedProfile.md +50 -0
  128. data/docs/TrustedProfileTemplateApi.md +720 -0
  129. data/docs/TrustedProfileTemplateAssignmentsApi.md +376 -0
  130. data/docs/TrustedProfileTemplateClaimRule.md +26 -0
  131. data/docs/TrustedProfileTemplateList.md +30 -0
  132. data/docs/TrustedProfileTemplateRequest.md +28 -0
  133. data/docs/TrustedProfileTemplateResponse.md +48 -0
  134. data/docs/TrustedProfilesApi.md +1414 -0
  135. data/docs/TrustedProfilesList.md +30 -0
  136. data/docs/UpdateAccountIdpSettingRequest.md +22 -0
  137. data/docs/UpdateAccountLoginSettings.md +18 -0
  138. data/docs/UpdateApiKeyRequest.md +16 -9
  139. data/docs/UpdateIdPRequest.md +28 -0
  140. data/docs/UpdateIdPRequestProperties.md +20 -0
  141. data/docs/UpdateIdPRequestPropertiesIdp.md +24 -0
  142. data/docs/UpdateIdPRequestSecrets.md +20 -0
  143. data/docs/UpdateIdPRequestSecretsIdp.md +20 -0
  144. data/docs/UpdatePreferenceRequest.md +20 -0
  145. data/docs/UpdateServiceIdGroupRequest.md +20 -0
  146. data/docs/UpdateServiceIdRequest.md +12 -11
  147. data/docs/UpdateTemplateAssignmentRequest.md +18 -0
  148. data/docs/UpdateTrustedProfileRequest.md +22 -0
  149. data/docs/UserActivity.md +26 -0
  150. data/docs/UserMFAResolved.md +24 -0
  151. data/docs/UserMfa.md +20 -0
  152. data/docs/UserMfaEnrollments.md +24 -0
  153. data/docs/UserReportMfaEnrollmentStatus.md +30 -0
  154. data/docs/UserVisbilityRetrictActions.md +15 -0
  155. data/docs/UserVisbilityRetrictActionsForTemplate.md +15 -0
  156. data/git_push.sh +3 -4
  157. data/ibm_cloud_iam.gemspec +6 -6
  158. data/lib/ibm_cloud_iam/api/account_limits_api.rb +208 -0
  159. data/lib/ibm_cloud_iam/api/account_settings_api.rb +262 -0
  160. data/lib/ibm_cloud_iam/api/account_settings_for_id_p_api.rb +571 -0
  161. data/lib/ibm_cloud_iam/api/account_settings_template_api.rb +823 -0
  162. data/lib/ibm_cloud_iam/api/account_settings_template_assignments_api.rb +422 -0
  163. data/lib/ibm_cloud_iam/api/activities_api.rb +174 -0
  164. data/lib/ibm_cloud_iam/api/api_keys_api.rb +786 -0
  165. data/lib/ibm_cloud_iam/api/identity_preferences_api.rb +357 -0
  166. data/lib/ibm_cloud_iam/api/idp_management_api.rb +744 -0
  167. data/lib/ibm_cloud_iam/api/mfa_enrollment_status_api.rb +248 -0
  168. data/lib/ibm_cloud_iam/api/service_id_groups_api.rb +392 -0
  169. data/lib/ibm_cloud_iam/api/service_ids_api.rb +575 -0
  170. data/lib/ibm_cloud_iam/api/token_retrieval_api.rb +557 -0
  171. data/lib/ibm_cloud_iam/api/trusted_profile_template_api.rb +823 -0
  172. data/lib/ibm_cloud_iam/api/trusted_profile_template_assignments_api.rb +422 -0
  173. data/lib/ibm_cloud_iam/api/trusted_profiles_api.rb +1630 -0
  174. data/lib/ibm_cloud_iam/api_client.rb +74 -65
  175. data/lib/ibm_cloud_iam/api_error.rb +4 -3
  176. data/lib/ibm_cloud_iam/api_model_base.rb +88 -0
  177. data/lib/ibm_cloud_iam/configuration.rb +75 -15
  178. data/lib/ibm_cloud_iam/models/access_group_count.rb +159 -0
  179. data/lib/ibm_cloud_iam/models/account_based_mfa_enrollment.rb +243 -0
  180. data/lib/ibm_cloud_iam/models/account_idp_settings.rb +244 -0
  181. data/lib/ibm_cloud_iam/models/account_login_settings.rb +147 -0
  182. data/lib/ibm_cloud_iam/models/account_settings_assigned_templates_section.rb +377 -0
  183. data/lib/ibm_cloud_iam/models/account_settings_effective_section.rb +282 -0
  184. data/lib/ibm_cloud_iam/models/account_settings_meta.rb +179 -0
  185. data/lib/ibm_cloud_iam/models/account_settings_request.rb +301 -0
  186. data/lib/ibm_cloud_iam/models/account_settings_response.rb +567 -0
  187. data/lib/ibm_cloud_iam/models/account_settings_template_list.rb +256 -0
  188. data/lib/ibm_cloud_iam/models/account_settings_template_request.rb +178 -0
  189. data/lib/ibm_cloud_iam/models/account_settings_template_response.rb +416 -0
  190. data/lib/ibm_cloud_iam/models/account_settings_user_domain_restriction.rb +188 -0
  191. data/lib/ibm_cloud_iam/models/account_settings_user_mfa_response.rb +261 -0
  192. data/lib/ibm_cloud_iam/models/action_controls.rb +199 -0
  193. data/lib/ibm_cloud_iam/models/action_controls_identities.rb +190 -0
  194. data/lib/ibm_cloud_iam/models/activity.rb +175 -0
  195. data/lib/ibm_cloud_iam/models/add_account_idp_setting_request.rb +243 -0
  196. data/lib/ibm_cloud_iam/models/api_key.rb +188 -104
  197. data/lib/ibm_cloud_iam/models/api_key_inside_create_service_id_request.rb +70 -99
  198. data/lib/ibm_cloud_iam/models/api_key_list.rb +46 -95
  199. data/lib/ibm_cloud_iam/models/apikey_activity.rb +231 -0
  200. data/lib/ibm_cloud_iam/models/apikey_activity_serviceid.rb +159 -0
  201. data/lib/ibm_cloud_iam/models/apikey_activity_user.rb +179 -0
  202. data/lib/ibm_cloud_iam/models/assigned_templates_account_settings.rb +296 -0
  203. data/lib/ibm_cloud_iam/models/common_account_settings_request.rb +272 -0
  204. data/lib/ibm_cloud_iam/models/common_account_settings_response.rb +260 -0
  205. data/lib/ibm_cloud_iam/models/consumers_response.rb +158 -0
  206. data/lib/ibm_cloud_iam/models/consumers_response_consumers_inner.rb +158 -0
