@lap v0.3
# Machine-readable API spec. Each @endpoint block is one API call.
@api Permit.io API
@version 2.0.0
@auth Bearer bearer
@endpoints 258
@hint download_for_search
@toc members(7), api-key(7), orgs(10), projects(25), schema(75), facts(69), pdps(8), elements(29), deprecated(6), history(4), activity(2), policy_guards(9), audit-log-replay(1), internal(6)

@group members
@endpoint GET /v2/members/me
@desc Get the authenticated account member
@returns(200) {id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map, grants: [map]} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/members
@desc List Organization Members
@optional {project_id: str(uuid), env_id: str(uuid), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/members
@desc Invite new members
@required {permissions: [map{organization_id!: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type!: str, access_level!: str, organization_key: str, project_key: str, environment_key: str, organization_name: str, project_name: str, environment_name: str}]}
@optional {inviter_name: str, inviter_email: str, id: str(uuid) # Unique id of the account member, email: str(email) # Email of the user controlling this account}
@returns(200) {id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map, grants: [map]} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/members
@desc Remove permission
@required {id: str(uuid) # Unique id of the account member, permissions: [map{organization_id!: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type!: str, access_level!: str, organization_key: str, project_key: str, environment_key: str, organization_name: str, project_name: str, environment_name: str}]}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/members/{member_id}
@desc Get Organization Member
@required {member_id: str # Either the unique id (UUID) of the account member, or the email address of the account member.}
@returns(200) {id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map, grants: [map]} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/members/{member_id}
@desc Remove member
@required {member_id: str # Either the unique id (UUID) of the account member, or the email address of the account member.}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/members/{member_id}
@desc Edit members
@required {member_id: str # Either the unique id (UUID) of the account member, or the email address of the account member.}
@optional {settings: map # Custom permit.io dashboard settings, such as preferred theme, etc., onboarding_step: any # updates the onboarding step (optional)}
@returns(200) {id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map, grants: [map]} # Successful Response
@errors {422: Validation Error}

@endgroup

@group api-key
@endpoint GET /v2/api-key/{proj_id}/{env_id}
@desc Get Environment Api Key
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type: any, access_level: any, owner_type: str, name: str, id: str(uuid), secret: str, created_at: str(date-time), created_by_member: map{id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map}, last_used_at: str(date-time), env: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map}, project: map{key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)}} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/api-key/scope
@desc Get Api Key Scope
@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/api-key
@desc List Api Keys
@optional {object_type: str, proj_id: str # Optional project filter by project id or key, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/api-key
@desc Create Api Key
@required {organization_id: str(uuid)}
@optional {project_id: str(uuid), environment_id: str(uuid), object_type: any=env, access_level: any=admin, owner_type: any=member, name: str}
@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type: any, access_level: any, owner_type: str, name: str, id: str(uuid), secret: str, created_at: str(date-time), created_by_member: map{id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map}, last_used_at: str(date-time), env: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map}, project: map{key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)}} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/api-key/{api_key_id}
@desc Get Api Key
@required {api_key_id: str # The unique id of the API key}
@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type: any, access_level: any, owner_type: str, name: str, id: str(uuid), secret: str, created_at: str(date-time), created_by_member: map{id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map}, last_used_at: str(date-time), env: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map}, project: map{key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)}} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/api-key/{api_key_id}
@desc Delete Api Key
@required {api_key_id: str # The unique id of the API key}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/api-key/{api_key_id}/rotate-secret
@desc Rotate API Key
@required {api_key_id: str(uuid) # The unique id of the API key}
@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type: any, access_level: any, owner_type: str, name: str, id: str(uuid), secret: str, created_at: str(date-time), created_by_member: map{id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map}, last_used_at: str(date-time), env: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map}, project: map{key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)}} # Successful Response
@errors {422: Validation Error}

@endgroup

@group orgs
@endpoint GET /v2/orgs
@desc List Organizations
@optional {search: any # Text search for the org name or key or id, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/orgs
@desc Create Organization
@required {key: str # A URL-friendly name of the organization (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the organization., name: str # The name of the organization, usually it's your company's name.}
@optional {page_full_url: str=page_full_url, settings: map # the settings for this project}
@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map, api_key_id: str(uuid), api_key_secret: str} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/orgs/{org_id}
@desc Get Organization
@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the "slug").}
@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/orgs/{org_id}
@desc Delete Organization
@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/orgs/{org_id}
@desc Update Organization
@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the "slug").}
@optional {name: str # The name of the organization, usually it's your company's name., settings: map # the settings for this project}
@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/orgs/active/org
@desc Get Active Organization
@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/orgs/{org_id}/stats
@desc Stats Organization
@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the "slug").}
@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map, stats: map{projects: int, environments: int, users: int}, historical_usage: map{current_month: map{mau: int, tenants: int, monthly_tenants: [str(uuid)], month: int, year: int}, previous_month: map{mau: int, tenants: int, monthly_tenants: [str(uuid)], month: int, year: int}, two_months_ago: map{mau: int, tenants: int, monthly_tenants: [str(uuid)], month: int, year: int}}} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/orgs/{org_id}/invites
@desc List Organization Invites
@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/orgs/{org_id}/invites
@desc Invite Members To Organization
@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the "slug").}
@optional {inviter_name: str, inviter_email: str}
@returns(200) {success: [map], failed: [map]} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/orgs/{org_id}/invites/{invite_id}
@desc Cancel Invite
@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the "slug")., invite_id: str(uuid) # Id of the invite to cancel}
@returns(204) Successful Response
@errors {422: Validation Error}

@endgroup

@group projects
@endpoint GET /v2/projects
@desc List Projects
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/projects
@desc Create Project
@required {key: str # A URL-friendly name of the project (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the project., name: str # The name of the project}
@optional {urn_namespace: str # Optional namespace for URNs. If empty, URNs will be generated from project key., description: str # a longer description outlining the project objectives, settings: map # the settings for this project, active_policy_repo_id: str(uuid) # the id of the policy repo to use for this project, initial_environments: [map{key!: str, name!: str, description: str, custom_branch_name: str, jwks: any, settings: map}]=[object Object],[object Object] # The initial environments to create for this project. By default, 'Development' and 'Production' are created, specify [] (empty list) to skip that.}
@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/projects/{proj_id}
@desc Get Project
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").}
@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/projects/{proj_id}
@desc Delete Project
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/projects/{proj_id}
@desc Update Project
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").}
@optional {name: str # The name of the project, description: str # a longer description outlining the project objectives, settings: map # the settings for this project, active_policy_repo_id: str(uuid) # the id of the policy repo to use for this project}
@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/projects/{proj_id}/envs/{env_id}/stats
@desc Stats Environments
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map, pdp_configs: [map], stats: map{roles: int, users: int, policies: int, resources: int, tenants: int, has_decision_logs: bool, members: [map], mau: int}} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/projects/{proj_id}/envs
@desc List Environments
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/projects/{proj_id}/envs
@desc Create Environment
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., key: str # A URL-friendly name of the environment (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the environment., name: str # The name of the environment}
@optional {description: str # an optional longer description of the environment, custom_branch_name: str # when using gitops feature, an optional branch name for the environment, jwks: any # jwks for element frontend only login, settings: map # the settings for this environment}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/projects/{proj_id}/envs/{env_id}
@desc Get Environment
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map, email_configuration: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/projects/{proj_id}/envs/{env_id}
@desc Delete Environment
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/projects/{proj_id}/envs/{env_id}
@desc Update Environment
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {name: str # The name of the environment, description: str # an optional longer description of the environment, custom_branch_name: str # when using gitops feature, an optional branch name for the environment, jwks: any # jwks for element frontend only login, settings: map # the settings for this environment}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/projects/{proj_id}/envs/{env_id}/copy
@desc Copy Environment
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., target_env: any # If copying a new environment, the environment configuration. If copying to an existing environment, the environment identifier}
@optional {conflict_strategy: any=fail # Action to take when detecting a conflict when copying. Only applies to copying into an existing environment, scope: any=[object Object] # Filters to include and exclude copied objects}
@returns(201) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/projects/{proj_id}/envs/{env_id}/copy/async
@desc Copy Environment Async
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., target_env: any # If copying a new environment, the environment configuration. If copying to an existing environment, the environment identifier}
@optional {wait: num=0 # Time in seconds to wait for the task to complete. Default is 0, means no wait., conflict_strategy: any=fail # Action to take when detecting a conflict when copying. Only applies to copying into an existing environment, scope: any=[object Object] # Filters to include and exclude copied objects}
@returns(202) {task_id: str, status: any, result: any, error: any} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/projects/{proj_id}/envs/{env_id}/copy/async/{task_id}/result
@desc Get Copy Environment Task Result
@required {task_id: str # The unique id of the task., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {wait: num=0 # Time in seconds to wait for the task to complete. Default is 0, means no wait.}
@returns(200) {task_id: str, status: any, result: any, error: any} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/projects/{proj_id}/envs/{env_id}/test_jwks
@desc Test Jwks By Url
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {url: str # URL of JWKs to test}
@returns(200) Successful Response
@errors {422: Validation Error}

