Access Control
The following are Autonomous Identity access control endpoints:
- POST /api/userDetails/decisions
-
Get the current entitlement decisions for the user. [Supervisor, Ent Owner, App Owner, Admin]
Endpoint
/api/userDetails/decisionsl
Authorization
<Bearer Token JWT-value>
Param
user=john.doe
Example Request
curl -X GET "https://autoid-api.forgerock.com/api/userDetails/decisions?user=john.doe" \ -H "accept: application/json"
Example Response
{ "decisions": [ { "entitlement": "string", "is_certified": true, "is_revoked": true, "is_processed": true, "is_archived": true, "author": "string", "author_name": "string", "author_type": "string", "reason": "string", "last_updated": "2021-04-14T18:45:46.916Z" } ] }
- POST /api/userDetails/decisions
-
Update entitlement decisions for users. [Supervisor, Ent Owner, App Owner, Admin]
Endpoint
/api/userDetails/decisions
Authorization
<Bearer Token JWT-value>
Body
{ "assignments": [ { "user": "string", "entitlements": [ "string" ] } ], "is_certified": true, "is_revoked": true, "is_requested": true, "is_processed": true, "reason": "string" }
Example Request
curl -X POST "https://autoid-api.forgerock.com/api/userDetails/decisions" \ -H "accept: /" -H "Content-Type: application/json" \ --data-raw '{ "assignments": [ { "user": "string", "entitlements": [ "string" ] } ], "is_certified": true, "is_revoked": true, "is_requested": true, "is_processed": true, "reason": "string" }'
- POST /api/rules/decision
-
Update rule decisions. [Supervisor, Ent Owner, App Owner, Admin]
Endpoint
/api/rules/decision
Authorization
<Bearer Token JWT-value>
Body
{ "rules": [ { "entitlement": "string", "justification": [ "string" ] } ], "is_autocertify": true, "is_autorequest": true, "autocertify_reason": "string", "autorequest_reason": "string" }
Example Request
curl -X POST "https://autoid-api.forgerock.com/api/rules/decision" \ -H "accept: /" -H "Content-Type: application/json" \ --data-raw '{ "rules": [ { "entitlement": "string", "justification": [ "string" ] } ], "is_autocertify": true, "is_autorequest": true, "autocertify_reason": "string", "autorequest_reason": "string" }'