  207. data/lib/ibm_cloud_iam/models/create_api_key_request.rb +92 -99
  208. data/lib/ibm_cloud_iam/models/create_idp_request.rb +283 -0
  209. data/lib/ibm_cloud_iam/models/create_idp_request_properties.rb +157 -0
  210. data/lib/ibm_cloud_iam/models/create_idp_request_properties_idp.rb +189 -0
  211. data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp.rb +222 -0
  212. data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp_authn_context.rb +163 -0
  213. data/lib/ibm_cloud_iam/models/create_idp_request_secrets.rb +157 -0
  214. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp.rb +173 -0
  215. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp_signing_inner.rb +192 -0
  216. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp.rb +151 -0
  217. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp_signing_inner.rb +212 -0
  218. data/lib/ibm_cloud_iam/models/create_profile_link_request.rb +211 -0
  219. data/lib/ibm_cloud_iam/models/create_profile_link_request_link.rb +206 -0
  220. data/lib/ibm_cloud_iam/models/create_service_id_group_request.rb +203 -0
  221. data/lib/ibm_cloud_iam/models/create_service_id_request.rb +68 -95
  222. data/lib/ibm_cloud_iam/models/create_template_assignment_request.rb +280 -0
  223. data/lib/ibm_cloud_iam/models/create_trusted_profile_request.rb +213 -0
  224. data/lib/ibm_cloud_iam/models/effective_account_settings_response.rb +239 -0
  225. data/lib/ibm_cloud_iam/models/enity_history_record.rb +112 -101
  226. data/lib/ibm_cloud_iam/models/entity_activity.rb +185 -0
  227. data/lib/ibm_cloud_iam/models/error.rb +69 -94
  228. data/lib/ibm_cloud_iam/models/exception_response.rb +57 -94
  229. data/lib/ibm_cloud_iam/models/exception_response_context.rb +33 -94
  230. data/lib/ibm_cloud_iam/models/id_based_mfa_enrollment.rb +270 -0
  231. data/lib/ibm_cloud_iam/models/identity_count.rb +159 -0
  232. data/lib/ibm_cloud_iam/models/identity_limits_usage_request.rb +283 -0
  233. data/lib/ibm_cloud_iam/models/identity_limits_usage_response.rb +265 -0
  234. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_apikeys_per_identity.rb +178 -0
  235. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_group.rb +178 -0
  236. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_profile.rb +178 -0
  237. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_serviceids_per_group.rb +178 -0
  238. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_template_versions_per_template.rb +178 -0
  239. data/lib/ibm_cloud_iam/models/identity_preference_response.rb +200 -0
  240. data/lib/ibm_cloud_iam/models/identity_preferences_response.rb +167 -0
  241. data/lib/ibm_cloud_iam/models/idp.rb +239 -0
  242. data/lib/ibm_cloud_iam/models/limit_count.rb +176 -0
  243. data/lib/ibm_cloud_iam/models/list_id_p_settings200_response.rb +149 -0
  244. data/lib/ibm_cloud_iam/models/list_idps200_response.rb +149 -0
  245. data/lib/ibm_cloud_iam/models/mfa_enrollment_type_status.rb +192 -0
  246. data/lib/ibm_cloud_iam/models/mfa_options.rb +45 -0
  247. data/lib/ibm_cloud_iam/models/mfa_requirements_response.rb +69 -94
  248. data/lib/ibm_cloud_iam/models/oidc_exception_response.rb +57 -94
  249. data/lib/ibm_cloud_iam/models/policy_template_reference.rb +193 -0
  250. data/lib/ibm_cloud_iam/models/profile_claim_rule.rb +342 -0
  251. data/lib/ibm_cloud_iam/models/profile_claim_rule_conditions.rb +219 -0
  252. data/lib/ibm_cloud_iam/models/profile_claim_rule_list.rb +176 -0
  253. data/lib/ibm_cloud_iam/models/profile_claim_rule_request.rb +243 -0
  254. data/lib/ibm_cloud_iam/models/profile_count.rb +159 -0
  255. data/lib/ibm_cloud_iam/models/profile_identities_response.rb +160 -0
  256. data/lib/ibm_cloud_iam/models/profile_identities_update_request.rb +150 -0
  257. data/lib/ibm_cloud_iam/models/profile_identity_request.rb +238 -0
  258. data/lib/ibm_cloud_iam/models/profile_identity_response.rb +265 -0
  259. data/lib/ibm_cloud_iam/models/profile_link.rb +320 -0
  260. data/lib/ibm_cloud_iam/models/profile_link_link.rb +188 -0
  261. data/lib/ibm_cloud_iam/models/profile_link_list.rb +167 -0
  262. data/lib/ibm_cloud_iam/models/report.rb +321 -0
  263. data/lib/ibm_cloud_iam/models/report_mfa_enrollment_status.rb +268 -0
  264. data/lib/ibm_cloud_iam/models/report_reference.rb +165 -0
  265. data/lib/ibm_cloud_iam/models/response_context.rb +33 -94
  266. data/lib/ibm_cloud_iam/models/retrict_actions.rb +41 -0
  267. data/lib/ibm_cloud_iam/models/saml_metadata_import_response.rb +494 -0
  268. data/lib/ibm_cloud_iam/models/service_id.rb +184 -108
  269. data/lib/ibm_cloud_iam/models/service_id_group.rb +313 -0
  270. data/lib/ibm_cloud_iam/models/service_id_group_count.rb +159 -0
  271. data/lib/ibm_cloud_iam/models/service_id_group_list.rb +167 -0
  272. data/lib/ibm_cloud_iam/models/service_id_list.rb +47 -96
  273. data/lib/ibm_cloud_iam/models/share_scope.rb +190 -0
  274. data/lib/ibm_cloud_iam/models/template_account_settings.rb +296 -0
  275. data/lib/ibm_cloud_iam/models/template_account_settings_all_of_restrict_user_domains.rb +159 -0
  276. data/lib/ibm_cloud_iam/models/template_assignment_list_response.rb +227 -0
