-AT&T Auth Tool \r
-==============\r
-\r
---------------\r
-\r
AAF 2.0 RESTful interface\r
=========================\r
\r
---------------\r
-\r
Accessing RESTful\r
-----------------\r
\r
-AAF RESTful service is secured by the following:\r
-\r
-The Client must utilize HTTP/S. Non Secure HTTP is not acceptable\r
+-AAF RESTful service is secured by the following:\r
+-The Client must utilize HTTP/S. Non Secure HTTP is not acceptable\r
+-The Client MUST supply an Identity validated by one of the following mechanisms\r
\r
-The Client MUST supply an Identity validated by one of the following mechanisms\r
-\r
-- Valid Global Login Cookie (CSP)\r
-- BASIC AUTH protocol using CSO Registered MechID, provisioned in AAF\r
-- (Near Future) Application level Certificate & oAuth\r
+ - Valid Global Login Cookie (CSP)\r
+ - BASIC AUTH protocol using CSO Registered MechID, provisioned in AAF\r
+ - BASIC AUTH protocol using ATTUID@csp.att.com, Global Login Password\r
+ - (Available 3rd Qtr 2015) Valid tGuard Login Cookie\r
+ - (Near Future) Application level Certificate\r
\r
Responses\r
\r
\r
XSDs for Versions\r
\r
-\r
AAF can support multiple Versions of the API. Choose the ContentType/Accept that has the appropriate version=?.?\r
\r
+All Errors coming from AAF return AT&T Standard Error Message as a String: `JSON <./example/YXBwbGljYXRpb24vRXJyb3IranNvbg==>`__ `XML <./example/YXBwbGljYXRpb24vRXJyb3IreG1s>`__ (does not apply to errors from Container)\r
\r
Character Restrictions\r
\r
\r
Ask for a Consultation on how these are typically used, or, if your tool is the only Enforcement Point, if set may be expanded\r
\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| Entity | Method | Path Info | Description |\r
-+====================+====================+====================+====================+\r
-| PERMISSION | POST | /authz/perm | Create a |\r
-| | | | Permission |\r
-| | | | |\r
-| | | | Permission |\r
-| | | | consists of: |\r
-| | | | |\r
-| | | | - type - a |\r
-| | | | Namespace |\r
-| | | | qualified |\r
-| | | | identifier |\r
-| | | | specifying what |\r
-| | | | kind of |\r
-| | | | resource is |\r
-| | | | being protected |\r
-| | | | - instance - a |\r
-| | | | key, possibly |\r
-| | | | multi-dimension |\r
-| | | | al, |\r
-| | | | that identifies |\r
-| | | | a specific |\r
-| | | | instance of the |\r
-| | | | type |\r
-| | | | - action - what |\r
-| | | | kind of action |\r
-| | | | is allowed |\r
-| | | | |\r
-| | | | Note: instance and |\r
-| | | | action can be an |\r
-| | | | \* |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 201 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406, 409 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybVJ |\r
-| | | | lcXVlc3QranNvbjtxP |\r
-| | | | TEuMDtjaGFyc2V0PXV |\r
-| | | | 0Zi04O3ZlcnNpb249M |\r
-| | | | i4wLGFwcGxpY2F0aW9 |\r
-| | | | uL2pzb247cT0xLjA7d |\r
-| | | | mVyc2lvbj0yLjAsKi8 |\r
-| | | | qO3E9MS4w>`__\ app |\r
-| | | | lication/PermReque |\r
-| | | | st+json;q=1.0;char |\r
-| | | | set=utf-8;version= |\r
-| | | | 2.0,application/js |\r
-| | | | on;q=1.0;version=2 |\r
-| | | | .0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybVJ |\r
-| | | | lcXVlc3QreG1sO3E9M |\r
-| | | | S4wO2NoYXJzZXQ9dXR |\r
-| | | | mLTg7dmVyc2lvbj0yL |\r
-| | | | jAsdGV4dC94bWw7cT0 |\r
-| | | | xLjA7dmVyc2lvbj0yL |\r
-| | | | jA=>`__\ applicati |\r
-| | | | on/PermRequest+xml |\r
-| | | | ;q=1.0;charset=utf |\r
-| | | | -8;version=2.0,tex |\r
-| | | | t/xml;q=1.0;versio |\r
-| | | | n=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | PUT | /authz/perm | Set Description |\r
-| | | | for Permission |\r
-| | | | |\r
-| | | | Add Description |\r
-| | | | Data to Perm |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybVJ |\r
-| | | | lcXVlc3QranNvbjtxP |\r
-| | | | TEuMDtjaGFyc2V0PXV |\r
-| | | | 0Zi04O3ZlcnNpb249M |\r
-| | | | i4wLGFwcGxpY2F0aW9 |\r
-| | | | uL2pzb247cT0xLjA7d |\r
-| | | | mVyc2lvbj0yLjAsKi8 |\r
-| | | | qO3E9MS4w>`__\ app |\r
-| | | | lication/PermReque |\r
-| | | | st+json;q=1.0;char |\r
-| | | | set=utf-8;version= |\r
-| | | | 2.0,application/js |\r
-| | | | on;q=1.0;version=2 |\r
-| | | | .0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybVJ |\r
-| | | | lcXVlc3QreG1sO3E9M |\r
-| | | | S4wO2NoYXJzZXQ9dXR |\r
-| | | | mLTg7dmVyc2lvbj0yL |\r
-| | | | jAsdGV4dC94bWw7cT0 |\r
-| | | | xLjA7dmVyc2lvbj0yL |\r
-| | | | jA=>`__\ applicati |\r
-| | | | on/PermRequest+xml |\r
-| | | | ;q=1.0;charset=utf |\r
-| | | | -8;version=2.0,tex |\r
-| | | | t/xml;q=1.0;versio |\r
-| | | | n=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | DELETE | /authz/perm | Delete a |\r
-| | | | Permission |\r
-| | | | |\r
-| | | | Delete the |\r
-| | | | Permission |\r
-| | | | referenced by |\r
-| | | | PermKey. |\r
-| | | | |\r
-| | | | You cannot |\r
-| | | | normally delete a |\r
-| | | | permission which |\r
-| | | | is still granted |\r
-| | | | to roles, |\r
-| | | | |\r
-| | | | however the |\r
-| | | | "force" property |\r
-| | | | allows you to do |\r
-| | | | just that. To do |\r
-| | | | this: Add |\r
-| | | | |\r
-| | | | 'force=true' as a |\r
-| | | | query parameter. |\r
-| | | | |\r
-| | | | WARNING: Using |\r
-| | | | force will ungrant |\r
-| | | | this permission |\r
-| | | | from all roles. |\r
-| | | | Use with care. |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybVJ |\r
-| | | | lcXVlc3QranNvbjtxP |\r
-| | | | TEuMDtjaGFyc2V0PXV |\r
-| | | | 0Zi04O3ZlcnNpb249M |\r
-| | | | i4wLGFwcGxpY2F0aW9 |\r
-| | | | uL2pzb247cT0xLjA7d |\r
-| | | | mVyc2lvbj0yLjAsKi8 |\r
-| | | | qO3E9MS4w>`__\ app |\r
-| | | | lication/PermReque |\r
-| | | | st+json;q=1.0;char |\r
-| | | | set=utf-8;version= |\r
-| | | | 2.0,application/js |\r
-| | | | on;q=1.0;version=2 |\r
-| | | | .0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybVJ |\r
-| | | | lcXVlc3QreG1sO3E9M |\r
-| | | | S4wO2NoYXJzZXQ9dXR |\r
-| | | | mLTg7dmVyc2lvbj0yL |\r
-| | | | jAsdGV4dC94bWw7cT0 |\r
-| | | | xLjA7dmVyc2lvbj0yL |\r
-| | | | jA=>`__\ applicati |\r
-| | | | on/PermRequest+xml |\r
-| | | | ;q=1.0;charset=utf |\r
-| | | | -8;version=2.0,tex |\r
-| | | | t/xml;q=1.0;versio |\r
-| | | | n=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | DELETE | /authz/perm/:name/ | Delete a |\r
-| | | :type/:action | Permission |\r
-| | | | |\r
-| | | | Delete the |\r
-| | | | Permission |\r
-| | | | referenced by |\r
-| | | | :type :instance |\r
-| | | | :action |\r
-| | | | |\r
-| | | | You cannot |\r
-| | | | normally delete a |\r
-| | | | permission which |\r
-| | | | is still granted |\r
-| | | | to roles, |\r
-| | | | |\r
-| | | | however the |\r
-| | | | "force" property |\r
-| | | | allows you to do |\r
-| | | | just that. To do |\r
-| | | | this: Add |\r
-| | | | |\r
-| | | | 'force=true' as a |\r
-| | | | query parameter |\r
-| | | | |\r
-| | | | WARNING: Using |\r
-| | | | force will ungrant |\r
-| | | | this permission |\r
-| | | | from all roles. |\r
-| | | | Use with care. |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | type : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | instance : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | action : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybUt |\r
-| | | | leStqc29uO3E9MS4wO |\r
-| | | | 2NoYXJzZXQ9dXRmLTg |\r
-| | | | 7dmVyc2lvbj0yLjAsY |\r
-| | | | XBwbGljYXRpb24vanN |\r
-| | | | vbjtxPTEuMDt2ZXJza |\r
-| | | | W9uPTIuMCwqLyo7cT0 |\r
-| | | | xLjA=>`__\ applica |\r
-| | | | tion/PermKey+json; |\r
-| | | | q=1.0;charset=utf- |\r
-| | | | 8;version=2.0,appl |\r
-| | | | ication/json;q=1.0 |\r
-| | | | ;version=2.0,\*/\* |\r
-| | | | ;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybUt |\r
-| | | | leSt4bWw7cT0xLjA7Y |\r
-| | | | 2hhcnNldD11dGYtODt |\r
-| | | | 2ZXJzaW9uPTIuMCx0Z |\r
-| | | | Xh0L3htbDtxPTEuMDt |\r
-| | | | 2ZXJzaW9uPTIuMA==> |\r
-| | | | `__\ application/P |\r
-| | | | ermKey+xml;q=1.0;c |\r
-| | | | harset=utf-8;versi |\r
-| | | | on=2.0,text/xml;q= |\r
-| | | | 1.0;version=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | PUT | /authz/perm/:type/ | Update a |\r
-| | | :instance/:action | Permission |\r
-| | | | |\r
-| | | | Rename the |\r
-| | | | Permission |\r
-| | | | referenced by |\r
-| | | | :type :instance |\r
-| | | | :action, and |\r
-| | | | rename |\r
-| | | | (copy/delete) to |\r
-| | | | the Permission |\r
-| | | | described in |\r
-| | | | PermRequest |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | type : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | instance : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | action : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406, 409 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybVJ |\r
-| | | | lcXVlc3QranNvbjtxP |\r
-| | | | TEuMDtjaGFyc2V0PXV |\r
-| | | | 0Zi04O3ZlcnNpb249M |\r
-| | | | i4wLGFwcGxpY2F0aW9 |\r
-| | | | uL2pzb247cT0xLjA7d |\r
-| | | | mVyc2lvbj0yLjAsKi8 |\r
-| | | | qO3E9MS4w>`__\ app |\r
-| | | | lication/PermReque |\r
-| | | | st+json;q=1.0;char |\r
-| | | | set=utf-8;version= |\r
-| | | | 2.0,application/js |\r
-| | | | on;q=1.0;version=2 |\r
-| | | | .0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybVJ |\r
