luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/website/source/api/secret/identity/identity-groups.html.md
Seth Vargo 0b827774ae Drop vault.rocks (#4186)
2018-03-23 11:41:51 -04:00

268 lines
6.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
layout: "api"
page_title: "/identity/groups - HTTP API"
sidebar_current: "docs-http-secret-identity-groups"
description: |-
This is the API documentation for the identity groups.
---
## Create/Update Group
This endpoint creates or updates a group.
| Method | Path | Produces |
| :------- | :------------------ | :----------------------|
| `POST` | `/identity/group` | `200 application/json` |
### Parameters
- `name` `(string: group-<UUID>)` Name of the group.
- `id` `(string: "")` - ID of the group. If this is set, this endpoint will
update the corresponding group.
- `metadata` `(list of strings: [])` Metadata to be associated with the group. Format should be a list of `key=value` pairs.
- `policies` `(list of strings: [])` Policies to be tied to the group. Comma separated list of strings.
- `member_group_ids` `(list of strings: [])` - Group IDs to be assigned as group members.
- `member_entity_ids` `(list of strings: [])` - Entity IDs to be assigned as group members.
### Sample Payload
```json
{
"name": "engineering-group",
"metadata": ["organization=hashicorp", "team=vault"],
"policies": ["eng-dev", "infra-dev"]
}
```
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/identity/group
```
### Sample Response
```json
{
"data": {
"id": "454ceeb5-76d7-a131-b92a-7ecfb15523e8",
"name": "engineering-group"
}
}
```
## Update Group by ID
This endpoint updates the group by its ID.
| Method | Path | Produces |
| :------- | :------------------------- | :----------------------|
| `POST` | `/identity/group/id/:id` | `200 application/json` |
### Parameters
- `id` `(string: "")` - ID of the group.
- `name` `(string: group-<UUID>)` Name of the group.
- `metadata` `(list of strings: [])` Metadata to be associated with the group. Format should be a list of `key=value` pairs.
- `policies` `(list of strings: [])` Policies to be tied to the group. Comma separated list of strings.
- `member_group_ids` `(list of strings: [])` - Group IDs to be assigned as group members.
- `member_entity_ids` `(list of strings: [])` - Entity IDs to be assigned as group members.
### Sample Payload
```json
{
"metadata": ["organization=updatedorg", "team=updatedteam"],
"policies": ["updatedpolicy"]
}
```
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/identity/group/id/454ceeb5-76d7-a131-b92a-7ecfb15523e8
```
### Sample Response
```json
{
"data": {
"id": "454ceeb5-76d7-a131-b92a-7ecfb15523e8",
"name": "engineering-group"
}
}
```
## Read Group by ID
This endpoint reads the group by its ID.
| Method | Path | Produces |
| :------- | :------------------------- | :--------------------- |
| `GET` | `/identity/group/id/:id` | `200 application/json` |
### Parameters
- `id` `(string: "")` - ID of the group.
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
http://127.0.0.1:8200/v1/identity/group/id/454ceeb5-76d7-a131-b92a-7ecfb15523e8
```
### Sample Response
```json
{
"data": {
"creation_time": "2017-09-13T01:17:26.755474204Z",
"id": "454ceeb5-76d7-a131-b92a-7ecfb15523e8",
"last_update_time": "2017-09-13T01:17:26.755474204Z",
"member_entity_ids": [],
"member_group_ids": null,
"metadata": {
"organization": "hashicorp",
"team": "vault"
},
"modify_index": 1,
"name": "engineering-group",
"policies": [
"dev-policy"
]
}
}
```
## Delete Group by ID
This endpoint deleted the group by its ID.
| Method | Path | Produces |
| :--------- | :------------------------- | :----------------------|
| `DELETE` | `/identity/group/id/:id` | `204 (empty body)` |
### Parameters
- `id` `(string: "")` - ID of the group.
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request DELETE \
http://127.0.0.1:8200/v1/identity/group/id/454ceeb5-76d7-a131-b92a-7ecfb15523e8
```
## List Groups by ID
This endpoint lists all the groups by their ID.
| Method | Path | Produces |
| :------- | :----------------------------- | :--------------------- |
| `LIST` | `/identity/group/id` | `200 application/json` |
| `GET` | `/identity/group/id?list=true` | `200 application/json` |
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request LIST \
http://127.0.0.1:8200/v1/identity/group/id
```
### Sample Response
```json
{
"data": {
"keys": [
"454ceeb5-76d7-a131-b92a-7ecfb15523e8",
"7b2fb80c-9516-68d1-35fc-11450f6477ab"
]
}
}
```
## Lookup Group by ID
This endpoint queries the group by its ID.
| Method | Path | Produces |
| :------- | :------------------------- | :----------------------|
| `POST` | `/identity/lookup/group` | `200 application/json` |
### Parameters
- `type` `(string: "")` - Type of query. Supported values are `by_id` and `by_name`.
- `group_name` `(string: "")` - Name of the group.
- `group_id` `(string: "")` - ID of the group.
### Sample Payload
```json
{
"type": "by_id",
"group_id": "454ceeb5-76d7-a131-b92a-7ecfb15523e8"
}
```
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/identity/lookup/group
```
### Sample Response
```json
{
"data": {
"creation_time": "2017-09-13T01:17:26.755474204Z",
"id": "454ceeb5-76d7-a131-b92a-7ecfb15523e8",
"last_update_time": "2017-09-13T01:17:26.755474204Z",
"member_entity_ids": [],
"member_group_ids": null,
"metadata": {
"organization": "hashicorp",
"team": "vault"
},
"modify_index": 1,
"name": "engineering-group",
"policies": [
"dev-policy"
]
}
}
```
Reference in a new issue View git blame Copy permalink