  277. data/lib/ibm_cloud_iam/models/template_assignment_resource.rb +149 -0
  278. data/lib/ibm_cloud_iam/models/template_assignment_resource_error.rb +179 -0
  279. data/lib/ibm_cloud_iam/models/template_assignment_response.rb +506 -0
  280. data/lib/ibm_cloud_iam/models/template_assignment_response_resource.rb +196 -0
  281. data/lib/ibm_cloud_iam/models/template_assignment_response_resource_detail.rb +203 -0
  282. data/lib/ibm_cloud_iam/models/template_count.rb +159 -0
  283. data/lib/ibm_cloud_iam/models/template_profile_component_request.rb +210 -0
  284. data/lib/ibm_cloud_iam/models/template_profile_component_response.rb +210 -0
  285. data/lib/ibm_cloud_iam/models/test_result.rb +194 -0
  286. data/lib/ibm_cloud_iam/models/test_result_steps_inner.rb +174 -0
  287. data/lib/ibm_cloud_iam/models/test_trigger_response.rb +156 -0
  288. data/lib/ibm_cloud_iam/models/token_response.rb +34 -105
  289. data/lib/ibm_cloud_iam/models/trusted_profile.rb +411 -0
  290. data/lib/ibm_cloud_iam/models/trusted_profile_template_claim_rule.rb +248 -0
  291. data/lib/ibm_cloud_iam/models/trusted_profile_template_list.rb +256 -0
  292. data/lib/ibm_cloud_iam/models/trusted_profile_template_request.rb +199 -0
  293. data/lib/ibm_cloud_iam/models/trusted_profile_template_response.rb +369 -0
  294. data/lib/ibm_cloud_iam/models/trusted_profiles_list.rb +227 -0
  295. data/lib/ibm_cloud_iam/models/update_account_idp_setting_request.rb +202 -0
  296. data/lib/ibm_cloud_iam/models/update_account_login_settings.rb +148 -0
  297. data/lib/ibm_cloud_iam/models/update_api_key_request.rb +68 -99
  298. data/lib/ibm_cloud_iam/models/update_id_p_request.rb +198 -0
  299. data/lib/ibm_cloud_iam/models/update_id_p_request_properties.rb +157 -0
  300. data/lib/ibm_cloud_iam/models/update_id_p_request_properties_idp.rb +179 -0
  301. data/lib/ibm_cloud_iam/models/update_id_p_request_secrets.rb +157 -0
  302. data/lib/ibm_cloud_iam/models/update_id_p_request_secrets_idp.rb +163 -0
  303. data/lib/ibm_cloud_iam/models/update_preference_request.rb +161 -0
  304. data/lib/ibm_cloud_iam/models/update_service_id_group_request.rb +176 -0
  305. data/lib/ibm_cloud_iam/models/update_service_id_request.rb +34 -95
  306. data/lib/ibm_cloud_iam/models/update_template_assignment_request.rb +175 -0
  307. data/lib/ibm_cloud_iam/models/update_trusted_profile_request.rb +169 -0
  308. data/lib/ibm_cloud_iam/models/user_activity.rb +222 -0
  309. data/lib/ibm_cloud_iam/models/user_mfa.rb +179 -0
  310. data/lib/ibm_cloud_iam/models/user_mfa_enrollments.rb +193 -0
  311. data/lib/ibm_cloud_iam/models/user_mfa_resolved.rb +178 -0
  312. data/lib/ibm_cloud_iam/models/user_report_mfa_enrollment_status.rb +291 -0
  313. data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions.rb +40 -0
  314. data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions_for_template.rb +41 -0
  315. data/lib/ibm_cloud_iam/version.rb +4 -4
  316. data/lib/ibm_cloud_iam.rb +140 -9
  317. data/spec/api/account_limits_api_spec.rb +75 -0
  318. data/spec/api/account_settings_api_spec.rb +80 -0
  319. data/spec/api/account_settings_for_id_p_api_spec.rb +132 -0
  320. data/spec/api/account_settings_template_api_spec.rb +184 -0
  321. data/spec/api/account_settings_template_assignments_api_spec.rb +112 -0
  322. data/spec/api/activities_api_spec.rb +64 -0
  323. data/spec/api/api_keys_api_spec.rb +182 -0
  324. data/spec/api/identity_preferences_api_spec.rb +98 -0
  325. data/spec/api/idp_management_api_spec.rb +166 -0
  326. data/spec/api/mfa_enrollment_status_api_spec.rb +77 -0
  327. data/spec/api/service_id_groups_api_spec.rb +102 -0
  328. data/spec/api/service_ids_api_spec.rb +143 -0
  329. data/spec/api/token_retrieval_api_spec.rb +134 -0
  330. data/spec/api/trusted_profile_template_api_spec.rb +184 -0
  331. data/spec/api/trusted_profile_template_assignments_api_spec.rb +112 -0
  332. data/spec/api/trusted_profiles_api_spec.rb +328 -0
  333. data/spec/models/access_group_count_spec.rb +42 -0
  334. data/spec/models/account_based_mfa_enrollment_spec.rb +54 -0
  335. data/spec/models/account_idp_settings_spec.rb +82 -0
  336. data/spec/models/account_login_settings_spec.rb +36 -0
  337. data/spec/models/account_settings_assigned_templates_section_spec.rb +120 -0
  338. data/spec/models/account_settings_effective_section_spec.rb +96 -0
  339. data/spec/models/account_settings_meta_spec.rb +54 -0
  340. data/spec/models/account_settings_request_spec.rb +102 -0
  341. data/spec/models/account_settings_response_spec.rb +126 -0
  342. data/spec/models/account_settings_template_list_spec.rb +72 -0
  343. data/spec/models/account_settings_template_request_spec.rb +54 -0
  344. data/spec/models/account_settings_template_response_spec.rb +114 -0
  345. data/spec/models/account_settings_user_domain_restriction_spec.rb +48 -0
  346. data/spec/models/account_settings_user_mfa_response_spec.rb +66 -0
  347. data/spec/models/action_controls_identities_spec.rb +42 -0
  348. data/spec/models/action_controls_spec.rb +48 -0
