- What's New
- Service Overview
- Getting Started
- User Guide
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
API
- Instance Management
- Access Control Attribute Management
-
Permission Set Management
- Adding a System-defined Identity Policy
- Deleting a Permission Set
- Querying Permission Set Details
- Updating a Permission Set
- Deleting a System-defined Identity Policy
- Querying Details About a Custom Identity Policy
- Adding a Custom Identity Policy
- Deleting a Custom Identity Policy
- Listing Accounts Associated with a Permission Set
- Listing System-defined Identity Policies
- Listing Pre-provisioning Statuses of Permission Sets
- Listing Permission Sets
- Creating a Permission Set
- Listing Permission Sets Provisioned to an Account
- Pre-provisioning a Permission Set
- Querying Pre-attachment Status Details of a Permission Set
- Adding a System-defined Policy
- Deleting a System-defined Policy
- Listing System-defined Policies
-
Account Assignment Management
- Removing Account Assignments
- Querying Details about the Account Assignment Creation Status
- Listing Account Assignment Creation Statuses
- Listing Account Assignment Deletion Statuses
- Listing Users or Groups Associated with an Account and a Permission Set
- Creating Account Assignments
- Querying Details about the Account Assignment Deletion Status
- Tag Management
- User Management
- Group Management
- Group Membership Management
- SCIM User Management
- SCIM Group Management
- Service Provider (SP) Management
- Client Management
- Token Management
- Device Authorization Management
- Authorization Management
- Account Management
- Agency Management
- Credentials Management
- Appendixes
- Change History
- General Reference
Copied.
Obtaining Access Control Attributes for a Specified Instance
Function
This API is used to return a list of IAM Identity Center identity source attributes that have been configured to be used with attribute-based access control (ABAC) of a specified IAM Identity Center instance.
URI
GET /v1/instances/{instance_id}/access-control-attribute-configuration
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
instance_id |
Yes |
String |
Globally unique ID of an IAM Identity Center instance |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Security-Token |
No |
String |
Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required. Maximum length: 2048 |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
---|---|---|
Object |
List of IAM Identity Center identity source attributes that have been added to the ABAC configuration |
|
status |
String |
ABAC attribute configuration status Enumerated value:
|
status_reason |
String |
Details about the state of the specified attribute |
Parameter |
Type |
Description |
---|---|---|
Array of objects |
Attributes configured for ABAC in the IAM Identity Center instance Array length: 0 - 20 |
Parameter |
Type |
Description |
---|---|---|
key |
String |
Name of the attribute associated with the identity in the identity source Minimum length: 1 Maximum length: 128 |
Object |
Mapping the specified attribute to the identity source |
Parameter |
Type |
Description |
---|---|---|
source |
Array of strings |
Mapping the specified attribute to the identity source Minimum length: 0 Maximum length: 255 Array length: 1-1 |
Status code: 400
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
request_id |
String |
Unique ID of a request |
Status code: 403
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
request_id |
String |
Unique ID of a request |
Example Request
Obtaining access control attributes for a specified instance
GET https://{hostname}/v1/instances/{instance_id}/access-control-attribute-configuration
Example Response
Status code: 200
Successful
{ "instance_access_control_attribute_configuration" : { "access_control_attributes" : [ { "key" : "email", "value" : { "source" : [ "${path:emails[primary eq true].value}" ] } }, { "key" : "displayName", "value" : { "source" : [ "${path:displayName}" ] } } ] }, "status" : "ENABLED", "status_reason" : null }
Status Code
For details, see Status Codes.
Error Code
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot