Tenancies API

Tenancies API Reference

Tenancies API Examples

Create the bearer_token and store in a file in a secure local directory with 0600 permissions.

Retrieve the Current List of Root Principals

To fetch the list of root principals, simply GET the tenancies/root_principals resource:

curl -v -X GET \
     -H "@$BEARER_TOKEN_FILE" \
     https://app.rkvst.io/archivist/v1/tenancies/root_principals

Update the List of Root Principals

Define the update parameters and store in /path/to/jsonfile:

{
   "root_principals": [
       {
           "issuer": "https://login.microsoftonline.com/5c129635-5858-4fe3-9bef-444f6c7ee1cf/v2.0",
           "subject": "58589bef-4fe3-9a3b-23df-8527bc45e1cf",
           "display_name": "Jane Smith",
           "email":  "jane.smith@synsation.org"
       },
       {
           "issuer": "https://login.microsoftonline.com/5c129635-5858-4fe3-9bef-444f6c7ee1cf/v2.0",
           "subject": "27bc5b4f-9a3b-4fe3-23df-e1c7bc45e1cf",
           "display_name": "Nate Rogers",
           "email":  "nate.rogers@synsation.org"
       }
    }
}

Update the root principals by PATCHing the tenancies/root_principals resource:

curl -v -X PATCH \
    -H "@$BEARER_TOKEN_FILE" \
    -H "Content-type: application/json" \
    -d "@/path/to/jsonfile" \
    https://app.rkvst.io/archivist/v1/tenancies/root_principals

Tenancies OpenAPI Docs

API to manage tenancies

get  /archivist/v1/tenancies/root_principals

Fetch the current list of tenant root user principals

Description: Fetch the current list of tenant root user principals.

{
  "root_principals": [
    {
      "display_name": "Bob Smith",
      "email": "bob@job",
      "issuer": "job.idp.server/1234",
      "subject": "08838336-c357-460d-902a-3aba9528dd22"
    }
  ]
}
Response Parameter Type Description
root_principals array The principal description assured by the configured Identity Provider. All values are according to OIDC id token claims and standard claims. See https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
Responses Description
200A successful response.
401Returned when the user is not authenticated to the system.
403Returned when the user is not authorized to update the root principals.
defaultAn unexpected error response.

patch  /archivist/v1/tenancies/root_principals

Update the list of tenant root user principals

Description: Replace the list of tenant root user principals. Note that you are not able to remove yourself from the list.

{
  "root_principals": [
    {
      "display_name": "Bob Smith",
      "email": "bob@job",
      "issuer": "job.idp.server/1234",
      "subject": "08838336-c357-460d-902a-3aba9528dd22"
    }
  ]
}
Parameter Type Description
root_principals array The principal description assured by the configured Identity Provider. All values are according to OIDC id token claims and standard claims. See https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims

{
  "root_principals": [
    {
      "display_name": "Bob Smith",
      "email": "bob@job",
      "issuer": "job.idp.server/1234",
      "subject": "08838336-c357-460d-902a-3aba9528dd22"
    }
  ]
}
Response Parameter Type Description
root_principals array The principal description assured by the configured Identity Provider. All values are according to OIDC id token claims and standard claims. See https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
Responses Description
200A successful response.
400Returned when the request is badly formed. Including, but not limited to, attempting to remove yourself as a root uesr principal.
401Returned when the user is not authenticated to the system.
403Returned when the user is not authorized to update the root principals.
defaultAn unexpected error response.

get  /archivist/v1/tenancies/tenantid

Get ID of tenant associated with issuer and/or subject, and create if not exists.

Description: Get ID of tenant associated with issuer and/or subject, and create if not exists.

null
Response Parameter Type Description
identity string tenant identity {UUID}
tier tenant tier FREE or PREMIUM
Responses Description
200A successful response.
400Returned when the user doesn’t provide an issuer or subject to filter on.
401Returned when the user is not authenticated to the system.
403Returned when the user is not authorized to retrieve the tenant id.
defaultAn unexpected error response.

Edit this page on GitHub