  349. data/spec/models/activity_spec.rb +42 -0
  350. data/spec/models/add_account_idp_setting_request_spec.rb +52 -0
  351. data/spec/models/api_key_inside_create_service_id_request_spec.rb +24 -17
  352. data/spec/models/api_key_list_spec.rb +15 -20
  353. data/spec/models/api_key_spec.rb +52 -27
  354. data/spec/models/apikey_activity_serviceid_spec.rb +42 -0
  355. data/spec/models/apikey_activity_spec.rb +66 -0
  356. data/spec/models/apikey_activity_user_spec.rb +54 -0
  357. data/spec/models/assigned_templates_account_settings_spec.rb +102 -0
  358. data/spec/models/common_account_settings_request_spec.rb +90 -0
  359. data/spec/models/common_account_settings_response_spec.rb +84 -0
  360. data/spec/models/consumers_response_consumers_inner_spec.rb +42 -0
  361. data/spec/models/consumers_response_spec.rb +42 -0
  362. data/spec/models/create_api_key_request_spec.rb +32 -19
  363. data/spec/models/create_idp_request_properties_idp_spec.rb +60 -0
  364. data/spec/models/create_idp_request_properties_sp_authn_context_spec.rb +42 -0
  365. data/spec/models/create_idp_request_properties_sp_spec.rb +78 -0
  366. data/spec/models/create_idp_request_properties_spec.rb +42 -0
  367. data/spec/models/create_idp_request_secrets_idp_signing_inner_spec.rb +46 -0
  368. data/spec/models/create_idp_request_secrets_idp_spec.rb +48 -0
  369. data/spec/models/create_idp_request_secrets_sp_signing_inner_spec.rb +58 -0
  370. data/spec/models/create_idp_request_secrets_sp_spec.rb +36 -0
  371. data/spec/models/create_idp_request_secrets_spec.rb +42 -0
  372. data/spec/models/create_idp_request_spec.rb +76 -0
  373. data/spec/models/create_profile_link_request_link_spec.rb +60 -0
  374. data/spec/models/create_profile_link_request_spec.rb +54 -0
  375. data/spec/models/create_service_id_group_request_spec.rb +48 -0
  376. data/spec/models/create_service_id_request_spec.rb +19 -18
  377. data/spec/models/create_template_assignment_request_spec.rb +58 -0
  378. data/spec/models/create_trusted_profile_request_spec.rb +54 -0
  379. data/spec/models/effective_account_settings_response_spec.rb +60 -0
  380. data/spec/models/enity_history_record_spec.rb +14 -19
  381. data/spec/models/entity_activity_spec.rb +48 -0
  382. data/spec/models/error_spec.rb +12 -17
  383. data/spec/models/exception_response_context_spec.rb +20 -25
  384. data/spec/models/exception_response_spec.rb +12 -17
  385. data/spec/models/id_based_mfa_enrollment_spec.rb +64 -0
  386. data/spec/models/identity_count_spec.rb +42 -0
  387. data/spec/models/identity_limits_usage_request_spec.rb +108 -0
  388. data/spec/models/identity_limits_usage_response_apikeys_per_identity_spec.rb +42 -0
  389. data/spec/models/identity_limits_usage_response_claim_rules_per_group_spec.rb +42 -0
  390. data/spec/models/identity_limits_usage_response_claim_rules_per_profile_spec.rb +42 -0
  391. data/spec/models/identity_limits_usage_response_serviceids_per_group_spec.rb +42 -0
  392. data/spec/models/identity_limits_usage_response_spec.rb +114 -0
  393. data/spec/models/identity_limits_usage_response_template_versions_per_template_spec.rb +42 -0
  394. data/spec/models/identity_preference_response_spec.rb +66 -0
  395. data/spec/models/identity_preferences_response_spec.rb +36 -0
  396. data/spec/models/idp_spec.rb +96 -0
  397. data/spec/models/limit_count_spec.rb +42 -0
  398. data/spec/models/list_id_p_settings200_response_spec.rb +36 -0
  399. data/spec/models/list_idps200_response_spec.rb +36 -0
  400. data/spec/models/mfa_enrollment_type_status_spec.rb +42 -0
  401. data/spec/models/mfa_options_spec.rb +30 -0
  402. data/spec/models/mfa_requirements_response_spec.rb +11 -16
  403. data/spec/models/oidc_exception_response_spec.rb +13 -18
  404. data/spec/models/policy_template_reference_spec.rb +42 -0
  405. data/spec/models/profile_claim_rule_conditions_spec.rb +48 -0
  406. data/spec/models/profile_claim_rule_list_spec.rb +42 -0
  407. data/spec/models/profile_claim_rule_request_spec.rb +72 -0
  408. data/spec/models/profile_claim_rule_spec.rb +90 -0
  409. data/spec/models/profile_count_spec.rb +42 -0
  410. data/spec/models/profile_identities_response_spec.rb +42 -0
  411. data/spec/models/profile_identities_update_request_spec.rb +36 -0
  412. data/spec/models/profile_identity_request_spec.rb +58 -0
  413. data/spec/models/profile_identity_response_spec.rb +64 -0
  414. data/spec/models/profile_link_link_spec.rb +60 -0
  415. data/spec/models/profile_link_list_spec.rb +36 -0
  416. data/spec/models/profile_link_spec.rb +78 -0
  417. data/spec/models/report_mfa_enrollment_status_spec.rb +66 -0
  418. data/spec/models/report_reference_spec.rb +36 -0
  419. data/spec/models/report_spec.rb +84 -0
  420. data/spec/models/response_context_spec.rb +19 -24
  421. data/spec/models/retrict_actions_spec.rb +30 -0
  422. data/spec/models/saml_metadata_import_response_spec.rb +112 -0
  423. data/spec/models/service_id_group_count_spec.rb +42 -0
  424. data/spec/models/service_id_group_list_spec.rb +36 -0
  425. data/spec/models/service_id_group_spec.rb +84 -0
  426. data/spec/models/service_id_list_spec.rb +15 -20