@endgroup

@group schema
@endpoint PUT /v2/schema/{proj_id}/{env_id}/bulk/roles
@desc Bulk Create Or Replace Roles
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., operations: [map{name!: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key!: str, resource: str}]}
@returns(200) {created: [str], updated: [str]} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/condition_sets
@desc List Condition Sets
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {search: str # Text search for the condition sets name or key, type: any # if provided, will return only the condition sets of the specified type. e.g: only user sets., include_total_count: bool=false # Include total count in response, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/condition_sets
@desc Create Condition Set
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A unique id by which Permit will identify the condition set. The key will be used as the generated rego rule name., name: str # A descriptive name for the set, i.e: 'US based employees' or 'Users behind VPN'}
@optional {type: any=userset # the type of the set: UserSet or ResourceSet, autogenerated: bool=false # whether the set was autogenerated by the system., resource_id: any # For ResourceSets, the id of the base resource., description: str # an optional longer description of the set, conditions: map=[object Object] # a boolean expression that consists of multiple conditions, with and/or logic., parent_id: any # Parent Condition Set}
@returns(200) {key: str, type: any, autogenerated: bool, resource_id: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map}, name: str, description: str, conditions: map, parent_id: any} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}
@desc Get Condition Set
@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {key: str, type: any, autogenerated: bool, resource_id: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map}, name: str, description: str, conditions: map, parent_id: any} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}
@desc Delete Condition Set
@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}
@desc Update Condition Set
@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {name: str # A descriptive name for the set, i.e: 'US based employees' or 'Users behind VPN', description: str # an optional longer description of the set, conditions: map=[object Object] # a boolean expression that consists of multiple conditions, with and/or logic., parent_id: any # Parent Condition Set}
@returns(200) {key: str, type: any, autogenerated: bool, resource_id: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map}, name: str, description: str, conditions: map, parent_id: any} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}/ancestors
@desc Get Condition Set Ancestors
@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}/descendants
@desc Get Condition Set Descendants
@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/implicit_grants
@desc Create Implicit Grant
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., role: str # the role key that needs to exist on the related resource (from the relation), on_resource: str # the resource key that needs to exist on the related role (from the relation), linked_by_relation: str # the relation key that needs to exist between the resource and the related resource}
@optional {when: any=[object Object] # the settings of the derived role rule}
@returns(200) {role_id: str(uuid), resource_id: str(uuid), relation_id: str(uuid), role: str, on_resource: str, linked_by_relation: str, when: any} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/implicit_grants
@desc Delete Implicit Grant
@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., role: str # the role key that needs to exist on the related resource (from the relation), on_resource: str # the resource key that needs to exist on the related role (from the relation), linked_by_relation: str # the relation key that needs to exist between the resource and the related resource}
@optional {when: any=[object Object] # the settings of the derived role rule}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/implicit_grants/conditions
@desc Update Implicit Grants Conditions
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {no_direct_roles_on_object: bool=false # If true, the derived role or the specific rule will not apply if the resource has any direct role}
@returns(200) {no_direct_roles_on_object: bool} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups
@desc List Resource Action Groups
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups
@desc Create Resource Action Group
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A URL-friendly name of the action group (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the action group., name: str # The name of the action group}
@optional {description: str # An optional longer description of what this action group represents in your system, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this action group. This metadata can be used to filter action groups using query parameters with attr_ prefix, actions: [str]=}
@returns(200) {name: str, description: str, attributes: map, actions: [str], key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id}
@desc Get Resource Action Group
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., action_group_id: str # Either the unique id of the action group, or the URL-friendly key of the action group (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {name: str, description: str, attributes: map, actions: [str], key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id}
@desc Delete Resource Action Group
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., action_group_id: str # Either the unique id of the action group, or the URL-friendly key of the action group (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id}
@desc Update Resource Action Group
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., action_group_id: str # Either the unique id of the action group, or the URL-friendly key of the action group (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {name: str # The name of the action group, description: str # An optional longer description of what this action group represents in your system, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this action group. This metadata can be used to filter action groups using query parameters with attr_ prefix, actions: [str]=}
@returns(200) {name: str, description: str, attributes: map, actions: [str], key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions
@desc List Resource Actions
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions
@desc Create Resource Action
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A URL-friendly name of the action (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the action., name: str # The name of the action}
@optional {description: str # An optional longer description of what this action respresents in your system, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this action. This metadata can be used to filter actions using query parameters with attr_ prefix, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str}
@returns(200) {name: str, description: str, attributes: map, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str, key: str, id: str(uuid), permission_name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id}
@desc Get Resource Action
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., action_id: str # Either the unique id of the action, or the URL-friendly key of the action (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {name: str, description: str, attributes: map, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str, key: str, id: str(uuid), permission_name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id}
@desc Delete Resource Action
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., action_id: str # Either the unique id of the action, or the URL-friendly key of the action (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id}
@desc Update Resource Action
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., action_id: str # Either the unique id of the action, or the URL-friendly key of the action (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {name: str # The name of the action, description: str # An optional longer description of what this action respresents in your system, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this action. This metadata can be used to filter actions using query parameters with attr_ prefix, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str}
@returns(200) {name: str, description: str, attributes: map, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str, key: str, id: str(uuid), permission_name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes
@desc List Resource Attributes
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes
@desc Create Resource Attribute
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A URL-friendly name of the attribute (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the attribute., type: any # The type of the attribute, we currently support: `bool`, `number` (ints, floats), `time` (a timestamp), `string`, and `json`.}
@optional {description: str # An optional longer description of what this attribute respresents in your system}
@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id}
@desc Get Resource Attribute
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id}
@desc Delete Resource Attribute
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id}
@desc Update Resource Attribute
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {type: any # The type of the attribute, we currently support: `bool`, `number` (ints, floats), `time` (a timestamp), `string`, and `json`., description: str # An optional longer description of what this attribute respresents in your system}
@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations
@desc List Resource Relations
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations
@desc Create Resource Relation
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A URL-friendly name of the relation (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the relation., name: str # The name of the relation, subject_resource: str # The subject resource ID or key}
@optional {description: str # An optional longer description of what this relation represents in your system}
@returns(200) {description: str, subject_resource: str, key: str, name: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), object_resource_id: str(uuid), object_resource: str, subject_resource_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations/{relation_id}
@desc Get Resource Relation
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., relation_id: str # Either the unique id of the relation, or the URL-friendly key of the relation (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {description: str, subject_resource: str, key: str, name: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), object_resource_id: str(uuid), object_resource: str, subject_resource_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations/{relation_id}
@desc Delete Resource Relation
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., relation_id: str # Either the unique id of the relation, or the URL-friendly key of the relation (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles
@desc List Resource Roles
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles
@desc Create Resource Role
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A URL-friendly name of the role (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the role., name: str # The name of the role}
@optional {description: str # optional description string explaining what this role represents, or what permissions are granted to it., permissions: [str] # list of action keys that define what actions this resource role is permitted to do, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this role. This metadata can be used to filter role using query parameters with attr_ prefix, currently supports only 'equals' operator, extends: [str] # list of role keys that define what roles this role extends. In other words: this role will automatically inherit all the permissions of the given roles in this list., granted_to: any # Derived role that inherit will be applied on this role, v1compat_settings: map, v1compat_attributes: map}
@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}
@desc Get Resource Role
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}
@desc Delete Resource Role
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}
@desc Update Resource Role
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {name: str # The name of the role, description: str # optional description string explaining what this role represents, or what permissions are granted to it., permissions: [str] # list of action keys that define what actions this resource role is permitted to do, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this role. This metadata can be used to filter role using query parameters with attr_ prefix, currently supports only 'equals' operator, extends: [str]= # list of role keys that define what roles this role extends. In other words: this role will automatically inherit all the permissions of the given roles in this list., granted_to: any # Derived role that inherit will be applied on this role}
@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/permissions
@desc Assign Permissions to Role
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., permissions: [str] # List of permissions to assign to the role. If a permission is already granted to the role it is skipped. Each permission can be either a resource action id, or `{resource_key}:{action_key}`, i.e: the "permission name".}
@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/permissions
@desc Remove Permissions from Role
