Principal Service API 2.0
Use this API to manage principals.
{
"openapi": "3.0.1",
"info": {
"title": "Principal API",
"description": "Use this API to manage principals.",
"termsOfService": "https://www.genetec.com/legal/cloudtos",
"license": {
"name": "Source Code License Agreement",
"url": "https://www.genetec.com/legal/eula"
},
"version": "2"
},
"paths": {
"/api/v2/accounts/{accountId}/delegations": {
"post": {
"tags": [
"Delegations"
],
"summary": "Create a delegation for an identity.\r\nThe identity will be able to perform actions on behalf of another identity specified",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
}
],
"requestBody": {
"description": "",
"content": {
"application/json-patch+json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.CreateDelegationModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.CreateDelegationModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.CreateDelegationModel"
}
},
"application/*+json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.CreateDelegationModel"
}
}
}
},
"responses": {
"201": {
"description": "Creates a DelegationModel",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationModel"
}
}
}
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
}
},
"/api/v2/accounts/{accountId}/delegations/{identityId}": {
"get": {
"tags": [
"Delegations"
],
"summary": "Retrieve the list of delegations. This will also return delegations that start in the future.",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "identityId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "IncludeDelegatedTo",
"in": "query",
"schema": {
"type": "boolean"
}
},
{
"name": "StartDateTimeUtc",
"in": "query",
"schema": {
"type": "string",
"format": "date-time"
}
},
{
"name": "EndDateTimeUtc",
"in": "query",
"schema": {
"type": "string",
"format": "date-time"
}
}
],
"responses": {
"200": {
"description": "Success",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationsModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationsModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationsModel"
}
}
}
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
}
},
"/api/v2/accounts/{accountId}/delegations/list": {
"post": {
"tags": [
"Delegations"
],
"summary": "Retrieve the delegates for specific identities.",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "include",
"in": "query",
"description": "",
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
}
],
"requestBody": {
"description": "List of identityIds for which the active delegations will be retrieved",
"content": {
"application/json-patch+json": {
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
},
"application/json": {
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
},
"text/json": {
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
},
"application/*+json": {
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
},
"responses": {
"200": {
"description": "Success",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationsModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationsModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationsModel"
}
}
}
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
}
},
"/api/v2/accounts/{accountId}/delegations/{delegationId}": {
"put": {
"tags": [
"Delegations"
],
"summary": "Update a delegation",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "delegationId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
}
],
"requestBody": {
"description": "",
"content": {
"application/json-patch+json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.UpdateDelegationModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.UpdateDelegationModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.UpdateDelegationModel"
}
},
"application/*+json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.UpdateDelegationModel"
}
}
}
},
"responses": {
"200": {
"description": "Success",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationModel"
}
}
}
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
},
"delete": {
"tags": [
"Delegations"
],
"summary": "Delete a delegation",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "delegationId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Success",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationModel"
}
}
}
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
}
},
"/api/v2/accounts/{accountId}/identityPrincipals/{identityId}": {
"get": {
"tags": [
"IdentityPrincipals"
],
"summary": "Gets a user principal by identity id.",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "The account id.",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "identityId",
"in": "path",
"description": "The identity id to lookup principal for.",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Returns UserPrincipalModel response",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.IdentityPrincipalModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.IdentityPrincipalModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.IdentityPrincipalModel"
}
}
}
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
}
},
"/api/v2/principals/{principalId}": {
"get": {
"tags": [
"Principals"
],
"summary": "Gets a principal and it's accounts by id.\r\nThis endpoint can only be accessed by an system service.",
"parameters": [
{
"name": "principalId",
"in": "path",
"description": "The principal id to find.",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Returns PrincipalModel response",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.PrincipalModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.PrincipalModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.PrincipalModel"
}
}
}
},
"404": {
"description": "Could not find a principal with the specified id."
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
}
},
"/api/v2/accounts/{accountId}/servicePrincipals/{principalId}": {
"get": {
"tags": [
"ServicePrincipals"
],
"summary": "Get a service principal by principalId and accountId.\r\nThis endpoint can be accessed by an system service,\r\nand an accountOwner of the accountId requested",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "principalId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Returns ServicePrincipalModel response",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalModel"
}
}
}
},
"404": {
"description": "Could not find a service principal with the specified id."