  427. data/spec/models/service_id_spec.rb +34 -27
  428. data/spec/models/share_scope_spec.rb +46 -0
  429. data/spec/models/template_account_settings_all_of_restrict_user_domains_spec.rb +42 -0
  430. data/spec/models/template_account_settings_spec.rb +102 -0
  431. data/spec/models/template_assignment_list_response_spec.rb +72 -0
  432. data/spec/models/template_assignment_resource_error_spec.rb +54 -0
  433. data/spec/models/template_assignment_resource_spec.rb +36 -0
  434. data/spec/models/template_assignment_response_resource_detail_spec.rb +60 -0
  435. data/spec/models/template_assignment_response_resource_spec.rb +54 -0
  436. data/spec/models/template_assignment_response_spec.rb +126 -0
  437. data/spec/models/template_count_spec.rb +42 -0
  438. data/spec/models/template_profile_component_request_spec.rb +60 -0
  439. data/spec/models/template_profile_component_response_spec.rb +60 -0
  440. data/spec/models/test_result_spec.rb +66 -0
  441. data/spec/models/test_result_steps_inner_spec.rb +54 -0
  442. data/spec/models/test_trigger_response_spec.rb +42 -0
  443. data/spec/models/token_response_spec.rb +14 -19
  444. data/spec/models/trusted_profile_spec.rb +132 -0
  445. data/spec/models/trusted_profile_template_claim_rule_spec.rb +64 -0
  446. data/spec/models/trusted_profile_template_list_spec.rb +72 -0
  447. data/spec/models/trusted_profile_template_request_spec.rb +66 -0
  448. data/spec/models/trusted_profile_template_response_spec.rb +126 -0
  449. data/spec/models/trusted_profiles_list_spec.rb +72 -0
  450. data/spec/models/update_account_idp_setting_request_spec.rb +52 -0
  451. data/spec/models/update_account_login_settings_spec.rb +36 -0
  452. data/spec/models/update_api_key_request_spec.rb +28 -15
  453. data/spec/models/update_id_p_request_properties_idp_spec.rb +54 -0
  454. data/spec/models/update_id_p_request_properties_spec.rb +42 -0
  455. data/spec/models/update_id_p_request_secrets_idp_spec.rb +42 -0
  456. data/spec/models/update_id_p_request_secrets_spec.rb +42 -0
  457. data/spec/models/update_id_p_request_spec.rb +66 -0
  458. data/spec/models/update_preference_request_spec.rb +42 -0
  459. data/spec/models/update_service_id_group_request_spec.rb +42 -0
  460. data/spec/models/update_service_id_request_spec.rb +11 -16
  461. data/spec/models/update_template_assignment_request_spec.rb +36 -0
  462. data/spec/models/update_trusted_profile_request_spec.rb +48 -0
  463. data/spec/models/user_activity_spec.rb +60 -0
  464. data/spec/models/user_mfa_enrollments_spec.rb +54 -0
  465. data/spec/models/user_mfa_resolved_spec.rb +54 -0
  466. data/spec/models/user_mfa_spec.rb +42 -0
  467. data/spec/models/user_report_mfa_enrollment_status_spec.rb +72 -0
  468. data/spec/models/user_visbility_retrict_actions_for_template_spec.rb +30 -0
  469. data/spec/models/user_visbility_retrict_actions_spec.rb +30 -0
  470. data/spec/spec_helper.rb +3 -3
  471. metadata +549 -35
  472. data/docs/IdentityOperationsApi.md +0 -828
  473. data/docs/InlineObject.md +0 -19
  474. data/docs/InlineObject1.md +0 -23
  475. data/docs/InlineObject2.md +0 -21
  476. data/docs/InlineObject3.md +0 -25
  477. data/docs/TokenOperationsApi.md +0 -226
  478. data/lib/ibm_cloud_iam/api/identity_operations_api.rb +0 -1083
  479. data/lib/ibm_cloud_iam/api/token_operations_api.rb +0 -351
  480. data/lib/ibm_cloud_iam/models/inline_object.rb +0 -229
  481. data/lib/ibm_cloud_iam/models/inline_object1.rb +0 -254
  482. data/lib/ibm_cloud_iam/models/inline_object2.rb +0 -244
  483. data/lib/ibm_cloud_iam/models/inline_object3.rb +0 -269
  484. data/spec/api/identity_operations_api_spec.rb +0 -253
  485. data/spec/api/token_operations_api_spec.rb +0 -94
  486. data/spec/api_client_spec.rb +0 -226
  487. data/spec/configuration_spec.rb +0 -42
  488. data/spec/models/inline_object1_spec.rb +0 -59
  489. data/spec/models/inline_object2_spec.rb +0 -53
  490. data/spec/models/inline_object3_spec.rb +0 -65
  491. data/spec/models/inline_object_spec.rb +0 -47
@@ -0,0 +1,192 @@
1
+ =begin
2
+ #IAM Identity Services
3
+
4
+ #  ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
5
+
6
+ The version of the OpenAPI document: 1.0.0
7
+
8
+ Generated by: https://openapi-generator.tech
9
+ Generator version: 7.23.0
10
+
11
+ =end
12
+
13
+ require 'date'
14
+ require 'time'
15
+
16
+ module IbmCloudIam
17
+ class CreateIdpRequestSecretsIdpSigningInner < ApiModelBase
18
+ # Certificate value in PEM format
19
+ attr_accessor :value
20
+
21
+ # Certificate type
22
+ attr_accessor :type
23
+
24
+ class EnumAttributeValidator
25
+ attr_reader :datatype
26
+ attr_reader :allowable_values
27
+
28
+ def initialize(datatype, allowable_values)
29
+ @allowable_values = allowable_values.map do |value|
30
+ case datatype.to_s
31
+ when /Integer/i
32
+ value.to_i
33
+ when /Float/i
34
+ value.to_f
35
+ else
36
+ value
37
+ end
38
+ end
39
+ end
40
+
41
+ def valid?(value)
42
+ !value || allowable_values.include?(value)
43
+ end
44
+ end
45
+
46
+ # Attribute mapping from ruby-style variable name to JSON key.
