DocumentationTutorialsTry Cloud!

group

NOTE: Be careful in granting permissions to non-readonly identity group endpoints. If a user can modify group membership, they can add their entity to a group with higher privileges.

Create a group

This endpoint creates or updates a Group.

Method
Path

POST

/identity/group

Parameters

  • name (string: entity-<UUID>) – Name of the group. If set (and ID is not set), updates the corresponding existing group.

  • id (string: <optional>) - ID of the group. If set, updates the corresponding existing group.

  • type (string: "internal") - Type of the group, internal or external. Defaults to internal.

  • metadata (key-value-map: {}) – Metadata to be associated with the group.

  • policies (list of strings: []) – Policies to be tied to the group.

  • member_group_ids (list of strings: []) - Group IDs to be assigned as group members.

  • member_entity_ids (list of strings: []) - Entity IDs to be assigned as group members.

Sample payload

{
  "metadata": {
    "hello": "world"
  },
  "policies": ["grouppolicy1", "grouppolicy2"]
}

Sample request

Sample response

Read group by ID

This endpoint queries the group by its identifier.

Method
Path

GET

/identity/group/id/:id

Parameters

  • id (string: <required>) – Identifier of the group.

Sample request

Sample response

Update group by ID

This endpoint is used to update an existing group.

Method
Path

POST

/identity/group/id/:id

Parameters

  • id (string: <required>) – Identifier of the entity.

  • name (string: entity-<UUID>) – Name of the group.

  • type (string: "internal") - Type of the group, internal or external. Defaults to internal.

  • metadata (key-value-map: {}) – Metadata to be associated with the group.

  • policies (list of strings: []) – Policies to be tied to the group.

  • member_group_ids (list of strings: []) - Group IDs to be assigned as group members.

  • member_entity_ids (list of strings: []) - Entity IDs to be assigned as group members.

Sample payload

Sample request

Sample response

Delete group by ID

This endpoint deletes a group.

Method
Path

DELETE

/identity/group/id/:id

Parameters

  • id (string: <required>) – Identifier of the group.

Sample request

List groups by ID

This endpoint returns a list of available groups by their identifiers.

Method
Path

LIST

/identity/group/id

GET

/identity/group/id?list=true

Sample request

Sample response

Create/Update group by name

This endpoint is used to create or update a group by its name.

Method
Path

POST

/identity/group/name/:name

Parameters

  • name (string: entity-<UUID>) – Name of the group.

  • type (string: "internal") - Type of the group, internal or external. Defaults to internal.

  • metadata (key-value-map: {}) – Metadata to be associated with the group.

  • policies (list of strings: []) – Policies to be tied to the group.

  • member_group_ids (list of strings: []) - Group IDs to be assigned as group members.

  • member_entity_ids (list of strings: []) - Entity IDs to be assigned as group members.

Sample payload

Sample request

Sample response

Read group by name

This endpoint queries the group by its name.

Method
Path

GET

/identity/group/name/:name

Parameters

  • name (string: <required>) – Name of the group.

Sample request

Sample response

Delete group by name

This endpoint deletes a group, given its name.

Method
Path

DELETE

/identity/group/name/:name

Parameters

  • name (string: <required>) – Name of the group.

Sample request

List groups by name

This endpoint returns a list of available groups by their names.

Method
Path

LIST

/identity/group/name

GET

/identity/group/name?list=true

Sample request

Sample response

Previousentity-aliasNextgroup-alias

Last updated