-| | | | lcXVlc3QreG1sO3E9M |\r
-| | | | S4wO2NoYXJzZXQ9dXR |\r
-| | | | mLTg7dmVyc2lvbj0yL |\r
-| | | | jAsdGV4dC94bWw7cT0 |\r
-| | | | xLjA7dmVyc2lvbj0yL |\r
-| | | | jA=>`__\ applicati |\r
-| | | | on/PermRequest+xml |\r
-| | | | ;q=1.0;charset=utf |\r
-| | | | -8;version=2.0,tex |\r
-| | | | t/xml;q=1.0;versio |\r
-| | | | n=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/perms/:type | Get Permissions by |\r
-| | | | Type |\r
-| | | | |\r
-| | | | List All |\r
-| | | | Permissions that |\r
-| | | | match the :type |\r
-| | | | element of the key |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | type : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybXM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MS4 |\r
-| | | | w>`__\ application |\r
-| | | | /Perms+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybXM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Perms |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/perms/:type | Get Permissions by |\r
-| | | /:instance/:action | Key |\r
-| | | | |\r
-| | | | List Permissions |\r
-| | | | that match key; |\r
-| | | | :type, :instance |\r
-| | | | and :action |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | type : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | instance : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | action : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybXM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MS4 |\r
-| | | | w>`__\ application |\r
-| | | | /Perms+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybXM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Perms |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/perms/ns/:n | Get PermsByNS |\r
-| | | s | |\r
-| | | | List All |\r
-| | | | Permissions that |\r
-| | | | are in Namespace |\r
-| | | | :ns |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | ns : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybXM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MC4 |\r
-| | | | y>`__\ application |\r
-| | | | /Perms+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=0.2 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybXM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Perms |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/perms/role/ | Get Permissions by |\r
-| | | :role | Role |\r
-| | | | |\r
-| | | | List All |\r
-| | | | Permissions that |\r
-| | | | are granted to |\r
-| | | | :role |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | role : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybXM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MS4 |\r
-| | | | w>`__\ application |\r
-| | | | /Perms+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybXM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Perms |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | POST | /authz/perms/user/ | Get Permissions by |\r
-| | | :user | User, Query AAF |\r
-| | | | Perms |\r
-| | | | |\r
-| | | | List All |\r
-| | | | Permissions that |\r
-| | | | match user :user |\r
-| | | | |\r
-| | | | 'user' must be |\r
-| | | | expressed as full |\r
-| | | | identity (ex: |\r
-| | | | id@full.domain.com |\r
-| | | | ) |\r
-| | | | |\r
-| | | | Present Queries as |\r
-| | | | one or more |\r
-| | | | Permissions (see |\r
-| | | | ContentType Links |\r
-| | | | below for format). |\r
-| | | | |\r
-| | | | If the Caller is |\r
-| | | | Granted this |\r
-| | | | specific |\r
-| | | | Permission, and |\r
-| | | | the Permission is |\r
-| | | | valid |\r
-| | | | |\r
-| | | | for the User, it |\r
-| | | | will be included |\r
-| | | | in response |\r
-| | | | Permissions, along |\r
-| | | | with |\r
-| | | | |\r
-| | | | all the normal |\r
-| | | | permissions on the |\r
-| | | | 'GET' version of |\r
-| | | | this call. If it |\r
-| | | | is not |\r
-| | | | |\r
-| | | | valid, or Caller |\r
-| | | | does not have |\r
-| | | | permission to see, |\r
-| | | | it will be removed |\r
-| | | | from the list |\r
-| | | | |\r
-| | | | \*Note: This |\r
-| | | | design allows you |\r
-| | | | to make one call |\r
-| | | | for all expected |\r
-| | | | permissions |\r
-| | | | |\r
-| | | | The permission to |\r
-| | | | be included MUST |\r
-| | | | be: |\r
-| | | | |\r
-| | | | .access\|:[:key]\| |\r
-| | | | |\r
-| | | | examples: |\r
-| | | | |\r
-| | | | com.onap.myns.acces |\r
-| | | | s\|:ns\|write |\r
-| | | | |\r
-| | | | com.onap.myns.acces |\r
-| | | | s\|:role:myrole\|c |\r
-| | | | reate |\r
-| | | | |\r
-| | | | com.onap.myns.acces |\r
-| | | | s\|:perm:mytype:my |\r
-| | | | instance:myaction\ |\r
-| | | | |read |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | user : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybXM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MS4 |\r
-| | | | w>`__\ application |\r
-| | | | /Perms+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybXM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Perms |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/perms/user/ | Get Permissions by |\r
-| | | :user | User |\r
-| | | | |\r
-| | | | List All |\r
-| | | | Permissions that |\r
-| | | | match user :user |\r
-| | | | |\r
-| | | | 'user' must be |\r
-| | | | expressed as full |\r
-| | | | identity (ex: |\r
-| | | | id@full.domain.com |\r
-| | | | ) |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | user : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybXM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MC4 |\r
-| | | | y>`__\ application |\r
-| | | | /Perms+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=0.2 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUGVybXM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Perms |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| ROLE | POST | /authz/role | Create Role |\r
-| | | | |\r
-| | | | Roles are part of |\r
-| | | | Namespaces |\r
-| | | | |\r
-| | | | Examples: |\r
-| | | | |\r
-| | | | - com.onap.aaf - |\r
-| | | | The team that |\r
-| | | | created and |\r
-| | | | maintains AAF |\r
-| | | | - com.onap.csp - |\r
-| | | | The team that |\r
-| | | | created Global |\r
-| | | | Login |\r
-| | | | |\r
-| | | | Roles do not |\r
-| | | | include implied |\r
-| | | | permissions for an |\r
-| | | | App. Instead, they |\r
-| | | | contain explicit |\r
-| | | | Granted |\r
-| | | | Permissions by any |\r
-| | | | Namespace in AAF |\r
-| | | | (See Permissions) |\r
-| | | | |\r
-| | | | Restrictions on |\r
-| | | | Role Names: |\r
-| | | | |\r
-| | | | - Must start with |\r
-| | | | valid Namespace |\r
-| | | | name, |\r
-| | | | terminated by . |\r
-| | | | (dot/period) |\r
-| | | | - Allowed |\r
-| | | | Characters are |\r
-| | | | a-zA-Z0-9.\_- |\r
-| | | | - role names are |\r
-| | | | Case Sensitive |\r
-| | | | |\r
-| | | | The right |\r
-| | | | questions to ask |\r
-| | | | for defining and |\r
-| | | | populating a Role |\r
-| | | | in AAF, therefore, |\r
-| | | | are: |\r
-| | | | |\r
-| | | | - 'What Job |\r
-| | | | Function does |\r
-| | | | this |\r
-| | | | represent?' |\r
-| | | | - 'Does this |\r
-| | | | person perform |\r
-| | | | this Job |\r
-| | | | Function?' |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 201 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406, 409 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZVJ |\r
-| | | | lcXVlc3QranNvbjtxP |\r
-| | | | TEuMDtjaGFyc2V0PXV |\r
-| | | | 0Zi04O3ZlcnNpb249M |\r
-| | | | i4wLGFwcGxpY2F0aW9 |\r
-| | | | uL2pzb247cT0xLjA7d |\r
-| | | | mVyc2lvbj0yLjAsKi8 |\r
-| | | | qO3E9MS4w>`__\ app |\r
-| | | | lication/RoleReque |\r
-| | | | st+json;q=1.0;char |\r
-| | | | set=utf-8;version= |\r
-| | | | 2.0,application/js |\r
-| | | | on;q=1.0;version=2 |\r
-| | | | .0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZVJ |\r
-| | | | lcXVlc3QreG1sO3E9M |\r
-| | | | S4wO2NoYXJzZXQ9dXR |\r
-| | | | mLTg7dmVyc2lvbj0yL |\r
-| | | | jAsdGV4dC94bWw7cT0 |\r
-| | | | xLjA7dmVyc2lvbj0yL |\r
-| | | | jA=>`__\ applicati |\r
-| | | | on/RoleRequest+xml |\r
-| | | | ;q=1.0;charset=utf |\r
-| | | | -8;version=2.0,tex |\r
-| | | | t/xml;q=1.0;versio |\r
-| | | | n=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | PUT | /authz/role | Set Description |\r
-| | | | for role |\r
-| | | | |\r
-| | | | Add Description |\r
-| | | | Data to a Role |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZVJ |\r
-| | | | lcXVlc3QranNvbjtxP |\r
-| | | | TEuMDtjaGFyc2V0PXV |\r
-| | | | 0Zi04O3ZlcnNpb249M |\r
-| | | | i4wLGFwcGxpY2F0aW9 |\r
-| | | | uL2pzb247cT0xLjA7d |\r
-| | | | mVyc2lvbj0yLjAsKi8 |\r
-| | | | qO3E9MS4w>`__\ app |\r
-| | | | lication/RoleReque |\r
-| | | | st+json;q=1.0;char |\r
-| | | | set=utf-8;version= |\r
-| | | | 2.0,application/js |\r
-| | | | on;q=1.0;version=2 |\r
-| | | | .0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZVJ |\r
-| | | | lcXVlc3QreG1sO3E9M |\r
-| | | | S4wO2NoYXJzZXQ9dXR |\r
-| | | | mLTg7dmVyc2lvbj0yL |\r
-| | | | jAsdGV4dC94bWw7cT0 |\r
-| | | | xLjA7dmVyc2lvbj0yL |\r
-| | | | jA=>`__\ applicati |\r
-| | | | on/RoleRequest+xml |\r
-| | | | ;q=1.0;charset=utf |\r
-| | | | -8;version=2.0,tex |\r
-| | | | t/xml;q=1.0;versio |\r