47
+ def self.attribute_map
48
+ {
49
+ :'value' => :'value',
50
+ :'type' => :'type'
51
+ }
52
+ end
53
+
54
+ # Returns attribute mapping this model knows about
55
+ def self.acceptable_attribute_map
56
+ attribute_map
57
+ end
58
+
59
+ # Returns all the JSON keys this model knows about
60
+ def self.acceptable_attributes
61
+ acceptable_attribute_map.values
62
+ end
63
+
64
+ # Attribute type mapping.
65
+ def self.openapi_types
66
+ {
67
+ :'value' => :'String',
68
+ :'type' => :'String'
69
+ }
70
+ end
71
+
72
+ # List of attributes with nullable: true
73
+ def self.openapi_nullable
74
+ Set.new([
75
+ ])
76
+ end
77
+
78
+ # Initializes the object
79
+ # @param [Hash] attributes Model attributes in the form of hash
80
+ def initialize(attributes = {})
81
+ if (!attributes.is_a?(Hash))
82
+ fail ArgumentError, "The input argument (attributes) must be a hash in `IbmCloudIam::CreateIdpRequestSecretsIdpSigningInner` initialize method"
83
+ end
84
+
85
+ # check to see if the attribute exists and convert string to symbol for hash key
86
+ acceptable_attribute_map = self.class.acceptable_attribute_map
87
+ attributes = attributes.each_with_object({}) { |(k, v), h|
88
+ if (!acceptable_attribute_map.key?(k.to_sym))
89
+ fail ArgumentError, "`#{k}` is not a valid attribute in `IbmCloudIam::CreateIdpRequestSecretsIdpSigningInner`. Please check the name to make sure it's valid. List of attributes: " + acceptable_attribute_map.keys.inspect
90
+ end
91
+ h[k.to_sym] = v
92
+ }
93
+
94
+ if attributes.key?(:'value')
95
+ self.value = attributes[:'value']
96
+ end
97
+
98
+ if attributes.key?(:'type')
99
+ self.type = attributes[:'type']
100
+ end
101
+ end
102
+
103
+ # Show invalid properties with the reasons. Usually used together with valid?
104
+ # @return Array for valid properties with the reasons
105
+ def list_invalid_properties
106
+ warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
107
+ invalid_properties = Array.new
108
+ invalid_properties
109
+ end
110
+
111
+ # Check to see if the all the properties in the model are valid
112
+ # @return true if the model is valid
113
+ def valid?
114
+ warn '[DEPRECATED] the `valid?` method is obsolete'
115
+ type_validator = EnumAttributeValidator.new('String', ["primary", "secondary"])
116
+ return false unless type_validator.valid?(@type)
117
+ true
118
+ end
119
+
120
+ # Custom attribute writer method checking allowed values (enum).
121
+ # @param [Object] type Object to be assigned
122
+ def type=(type)
123
+ validator = EnumAttributeValidator.new('String', ["primary", "secondary"])
124
+ unless validator.valid?(type)
125
+ fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}."
126
+ end
127
+ @type = type
128
+ end
129
+
130
+ # Checks equality by comparing each attribute.
131
+ # @param [Object] Object to be compared
132
+ def ==(o)
133
+ return true if self.equal?(o)
134
+ self.class == o.class &&
135
+ value == o.value &&
136
+ type == o.type
137
+ end
138
+
139
+ # @see the `==` method
140
+ # @param [Object] Object to be compared
141
+ def eql?(o)
142
+ self == o
143
+ end
144
+
145
+ # Calculates hash code according to all attributes.
146
+ # @return [Integer] Hash code
147
+ def hash
148
+ [value, type].hash
149
+ end
150
+
151
+ # Builds the object from hash
152
+ # @param [Hash] attributes Model attributes in the form of hash
153
+ # @return [Object] Returns the model itself
154
+ def self.build_from_hash(attributes)
155
+ return nil unless attributes.is_a?(Hash)
156
+ attributes = attributes.transform_keys(&:to_sym)
157
+ transformed_hash = {}
158
+ openapi_types.each_pair do |key, type|
159
+ if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
160
+ transformed_hash["#{key}"] = nil
161
+ elsif type =~ /\AArray<(.*)>/i
162
+ # check to ensure the input is an array given that the attribute
163
+ # is documented as an array but the input is not
164
+ if attributes[attribute_map[key]].is_a?(Array)
165
+ transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
166
+ end
167
+ elsif !attributes[attribute_map[key]].nil?
168
+ transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
169
+ end
170
+ end
171
+ new(transformed_hash)
172
+ end
173
+
174
+ # Returns the object in the form of hash
175
+ # @return [Hash] Returns the object in the form of hash
176
+ def to_hash
177
+ hash = {}
178
+ self.class.attribute_map.each_pair do |attr, param|
179
+ value = self.send(attr)
180
+ if value.nil?
181
+ is_nullable = self.class.openapi_nullable.include?(attr)
182
+ next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
183
+ end
184
+
185
+ hash[param] = _to_hash(value)
186
+ end
187
+ hash
188
+ end
189
+
190
+ end
191
+
192
+ end
@@ -0,0 +1,151 @@
1
+ =begin
2
+ #IAM Identity Services
3
+
4
+ #  ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
5
+
6
+ The version of the OpenAPI document: 1.0.0
7
+
8
+ Generated by: https://openapi-generator.tech
9
+ Generator version: 7.23.0
10
+
11
+ =end
12
+
13
+ require 'date'
14
+ require 'time'
15
+
16
+ module IbmCloudIam
17
+ # Service Provider secrets (can be left empty to auto-generate SP certs)
18
+ class CreateIdpRequestSecretsSp < ApiModelBase
19
+ # SP signing certificates
20
+ attr_accessor :signing
21
+
22
+ # Attribute mapping from ruby-style variable name to JSON key.
