Introduction
The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID.
With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see Working with template versions and Best practices for assigning access in an enterprise.
SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the IBM Cloud SDK Common project on GitHub.
The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the IBM Cloud SDK Common project on GitHub.
The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the IBM Cloud SDK Common project on GitHub.
The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the IBM Cloud SDK Common project on GitHub.
The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the IBM Cloud SDK Common project on GitHub.
Installing the Java SDK
Maven
<dependency>
<groupId>com.ibm.cloud</groupId>
<artifactId>iam-identity</artifactId>
<version>{version}</version>
</dependency>
Gradle
compile 'com.ibm.cloud:iam-identity:{version}'
Replace {version}
in these examples with the release version.
View on GitHub
Installing the Go SDK
Go modules (recommended): Add the following import in your code, and then run go build
or go mod tidy
import (
"github.com/IBM/platform-services-go-sdk/iamidentityv1"
)
go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1
View on GitHub
Installing the Node SDK
npm install @ibm-cloud/platform-services
View on GitHub
Installing the Python SDK
pip install --upgrade "ibm-platform-services"
View on GitHub
Endpoint URLs
The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests.
https://iam.cloud.ibm.com
Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see Creating an endpoint gateway.
- Private endpoint URL for VPC infrastructure:
https://private.iam.cloud.ibm.com
. VPE gateway creation is supported in following datacenters:- Dallas
- Washington
- Frankfurt
If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see Enabling VRF and service endpoints.
- Private endpoint URLs for classic infrastructure. Supported datacenters and urls:
- Dallas:
https://private.us-south.iam.cloud.ibm.com
- Washington DC:
https://private.us-east.iam.cloud.ibm.com
- Frankfurt DC:
https://private.eu-de.iam.cloud.ibm.com
- Dallas:
Example API request
curl -u "apikey:{apikey}" -X {request_method} "https://iam.cloud.ibm.com/{method_endpoint}"
Replace {apikey}
, {request_method}
, and {method_endpoint}
in this example with the values for your particular API call.
Authentication
Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API.
You can generate an access token by first creating an API key and then exchanging your API key for an IBM Cloud IAM token.
Don't have an API key? Try running ibmcloud iam oauth-tokens
in the IBM Cloud Shell to quickly generate a personal access token.
When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways:
- Programmatically by constructing an IAM authenticator instance and supplying your IAM API key
- By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key
In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL.
For more information, see the Authentication section of the IBM Cloud SDK Common documentation.
To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see IAM Identity service.
You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an API key.
The SDK provides initialization methods for each form of authentication.
- Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires.
- Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access.
For more information, see IAM authentication with the SDK.
For more information, see IAM authentication with the SDK.
For more information, see IAM authentication with the SDK.
For more information, see IAM authentication with the SDK.
To retrieve your access token:
curl -X POST "https://iam.cloud.ibm.com/identity/token" --header 'Content-Type: application/x-www-form-urlencoded' --header 'Accept: application/json' --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' --data-urlencode 'apikey=<API_KEY>'
Replace <API_KEY>
with your IAM API key.
Setting client options through external configuration
Example environment variables, where <SERVICE_URL>
is the endpoint URL and <API_KEY>
is your IAM API key
export IAM_IDENTITY_URL=<SERVICE_URL>
export IAM_IDENTITY_AUTHTYPE=iam
export IAM_IDENTITY_APIKEY=<API_KEY>
Example of constructing the service client
import {
"github.com/IBM/platform-services-go-sdk/iamidentityv1"
}
...
serviceClientOptions := &iamidentityv1.IamIdentityV1Options{}
serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions)
Setting client options through external configuration
Example environment variables, where <SERVICE_URL>
is the endpoint URL and <API_KEY>
is your IAM API key
export IAM_IDENTITY_URL=<SERVICE_URL>
export IAM_IDENTITY_AUTHTYPE=iam
export IAM_IDENTITY_APIKEY=<API_KEY>
Example of constructing the service client
import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity;
...
IamIdentity serviceClient = IamIdentity.newInstance();
Setting client options through external configuration
Example environment variables, where <SERVICE_URL>
is the endpoint URL and <API_KEY>
is your IAM API key
export IAM_IDENTITY_URL=<SERVICE_URL>
export IAM_IDENTITY_AUTHTYPE=iam
export IAM_IDENTITY_APIKEY=<API_KEY>
Example of constructing the service client
const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1');
...
const serviceClient = IamIdentityV1.newInstance({});
Setting client options through external configuration
Example environment variables, where <SERVICE_URL>
is the endpoint URL and <API_KEY>
is your IAM API key
export IAM_IDENTITY_URL=<SERVICE_URL>
export IAM_IDENTITY_AUTHTYPE=iam
export IAM_IDENTITY_APIKEY=<API_KEY>
Example of constructing the service client
from ibm_platform_services import IamIdentityV1
...
service_client = IamIdentityV1.new_instance()
Auditing
You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method.
If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see Activity tracking events for IAM.
Error handling
The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A 200
response always indicates success. A 400
type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A 401
or 403
response indicates that the incoming request did not contain valid authentication information. A 500
type response indicates an internal server error that is seen in an unexpected error situation.
The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows:
{
"trace": "9daee671-916a-4678-850b-10b911f0236d",
"errors": [
{
"code": "invalid_access_token",
"message": "The provided access token provided is invalid."
}
]
"status_code": 401
}
If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the Reference
section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format.
The following table show the potential error codes the API might return.
HTTP Error Code | Description | Recovery |
---|---|---|
200 |
Success | The request was successful. |
201 |
Created | The resource was successfully created. |
204 |
No Content | The request was successful. No response body is provided. |
400 |
Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. |
401 |
Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. |
403 |
Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. |
404 |
Not Found | The requested resource can't be found. |
409 |
Conflict | The entity is already in the requested state. |
429 |
Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. |
500 |
Internal error | Error that is seen in an unexpected error situation. |
Additional headers
Some additional headers might be required to make successful requests to the API. Those additional headers are:
An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to Transaction-Id
and the value is anything that you choose.
If there is not a transaction ID that is passed in, then one is generated randomly.
Filtering list results
When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional filter
parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported.
- Supported attribute operators-
sw
- starts withsw_ci
- starts with ingnore case - non SCIM standardew
- ends withew_ci
- ends with ingnore case - non SCIM standardco
- containsco_ci
- contains ingnore case - non SCIM standard
- Supported operators-
and
or
- Grouping operators-
()
- Data Values
-
Text
- Sample
name co "Foo" and description sw "Bar"
Methods
Get API keys for a given service or user IAM ID and account ID
Returns the list of API key details for a given service or user IAM ID and account ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Returns the list of API key details for a given service or user IAM ID and account ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Returns the list of API key details for a given service or user IAM ID and account ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Returns the list of API key details for a given service or user IAM ID and account ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Returns the list of API key details for a given service or user IAM ID and account ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
GET /v1/apikeys
(iamIdentity *IamIdentityV1) ListAPIKeys(listAPIKeysOptions *ListAPIKeysOptions) (result *APIKeyList, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) ListAPIKeysWithContext(ctx context.Context, listAPIKeysOptions *ListAPIKeysOptions) (result *APIKeyList, response *core.DetailedResponse, err error)
ServiceCall<ApiKeyList> listApiKeys(ListApiKeysOptions listApiKeysOptions)
listApiKeys(params)
list_api_keys(
self,
*,
account_id: Optional[str] = None,
iam_id: Optional[str] = None,
pagesize: Optional[int] = None,
pagetoken: Optional[str] = None,
scope: Optional[str] = None,
type: Optional[str] = None,
sort: Optional[str] = None,
order: Optional[str] = None,
include_history: Optional[bool] = None,
filter: Optional[str] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the ListAPIKeysOptions
struct and set the fields to provide parameter values for the ListAPIKeys
method.
Use the ListApiKeysOptions.Builder
to create a ListApiKeysOptions
object that contains the parameter values for the listApiKeys
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Query Parameters
Account ID of the API keys to query. If a service IAM ID is specified in iam_id then account_id must match the account of the IAM ID. If a user IAM ID is specified in iam_id then then account_id must match the account of the Authorization token.
IAM ID of the API keys to be queried. The IAM ID may be that of a user or a service. For a user IAM ID iam_id must match the Authorization token.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
Optional parameter to define the scope of the queried API keys. Can be 'entity' (default) or 'account'.
Allowable values: [
entity
,account
]Default:
entity
Optional parameter to filter the type of the queried API keys. Can be 'user' or 'serviceid'.
Allowable values: [
user
,serviceid
]Optional sort property, valid values are name, description, created_at and created_by. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The ListAPIKeys options.
Account ID of the API keys to query. If a service IAM ID is specified in iam_id then account_id must match the account of the IAM ID. If a user IAM ID is specified in iam_id then then account_id must match the account of the Authorization token.
IAM ID of the API keys to be queried. The IAM ID may be that of a user or a service. For a user IAM ID iam_id must match the Authorization token.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
Optional parameter to define the scope of the queried API keys. Can be 'entity' (default) or 'account'.
Allowable values: [
entity
,account
]Default:
entity
Optional parameter to filter the type of the queried API keys. Can be 'user' or 'serviceid'.
Allowable values: [
user
,serviceid
]Optional sort property, valid values are name, description, created_at and created_by. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
The listApiKeys options.
Account ID of the API keys to query. If a service IAM ID is specified in iam_id then account_id must match the account of the IAM ID. If a user IAM ID is specified in iam_id then then account_id must match the account of the Authorization token.
IAM ID of the API keys to be queried. The IAM ID may be that of a user or a service. For a user IAM ID iam_id must match the Authorization token.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
Optional parameter to define the scope of the queried API keys. Can be 'entity' (default) or 'account'.
Allowable values: [
entity
,account
]Default:
entity
Optional parameter to filter the type of the queried API keys. Can be 'user' or 'serviceid'.
Allowable values: [
user
,serviceid
]Optional sort property, valid values are name, description, created_at and created_by. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
parameters
Account ID of the API keys to query. If a service IAM ID is specified in iam_id then account_id must match the account of the IAM ID. If a user IAM ID is specified in iam_id then then account_id must match the account of the Authorization token.
IAM ID of the API keys to be queried. The IAM ID may be that of a user or a service. For a user IAM ID iam_id must match the Authorization token.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
Optional parameter to define the scope of the queried API keys. Can be 'entity' (default) or 'account'.
Allowable values: [
entity
,account
]Default:
entity
Optional parameter to filter the type of the queried API keys. Can be 'user' or 'serviceid'.
Allowable values: [
user
,serviceid
]Optional sort property, valid values are name, description, created_at and created_by. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
parameters
Account ID of the API keys to query. If a service IAM ID is specified in iam_id then account_id must match the account of the IAM ID. If a user IAM ID is specified in iam_id then then account_id must match the account of the Authorization token.
IAM ID of the API keys to be queried. The IAM ID may be that of a user or a service. For a user IAM ID iam_id must match the Authorization token.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
Optional parameter to define the scope of the queried API keys. Can be 'entity' (default) or 'account'.
Allowable values: [
entity
,account
]Default:
entity
Optional parameter to filter the type of the queried API keys. Can be 'user' or 'serviceid'.
Allowable values: [
user
,serviceid
]Optional sort property, valid values are name, description, created_at and created_by. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
curl -X GET "https://iam.cloud.ibm.com/v1/apikeys?account_id=ACCOUNT_ID&iam_id=IBMid-123WEREW" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json"
listAPIKeysOptions := iamIdentityService.NewListAPIKeysOptions() listAPIKeysOptions.SetAccountID(accountID) listAPIKeysOptions.SetIamID(iamID) listAPIKeysOptions.SetIncludeHistory(true) apiKeyList, response, err := iamIdentityService.ListAPIKeys(listAPIKeysOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(apiKeyList, "", " ") fmt.Println(string(b))
ListApiKeysOptions listApiKeysOptions = new ListApiKeysOptions.Builder() .accountId(accountId) .iamId(iamId) .includeHistory(true) .build(); Response<ApiKeyList> response = identityservice.listApiKeys(listApiKeysOptions).execute(); ApiKeyList apiKeyList = response.getResult(); System.out.println(apiKeyList);
const params = { accountId: accountId, iamId: iamId, includeHistory: true, }; try { const res = await iamIdentityService.listApiKeys(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
api_key_list = iam_identity_service.list_api_keys( account_id=account_id, iam_id=iam_id, include_history=True ).get_result() print(json.dumps(api_key_list, indent=2))
Response
Response body format for the List API keys V1 REST request.
List of API keys based on the query paramters and the page size. The apikeys array is always part of the response but might be empty depending on the query parameters values provided.
Context with key properties for problem determination.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
Response body format for the List API keys V1 REST request.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
List of API keys based on the query paramters and the page size. The apikeys array is always part of the response but might be empty depending on the query parameters values provided.
- Apikeys
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for the List API keys V1 REST request.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
List of API keys based on the query paramters and the page size. The apikeys array is always part of the response but might be empty depending on the query parameters values provided.
- apikeys
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for the List API keys V1 REST request.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
List of API keys based on the query paramters and the page size. The apikeys array is always part of the response but might be empty depending on the query parameters values provided.
- apikeys
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for the List API keys V1 REST request.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
List of API keys based on the query paramters and the page size. The apikeys array is always part of the response but might be empty depending on the query parameters values provided.
- apikeys
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Status Code
Successful operation.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
User iam_id or account_id does not match Authorization token, service ID of the IAM ID not found.
Internal Server error.
{ "limit": 1, "first": "https://iam.cloud.ibm.com/v1/apikeys?pagetoken=PageToken", "next": "https://iam.cloud.ibm.com/v1/apikeys?pagetoken=PageToken", "apikeys": { "id": "ApiKey-fffc06c0-f3fd-49e5-82b5-b9dec9a3c47c", "entity_tag": "3-5c26819c7a9df67ac5d51c5761e1ac8a", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::apikey:ApiKey-fffc06c0-f3fd-49e5-82b5-b9dec9a3c47c", "locked": false, "disabled": false, "created_at": "2020-09-28T17:49+0000", "created_by": "IBMid-110000AB1Z", "modified_at": "2020-09-28T17:49+0000", "support_sessions": false, "action_when_leaked": "none", "name": "apikeyNew", "description": "test", "iam_id": "IBMid-110000AB1Z", "account_id": "100abcde100a41abc100aza678abc0zz" } }
{ "limit": 1, "first": "https://iam.cloud.ibm.com/v1/apikeys?pagetoken=PageToken", "next": "https://iam.cloud.ibm.com/v1/apikeys?pagetoken=PageToken", "apikeys": { "id": "ApiKey-fffc06c0-f3fd-49e5-82b5-b9dec9a3c47c", "entity_tag": "3-5c26819c7a9df67ac5d51c5761e1ac8a", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::apikey:ApiKey-fffc06c0-f3fd-49e5-82b5-b9dec9a3c47c", "locked": false, "disabled": false, "created_at": "2020-09-28T17:49+0000", "created_by": "IBMid-110000AB1Z", "modified_at": "2020-09-28T17:49+0000", "support_sessions": false, "action_when_leaked": "none", "name": "apikeyNew", "description": "test", "iam_id": "IBMid-110000AB1Z", "account_id": "100abcde100a41abc100aza678abc0zz" } }
Create an API key
Creates an API key for a UserID or service ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Creates an API key for a UserID or service ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Creates an API key for a UserID or service ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Creates an API key for a UserID or service ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Creates an API key for a UserID or service ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
POST /v1/apikeys
(iamIdentity *IamIdentityV1) CreateAPIKey(createAPIKeyOptions *CreateAPIKeyOptions) (result *APIKey, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) CreateAPIKeyWithContext(ctx context.Context, createAPIKeyOptions *CreateAPIKeyOptions) (result *APIKey, response *core.DetailedResponse, err error)
ServiceCall<ApiKey> createApiKey(CreateApiKeyOptions createApiKeyOptions)
createApiKey(params)
create_api_key(
self,
name: str,
iam_id: str,
*,
description: Optional[str] = None,
account_id: Optional[str] = None,
apikey: Optional[str] = None,
store_value: Optional[bool] = None,
support_sessions: Optional[bool] = None,
action_when_leaked: Optional[str] = None,
entity_lock: Optional[str] = None,
entity_disable: Optional[str] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the CreateAPIKeyOptions
struct and set the fields to provide parameter values for the CreateAPIKey
method.
Use the CreateApiKeyOptions.Builder
to create a CreateApiKeyOptions
object that contains the parameter values for the createApiKey
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Indicates if the API key is locked for further write operations. False by default.
Default:
false
Indicates if the API key is disabled. False by default.
Default:
false
Request to create an API key.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
The iam_id that this API key authenticates.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The account ID of the API key.
You can optionally passthrough the API key value for this API key. If passed, a minimum length validation of 32 characters for that apiKey value is done, i.e. the value can contain any characters and can even be non-URL safe, but the minimum length requirement must be met. If omitted, the API key management will create an URL safe opaque API key value. The value of the API key is checked for uniqueness. Ensure enough variations when passing in this value.
Send true or false to set whether the API key value is retrievable in the future by using the Get details of an API key request. If you create an API key for a user, you must specify
false
or omit the value. We don't allow storing of API keys for users.Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The CreateAPIKey options.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
The iam_id that this API key authenticates.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The account ID of the API key.
You can optionally passthrough the API key value for this API key. If passed, a minimum length validation of 32 characters for that apiKey value is done, i.e. the value can contain any characters and can even be non-URL safe, but the minimum length requirement must be met. If omitted, the API key management will create an URL safe opaque API key value. The value of the API key is checked for uniqueness. Ensure enough variations when passing in this value.
Send true or false to set whether the API key value is retrievable in the future by using the Get details of an API key request. If you create an API key for a user, you must specify
false
or omit the value. We don't allow storing of API keys for users.Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
Indicates if the API key is locked for further write operations. False by default.
Default:
false
Indicates if the API key is disabled. False by default.
Default:
false
The createApiKey options.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
The iam_id that this API key authenticates.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The account ID of the API key.
You can optionally passthrough the API key value for this API key. If passed, a minimum length validation of 32 characters for that apiKey value is done, i.e. the value can contain any characters and can even be non-URL safe, but the minimum length requirement must be met. If omitted, the API key management will create an URL safe opaque API key value. The value of the API key is checked for uniqueness. Ensure enough variations when passing in this value.
Send true or false to set whether the API key value is retrievable in the future by using the Get details of an API key request. If you create an API key for a user, you must specify
false
or omit the value. We don't allow storing of API keys for users.Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
Indicates if the API key is locked for further write operations. False by default.
Default:
false
Indicates if the API key is disabled. False by default.
Default:
false
parameters
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
The iam_id that this API key authenticates.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The account ID of the API key.
You can optionally passthrough the API key value for this API key. If passed, a minimum length validation of 32 characters for that apiKey value is done, i.e. the value can contain any characters and can even be non-URL safe, but the minimum length requirement must be met. If omitted, the API key management will create an URL safe opaque API key value. The value of the API key is checked for uniqueness. Ensure enough variations when passing in this value.