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
},
"put": {
"tags": [
"ServicePrincipals"
],
"summary": "Update a service principal.\r\nThis endpoint can be accessed by an system service\r\nand an accountOwner of the accountId requested",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "principalId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
}
],
"requestBody": {
"description": "",
"content": {
"application/json-patch+json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.UpdateServicePrincipalModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.UpdateServicePrincipalModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.UpdateServicePrincipalModel"
}
},
"application/*+json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.UpdateServicePrincipalModel"
}
}
}
},
"responses": {
"200": {
"description": "Success",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalModel"
}
}
}
},
"201": {
"description": "Updates a ServicePrincipalModel"
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
},
"delete": {
"tags": [
"ServicePrincipals"
],
"summary": "Delete a service principal.\r\nThis endpoint can be accessed by an system service,\r\nand an accountOwner of the accountId requested",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "principalId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Success"
},
"204": {
"description": "Deletes a ServicePrincipalModel"
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
}
},
"/api/v2/accounts/{accountId}/servicePrincipals": {
"get": {
"tags": [
"ServicePrincipals"
],
"summary": "List the service principals of an account.\r\n This endpoint can be accessed by an system service,\r\n and an account Owner of the accountId requested",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "take",
"in": "query",
"description": "",
"schema": {
"type": "integer",
"format": "int32"
}
},
{
"name": "continuationToken",
"in": "query",
"description": "",
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Returns ServicePrincipalListModel response",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalListModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalListModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalListModel"
}
}
}
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
},
"post": {
"tags": [
"ServicePrincipals"
],
"summary": "Create a service principal.\r\nThis endpoint can be accessed by an system service\r\nand an accountOwner of the accountId requested",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
}
],
"requestBody": {
"description": "",
"content": {
"application/json-patch+json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.CreateServicePrincipalModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.CreateServicePrincipalModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.CreateServicePrincipalModel"
}
},
"application/*+json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.CreateServicePrincipalModel"
}
}
}
},
"responses": {
"200": {
"description": "Success",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalModel"
}
}
}
},
"201": {
"description": "Creates a ServicePrincipalModel"
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
}
},
"/api/v2/accounts/{accountId}/servicePrincipals/{principalId}/key": {
"post": {
"tags": [
"ServicePrincipals"
],
"parameters": [
{
"name": "accountId",
"in": "path",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "principalId",
"in": "path",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Success",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.SignatureKey"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.SignatureKey"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.SignatureKey"
}
}
}
}
},
"deprecated": true,
"security": [
{
"oauth2": [
"access"
]
}
]
}
},
"/api/v2/accounts/{accountId}/servicePrincipals/{principalId}/secrets": {
"post": {
"tags": [
"ServicePrincipals"
],
"parameters": [
{
"name": "accountId",
"in": "path",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "principalId",
"in": "path",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Success",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Secrets.SecretsCreatedModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Secrets.SecretsCreatedModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Secrets.SecretsCreatedModel"
}
}
}
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
}
},
"/api/v2/accounts/{accountId}/userPrincipals/{principalId}": {
"get": {
"tags": [
"UserPrincipals"
],
"summary": "Get a principal by principalId and accountId.\r\nThis endpoint can be accessed by an system service,\r\na service that have the same accountId as requested\r\nand an accountOwner of the accountId requested",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "principalId",
"in": "path",
"description": "The principal id as an email to find.",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Returns PrincipalEmailRouteModel response",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.UserPrincipalModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.UserPrincipalModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.UserPrincipalModel"
}
}
}
},
"404": {
"description": "Could not find a user principal with the specified id."
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
},
"put": {
"tags": [
"UserPrincipals"
],
"summary": "Create or update a principal.\r\nThis endpoint can be accessed by an system service,\r\na service that have the same accountId as requested\r\nand an accountOwner of the accountId requested",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "principalId",
"in": "path",
"description": "The principal id as an email to find.",
"required": true,
"schema": {
"type": "string"
}
}
],
"requestBody": {
"description": "",
"content": {
"application/json-patch+json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.CreateOrUpdateUserPrincipalModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.CreateOrUpdateUserPrincipalModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.CreateOrUpdateUserPrincipalModel"
}
},
"application/*+json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.CreateOrUpdateUserPrincipalModel"
}
}
}
},
"responses": {
"200": {
"description": "Success",
"content": {
"text/plain": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.UserPrincipalModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.UserPrincipalModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.UserPrincipalModel"
}
}
}
},
"201": {
"description": "Creates a PrincipalEmailRouteModel"
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
},
"delete": {
"tags": [
"UserPrincipals"
],
"summary": "Delete a user principal.\r\nThis endpoint can be accessed by an system service,\r\na service that have the same accountId as requested\r\nand an accountOwner of the accountId requested",
"parameters": [
{
"name": "accountId",
"in": "path",
"description": "",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "principalId",
"in": "path",
"description": "The principal id as an email to find.",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Success"
},
"204": {
"description": "Deletes a PrincipalEmailRouteModel"
}
},
"security": [
{
"oauth2": [
"access"
]
}
]
}
}
},
"components": {
"schemas": {
"Genetec.SaaS.Iams.PrincipalService.Business.Models.CreateOrUpdateUserPrincipalModel": {
"required": [
"identityId",
"principalState",
"roles"
],
"type": "object",
"properties": {
"identityId": {
"minLength": 1,
"type": "string",
"description": "The id of the identity of the principal."