-| | | | n=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | DELETE | /authz/role | Delete Role |\r
-| | | | |\r
-| | | | Delete the Role |\r
-| | | | referenced by |\r
-| | | | RoleKey |\r
-| | | | |\r
-| | | | You cannot |\r
-| | | | normally delete a |\r
-| | | | role which still |\r
-| | | | has permissions |\r
-| | | | granted or users |\r
-| | | | assigned to it, |\r
-| | | | |\r
-| | | | however the |\r
-| | | | "force" property |\r
-| | | | allows you to do |\r
-| | | | just that. To do |\r
-| | | | this: Add |\r
-| | | | 'force=true' |\r
-| | | | |\r
-| | | | as a query |\r
-| | | | parameter. |\r
-| | | | |\r
-| | | | WARNING: Using |\r
-| | | | force will remove |\r
-| | | | all users and |\r
-| | | | permission from |\r
-| | | | this role. Use |\r
-| | | | with care. |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZVJ |\r
-| | | | lcXVlc3QranNvbjtxP |\r
-| | | | TEuMDtjaGFyc2V0PXV |\r
-| | | | 0Zi04O3ZlcnNpb249M |\r
-| | | | i4wLGFwcGxpY2F0aW9 |\r
-| | | | uL2pzb247cT0xLjA7d |\r
-| | | | mVyc2lvbj0yLjAsKi8 |\r
-| | | | qO3E9MS4w>`__\ app |\r
-| | | | lication/RoleReque |\r
-| | | | st+json;q=1.0;char |\r
-| | | | set=utf-8;version= |\r
-| | | | 2.0,application/js |\r
-| | | | on;q=1.0;version=2 |\r
-| | | | .0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZVJ |\r
-| | | | lcXVlc3QreG1sO3E9M |\r
-| | | | S4wO2NoYXJzZXQ9dXR |\r
-| | | | mLTg7dmVyc2lvbj0yL |\r
-| | | | jAsdGV4dC94bWw7cT0 |\r
-| | | | xLjA7dmVyc2lvbj0yL |\r
-| | | | jA=>`__\ applicati |\r
-| | | | on/RoleRequest+xml |\r
-| | | | ;q=1.0;charset=utf |\r
-| | | | -8;version=2.0,tex |\r
-| | | | t/xml;q=1.0;versio |\r
-| | | | n=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | DELETE | /authz/role/:role | Delete Role |\r
-| | | | |\r
-| | | | Delete the Role |\r
-| | | | named :role |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | role : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZSt |\r
-| | | | qc29uO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsYXBwb |\r
-| | | | GljYXRpb24vanNvbjt |\r
-| | | | xPTEuMDt2ZXJzaW9uP |\r
-| | | | TIuMCwqLyo7cT0xLjA |\r
-| | | | =>`__\ application |\r
-| | | | /Role+json;q=1.0;c |\r
-| | | | harset=utf-8;versi |\r
-| | | | on=2.0,application |\r
-| | | | /json;q=1.0;versio |\r
-| | | | n=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZSt |\r
-| | | | 4bWw7cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCx0ZXh0L |\r
-| | | | 3htbDtxPTEuMDt2ZXJ |\r
-| | | | zaW9uPTIuMA==>`__\ |\r
-| | | | application/Role+ |\r
-| | | | xml;q=1.0;charset= |\r
-| | | | utf-8;version=2.0, |\r
-| | | | text/xml;q=1.0;ver |\r
-| | | | sion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | DELETE | /authz/role/:role/ | Delete Permission |\r
-| | | perm | from Role |\r
-| | | | |\r
-| | | | Ungrant a |\r
-| | | | permission from |\r
-| | | | Role :role |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | role : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZVB |\r
-| | | | lcm1SZXF1ZXN0K2pzb |\r
-| | | | 247cT0xLjA7Y2hhcnN |\r
-| | | | ldD11dGYtODt2ZXJza |\r
-| | | | W9uPTIuMCxhcHBsaWN |\r
-| | | | hdGlvbi9qc29uO3E9M |\r
-| | | | S4wO3ZlcnNpb249Mi4 |\r
-| | | | wLCovKjtxPTEuMA==> |\r
-| | | | `__\ application/R |\r
-| | | | olePermRequest+jso |\r
-| | | | n;q=1.0;charset=ut |\r
-| | | | f-8;version=2.0,ap |\r
-| | | | plication/json;q=1 |\r
-| | | | .0;version=2.0,\*/ |\r
-| | | | \*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZVB |\r
-| | | | lcm1SZXF1ZXN0K3htb |\r
-| | | | DtxPTEuMDtjaGFyc2V |\r
-| | | | 0PXV0Zi04O3ZlcnNpb |\r
-| | | | 249Mi4wLHRleHQveG1 |\r
-| | | | sO3E9MS4wO3ZlcnNpb |\r
-| | | | 249Mi4w>`__\ appli |\r
-| | | | cation/RolePermReq |\r
-| | | | uest+xml;q=1.0;cha |\r
-| | | | rset=utf-8;version |\r
-| | | | =2.0,text/xml;q=1. |\r
-| | | | 0;version=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | POST | /authz/role/perm | Add Permission to |\r
-| | | | Role |\r
-| | | | |\r
-| | | | Grant a Permission |\r
-| | | | to a Role |\r
-| | | | |\r
-| | | | Permission |\r
-| | | | consists of: |\r
-| | | | |\r
-| | | | - type - a |\r
-| | | | Namespace |\r
-| | | | qualified |\r
-| | | | identifier |\r
-| | | | specifying what |\r
-| | | | kind of |\r
-| | | | resource is |\r
-| | | | being protected |\r
-| | | | - instance - a |\r
-| | | | key, possibly |\r
-| | | | multi-dimension |\r
-| | | | al, |\r
-| | | | that identifies |\r
-| | | | a specific |\r
-| | | | instance of the |\r
-| | | | type |\r
-| | | | - action - what |\r
-| | | | kind of action |\r
-| | | | is allowed |\r
-| | | | |\r
-| | | | Note: instance and |\r
-| | | | action can be an |\r
-| | | | \* |\r
-| | | | |\r
-| | | | Note: Using the |\r
-| | | | "force" property |\r
-| | | | will create the |\r
-| | | | Permission, if it |\r
-| | | | doesn't exist AND |\r
-| | | | the requesting ID |\r
-| | | | is allowed to |\r
-| | | | create. It will |\r
-| | | | then grant |\r
-| | | | |\r
-| | | | the permission to |\r
-| | | | the role in one |\r
-| | | | step. To do this: |\r
-| | | | add 'force=true' |\r
-| | | | as a query |\r
-| | | | parameter. |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 201 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406, 409 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZVB |\r
-| | | | lcm1SZXF1ZXN0K2pzb |\r
-| | | | 247cT0xLjA7Y2hhcnN |\r
-| | | | ldD11dGYtODt2ZXJza |\r
-| | | | W9uPTIuMCxhcHBsaWN |\r
-| | | | hdGlvbi9qc29uO3E9M |\r
-| | | | S4wO3ZlcnNpb249Mi4 |\r
-| | | | wLCovKjtxPTEuMA==> |\r
-| | | | `__\ application/R |\r
-| | | | olePermRequest+jso |\r
-| | | | n;q=1.0;charset=ut |\r
-| | | | f-8;version=2.0,ap |\r
-| | | | plication/json;q=1 |\r
-| | | | .0;version=2.0,\*/ |\r
-| | | | \*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZVB |\r
-| | | | lcm1SZXF1ZXN0K3htb |\r
-| | | | DtxPTEuMDtjaGFyc2V |\r
-| | | | 0PXV0Zi04O3ZlcnNpb |\r
-| | | | 249Mi4wLHRleHQveG1 |\r
-| | | | sO3E9MS4wO3ZlcnNpb |\r
-| | | | 249Mi4w>`__\ appli |\r
-| | | | cation/RolePermReq |\r
-| | | | uest+xml;q=1.0;cha |\r
-| | | | rset=utf-8;version |\r
-| | | | =2.0,text/xml;q=1. |\r
-| | | | 0;version=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | PUT | /authz/role/perm | Set a Permission's |\r
-| | | | Roles |\r
-| | | | |\r
-| | | | Set a permission's |\r
-| | | | roles to roles |\r
-| | | | given |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 201 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406, 409 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZVB |\r
-| | | | lcm1SZXF1ZXN0K2pzb |\r
-| | | | 247cT0xLjA7Y2hhcnN |\r
-| | | | ldD11dGYtODt2ZXJza |\r
-| | | | W9uPTIuMCxhcHBsaWN |\r
-| | | | hdGlvbi9qc29uO3E9M |\r
-| | | | S4wO3ZlcnNpb249Mi4 |\r
-| | | | wLCovKjtxPTEuMA==> |\r
-| | | | `__\ application/R |\r
-| | | | olePermRequest+jso |\r
-| | | | n;q=1.0;charset=ut |\r
-| | | | f-8;version=2.0,ap |\r
-| | | | plication/json;q=1 |\r
-| | | | .0;version=2.0,\*/ |\r
-| | | | \*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZVB |\r
-| | | | lcm1SZXF1ZXN0K3htb |\r
-| | | | DtxPTEuMDtjaGFyc2V |\r
-| | | | 0PXV0Zi04O3ZlcnNpb |\r
-| | | | 249Mi4wLHRleHQveG1 |\r
-| | | | sO3E9MS4wO3ZlcnNpb |\r
-| | | | 249Mi4w>`__\ appli |\r
-| | | | cation/RolePermReq |\r
-| | | | uest+xml;q=1.0;cha |\r
-| | | | rset=utf-8;version |\r
-| | | | =2.0,text/xml;q=1. |\r
-| | | | 0;version=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/roles/:role | GetRolesByFullName |\r
-| | | | |\r
-| | | | List Roles that |\r
-| | | | match :role |\r
-| | | | |\r
-| | | | Note: You must |\r
-| | | | have permission to |\r
-| | | | see any given role |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | role : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZXM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MS4 |\r
-| | | | w>`__\ application |\r
-| | | | /Roles+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZXM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Roles |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/roles/name/ | GetRolesByNameOnly |\r
-| | | :name | |\r
-| | | | List all Roles for |\r
-| | | | only the Name of |\r
-| | | | Role (without |\r
-| | | | Namespace) |\r
-| | | | |\r
-| | | | Note: You must |\r
-| | | | have permission to |\r
-| | | | see any given role |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | name : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZXM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MS4 |\r
-| | | | w>`__\ application |\r
-| | | | /Roles+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZXM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Roles |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/roles/ns/:n | GetRolesByNS |\r
-| | | s | |\r
-| | | | List all Roles for |\r
-| | | | the Namespace :ns |\r
-| | | | |\r
-| | | | Note: You must |\r
-| | | | have permission to |\r
-| | | | see any given role |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | ns : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZXM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MC4 |\r
-| | | | y>`__\ application |\r