Send true or false to set whether the API key value is retrievable in the future by using the Get details of an API key request. If you create an API key for a user, you must specify
false
or omit the value. We don't allow storing of API keys for users.Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
Indicates if the API key is locked for further write operations. False by default.
Default:
false
Indicates if the API key is disabled. False by default.
Default:
false
parameters
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
The iam_id that this API key authenticates.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The account ID of the API key.
You can optionally passthrough the API key value for this API key. If passed, a minimum length validation of 32 characters for that apiKey value is done, i.e. the value can contain any characters and can even be non-URL safe, but the minimum length requirement must be met. If omitted, the API key management will create an URL safe opaque API key value. The value of the API key is checked for uniqueness. Ensure enough variations when passing in this value.
Send true or false to set whether the API key value is retrievable in the future by using the Get details of an API key request. If you create an API key for a user, you must specify
false
or omit the value. We don't allow storing of API keys for users.Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
Indicates if the API key is locked for further write operations. False by default.
Default:
false
Indicates if the API key is disabled. False by default.
Default:
false
curl -X POST "https://iam.cloud.ibm.com/v1/apikeys" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json" --data '{ "name": "My-apikey", "description": "my personal key", "iam_id": "IBMid-123WEREW", "account_id": "ACCOUNT_ID", "store_value": false }'
createAPIKeyOptions := iamIdentityService.NewCreateAPIKeyOptions(apikeyName, iamID) createAPIKeyOptions.SetDescription("Example ApiKey") apiKey, response, err := iamIdentityService.CreateAPIKey(createAPIKeyOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(apiKey, "", " ") fmt.Println(string(b)) apikeyID = *apiKey.ID
CreateApiKeyOptions createApiKeyOptions = new CreateApiKeyOptions.Builder() .name(apiKeyName) .iamId(iamId) .description("Example ApiKey") .build(); Response<ApiKey> response = identityservice.createApiKey(createApiKeyOptions).execute(); ApiKey apiKey = response.getResult(); apikeyId = apiKey.getId(); System.out.println(apiKey);
const params = { name: apikeyName, iamId: iamId, description: 'Example ApiKey', }; try { const res = await iamIdentityService.createApiKey(params); apikeyId = res.result.id console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
api_key = iam_identity_service.create_api_key(name=apikey_name, iam_id=iam_id).get_result() print(json.dumps(api_key, indent=2))
Response
Response body format for API key V1 REST requests.
Unique identifier of this API Key.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'
The API key cannot be changed if set to true.
IAM ID of the user or service which created the API key.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
Context with key properties for problem determination.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
History of the API key.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Status Code
API key successfully created. Response if the Object could be created in the persistence layer.
Parameter validation failed. Response if required parameters are missing or if parameter values are invalid.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Create Conflict - API key could not be created. Response if the Object could not be created in the persistence layer.
Internal Server error. Response if unexpected error situation. happened.
{ "id": "ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "entity_tag": "1-b4053b5d441613fdad4ff3c28db3e7cc", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::apikey:ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "locked": false, "disabled": false, "created_at": "2020-11-10T12:28+0000", "created_by": "IBMid-110000AB1Z", "modified_at": "2020-11-10T12:28+0000", "support_sessions": false, "action_when_leaked": "none", "name": "apikey-test", "description": "apikey-test", "iam_id": "IBMid-110000AB1Z", "account_id": "100abcde100a41abc100aza678abc0zz", "apikey": "created_apikey" }
{ "id": "ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "entity_tag": "1-b4053b5d441613fdad4ff3c28db3e7cc", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::apikey:ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "locked": false, "disabled": false, "created_at": "2020-11-10T12:28+0000", "created_by": "IBMid-110000AB1Z", "modified_at": "2020-11-10T12:28+0000", "support_sessions": false, "action_when_leaked": "none", "name": "apikey-test", "description": "apikey-test", "iam_id": "IBMid-110000AB1Z", "account_id": "100abcde100a41abc100aza678abc0zz", "apikey": "created_apikey" }
Get details of an API key by its value.
Returns the details of an API key by its value. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Returns the details of an API key by its value. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Returns the details of an API key by its value. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Returns the details of an API key by its value. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Returns the details of an API key by its value. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
GET /v1/apikeys/details
(iamIdentity *IamIdentityV1) GetAPIKeysDetails(getAPIKeysDetailsOptions *GetAPIKeysDetailsOptions) (result *APIKey, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) GetAPIKeysDetailsWithContext(ctx context.Context, getAPIKeysDetailsOptions *GetAPIKeysDetailsOptions) (result *APIKey, response *core.DetailedResponse, err error)
ServiceCall<ApiKey> getApiKeysDetails(GetApiKeysDetailsOptions getApiKeysDetailsOptions)
getApiKeysDetails(params)
get_api_keys_details(
self,
*,
iam_api_key: Optional[str] = None,
include_history: Optional[bool] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the GetAPIKeysDetailsOptions
struct and set the fields to provide parameter values for the GetAPIKeysDetails
method.
Use the GetApiKeysDetailsOptions.Builder
to create a GetApiKeysDetailsOptions
object that contains the parameter values for the getApiKeysDetails
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
API key value.
Query Parameters
Defines if the entity history is included in the response.
Default:
false
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The GetAPIKeysDetails options.
API key value.
Defines if the entity history is included in the response.
Default:
false
The getApiKeysDetails options.
API key value.
Defines if the entity history is included in the response.
Default:
false
parameters
API key value.
Defines if the entity history is included in the response.
Default:
false
parameters
API key value.
Defines if the entity history is included in the response.
Default:
false
curl -X GET "https://iam.cloud.ibm.com/v1/apikeys/details" --header "Authorization: Bearer $TOKEN" --header "IAM-Apikey: APIKEY_VALUE" --header "Content-Type: application/json"
getAPIKeysDetailsOptions := iamIdentityService.NewGetAPIKeysDetailsOptions() getAPIKeysDetailsOptions.SetIamAPIKey(iamAPIKey) getAPIKeysDetailsOptions.SetIncludeHistory(false) apiKey, response, err := iamIdentityService.GetAPIKeysDetails(getAPIKeysDetailsOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(apiKey, "", " ") fmt.Println(string(b))
GetApiKeysDetailsOptions getApiKeysDetailsOptions = new GetApiKeysDetailsOptions.Builder() .iamApiKey(iamApiKey) .includeHistory(false) .build(); Response<ApiKey> response = identityservice.getApiKeysDetails(getApiKeysDetailsOptions).execute(); ApiKey apiKey = response.getResult(); System.out.println(apiKey);
const params = { iamApiKey: iamApikey, includeHistory: false, }; try { const res = await iamIdentityService.getApiKeysDetails(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
api_key = iam_identity_service.get_api_keys_details(iam_api_key=apikey).get_result() print(json.dumps(api_key, indent=2))
Response
Response body format for API key V1 REST requests.
Unique identifier of this API Key.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'
The API key cannot be changed if set to true.
IAM ID of the user or service which created the API key.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
Context with key properties for problem determination.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
History of the API key.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Status Code
Successful Get of API key details.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
API key not found.
Internal Server error.
{ "id": "ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "entity_tag": "1-b4053b5d441613fdad4ff3c28db3e7cc", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::apikey:ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "locked": false, "disabled": false, "created_at": "2020-11-10T12:28+0000", "created_by": "IBMid-110000AB1Z", "modified_at": "2020-11-10T12:28+0000", "support_sessions": false, "action_when_leaked": "none", "name": "apikey-test", "description": "apikey-test", "iam_id": "IBMid-110000AB1Z", "account_id": "100abcde100a41abc100aza678abc0zz" }
{ "id": "ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "entity_tag": "1-b4053b5d441613fdad4ff3c28db3e7cc", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::apikey:ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "locked": false, "disabled": false, "created_at": "2020-11-10T12:28+0000", "created_by": "IBMid-110000AB1Z", "modified_at": "2020-11-10T12:28+0000", "support_sessions": false, "action_when_leaked": "none", "name": "apikey-test", "description": "apikey-test", "iam_id": "IBMid-110000AB1Z", "account_id": "100abcde100a41abc100aza678abc0zz" }
Get details of an API key
Returns the details of an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Returns the details of an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Returns the details of an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Returns the details of an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Returns the details of an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
GET /v1/apikeys/{id}
(iamIdentity *IamIdentityV1) GetAPIKey(getAPIKeyOptions *GetAPIKeyOptions) (result *APIKey, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) GetAPIKeyWithContext(ctx context.Context, getAPIKeyOptions *GetAPIKeyOptions) (result *APIKey, response *core.DetailedResponse, err error)
ServiceCall<ApiKey> getApiKey(GetApiKeyOptions getApiKeyOptions)
getApiKey(params)
get_api_key(
self,
id: str,
*,
include_history: Optional[bool] = None,
include_activity: Optional[bool] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the GetAPIKeyOptions
struct and set the fields to provide parameter values for the GetAPIKey
method.
Use the GetApiKeyOptions.Builder
to create a GetApiKeyOptions
object that contains the parameter values for the getApiKey
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
Unique ID of the API key.
Query Parameters
Defines if the entity history is included in the response.
Default:
false
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The GetAPIKey options.
Unique ID of the API key.
Defines if the entity history is included in the response.
Default:
false
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
The getApiKey options.
Unique ID of the API key.
Defines if the entity history is included in the response.
Default:
false
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
parameters
Unique ID of the API key.
Defines if the entity history is included in the response.
Default:
false
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
parameters
Unique ID of the API key.
Defines if the entity history is included in the response.
Default:
false
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
curl -X GET "https://iam.cloud.ibm.com/v1/apikeys/APIKEY_UNIQUE_ID" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json"
getAPIKeyOptions := iamIdentityService.NewGetAPIKeyOptions(apikeyID) getAPIKeyOptions.SetIncludeHistory(false) getAPIKeyOptions.SetIncludeActivity(false) apiKey, response, err := iamIdentityService.GetAPIKey(getAPIKeyOptions) if err != nil { panic(err) } apikeyEtag = response.GetHeaders().Get("Etag") b, _ := json.MarshalIndent(apiKey, "", " ") fmt.Println(string(b))
GetApiKeyOptions getApiKeyOptions = new GetApiKeyOptions.Builder() .id(apikeyId) .includeHistory(true) .includeActivity(true) .build(); Response<ApiKey> response = identityservice.getApiKey(getApiKeyOptions).execute(); ApiKey apiKey = response.getResult(); apikeyEtag = response.getHeaders().values("Etag").get(0); System.out.println(apiKey);
const params = { id: apikeyId, includeActivity: true, }; try { const res = await iamIdentityService.getApiKey(params); apikeyEtag = res.headers['etag']; console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = iam_identity_service.get_api_key( id=apikey_id, include_activity=True, ) api_key = response.get_result() print(json.dumps(api_key, indent=2))
Response
Response body format for API key V1 REST requests.
Unique identifier of this API Key.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'
The API key cannot be changed if set to true.
IAM ID of the user or service which created the API key.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
Context with key properties for problem determination.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
History of the API key.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Status Code
Successful Get of API key.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
API key with provided ID not found.
Internal Server error.
{ "id": "ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "entity_tag": "1-b4053b5d441613fdad4ff3c28db3e7cc", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::apikey:ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "locked": false, "disabled": false, "created_at": "2020-11-10T12:28+0000", "created_by": "IBMid-110000AB1Z", "modified_at": "2020-11-10T12:28+0000", "support_sessions": false, "action_when_leaked": "none", "name": "apikey-test", "description": "apikey-test", "iam_id": "IBMid-110000AB1Z", "account_id": "100abcde100a41abc100aza678abc0zz" }
{ "id": "ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "entity_tag": "1-b4053b5d441613fdad4ff3c28db3e7cc", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::apikey:ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "locked": false, "disabled": false, "created_at": "2020-11-10T12:28+0000", "created_by": "IBMid-110000AB1Z", "modified_at": "2020-11-10T12:28+0000", "support_sessions": false, "action_when_leaked": "none", "name": "apikey-test", "description": "apikey-test", "iam_id": "IBMid-110000AB1Z", "account_id": "100abcde100a41abc100aza678abc0zz" }
Updates an API key
Updates properties of an API key. This does NOT affect existing access tokens. Their token content will stay unchanged until the access token is refreshed. To update an API key, pass the property to be modified. To delete one property's value, pass the property with an empty value "". Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Updates properties of an API key. This does NOT affect existing access tokens. Their token content will stay unchanged until the access token is refreshed. To update an API key, pass the property to be modified. To delete one property's value, pass the property with an empty value "". Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Updates properties of an API key. This does NOT affect existing access tokens. Their token content will stay unchanged until the access token is refreshed. To update an API key, pass the property to be modified. To delete one property's value, pass the property with an empty value "". Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Updates properties of an API key. This does NOT affect existing access tokens. Their token content will stay unchanged until the access token is refreshed. To update an API key, pass the property to be modified. To delete one property's value, pass the property with an empty value "". Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Updates properties of an API key. This does NOT affect existing access tokens. Their token content will stay unchanged until the access token is refreshed. To update an API key, pass the property to be modified. To delete one property's value, pass the property with an empty value "". Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
PUT /v1/apikeys/{id}
(iamIdentity *IamIdentityV1) UpdateAPIKey(updateAPIKeyOptions *UpdateAPIKeyOptions) (result *APIKey, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) UpdateAPIKeyWithContext(ctx context.Context, updateAPIKeyOptions *UpdateAPIKeyOptions) (result *APIKey, response *core.DetailedResponse, err error)
ServiceCall<ApiKey> updateApiKey(UpdateApiKeyOptions updateApiKeyOptions)
updateApiKey(params)
update_api_key(
self,
id: str,
if_match: str,
*,
name: Optional[str] = None,
description: Optional[str] = None,
support_sessions: Optional[bool] = None,
action_when_leaked: Optional[str] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the UpdateAPIKeyOptions
struct and set the fields to provide parameter values for the UpdateAPIKey
method.
Use the UpdateApiKeyOptions.Builder
to create a UpdateApiKeyOptions
object that contains the parameter values for the updateApiKey
method.
Custom Headers
Version of the API key to be updated. Specify the version that you retrieved when reading the API key. This value helps identifying parallel usage of this API. Pass * to indicate to update any version available. This might result in stale updates.
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
Unique ID of the API key to be updated.
Request to update an API key.
The name of the API key to update. If specified in the request the parameter must not be empty. The name is not checked for uniqueness. Failure to this will result in an Error condition.
The description of the API key to update. If specified an empty description will clear the description of the API key. If a non empty value is provided the API key will be updated.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The UpdateAPIKey options.
Unique ID of the API key to be updated.
Version of the API key to be updated. Specify the version that you retrieved when reading the API key. This value helps identifying parallel usage of this API. Pass * to indicate to update any version available. This might result in stale updates.
The name of the API key to update. If specified in the request the parameter must not be empty. The name is not checked for uniqueness. Failure to this will result in an Error condition.
The description of the API key to update. If specified an empty description will clear the description of the API key. If a non empty value is provided the API key will be updated.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The updateApiKey options.
Unique ID of the API key to be updated.
Version of the API key to be updated. Specify the version that you retrieved when reading the API key. This value helps identifying parallel usage of this API. Pass * to indicate to update any version available. This might result in stale updates.
The name of the API key to update. If specified in the request the parameter must not be empty. The name is not checked for uniqueness. Failure to this will result in an Error condition.
The description of the API key to update. If specified an empty description will clear the description of the API key. If a non empty value is provided the API key will be updated.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
parameters
Unique ID of the API key to be updated.
Version of the API key to be updated. Specify the version that you retrieved when reading the API key. This value helps identifying parallel usage of this API. Pass * to indicate to update any version available. This might result in stale updates.
The name of the API key to update. If specified in the request the parameter must not be empty. The name is not checked for uniqueness. Failure to this will result in an Error condition.
The description of the API key to update. If specified an empty description will clear the description of the API key. If a non empty value is provided the API key will be updated.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
parameters
Unique ID of the API key to be updated.
Version of the API key to be updated. Specify the version that you retrieved when reading the API key. This value helps identifying parallel usage of this API. Pass * to indicate to update any version available. This might result in stale updates.
The name of the API key to update. If specified in the request the parameter must not be empty. The name is not checked for uniqueness. Failure to this will result in an Error condition.
The description of the API key to update. If specified an empty description will clear the description of the API key. If a non empty value is provided the API key will be updated.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
curl -X PUT "https://iam.cloud.ibm.com/v1/apikeys/APIKEY_UNIQUE_ID" --header "Authorization: Bearer $TOKEN" --header "If-Match: <value of etag header from GET request>" --header "Content-Type: application/json" --data '{ "name": "My-apikey", "description": "my personal key" }'
updateAPIKeyOptions := iamIdentityService.NewUpdateAPIKeyOptions(apikeyID, apikeyEtag) updateAPIKeyOptions.SetDescription("This is an updated description") apiKey, response, err := iamIdentityService.UpdateAPIKey(updateAPIKeyOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(apiKey, "", " ") fmt.Println(string(b))
UpdateApiKeyOptions updateApiKeyOptions = new UpdateApiKeyOptions.Builder() .id(apikeyId) .ifMatch(apikeyEtag) .description("This is an updated description") .build(); Response<ApiKey> response = identityservice.updateApiKey(updateApiKeyOptions).execute(); ApiKey apiKey = response.getResult(); System.out.println(apiKey);
const params = { id: apikeyId, ifMatch: apikeyEtag, description: 'This is an updated description', }; try { const res = await iamIdentityService.updateApiKey(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
api_key = iam_identity_service.update_api_key( id=apikey_id, if_match=apikey_etag, description='This is an updated description' ).get_result() print(json.dumps(api_key, indent=2))
Response
Response body format for API key V1 REST requests.
Unique identifier of this API Key.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'
The API key cannot be changed if set to true.
IAM ID of the user or service which created the API key.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
Context with key properties for problem determination.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
History of the API key.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for API key V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Status Code
Successful - API key updated.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
API key with provided parameters not found.
Conflict - there must have been an update in parallel, the specified If-Match header does not match the current API key record. Retrieve the current API key again and apply the changes to that version.
Internal Server error.