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., permissions: [str] # List of permissions to remove from the role. If a permission is not found it is skipped. Each permission can be either a resource action id, or `{resource_key}:{action_key}`,i.e: the "permission name".}
@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/ancestors
@desc Get Resource Role Ancestors
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {roles: any} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/descendants
@desc Get Resource Role Descendants
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {roles: any} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources
@desc List Resources
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {include_built_in: bool=false # Whether to include or exclude built-in resources, default is False, include_total_count: bool=false # Include total count in response, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., search: str # Text search for the object name or key}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/resources
@desc Create Resource
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A URL-friendly name of the resource (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the resource., name: str # The name of the resource, actions: map # A actions definition block, typically contained within a resource type definition block.         The actions represents the ways you can interact with a protected resource.}
@optional {urn: str # The [URN](https://en.wikipedia.org/wiki/Uniform_Resource_Name) (Uniform Resource Name) of the resource, description: str # An optional longer description of what this resource respresents in your system, type_attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this resource. This metadata can be used to filter resource using query parameters with attr_ prefix, attributes: map # Attributes that each resource of this type defines, and can be used in your ABAC policies., roles: map # Roles defined on this resource. The key is the role name, and the value contains the role properties such as granted permissions, base roles, etc., relations: map # Relations to other resources. The key is the relation key, and the value is the related resource., v1compat_path: str, v1compat_type: str, v1compat_name: str}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}
@desc Get Resource
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/schema/{proj_id}/{env_id}/resources/{resource_id}
@desc Replace Resource
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., name: str # The name of the resource, actions: map # A actions definition block, typically contained within a resource type definition block.         The actions represents the ways you can interact with a protected resource.}
@optional {urn: str # The [URN](https://en.wikipedia.org/wiki/Uniform_Resource_Name) (Uniform Resource Name) of the resource, description: str # An optional longer description of what this resource respresents in your system, type_attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this resource. This metadata can be used to filter resource using query parameters with attr_ prefix, attributes: map # Attributes that each resource of this type defines, and can be used in your ABAC policies., roles: map # Roles defined on this resource. The key is the role name, and the value contains the role properties such as granted permissions, base roles, etc., relations: map # Relations to other resources. The key is the relation key, and the value is the related resource., v1compat_path: str, v1compat_type: str, v1compat_name: str}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}
@desc Delete Resource
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}
@desc Update Resource
@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {name: str # The name of the resource, urn: str # The [URN](https://en.wikipedia.org/wiki/Uniform_Resource_Name) (Uniform Resource Name) of the resource, description: str # An optional longer description of what this resource respresents in your system, actions: map # A actions definition block, typically contained within a resource type definition block.         The actions represents the ways you can interact with a protected resource., type_attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this resource. This metadata can be used to filter resource using query parameters with attr_ prefix, attributes: map # Attributes that each resource of this type defines, and can be used in your ABAC policies., roles: map # Roles defined on this resource. The key is the role name, and the value contains the role properties such as granted permissions, base roles, etc., relations: map # Relations to other resources. The key is the relation key, and the value is the related resource., v1compat_path: str, v1compat_type: str, v1compat_name: str}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/roles
@desc List Roles
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {include_total_count: bool=false # Include total count in response, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., search: str # Text search for the object name or key}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/roles
@desc Create Role
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A URL-friendly name of the role (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the role., name: str # The name of the role}
@optional {description: str # optional description string explaining what this role represents, or what permissions are granted to it., permissions: [str] # list of action keys that define what actions this resource role is permitted to do, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this role. This metadata can be used to filter role using query parameters with attr_ prefix, currently supports only 'equals' operator, extends: [str] # list of role keys that define what roles this role extends. In other words: this role will automatically inherit all the permissions of the given roles in this list., granted_to: any # Derived role that inherit will be applied on this role, v1compat_settings: map, v1compat_attributes: map, v1compat_is_built_in: bool}
@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/roles/{role_id}
@desc Get Role
@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/roles/{role_id}
@desc Delete Role
@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/schema/{proj_id}/{env_id}/roles/{role_id}
@desc Update Role
@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {name: str # The name of the role, description: str # optional description string explaining what this role represents, or what permissions are granted to it., permissions: [str] # list of action keys that define what actions this resource role is permitted to do, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this role. This metadata can be used to filter role using query parameters with attr_ prefix, currently supports only 'equals' operator, extends: [str] # list of role keys that define what roles this role extends. In other words: this role will automatically inherit all the permissions of the given roles in this list., granted_to: any # Derived role that inherit will be applied on this role, v1compat_settings: map, v1compat_attributes: map}
@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/roles/{role_id}/permissions
@desc Assign Permissions To Role
@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., permissions: [str] # List of permissions to assign to the role. If a permission is already granted to the role it is skipped. Each permission can be either a resource action id, or `{resource_key}:{action_key}`, i.e: the "permission name".}
@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/roles/{role_id}/permissions
@desc Remove Permissions From Role
@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., permissions: [str] # List of permissions to remove from the role. If a permission is not found it is skipped. Each permission can be either a resource action id, or `{resource_key}:{action_key}`,i.e: the "permission name".}
@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/roles/{role_id}/ancestors
@desc Get Role Ancestors
@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {roles: any} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/roles/{role_id}/descendants
@desc Get Role Descendants
@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {roles: any} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/users/attributes
@desc List User Attributes
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {resource_id: str=__user, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/users/attributes
@desc Create User Attribute
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A URL-friendly name of the attribute (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the attribute., type: any # The type of the attribute, we currently support: `bool`, `number` (ints, floats), `time` (a timestamp), `string`, and `json`.}
@optional {resource_id: str=__user, description: str # An optional longer description of what this attribute respresents in your system}
@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/users/attributes/{attribute_id}
@desc Get User Attribute
@required {attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {resource_id: str=__user}
@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/users/attributes/{attribute_id}
@desc Delete User Attribute
@required {attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {resource_id: str=__user, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/schema/{proj_id}/{env_id}/users/attributes/{attribute_id}
@desc Update User Attribute
@required {attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {resource_id: str=__user, type: any # The type of the attribute, we currently support: `bool`, `number` (ints, floats), `time` (a timestamp), `string`, and `json`., description: str # An optional longer description of what this attribute respresents in your system}
@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/direct
@desc List Direct Group
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {tenant: str # The tenant key or id to filter by, resource: str # The resource key or id to filter by, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., search: str # Text search for the object name or key}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/direct/{group_instance_key}
@desc Get Direct Group
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the "slug").}
@returns(200) {group_resource_type_key: str, group_instance_key: str, group_tenant: str, id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/children
@desc List group children (EAP)
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/parents
@desc List group parents (EAP)
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users
@desc List group users (EAP)
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/roles
@desc List group roles (EAP)
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/roles
@desc Assign Role To Group
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the "slug")., role: str # The role key or id that will be assigned to the group., resource: str # The resource key or id that the role belongs to., resource_instance: str # The resource instance key or id that the role belongs to., tenant: str # The tenant key or id that the role belongs to.}
@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/roles
@desc Remove Role From Group
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the "slug")., role: str # The role key or id that will be assigned to the group., resource: str # The resource key or id that the role belongs to., resource_instance: str # The resource instance key or id that the role belongs to., tenant: str # The tenant key or id that the role belongs to.}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}
@desc Get Group
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the "slug").}
@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}
@desc Delete Group
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/schema/{proj_id}/{env_id}/groups
@desc List Group
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {tenant: str # The tenant key or id to filter by, resource: str # The resource key or id to filter by, include_total_count: bool=false # Include total count in response(will make the request slower), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., search: str # Text search for the object name or key}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/schema/{proj_id}/{env_id}/groups
@desc Create Group
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance that that the group belongs to, or the URL-friendly key of the  (i.e: file:my_file), group_tenant: str # The tenant key or id that the group belongs to.}
@optional {group_resource_type_key: str=group # The key of the resource type that the group belongs to.}
@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users/{user_id}
@desc Assign User To Group
@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the "slug")., tenant: str # The tenant key or id that the user belongs to.}
@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users/{user_id}
@desc Remove User From Group
@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the "slug")., tenant: str # The tenant key or id that the user belongs to.}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/assign_group
@desc Assign Group To Group
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance that that the group belongs to, or the URL-friendly key of the  (i.e: file:my_file)}
@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/assign_group
@desc Remove Group From Group
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the "slug")., group_instance_key: str # Either the unique id of the resource instance that that the group belongs to, or the URL-friendly key of the  (i.e: file:my_file)}
@returns(204) Successful Response
@errors {422: Validation Error}