},
"roles": {
"minItems": 1,
"type": "array",
"items": {
"type": "string"
},
"description": "The role of the principal in the account.",
"example": [
"admin"
]
},
"principalState": {
"minLength": 1,
"type": "string",
"description": "Set the principal state",
"example": "Active"
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.CreateDelegationModel": {
"required": [
"delegatedTo",
"delegator",
"startDateTimeUtc"
],
"type": "object",
"properties": {
"delegatedTo": {
"minLength": 1,
"type": "string"
},
"delegator": {
"minLength": 1,
"type": "string"
},
"startDateTimeUtc": {
"type": "string",
"format": "date-time"
},
"endDateTimeUtc": {
"type": "string",
"format": "date-time",
"nullable": true
},
"comment": {
"maxLength": 300,
"minLength": 0,
"type": "string",
"nullable": true
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationModel": {
"type": "object",
"properties": {
"delegationId": {
"type": "string",
"description": "Unique Id of the delegation",
"nullable": true
},
"delegatedTo": {
"type": "string",
"description": "Identity id of the user receiving the delegation",
"nullable": true
},
"delegator": {
"type": "string",
"description": "Identity id of the user delegating their permissions",
"nullable": true
},
"startDateTimeUtc": {
"type": "string",
"description": "Start date time the delegation takes effect",
"format": "date-time"
},
"endDateTimeUtc": {
"type": "string",
"description": "End date time the delegation takes effect",
"format": "date-time",
"nullable": true
},
"comment": {
"type": "string",
"description": "Comment associated with the delegation",
"nullable": true
},
"ordinal": {
"type": "integer",
"description": "The commit ordinal",
"format": "int64"
},
"isDeleted": {
"type": "boolean",
"description": "Whether the delegation is deleted"
},
"deletedOnUtc": {
"type": "string",
"description": "Date time of the deletion",
"format": "date-time",
"nullable": true
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationsModel": {
"type": "object",
"properties": {
"delegations": {
"type": "array",
"items": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.DelegationModel"
},
"nullable": true
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.Delegation.UpdateDelegationModel": {
"required": [
"ordinal",
"startDateTimeUtc"
],
"type": "object",
"properties": {
"startDateTimeUtc": {
"type": "string",
"format": "date-time"
},
"endDateTimeUtc": {
"type": "string",
"format": "date-time",
"nullable": true
},
"comment": {
"maxLength": 300,
"minLength": 0,
"type": "string",
"nullable": true
},
"ordinal": {
"type": "integer",
"format": "int64"
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.IdentityPrincipalModel": {
"type": "object",
"properties": {
"principalId": {
"type": "string",
"description": "The unique identifier of the principal.",
"nullable": true
},
"accountId": {
"type": "string",
"description": "The accountId of the principal.",
"nullable": true
},
"roles": {
"type": "array",
"items": {
"type": "string"
},
"description": "The roles of the principal.",
"nullable": true
},
"principalState": {
"type": "string",
"description": "Set the principal state",
"nullable": true,
"example": "Active"
},
"principalType": {
"type": "string",
"description": "The role of the principal in the system.",
"nullable": true,
"example": "User"
},
"identityId": {
"type": "string",
"description": "The Id of the Identity linked to the principal.",
"nullable": true
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.PrincipalAccountModel": {
"type": "object",
"properties": {
"accountId": {
"type": "string",
"description": "The unique identifier of the account.",
"nullable": true
},
"accountState": {
"type": "string",
"description": "The state of the account. AVOID using this property.",
"nullable": true,
"example": "Active"
},
"principalState": {
"type": "string",
"description": "The state of the principal within this account.",
"nullable": true,
"example": "Active"
},
"roles": {
"type": "array",
"items": {
"type": "string"
},
"description": "The list of roles of the user in this account.",
"nullable": true
},
"signatureKey": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.SignatureKey"
},
"sharedSecret": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Secrets.SharedSecretModel"
},
"allowedGrantTypes": {
"type": "array",
"items": {
"type": "string"
},
"description": "The allowed grant types for this principal to request a token.",
"nullable": true
},
"identityId": {
"type": "string",
"description": "The identifier of the user in the region",
"nullable": true
},
"ordinal": {
"type": "integer",
"description": "The ordinal of the principal for the account.",
"format": "int64"
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.PrincipalModel": {
"type": "object",
"properties": {
"accounts": {
"type": "array",
"items": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.PrincipalAccountModel"
},
"description": "The accounts which the principal has access.",
"nullable": true
},
"principalId": {
"type": "string",
"description": "The unique identifier of the principal.",
"nullable": true
},
"principalType": {