{ "id": "ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "entity_tag": "2-cc66d399c705d12b439f1992a465fd5b", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::apikey:ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "locked": false, "disabled": false, "created_at": "2020-11-10T12:28+0000", "created_by": "IBMid-110000AB1Z", "modified_at": "2020-11-10T13:45+0000", "support_sessions": false, "action_when_leaked": "none", "name": "Apikey-test1", "description": "Apikey-test1", "iam_id": "IBMid-110000AB1Z", "account_id": "100abcde100a41abc100aza678abc0zz" }
{ "id": "ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "entity_tag": "2-cc66d399c705d12b439f1992a465fd5b", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::apikey:ApiKey-5ccff000-9ff1-4481-a760-29c22a7603e7", "locked": false, "disabled": false, "created_at": "2020-11-10T12:28+0000", "created_by": "IBMid-110000AB1Z", "modified_at": "2020-11-10T13:45+0000", "support_sessions": false, "action_when_leaked": "none", "name": "Apikey-test1", "description": "Apikey-test1", "iam_id": "IBMid-110000AB1Z", "account_id": "100abcde100a41abc100aza678abc0zz" }
Deletes an API key
Deletes an API key. Existing tokens will remain valid until expired. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Deletes an API key. Existing tokens will remain valid until expired. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Deletes an API key. Existing tokens will remain valid until expired. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Deletes an API key. Existing tokens will remain valid until expired. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Deletes an API key. Existing tokens will remain valid until expired. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
DELETE /v1/apikeys/{id}
(iamIdentity *IamIdentityV1) DeleteAPIKey(deleteAPIKeyOptions *DeleteAPIKeyOptions) (response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) DeleteAPIKeyWithContext(ctx context.Context, deleteAPIKeyOptions *DeleteAPIKeyOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> deleteApiKey(DeleteApiKeyOptions deleteApiKeyOptions)
deleteApiKey(params)
delete_api_key(
self,
id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the DeleteAPIKeyOptions
struct and set the fields to provide parameter values for the DeleteAPIKey
method.
Use the DeleteApiKeyOptions.Builder
to create a DeleteApiKeyOptions
object that contains the parameter values for the deleteApiKey
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
Unique ID of the API key.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The DeleteAPIKey options.
Unique ID of the API key.
The deleteApiKey options.
Unique ID of the API key.
parameters
Unique ID of the API key.
parameters
Unique ID of the API key.
curl -X DELETE "https://iam.cloud.ibm.com/v1/apikeys/APIKEY_UNIQUE_ID" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json"
deleteAPIKeyOptions := iamIdentityService.NewDeleteAPIKeyOptions(apikeyID) response, err := iamIdentityService.DeleteAPIKey(deleteAPIKeyOptions) if err != nil { panic(err) }
DeleteApiKeyOptions deleteApiKeyOptions = new DeleteApiKeyOptions.Builder() .id(apikeyId) .build(); Response<Void> response = identityservice.deleteApiKey(deleteApiKeyOptions).execute();
const params = { id: apikeyId, }; try { await iamIdentityService.deleteApiKey(params); } catch (err) { console.warn(err); }
response = iam_identity_service.delete_api_key(id=apikey_id)
Response
Status Code
Deleted Successful - no further details.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
API key with given ID not found.
Conflict - ApiKey could not be deleted.
Internal Server error.
No Sample Response
Lock the API key
Locks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Locks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Locks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Locks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Locks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
POST /v1/apikeys/{id}/lock
(iamIdentity *IamIdentityV1) LockAPIKey(lockAPIKeyOptions *LockAPIKeyOptions) (response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) LockAPIKeyWithContext(ctx context.Context, lockAPIKeyOptions *LockAPIKeyOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> lockApiKey(LockApiKeyOptions lockApiKeyOptions)
lockApiKey(params)
lock_api_key(
self,
id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the LockAPIKeyOptions
struct and set the fields to provide parameter values for the LockAPIKey
method.
Use the LockApiKeyOptions.Builder
to create a LockApiKeyOptions
object that contains the parameter values for the lockApiKey
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
Unique ID of the API key.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The LockAPIKey options.
Unique ID of the API key.
The lockApiKey options.
Unique ID of the API key.
parameters
Unique ID of the API key.
parameters
Unique ID of the API key.
curl -X POST "https://iam.cloud.ibm.com/v1/apikeys/APIKEY_UNIQUE_ID/lock" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json"
lockAPIKeyOptions := iamIdentityService.NewLockAPIKeyOptions(apikeyID) response, err := iamIdentityService.LockAPIKey(lockAPIKeyOptions) if err != nil { panic(err) }
LockApiKeyOptions lockApiKeyOptions = new LockApiKeyOptions.Builder() .id(apikeyId) .build(); Response<Void> response = identityservice.lockApiKey(lockApiKeyOptions).execute();
const params = { id: apikeyId, }; try { await iamIdentityService.lockApiKey(params); } catch (err) { console.warn(err); }
response = iam_identity_service.lock_api_key(id=apikey_id)
Response
Status Code
Successful locked.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
API key with provided ID not found.
Internal Server error.
No Sample Response
Unlock the API key
Unlocks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Unlocks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Unlocks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Unlocks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Unlocks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
DELETE /v1/apikeys/{id}/lock
(iamIdentity *IamIdentityV1) UnlockAPIKey(unlockAPIKeyOptions *UnlockAPIKeyOptions) (response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) UnlockAPIKeyWithContext(ctx context.Context, unlockAPIKeyOptions *UnlockAPIKeyOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> unlockApiKey(UnlockApiKeyOptions unlockApiKeyOptions)
unlockApiKey(params)
unlock_api_key(
self,
id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the UnlockAPIKeyOptions
struct and set the fields to provide parameter values for the UnlockAPIKey
method.
Use the UnlockApiKeyOptions.Builder
to create a UnlockApiKeyOptions
object that contains the parameter values for the unlockApiKey
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
Unique ID of the API key.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The UnlockAPIKey options.
Unique ID of the API key.
The unlockApiKey options.
Unique ID of the API key.
parameters
Unique ID of the API key.
parameters
Unique ID of the API key.
curl -X DELETE "https://iam.cloud.ibm.com/v1/apikeys/APIKEY_UNIQUE_ID/lock" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json"
unlockAPIKeyOptions := iamIdentityService.NewUnlockAPIKeyOptions(apikeyID) response, err := iamIdentityService.UnlockAPIKey(unlockAPIKeyOptions) if err != nil { panic(err) }
UnlockApiKeyOptions unlockApiKeyOptions = new UnlockApiKeyOptions.Builder() .id(apikeyId) .build(); Response<Void> response = identityservice.unlockApiKey(unlockApiKeyOptions).execute();
const params = { id: apikeyId, }; try { await iamIdentityService.unlockApiKey(params); } catch (err) { console.warn(err); }
response = iam_identity_service.unlock_api_key(id=apikey_id)
Response
Status Code
Successful unlocked.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
API key with provided ID not found.
Internal Server error.
No Sample Response
Disable the API key
Disable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Disable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Disable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Disable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Disable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
POST /v1/apikeys/{id}/disable
(iamIdentity *IamIdentityV1) DisableAPIKey(disableAPIKeyOptions *DisableAPIKeyOptions) (response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) DisableAPIKeyWithContext(ctx context.Context, disableAPIKeyOptions *DisableAPIKeyOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> disableApiKey(DisableApiKeyOptions disableApiKeyOptions)
disableApiKey(params)
disable_api_key(
self,
id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the DisableAPIKeyOptions
struct and set the fields to provide parameter values for the DisableAPIKey
method.
Use the DisableApiKeyOptions.Builder
to create a DisableApiKeyOptions
object that contains the parameter values for the disableApiKey
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
Unique ID of the API key.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The DisableAPIKey options.
Unique ID of the API key.
The disableApiKey options.
Unique ID of the API key.
parameters
Unique ID of the API key.
parameters
Unique ID of the API key.
curl -X POST 'https://iam.cloud.ibm.com/v1/apikeys/APIKEY_UNIQUE_ID/disable' -H 'Authorization: Bearer TOKEN' -H 'Content-Type: application/json'
disableAPIKeyOptions := iamIdentityService.NewDisableAPIKeyOptions(apikeyID) response, err := iamIdentityService.DisableAPIKey(disableAPIKeyOptions) if err != nil { panic(err) }
DisableApiKeyOptions disableApiKeyOptions = new DisableApiKeyOptions.Builder() .id(apikeyId) .build(); Response<Void> response = identityservice.disableApiKey(disableApiKeyOptions).execute();
const params = { id: apikeyId, }; try { await iamIdentityService.disableApiKey(params); } catch (err) { console.warn(err); }
response = iam_identity_service.disable_api_key(id=apikey_id)
Response
Status Code
Successful disable.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
API key with provided ID not found.
Internal Server error.
No Sample Response
Enable the API key
Enable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Enable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Enable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Enable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Enable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
DELETE /v1/apikeys/{id}/disable
(iamIdentity *IamIdentityV1) EnableAPIKey(enableAPIKeyOptions *EnableAPIKeyOptions) (response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) EnableAPIKeyWithContext(ctx context.Context, enableAPIKeyOptions *EnableAPIKeyOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> enableApiKey(EnableApiKeyOptions enableApiKeyOptions)
enableApiKey(params)
enable_api_key(
self,
id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the EnableAPIKeyOptions
struct and set the fields to provide parameter values for the EnableAPIKey
method.
Use the EnableApiKeyOptions.Builder
to create a EnableApiKeyOptions
object that contains the parameter values for the enableApiKey
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
Unique ID of the API key.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The EnableAPIKey options.
Unique ID of the API key.
The enableApiKey options.
Unique ID of the API key.
parameters
Unique ID of the API key.
parameters
Unique ID of the API key.
curl -X DELETE 'https://iam.cloud.ibm.com/v1/apikeys/APIKEY_UNIQUE_ID/disable' -H 'Authorization: Bearer TOKEN' -H 'Content-Type: application/json'
enableAPIKeyOptions := iamIdentityService.NewEnableAPIKeyOptions(apikeyID) response, err := iamIdentityService.EnableAPIKey(enableAPIKeyOptions) if err != nil { panic(err) }
EnableApiKeyOptions enableApiKeyOptions = new EnableApiKeyOptions.Builder() .id(apikeyId) .build(); Response<Void> response = identityservice.enableApiKey(enableApiKeyOptions).execute();
const params = { id: apikeyId, }; try { await iamIdentityService.enableApiKey(params); } catch (err) { console.warn(err); }
response = iam_identity_service.enable_api_key(id=apikey_id)
Response
Status Code
Successful enable.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
API key with provided ID not found.
Internal Server error.
No Sample Response
List service IDs
Returns a list of service IDs. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an api key.
Returns a list of service IDs. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an api key.
Returns a list of service IDs. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an api key.
Returns a list of service IDs. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an api key.
Returns a list of service IDs. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an api key.
GET /v1/serviceids/
(iamIdentity *IamIdentityV1) ListServiceIds(listServiceIdsOptions *ListServiceIdsOptions) (result *ServiceIDList, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) ListServiceIdsWithContext(ctx context.Context, listServiceIdsOptions *ListServiceIdsOptions) (result *ServiceIDList, response *core.DetailedResponse, err error)
ServiceCall<ServiceIdList> listServiceIds(ListServiceIdsOptions listServiceIdsOptions)
listServiceIds(params)
list_service_ids(
self,
*,
account_id: Optional[str] = None,
name: Optional[str] = None,
pagesize: Optional[int] = None,
pagetoken: Optional[str] = None,
sort: Optional[str] = None,
order: Optional[str] = None,
include_history: Optional[bool] = None,
filter: Optional[str] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the ListServiceIdsOptions
struct and set the fields to provide parameter values for the ListServiceIds
method.
Use the ListServiceIdsOptions.Builder
to create a ListServiceIdsOptions
object that contains the parameter values for the listServiceIds
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Query Parameters
Account ID of the service ID(s) to query. This parameter is required (unless using a pagetoken).
Name of the service ID(s) to query. Optional.20 items per page. Valid range is 1 to 100.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
Optional sort property, valid values are name, description, created_at and modified_at. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The ListServiceIds options.
Account ID of the service ID(s) to query. This parameter is required (unless using a pagetoken).
Name of the service ID(s) to query. Optional.20 items per page. Valid range is 1 to 100.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
Optional sort property, valid values are name, description, created_at and modified_at. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
The listServiceIds options.
Account ID of the service ID(s) to query. This parameter is required (unless using a pagetoken).
Name of the service ID(s) to query. Optional.20 items per page. Valid range is 1 to 100.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
Optional sort property, valid values are name, description, created_at and modified_at. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
parameters
Account ID of the service ID(s) to query. This parameter is required (unless using a pagetoken).
Name of the service ID(s) to query. Optional.20 items per page. Valid range is 1 to 100.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
Optional sort property, valid values are name, description, created_at and modified_at. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
parameters
Account ID of the service ID(s) to query. This parameter is required (unless using a pagetoken).
Name of the service ID(s) to query. Optional.20 items per page. Valid range is 1 to 100.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
Optional sort property, valid values are name, description, created_at and modified_at. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
curl -X GET "https://iam.cloud.ibm.com/v1/serviceids?account_id=ACCOUNT_ID&name=My-serviceID" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json"
listServiceIdsOptions := iamIdentityService.NewListServiceIdsOptions() listServiceIdsOptions.SetAccountID(accountID) listServiceIdsOptions.SetName(serviceIDName) serviceIDList, response, err := iamIdentityService.ListServiceIds(listServiceIdsOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(serviceIDList, "", " ") fmt.Println(string(b))
ListServiceIdsOptions listServiceIdsOptions = new ListServiceIdsOptions.Builder() .accountId(accountId) .name(serviceIdName) .build(); Response<ServiceIdList> response = identityservice.listServiceIds(listServiceIdsOptions).execute(); ServiceIdList serviceIdList = response.getResult(); System.out.println(serviceIdList);
const params = { accountId: accountId, name: serviceIdName, }; try { const res = await iamIdentityService.listServiceIds(params) console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
service_id_list = iam_identity_service.list_service_ids( account_id=account_id, name=serviceid_name ).get_result() print(json.dumps(service_id_list, indent=2))
Response
Response body format for the list service ID V1 REST request.
List of service IDs based on the query paramters and the page size. The service IDs array is always part of the response but might be empty depending on the query parameter values provided.
Context with key properties for problem determination.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
Response body format for the list service ID V1 REST request.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
List of service IDs based on the query paramters and the page size. The service IDs array is always part of the response but might be empty depending on the query parameter values provided.
- Serviceids
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- Apikey
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for the list service ID V1 REST request.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
List of service IDs based on the query paramters and the page size. The service IDs array is always part of the response but might be empty depending on the query parameter values provided.
- serviceids
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- apikey
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for the list service ID V1 REST request.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
List of service IDs based on the query paramters and the page size. The service IDs array is always part of the response but might be empty depending on the query parameter values provided.
- serviceids
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- apikey
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for the list service ID V1 REST request.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
List of service IDs based on the query paramters and the page size. The service IDs array is always part of the response but might be empty depending on the query parameter values provided.
- serviceids
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- apikey
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Status Code
Successful response. No further actions.
Parameter validation failed. Response if required parameters are missing or if parameter values are invalid.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Internal Server error. Response if unexpected error situation happened.
{ "offset": 0, "limit": 1, "first": "https://iam.cloud.ibm.com/v1/serviceids?account_id=accountId", "next": "https://iam.cloud.ibm.com/v1/serviceids?pagetoken=pageToken", "serviceids": { "id": "ServiceId-ee1103f8-e03b-4d02-a977-e540ebdffb16", "iam_id": "iam-ServiceId-ee1103f8-e03b-4d02-a977-e540ebdffb16", "entity_tag": "3-c46d2fd21b701adf7eb67cfd1a498fde", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::serviceid:ServiceId-ee1103f8-e03b-4d02-a977-e540ebdffb16", "locked": false, "created_at": "2020-10-16T10:36+0000", "modified_at": "2020-10-16T10:36+0000", "account_id": "100abcde100a41abc100aza678abc0zz", "name": "serviceId-test", "description": "serviceId-test", "unique_instance_crns": [] } }
{ "offset": 0, "limit": 1, "first": "https://iam.cloud.ibm.com/v1/serviceids?account_id=accountId", "next": "https://iam.cloud.ibm.com/v1/serviceids?pagetoken=pageToken", "serviceids": { "id": "ServiceId-ee1103f8-e03b-4d02-a977-e540ebdffb16", "iam_id": "iam-ServiceId-ee1103f8-e03b-4d02-a977-e540ebdffb16", "entity_tag": "3-c46d2fd21b701adf7eb67cfd1a498fde", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::serviceid:ServiceId-ee1103f8-e03b-4d02-a977-e540ebdffb16", "locked": false, "created_at": "2020-10-16T10:36+0000", "modified_at": "2020-10-16T10:36+0000", "account_id": "100abcde100a41abc100aza678abc0zz", "name": "serviceId-test", "description": "serviceId-test", "unique_instance_crns": [] } }
Create a service ID
Creates a service ID for an IBM Cloud account. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Creates a service ID for an IBM Cloud account. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Creates a service ID for an IBM Cloud account. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Creates a service ID for an IBM Cloud account. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Creates a service ID for an IBM Cloud account. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
POST /v1/serviceids/
(iamIdentity *IamIdentityV1) CreateServiceID(createServiceIDOptions *CreateServiceIDOptions) (result *ServiceID, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) CreateServiceIDWithContext(ctx context.Context, createServiceIDOptions *CreateServiceIDOptions) (result *ServiceID, response *core.DetailedResponse, err error)
ServiceCall<ServiceId> createServiceId(CreateServiceIdOptions createServiceIdOptions)
createServiceId(params)
create_service_id(
self,
account_id: str,
name: str,
*,
description: Optional[str] = None,
unique_instance_crns: Optional[List[str]] = None,
apikey: Optional['ApiKeyInsideCreateServiceIdRequest'] = None,
entity_lock: Optional[str] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the CreateServiceIDOptions
struct and set the fields to provide parameter values for the CreateServiceID
method.
Use the CreateServiceIdOptions.Builder
to create a CreateServiceIdOptions
object that contains the parameter values for the createServiceId
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Indicates if the service ID is locked for further write operations. False by default.
Default:
false
Request to create a service ID.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
Parameters for the API key in the Create service Id V1 REST request.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The CreateServiceID options.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
Parameters for the API key in the Create service Id V1 REST request.
- Apikey
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
You can optionally passthrough the API key value for this API key. If passed, a minimum length validation of 32 characters for that apiKey value is done, i.e. the value can contain any characters and can even be non-URL safe, but the minimum length requirement must be met. If omitted, the API key management will create an URL safe opaque API key value. The value of the API key is checked for uniqueness. Ensure enough variations when passing in this value.
Send true or false to set whether the API key value is retrievable in the future by using the Get details of an API key request. If you create an API key for a user, you must specify
false
or omit the value. We don't allow storing of API keys for users.
Indicates if the service ID is locked for further write operations. False by default.
Default:
false
The createServiceId options.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
Parameters for the API key in the Create service Id V1 REST request.
- apikey
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
You can optionally passthrough the API key value for this API key. If passed, a minimum length validation of 32 characters for that apiKey value is done, i.e. the value can contain any characters and can even be non-URL safe, but the minimum length requirement must be met. If omitted, the API key management will create an URL safe opaque API key value. The value of the API key is checked for uniqueness. Ensure enough variations when passing in this value.
Send true or false to set whether the API key value is retrievable in the future by using the Get details of an API key request. If you create an API key for a user, you must specify
false
or omit the value. We don't allow storing of API keys for users.
Indicates if the service ID is locked for further write operations. False by default.
Default:
false
parameters
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
Parameters for the API key in the Create service Id V1 REST request.