@endgroup

@group facts
@endpoint GET /v2/facts/{proj_id}/{env_id}/users
@desc List Users
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {search: str # Text search for the email field, role: str # Match users with a specific role. To filter users without any roles, send an empty string., include_resource_instance_roles: bool=false # Should add resource instance roles, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/users
@desc Create User
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A unique id by which Permit will identify the user for permission checks.}
@optional {email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies., role_assignments: [map{role!: str, tenant: str, resource_instance: str}] # List of roles to assign to the user in the environment.}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/users/{user_id}
@desc Get User
@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/facts/{proj_id}/{env_id}/users/{user_id}
@desc Replace User
@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A unique id by which Permit will identify the user for permission checks.}
@optional {email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies., role_assignments: [map{role!: str, tenant: str, resource_instance: str}] # List of roles to assign to the user in the environment.}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # An existing user was replaced
@returns(201) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # An new user was created
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/users/{user_id}
@desc Delete User
@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/facts/{proj_id}/{env_id}/users/{user_id}
@desc Update User
@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies.}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/users/{user_id}/roles
@desc Assign Role To User
@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., role: str # the role that will be assigned (accepts either the role id or the role key)}
@optional {tenant: str # the tenant the role is associated with (accepts either the tenant id or the tenant key), resource_instance: str # the resource instance the role is associated with (accepts either the resource instance id or key using this format resource_type:resource_instance)The resource instance will be implicitly created if the tenant parameter is specified and the resource instance does not exist.}
@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/users/{user_id}/roles
@desc Unassign Role From User
@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., role: str # the role that will be unassigned (accepts either the role id or the role key), tenant: str # the tenant the role is associated with (accepts either the tenant id or the tenant key)}
@optional {return_deleted: bool=false # Whether to return the deleted role assignment, status code will be 200 instead of the default 204 if true, resource_instance: str # the resource instance the role is associated with (accepts either the resource instance id or key using this format resource_type:resource_instance)}
@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Role assignment removed successfully
@returns(204) Role assignment removed successfully
@errors {404: Role assignment not found, 422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}/users
@desc List Tenant Users
@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {search: str # Text search for the email field, role: str # Match users with a specific role, include_resource_instance_roles: bool=false # Should add resource instance roles, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}/users
@desc Add User To Tenant
@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A unique id by which Permit will identify the user for permission checks.}
@optional {email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies., role_assignments: [map{role!: str, tenant: str, resource_instance: str}] # List of roles to assign to the user in the environment.}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/tenants
@desc List Tenants
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {search: str # Text search for the tenant name or key, include_total_count: bool=false # Include total count in response, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/tenants
@desc Create Tenant
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A unique id by which Permit will identify the tenant. The tenant key must be url-friendly (slugified)., name: str # A descriptive name for the tenant}
@optional {description: str # an optional longer description of the tenant, attributes: map=[object Object] # Arbitraty tenant attributes that will be used to enforce attribute-based access control policies.}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), last_action_at: str(date-time), name: str, description: str, attributes: map} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}
@desc Get Tenant
@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), last_action_at: str(date-time), name: str, description: str, attributes: map} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}
@desc Delete Tenant
@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}
@desc Update Tenant
@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {name: str # A descriptive name for the tenant, description: str # an optional longer description of the tenant, attributes: map=[object Object] # Arbitraty tenant attributes that will be used to enforce attribute-based access control policies.}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), last_action_at: str(date-time), name: str, description: str, attributes: map} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}/users/{user_id}
@desc Delete Tenant User
@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the "slug")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/role_assignments/detailed
@desc List Role Assignments Detailed
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {user: [str] # optional user(s) filter, will only return role assignments granted to this user(s)., role: [str] # optional role(s) filter, will only return role assignments granting this role(s)., tenant: [str] # optional tenant(s) filter, will only return role assignments granted in that tenant(s)., resource: str # optional resource **type** filter, will only return role assignments granted on that resource type., resource_instance: str # optional resource instance filter, will only return role assignments granted on that resource instance., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 1000).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/role_assignments
@desc List Role Assignments
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {user: [str] # optional user(s) filter, will only return role assignments granted to this user(s)., role: [str] # optional role(s) filter, will only return role assignments granting this role(s)., tenant: [str] # optional tenant(s) filter, will only return role assignments granted in that tenant(s)., resource: str # optional resource **type** filter, will only return role assignments granted on that resource type., resource_instance: str # optional resource instance filter, will only return role assignments granted on that resource instance., detailed: bool=false # Whether to return full details about the user, tenant and role, include_total_count: bool=false # If true, returns the list of role assignments and the total count., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 1000).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/role_assignments
@desc Assign Role
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., role: str # the role that will be assigned (accepts either the role id or the role key), user: str # the user the role will be assigned to (accepts either the user id or the user key)}
@optional {tenant: str # the tenant the role is associated with (accepts either the tenant id or the tenant key), resource_instance: str # the resource instance the role is associated with (accepts either the resource instance id or key using this format resource_type:resource_instance)The resource instance will be implicitly created if the tenant parameter is specified and the resource instance does not exist.}
@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/role_assignments
@desc Unassign Role
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., role: str # the role that will be unassigned (accepts either the role id or the role key), tenant: str # the tenant the role is associated with (accepts either the tenant id or the tenant key), user: str # the user the role will be unassigned from (accepts either the user id or the user key)}
@optional {return_deleted: bool=false # Whether to return the deleted role assignment, status code will be 200 instead of the default 204 if true, resource_instance: str # the resource instance the role is associated with (accepts either the resource instance id or key using this format resource_type:resource_instance)}
@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Role assignment removed successfully
@returns(204) Role assignment removed successfully
@errors {404: Role assignment not found, 422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/role_assignments/bulk
@desc Bulk create role assignments
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {missing_user_policy: any=fail # Policy for missing users - 'fail': Fail the entire operation if a user is missing; 'ignore': Skip assignments for missing users; 'create': Create missing users and continue with the operation}
@returns(200) {assignments_created: int} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/role_assignments/bulk
@desc Bulk Unassign Role
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {assignments_removed: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/set_rules
@desc List Set Permissions
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {user_set: str # optional user set filter, will only return rules where the permission is granted to this user set, permission: str # optional permission filter, will only return condition set rules granting this permission, resource_set: str # optional resource set filter, will only return rules where the permission is granted on this resource set, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/set_rules
@desc Assign Set Permissions
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., user_set: str # The userset that will be given permission, i.e: all the users matching this rule will be given the specified permission, permission: str # The permission that will be granted to the userset *on* the resourceset. The permission can be either a resource action id, or `{resource_key}:{action_key}`, i.e: the "permission name"., resource_set: str # The resourceset that represents the resources that are granted for access, i.e: all the resources matching this rule can be accessed by the userset to perform the granted *permission*}
@optional {is_role: bool=false # if True, will set the condition set rule to the role's autogen user-set., is_resource: bool=false # if True, will set the condition set rule to the resource's autogen resource-set.}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/set_rules
@desc Unassign Set Permissions
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., user_set: str # The userset that will be unassigned these permission, i.e: all the users matching this rule will lose the specified permission, permission: str # The permission that will be removed from the userset *on* the resourceset. The permission can be either a resource action id, or `{resource_key}:{action_key}`, i.e: the "permission name"., resource_set: str # The resourceset that represents the resources that are no longer granted for access, i.e: all the resources matching this rule can no longer be accessed by the userset, and will be revoked the specified *permission*}
@optional {is_role: bool=false # if True, will set the condition set rule to the role's autogen user-set., is_resource: bool=false # if True, will set the condition set rule to the resource's autogen resource-set.}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/resource_instances/detailed
@desc List Resource Instances Detailed
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {tenant: str # The tenant key or id to filter by, resource: str # The resource key or id to filter by, search: [str] # The resource instance key or id to filter by (supports multi-value like this url?search=key-1&search=key-2), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/resource_instances
@desc List Resource Instances
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {tenant: str # The tenant key or id to filter by, resource: str # The resource key or id to filter by, search: [str] # The resource instance key or id to filter by (supports multi-value like this url?search=key-1&search=key-2), detailed: bool=false # If true, will return the relationships of the resource instance., include_total_count: bool=false # Include total count in response(will make the request slower), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/resource_instances
@desc Create Resource Instance
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A unique identifier by which Permit will identify the resource instance for permission checks. You will later pass this identifier to the `permit.check()` API. A key can be anything: for example the resource db id, a url slug, a UUID or anything else as long as it's unique on your end. The resource instance key must be url-friendly., tenant: str # the *key* of the tenant that this resource belongs to, used to enforce tenant boundaries in multi-tenant apps., resource: str # the *key* of the resource (type) of this resource instance. For example: if this resource instance is the annual budget document, the key of the resource might be `document`.}
@optional {attributes: map=[object Object] # Arbitrary resource attributes that will be used to enforce attribute-based access control policies.}
@returns(200) {key: str, tenant: str, resource: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource_id: str(uuid), tenant_id: str(uuid), attributes: map, relationships: [map]} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id}
@desc Get Resource Instance
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., instance_id: str # f'Either the unique id of the resource instance, or the URL-friendly key of the  (i.e: file:my_file.txt).'}
@optional {detailed: bool=false # If true, will return the relationships of the resource instance.}
@returns(200) {key: str, tenant: str, resource: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource_id: str(uuid), tenant_id: str(uuid), attributes: map, relationships: [map]} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id}
@desc Delete Resource Instance
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., instance_id: str # f'Either the unique id of the resource instance, or the URL-friendly key of the  (i.e: file:my_file.txt).'}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id}
@desc Update Resource Instance
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., instance_id: str # f'Either the unique id of the resource instance, or the URL-friendly key of the  (i.e: file:my_file.txt).'}
@optional {attributes: map=[object Object] # Arbitrary resource attributes that will be used to enforce attribute-based access control policies.}
@returns(200) {key: str, tenant: str, resource: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource_id: str(uuid), tenant_id: str(uuid), attributes: map, relationships: [map]} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/proxy_configs
@desc List Proxy Configs
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/proxy_configs
@desc Create Proxy Config
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., secret: any # Proxy config secret is set to enable the Permit Proxy to make proxied requests to the backend service., key: str # Proxy Config is set to enable the Permit Proxy to make proxied requests as part of the Frontend AuthZ., name: str # The name of the proxy config, for example: 'Stripe API'}