-| | | | /Roles+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=0.2 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZXM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Roles |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/roles/perm/ | GetRolesByPerm |\r
-| | | :type/:instance/:a | |\r
-| | | ction | Find all Roles |\r
-| | | | containing the |\r
-| | | | given |\r
-| | | | Permission.Permiss |\r
-| | | | ion |\r
-| | | | consists of: |\r
-| | | | |\r
-| | | | - type - a |\r
-| | | | Namespace |\r
-| | | | qualified |\r
-| | | | identifier |\r
-| | | | specifying what |\r
-| | | | kind of |\r
-| | | | resource is |\r
-| | | | being protected |\r
-| | | | - instance - a |\r
-| | | | key, possibly |\r
-| | | | multi-dimension |\r
-| | | | al, |\r
-| | | | that identifies |\r
-| | | | a specific |\r
-| | | | instance of the |\r
-| | | | type |\r
-| | | | - action - what |\r
-| | | | kind of action |\r
-| | | | is allowed |\r
-| | | | |\r
-| | | | Notes: instance |\r
-| | | | and action can be |\r
-| | | | an \* |\r
-| | | | |\r
-| | | | You must have |\r
-| | | | permission to see |\r
-| | | | any given role |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | type : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | instance : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | action : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZXM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MS4 |\r
-| | | | w>`__\ application |\r
-| | | | /Roles+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZXM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Roles |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/roles/user/ | GetRolesByUser |\r
-| | | :name | |\r
-| | | | List all Roles |\r
-| | | | that match user |\r
-| | | | :name |\r
-| | | | |\r
-| | | | 'user' must be |\r
-| | | | expressed as full |\r
-| | | | identity (ex: |\r
-| | | | id@full.domain.com |\r
-| | | | ) |\r
-| | | | |\r
-| | | | Note: You must |\r
-| | | | have permission to |\r
-| | | | see any given role |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | name : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZXM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MS4 |\r
-| | | | w>`__\ application |\r
-| | | | /Roles+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vUm9sZXM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Roles |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | POST | /authz/userRole | Request User Role |\r
-| | | | Access |\r
-| | | | |\r
-| | | | Create a UserRole |\r
-| | | | relationship (add |\r
-| | | | User to Role) |\r
-| | | | |\r
-| | | | A UserRole is an |\r
-| | | | object |\r
-| | | | Representation of |\r
-| | | | membership of a |\r
-| | | | Role for limited |\r
-| | | | time. |\r
-| | | | |\r
-| | | | If a shorter |\r
-| | | | amount of time for |\r
-| | | | Role ownership is |\r
-| | | | required, use the |\r
-| | | | 'End' field. |\r
-| | | | |\r
-| | | | \*\* Note: Owners |\r
-| | | | of Namespaces will |\r
-| | | | be required to |\r
-| | | | revalidate users |\r
-| | | | in these roles |\r
-| | | | |\r
-| | | | before Expirations |\r
-| | | | expire. Namespace |\r
-| | | | owners will be |\r
-| | | | notified by email. |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 201 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406, 409 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlclJ |\r
-| | | | vbGVSZXF1ZXN0K2pzb |\r
-| | | | 247cT0xLjA7Y2hhcnN |\r
-| | | | ldD11dGYtODt2ZXJza |\r
-| | | | W9uPTIuMCxhcHBsaWN |\r
-| | | | hdGlvbi9qc29uO3E9M |\r
-| | | | S4wO3ZlcnNpb249Mi4 |\r
-| | | | wLCovKjtxPTEuMA==> |\r
-| | | | `__\ application/U |\r
-| | | | serRoleRequest+jso |\r
-| | | | n;q=1.0;charset=ut |\r
-| | | | f-8;version=2.0,ap |\r
-| | | | plication/json;q=1 |\r
-| | | | .0;version=2.0,\*/ |\r
-| | | | \*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlclJ |\r
-| | | | vbGVSZXF1ZXN0K3htb |\r
-| | | | DtxPTEuMDtjaGFyc2V |\r
-| | | | 0PXV0Zi04O3ZlcnNpb |\r
-| | | | 249Mi4wLHRleHQveG1 |\r
-| | | | sO3E9MS4wO3ZlcnNpb |\r
-| | | | 249Mi4w>`__\ appli |\r
-| | | | cation/UserRoleReq |\r
-| | | | uest+xml;q=1.0;cha |\r
-| | | | rset=utf-8;version |\r
-| | | | =2.0,text/xml;q=1. |\r
-| | | | 0;version=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/userRole/:u | Get if User is In |\r
-| | | ser/:role | Role |\r
-| | | | |\r
-| | | | Returns the User |\r
-| | | | (with Expiration |\r
-| | | | date from listed |\r
-| | | | User/Role) if it |\r
-| | | | exists |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | user : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | role : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlcnM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MS4 |\r
-| | | | w>`__\ application |\r
-| | | | /Users+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlcnM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Users |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | DELETE | /authz/userRole/:u | Delete User Role |\r
-| | | ser/:role | |\r
-| | | | Remove Role :role |\r
-| | | | from User :user. |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | user : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | role : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | qc29uO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsYXBwb |\r
-| | | | GljYXRpb24vanNvbjt |\r
-| | | | xPTEuMDt2ZXJzaW9uP |\r
-| | | | TIuMCwqLyo7cT0xLjA |\r
-| | | | =>`__\ application |\r
-| | | | /Void+json;q=1.0;c |\r
-| | | | harset=utf-8;versi |\r
-| | | | on=2.0,application |\r
-| | | | /json;q=1.0;versio |\r
-| | | | n=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | 4bWw7cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCx0ZXh0L |\r
-| | | | 3htbDtxPTEuMDt2ZXJ |\r
-| | | | zaW9uPTIuMA==>`__\ |\r
-| | | | application/Void+ |\r
-| | | | xml;q=1.0;charset= |\r
-| | | | utf-8;version=2.0, |\r
-| | | | text/xml;q=1.0;ver |\r
-| | | | sion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | PUT | /authz/userRole/ex | Extend Expiration |\r
-| | | tend/:user/:role | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | qc29uO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsYXBwb |\r
-| | | | GljYXRpb24vanNvbjt |\r
-| | | | xPTEuMDt2ZXJzaW9uP |\r
-| | | | TIuMCwqLyo7cT0xLjA |\r
-| | | | =>`__\ application |\r
-| | | | /Void+json;q=1.0;c |\r
-| | | | harset=utf-8;versi |\r
-| | | | on=2.0,application |\r
-| | | | /json;q=1.0;versio |\r
-| | | | n=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | 4bWw7cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCx0ZXh0L |\r
-| | | | 3htbDtxPTEuMDt2ZXJ |\r
-| | | | zaW9uPTIuMA==>`__\ |\r
-| | | | application/Void+ |\r
-| | | | xml;q=1.0;charset= |\r
-| | | | utf-8;version=2.0, |\r
-| | | | text/xml;q=1.0;ver |\r
-| | | | sion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | PUT | /authz/userRole/ro | Update Users for a |\r
-| | | le | role |\r
-| | | | |\r
-| | | | Set a Role's users |\r
-| | | | to the users |\r
-| | | | specified in the |\r
-| | | | UserRoleRequest |\r
-| | | | object. |\r
-| | | | |\r
-| | | | WARNING: Users |\r
-| | | | supplied will be |\r
-| | | | the ONLY users |\r
-| | | | attached to this |\r
-| | | | role |\r
-| | | | |\r
-| | | | If no users are |\r
-| | | | supplied, role's |\r
-| | | | users are reset. |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlclJ |\r
-| | | | vbGVSZXF1ZXN0K2pzb |\r
-| | | | 247cT0xLjA7Y2hhcnN |\r
-| | | | ldD11dGYtODt2ZXJza |\r
-| | | | W9uPTIuMCxhcHBsaWN |\r
-| | | | hdGlvbi9qc29uO3E9M |\r
-| | | | S4wO3ZlcnNpb249Mi4 |\r
-| | | | wLCovKjtxPTEuMA==> |\r
-| | | | `__\ application/U |\r
-| | | | serRoleRequest+jso |\r
-| | | | n;q=1.0;charset=ut |\r
-| | | | f-8;version=2.0,ap |\r
-| | | | plication/json;q=1 |\r
-| | | | .0;version=2.0,\*/ |\r
-| | | | \*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlclJ |\r
-| | | | vbGVSZXF1ZXN0K3htb |\r
-| | | | DtxPTEuMDtjaGFyc2V |\r
-| | | | 0PXV0Zi04O3ZlcnNpb |\r
-| | | | 249Mi4wLHRleHQveG1 |\r
-| | | | sO3E9MS4wO3ZlcnNpb |\r
-| | | | 249Mi4w>`__\ appli |\r
-| | | | cation/UserRoleReq |\r
-| | | | uest+xml;q=1.0;cha |\r
-| | | | rset=utf-8;version |\r
-| | | | =2.0,text/xml;q=1. |\r
-| | | | 0;version=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | PUT | /authz/userRole/us | Update Roles for a |\r
-| | | er | user |\r
-| | | | |\r
-| | | | Set a User's roles |\r
-| | | | to the roles |\r
-| | | | specified in the |\r
-| | | | UserRoleRequest |\r
-| | | | object. |\r
-| | | | |\r
-| | | | WARNING: Roles |\r
-| | | | supplied will be |\r
-| | | | the ONLY roles |\r
-| | | | attached to this |\r
-| | | | user |\r
-| | | | |\r
-| | | | If no roles are |\r
-| | | | supplied, user's |\r
-| | | | roles are reset. |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlclJ |\r
-| | | | vbGVSZXF1ZXN0K2pzb |\r
-| | | | 247cT0xLjA7Y2hhcnN |\r
-| | | | ldD11dGYtODt2ZXJza |\r
-| | | | W9uPTIuMCxhcHBsaWN |\r
-| | | | hdGlvbi9qc29uO3E9M |\r
-| | | | S4wO3ZlcnNpb249Mi4 |\r
-| | | | wLCovKjtxPTEuMA==> |\r
-| | | | `__\ application/U |\r
-| | | | serRoleRequest+jso |\r
-| | | | n;q=1.0;charset=ut |\r
-| | | | f-8;version=2.0,ap |\r
-| | | | plication/json;q=1 |\r
-| | | | .0;version=2.0,\*/ |\r