- apikey
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
You can optionally passthrough the API key value for this API key. If passed, a minimum length validation of 32 characters for that apiKey value is done, i.e. the value can contain any characters and can even be non-URL safe, but the minimum length requirement must be met. If omitted, the API key management will create an URL safe opaque API key value. The value of the API key is checked for uniqueness. Ensure enough variations when passing in this value.
Send true or false to set whether the API key value is retrievable in the future by using the Get details of an API key request. If you create an API key for a user, you must specify
false
or omit the value. We don't allow storing of API keys for users.
Indicates if the service ID is locked for further write operations. False by default.
Default:
false
parameters
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
Parameters for the API key in the Create service Id V1 REST request.
- apikey
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
You can optionally passthrough the API key value for this API key. If passed, a minimum length validation of 32 characters for that apiKey value is done, i.e. the value can contain any characters and can even be non-URL safe, but the minimum length requirement must be met. If omitted, the API key management will create an URL safe opaque API key value. The value of the API key is checked for uniqueness. Ensure enough variations when passing in this value.
Send true or false to set whether the API key value is retrievable in the future by using the Get details of an API key request. If you create an API key for a user, you must specify
false
or omit the value. We don't allow storing of API keys for users.
Indicates if the service ID is locked for further write operations. False by default.
Default:
false
curl -X POST "https://iam.cloud.ibm.com/v1/serviceids" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json" --data '{ "name": "My-serviceID", "description": "my special service ID", "account_id": "ACCOUNT_ID" }'
createServiceIDOptions := iamIdentityService.NewCreateServiceIDOptions(accountID, serviceIDName) createServiceIDOptions.SetDescription("Example ServiceId") serviceID, response, err := iamIdentityService.CreateServiceID(createServiceIDOptions) if err != nil { panic(err) } svcID = *serviceID.ID b, _ := json.MarshalIndent(serviceID, "", " ") fmt.Println(string(b))
CreateServiceIdOptions createServiceIdOptions = new CreateServiceIdOptions.Builder() .accountId(accountId) .name(serviceIdName) .description("Example ServiceId") .build(); Response<ServiceId> response = identityservice.createServiceId(createServiceIdOptions).execute(); ServiceId serviceId = response.getResult(); svcId = serviceId.getId(); System.out.println(serviceId);
const params = { accountId: accountId, name: serviceIdName, description: 'Example ServiceId', }; try { const res = await iamIdentityService.createServiceId(params); svcId = res.result.id; console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
service_id = iam_identity_service.create_service_id( account_id=account_id, name=serviceid_name, description='Example ServiceId' ).get_result() print(json.dumps(service_id, indent=2))
Response
Response body format for service ID V1 REST requests.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
Context with key properties for problem determination.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
Response body format for API key V1 REST requests.
Response body format for service ID V1 REST requests.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- Apikey
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for service ID V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- apikey
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for service ID V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- apikey
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for service ID V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- apikey
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Status Code
Service ID successfully created.
Parameter validation failed. Response if required parameters are missing or if parameter values are invalid.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Create Conflict - service ID could not be created. Response if the Object could not be created in the persistence layer.
Internal Server error. Response if unexpected error situation happened.
{ "id": "ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "iam_id": "iam-ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "entity_tag": "1-b5edc4362f94fb1fa5f009467b1db039", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::serviceid:ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "locked": false, "created_at": "2020-11-10T14:05+0000", "modified_at": "2020-11-10T14:05+0000", "account_id": "100abcde100a41abc100aza678abc0zz", "name": "New-serviceID", "description": "New-serviceID-desc", "unique_instance_crns": [] }
{ "id": "ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "iam_id": "iam-ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "entity_tag": "1-b5edc4362f94fb1fa5f009467b1db039", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::serviceid:ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "locked": false, "created_at": "2020-11-10T14:05+0000", "modified_at": "2020-11-10T14:05+0000", "account_id": "100abcde100a41abc100aza678abc0zz", "name": "New-serviceID", "description": "New-serviceID-desc", "unique_instance_crns": [] }
Get details of a service ID
Returns the details of a service ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an api key.
Returns the details of a service ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an api key.
Returns the details of a service ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an api key.
Returns the details of a service ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an api key.
Returns the details of a service ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an api key.
GET /v1/serviceids/{id}
(iamIdentity *IamIdentityV1) GetServiceID(getServiceIDOptions *GetServiceIDOptions) (result *ServiceID, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) GetServiceIDWithContext(ctx context.Context, getServiceIDOptions *GetServiceIDOptions) (result *ServiceID, response *core.DetailedResponse, err error)
ServiceCall<ServiceId> getServiceId(GetServiceIdOptions getServiceIdOptions)
getServiceId(params)
get_service_id(
self,
id: str,
*,
include_history: Optional[bool] = None,
include_activity: Optional[bool] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the GetServiceIDOptions
struct and set the fields to provide parameter values for the GetServiceID
method.
Use the GetServiceIdOptions.Builder
to create a GetServiceIdOptions
object that contains the parameter values for the getServiceId
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
Unique ID of the service ID.
Query Parameters
Defines if the entity history is included in the response.
Default:
false
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The GetServiceID options.
Unique ID of the service ID.
Defines if the entity history is included in the response.
Default:
false
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
The getServiceId options.
Unique ID of the service ID.
Defines if the entity history is included in the response.
Default:
false
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
parameters
Unique ID of the service ID.
Defines if the entity history is included in the response.
Default:
false
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
parameters
Unique ID of the service ID.
Defines if the entity history is included in the response.
Default:
false
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
curl -X GET "https://iam.cloud.ibm.com/v1/serviceids/SERVICE_ID_UNIQUE_ID" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json"
getServiceIDOptions := iamIdentityService.NewGetServiceIDOptions(svcID) getServiceIDOptions.SetIncludeActivity(false) serviceID, response, err := iamIdentityService.GetServiceID(getServiceIDOptions) if err != nil { panic(err) } svcIDEtag = response.GetHeaders().Get("Etag") b, _ := json.MarshalIndent(serviceID, "", " ") fmt.Println(string(b))
GetServiceIdOptions getServiceIdOptions = new GetServiceIdOptions.Builder() .id(svcId) .includeActivity(false) .build(); Response<ServiceId> response = identityservice.getServiceId(getServiceIdOptions).execute(); ServiceId serviceId = response.getResult(); svcIdEtag = response.getHeaders().values("Etag").get(0); System.out.println(serviceId);
const params = { id: svcId, includeActivity: true, }; try { const res = await iamIdentityService.getServiceId(params) svcIdEtag = res.headers['etag']; console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = iam_identity_service.get_service_id( id=svc_id, include_history=True, include_activity=True, ) service_id = response.get_result() print(json.dumps(service_id, indent=2))
Response
Response body format for service ID V1 REST requests.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
Context with key properties for problem determination.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
Response body format for API key V1 REST requests.
Response body format for service ID V1 REST requests.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- Apikey
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for service ID V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- apikey
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for service ID V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- apikey
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for service ID V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- apikey
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Status Code
Successful response. No further actions.
Parameter validation failed. Response if required parameters are missing or if parameter values are invalid.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
service ID with provided ID not found.
Internal Server error. Response if unexpected error situation happened.
{ "id": "ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "iam_id": "iam-ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "entity_tag": "1-b5edc4362f94fb1fa5f009467b1db039", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::serviceid:ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "locked": false, "created_at": "2020-11-10T14:05+0000", "modified_at": "2020-11-10T14:05+0000", "account_id": "100abcde100a41abc100aza678abc0zz", "name": "New-serviceID", "description": "New-serviceID-desc", "unique_instance_crns": [] }
{ "id": "ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "iam_id": "iam-ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "entity_tag": "1-b5edc4362f94fb1fa5f009467b1db039", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::serviceid:ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "locked": false, "created_at": "2020-11-10T14:05+0000", "modified_at": "2020-11-10T14:05+0000", "account_id": "100abcde100a41abc100aza678abc0zz", "name": "New-serviceID", "description": "New-serviceID-desc", "unique_instance_crns": [] }
Update service ID
Updates properties of a service ID. This does NOT affect existing access tokens. Their token content will stay unchanged until the access token is refreshed. To update a service ID, pass the property to be modified. To delete one property's value, pass the property with an empty value "".Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an apikey.
Updates properties of a service ID. This does NOT affect existing access tokens. Their token content will stay unchanged until the access token is refreshed. To update a service ID, pass the property to be modified. To delete one property's value, pass the property with an empty value "".Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an apikey.
Updates properties of a service ID. This does NOT affect existing access tokens. Their token content will stay unchanged until the access token is refreshed. To update a service ID, pass the property to be modified. To delete one property's value, pass the property with an empty value "".Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an apikey.
Updates properties of a service ID. This does NOT affect existing access tokens. Their token content will stay unchanged until the access token is refreshed. To update a service ID, pass the property to be modified. To delete one property's value, pass the property with an empty value "".Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an apikey.
Updates properties of a service ID. This does NOT affect existing access tokens. Their token content will stay unchanged until the access token is refreshed. To update a service ID, pass the property to be modified. To delete one property's value, pass the property with an empty value "".Users can manage user API keys for themself, or service ID API keys for service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID with an apikey.
PUT /v1/serviceids/{id}
(iamIdentity *IamIdentityV1) UpdateServiceID(updateServiceIDOptions *UpdateServiceIDOptions) (result *ServiceID, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) UpdateServiceIDWithContext(ctx context.Context, updateServiceIDOptions *UpdateServiceIDOptions) (result *ServiceID, response *core.DetailedResponse, err error)
ServiceCall<ServiceId> updateServiceId(UpdateServiceIdOptions updateServiceIdOptions)
updateServiceId(params)
update_service_id(
self,
id: str,
if_match: str,
*,
name: Optional[str] = None,
description: Optional[str] = None,
unique_instance_crns: Optional[List[str]] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the UpdateServiceIDOptions
struct and set the fields to provide parameter values for the UpdateServiceID
method.
Use the UpdateServiceIdOptions.Builder
to create a UpdateServiceIdOptions
object that contains the parameter values for the updateServiceId
method.
Custom Headers
Version of the service ID to be updated. Specify the version that you retrieved as entity_tag (ETag header) when reading the service ID. This value helps identifying parallel usage of this API. Pass * to indicate to update any version available. This might result in stale updates.
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
Unique ID of the service ID to be updated.
Request to update a service ID.
The name of the service ID to update. If specified in the request the parameter must not be empty. The name is not checked for uniqueness. Failure to this will result in an Error condition.
The description of the service ID to update. If specified an empty description will clear the description of the service ID. If an non empty value is provided the service ID will be updated.
List of CRNs which point to the services connected to this service ID. If specified an empty list will clear all existing unique instance crns of the service ID.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The UpdateServiceID options.
Unique ID of the service ID to be updated.
Version of the service ID to be updated. Specify the version that you retrieved as entity_tag (ETag header) when reading the service ID. This value helps identifying parallel usage of this API. Pass * to indicate to update any version available. This might result in stale updates.
The name of the service ID to update. If specified in the request the parameter must not be empty. The name is not checked for uniqueness. Failure to this will result in an Error condition.
The description of the service ID to update. If specified an empty description will clear the description of the service ID. If an non empty value is provided the service ID will be updated.
List of CRNs which point to the services connected to this service ID. If specified an empty list will clear all existing unique instance crns of the service ID.
The updateServiceId options.
Unique ID of the service ID to be updated.
Version of the service ID to be updated. Specify the version that you retrieved as entity_tag (ETag header) when reading the service ID. This value helps identifying parallel usage of this API. Pass * to indicate to update any version available. This might result in stale updates.
The name of the service ID to update. If specified in the request the parameter must not be empty. The name is not checked for uniqueness. Failure to this will result in an Error condition.
The description of the service ID to update. If specified an empty description will clear the description of the service ID. If an non empty value is provided the service ID will be updated.
List of CRNs which point to the services connected to this service ID. If specified an empty list will clear all existing unique instance crns of the service ID.
parameters
Unique ID of the service ID to be updated.
Version of the service ID to be updated. Specify the version that you retrieved as entity_tag (ETag header) when reading the service ID. This value helps identifying parallel usage of this API. Pass * to indicate to update any version available. This might result in stale updates.
The name of the service ID to update. If specified in the request the parameter must not be empty. The name is not checked for uniqueness. Failure to this will result in an Error condition.
The description of the service ID to update. If specified an empty description will clear the description of the service ID. If an non empty value is provided the service ID will be updated.
List of CRNs which point to the services connected to this service ID. If specified an empty list will clear all existing unique instance crns of the service ID.
parameters
Unique ID of the service ID to be updated.
Version of the service ID to be updated. Specify the version that you retrieved as entity_tag (ETag header) when reading the service ID. This value helps identifying parallel usage of this API. Pass * to indicate to update any version available. This might result in stale updates.
The name of the service ID to update. If specified in the request the parameter must not be empty. The name is not checked for uniqueness. Failure to this will result in an Error condition.
The description of the service ID to update. If specified an empty description will clear the description of the service ID. If an non empty value is provided the service ID will be updated.
List of CRNs which point to the services connected to this service ID. If specified an empty list will clear all existing unique instance crns of the service ID.
curl -X PUT "https://iam.cloud.ibm.com/v1/serviceids/SERVICE_ID_UNIQUE_ID" --header "Authorization: Bearer $TOKEN" --header "If-Match: <value of etag header from GET request>" --header "Content-Type: application/json" --data '{ "name": "My-super-secret-serviceid", "description": "super secret service ID" }'
updateServiceIDOptions := iamIdentityService.NewUpdateServiceIDOptions(svcID, svcIDEtag) updateServiceIDOptions.SetDescription("This is an updated description") serviceID, response, err := iamIdentityService.UpdateServiceID(updateServiceIDOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(serviceID, "", " ") fmt.Println(string(b))
UpdateServiceIdOptions updateServiceIdOptions = new UpdateServiceIdOptions.Builder() .id(svcId) .ifMatch(svcIdEtag) .description("This is an updated description") .build(); Response<ServiceId> response = identityservice.updateServiceId(updateServiceIdOptions).execute(); ServiceId serviceId = response.getResult(); System.out.println(serviceId);
const params = { id: svcId, ifMatch: svcIdEtag, description: 'This is an updated description', }; try { const res = await iamIdentityService.updateServiceId(params) console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
service_id = iam_identity_service.update_service_id( id=svc_id, if_match=svc_id_etag, description='This is an updated description' ).get_result() print(json.dumps(service_id, indent=2))
Response
Response body format for service ID V1 REST requests.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
Context with key properties for problem determination.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
Response body format for API key V1 REST requests.
Response body format for service ID V1 REST requests.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- Apikey
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for service ID V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- apikey
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for service ID V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- apikey
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for service ID V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this Service Id.
Cloud wide identifier for identities of this service ID.
Version of the service ID details object. You need to specify this value when updating the service ID to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::serviceid:1234-5678-9012'.
The service ID cannot be changed if set to true.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the account the service ID belongs to.
Name of the Service Id. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the Service Id.
The optional description of the Service Id. The 'description' property is only available if a description was provided during a create of a Service Id.
Optional list of CRNs (string array) which point to the services connected to the service ID.
History of the Service ID.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
Response body format for API key V1 REST requests.
- apikey
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Unique identifier of this API Key.
Version of the API Key details object. You need to specify this value when updating the API key to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::apikey:1234-9012-5678'.
The API key cannot be changed if set to true.
Defines if API key is disabled, API key cannot be used if 'disabled' is set to true.
If set contains a date time string of the creation date in ISO format.
IAM ID of the user or service which created the API key.
If set contains a date time string of the last modification date in ISO format.
Name of the API key. The name is not checked for uniqueness. Therefore multiple names with the same value can exist. Access is done via the UUID of the API key.
Defines whether you can manage CLI login sessions for the API key. When
true
, sessions are created and can be reviewed or revoked. Whenfalse
, no sessions are tracked. To block access, delete or rotate the API key. Available only for user API keys.Defines the action to take when API key is leaked, valid values are 'none', 'disable' and 'delete'.
The optional description of the API key. The 'description' property is only available if a description was provided during a create of an API key.
The iam_id that this API key authenticates.
ID of the account that this API key authenticates for.
The API key value. This property only contains the API key value for the following cases: create an API key, update a service ID API key that stores the API key value as retrievable, or get a service ID API key that stores the API key value as retrievable. All other operations don't return the API key value, for example all user API key related operations, except for create, don't contain the API key value.
History of the API key.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Status Code
Successful - service ID updated.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Service ID with provided parameters not found
Conflict - there must have been an update in parallel, the specified If-Match header does not match the current service ID record. Retrieve the current service ID again and apply the changes to that version.
Internal Server error.
{ "id": "ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "iam_id": "iam-ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "entity_tag": "2-6dd669bd2257898957b2d117ec93e730", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::serviceid:ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "locked": false, "created_at": "2020-11-10T14:05+0000", "modified_at": "2020-11-10T14:13+0000", "account_id": "100abcde100a41abc100aza678abc0zz", "name": "New-serviceID-updated", "description": "New-serviceID-desc-updated", "unique_instance_crns": [] }
{ "id": "ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "iam_id": "iam-ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "entity_tag": "2-6dd669bd2257898957b2d117ec93e730", "crn": "crn:v1:bluemix:public:iam-identity::a/100abcde100a41abc100aza678abc0zz::serviceid:ServiceId-cb36c9a9-778f-4985-a398-dbec6523054a", "locked": false, "created_at": "2020-11-10T14:05+0000", "modified_at": "2020-11-10T14:13+0000", "account_id": "100abcde100a41abc100aza678abc0zz", "name": "New-serviceID-updated", "description": "New-serviceID-desc-updated", "unique_instance_crns": [] }
Deletes a service ID and associated API keys
Deletes a service ID and all API keys associated to it. Before deleting the service ID, all associated API keys are deleted. In case a Delete Conflict (status code 409) a retry of the request may help as the service ID is only deleted if the associated API keys were successfully deleted before. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Deletes a service ID and all API keys associated to it. Before deleting the service ID, all associated API keys are deleted. In case a Delete Conflict (status code 409) a retry of the request may help as the service ID is only deleted if the associated API keys were successfully deleted before. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Deletes a service ID and all API keys associated to it. Before deleting the service ID, all associated API keys are deleted. In case a Delete Conflict (status code 409) a retry of the request may help as the service ID is only deleted if the associated API keys were successfully deleted before. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Deletes a service ID and all API keys associated to it. Before deleting the service ID, all associated API keys are deleted. In case a Delete Conflict (status code 409) a retry of the request may help as the service ID is only deleted if the associated API keys were successfully deleted before. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Deletes a service ID and all API keys associated to it. Before deleting the service ID, all associated API keys are deleted. In case a Delete Conflict (status code 409) a retry of the request may help as the service ID is only deleted if the associated API keys were successfully deleted before. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
DELETE /v1/serviceids/{id}
(iamIdentity *IamIdentityV1) DeleteServiceID(deleteServiceIDOptions *DeleteServiceIDOptions) (response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) DeleteServiceIDWithContext(ctx context.Context, deleteServiceIDOptions *DeleteServiceIDOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> deleteServiceId(DeleteServiceIdOptions deleteServiceIdOptions)
deleteServiceId(params)
delete_service_id(
self,
id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the DeleteServiceIDOptions
struct and set the fields to provide parameter values for the DeleteServiceID
method.