@optional {mapping_rules: [map{url!: str, url_type: str, http_method!: any, resource!: str, headers: map, action: str, priority: int}]= # Proxy config mapping rules will include the rules that will be used to map the request to the backend service by a URL and a http method., auth_mechanism: any=Bearer # Proxy config auth mechanism will define the authentication mechanism that will be used to authenticate the request.  Bearer injects the secret into the Authorization header as a Bearer token,  Basic injects the secret into the Authorization header as a Basic user:password,  Headers injects plain headers into the request.}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), secret: any, name: str, mapping_rules: [map], auth_mechanism: any} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id}
@desc Get Proxy Config
@required {proxy_config_id: str # Either the unique id of the proxy config, or the URL-friendly key of the proxy config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), secret: any, name: str, mapping_rules: [map], auth_mechanism: any} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id}
@desc Delete Proxy Config
@required {proxy_config_id: str # Either the unique id of the proxy config, or the URL-friendly key of the proxy config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id}
@desc Update Proxy Config
@required {proxy_config_id: str # Either the unique id of the proxy config, or the URL-friendly key of the proxy config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {secret: any # Proxy config secret is set to enable the Permit Proxy to make proxied requests to the backend service., name: str # The name of the proxy config, for example: 'Stripe API', mapping_rules: [map{url!: str, url_type: str, http_method!: any, resource!: str, headers: map, action: str, priority: int, should_delete: bool}]= # Proxy config mapping rules, with optional should_delete flag to indicate deletion., auth_mechanism: any=Bearer # Proxy config auth mechanism will define the authentication mechanism that will be used to authenticate the request.  Bearer injects the secret into the Authorization header as a Bearer token,  Basic injects the secret into the Authorization header as a Basic user:password,  Headers injects plain headers into the request.}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), secret: any, name: str, mapping_rules: [map], auth_mechanism: any} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/facts/{proj_id}/{env_id}/bulk/users
@desc Bulk Replace Users
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., operations: [map{key!: str, email: str(email), first_name: str, last_name: str, attributes: map, role_assignments: [map]}]}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/bulk/users
@desc Bulk Create Users
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., operations: [map{key!: str, email: str(email), first_name: str, last_name: str, attributes: map, role_assignments: [map]}]}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/bulk/users
@desc Bulk Delete Users
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., idents: [str] # List of user idents to delete. Either the unique id or the key of the users.}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/bulk/tenants
@desc Bulk Create Tenants
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., operations: [map{key!: str, name!: str, description: str, attributes: map}]}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/bulk/tenants
@desc Bulk Delete Tenants
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., idents: [str] # List of tenant idents to delete. Either the unique id or the key of the tenants.}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/facts/{proj_id}/{env_id}/bulk/resource_instances
@desc Bulk Replace Resource Instances
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., operations: [map{key!: str, tenant!: str, resource!: str, attributes: map}]}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/bulk/resource_instances
@desc Bulk Delete Resource Instances
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., idents: [str] # List of resource instance idents to delete. Either the unique id of the resource instance, or the URL-friendly key of the  (i.e: file:my_file)}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/email_configurations
@desc Get Email Configuration
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/email_configurations
@desc Create Or Update Email Configuration
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/email_configurations/send_test_email
@desc Send Test Email
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/email_templates/
@desc List Templates
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/email_templates/{template_type}
@desc Get Template By Type
@required {template_type: str, proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {template_type: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), from_address: str(email), redirect_to: str(uri), url_ttl: str, subject: str, messages: [map]} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/email_templates/{template_type}
@desc Update Template By Type
@required {template_type: str, proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., from_address: str(email) # The from address the mails will be sent from, redirect_to: str(uri) # The redirect url the user will be redirected to after clicking the link in the email, url_ttl: str # The time to live of the url in the email, in seconds, subject: str # The subject of the email template, messages: [map{message_type!: any, message_content!: str}] # The messages of the email template}
@returns(200) {template_type: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), from_address: str(email), redirect_to: str(uri), url_ttl: str, subject: str, messages: [map]} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/email_templates/{template_type}/send_test_email
@desc Send Test Email By Type
@required {template_type: str, proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., from_address: str(email) # The from address the mails will be sent from, redirect_to: str(uri) # The redirect url the user will be redirected to after clicking the link in the email, url_ttl: str # The time to live of the url in the email, in seconds, subject: str # The subject of the email template, messages: [map{message_type!: any, message_content!: str}] # The messages of the email template}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/relationship_tuples/detailed
@desc List Relationship Tuples Detailed
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., tenant: str # The tenant key or id to filter by, subject: str # The subject to filter by, accepts either the resource instance id or resource_type:resource_instance, relation: str # The relation id or key to filter by, object: str # The object to filter by, accepts either the resource instance id or resource_type:resource_instance, object_type: str # The object type to filter by, accepts resource type id or key, subject_type: str # The subject type to filter by, accepts resource type id or key}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/relationship_tuples
@desc List Relationship Tuples
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {detailed: bool=false # If true, will return the full subject and object resource instances., include_total_count: bool=false # If true, returns the list of resource instances and the total count., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., tenant: str # The tenant key or id to filter by, subject: str # The subject to filter by, accepts either the resource instance id or resource_type:resource_instance, relation: str # The relation id or key to filter by, object: str # The object to filter by, accepts either the resource instance id or resource_type:resource_instance, object_type: str # The object type to filter by, accepts resource type id or key, subject_type: str # The subject type to filter by, accepts resource type id or key}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/relationship_tuples
@desc Create Relationship Tuple
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., subject: str # the resource instance assigned the new relation (accepts either the resource instance id or resource_key:resource_instance_key), relation: str # the relation to assign between the subject and object, object: str # the resource instance on which the new relation is assigned (accepts either the resource instance id or resource_key:resource_instance_key)}
@optional {tenant: str # The tenant the subject and object belong to, if the resource instances don't exist yet, the tenant is required to create them. otherwise it is ignored}
@returns(200) {subject: str, relation: str, object: str, id: str(uuid), tenant: str, subject_id: str(uuid), relation_id: str(uuid), object_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), subject_details: any, relation_details: any, object_details: any, tenant_details: any} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/relationship_tuples
@desc Delete Relationship Tuple
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., subject: str # the resource instance assigned the new relation (accepts either the resource instance id or resource_key:resource_instance_key), relation: str # the relation to assign between the subject and object, object: str # the resource instance on which the new relation is assigned (accepts either the resource instance id or resource_key:resource_instance_key)}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/relationship_tuples/bulk
@desc Bulk create relationship tuples
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., operations: [map{subject!: str, relation!: str, object!: str, tenant: str}]}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/relationship_tuples/bulk
@desc Bulk Delete Relationship Tuples
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., idents: [map{subject!: str, relation!: str, object!: str}] # List of relationship tuples objects to delete}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/user_invites
@desc List User Invites
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {role: str # optional role filter, will only return invited users with this role., tenant: str # optional tenant filter, will only return invited users in that tenant., search: str # optional search, will only return invited users to that email, key or name., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/user_invites
@desc Create User Invite
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # The key of the user that is being invited, status: any # The status of the user invite, email: str(email) # The email of the user that being invited, first_name: str # The first name of the user that is being invited, last_name: str # The last name of the user that is being invited, role_id: str(uuid) # The role of the user that is being invited, tenant_id: str(uuid) # The tenant id of the user that is being invited, resource_instance_id: str(uuid) # The resource instance id of the user that is being invited}
@returns(200) {id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), key: str, status: any, email: str(email), first_name: str, last_name: str, role_id: str(uuid), tenant_id: str(uuid), resource_instance_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}
@desc Get User Invite
@required {user_invite_id: str # Either the unique id of the user_invite, or the URL-friendly key of the user_invite (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), key: str, status: any, email: str(email), first_name: str, last_name: str, role_id: str(uuid), tenant_id: str(uuid), resource_instance_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}
@desc Delete User Invite
@required {user_invite_id: str # Either the unique id of the user_invite, or the URL-friendly key of the user_invite (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}
@desc Update User Invite
@required {user_invite_id: str # Either the unique id of the user_invite, or the URL-friendly key of the user_invite (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # The key of the user that is being invited, status: any # The status of the user invite, email: str(email) # The email of the user that being invited, first_name: str # The first name of the user that is being invited, last_name: str # The last name of the user that is being invited, role_id: str(uuid) # The role of the user that is being invited, tenant_id: str(uuid) # The tenant id of the user that is being invited, resource_instance_id: str(uuid) # The resource instance id of the user that is being invited}
@returns(200) {id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), key: str, status: any, email: str(email), first_name: str, last_name: str, role_id: str(uuid), tenant_id: str(uuid), resource_instance_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}/approve
@desc Approve User Invite
@required {user_invite_id: str # Either the unique id of the user_invite, or the URL-friendly key of the user_invite (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., email: str(email) # The email of the user that being invited, key: str # The key of the elements user invite, attributes: map # The attributes of the user}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response
@errors {400: The user already approved or the email requested doesn't match the email of the invite., 422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}
@desc List Access Requests
@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the "slug")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {status: any # Optional status filter, will only return access requests with this status., role: str # Optional role filter, will only return access request granted with that role., resource: str # Optional resource filter, will only return access request granted in that resource., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}
@desc Create Access Request
@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the "slug")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., access_request_details: any # details of the access request, including the resource and tenant}
@optional {reason: str # Optional business justification provided by the user requesting access}
@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}
@desc Get Access Request
@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the "slug")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the "slug")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/reviewer
@desc Update Access Request Reviewer
@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the "slug")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the "slug")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@optional {reviewer_comment: str # comment provided by the reviewer_user_id, role: str # role id or key that the user is requesting access to}
@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/approve
@desc Approve Access Request
@required {access_request_id: str(uuid) # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the "slug")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the "slug")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@optional {reviewer_comment: str # comment provided by the reviewer_user_id, role: str # role id or key that the user is requesting access to}
@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/deny
@desc Deny Access Request
@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the "slug")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the "slug")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@optional {reviewer_comment: str # comment provided by the reviewer_user_id}
@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/cancel
@desc Cancel Access Request
@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the "slug")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the "slug")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endgroup

