open-vault/website/pages/api-docs/secret/identity/group.mdx
Jeff Escalante df34412570 New Website! (#8154)
* new documentation website

* ci job adjustment

* update to latest version on downloads page

* remove transition-period scripts

* add netlify toml file

* fix docs patch

* fix ci config?

* revert go.mod changes

* a couple last markdown formatting fixes
2020-01-17 16:18:09 -08:00

382 lines
7.7 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
layout: api
page_title: 'Identity Secret Backend: Group - HTTP API'
sidebar_title: Group
description: This is the API documentation for managing groups in the identity store.
---
## Create a Group
This endpoint creates or updates a Group.
| Method | Path |
| :----- | :---------------- |
| `POST` | `/identity/group` |
### Parameters
- `name` `(string: entity-<UUID>)` Name of the group.
- `id` `(string: <optional>)` - ID of the group. If set, updates the
corresponding existing group.
- `type` `(string: "internal")` - Type of the group, `internal` or `external`.
Defaults to `internal`.
- `metadata` `(key-value-map: {})` Metadata to be associated with the
group.
- `policies` `(list of strings: [])` Policies to be tied to the group.
- `member_group_ids` `(list of strings: [])` - Group IDs to be assigned as
group members.
- `member_entity_ids` `(list of strings: [])` - Entity IDs to be assigned as
group members.
### Sample Payload
```json
{
"metadata": {
"hello": "world"
},
"policies": ["grouppolicy1", "grouppolicy2"]
}
```
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/identity/group
```
### Sample Response
```json
{
"data": {
"id": "363926d8-dd8b-c9f0-21f8-7b248be80ce1",
"name": "group_ab813d63"
}
}
```
## Read Group by ID
This endpoint queries the group by its identifier.
| Method | Path |
| :----- | :----------------------- |
| `GET` | `/identity/group/id/:id` |
### Parameters
- `id` `(string: <required>)` Identifier of the group.
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
http://127.0.0.1:8200/v1/identity/group/id/363926d8-dd8b-c9f0-21f8-7b248be80ce1
```
### Sample Response
```json
{
"data": {
"alias": {},
"creation_time": "2017-11-13T19:36:47.102945Z",
"id": "363926d8-dd8b-c9f0-21f8-7b248be80ce1",
"last_update_time": "2017-11-13T19:36:47.102945Z",
"member_entity_ids": [],
"member_group_ids": null,
"metadata": {
"hello": "world"
},
"modify_index": 1,
"name": "group_ab813d63",
"policies": ["grouppolicy1", "grouppolicy2"],
"type": "internal"
}
}
```
## Update Group by ID
This endpoint is used to update an existing group.
| Method | Path |
| :----- | :----------------------- |
| `POST` | `/identity/group/id/:id` |
### Parameters
- `id` `(string: <required>)` Identifier of the entity.
- `name` `(string: entity-<UUID>)` Name of the group.
- `type` `(string: "internal")` - Type of the group, `internal` or `external`.
Defaults to `internal`.
- `metadata` `(key-value-map: {})` Metadata to be associated with the
group.
- `policies` `(list of strings: [])` Policies to be tied to the group.
- `member_group_ids` `(list of strings: [])` - Group IDs to be assigned as
group members.
- `member_entity_ids` `(list of strings: [])` - Entity IDs to be assigned as
group members.
### Sample Payload
```json
{
"name": "testgroupname",
"metadata": {
"hello": "everyone"
},
"policies": ["grouppolicy2", "grouppolicy3"]
}
```
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/identity/group/id/363926d8-dd8b-c9f0-21f8-7b248be80ce1
```
### Sample Response
```json
{
"data": {
"id": "363926d8-dd8b-c9f0-21f8-7b248be80ce1",
"name": "testgroupname"
}
}
```
## Delete Group by ID
This endpoint deletes a group.
| Method | Path |
| :------- | :----------------------- |