Use the DeleteServiceIdOptions.Builder
to create a DeleteServiceIdOptions
object that contains the parameter values for the deleteServiceId
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
Unique ID of the service ID.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The DeleteServiceID options.
Unique ID of the service ID.
The deleteServiceId options.
Unique ID of the service ID.
parameters
Unique ID of the service ID.
parameters
Unique ID of the service ID.
curl -X DELETE "https://iam.cloud.ibm.com/v1/serviceids/SERVICE_ID_UNIQUE_ID" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json"
deleteServiceIDOptions := iamIdentityService.NewDeleteServiceIDOptions(svcID) response, err := iamIdentityService.DeleteServiceID(deleteServiceIDOptions) if err != nil { panic(err) }
DeleteServiceIdOptions deleteServiceIdOptions = new DeleteServiceIdOptions.Builder() .id(svcId) .build(); Response<Void> response = identityservice.deleteServiceId(deleteServiceIdOptions).execute();
const params = { id: svcId, }; try { await iamIdentityService.deleteServiceId(params) } catch (err) { console.warn(err); }
response = iam_identity_service.delete_service_id(id=svc_id)
Response
Status Code
service ID successfully deleted. Response if the Object was successfully deleted from the persistence layer.
The service ID is locked.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
service ID with provided ID not found.
Delete Conflict - service ID could not be deleted. Response if the Object could not be deleted from the persistence layer.
Internal Server error. Response if unexpected error situation happened.
No Sample Response
Lock the service ID
Locks a service ID by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Locks a service ID by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Locks a service ID by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Locks a service ID by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Locks a service ID by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
POST /v1/serviceids/{id}/lock
(iamIdentity *IamIdentityV1) LockServiceID(lockServiceIDOptions *LockServiceIDOptions) (response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) LockServiceIDWithContext(ctx context.Context, lockServiceIDOptions *LockServiceIDOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> lockServiceId(LockServiceIdOptions lockServiceIdOptions)
lockServiceId(params)
lock_service_id(
self,
id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the LockServiceIDOptions
struct and set the fields to provide parameter values for the LockServiceID
method.
Use the LockServiceIdOptions.Builder
to create a LockServiceIdOptions
object that contains the parameter values for the lockServiceId
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
Unique ID of the service ID.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The LockServiceID options.
Unique ID of the service ID.
The lockServiceId options.
Unique ID of the service ID.
parameters
Unique ID of the service ID.
parameters
Unique ID of the service ID.
curl -X POST "https://iam.cloud.ibm.com/v1/serviceids/SERVICE_ID_UNIQUE_ID/lock" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json"
lockServiceIDOptions := iamIdentityService.NewLockServiceIDOptions(svcID) response, err := iamIdentityService.LockServiceID(lockServiceIDOptions) if err != nil { panic(err) }
LockServiceIdOptions lockServiceIdOptions = new LockServiceIdOptions.Builder() .id(svcId) .build(); Response<Void> response = identityservice.lockServiceId(lockServiceIdOptions).execute();
const params = { id: svcId, }; try { await iamIdentityService.lockServiceId(params); } catch (err) { console.warn(err); }
response = iam_identity_service.lock_service_id(id=svc_id)
Response
Status Code
Successful locked.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Service ID with provided uuid not found.
Internal Server error.
No Sample Response
Unlock the service ID
Unlocks a service ID by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Unlocks a service ID by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Unlocks a service ID by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Unlocks a service ID by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
Unlocks a service ID by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they have access to.
DELETE /v1/serviceids/{id}/lock
(iamIdentity *IamIdentityV1) UnlockServiceID(unlockServiceIDOptions *UnlockServiceIDOptions) (response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) UnlockServiceIDWithContext(ctx context.Context, unlockServiceIDOptions *UnlockServiceIDOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> unlockServiceId(UnlockServiceIdOptions unlockServiceIdOptions)
unlockServiceId(params)
unlock_service_id(
self,
id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the UnlockServiceIDOptions
struct and set the fields to provide parameter values for the UnlockServiceID
method.
Use the UnlockServiceIdOptions.Builder
to create a UnlockServiceIdOptions
object that contains the parameter values for the unlockServiceId
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
Unique ID of the service ID.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The UnlockServiceID options.
Unique ID of the service ID.
The unlockServiceId options.
Unique ID of the service ID.
parameters
Unique ID of the service ID.
parameters
Unique ID of the service ID.
curl -X DELETE "https://iam.cloud.ibm.com/v1/serviceids/SERVICE_ID_UNIQUE_ID/lock" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json"
unlockServiceIDOptions := iamIdentityService.NewUnlockServiceIDOptions(svcID) response, err := iamIdentityService.UnlockServiceID(unlockServiceIDOptions) if err != nil { panic(err) }
UnlockServiceIdOptions unlockServiceIdOptions = new UnlockServiceIdOptions.Builder() .id(svcId) .build(); Response<Void> response = identityservice.unlockServiceId(unlockServiceIdOptions).execute();
const params = { id: svcId, }; try { await iamIdentityService.unlockServiceId(params); } catch (err) { console.warn(err); }
response = iam_identity_service.unlock_service_id(id=svc_id)
Response
Status Code
Successful unlocked.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Service ID with provided uuid not found.
Internal Server error.
No Sample Response
Create a trusted profile
Create a trusted profile for a given account ID.
Create a trusted profile for a given account ID.
Create a trusted profile for a given account ID.
Create a trusted profile for a given account ID.
Create a trusted profile for a given account ID.
POST /v1/profiles
(iamIdentity *IamIdentityV1) CreateProfile(createProfileOptions *CreateProfileOptions) (result *TrustedProfile, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) CreateProfileWithContext(ctx context.Context, createProfileOptions *CreateProfileOptions) (result *TrustedProfile, response *core.DetailedResponse, err error)
ServiceCall<TrustedProfile> createProfile(CreateProfileOptions createProfileOptions)
createProfile(params)
create_profile(
self,
name: str,
account_id: str,
*,
description: Optional[str] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the CreateProfileOptions
struct and set the fields to provide parameter values for the CreateProfile
method.
Use the CreateProfileOptions.Builder
to create a CreateProfileOptions
object that contains the parameter values for the createProfile
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Request to create a trusted profile.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The account ID of the trusted profile.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during creation of trusted profile.
The email of the trusted profile.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The CreateProfile options.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The account ID of the trusted profile.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during creation of trusted profile.
The createProfile options.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The account ID of the trusted profile.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during creation of trusted profile.
parameters
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The account ID of the trusted profile.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during creation of trusted profile.
parameters
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The account ID of the trusted profile.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during creation of trusted profile.
curl -X POST "https://iam.cloud.ibm.com/v1/profiles" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json" --header "Accept: application/json" --data '{ "name": "My Nice Profile", "description": "My Nice Profile - desc", "account_id": "ACCOUNT_ID" }'
createProfileOptions := iamIdentityService.NewCreateProfileOptions(profileName, accountID) createProfileOptions.SetDescription("Example Profile") profile, response, err := iamIdentityService.CreateProfile(createProfileOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(profile, "", " ") fmt.Println(string(b)) profileId = *profile.ID
CreateProfileOptions createProfileOptions = new CreateProfileOptions.Builder() .name(profileName) .description("Example Profile") .accountId(accountId) .build(); Response<TrustedProfile> response = identityservice.createProfile(createProfileOptions).execute(); TrustedProfile profile = response.getResult(); profileId = profile.getId(); System.out.println(profile);
const params = { name: 'profileName', description: 'Example Profile', accountId, }; try { const res = await iamIdentityService.createProfile(params); profileId = res.result.id console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
profile = iam_identity_service.create_profile( name="example profile", description="example profile", account_id=account_id ).get_result() print(json.dumps(profile, indent=2))
Response
Response body format for trusted profile V1 REST requests.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
Context with key properties for problem determination.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
The optional email of the trusted profile. The 'email' property is only available if an email was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile
IMS user ID of the trusted profile
History of the trusted profile.
Response body format for trusted profile V1 REST requests.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for trusted profile V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for trusted profile V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for trusted profile V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Status Code
Trusted profile successfully created. Response if the Object could be created in the persistence layer.
Parameter validation failed. Response if required parameters are missing or if parameter values are invalid.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Create Conflict - Trusted profile could not be created. Response if the Object could not be created in the persistence layer.
Internal Server error.
{ "iam_id": "iam-Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c", "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c", "id": "Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c", "entity_tag": "1-eb85ef473fd681c90c8743fc13a38119", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "account_id": "18e3020749ce4744b0b472466d61fdb4", "name": "My profile", "description": "A superb profile", "email": "user@ibm.com" }
{ "iam_id": "iam-Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c", "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c", "id": "Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c", "entity_tag": "1-eb85ef473fd681c90c8743fc13a38119", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "account_id": "18e3020749ce4744b0b472466d61fdb4", "name": "My profile", "description": "A superb profile", "email": "user@ibm.com" }
List trusted profiles
List the trusted profiles in an account. The account_id
query parameter determines the account from which to retrieve the list of trusted profiles.
List the trusted profiles in an account. The account_id
query parameter determines the account from which to retrieve the list of trusted profiles.
List the trusted profiles in an account. The account_id
query parameter determines the account from which to retrieve the list of trusted profiles.
List the trusted profiles in an account. The account_id
query parameter determines the account from which to retrieve the list of trusted profiles.
List the trusted profiles in an account. The account_id
query parameter determines the account from which to retrieve the list of trusted profiles.
GET /v1/profiles
(iamIdentity *IamIdentityV1) ListProfiles(listProfilesOptions *ListProfilesOptions) (result *TrustedProfilesList, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) ListProfilesWithContext(ctx context.Context, listProfilesOptions *ListProfilesOptions) (result *TrustedProfilesList, response *core.DetailedResponse, err error)
ServiceCall<TrustedProfilesList> listProfiles(ListProfilesOptions listProfilesOptions)
listProfiles(params)
list_profiles(
self,
account_id: str,
*,
name: Optional[str] = None,
pagesize: Optional[int] = None,
sort: Optional[str] = None,
order: Optional[str] = None,
include_history: Optional[bool] = None,
pagetoken: Optional[str] = None,
filter: Optional[str] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the ListProfilesOptions
struct and set the fields to provide parameter values for the ListProfiles
method.
Use the ListProfilesOptions.Builder
to create a ListProfilesOptions
object that contains the parameter values for the listProfiles
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Query Parameters
Account ID to query for trusted profiles.
Name of the trusted profile to query.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional sort property, valid values are name, description, created_at and modified_at. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The ListProfiles options.
Account ID to query for trusted profiles.
Name of the trusted profile to query.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional sort property, valid values are name, description, created_at and modified_at. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
The listProfiles options.
Account ID to query for trusted profiles.
Name of the trusted profile to query.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional sort property, valid values are name, description, created_at and modified_at. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
parameters
Account ID to query for trusted profiles.
Name of the trusted profile to query.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional sort property, valid values are name, description, created_at and modified_at. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
parameters
Account ID to query for trusted profiles.
Name of the trusted profile to query.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Optional sort property, valid values are name, description, created_at and modified_at. If specified, the items are sorted by the value of this property.
Optional sort order, valid values are asc and desc. Default: asc.
Allowable values: [
asc
,desc
]Default:
asc
Defines if the entity history is included in the response.
Default:
false
Optional Prev or Next page token returned from a previous query execution. Default is start with first page.
An optional filter query parameter used to refine the results of the search operation. For more information see Filtering list results section.
curl -X GET "https://iam.cloud.ibm.com/v1/profiles?account_id=ACCOUNT_ID" --header "Authorization: Bearer $TOKEN" --header "Accept: application/json"
listProfilesOptions := iamIdentityService.NewListProfilesOptions(accountID) listProfilesOptions.SetIncludeHistory(false) trustedProfiles, response, err := iamIdentityService.ListProfiles(listProfilesOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(trustedProfiles, "", " ") fmt.Println(string(b))
ListProfilesOptions listProfilesOptions = new ListProfilesOptions.Builder() .accountId(accountId) .includeHistory(false) .build(); Response<TrustedProfilesList> response = identityservice.listProfiles(listProfilesOptions).execute(); TrustedProfilesList profiles = response.getResult(); System.out.println(profiles);
const params = { accountId: accountId, includeHistory: false, }; try { const res = await iamIdentityService.listProfiles(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
profile_list = iam_identity_service.list_profiles(account_id=account_id, include_history=True).get_result() print(json.dumps(profile_list, indent=2))
Response
Response body format for the List trusted profiles V1 REST request.
List of trusted profiles
Context with key properties for problem determination.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
Response body format for the List trusted profiles V1 REST request.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
List of trusted profiles.
- Profiles
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for the List trusted profiles V1 REST request.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
List of trusted profiles.
- profiles
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for the List trusted profiles V1 REST request.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
List of trusted profiles.
- profiles
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for the List trusted profiles V1 REST request.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
The offset of the current page.
Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100.
Link to the first page.
Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
Link to the next available page. If 'next' property is not part of the response no next page is available.
List of trusted profiles.
- profiles
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Status Code
Successful operation.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
account_id does not match Authorization token, account_id not found.
Internal Server error.
{ "offset": 0, "limit": 20, "first": "https://iam.cloud.ibm.com/v1/profiles?account_id=18e3020749ce4744b0b472466d61fdb4", "profiles": [ { "id": "Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "entity_tag": "5-29d5f70272e5f13930938ca32f30223d", "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "name": "My profile v1", "description": "A superb profile v1", "email": "user@ibm.com", "created_at": "2021-07-28T09:59+0000", "modified_at": "2021-07-28T16:29+0000", "iam_id": "iam-Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "account_id": "18e3020749ce4744b0b472466d61fdb4", "ims_account_id": 8794967, "ims_user_id": 234876 } ] }
{ "offset": 0, "limit": 20, "first": "https://iam.cloud.ibm.com/v1/profiles?account_id=18e3020749ce4744b0b472466d61fdb4", "profiles": [ { "id": "Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "entity_tag": "5-29d5f70272e5f13930938ca32f30223d", "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "name": "My profile v1", "description": "A superb profile v1", "email": "user@ibm.com", "created_at": "2021-07-28T09:59+0000", "modified_at": "2021-07-28T16:29+0000", "iam_id": "iam-Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "account_id": "18e3020749ce4744b0b472466d61fdb4", "ims_account_id": 8794967, "ims_user_id": 234876 } ] }
Get a trusted profile
Retrieve a trusted profile by its profile-id
. Only the trusted profile's data is returned (name
, description
, iam_id
, etc.), not the federated users or compute resources that qualify to apply the trusted profile.
Retrieve a trusted profile by its profile-id
. Only the trusted profile's data is returned (name
, description
, iam_id
, etc.), not the federated users or compute resources that qualify to apply the trusted profile.
Retrieve a trusted profile by its profile-id
. Only the trusted profile's data is returned (name
, description
, iam_id
, etc.), not the federated users or compute resources that qualify to apply the trusted profile.
Retrieve a trusted profile by its profile-id
. Only the trusted profile's data is returned (name
, description
, iam_id
, etc.), not the federated users or compute resources that qualify to apply the trusted profile.
Retrieve a trusted profile by its profile-id
. Only the trusted profile's data is returned (name
, description
, iam_id
, etc.), not the federated users or compute resources that qualify to apply the trusted profile.
GET /v1/profiles/{profile-id}
(iamIdentity *IamIdentityV1) GetProfile(getProfileOptions *GetProfileOptions) (result *TrustedProfile, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) GetProfileWithContext(ctx context.Context, getProfileOptions *GetProfileOptions) (result *TrustedProfile, response *core.DetailedResponse, err error)
ServiceCall<TrustedProfile> getProfile(GetProfileOptions getProfileOptions)
getProfile(params)
get_profile(
self,
profile_id: str,
*,
include_activity: Optional[bool] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the GetProfileOptions
struct and set the fields to provide parameter values for the GetProfile
method.
Use the GetProfileOptions.Builder
to create a GetProfileOptions
object that contains the parameter values for the getProfile
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
ID of the trusted profile to get.
Query Parameters
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The GetProfile options.
ID of the trusted profile to get.
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
The getProfile options.
ID of the trusted profile to get.
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
parameters
ID of the trusted profile to get.
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
parameters
ID of the trusted profile to get.
Defines if the entity's activity is included in the response. Retrieving activity data is an expensive operation, so only request this when needed.
Default:
false
curl -X GET "https://iam.cloud.ibm.com/v1/profiles/PROFILE_ID" --header "Authorization: Bearer $TOKEN" --header "Accept: application/json"
getProfileOptions := iamIdentityService.NewGetProfileOptions(profileId) getProfileOptions.SetIncludeActivity(false) profile, response, err := iamIdentityService.GetProfile(getProfileOptions) if err != nil { panic(err) } profileEtag = response.GetHeaders().Get("Etag") b, _ := json.MarshalIndent(profile, "", " ") fmt.Println(string(b))
GetProfileOptions getProfileOptions = new GetProfileOptions.Builder() .profileId(profileId) .includeActivity(false) .build(); Response<TrustedProfile> response = identityservice.getProfile(getProfileOptions).execute(); TrustedProfile profile = response.getResult(); profileEtag = response.getHeaders().values("Etag").get(0); System.out.println(profile);
const params = { profileId, includeActivity: true, }; try { const res = await iamIdentityService.getProfile(params) profileEtag = res.headers['etag']; console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = iam_identity_service.get_profile( profile_id=profile_id, include_activity=True, ) profile = response.get_result() print(json.dumps(profile, indent=2))
Response
Response body format for trusted profile V1 REST requests.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
Context with key properties for problem determination.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
The optional email of the trusted profile. The 'email' property is only available if an email was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile
IMS user ID of the trusted profile
History of the trusted profile.
Response body format for trusted profile V1 REST requests.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for trusted profile V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for trusted profile V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for trusted profile V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Status Code
Successful - Get of Trusted profile.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Trusted profile with provided parameters not found.
Internal Server error.
{ "id": "Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "entity_tag": "5-29d5f70272e5f13930938ca32f30223d", "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "name": "My profile v1", "description": "A superb profile v1", "email": "user@ibm.com", "created_at": "2021-07-28T09:59+0000", "modified_at": "2021-07-28T16:29+0000", "iam_id": "iam-Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "account_id": "18e3020749ce4744b0b472466d61fdb4", "ims_account_id": 8794967, "ims_user_id": 234876 }
{ "id": "Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "entity_tag": "5-29d5f70272e5f13930938ca32f30223d", "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "name": "My profile v1", "description": "A superb profile v1", "email": "user@ibm.com", "created_at": "2021-07-28T09:59+0000", "modified_at": "2021-07-28T16:29+0000", "iam_id": "iam-Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "account_id": "18e3020749ce4744b0b472466d61fdb4", "ims_account_id": 8794967, "ims_user_id": 234876 }
Update a trusted profile
Update the name or description of an existing trusted profile.
Update the name or description of an existing trusted profile.
Update the name or description of an existing trusted profile.