-| | | | \*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlclJ |\r
-| | | | vbGVSZXF1ZXN0K3htb |\r
-| | | | DtxPTEuMDtjaGFyc2V |\r
-| | | | 0PXV0Zi04O3ZlcnNpb |\r
-| | | | 249Mi4wLHRleHQveG1 |\r
-| | | | sO3E9MS4wO3ZlcnNpb |\r
-| | | | 249Mi4w>`__\ appli |\r
-| | | | cation/UserRoleReq |\r
-| | | | uest+xml;q=1.0;cha |\r
-| | | | rset=utf-8;version |\r
-| | | | =2.0,text/xml;q=1. |\r
-| | | | 0;version=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/userRoles/r | Get UserRoles by |\r
-| | | ole/:role | Role |\r
-| | | | |\r
-| | | | List all Users |\r
-| | | | that are attached |\r
-| | | | to Role specified |\r
-| | | | in :role |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | role : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlclJ |\r
-| | | | vbGVzK2pzb247cT0xL |\r
-| | | | jA7Y2hhcnNldD11dGY |\r
-| | | | tODt2ZXJzaW9uPTIuM |\r
-| | | | CxhcHBsaWNhdGlvbi9 |\r
-| | | | qc29uO3E9MS4wO3Zlc |\r
-| | | | nNpb249Mi4wLCovKjt |\r
-| | | | xPTAuMg==>`__\ app |\r
-| | | | lication/UserRoles |\r
-| | | | +json;q=1.0;charse |\r
-| | | | t=utf-8;version=2. |\r
-| | | | 0,application/json |\r
-| | | | ;q=1.0;version=2.0 |\r
-| | | | ,\*/\*;q=0.2 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlclJ |\r
-| | | | vbGVzK3htbDtxPTEuM |\r
-| | | | DtjaGFyc2V0PXV0Zi0 |\r
-| | | | 4O3ZlcnNpb249Mi4wL |\r
-| | | | HRleHQveG1sO3E9MS4 |\r
-| | | | wO3ZlcnNpb249Mi4w> |\r
-| | | | `__\ application/U |\r
-| | | | serRoles+xml;q=1.0 |\r
-| | | | ;charset=utf-8;ver |\r
-| | | | sion=2.0,text/xml; |\r
-| | | | q=1.0;version=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/userRoles/u | Get UserRoles by |\r
-| | | ser/:user | User |\r
-| | | | |\r
-| | | | List all UserRoles |\r
-| | | | for :user |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | role : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlclJ |\r
-| | | | vbGVzK2pzb247cT0xL |\r
-| | | | jA7Y2hhcnNldD11dGY |\r
-| | | | tODt2ZXJzaW9uPTIuM |\r
-| | | | CxhcHBsaWNhdGlvbi9 |\r
-| | | | qc29uO3E9MS4wO3Zlc |\r
-| | | | nNpb249Mi4wLCovKjt |\r
-| | | | xPTAuMg==>`__\ app |\r
-| | | | lication/UserRoles |\r
-| | | | +json;q=1.0;charse |\r
-| | | | t=utf-8;version=2. |\r
-| | | | 0,application/json |\r
-| | | | ;q=1.0;version=2.0 |\r
-| | | | ,\*/\*;q=0.2 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlclJ |\r
-| | | | vbGVzK3htbDtxPTEuM |\r
-| | | | DtjaGFyc2V0PXV0Zi0 |\r
-| | | | 4O3ZlcnNpb249Mi4wL |\r
-| | | | HRleHQveG1sO3E9MS4 |\r
-| | | | wO3ZlcnNpb249Mi4w> |\r
-| | | | `__\ application/U |\r
-| | | | serRoles+xml;q=1.0 |\r
-| | | | ;charset=utf-8;ver |\r
-| | | | sion=2.0,text/xml; |\r
-| | | | q=1.0;version=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| NAMESPACE | POST | /authz/ns | Create a Namespace |\r
-| | | | |\r
-| | | | Namespace consists |\r
-| | | | of: |\r
-| | | | |\r
-| | | | - name - What you |\r
-| | | | want to call |\r
-| | | | this Namespace |\r
-| | | | - responsible(s) |\r
-| | | | - Person(s) who |\r
-| | | | receive |\r
-| | | | Notifications |\r
-| | | | and approves |\r
-| | | | Requests |\r
-| | | | |\r
-| | | | regarding this |\r
-| | | | Namespace. |\r
-| | | | Companies have |\r
-| | | | Policies as to |\r
-| | | | who may take on |\r
-| | | | |\r
-| | | | this |\r
-| | | | Responsibility. |\r
-| | | | Separate |\r
-| | | | multiple |\r
-| | | | identities with |\r
-| | | | commas |\r
-| | | | |\r
-| | | | - admin(s) - |\r
-| | | | Person(s) who |\r
-| | | | are allowed to |\r
-| | | | make changes on |\r
-| | | | the namespace, |\r
-| | | | |\r
-| | | | including |\r
-| | | | creating Roles, |\r
-| | | | Permissions and |\r
-| | | | Credentials. |\r
-| | | | Separate |\r
-| | | | multiple |\r
-| | | | |\r
-| | | | identities with |\r
-| | | | commas |\r
-| | | | |\r
-| | | | Note: Namespaces |\r
-| | | | are dot-delimited |\r
-| | | | (i.e. |\r
-| | | | com.myCompany.myAp |\r
-| | | | p) |\r
-| | | | and must be |\r
-| | | | |\r
-| | | | created with |\r
-| | | | parent credentials |\r
-| | | | (i.e. To create |\r
-| | | | com.myCompany.myAp |\r
-| | | | p, |\r
-| | | | you must |\r
-| | | | |\r
-| | | | be an admin of |\r
-| | | | com.myCompany or |\r
-| | | | com |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 201 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406, 409 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNSZXF |\r
-| | | | 1ZXN0K2pzb247cT0xL |\r
-| | | | jA7Y2hhcnNldD11dGY |\r
-| | | | tODt2ZXJzaW9uPTIuM |\r
-| | | | CxhcHBsaWNhdGlvbi9 |\r
-| | | | qc29uO3E9MS4wO3Zlc |\r
-| | | | nNpb249Mi4wLCovKjt |\r
-| | | | xPTEuMA==>`__\ app |\r
-| | | | lication/NsRequest |\r
-| | | | +json;q=1.0;charse |\r
-| | | | t=utf-8;version=2. |\r
-| | | | 0,application/json |\r
-| | | | ;q=1.0;version=2.0 |\r
-| | | | ,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNSZXF |\r
-| | | | 1ZXN0K3htbDtxPTEuM |\r
-| | | | DtjaGFyc2V0PXV0Zi0 |\r
-| | | | 4O3ZlcnNpb249Mi4wL |\r
-| | | | HRleHQveG1sO3E9MS4 |\r
-| | | | wO3ZlcnNpb249Mi4w> |\r
-| | | | `__\ application/N |\r
-| | | | sRequest+xml;q=1.0 |\r
-| | | | ;charset=utf-8;ver |\r
-| | | | sion=2.0,text/xml; |\r
-| | | | q=1.0;version=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | PUT | /authz/ns | Set a Description |\r
-| | | | for a Namespace |\r
-| | | | |\r
-| | | | Replace the |\r
-| | | | Current |\r
-| | | | Description of a |\r
-| | | | Namespace with a |\r
-| | | | new one |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNSZXF |\r
-| | | | 1ZXN0K2pzb247cT0xL |\r
-| | | | jA7Y2hhcnNldD11dGY |\r
-| | | | tODt2ZXJzaW9uPTIuM |\r
-| | | | CxhcHBsaWNhdGlvbi9 |\r
-| | | | qc29uO3E9MS4wO3Zlc |\r
-| | | | nNpb249Mi4wLCovKjt |\r
-| | | | xPTEuMA==>`__\ app |\r
-| | | | lication/NsRequest |\r
-| | | | +json;q=1.0;charse |\r
-| | | | t=utf-8;version=2. |\r
-| | | | 0,application/json |\r
-| | | | ;q=1.0;version=2.0 |\r
-| | | | ,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNSZXF |\r
-| | | | 1ZXN0K3htbDtxPTEuM |\r
-| | | | DtjaGFyc2V0PXV0Zi0 |\r
-| | | | 4O3ZlcnNpb249Mi4wL |\r
-| | | | HRleHQveG1sO3E9MS4 |\r
-| | | | wO3ZlcnNpb249Mi4w> |\r
-| | | | `__\ application/N |\r
-| | | | sRequest+xml;q=1.0 |\r
-| | | | ;charset=utf-8;ver |\r
-| | | | sion=2.0,text/xml; |\r
-| | | | q=1.0;version=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | DELETE | /authz/ns/:ns | Delete a Namespace |\r
-| | | | |\r
-| | | | Delete the |\r
-| | | | Namespace :ns. |\r
-| | | | Namespaces cannot |\r
-| | | | normally be |\r
-| | | | deleted when there |\r
-| | | | |\r
-| | | | are still |\r
-| | | | credentials |\r
-| | | | associated with |\r
-| | | | them, but they can |\r
-| | | | be deleted by |\r
-| | | | setting |\r
-| | | | |\r
-| | | | the "force" |\r
-| | | | property. To do |\r
-| | | | this: Add |\r
-| | | | 'force=true' as a |\r
-| | | | query parameter |\r
-| | | | |\r
-| | | | WARNING: Using |\r
-| | | | force will delete |\r
-| | | | all credentials |\r
-| | | | attached to this |\r
-| | | | namespace. Use |\r
-| | | | with care. |\r
-| | | | |\r
-| | | | if the "force" |\r
-| | | | property is set to |\r
-| | | | 'force=move', then |\r
-| | | | Permissions and |\r
-| | | | Roles are not |\r
-| | | | deleted,but are |\r
-| | | | retained, and |\r
-| | | | assigned to the |\r
-| | | | Parent Namespace. |\r
-| | | | 'force=move' is |\r
-| | | | not permitted at |\r
-| | | | or below |\r
-| | | | Application Scope |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | ns : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 424 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | qc29uO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsYXBwb |\r
-| | | | GljYXRpb24vanNvbjt |\r
-| | | | xPTEuMDt2ZXJzaW9uP |\r
-| | | | TIuMCwqLyo7cT0xLjA |\r
-| | | | =>`__\ application |\r
-| | | | /Void+json;q=1.0;c |\r
-| | | | harset=utf-8;versi |\r
-| | | | on=2.0,application |\r
-| | | | /json;q=1.0;versio |\r
-| | | | n=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | 4bWw7cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCx0ZXh0L |\r
-| | | | 3htbDtxPTEuMDt2ZXJ |\r
-| | | | zaW9uPTIuMA==>`__\ |\r
-| | | | application/Void+ |\r
-| | | | xml;q=1.0;charset= |\r
-| | | | utf-8;version=2.0, |\r
-| | | | text/xml;q=1.0;ver |\r
-| | | | sion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | POST | /authz/ns/:ns/admi | Add an Admin to a |\r
-| | | n/:id | Namespace |\r
-| | | | |\r
-| | | | Add an Identity |\r
-| | | | :id to the list of |\r
-| | | | Admins for the |\r
-| | | | Namespace :ns |\r
-| | | | |\r
-| | | | Note: :id must be |\r
-| | | | fully qualified |\r
-| | | | |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | ns : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | id : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 201 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406, 409 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | qc29uO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsYXBwb |\r
-| | | | GljYXRpb24vanNvbjt |\r
-| | | | xPTEuMDt2ZXJzaW9uP |\r
-| | | | TIuMCwqLyo7cT0xLjA |\r
-| | | | =>`__\ application |\r
-| | | | /Void+json;q=1.0;c |\r
-| | | | harset=utf-8;versi |\r
-| | | | on=2.0,application |\r
-| | | | /json;q=1.0;versio |\r