23
+ def self.attribute_map
24
+ {
25
+ :'signing' => :'signing'
26
+ }
27
+ end
28
+
29
+ # Returns attribute mapping this model knows about
30
+ def self.acceptable_attribute_map
31
+ attribute_map
32
+ end
33
+
34
+ # Returns all the JSON keys this model knows about
35
+ def self.acceptable_attributes
36
+ acceptable_attribute_map.values
37
+ end
38
+
39
+ # Attribute type mapping.
40
+ def self.openapi_types
41
+ {
42
+ :'signing' => :'Array<CreateIdpRequestSecretsSpSigningInner>'
43
+ }
44
+ end
45
+
46
+ # List of attributes with nullable: true
47
+ def self.openapi_nullable
48
+ Set.new([
49
+ ])
50
+ end
51
+
52
+ # Initializes the object
53
+ # @param [Hash] attributes Model attributes in the form of hash
54
+ def initialize(attributes = {})
55
+ if (!attributes.is_a?(Hash))
56
+ fail ArgumentError, "The input argument (attributes) must be a hash in `IbmCloudIam::CreateIdpRequestSecretsSp` initialize method"
57
+ end
58
+
59
+ # check to see if the attribute exists and convert string to symbol for hash key
60
+ acceptable_attribute_map = self.class.acceptable_attribute_map
61
+ attributes = attributes.each_with_object({}) { |(k, v), h|
62
+ if (!acceptable_attribute_map.key?(k.to_sym))
63
+ fail ArgumentError, "`#{k}` is not a valid attribute in `IbmCloudIam::CreateIdpRequestSecretsSp`. Please check the name to make sure it's valid. List of attributes: " + acceptable_attribute_map.keys.inspect
64
+ end
65
+ h[k.to_sym] = v
66
+ }
67
+
68
+ if attributes.key?(:'signing')
69
+ if (value = attributes[:'signing']).is_a?(Array)
70
+ self.signing = value
71
+ end
72
+ end
73
+ end
74
+
75
+ # Show invalid properties with the reasons. Usually used together with valid?
76
+ # @return Array for valid properties with the reasons
77
+ def list_invalid_properties
78
+ warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
79
+ invalid_properties = Array.new
80
+ invalid_properties
81
+ end
82
+
83
+ # Check to see if the all the properties in the model are valid
84
+ # @return true if the model is valid
85
+ def valid?
86
+ warn '[DEPRECATED] the `valid?` method is obsolete'
87
+ true
88
+ end
89
+
90
+ # Checks equality by comparing each attribute.
91
+ # @param [Object] Object to be compared
92
+ def ==(o)
93
+ return true if self.equal?(o)
94
+ self.class == o.class &&
95
+ signing == o.signing
96
+ end
97
+
98
+ # @see the `==` method
99
+ # @param [Object] Object to be compared
100
+ def eql?(o)
101
+ self == o
102
+ end
103
+
104
+ # Calculates hash code according to all attributes.
105
+ # @return [Integer] Hash code
106
+ def hash
107
+ [signing].hash
108
+ end
109
+
110
+ # Builds the object from hash
111
+ # @param [Hash] attributes Model attributes in the form of hash
112
+ # @return [Object] Returns the model itself
113
+ def self.build_from_hash(attributes)
114
+ return nil unless attributes.is_a?(Hash)
115
+ attributes = attributes.transform_keys(&:to_sym)
116
+ transformed_hash = {}
117
+ openapi_types.each_pair do |key, type|
118
+ if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
119
+ transformed_hash["#{key}"] = nil
120
+ elsif type =~ /\AArray<(.*)>/i
121
+ # check to ensure the input is an array given that the attribute
122
+ # is documented as an array but the input is not
123
+ if attributes[attribute_map[key]].is_a?(Array)
124
+ transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
125
+ end
126
+ elsif !attributes[attribute_map[key]].nil?
127
+ transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
128
+ end
129
+ end
130
+ new(transformed_hash)
131
+ end
132
+
133
+ # Returns the object in the form of hash
134
+ # @return [Hash] Returns the object in the form of hash
135
+ def to_hash
136
+ hash = {}
137
+ self.class.attribute_map.each_pair do |attr, param|
138
+ value = self.send(attr)
139
+ if value.nil?
140
+ is_nullable = self.class.openapi_nullable.include?(attr)
141
+ next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
142
+ end
143
+
144
+ hash[param] = _to_hash(value)
145
+ end
146
+ hash
147
+ end
148
+
149
+ end
150
+
151
+ end
@@ -0,0 +1,212 @@
1
+ =begin
2
+ #IAM Identity Services
3
+
4
+ #  ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
5
+
6
+ The version of the OpenAPI document: 1.0.0
7
+
8
+ Generated by: https://openapi-generator.tech
9
+ Generator version: 7.23.0
10
+
11
+ =end
12
+
13
+ require 'date'
14
+ require 'time'
15
+
16
+ module IbmCloudIam
17
+ class CreateIdpRequestSecretsSpSigningInner < ApiModelBase
18
+ # Certificate value in PEM format
19
+ attr_accessor :certificate_value
20
+
21
+ # Private key value
22
+ attr_accessor :key_value
23
+
24
+ # Key encoding format (e.g., pkcs8)
25
+ attr_accessor :key_encoding
26
+
27
+ # Certificate type
28
+ attr_accessor :type
29
+
30
+ class EnumAttributeValidator
31
+ attr_reader :datatype
32
+ attr_reader :allowable_values
33
+
34
+ def initialize(datatype, allowable_values)
35
+ @allowable_values = allowable_values.map do |value|
36
+ case datatype.to_s
37
+ when /Integer/i
38
+ value.to_i
39
+ when /Float/i
40
+ value.to_f
41
+ else
42
+ value
43
+ end
44
+ end
45
+ end
46
+
47
+ def valid?(value)
48
+ !value || allowable_values.include?(value)
49
+ end
50
+ end
51
+
52
+ # Attribute mapping from ruby-style variable name to JSON key.