Update the name or description of an existing trusted profile.
Update the name or description of an existing trusted profile.
PUT /v1/profiles/{profile-id}
(iamIdentity *IamIdentityV1) UpdateProfile(updateProfileOptions *UpdateProfileOptions) (result *TrustedProfile, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) UpdateProfileWithContext(ctx context.Context, updateProfileOptions *UpdateProfileOptions) (result *TrustedProfile, response *core.DetailedResponse, err error)
ServiceCall<TrustedProfile> updateProfile(UpdateProfileOptions updateProfileOptions)
updateProfile(params)
update_profile(
self,
profile_id: str,
if_match: str,
*,
name: Optional[str] = None,
description: Optional[str] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the UpdateProfileOptions
struct and set the fields to provide parameter values for the UpdateProfile
method.
Use the UpdateProfileOptions.Builder
to create a UpdateProfileOptions
object that contains the parameter values for the updateProfile
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Version of the trusted profile to be updated. Specify the version that you retrived when reading list of trusted profiles. This value helps to identify any parallel usage of trusted profile. Pass * to indicate to update any version available. This might result in stale updates.
Path Parameters
ID of the trusted profile to be updated.
Request to update a trusted profile.
The name of the trusted profile to update. If specified in the request the parameter must not be empty. The name is checked for uniqueness. Failure to this will result in an Error condition.
The description of the trusted profile to update. If specified an empty description will clear the description of the trusted profile. If a non empty value is provided the trusted profile will be updated.
The email of the profile to update. If specified an empty email will clear the email of the profile. If an non empty value is provided the trusted profile will be updated.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The UpdateProfile options.
ID of the trusted profile to be updated.
Version of the trusted profile to be updated. Specify the version that you retrived when reading list of trusted profiles. This value helps to identify any parallel usage of trusted profile. Pass * to indicate to update any version available. This might result in stale updates.
The name of the trusted profile to update. If specified in the request the parameter must not be empty. The name is checked for uniqueness. Failure to this will result in an Error condition.
The description of the trusted profile to update. If specified an empty description will clear the description of the trusted profile. If a non empty value is provided the trusted profile will be updated.
The updateProfile options.
ID of the trusted profile to be updated.
Version of the trusted profile to be updated. Specify the version that you retrived when reading list of trusted profiles. This value helps to identify any parallel usage of trusted profile. Pass * to indicate to update any version available. This might result in stale updates.
The name of the trusted profile to update. If specified in the request the parameter must not be empty. The name is checked for uniqueness. Failure to this will result in an Error condition.
The description of the trusted profile to update. If specified an empty description will clear the description of the trusted profile. If a non empty value is provided the trusted profile will be updated.
parameters
ID of the trusted profile to be updated.
Version of the trusted profile to be updated. Specify the version that you retrived when reading list of trusted profiles. This value helps to identify any parallel usage of trusted profile. Pass * to indicate to update any version available. This might result in stale updates.
The name of the trusted profile to update. If specified in the request the parameter must not be empty. The name is checked for uniqueness. Failure to this will result in an Error condition.
The description of the trusted profile to update. If specified an empty description will clear the description of the trusted profile. If a non empty value is provided the trusted profile will be updated.
parameters
ID of the trusted profile to be updated.
Version of the trusted profile to be updated. Specify the version that you retrived when reading list of trusted profiles. This value helps to identify any parallel usage of trusted profile. Pass * to indicate to update any version available. This might result in stale updates.
The name of the trusted profile to update. If specified in the request the parameter must not be empty. The name is checked for uniqueness. Failure to this will result in an Error condition.
The description of the trusted profile to update. If specified an empty description will clear the description of the trusted profile. If a non empty value is provided the trusted profile will be updated.
curl -X PUT "https://iam.cloud.ibm.com/v1/profiles/PROFILE_ID" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json" --header "Accept: application/json" --header "If-Match: <value of etag header from GET request>" --data '{ "name": "My Profile updated", "description": "My updated desc" }'
updateProfileOptions := iamIdentityService.NewUpdateProfileOptions(profileId, profileEtag) updateProfileOptions.SetDescription("This is an updated description") profile, response, err := iamIdentityService.UpdateProfile(updateProfileOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(profile, "", " ") fmt.Println(string(b))
String newDescription = "updated description"; UpdateProfileOptions updateProfileOptions = new UpdateProfileOptions.Builder() .profileId(profileId) .ifMatch(profileEtag) .description(newDescription) .build(); Response<TrustedProfile> response = identityservice.updateProfile(updateProfileOptions).execute(); TrustedProfile profile = response.getResult(); System.out.println(profile);
const params = { profileId: profileId, ifMatch: profileEtag, description: 'This is an updated description', }; try { const res = await iamIdentityService.updateProfile(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
profile = iam_identity_service.update_profile( profile_id=profile_id, if_match=profile_etag, description='This is an updated description' ).get_result() print(json.dumps(profile, indent=2))
Response
Response body format for trusted profile V1 REST requests.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
Context with key properties for problem determination.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
The optional email of the trusted profile. The 'email' property is only available if an email was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile
IMS user ID of the trusted profile
History of the trusted profile.
Response body format for trusted profile V1 REST requests.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- History
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- Activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for trusted profile V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for trusted profile V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Response body format for trusted profile V1 REST requests.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.
Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.
Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.
The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The iam_id of this trusted profile.
ID of the account that this trusted profile belong to.
ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.
IMS acount ID of the trusted profile.
IMS user ID of the trusted profile.
History of the trusted profile.
- history
Timestamp when the action was triggered.
IAM ID of the identity which triggered the action.
Account of the identity which triggered the action.
Action of the history entry.
Params of the history entry.
Message which summarizes the executed action.
- activity
Time when the entity was last authenticated.
Authentication count, number of times the entity was authenticated.
Status Code
Successful - Trusted profile updated.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Trusted profile with provided parameters not found.
Conflict - there must have been an update in parallel, the specified If-Match header does not match the current Trusted profile record. Retrieve the current Trusted profile again and apply the changes to that version.
Internal Server error.
{ "id": "Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "entity_tag": "5-29d5f70272e5f13930938ca32f30223d", "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "name": "My profile updated", "description": "A superb profile updated", "email": "user@ibm.com", "created_at": "2021-07-28T09:59+0000", "modified_at": "2021-07-28T16:29+0000", "iam_id": "iam-Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "account_id": "18e3020749ce4744b0b472466d61fdb4", "ims_account_id": 8794967, "ims_user_id": 234876 }
{ "id": "Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "entity_tag": "5-29d5f70272e5f13930938ca32f30223d", "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "name": "My profile updated", "description": "A superb profile updated", "email": "user@ibm.com", "created_at": "2021-07-28T09:59+0000", "modified_at": "2021-07-28T16:29+0000", "iam_id": "iam-Profile-94188726-7725-4c78-a686-b5deb4d47cb5", "account_id": "18e3020749ce4744b0b472466d61fdb4", "ims_account_id": 8794967, "ims_user_id": 234876 }
Delete a trusted profile
Delete a trusted profile. When you delete trusted profile, compute resources and federated users are unlinked from the profile and can no longer apply the trusted profile identity.
Delete a trusted profile. When you delete trusted profile, compute resources and federated users are unlinked from the profile and can no longer apply the trusted profile identity.
Delete a trusted profile. When you delete trusted profile, compute resources and federated users are unlinked from the profile and can no longer apply the trusted profile identity.
Delete a trusted profile. When you delete trusted profile, compute resources and federated users are unlinked from the profile and can no longer apply the trusted profile identity.
Delete a trusted profile. When you delete trusted profile, compute resources and federated users are unlinked from the profile and can no longer apply the trusted profile identity.
DELETE /v1/profiles/{profile-id}
(iamIdentity *IamIdentityV1) DeleteProfile(deleteProfileOptions *DeleteProfileOptions) (response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) DeleteProfileWithContext(ctx context.Context, deleteProfileOptions *DeleteProfileOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> deleteProfile(DeleteProfileOptions deleteProfileOptions)
deleteProfile(params)
delete_profile(
self,
profile_id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the DeleteProfileOptions
struct and set the fields to provide parameter values for the DeleteProfile
method.
Use the DeleteProfileOptions.Builder
to create a DeleteProfileOptions
object that contains the parameter values for the deleteProfile
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
ID of the trusted profile.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The DeleteProfile options.
ID of the trusted profile.
The deleteProfile options.
ID of the trusted profile.
parameters
ID of the trusted profile.
parameters
ID of the trusted profile.
curl -X DELETE "https://iam.cloud.ibm.com/v1/profiles/PROFILE_ID" --header "Authorization: Bearer $TOKEN"
deleteProfileOptions := iamIdentityService.NewDeleteProfileOptions(profileId) response, err := iamIdentityService.DeleteProfile(deleteProfileOptions) if err != nil { panic(err) }
DeleteProfileOptions deleteProfileOptions = new DeleteProfileOptions.Builder() .profileId(profileId) .build(); Response<Void> response = identityservice.deleteProfile(deleteProfileOptions).execute();
const params = { profileId }; try { await iamIdentityService.deleteProfile(params); } catch (err) { console.warn(err); }
response = iam_identity_service.delete_profile(profile_id=profile_id)
Response
Status Code
Deleted Successful - no further details.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Trusted profile with given ID not found.
Conflict - Trusted profile could not be deleted.
Internal Server error.
No Sample Response
Create claim rule for a trusted profile
Create a claim rule for a trusted profile. There is a limit of 20 rules per trusted profile.
Create a claim rule for a trusted profile. There is a limit of 20 rules per trusted profile.
Create a claim rule for a trusted profile. There is a limit of 20 rules per trusted profile.
Create a claim rule for a trusted profile. There is a limit of 20 rules per trusted profile.
Create a claim rule for a trusted profile. There is a limit of 20 rules per trusted profile.
POST /v1/profiles/{profile-id}/rules
(iamIdentity *IamIdentityV1) CreateClaimRule(createClaimRuleOptions *CreateClaimRuleOptions) (result *ProfileClaimRule, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) CreateClaimRuleWithContext(ctx context.Context, createClaimRuleOptions *CreateClaimRuleOptions) (result *ProfileClaimRule, response *core.DetailedResponse, err error)
ServiceCall<ProfileClaimRule> createClaimRule(CreateClaimRuleOptions createClaimRuleOptions)
createClaimRule(params)
create_claim_rule(
self,
profile_id: str,
type: str,
conditions: List['ProfileClaimRuleConditions'],
*,
context: Optional['ResponseContext'] = None,
name: Optional[str] = None,
realm_name: Optional[str] = None,
cr_type: Optional[str] = None,
expiration: Optional[int] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the CreateClaimRuleOptions
struct and set the fields to provide parameter values for the CreateClaimRule
method.
Use the CreateClaimRuleOptions.Builder
to create a CreateClaimRuleOptions
object that contains the parameter values for the createClaimRule
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
ID of the trusted profile to create a claim rule.
Request to create a claim rule for trusted profile.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'
Conditions of this claim rule.
Context with key properties for problem determination.
Name of the claim rule to be created or updated
The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Valid values are VSI, IKS_SA, ROKS_SA.
Session expiration in seconds, only required if type is 'Profile-SAML'.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The CreateClaimRule options.
ID of the trusted profile to create a claim rule.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
Conditions of this claim rule.
- Conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Name of the claim rule to be created or updated.
The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Valid values are VSI, IKS_SA, ROKS_SA.
Session expiration in seconds, only required if type is 'Profile-SAML'.
The createClaimRule options.
ID of the trusted profile to create a claim rule.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Name of the claim rule to be created or updated.
The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Valid values are VSI, IKS_SA, ROKS_SA.
Session expiration in seconds, only required if type is 'Profile-SAML'.
parameters
ID of the trusted profile to create a claim rule.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Name of the claim rule to be created or updated.
The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Valid values are VSI, IKS_SA, ROKS_SA.
Session expiration in seconds, only required if type is 'Profile-SAML'.
parameters
ID of the trusted profile to create a claim rule.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Name of the claim rule to be created or updated.
The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Valid values are VSI, IKS_SA, ROKS_SA.
Session expiration in seconds, only required if type is 'Profile-SAML'.
curl -X POST "https://iam.cloud.ibm.com/v1/profiles/PROFILE_ID/rules" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json" --header "Accept: application/json" --data '{ "type": "Profile-SAML", "realm_name": "https://www.example.org/my-nice-idp", "expiration": 43200, "conditions": [ { "claim": "groups", "operator": "EQUALS", "value": "\"cloud-docs-dev\"" } ] }'
profileClaimRuleConditions := new(iamidentityv1.ProfileClaimRuleConditions) profileClaimRuleConditions.Claim = core.StringPtr("blueGroups") profileClaimRuleConditions.Operator = core.StringPtr("EQUALS") profileClaimRuleConditions.Value = core.StringPtr("\"cloud-docs-dev\"") createClaimRuleOptions := iamIdentityService.NewCreateClaimRuleOptions(profileId, claimRuleType, []iamidentityv1.ProfileClaimRuleConditions{*profileClaimRuleConditions}) createClaimRuleOptions.SetName("claimRule") createClaimRuleOptions.SetRealmName(realmName) createClaimRuleOptions.SetExpiration(int64(43200)) claimRule, response, err := iamIdentityService.CreateClaimRule(createClaimRuleOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(claimRule, "", " ") fmt.Println(string(b)) claimRuleId = *claimRule.ID
ProfileClaimRuleConditions condition = new ProfileClaimRuleConditions.Builder() .claim("blueGroups") .operator("EQUALS") .value("\"cloud-docs-dev\"") .build(); List<ProfileClaimRuleConditions> conditions = new ArrayList<>(); conditions.add(condition); CreateClaimRuleOptions createClaimRuleOptions = new CreateClaimRuleOptions.Builder() .profileId(profileId) .type(claimRuleType) .realmName(realmName) .expiration(43200) .conditions(conditions) .build(); Response<ProfileClaimRule> response = identityservice.createClaimRule(createClaimRuleOptions).execute(); ProfileClaimRule claimRule = response.getResult(); claimRuleId = claimRule.getId(); System.out.println(claimRule);
const val = "{'Europe_Group'}"; const profileClaimRuleConditionsModel = { claim: 'blueGroups', operator: 'EQUALS', value: JSON.stringify(val), }; const conditions = [profileClaimRuleConditionsModel]; const params = { profileId: profileId, type: 'Profile-SAML', realmName: realmName, expiration: 43200, conditions, }; try { const res = await iamIdentityService.createClaimRule(params); claimRuleId = res.result.id console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
profile_claim_rule_conditions_model = {} profile_claim_rule_conditions_model['claim'] = 'blueGroups' profile_claim_rule_conditions_model['operator'] = 'EQUALS' profile_claim_rule_conditions_model['value'] = '\"cloud-docs-dev\"' claimRule = iam_identity_service.create_claim_rule( profile_id=profile_id, type='Profile-SAML', realm_name='https://sdk.test.realm/1234', expiration=43200, conditions=[profile_claim_rule_conditions_model], ).get_result() print(json.dumps(claimRule, indent=2))
Response
the unique identifier of the claim rule
version of the claim rule
If set contains a date time string of the creation date in ISO format.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'
Session expiration in seconds
Conditions of this claim rule.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name
The realm name of the Idp this claim rule applies to
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- Conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Status Code
Successful operation.
Parameter validation failed. Response if required parameters are missing or if parameter values are invalid.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Create Conflict - Claim rule could not be created. Response if the Object could not be created in the persistence layer.
Internal Server error.
{ "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "name": "My Claim rule", "type": "Profile-SAML", "realm_name": "https://www.example.org/my-nice-idp", "expiration": 3600, "conditions": { "claim": "groups", "operator": "EQUALS", "value": "\"cloud-docs-dev\"" } }
{ "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "name": "My Claim rule", "type": "Profile-SAML", "realm_name": "https://www.example.org/my-nice-idp", "expiration": 3600, "conditions": { "claim": "groups", "operator": "EQUALS", "value": "\"cloud-docs-dev\"" } }
List claim rules for a trusted profile
Get a list of all claim rules for a trusted profile. The profile-id
query parameter determines the profile from which to retrieve the list of claim rules.
Get a list of all claim rules for a trusted profile. The profile-id
query parameter determines the profile from which to retrieve the list of claim rules.
Get a list of all claim rules for a trusted profile. The profile-id
query parameter determines the profile from which to retrieve the list of claim rules.
Get a list of all claim rules for a trusted profile. The profile-id
query parameter determines the profile from which to retrieve the list of claim rules.
Get a list of all claim rules for a trusted profile. The profile-id
query parameter determines the profile from which to retrieve the list of claim rules.
GET /v1/profiles/{profile-id}/rules
(iamIdentity *IamIdentityV1) ListClaimRules(listClaimRulesOptions *ListClaimRulesOptions) (result *ProfileClaimRuleList, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) ListClaimRulesWithContext(ctx context.Context, listClaimRulesOptions *ListClaimRulesOptions) (result *ProfileClaimRuleList, response *core.DetailedResponse, err error)
ServiceCall<ProfileClaimRuleList> listClaimRules(ListClaimRulesOptions listClaimRulesOptions)
listClaimRules(params)
list_claim_rules(
self,
profile_id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the ListClaimRulesOptions
struct and set the fields to provide parameter values for the ListClaimRules
method.
Use the ListClaimRulesOptions.Builder
to create a ListClaimRulesOptions
object that contains the parameter values for the listClaimRules
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
ID of the trusted profile.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The ListClaimRules options.
ID of the trusted profile.
The listClaimRules options.
ID of the trusted profile.
parameters
ID of the trusted profile.
parameters
ID of the trusted profile.
curl -X GET "https://iam.cloud.ibm.com/v1/profiles/PROFILE_ID/rules" --header "Authorization: Bearer $TOKEN" --header "Accept: application/json"
listClaimRulesOptions := iamIdentityService.NewListClaimRulesOptions(profileId) claimRulesList, response, err := iamIdentityService.ListClaimRules(listClaimRulesOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(claimRulesList, "", " ") fmt.Println(string(b))
ListClaimRulesOptions listClaimRulesOptions = new ListClaimRulesOptions.Builder() .profileId(profileId) .build(); Response<ProfileClaimRuleList> response = identityservice.listClaimRules(listClaimRulesOptions).execute(); ProfileClaimRuleList claimRules = response.getResult(); System.out.println(claimRules);
const params = { profileId, }; try { const res = await iamIdentityService.listClaimRules(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
claimRule_list = iam_identity_service.list_claim_rules( profile_id=profile_id, ).get_result() print(json.dumps(claimRule_list, indent=2))
Response
List of claim rules
Context with key properties for problem determination.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
List of claim rules.
- Rules
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- Conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
List of claim rules.
- rules
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
List of claim rules.
- rules
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
List of claim rules.
- rules
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Status Code
Successful operation.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Trusted profile ID does not match Authorization token, Trusted profile ID not found.
Internal Server error.