"type": "string",
"description": "The role of the principal in the system.",
"nullable": true,
"example": "User"
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.Secrets.SecretsCreatedModel": {
"type": "object",
"properties": {
"sharedSecret": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.Secrets.SharedSecretCreatedModel"
},
"jwkSecret": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.SignatureKey"
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.Secrets.SharedSecretCreatedModel": {
"type": "object",
"properties": {
"clientSecret": {
"type": "string",
"description": "The client secret in clear. Save this value because it cannot be obtained afterwards.",
"nullable": true
},
"clientSecretExpiresAt": {
"type": "integer",
"description": "The epoch time at which the client secret will expire. If 0, it means it never expires.",
"format": "int64",
"nullable": true
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.Secrets.SharedSecretModel": {
"type": "object",
"properties": {
"clientSecret": {
"type": "string",
"description": "The client secret hashed.",
"nullable": true
},
"clientSecretExpiresAt": {
"type": "integer",
"description": "The epoch time at which the client secret will expire. If 0, it means it never expires.",
"format": "int64",
"nullable": true
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.CreateServicePrincipalModel": {
"required": [
"name"
],
"type": "object",
"properties": {
"name": {
"maxLength": 50,
"minLength": 1,
"type": "string"
},
"description": {
"maxLength": 100,
"minLength": 0,
"type": "string",
"nullable": true
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalListModel": {
"type": "object",
"properties": {
"services": {
"type": "array",
"items": {
"$ref": "#/components/schemas/Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalModel"
},
"nullable": true
},
"continuationToken": {
"type": "string",
"nullable": true
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.ServicePrincipalModel": {
"type": "object",
"properties": {
"principalId": {
"type": "string",
"description": "The unique identifier of the principal.",
"nullable": true
},
"accountId": {
"type": "string",
"description": "The accountId of the principal.",
"nullable": true
},
"name": {
"type": "string",
"description": "The name of the service principal",
"nullable": true
},
"description": {
"type": "string",
"description": "The description of the service principal",
"nullable": true
},
"eTag": {
"type": "string",
"description": "The version of the service principal. Required for updates.",
"nullable": true
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.SignatureKey": {
"type": "object",
"properties": {
"kid": {
"type": "string",
"description": "SignatureKey identifier.",
"nullable": true
},
"keyType": {
"type": "string",
"description": "The cryptographic algorithm family used with the key.",
"nullable": true
},
"algorithm": {
"type": "string",
"description": "The algorithm intended for use with the key.",
"nullable": true
},
"exponent": {
"type": "string",
"description": "The exponent part of the public key.",
"nullable": true
},
"modulus": {
"type": "string",
"description": "The modulus part of the public key.",
"nullable": true
},
"d": {
"type": "string",
"description": "The D part of the private key.",
"nullable": true
},
"dp": {
"type": "string",
"description": "The DP part of the private key.",
"nullable": true
},
"dq": {
"type": "string",
"description": "The DQ part of the private key.",
"nullable": true
},
"inverseQ": {
"type": "string",
"description": "The InverseQ part of the private key.",
"nullable": true
},
"p": {
"type": "string",
"description": "The P part of the private key.",
"nullable": true
},
"q": {
"type": "string",
"description": "The InverseQ part of the private key.",
"nullable": true
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.ServicePrincipals.UpdateServicePrincipalModel": {
"required": [
"eTag",
"name"
],
"type": "object",
"properties": {
"eTag": {
"minLength": 1,
"type": "string"
},
"name": {
"maxLength": 50,
"minLength": 1,
"type": "string"
},
"description": {
"maxLength": 100,
"minLength": 0,
"type": "string",
"nullable": true
}
},
"additionalProperties": false
},
"Genetec.SaaS.Iams.PrincipalService.Business.Models.UserPrincipalModel": {
"type": "object",
"properties": {
"principalId": {
"type": "string",
"description": "The unique identifier of the principal.",
"nullable": true
},
"accountId": {
"type": "string",
"description": "The accountId of the principal.",
"nullable": true
},
"roles": {
"type": "array",
"items": {
"type": "string"
},
"description": "The roles of the principal.",
"nullable": true
},
"principalState": {
"type": "string",
"description": "Set the principal state",
"nullable": true,
"example": "Active"
},
"identityId": {
"type": "string",
"description": "The Id of the Identity linked to the principal.",
"nullable": true
}
},
"additionalProperties": false
}
},
"securitySchemes": {
"oauth2": {
"type": "oauth2",
"flows": {
"implicit": {
"authorizationUrl": "https://sts-demo.clearid.io/connect/authorize",
"scopes": {
"openid": "openid"
}
}
}
}
}
}
}