| `DELETE` | `/identity/group/id/:id` |
## Parameters
- `id` `(string: <required>)` Identifier of the group.
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request DELETE \
http://127.0.0.1:8200/v1/identity/group/id/363926d8-dd8b-c9f0-21f8-7b248be80ce1
```
## List Groups by ID
This endpoint returns a list of available groups by their identifiers.
| Method | Path |
| :----- | :----------------------------- |
| `LIST` | `/identity/group/id` |
| `GET` | `/identity/group/id?list=true` |
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request LIST \
http://127.0.0.1:8200/v1/identity/group/id
```
### Sample Response
```json
{
"data": {
"keys": [
"052567cf-1580-6f20-50c8-d38bc46dae6e",
"26da8035-6691-b89e-67ac-ebf9ea7f9893",
"363926d8-dd8b-c9f0-21f8-7b248be80ce1",
"5c4a5720-7408-c113-1dcc-9ede725d0ac8",
"d55e0f34-5c16-38ae-87af-324c9b656c43",
"e4e56e04-0dec-9b68-9b20-a450975d898e"
]
}
}
```
## Create/Update Group by Name
This endpoint is used to create or update a group by its name.
| Method | Path |
| :----- | :--------------------------- |
| `POST` | `/identity/group/name/:name` |
### Parameters
- `name` `(string: entity-<UUID>)` Name of the group.
- `type` `(string: "internal")` - Type of the group, `internal` or `external`.
Defaults to `internal`.
- `metadata` `(key-value-map: {})` Metadata to be associated with the
group.
- `policies` `(list of strings: [])` Policies to be tied to the group.
- `member_group_ids` `(list of strings: [])` - Group IDs to be assigned as
group members.
- `member_entity_ids` `(list of strings: [])` - Entity IDs to be assigned as
group members.
### Sample Payload
```json
{
"metadata": {
"hello": "everyone"
},
"policies": ["grouppolicy2", "grouppolicy3"]
}
```
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/identity/group/name/testgroupname
```
### Sample Response
```json
{
"request_id": "b98b4a3d-a9f1-e151-11e1-ad91cfb08351",
"lease_id": "",
"lease_duration": 0,
"renewable": false,
"data": {
"id": "5a3a04a0-0c3a-a4c3-74e8-26b1adbeaece",
"name": "testgroupname"
},
"warnings": null
}
```
## Read Group by Name
This endpoint queries the group by its name.
| Method | Path |
| :----- | :--------------------------- |
| `GET` | `/identity/group/name/:name` |
### Parameters
- `name` `(string: <required>)` Name of the group.
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
http://127.0.0.1:8200/v1/identity/group/name/testgroupname
```
### Sample Response
```json
{
"data": {
"alias": {},
"creation_time": "2018-09-19T22:02:04.395128091Z",
"id": "5a3a04a0-0c3a-a4c3-74e8-26b1adbeaece",
"last_update_time": "2018-09-19T22:02:04.395128091Z",
"member_entity_ids": [],
"member_group_ids": null,
"metadata": {
"foo": "bar"
},
"modify_index": 1,
"name": "testgroupname",
"parent_group_ids": null,
"policies": ["grouppolicy1", "grouppolicy2"],
"type": "internal"
}
}
```
## Delete Group by Name
This endpoint deletes a group, given its name.
| Method | Path |
| :------- | :--------------------------- |
| `DELETE` | `/identity/group/name/:name` |
## Parameters
- `name` `(string: <required>)` Name of the group.
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request DELETE \
http://127.0.0.1:8200/v1/identity/group/name/testgroupname
```
## List Groups by Name
This endpoint returns a list of available groups by their names.
| Method | Path |
| :----- | :------------------------------- |
| `LIST` | `/identity/group/name` |
| `GET` | `/identity/group/name?list=true` |
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request LIST \
http://127.0.0.1:8200/v1/identity/group/name
```
### Sample Response
```json
{
"data": {
"keys": ["testgroupname"]
}
}
```