-| | | | n=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | 4bWw7cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCx0ZXh0L |\r
-| | | | 3htbDtxPTEuMDt2ZXJ |\r
-| | | | zaW9uPTIuMA==>`__\ |\r
-| | | | application/Void+ |\r
-| | | | xml;q=1.0;charset= |\r
-| | | | utf-8;version=2.0, |\r
-| | | | text/xml;q=1.0;ver |\r
-| | | | sion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | DELETE | /authz/ns/:ns/admi | Remove an Admin |\r
-| | | n/:id | from a Namespace |\r
-| | | | |\r
-| | | | Remove an Identity |\r
-| | | | :id from the list |\r
-| | | | of Admins for the |\r
-| | | | Namespace :ns |\r
-| | | | |\r
-| | | | Note: :id must be |\r
-| | | | fully qualified |\r
-| | | | |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | ns : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | id : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | qc29uO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsYXBwb |\r
-| | | | GljYXRpb24vanNvbjt |\r
-| | | | xPTEuMDt2ZXJzaW9uP |\r
-| | | | TIuMCwqLyo7cT0xLjA |\r
-| | | | =>`__\ application |\r
-| | | | /Void+json;q=1.0;c |\r
-| | | | harset=utf-8;versi |\r
-| | | | on=2.0,application |\r
-| | | | /json;q=1.0;versio |\r
-| | | | n=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | 4bWw7cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCx0ZXh0L |\r
-| | | | 3htbDtxPTEuMDt2ZXJ |\r
-| | | | zaW9uPTIuMA==>`__\ |\r
-| | | | application/Void+ |\r
-| | | | xml;q=1.0;charset= |\r
-| | | | utf-8;version=2.0, |\r
-| | | | text/xml;q=1.0;ver |\r
-| | | | sion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | DELETE | /authz/ns/:ns/attr | delete an |\r
-| | | ib/:key | Attribute from a |\r
-| | | | Namespace |\r
-| | | | |\r
-| | | | Delete an |\r
-| | | | attribute in the |\r
-| | | | Namespace |\r
-| | | | |\r
-| | | | You must be given |\r
-| | | | direct permission |\r
-| | | | for key by AAF |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | ns : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | key : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | qc29uO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsYXBwb |\r
-| | | | GljYXRpb24vanNvbjt |\r
-| | | | xPTEuMDt2ZXJzaW9uP |\r
-| | | | TIuMCwqLyo7cT0xLjA |\r
-| | | | =>`__\ application |\r
-| | | | /Void+json;q=1.0;c |\r
-| | | | harset=utf-8;versi |\r
-| | | | on=2.0,application |\r
-| | | | /json;q=1.0;versio |\r
-| | | | n=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | 4bWw7cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCx0ZXh0L |\r
-| | | | 3htbDtxPTEuMDt2ZXJ |\r
-| | | | zaW9uPTIuMA==>`__\ |\r
-| | | | application/Void+ |\r
-| | | | xml;q=1.0;charset= |\r
-| | | | utf-8;version=2.0, |\r
-| | | | text/xml;q=1.0;ver |\r
-| | | | sion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | POST | /authz/ns/:ns/attr | Add an Attribute |\r
-| | | ib/:key/:value | from a Namespace |\r
-| | | | |\r
-| | | | Create an |\r
-| | | | attribute in the |\r
-| | | | Namespace |\r
-| | | | |\r
-| | | | You must be given |\r
-| | | | direct permission |\r
-| | | | for key by AAF |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | ns : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | key : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | value : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 201 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406, 409 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | qc29uO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsYXBwb |\r
-| | | | GljYXRpb24vanNvbjt |\r
-| | | | xPTEuMDt2ZXJzaW9uP |\r
-| | | | TIuMCwqLyo7cT0xLjA |\r
-| | | | =>`__\ application |\r
-| | | | /Void+json;q=1.0;c |\r
-| | | | harset=utf-8;versi |\r
-| | | | on=2.0,application |\r
-| | | | /json;q=1.0;versio |\r
-| | | | n=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | 4bWw7cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCx0ZXh0L |\r
-| | | | 3htbDtxPTEuMDt2ZXJ |\r
-| | | | zaW9uPTIuMA==>`__\ |\r
-| | | | application/Void+ |\r
-| | | | xml;q=1.0;charset= |\r
-| | | | utf-8;version=2.0, |\r
-| | | | text/xml;q=1.0;ver |\r
-| | | | sion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | PUT | /authz/ns/:ns/attr | update an |\r
-| | | ib/:key/:value | Attribute from a |\r
-| | | | Namespace |\r
-| | | | |\r
-| | | | Update Value on an |\r
-| | | | existing attribute |\r
-| | | | in the Namespace |\r
-| | | | |\r
-| | | | You must be given |\r
-| | | | direct permission |\r
-| | | | for key by AAF |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | ns : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | key : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | qc29uO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsYXBwb |\r
-| | | | GljYXRpb24vanNvbjt |\r
-| | | | xPTEuMDt2ZXJzaW9uP |\r
-| | | | TIuMCwqLyo7cT0xLjA |\r
-| | | | =>`__\ application |\r
-| | | | /Void+json;q=1.0;c |\r
-| | | | harset=utf-8;versi |\r
-| | | | on=2.0,application |\r
-| | | | /json;q=1.0;versio |\r
-| | | | n=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | 4bWw7cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCx0ZXh0L |\r
-| | | | 3htbDtxPTEuMDt2ZXJ |\r
-| | | | zaW9uPTIuMA==>`__\ |\r
-| | | | application/Void+ |\r
-| | | | xml;q=1.0;charset= |\r
-| | | | utf-8;version=2.0, |\r
-| | | | text/xml;q=1.0;ver |\r
-| | | | sion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | POST | /authz/ns/:ns/resp | Add a Responsible |\r
-| | | onsible/:id | Identity to a |\r
-| | | | Namespace |\r
-| | | | |\r
-| | | | Add an Identity |\r
-| | | | :id to the list of |\r
-| | | | Responsibles for |\r
-| | | | the Namespace :ns |\r
-| | | | |\r
-| | | | Note: :id must be |\r
-| | | | fully qualified |\r
-| | | | |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | ns : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | id : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 201 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406, 409 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | qc29uO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsYXBwb |\r
-| | | | GljYXRpb24vanNvbjt |\r
-| | | | xPTEuMDt2ZXJzaW9uP |\r
-| | | | TIuMCwqLyo7cT0xLjA |\r
-| | | | =>`__\ application |\r
-| | | | /Void+json;q=1.0;c |\r
-| | | | harset=utf-8;versi |\r
-| | | | on=2.0,application |\r
-| | | | /json;q=1.0;versio |\r
-| | | | n=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | 4bWw7cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCx0ZXh0L |\r
-| | | | 3htbDtxPTEuMDt2ZXJ |\r
-| | | | zaW9uPTIuMA==>`__\ |\r
-| | | | application/Void+ |\r
-| | | | xml;q=1.0;charset= |\r
-| | | | utf-8;version=2.0, |\r
-| | | | text/xml;q=1.0;ver |\r
-| | | | sion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | DELETE | /authz/ns/:ns/resp | Remove a |\r
-| | | onsible/:id | Responsible |\r
-| | | | Identity from |\r
-| | | | Namespace |\r
-| | | | |\r
-| | | | Remove an Identity |\r
-| | | | :id to the list of |\r
-| | | | Responsibles for |\r
-| | | | the Namespace :ns |\r
-| | | | |\r
-| | | | Note: :id must be |\r
-| | | | fully qualified |\r
-| | | | |\r
-| | | | |\r
-| | | | Note: A namespace |\r
-| | | | must have at least |\r
-| | | | 1 responsible |\r
-| | | | party |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | ns : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | id : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | qc29uO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsYXBwb |\r
-| | | | GljYXRpb24vanNvbjt |\r
-| | | | xPTEuMDt2ZXJzaW9uP |\r
-| | | | TIuMCwqLyo7cT0xLjA |\r
-| | | | =>`__\ application |\r
-| | | | /Void+json;q=1.0;c |\r
-| | | | harset=utf-8;versi |\r
-| | | | on=2.0,application |\r
-| | | | /json;q=1.0;versio |\r
-| | | | n=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVm9pZCt |\r
-| | | | 4bWw7cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCx0ZXh0L |\r
-| | | | 3htbDtxPTEuMDt2ZXJ |\r
-| | | | zaW9uPTIuMA==>`__\ |\r
-| | | | application/Void+ |\r
-| | | | xml;q=1.0;charset= |\r
-| | | | utf-8;version=2.0, |\r
-| | | | text/xml;q=1.0;ver |\r
-| | | | sion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/ns/attrib/: | get Ns Key List |\r
-| | | key | From Attribute |\r
-| | | | |\r
-| | | | Read Attributes |\r
-| | | | for Namespace |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | key : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vS2V5cyt |\r
-| | | | qc29uO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsYXBwb |\r
-| | | | GljYXRpb24vanNvbjt |\r
-| | | | xPTEuMDt2ZXJzaW9uP |\r
-| | | | TIuMCwqLyo7cT0xLjA |\r
-| | | | =>`__\ application |\r
-| | | | /Keys+json;q=1.0;c |\r
-| | | | harset=utf-8;versi |\r
-| | | | on=2.0,application |\r
-| | | | /json;q=1.0;versio |\r
-| | | | n=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vS2V5cyt |\r
-| | | | 4bWw7cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCx0ZXh0L |\r
-| | | | 3htbDtxPTEuMDt2ZXJ |\r
-| | | | zaW9uPTIuMA==>`__\ |\r
-| | | | application/Keys+ |\r
-| | | | xml;q=1.0;charset= |\r
-| | | | utf-8;version=2.0, |\r
-| | | | text/xml;q=1.0;ver |\r
-| | | | sion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/nss/:id | Return Information |\r
-| | | | about Namespaces |\r
-| | | | |\r