{ "rules": [ { "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "name": "My Claim rule", "type": "Profile-SAML", "realm_name": "https://www.example.org/my-nice-idp", "expiration": 3600, "conditions": [ { "claim": "groups", "operator": "EQUALS", "value": "\"cloud-docs-dev\"" } ] } ] }
{ "rules": [ { "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "name": "My Claim rule", "type": "Profile-SAML", "realm_name": "https://www.example.org/my-nice-idp", "expiration": 3600, "conditions": [ { "claim": "groups", "operator": "EQUALS", "value": "\"cloud-docs-dev\"" } ] } ] }
Get a claim rule for a trusted profile
A specific claim rule can be fetched for a given trusted profile ID and rule ID.
A specific claim rule can be fetched for a given trusted profile ID and rule ID.
A specific claim rule can be fetched for a given trusted profile ID and rule ID.
A specific claim rule can be fetched for a given trusted profile ID and rule ID.
A specific claim rule can be fetched for a given trusted profile ID and rule ID.
GET /v1/profiles/{profile-id}/rules/{rule-id}
(iamIdentity *IamIdentityV1) GetClaimRule(getClaimRuleOptions *GetClaimRuleOptions) (result *ProfileClaimRule, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) GetClaimRuleWithContext(ctx context.Context, getClaimRuleOptions *GetClaimRuleOptions) (result *ProfileClaimRule, response *core.DetailedResponse, err error)
ServiceCall<ProfileClaimRule> getClaimRule(GetClaimRuleOptions getClaimRuleOptions)
getClaimRule(params)
get_claim_rule(
self,
profile_id: str,
rule_id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the GetClaimRuleOptions
struct and set the fields to provide parameter values for the GetClaimRule
method.
Use the GetClaimRuleOptions.Builder
to create a GetClaimRuleOptions
object that contains the parameter values for the getClaimRule
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
ID of the trusted profile.
ID of the claim rule to get.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The GetClaimRule options.
ID of the trusted profile.
ID of the claim rule to get.
The getClaimRule options.
ID of the trusted profile.
ID of the claim rule to get.
parameters
ID of the trusted profile.
ID of the claim rule to get.
parameters
ID of the trusted profile.
ID of the claim rule to get.
curl -X GET "https://iam.cloud.ibm.com/v1/profiles/PROFILE_ID/rules/CLAIM_RULE_ID" --header "Authorization: Bearer $TOKEN" --header "Accept: application/json"
getClaimRuleOptions := iamIdentityService.NewGetClaimRuleOptions(profileId, claimRuleId) claimRule, response, err := iamIdentityService.GetClaimRule(getClaimRuleOptions) if err != nil { panic(err) } claimRuleEtag = response.GetHeaders().Get("Etag") b, _ := json.MarshalIndent(claimRule, "", " ") fmt.Println(string(b))
GetClaimRuleOptions getClaimRuleOptions = new GetClaimRuleOptions.Builder() .profileId(profileId) .ruleId(claimRuleId) .build(); Response<ProfileClaimRule> response = identityservice.getClaimRule(getClaimRuleOptions).execute(); ProfileClaimRule claimRule = response.getResult(); claimRuleEtag = response.getHeaders().values("Etag").get(0); System.out.println(claimRule);
const params = { profileId, ruleId: claimRuleId, }; try { const res = await iamIdentityService.getClaimRule(params); claimRuleEtag = res.headers['etag']; console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = iam_identity_service.get_claim_rule(profile_id=profile_id, rule_id=claimRule_id) claimRule = response.get_result() print(json.dumps(claimRule, indent=2))
Response
the unique identifier of the claim rule
version of the claim rule
If set contains a date time string of the creation date in ISO format.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'
Session expiration in seconds
Conditions of this claim rule.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name
The realm name of the Idp this claim rule applies to
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- Conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Status Code
Successful - Get of Claim rule.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Claim rule with provided parameters not found.
Internal Server error.
{ "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "name": "My Claim rule", "type": "Profile-SAML", "realm_name": "https://www.example.org/my-nice-idp", "expiration": 3600, "conditions": { "claim": "groups", "operator": "EQUALS", "value": "\"cloud-docs-dev\"" } }
{ "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "name": "My Claim rule", "type": "Profile-SAML", "realm_name": "https://www.example.org/my-nice-idp", "expiration": 3600, "conditions": { "claim": "groups", "operator": "EQUALS", "value": "\"cloud-docs-dev\"" } }
Update claim rule for a trusted profile
Update a specific claim rule for a given trusted profile ID and rule ID.
Update a specific claim rule for a given trusted profile ID and rule ID.
Update a specific claim rule for a given trusted profile ID and rule ID.
Update a specific claim rule for a given trusted profile ID and rule ID.
Update a specific claim rule for a given trusted profile ID and rule ID.
PUT /v1/profiles/{profile-id}/rules/{rule-id}
(iamIdentity *IamIdentityV1) UpdateClaimRule(updateClaimRuleOptions *UpdateClaimRuleOptions) (result *ProfileClaimRule, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) UpdateClaimRuleWithContext(ctx context.Context, updateClaimRuleOptions *UpdateClaimRuleOptions) (result *ProfileClaimRule, response *core.DetailedResponse, err error)
ServiceCall<ProfileClaimRule> updateClaimRule(UpdateClaimRuleOptions updateClaimRuleOptions)
updateClaimRule(params)
update_claim_rule(
self,
profile_id: str,
rule_id: str,
if_match: str,
type: str,
conditions: List['ProfileClaimRuleConditions'],
*,
context: Optional['ResponseContext'] = None,
name: Optional[str] = None,
realm_name: Optional[str] = None,
cr_type: Optional[str] = None,
expiration: Optional[int] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the UpdateClaimRuleOptions
struct and set the fields to provide parameter values for the UpdateClaimRule
method.
Use the UpdateClaimRuleOptions.Builder
to create a UpdateClaimRuleOptions
object that contains the parameter values for the updateClaimRule
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Version of the claim rule to be updated. Specify the version that you retrived when reading list of claim rules. This value helps to identify any parallel usage of claim rule. Pass * to indicate to update any version available. This might result in stale updates.
Path Parameters
ID of the trusted profile.
ID of the claim rule to update.
Request to update a claim rule.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'
Conditions of this claim rule.
Context with key properties for problem determination.
Name of the claim rule to be created or updated
The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Valid values are VSI, IKS_SA, ROKS_SA.
Session expiration in seconds, only required if type is 'Profile-SAML'.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The UpdateClaimRule options.
ID of the trusted profile.
ID of the claim rule to update.
Version of the claim rule to be updated. Specify the version that you retrived when reading list of claim rules. This value helps to identify any parallel usage of claim rule. Pass * to indicate to update any version available. This might result in stale updates.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
Conditions of this claim rule.
- Conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Context with key properties for problem determination.
- Context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Name of the claim rule to be created or updated.
The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Valid values are VSI, IKS_SA, ROKS_SA.
Session expiration in seconds, only required if type is 'Profile-SAML'.
The updateClaimRule options.
ID of the trusted profile.
ID of the claim rule to update.
Version of the claim rule to be updated. Specify the version that you retrived when reading list of claim rules. This value helps to identify any parallel usage of claim rule. Pass * to indicate to update any version available. This might result in stale updates.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Name of the claim rule to be created or updated.
The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Valid values are VSI, IKS_SA, ROKS_SA.
Session expiration in seconds, only required if type is 'Profile-SAML'.
parameters
ID of the trusted profile.
ID of the claim rule to update.
Version of the claim rule to be updated. Specify the version that you retrived when reading list of claim rules. This value helps to identify any parallel usage of claim rule. Pass * to indicate to update any version available. This might result in stale updates.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Name of the claim rule to be created or updated.
The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Valid values are VSI, IKS_SA, ROKS_SA.
Session expiration in seconds, only required if type is 'Profile-SAML'.
parameters
ID of the trusted profile.
ID of the claim rule to update.
Version of the claim rule to be updated. Specify the version that you retrived when reading list of claim rules. This value helps to identify any parallel usage of claim rule. Pass * to indicate to update any version available. This might result in stale updates.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Context with key properties for problem determination.
- context
The transaction ID of the inbound REST request.
The operation of the inbound REST request.
The user agent of the inbound REST request.
The URL of that cluster.
The instance ID of the server instance processing the request.
The thread ID of the server instance processing the request.
The host of the server instance processing the request.
The start time of the request.
The finish time of the request.
The elapsed time in msec.
The cluster name.
Name of the claim rule to be created or updated.
The realm name of the Idp this claim rule applies to. This field is required only if the type is specified as 'Profile-SAML'.
The compute resource type the rule applies to, required only if type is specified as 'Profile-CR'. Valid values are VSI, IKS_SA, ROKS_SA.
Session expiration in seconds, only required if type is 'Profile-SAML'.
curl -X PUT "https://iam.cloud.ibm.com/v1/profiles/PROFILE_ID/rules/CLAIM_RULE_ID" --header "Authorization: Bearer $TOKEN" --header "If-Match: <value of etag header from GET request>" --header "Content-Type: application/json" --header "Accept: application/json" --data '{ "type": "Profile-SAML", "realm_name": "https://w3id.sso.ibm.com/auth/sps/samlidp2/saml20", "expiration": 10000, "conditions": [ { "claim": "groups", "operator": "CONTAINS", [object Object] } ] }'
profileClaimRuleConditions := new(iamidentityv1.ProfileClaimRuleConditions) profileClaimRuleConditions.Claim = core.StringPtr("blueGroups") profileClaimRuleConditions.Operator = core.StringPtr("EQUALS") profileClaimRuleConditions.Value = core.StringPtr("\"Europe_Group\"") updateClaimRuleOptions := iamIdentityService.NewUpdateClaimRuleOptions(profileId, claimRuleId, claimRuleEtag, claimRuleType, []iamidentityv1.ProfileClaimRuleConditions{*profileClaimRuleConditions}) updateClaimRuleOptions.SetRealmName(realmName) updateClaimRuleOptions.SetExpiration(int64(33200)) claimRule, response, err := iamIdentityService.UpdateClaimRule(updateClaimRuleOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(claimRule, "", " ") fmt.Println(string(b))
ProfileClaimRuleConditions condition = new ProfileClaimRuleConditions.Builder() .claim("blueGroups") .operator("CONTAINS") .value("\"Europe_Group\"") .build(); List<ProfileClaimRuleConditions> conditions = new ArrayList<>(); conditions.add(condition); UpdateClaimRuleOptions updateClaimRuleOptions = new UpdateClaimRuleOptions.Builder() .profileId(profileId) .ruleId(claimRuleId) .ifMatch(claimRuleEtag) .expiration(33200) .conditions(conditions) .type(claimRuleType) .realmName(realmName) .build(); Response<ProfileClaimRule> response = identityservice.updateClaimRule(updateClaimRuleOptions).execute(); ProfileClaimRule claimRule = response.getResult(); System.out.println(claimRule);
const val = "{'Europe_Group'}"; const profileClaimRuleConditionsModel = { claim: 'blueGroups', operator: 'EQUALS', value: JSON.stringify(val), }; const conditions = [profileClaimRuleConditionsModel]; const params = { profileId, ruleId: claimRuleId, ifMatch: claimRuleEtag, type: 'Profile-SAML', realmName: realmName, expiration: 33200, conditions, }; try { const res = await iamIdentityService.updateClaimRule(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
profile_claim_rule_conditions_model = {} profile_claim_rule_conditions_model['claim'] = 'blueGroups' profile_claim_rule_conditions_model['operator'] = 'EQUALS' profile_claim_rule_conditions_model['value'] = '\"Europe_Group\"' claimRule = iam_identity_service.update_claim_rule( profile_id=profile_id, rule_id=claimRule_id, if_match=claimRule_etag, expiration=33200, conditions=[profile_claim_rule_conditions_model], type='Profile-SAML', realm_name='https://sdk.test.realm/1234', ).get_result() print(json.dumps(claimRule, indent=2))
Response
the unique identifier of the claim rule
version of the claim rule
If set contains a date time string of the creation date in ISO format.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'
Session expiration in seconds
Conditions of this claim rule.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name
The realm name of the Idp this claim rule applies to
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- Conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
the unique identifier of the claim rule.
version of the claim rule.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The optional claim rule name.
Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'.
The realm name of the Idp this claim rule applies to.
Session expiration in seconds.
The compute resource type. Not required if type is Profile-SAML. Valid values are VSI, IKS_SA, ROKS_SA.
Conditions of this claim rule.
- conditions
The claim to evaluate against. Learn more.
The operation to perform on the claim. valid values are EQUALS, NOT_EQUALS, EQUALS_IGNORE_CASE, NOT_EQUALS_IGNORE_CASE, CONTAINS, IN.
The stringified JSON value that the claim is compared to using the operator.
Status Code
Successful - Claim rule updated.
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Claim rule with provided parameters not found.
Conflict - there must have been an update in parallel, the specified If-Match header does not match the current claim rule record. Retrieve the current claim rule again and apply the changes to that version.
Internal Server error.
{ "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T17:16+0000", "name": "My Claim rule updated", "type": "Profile-SAML", "realm_name": "https://www.example.org/my-nice-idp", "expiration": 2600, "conditions": { "claim": "groups", "operator": "CONTAINS", "value": "\"cloud-docs-dev\"" } }
{ "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T17:16+0000", "name": "My Claim rule updated", "type": "Profile-SAML", "realm_name": "https://www.example.org/my-nice-idp", "expiration": 2600, "conditions": { "claim": "groups", "operator": "CONTAINS", "value": "\"cloud-docs-dev\"" } }
Delete a claim rule
Delete a claim rule. When you delete a claim rule, federated user or compute resources are no longer required to meet the conditions of the claim rule in order to apply the trusted profile.
Delete a claim rule. When you delete a claim rule, federated user or compute resources are no longer required to meet the conditions of the claim rule in order to apply the trusted profile.
Delete a claim rule. When you delete a claim rule, federated user or compute resources are no longer required to meet the conditions of the claim rule in order to apply the trusted profile.
Delete a claim rule. When you delete a claim rule, federated user or compute resources are no longer required to meet the conditions of the claim rule in order to apply the trusted profile.
Delete a claim rule. When you delete a claim rule, federated user or compute resources are no longer required to meet the conditions of the claim rule in order to apply the trusted profile.
DELETE /v1/profiles/{profile-id}/rules/{rule-id}
(iamIdentity *IamIdentityV1) DeleteClaimRule(deleteClaimRuleOptions *DeleteClaimRuleOptions) (response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) DeleteClaimRuleWithContext(ctx context.Context, deleteClaimRuleOptions *DeleteClaimRuleOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> deleteClaimRule(DeleteClaimRuleOptions deleteClaimRuleOptions)
deleteClaimRule(params)
delete_claim_rule(
self,
profile_id: str,
rule_id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the DeleteClaimRuleOptions
struct and set the fields to provide parameter values for the DeleteClaimRule
method.
Use the DeleteClaimRuleOptions.Builder
to create a DeleteClaimRuleOptions
object that contains the parameter values for the deleteClaimRule
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
ID of the trusted profile.
ID of the claim rule to delete.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The DeleteClaimRule options.
ID of the trusted profile.
ID of the claim rule to delete.
The deleteClaimRule options.
ID of the trusted profile.
ID of the claim rule to delete.
parameters
ID of the trusted profile.
ID of the claim rule to delete.
parameters
ID of the trusted profile.
ID of the claim rule to delete.
curl -X DELETE "https://iam.cloud.ibm.com/v1/profiles/PROFILE_ID/rules/CLAIM_RULE_ID" --header "Authorization: Bearer $TOKEN"
deleteClaimRuleOptions := iamIdentityService.NewDeleteClaimRuleOptions(profileId, claimRuleId) response, err := iamIdentityService.DeleteClaimRule(deleteClaimRuleOptions) if err != nil { panic(err) }
DeleteClaimRuleOptions deleteClaimRuleOptions = new DeleteClaimRuleOptions.Builder() .profileId(profileId) .ruleId(claimRuleId) .build(); Response<Void> response = identityservice.deleteClaimRule(deleteClaimRuleOptions).execute();
const params = { profileId, ruleId: claimRuleId, }; try { await iamIdentityService.deleteClaimRule(params); } catch (err) { console.warn(err); }
response = iam_identity_service.delete_claim_rule(profile_id=profile_id, rule_id=claimRule_id)
Response
Status Code
Deleted Successful - no further details.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Claim rule with given ID not found.
Conflict - Claim rule could not be deleted.
Internal Server error.
No Sample Response
Create link to a trusted profile
Create a direct link between a specific compute resource and a trusted profile, rather than creating conditions that a compute resource must fulfill to apply a trusted profile.
Create a direct link between a specific compute resource and a trusted profile, rather than creating conditions that a compute resource must fulfill to apply a trusted profile.
Create a direct link between a specific compute resource and a trusted profile, rather than creating conditions that a compute resource must fulfill to apply a trusted profile.
Create a direct link between a specific compute resource and a trusted profile, rather than creating conditions that a compute resource must fulfill to apply a trusted profile.
Create a direct link between a specific compute resource and a trusted profile, rather than creating conditions that a compute resource must fulfill to apply a trusted profile.
POST /v1/profiles/{profile-id}/links
(iamIdentity *IamIdentityV1) CreateLink(createLinkOptions *CreateLinkOptions) (result *ProfileLink, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) CreateLinkWithContext(ctx context.Context, createLinkOptions *CreateLinkOptions) (result *ProfileLink, response *core.DetailedResponse, err error)
ServiceCall<ProfileLink> createLink(CreateLinkOptions createLinkOptions)
createLink(params)
create_link(
self,
profile_id: str,
cr_type: str,
link: 'CreateProfileLinkRequestLink',
*,
name: Optional[str] = None,
**kwargs,
) -> DetailedResponse
Request
Instantiate the CreateLinkOptions
struct and set the fields to provide parameter values for the CreateLink
method.
Use the CreateLinkOptions.Builder
to create a CreateLinkOptions
object that contains the parameter values for the createLink
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
ID of the trusted profile.
Request to create a Link to Trusted profile.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA
Link details
- link
The CRN of the compute resource
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA
Optional name of the Link
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The CreateLink options.
ID of the trusted profile.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
Link details.
- Link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
Optional name of the Link.
The createLink options.
ID of the trusted profile.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
Link details.
- link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
Optional name of the Link.
parameters
ID of the trusted profile.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
Link details.
- link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
Optional name of the Link.
parameters
ID of the trusted profile.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
Link details.