@group pdps
@endpoint GET /v2/pdps/{proj_id}/{env_id}/configs
@desc List PDP configurations
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/values
@desc Get PDP configuration
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., pdp_id: str(uuid) # The unique id of the pdp}
@optional {X-Shard-ID: int}
@returns(200) {opal_common: map{FETCHING_CALLBACK_TIMEOUT: int, AUTH_PUBLIC_KEY: str}, opal_client: map{DATA_TOPICS: [str], CLIENT_TOKEN: str, SERVER_URL: str, SERVER_WS_URL: str, SERVER_PUBSUB_URL: str, DEFAULT_DATA_SOURCES_CONFIG_URL: str, SCOPE_ID: str, SHOULD_REPORT_ON_DATA_UPDATES: bool, DEFAULT_UPDATE_CALLBACKS: map{callbacks: [any]}, DEFAULT_UPDATE_CALLBACK_CONFIG: map{fetcher: str, headers: map, is_json: bool, process_data: bool, method: any, data: any}}, pdp: any, context: map{customer_id: str(uuid), client_id: str, backend_tier: str(uri), component: str, org_id: str(uuid), project_id: str(uuid), env_id: str(uuid)}} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/debug-audit-logs/enable
@desc Enable debug audit logs
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., pdp_id: str(uuid) # The unique id of the pdp}
@returns(200) {id: str(uuid), name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), client_secret: str, opal_server_access_token: str, num_shards: int, debug_audit_logs: bool, min_pdp_version: str} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/debug-audit-logs/disable
@desc Disable debug audit logs
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., pdp_id: str(uuid) # The unique id of the pdp}
@returns(200) {id: str(uuid), name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), client_secret: str, opal_server_access_token: str, num_shards: int, debug_audit_logs: bool, min_pdp_version: str} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/rotate-api-key
@desc Rotate PDP API Key
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., pdp_id: str(uuid) # The unique id of the pdp}
@returns(200) {id: str(uuid), name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), client_secret: str, opal_server_access_token: str, num_shards: int, debug_audit_logs: bool, min_pdp_version: str} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/pdps/{proj_id}/{env_id}/configs/migrate-shards
@desc Migrate PDP Config number of shards
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., num_shards: int}
@returns(200) {id: str(uuid), name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), client_secret: str, opal_server_access_token: str, num_shards: int, debug_audit_logs: bool, min_pdp_version: str} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/pdps/{proj_id}/{env_id}/audit_logs
@desc List Audit Logs
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {pdp_id: str(uuid) # Filter by pdp config id, users: [str] # List of user keys or emails to filter by, decision: bool # Filter by decision result, resources: [str] # Filter by resources, tenant: str # Filter by tenant, action: str # Filter by action, timestamp_from: int # Filter by timestamp from, timestamp_to: int # Filter by timestamp to, sort_by: any=timestamp # Sort by column, query: any=check # Filter by the type of query that generated the audit log.'check' - permit/root, permit/check, permit/bulk'get_user_permissions' - permit/user_permissions'get_authorized_users' - permit/authorized_users, permit/authorized_users_new'none' - All queries, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int, pagination_count: int} # Successful Response
@errors {400: Overreach of pagination limits, 422: Validation Error}