-| | | | Lists the |\r
-| | | | Admin(s), |\r
-| | | | Responsible |\r
-| | | | Party(s), Role(s), |\r
-| | | | Permission(s) |\r
-| | | | |\r
-| | | | Credential(s) and |\r
-| | | | Expiration of |\r
-| | | | Credential(s) in |\r
-| | | | Namespace :id |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | id : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNzK2p |\r
-| | | | zb247cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCxhcHBsa |\r
-| | | | WNhdGlvbi9qc29uO3E |\r
-| | | | 9MS4wO3ZlcnNpb249M |\r
-| | | | i4wLCovKjtxPTEuMA= |\r
-| | | | =>`__\ application |\r
-| | | | /Nss+json;q=1.0;ch |\r
-| | | | arset=utf-8;versio |\r
-| | | | n=2.0,application/ |\r
-| | | | json;q=1.0;version |\r
-| | | | =2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNzK3h |\r
-| | | | tbDtxPTEuMDtjaGFyc |\r
-| | | | 2V0PXV0Zi04O3ZlcnN |\r
-| | | | pb249Mi4wLHRleHQve |\r
-| | | | G1sO3E9MS4wO3ZlcnN |\r
-| | | | pb249Mi4w>`__\ app |\r
-| | | | lication/Nss+xml;q |\r
-| | | | =1.0;charset=utf-8 |\r
-| | | | ;version=2.0,text/ |\r
-| | | | xml;q=1.0;version= |\r
-| | | | 2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/nss/admin/: | Return Namespaces |\r
-| | | user | where User is an |\r
-| | | | Admin |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNzK2p |\r
-| | | | zb247cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCxhcHBsa |\r
-| | | | WNhdGlvbi9qc29uO3E |\r
-| | | | 9MS4wO3ZlcnNpb249M |\r
-| | | | i4wLCovKjtxPTEuMA= |\r
-| | | | =>`__\ application |\r
-| | | | /Nss+json;q=1.0;ch |\r
-| | | | arset=utf-8;versio |\r
-| | | | n=2.0,application/ |\r
-| | | | json;q=1.0;version |\r
-| | | | =2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNzK3h |\r
-| | | | tbDtxPTEuMDtjaGFyc |\r
-| | | | 2V0PXV0Zi04O3ZlcnN |\r
-| | | | pb249Mi4wLHRleHQve |\r
-| | | | G1sO3E9MS4wO3ZlcnN |\r
-| | | | pb249Mi4w>`__\ app |\r
-| | | | lication/Nss+xml;q |\r
-| | | | =1.0;charset=utf-8 |\r
-| | | | ;version=2.0,text/ |\r
-| | | | xml;q=1.0;version= |\r
-| | | | 2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/nss/childre | Return Child |\r
-| | | n/:id | Namespaces |\r
-| | | | |\r
-| | | | Lists all Child |\r
-| | | | Namespaces of |\r
-| | | | Namespace :id |\r
-| | | | |\r
-| | | | Note: This is not |\r
-| | | | a cached read |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | id : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNzK2p |\r
-| | | | zb247cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCxhcHBsa |\r
-| | | | WNhdGlvbi9qc29uO3E |\r
-| | | | 9MS4wO3ZlcnNpb249M |\r
-| | | | i4wLCovKjtxPTEuMA= |\r
-| | | | =>`__\ application |\r
-| | | | /Nss+json;q=1.0;ch |\r
-| | | | arset=utf-8;versio |\r
-| | | | n=2.0,application/ |\r
-| | | | json;q=1.0;version |\r
-| | | | =2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNzK3h |\r
-| | | | tbDtxPTEuMDtjaGFyc |\r
-| | | | 2V0PXV0Zi04O3ZlcnN |\r
-| | | | pb249Mi4wLHRleHQve |\r
-| | | | G1sO3E9MS4wO3ZlcnN |\r
-| | | | pb249Mi4w>`__\ app |\r
-| | | | lication/Nss+xml;q |\r
-| | | | =1.0;charset=utf-8 |\r
-| | | | ;version=2.0,text/ |\r
-| | | | xml;q=1.0;version= |\r
-| | | | 2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/nss/either/ | Return Namespaces |\r
-| | | :user | where User Admin |\r
-| | | | or Owner |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNzK2p |\r
-| | | | zb247cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCxhcHBsa |\r
-| | | | WNhdGlvbi9qc29uO3E |\r
-| | | | 9MS4wO3ZlcnNpb249M |\r
-| | | | i4wLCovKjtxPTAuOA= |\r
-| | | | =>`__\ application |\r
-| | | | /Nss+json;q=1.0;ch |\r
-| | | | arset=utf-8;versio |\r
-| | | | n=2.0,application/ |\r
-| | | | json;q=1.0;version |\r
-| | | | =2.0,\*/\*;q=0.8 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNzK3h |\r
-| | | | tbDtxPTEuMDtjaGFyc |\r
-| | | | 2V0PXV0Zi04O3ZlcnN |\r
-| | | | pb249Mi4wLHRleHQve |\r
-| | | | G1sO3E9MS4wO3ZlcnN |\r
-| | | | pb249Mi4w>`__\ app |\r
-| | | | lication/Nss+xml;q |\r
-| | | | =1.0;charset=utf-8 |\r
-| | | | ;version=2.0,text/ |\r
-| | | | xml;q=1.0;version= |\r
-| | | | 2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/nss/respons | Return Namespaces |\r
-| | | ible/:user | where User is |\r
-| | | | Responsible |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNzK2p |\r
-| | | | zb247cT0xLjA7Y2hhc |\r
-| | | | nNldD11dGYtODt2ZXJ |\r
-| | | | zaW9uPTIuMCxhcHBsa |\r
-| | | | WNhdGlvbi9qc29uO3E |\r
-| | | | 9MS4wO3ZlcnNpb249M |\r
-| | | | i4wLCovKjtxPTEuMA= |\r
-| | | | =>`__\ application |\r
-| | | | /Nss+json;q=1.0;ch |\r
-| | | | arset=utf-8;versio |\r
-| | | | n=2.0,application/ |\r
-| | | | json;q=1.0;version |\r
-| | | | =2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vTnNzK3h |\r
-| | | | tbDtxPTEuMDtjaGFyc |\r
-| | | | 2V0PXV0Zi04O3ZlcnN |\r
-| | | | pb249Mi4wLHRleHQve |\r
-| | | | G1sO3E9MS4wO3ZlcnN |\r
-| | | | pb249Mi4w>`__\ app |\r
-| | | | lication/Nss+xml;q |\r
-| | | | =1.0;charset=utf-8 |\r
-| | | | ;version=2.0,text/ |\r
-| | | | xml;q=1.0;version= |\r
-| | | | 2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| USER | GET | /authn/basicAuth | Is given BasicAuth |\r
-| | | | valid? |\r
-| | | | |\r
-| | | | !!!! DEPRECATED |\r
-| | | | without X509 |\r
-| | | | Authentication |\r
-| | | | STOP USING THIS |\r
-| | | | API BY DECEMBER |\r
-| | | | 2017, or use |\r
-| | | | Certificates !!!! |\r
-| | | | Use |\r
-| | | | /authn/validate |\r
-| | | | instead Note: |\r
-| | | | Validate a |\r
-| | | | Password using |\r
-| | | | BasicAuth Base64 |\r
-| | | | encoded Header. |\r
-| | | | This HTTP/S call |\r
-| | | | is intended as a |\r
-| | | | fast User/Password |\r
-| | | | lookup for |\r
-| | | | Security |\r
-| | | | Frameworks, and |\r
-| | | | responds 200 if it |\r
-| | | | passes BasicAuth |\r
-| | | | security, and 403 |\r
-| | | | if it does not. |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | text/plain |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | POST | /authn/validate | Is given |\r
-| | | | Credential valid? |\r
-| | | | |\r
-| | | | Validate a |\r
-| | | | Credential given a |\r
-| | | | Credential |\r
-| | | | Structure. This is |\r
-| | | | a more |\r
-| | | | comprehensive |\r
-| | | | validation, can do |\r
-| | | | more than |\r
-| | | | BasicAuth as |\r
-| | | | Credential types |\r
-| | | | exp |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403 |\r
-| | | | |\r
-| | | | ContentType: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vQ3JlZFJ |\r
-| | | | lcXVlc3QranNvbjtxP |\r
-| | | | TEuMDtjaGFyc2V0PXV |\r
-| | | | 0Zi04O3ZlcnNpb249M |\r
-| | | | i4wLGFwcGxpY2F0aW9 |\r
-| | | | uL2pzb247cT0xLjA7d |\r
-| | | | mVyc2lvbj0yLjAsKi8 |\r
-| | | | qO3E9MS4w>`__\ app |\r
-| | | | lication/CredReque |\r
-| | | | st+json;q=1.0;char |\r
-| | | | set=utf-8;version= |\r
-| | | | 2.0,application/js |\r
-| | | | on;q=1.0;version=2 |\r
-| | | | .0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vQ3JlZFJ |\r
-| | | | lcXVlc3QreG1sO3E9M |\r
-| | | | S4wO2NoYXJzZXQ9dXR |\r
-| | | | mLTg7dmVyc2lvbj0yL |\r
-| | | | jAsdGV4dC94bWw7cT0 |\r
-| | | | xLjA7dmVyc2lvbj0yL |\r
-| | | | jA=>`__\ applicati |\r
-| | | | on/CredRequest+xml |\r
-| | | | ;q=1.0;charset=utf |\r
-| | | | -8;version=2.0,tex |\r
-| | | | t/xml;q=1.0;versio |\r
-| | | | n=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/users/:user | Get if User is In |\r
-| | | /:role | Role |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlcnM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MS4 |\r
-| | | | w>`__\ application |\r
-| | | | /Users+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlcnM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Users |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/users/perm/ | Get Users By |\r
-| | | :type/:instance/:a | Permission |\r
-| | | ction | |\r
-| | | | List all Users |\r
-| | | | that have |\r
-| | | | Permission |\r
-| | | | specified by :type |\r
-| | | | :instance :action |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | type : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | instance : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | action : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlcnM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MS4 |\r
-| | | | w>`__\ application |\r
-| | | | /Users+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=1.0 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlcnM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Users |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-| | GET | /authz/users/role/ | Get Users By Role |\r
-| | | :role | |\r
-| | | | Returns the User |\r
-| | | | (with Expiration |\r
-| | | | date from listed |\r
-| | | | User/Role) if it |\r
-| | | | exists |\r
-| | | | |\r
-| | | | -------------- |\r
-| | | | |\r
-| | | | Parameters |\r
-| | | | |\r
-| | | | user : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | role : string |\r
-| | | | (Required) |\r
-| | | | |\r
-| | | | Expected HTTP Code |\r
-| | | | |\r
-| | | | 200 |\r
-| | | | |\r
-| | | | Explicit HTTP |\r
-| | | | Error Codes |\r
-| | | | |\r
-| | | | 403, 404, 406 |\r
-| | | | |\r
-| | | | Accept: |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlcnM |\r
