Help Center/ Workspace/ API Reference/ Workspace APIs/ Policy Group/ Query the target object of a specified access policy
Updated on 2025-07-14 GMT+08:00

Query the target object of a specified access policy

Function

Queries the object to which a specified access policy is applied.

Debugging

You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.

URI

GET /v2/{project_id}/access-policy/{access_policy_id}/objects

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID.

access_policy_id

Yes

String

Access policy ID.

Table 2 Query Parameters

Parameter

Mandatory

Type

Description

limit

No

Integer

Number of records on each page. The value ranges from 0 to 2000 and defaults to 10.

offset

No

Integer

Offset. The value ranges from 0 to 1999 and defaults to 0.

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

No

String

User token.

It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is the user token.

Content-Type

Yes

String

MIME type of the request body, for example, application/json.

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

policy_objects_list

Array of AccessPolicyObject objects

Response for querying the object to which an access policy is applied.

total

Integer

Number of objects.

Table 5 AccessPolicyObject

Parameter

Type

Description

object_id

String

ID of an object in the blacklist.

object_name

String

Object name

object_type

String

Object type

  • USER: user

  • USERGROUP: user group

Status code: 400

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

encoded_authorization_message

String

Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 401

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

encoded_authorization_message

String

Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 403

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

encoded_authorization_message

String

Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 404

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

encoded_authorization_message

String

Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 405

Table 10 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

encoded_authorization_message

String

Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 500

Table 11 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

encoded_authorization_message

String

Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 503

Table 12 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

encoded_authorization_message

String

Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Example Requests

get /v2/0e973a948e8091232f25c00673f168b7/access-policy/20b726affecc4411bcdc49a66e3e8f63/objects

Example Responses

Status code: 200

Objects to which a policy is applied.

{
  "policy_objects_list" : [ {
    "object_id" : "8ac225c2781edb0d01781edde3f4xxxx",
    "object_name" : "test1",
    "object_type" : "USER"
  }, {
    "object_id" : "8ac225c2781edb0d01781edde3f4xxxx",
    "object_name" : "test2",
    "object_type" : "USER"
  } ],
  "total" : 2
}

Status Codes

Status Code

Description

200

Objects to which a policy is applied.

400

The request cannot be understood by the server due to malformed syntax.

401

Authentication failed.

403

No operation permission.

404

No resources found.

405

The request method is not allowed.

500

An internal service error occurred. For details about the error code, see the error code description.

503

Service unavailable.

Error Codes

See Error Codes.