@endpoint GET /v2/pdps/{proj_id}/{env_id}/audit_logs/{log_id}
@desc Get detailed audit log
@required {log_id: str(uuid) # The unique id of the audit log, proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {id: str(uuid), raw_data: any, timestamp: str(date-time), created_at: str(date-time), query: str, user_key: str, user_email: str, user_name: str, resource_type: str, tenant: str, action: str, decision: bool, reason: str, org_id: str(uuid), project_id: str(uuid), env_id: str(uuid), pdp_config_id: str(uuid), input: any, result: any, context: any, objects: any} # Successful Response
@errors {422: Validation Error}

@endgroup

@group projects
@endpoint GET /v2/projects/{proj_id}/repos
@desc List Policy Repos
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/projects/{proj_id}/repos
@desc Create Policy Repo
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., key: str # A URL-friendly name of the policy repo (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the policy repo., url: str # The SSH URL of the git repository (e.g. git@github.com:username/repository.git), credentials: map{auth_type: str, username!: str, public_key: str, private_key!: str}}
@optional {main_branch_name: str=main, activate_when_validated: bool=false # if you want to change your policy repository to this repo right after it is validated}
@returns(200) {id: str(uuid), status: str, key: str, url: str, main_branch_name: str, credentials: map{auth_type: str, username: str, public_key: str, private_key: str}, activate_when_validated: bool} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/projects/{proj_id}/repos/active
@desc Get Active Policy Repo
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").}
@returns(200) {id: str(uuid), status: str, key: str, url: str, main_branch_name: str, credentials: map{auth_type: str, username: str, public_key: str, private_key: str}, activate_when_validated: bool} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/projects/{proj_id}/repos/disable
@desc Disable Active Policy Repo
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").}
@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/projects/{proj_id}/repos/{repo_id}/activate
@desc Activate Policy Repo
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., repo_id: str # Either the unique id of the policy repo, or the URL-friendly key of the policy repo (i.e: the "slug").}
@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response
@errors {400: Invalid policy repo status, 422: Validation Error}

@endpoint GET /v2/projects/{proj_id}/repos/{repo_id}
@desc Get Policy Repo
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., repo_id: str # Either the unique id of the policy repo, or the URL-friendly key of the policy repo (i.e: the "slug").}
@returns(200) {id: str(uuid), status: str, key: str, url: str, main_branch_name: str, credentials: map{auth_type: str, username: str, public_key: str, private_key: str}, activate_when_validated: bool} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/projects/{proj_id}/repos/{repo_id}
@desc Delete Policy Repo
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., repo_id: str # Either the unique id of the policy repo, or the URL-friendly key of the policy repo (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endgroup