-| | | | ranNvbjtxPTEuMDtja |\r
-| | | | GFyc2V0PXV0Zi04O3Z |\r
-| | | | lcnNpb249Mi4wLGFwc |\r
-| | | | GxpY2F0aW9uL2pzb24 |\r
-| | | | 7cT0xLjA7dmVyc2lvb |\r
-| | | | j0yLjAsKi8qO3E9MC4 |\r
-| | | | y>`__\ application |\r
-| | | | /Users+json;q=1.0; |\r
-| | | | charset=utf-8;vers |\r
-| | | | ion=2.0,applicatio |\r
-| | | | n/json;q=1.0;versi |\r
-| | | | on=2.0,\*/\*;q=0.2 |\r
-| | | | |\r
-| | | | ` <./example/YXBwb |\r
-| | | | GljYXRpb24vVXNlcnM |\r
-| | | | reG1sO3E9MS4wO2NoY |\r
-| | | | XJzZXQ9dXRmLTg7dmV |\r
-| | | | yc2lvbj0yLjAsdGV4d |\r
-| | | | C94bWw7cT0xLjA7dmV |\r
-| | | | yc2lvbj0yLjA=>`__\ |\r
-| | | | application/Users |\r
-| | | | +xml;q=1.0;charset |\r
-| | | | =utf-8;version=2.0 |\r
-| | | | ,text/xml;q=1.0;ve |\r
-| | | | rsion=2.0 |\r
-+--------------------+--------------------+--------------------+--------------------+\r
-\r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
+| Entity | Method | Path Info | Description |\r
++====================+====================+====================+===================================================+\r
+| PERMISSION | POST | /authz/perm | Create a Permission |\r
+| | | | Permission consists of: |\r
+| | | | - type - a Namespace qualified identifier |\r
+| | | | specifying what kind of resource is being |\r
+| | | | protected |\r
+| | | | - instance - a key, possibly multi-dimensional |\r
+| | | | that identifies a specific instance of the |\r
+| | | | type |\r
+| | | | - action - what kind of action is allowed |\r
+| | | | Note: instance and action can be an \* |\r
+| | | | Expected HTTP Code |\r
+| | | | 201 |\r
+| | | | Explicit HTTP Error Codes |\r
+| | | | 403, 404, 406, 409 | \r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
+| | PUT | /authz/perm | Set Description for Permission |\r
+| | | | Add Description Data to Perm |\r
+| | | | Expected HTTP Code |\r
+| | | | 200 |\r
+| | | | Explicit HTTP Error Codes |\r
+| | | | 404, 406 |\r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
+| | DELETE | /authz/perm | Delete a Permission |\r
+| | | | Delete the Permission referenced by PermKey. |\r
+| | | | You cannot normally delete a permission which |\r
+| | | | is still granted to roles, however the |\r
+| | | | "force" property allows you to do just that. To |\r
+| | | | do this: Add |\r
+| | | | 'force=true' as a query parameter. |\r
+| | | | **WARNING**: Using force will ungrant this |\r
+| | | | permission from all roles. Use with care. |\r
+| | | | Expected HTTP Code |\r
+| | | | 200 | \r
+| | | | Explicit HTTP Error Codes |\r
+| | | | 404, 406 |\r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
+| | DELETE | /authz/perm/:name/ | Delete a Permission |\r
+| | | :type/:action | Delete the Permission referenced by :type |\r
+| | | | :instance: action |\r
+| | | | You cannot normally delete a permission which |\r
+| | | | is still granted to roles, however the |\r
+| | | | "force" property allows you to do |\r
+| | | | just that. To do this: Add 'force=true' as a |\r
+| | | | query parameter |\r
+| | | | |\r
+| | | | WARNING: Using force will ungrant this permission |\r
+| | | | from all roles. Use with care. |\r
+| | | | ------------------------------------------------- |\r
+| | | | Parameters |\r
+| | | | type : string (Required) |\r
+| | | | instance : string (Required) |\r
+| | | | action : string (Required) |\r
+| | | | Expected HTTP Code |\r
+| | | | 200 |\r
+| | | | Explicit HTTP Error Codes |\r
+| | | | 404, 406 |\r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
+| | PUT | /authz/perm/:type/ | Update a Permission |\r
+| | | :instance/:action | Rename the Permission referenced by |\r
+| | | | :type :instance :action, and rename |\r
+| | | | (copy/delete) to the Permission described in |\r
+| | | | PermRequest |\r
+| | | | ----------------------------------------------- |\r
+| | | | Parameters |\r
+| | | | type : string (Required) |\r
+| | | | instance : string (Required) |\r
+| | | | action : string (Required) |\r
+| | | | Expected HTTP Code |\r
+| | | | 200 |\r
+| | | | Explicit HTTP Error Codes |\r
+| | | | 404, 406 ,409 |\r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
+| | GET | /authz/perms/:type | Get Permissions by Type |\r
+| | | | |\r
+| | | | List All Permissions that match the :type |\r
+| | | | element of the key |\r
+| | | | ------------------------------------------------- |\r
+| | | | Parameters |\r
+| | | | type : string (Required) |\r
+| | | | Expected HTTP Code |\r
+| | | | 200 |\r
+| | | | Explicit HTTP Error Codes |\r
+| | | | 404, 406 |\r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
+| | GET | /authz/perms/:type | Get Permissions by Key |\r
+| | | /:instance/:action | List Permissions that match key; |\r
+| | | | :type, :instance and :action |\r
+| | | | --------------------------------------------------|\r
+| | | | Parameters |\r
+| | | | type : string (Required) |\r
+| | | | instance : string (Required) |\r
+| | | | action : string (Required) |\r
+| | | | Expected HTTP Code |\r
+| | | | 200 |\r
+| | | | Explicit HTTP Error Codes |\r
+| | | | 404, 406 |\r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
+| | GET | /authz/perms/ns/:n | Get PermsByNS |\r
+| | | s | List All Permissions that are in Namespace :ns |\r
+| | | | --------------------------------------------------|\r
+| | | | Parameters |\r
+| | | | type : ns (Required) |\r
+| | | | Expected HTTP Code |\r
+| | | | 200 |\r
+| | | | Explicit HTTP Error Codes |\r
+| | | | 404, 406 |\r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
+| | GET | /authz/perms/role/ | Get Permissions by Role |\r
+| | | :role | List All Permissions that are granted to :role |\r
+| | | | --------------------------------------------------|\r
+| | | | Parameters |\r
+| | | | role : string (Required) |\r
+| | | | Expected HTTP Code |\r
+| | | | 200 |\r
+| | | | Explicit HTTP Error Codes |\r
+| | | | 404, 406 |\r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
+| | POST | /authz/perms/user/ | Get Permissions by User, Query AAF Perms |\r
+| | | :user | |\r
+| | | | List All Permissions that match user :user |\r
+| | | | |\r
+| | | | 'user' must be expressed as full |\r
+| | | | identity (ex: id@full.domain.com) |\r
+| | | | Present Queries as one or more Permissions (see |\r
+| | | | ContentType Links below for format). If the |\r
+| | | | Caller is Granted this specific Permission, and |\r
+| | | | the Permission is valid for the User, it will be |\r
+| | | | included in response permissions,along with all |\r
+| | | | the normal permissions on the 'GET' version of |\r
+| | | | this call. If it is not valid,or caller does not |\r
+| | | | permission to see, it will be removed from the |\r
+| | | | list. |\r
+| | | | \*Note: This design allows you to make one call |\r
+| | | | for all expected permissions |\r
+| | | | |\r
+| | | | The permission to be included MUST be: |\r
+| | | | .access\|:[:key]\| |\r
+| | | | |\r
+| | | | examples: |\r
+| | | | |\r
+| | | | com.att.myns.access|:ns|write |\r
+| | | | com.att.myns.access\|:role:myrole\|create |\r
+| | | | com.att.myns.access\|:perm:mytype:myinstance: |\r
+| | | | myaction\|read |\r
+| | | | --------------------------------------------------|\r
+| | | | Parameters |\r
+| | | | user:string(Required) |\r
+| | | | Expected HTTP Code |\r
+| | | | 200 |\r
+| | | | Explicit HTTP Error Codes |\r
+| | | | 404, 406 |\r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
+| | GET | /authz/perms/user/ | Get Permissions by User |\r
+| | | :user | |\r
+| | | | List All Permissions that match user :user |\r
+| | | | 'user' must be expressed as full |\r
+| | | | identity (ex:id@full.domain.com) |\r
+| | | | --------------------------------------------------|\r
+| | | | Parameters |\r
+| | | | user:string(Required) |\r
+| | | | Expected HTTP Code |\r
+| | | | 200 |\r
+| | | | Explicit HTTP Error Codes |\r
+| | | | 404, 406 |\r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
+| ROLE | POST | /authz/role | Create Role |\r
+| | | | |\r
+| | | | Roles are part of Namespaces |\r
+| | | | Examples: |\r
+| | | | |\r
+| | | | - com.att.aaf - The team that created and |\r
+| | | | maintains AAF |\r
+| | | | |\r
+| | | | Roles do not include implied permissions for an |\r
+| | | | App. Instead, they contain explicit Granted |\r
+| | | | Permissions by any Namespace in AAF |\r
+| | | | Restrictions on Role Names: |\r
+| | | | - Must start with valid Namespace name, |\r
+| | | | terminated by .(dot/period) |\r
+| | | | - Allowed Characters are a-zA-Z0-9._- |\r
+| | | | - role names are Case Sensitive |\r
+| | | | Expected HTTP Code |\r
+| | | | 201 |\r
+| | | | Explicit HTTP Error Codes |\r
+| | | | 403, 404, 406, 409 |\r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
+| | PUT | /authz/role | Set Description for role |\r
+| | | | Add Description Data to a Role |\r
+| | | | Expected HTTP Code |\r
+| | | | 200 |\r
+| | | | Explicit HTTP Error Codes |\r
+| | | | 404, 406 |\r
++--------------------+--------------------+--------------------+---------------------------------------------------+\r
Code Review / aaf / authz.git / commitdiff