- link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
Optional name of the Link.
curl -X POST "https://iam.cloud.ibm.com/v1/profiles/PROFILE_ID/links" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json" --header "Accept: application/json" --data '{ "name": "my link", "cr_type": "VSI", "link": { "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::computeresource:Fake-Compute-Resource", "namespace": "default", "name": "my compute resource name" } }'
createProfileLinkRequestLink := new(iamidentityv1.CreateProfileLinkRequestLink) createProfileLinkRequestLink.CRN = core.StringPtr("crn:v1:bluemix:public:iam-identity::a/" + accountID + "::computeresource:Fake-Compute-Resource") createProfileLinkRequestLink.Namespace = core.StringPtr("default") createProfileLinkRequestLink.Name = core.StringPtr("niceName") createLinkOptions := iamIdentityService.NewCreateLinkOptions(profileId, "ROKS_SA", createProfileLinkRequestLink) createLinkOptions.SetName("niceLink") link, response, err := iamIdentityService.CreateLink(createLinkOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(link, "", " ") fmt.Println(string(b)) linkId = *link.ID
CreateProfileLinkRequestLink link = new CreateProfileLinkRequestLink.Builder() .crn("crn:v1:bluemix:public:iam-identity::a/" + accountId + "::computeresource:Fake-Compute-Resource") .namespace("default") .name("nice name") .build(); CreateLinkOptions createLinkOptions = new CreateLinkOptions.Builder() .profileId(profileId) .name("Nice link") .crType("ROKS_SA") .link(link) .build(); Response<ProfileLink> response = identityservice.createLink(createLinkOptions).execute(); ProfileLink linkResponse = response.getResult(); linkId = linkResponse.getId(); System.out.println(linkResponse);
const CreateProfileLinkRequestLink = { crn: `crn:v1:bluemix:public:iam-identity::a/{accountId}::computeresource:Fake-Compute-Resource`, namespace: 'default', name: 'nice name', }; const params = { profileId: profileId, name: 'nice link', crType: 'ROKS_SA', link: CreateProfileLinkRequestLink, }; try { const res = await iamIdentityService.createLink(params) linkId = res.result.id console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
CreateProfileLinkRequestLink = {} CreateProfileLinkRequestLink['crn'] = ( 'crn:v1:bluemix:public:iam-identity::a/' + account_id + '::computeresource:Fake-Compute-Resource' ) CreateProfileLinkRequestLink['namespace'] = 'default' CreateProfileLinkRequestLink['name'] = 'nice name' link = iam_identity_service.create_link( profile_id=profile_id, name='nice link', cr_type='ROKS_SA', link=CreateProfileLinkRequestLink ).get_result() print(json.dumps(link, indent=2))
Response
Link details
the unique identifier of the link
version of the link
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA
- link
The CRN of the compute resource
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA
Optional name of the Link
Link details.
the unique identifier of the link.
version of the link.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Optional name of the Link.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
- Link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
Link details.
the unique identifier of the link.
version of the link.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Optional name of the Link.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
- link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
Link details.
the unique identifier of the link.
version of the link.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Optional name of the Link.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
- link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
Link details.
the unique identifier of the link.
version of the link.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Optional name of the Link.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
- link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
Status Code
Link successfully created for trusted profile. Response if the Object could be created in the persistence layer.
Parameter validation failed. Response if required parameters are missing or if parameter values are invalid.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Create Conflict - Link could not be created. Response if the Object could not be created in the persistence layer.
Internal Server error. Response if unexpected error situation. happened.
{ "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "name": "Link to Compute Resource", "cr_type": "VSI", "link": { "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "namespace": "default", "name": "my compute resource name" } }
{ "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "name": "Link to Compute Resource", "cr_type": "VSI", "link": { "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "namespace": "default", "name": "my compute resource name" } }
List links to a trusted profile
Get a list of links to a trusted profile.
Get a list of links to a trusted profile.
Get a list of links to a trusted profile.
Get a list of links to a trusted profile.
Get a list of links to a trusted profile.
GET /v1/profiles/{profile-id}/links
(iamIdentity *IamIdentityV1) ListLinks(listLinksOptions *ListLinksOptions) (result *ProfileLinkList, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) ListLinksWithContext(ctx context.Context, listLinksOptions *ListLinksOptions) (result *ProfileLinkList, response *core.DetailedResponse, err error)
ServiceCall<ProfileLinkList> listLinks(ListLinksOptions listLinksOptions)
listLinks(params)
list_links(
self,
profile_id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the ListLinksOptions
struct and set the fields to provide parameter values for the ListLinks
method.
Use the ListLinksOptions.Builder
to create a ListLinksOptions
object that contains the parameter values for the listLinks
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
ID of the trusted profile
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The ListLinks options.
ID of the trusted profile.
The listLinks options.
ID of the trusted profile.
parameters
ID of the trusted profile.
parameters
ID of the trusted profile.
curl -X GET "https://iam.cloud.ibm.com/v1/profiles/PROFILE_ID/links" --header "Authorization: Bearer $TOKEN" --header "Accept: application/json"
listLinksOptions := iamIdentityService.NewListLinksOptions(profileId) linkList, response, err := iamIdentityService.ListLinks(listLinksOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(linkList, "", " ") fmt.Println(string(b))
ListLinksOptions listLinksOptions = new ListLinksOptions.Builder() .profileId(profileId) .build(); Response<ProfileLinkList> response = identityservice.listLinks(listLinksOptions).execute(); ProfileLinkList links = response.getResult(); System.out.println(links);
const params = { profileId, }; try { const res = await iamIdentityService.listLinks(params); console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
link_list = iam_identity_service.list_links( profile_id=profile_id, ).get_result() print(json.dumps(link_list, indent=2))
Response
List of links to a trusted profile
List of links to a trusted profile.
- Links
the unique identifier of the link.
version of the link.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Optional name of the Link.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
- Link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
List of links to a trusted profile.
- links
the unique identifier of the link.
version of the link.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Optional name of the Link.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
- link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
List of links to a trusted profile.
- links
the unique identifier of the link.
version of the link.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Optional name of the Link.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
- link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
List of links to a trusted profile.
- links
the unique identifier of the link.
version of the link.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Optional name of the Link.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
- link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
Status Code
Successful - Get list of link to a trusted profile
Parameter validation failed. Response if required parameters are missing or if parameter values are invalid.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
profile with provided ID not found.
Internal Server error.
{ "links": [ { "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "name": "Link to Compute Resource", "cr_type": "VSI", "link": { "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "namespace": "default", "name": "my compute resource name" } } ] }
{ "links": [ { "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "name": "Link to Compute Resource", "cr_type": "VSI", "link": { "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "namespace": "default", "name": "my compute resource name" } } ] }
Get link to a trusted profile
Get a specific link to a trusted profile by link_id
.
Get a specific link to a trusted profile by link_id
.
Get a specific link to a trusted profile by link_id
.
Get a specific link to a trusted profile by link_id
.
Get a specific link to a trusted profile by link_id
.
GET /v1/profiles/{profile-id}/links/{link-id}
(iamIdentity *IamIdentityV1) GetLink(getLinkOptions *GetLinkOptions) (result *ProfileLink, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) GetLinkWithContext(ctx context.Context, getLinkOptions *GetLinkOptions) (result *ProfileLink, response *core.DetailedResponse, err error)
ServiceCall<ProfileLink> getLink(GetLinkOptions getLinkOptions)
getLink(params)
get_link(
self,
profile_id: str,
link_id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the GetLinkOptions
struct and set the fields to provide parameter values for the GetLink
method.
Use the GetLinkOptions.Builder
to create a GetLinkOptions
object that contains the parameter values for the getLink
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
ID of the trusted profile
ID of the link
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The GetLink options.
ID of the trusted profile.
ID of the link.
The getLink options.
ID of the trusted profile.
ID of the link.
parameters
ID of the trusted profile.
ID of the link.
parameters
ID of the trusted profile.
ID of the link.
curl -X GET "https://iam.cloud.ibm.com/v1/profiles/PROFILE_ID/links/LINK_ID" --header "Authorization: Bearer $TOKEN" --header "Content-Type: application/json"
getLinkOptions := iamIdentityService.NewGetLinkOptions(profileId, linkId) link, response, err := iamIdentityService.GetLink(getLinkOptions) if err != nil { panic(err) }
GetLinkOptions getLinkOptions = new GetLinkOptions.Builder() .profileId(profileId) .linkId(linkId) .build(); Response<ProfileLink> response = identityservice.getLink(getLinkOptions).execute(); ProfileLink link = response.getResult(); System.out.println(link);
const params = { profileId: profileId, linkId, }; try { const res = await iamIdentityService.getLink(params) console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = iam_identity_service.get_link(profile_id=profile_id, link_id=link_id) link = response.get_result() print(json.dumps(link, indent=2))
Response
Link details
the unique identifier of the link
version of the link
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA
- link
The CRN of the compute resource
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA
Optional name of the Link
Link details.
the unique identifier of the link.
version of the link.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Optional name of the Link.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
- Link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
Link details.
the unique identifier of the link.
version of the link.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Optional name of the Link.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
- link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
Link details.
the unique identifier of the link.
version of the link.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Optional name of the Link.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
- link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
Link details.
the unique identifier of the link.
version of the link.
If set contains a date time string of the creation date in ISO format.
If set contains a date time string of the last modification date in ISO format.
Optional name of the Link.
The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA.
- link
The CRN of the compute resource.
The compute resource namespace, only required if cr_type is IKS_SA or ROKS_SA.
Name of the compute resource, only required if cr_type is IKS_SA or ROKS_SA.
Status Code
Successful - Get of link to a trusted profile
Parameter validation failed. Response if required parameters are missing or if parameter values are invalid.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Link with provided ID not found.
Internal Server error.
{ "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "name": "Link to Compute Resource", "cr_type": "VSI", "link": { "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "namespace": "default", "name": "my compute resource name" } }
{ "id": "ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "created_at": "2021-07-28T10:23+0000", "modified_at": "2021-07-28T10:23+0000", "name": "Link to Compute Resource", "cr_type": "VSI", "link": { "crn": "crn:v1:bluemix:public:iam-identity::a/18e3020749ce4744b0b472466d61fdb4::profile:ClaimRule-faa0b1f4-d9e0-42f3-b61c-3927db1cef9b", "namespace": "default", "name": "my compute resource name" } }
Delete link to a trusted profile
Delete a link between a compute resource and a trusted profile.
Delete a link between a compute resource and a trusted profile.
Delete a link between a compute resource and a trusted profile.
Delete a link between a compute resource and a trusted profile.
Delete a link between a compute resource and a trusted profile.
DELETE /v1/profiles/{profile-id}/links/{link-id}
(iamIdentity *IamIdentityV1) DeleteLink(deleteLinkOptions *DeleteLinkOptions) (response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) DeleteLinkWithContext(ctx context.Context, deleteLinkOptions *DeleteLinkOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> deleteLink(DeleteLinkOptions deleteLinkOptions)
deleteLink(params)
delete_link(
self,
profile_id: str,
link_id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the DeleteLinkOptions
struct and set the fields to provide parameter values for the DeleteLink
method.
Use the DeleteLinkOptions.Builder
to create a DeleteLinkOptions
object that contains the parameter values for the deleteLink
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
ID of the trusted profile
ID of the link
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The DeleteLink options.
ID of the trusted profile.
ID of the link.
The deleteLink options.
ID of the trusted profile.
ID of the link.
parameters
ID of the trusted profile.
ID of the link.
parameters
ID of the trusted profile.
ID of the link.
curl -X DELETE "https://iam.cloud.ibm.com/v1/profiles/PROFILE_ID/links/LINKS_ID" --header "Authorization: Bearer $TOKEN"
deleteLinkOptions := iamIdentityService.NewDeleteLinkOptions(profileId, linkId) response, err := iamIdentityService.DeleteLink(deleteLinkOptions) if err != nil { panic(err) }
DeleteLinkOptions deleteLinkOptions = new DeleteLinkOptions.Builder() .profileId(profileId) .linkId(linkId) .build(); Response<Void> response = identityservice.deleteLink(deleteLinkOptions).execute();
const params = { profileId, linkId, }; try { await iamIdentityService.deleteLink(params); } catch (err) { console.warn(err); }
response = iam_identity_service.delete_link(profile_id=profile_id, link_id=link_id)
Response
Status Code
Deleted Successful - no further details.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Link with given ID not found.
Conflict - Link could not be deleted.
Internal Server error.
No Sample Response
Get a list of identities that can assume the trusted profile
Get a list of identities that can assume the trusted profile
Get a list of identities that can assume the trusted profile.
Get a list of identities that can assume the trusted profile.
Get a list of identities that can assume the trusted profile.
Get a list of identities that can assume the trusted profile.
GET /v1/profiles/{profile-id}/identities
(iamIdentity *IamIdentityV1) GetProfileIdentities(getProfileIdentitiesOptions *GetProfileIdentitiesOptions) (result *ProfileIdentitiesResponse, response *core.DetailedResponse, err error)
(iamIdentity *IamIdentityV1) GetProfileIdentitiesWithContext(ctx context.Context, getProfileIdentitiesOptions *GetProfileIdentitiesOptions) (result *ProfileIdentitiesResponse, response *core.DetailedResponse, err error)
ServiceCall<ProfileIdentitiesResponse> getProfileIdentities(GetProfileIdentitiesOptions getProfileIdentitiesOptions)
getProfileIdentities(params)
get_profile_identities(
self,
profile_id: str,
**kwargs,
) -> DetailedResponse
Request
Instantiate the GetProfileIdentitiesOptions
struct and set the fields to provide parameter values for the GetProfileIdentities
method.
Use the GetProfileIdentitiesOptions.Builder
to create a GetProfileIdentitiesOptions
object that contains the parameter values for the getProfileIdentities
method.
Custom Headers
Authorization Token used for the request. The supported token type is a Cloud IAM Access Token. If the token is omitted the request will fail with BXNIM0308E: 'No authorization header found'. Make sure that the provided token has the required authority for the request.
Path Parameters
ID of the trusted profile.
WithContext method only
A context.Context instance that you can use to specify a timeout for the operation or to cancel an in-flight request.
The GetProfileIdentities options.
ID of the trusted profile.
The getProfileIdentities options.
ID of the trusted profile.
parameters
ID of the trusted profile.
parameters
ID of the trusted profile.
curl -X GET "https://iam.cloud.ibm.com/v1/profiles/PROFILE_ID/identities" --header "Authorization: Bearer $TOKEN" --header "Accept: application/json"
getProfileIdentitiesOptions := iamidentityv1.GetProfileIdentitiesOptions{ ProfileID: &profileId, } profileIdentities, response, err := iamIdentityService.GetProfileIdentities(&getProfileIdentitiesOptions) if err != nil { panic(err) } b, _ := json.MarshalIndent(profileIdentities, "", " ") fmt.Println(string(b))
GetProfileIdentitiesOptions getProfileIdentitiesOptions = new GetProfileIdentitiesOptions.Builder() .profileId(profileId).build(); Response<ProfileIdentitiesResponse> response = identityservice.getProfileIdentities(getProfileIdentitiesOptions) .execute(); ProfileIdentitiesResponse profileIdentityResponseResult = response.getResult(); profileIdentitiesEtag = profileIdentityResponseResult.getEntityTag();
const params = { profileId, }; try { const res = await iamIdentityService.getProfileIdentities(params); const { result } = res; profileIdentitiesEtag = result.entity_tag; console.log(JSON.stringify(res.result, null, 2)); } catch (err) { console.warn(err); }
response = iam_identity_service.get_profile_identities(profile_id=profile_id)
Response
Entity tag of the profile identities response
List of identities
Entity tag of the profile identities response.
List of identities.
- Identities
IAM ID of the identity.
Identifier of the identity that can assume the trusted profiles. This can be a user identifier (IAM id), serviceid or crn. Internally it uses account id of the service id for the identifier 'serviceid' and for the identifier 'crn' it uses account id contained in the CRN.
Type of the identity.
Possible values: [
user
,serviceid
,crn
]Only valid for the type user. Accounts from which a user can assume the trusted profile.
Description of the identity that can assume the trusted profile. This is optional field for all the types of identities. When this field is not set for the identity type 'serviceid' then the description of the service id is used. Description is recommended for the identity type 'crn' E.g. 'Instance 1234 of IBM Cloud Service project'.
Entity tag of the profile identities response.
List of identities.
- identities
IAM ID of the identity.
Identifier of the identity that can assume the trusted profiles. This can be a user identifier (IAM id), serviceid or crn. Internally it uses account id of the service id for the identifier 'serviceid' and for the identifier 'crn' it uses account id contained in the CRN.
Type of the identity.
Possible values: [
user
,serviceid
,crn
]Only valid for the type user. Accounts from which a user can assume the trusted profile.
Description of the identity that can assume the trusted profile. This is optional field for all the types of identities. When this field is not set for the identity type 'serviceid' then the description of the service id is used. Description is recommended for the identity type 'crn' E.g. 'Instance 1234 of IBM Cloud Service project'.
Entity tag of the profile identities response.
List of identities.
- identities
IAM ID of the identity.
Identifier of the identity that can assume the trusted profiles. This can be a user identifier (IAM id), serviceid or crn. Internally it uses account id of the service id for the identifier 'serviceid' and for the identifier 'crn' it uses account id contained in the CRN.
Type of the identity.
Possible values: [
user
,serviceid
,crn
]Only valid for the type user. Accounts from which a user can assume the trusted profile.
Description of the identity that can assume the trusted profile. This is optional field for all the types of identities. When this field is not set for the identity type 'serviceid' then the description of the service id is used. Description is recommended for the identity type 'crn' E.g. 'Instance 1234 of IBM Cloud Service project'.
Entity tag of the profile identities response.
List of identities.
- identities
IAM ID of the identity.
Identifier of the identity that can assume the trusted profiles. This can be a user identifier (IAM id), serviceid or crn. Internally it uses account id of the service id for the identifier 'serviceid' and for the identifier 'crn' it uses account id contained in the CRN.
Type of the identity.
Possible values: [
user
,serviceid
,crn
]Only valid for the type user. Accounts from which a user can assume the trusted profile.
Description of the identity that can assume the trusted profile. This is optional field for all the types of identities. When this field is not set for the identity type 'serviceid' then the description of the service id is used. Description is recommended for the identity type 'crn' E.g. 'Instance 1234 of IBM Cloud Service project'.
Status Code
Successful response with identities
Parameter validation failed.
The incoming request did not contain a valid authentication information.
The incoming request is valid but the user is not allowed to perform the requested action.
Profile not found.
Internal Server error.
{ "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "identities": [ { "iam_id": "IBMid-1234567898", "identifier": "IBMid-1234567898", "type": "user", "name": "user@ibm.com", "email": "user@ibm.com", "accounts": "account in the token", "description": "description" }, { "iam_id": "iam-ServiceId-ee1103f8-e03b-4d02-a977-e540ebdffb16", "identifier": "ServiceId-ee1103f8-e03b-4d02-a977-e540ebdffb16", "type": "serviceid" }, { "iam_id": "crn-crn:v1:bluemix:public:cloudantnosqldb:us-south:a/36d797c19715462e8a0eaeacefe82f8b:4adba58a-c3f7-4c37-b904-bc965e6d562a::", "identifier": "crn:v1:bluemix:public:cloudantnosqldb:us-south:a/36d797c19715462e8a0eaeacefe82f8b:4adba58a-c3f7-4c37-b904-bc965e6d562a::", "type": "crn", "description": "cloudant database shared with profile" } ] }
{ "entity_tag": "1-cd52f1eaf1e7464f9ba30f37c5c5fe32", "identities": [ { "iam_id": "IBMid-1234567898", "identifier": "IBMid-1234567898", "type": "user", "name&quo