53
+ def self.attribute_map
54
+ {
55
+ :'certificate_value' => :'certificate_value',
56
+ :'key_value' => :'key_value',
57
+ :'key_encoding' => :'key_encoding',
58
+ :'type' => :'type'
59
+ }
60
+ end
61
+
62
+ # Returns attribute mapping this model knows about
63
+ def self.acceptable_attribute_map
64
+ attribute_map
65
+ end
66
+
67
+ # Returns all the JSON keys this model knows about
68
+ def self.acceptable_attributes
69
+ acceptable_attribute_map.values
70
+ end
71
+
72
+ # Attribute type mapping.
73
+ def self.openapi_types
74
+ {
75
+ :'certificate_value' => :'String',
76
+ :'key_value' => :'String',
77
+ :'key_encoding' => :'String',
78
+ :'type' => :'String'
79
+ }
80
+ end
81
+
82
+ # List of attributes with nullable: true
83
+ def self.openapi_nullable
84
+ Set.new([
85
+ ])
86
+ end
87
+
88
+ # Initializes the object
89
+ # @param [Hash] attributes Model attributes in the form of hash
90
+ def initialize(attributes = {})
91
+ if (!attributes.is_a?(Hash))
92
+ fail ArgumentError, "The input argument (attributes) must be a hash in `IbmCloudIam::CreateIdpRequestSecretsSpSigningInner` initialize method"
93
+ end
94
+
95
+ # check to see if the attribute exists and convert string to symbol for hash key
96
+ acceptable_attribute_map = self.class.acceptable_attribute_map
97
+ attributes = attributes.each_with_object({}) { |(k, v), h|
98
+ if (!acceptable_attribute_map.key?(k.to_sym))
99
+ fail ArgumentError, "`#{k}` is not a valid attribute in `IbmCloudIam::CreateIdpRequestSecretsSpSigningInner`. Please check the name to make sure it's valid. List of attributes: " + acceptable_attribute_map.keys.inspect
100
+ end
101
+ h[k.to_sym] = v
102
+ }
103
+
104
+ if attributes.key?(:'certificate_value')
105
+ self.certificate_value = attributes[:'certificate_value']
106
+ end
107
+
108
+ if attributes.key?(:'key_value')
109
+ self.key_value = attributes[:'key_value']
110
+ end
111
+
112
+ if attributes.key?(:'key_encoding')
113
+ self.key_encoding = attributes[:'key_encoding']
114
+ end
115
+
116
+ if attributes.key?(:'type')
117
+ self.type = attributes[:'type']
118
+ end
119
+ end
120
+
121
+ # Show invalid properties with the reasons. Usually used together with valid?
122
+ # @return Array for valid properties with the reasons
123
+ def list_invalid_properties
124
+ warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
125
+ invalid_properties = Array.new
126
+ invalid_properties
127
+ end
128
+
129
+ # Check to see if the all the properties in the model are valid
130
+ # @return true if the model is valid
131
+ def valid?
132
+ warn '[DEPRECATED] the `valid?` method is obsolete'
133
+ type_validator = EnumAttributeValidator.new('String', ["primary", "secondary"])
134
+ return false unless type_validator.valid?(@type)
135
+ true
136
+ end
137
+
138
+ # Custom attribute writer method checking allowed values (enum).
139
+ # @param [Object] type Object to be assigned
140
+ def type=(type)
141
+ validator = EnumAttributeValidator.new('String', ["primary", "secondary"])
142
+ unless validator.valid?(type)
143
+ fail ArgumentError, "invalid value for \"type\", must be one of #{validator.allowable_values}."
144
+ end
145
+ @type = type
146
+ end
147
+
148
+ # Checks equality by comparing each attribute.
149
+ # @param [Object] Object to be compared
150
+ def ==(o)
151
+ return true if self.equal?(o)
152
+ self.class == o.class &&
153
+ certificate_value == o.certificate_value &&
154
+ key_value == o.key_value &&
155
+ key_encoding == o.key_encoding &&
156
+ type == o.type
157
+ end
158
+
159
+ # @see the `==` method
160
+ # @param [Object] Object to be compared
161
+ def eql?(o)
162
+ self == o
163
+ end
164
+
165
+ # Calculates hash code according to all attributes.
166
+ # @return [Integer] Hash code
167
+ def hash
168
+ [certificate_value, key_value, key_encoding, type].hash
169
+ end
170
+
171
+ # Builds the object from hash
172
+ # @param [Hash] attributes Model attributes in the form of hash
173
+ # @return [Object] Returns the model itself
174
+ def self.build_from_hash(attributes)
175
+ return nil unless attributes.is_a?(Hash)
176
+ attributes = attributes.transform_keys(&:to_sym)
177
+ transformed_hash = {}
178
+ openapi_types.each_pair do |key, type|
179
+ if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
180
+ transformed_hash["#{key}"] = nil
181
+ elsif type =~ /\AArray<(.*)>/i
182
+ # check to ensure the input is an array given that the attribute
183
+ # is documented as an array but the input is not
184
+ if attributes[attribute_map[key]].is_a?(Array)
185
+ transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
186
+ end
187
+ elsif !attributes[attribute_map[key]].nil?
188
+ transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
189
+ end
190
+ end
191
+ new(transformed_hash)
192
+ end
193
+
194
+ # Returns the object in the form of hash
195
+ # @return [Hash] Returns the object in the form of hash
196
+ def to_hash
197
+ hash = {}
198
+ self.class.attribute_map.each_pair do |attr, param|
199
+ value = self.send(attr)
200
+ if value.nil?
201
+ is_nullable = self.class.openapi_nullable.include?(attr)
202
+ next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
203
+ end
204
+
205
+ hash[param] = _to_hash(value)
206
+ end
207
+ hash
208
+ end
209
+
210
+ end
211
+
212
+ end