@group elements
@endpoint GET /v2/elements/{proj_id}/{env_id}/config
@desc List Elements Configs
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/elements/{proj_id}/{env_id}/config
@desc Create Elements Config
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A URL-friendly name of the elements_config (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the elements_config., name: str # The name of the elements_config, elements_type: any # The type of the elements interface, e.g: user management, settings: map # Obj with the options of the elements interface, e.g: primary color, roles_to_levels: map # Obj with levels as keys and role ids as values}
@optional {email_notifications: bool=false # Whether to send email notifications to users using your Email Provider you set, webhook: map{type: str, url!: str, bearer_token: str}}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), is_active: bool, name: str, elements_type: any, settings: map, email_notifications: bool, roles_to_levels: map, webhook: map{type: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), url: str}} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}
@desc Get Elements Config
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), is_active: bool, name: str, elements_type: any, settings: map, email_notifications: bool, roles_to_levels: map, webhook: map{type: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), url: str}} # Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}
@desc Update Elements Config
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., roles_to_levels: map # Obj with levels as keys and role ids as values}
@optional {name: str # The name of the elements_config, elements_type: any # The type of the elements interface, e.g: user management, settings: map # Obj with the options of the elements interface, e.g: primary color, email_notifications: bool=false # Whether to send email notifications to users using your Email Provider you set, webhook: map{url: str, bearer_token: str}}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), is_active: bool, name: str, elements_type: any, settings: map, email_notifications: bool, roles_to_levels: map, webhook: map{type: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), url: str}} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/runtime
@desc Get Elements Config Runtime
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}
@returns(200) {config: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), is_active: bool, name: str, elements_type: any, settings: map, email_notifications: bool, roles_to_levels: map, webhook: map{type: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), url: str}}, current_permission_level: str} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/elements/{proj_id}/{env_id}/{elements_config_id}
@desc Delete Elements Config
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users
@desc List users
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {search: str # Text search for the email field, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users
@desc Create user
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., key: str # A unique id by which Permit will identify the user for permission checks.}
@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on, email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies., role_assignments: [map{role!: str, tenant: str, resource_instance: str}] # List of roles to assign to the user in the environment., role: str}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id}
@desc Delete user
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug").}
@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/user-invites
@desc List all Elements User Invites
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {search: str # Text search for the email field, status: any # Status of the user invite, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/roles
@desc List roles
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {search: str # Text search for the email field, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id}/roles
@desc Assign role to user
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., role: str # the role that will be assigned (accepts either the role id or the role key)}
@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}
@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id}/roles
@desc Unassign role from user
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., role: str # the role that will be unassigned (accepts either the role id or the role key)}
@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/active
@desc Set Config Active
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/audit_logs
@desc List audit logs
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@optional {search: str # Text search for the email field, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int, pagination_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests
@desc List Access Requests
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {status: any # Optional status filter, will only return access requests with this status., tenant: str # Optional tenant filter, will only return access request granted in that tenant., role: str # Optional role filter, will only return access request granted with that role., resource: str # Optional resource filter, will only return access request granted in that resource., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests
@desc Create Access Request
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., access_request_details: any # details of the access request, including the resource and tenant}
@optional {reason: str # Optional business justification provided by the user requesting access}
@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}
@desc Get Access Request
@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/reviewer
@desc Update Access Request Reviewer
@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@optional {reviewer_comment: str # comment provided by the reviewer_user_id, role: str # role id or key that the user is requesting access to}
@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/approve
@desc Approve Access Request
@required {access_request_id: str(uuid) # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@optional {reviewer_comment: str # comment provided by the reviewer_user_id, role: str # role id or key that the user is requesting access to}
@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/deny
@desc Deny Access Request
@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@optional {reviewer_comment: str # comment provided by the reviewer_user_id}
@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/cancel
@desc Cancel Access Request
@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval
@desc List Operation Approvals
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@optional {status: any # Optional status filter, will only return access requests with this status., resource: str # Optional resource filter, will only return access request granted in that resource., resource_instance: str # Optional resource instance filter, will only return access request granted in that resource instance., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval
@desc Create Operation Approval
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug")., access_request_details: any # details of the operation approval, including the resource and tenant}
@optional {reason: str # Optional business justification provided by the user requesting operation approval}
@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}
@desc Get Operation Approval
@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint PATCH /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/reviewer
@desc Update Operation Approval Reviewer
@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@optional {reviewer_comment: str # comment provided by the reviewer_user_id}
@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/approve
@desc Approve Operation Approval
@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@optional {reviewer_comment: str # comment provided by the reviewer_user_id}
@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/deny
@desc Deny Operation Approval
@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@optional {reviewer_comment: str # comment provided by the reviewer_user_id}
@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/cancel
@desc Cancel Operation Approval
@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the "slug").}
@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endgroup

@group deprecated
@endpoint GET /v2/deprecated/history
@desc List Api Events
@optional {method: [str] # HTTP methods to include in search, path: [str] # API paths to include in search, success: bool # Filter by API request success/failure, status_code: [int] # HTTP status codes to include in search, client_ip: [str] # IPs of clients to include in search, actor_type: [str] # Actor type to search (member, user, api_key), actor_id: [str] # Actor ID to search, actor_display_name: str # Actor display name to search, project_id: [str] # Projects to include in search, env_id: [str] # Environments to include in search, timestamp_from: int # Retrieve only events after this timestamp (seconds since epoch), timestamp_until: int # Retrieve only events before this timestamp (seconds since epoch), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/deprecated/history/{event_id}
@desc Get Api Event
@required {event_id: str(uuid)}
@returns(200) {request_body: str(binary), response_body: str(binary), timestamp: str(date-time), timestamp_utc: str(date-time), method: str, path: str, success: bool, status: int, request_id: str(uuid), client_ip: str, actor_type: str, actor_id: str(uuid), actor_display_name: str, org_id: str(uuid), project_key: str, project_id: str(uuid), env_key: str, env_id: str(uuid), id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/deprecated/history/{event_id}/request
@desc Get Request Body
@required {event_id: str(uuid)}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/deprecated/history/{event_id}/response
@desc Get Response Body
@required {event_id: str(uuid)}
@returns(200) Successful Response
@errors {422: Validation Error}

@endgroup

@group history
@endpoint GET /v2/history
@desc List Api Events
@optional {method: [str] # HTTP methods to include in search, path: [str] # API paths to include in search, success: bool # Filter by API request success/failure, status_code: [int] # HTTP status codes to include in search, client_ip: [str] # IPs of clients to include in search, actor_type: [str] # Actor type to search (member, user, api_key), actor_id: [str] # Actor ID to search, actor_display_name: str # Actor display name to search, project_id: [str] # Projects to include in search, env_id: [str] # Environments to include in search, timestamp_from: int # Retrieve only events after this timestamp (seconds since epoch), timestamp_until: int # Retrieve only events before this timestamp (seconds since epoch), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int, pagination_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/history/{event_id}
@desc Get Api Event
@required {event_id: str(uuid)}
@returns(200) {request_body: str(binary), response_body: str(binary), timestamp: str(date-time), timestamp_utc: str(date-time), method: str, path: str, success: bool, status: int, request_id: str(uuid), client_ip: str, actor_type: str, actor_id: str(uuid), actor_display_name: str, org_id: str(uuid), project_key: str, project_id: str(uuid), env_key: str, env_id: str(uuid), id: str(uuid)} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/history/{event_id}/request
@desc Get Request Body
@required {event_id: str(uuid)}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/history/{event_id}/response
@desc Get Response Body
@required {event_id: str(uuid)}
@returns(200) Successful Response
@errors {422: Validation Error}

@endgroup

@group activity
@endpoint GET /v2/activity
@desc List Activity Events
@optional {actor_id: [str] # Actor ID to search, actor_display_name: str # Actor display name to search, actor_type: [str] # Actor type to search (member, user, api_key), project_id: [str] # Projects to include in search, env_id: [str] # Environments to include in search, timestamp_from: int # Retrieve only events after this timestamp (seconds since epoch), timestamp_until: int # Retrieve only events before this timestamp (seconds since epoch), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int, pagination_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/activity/types
@desc List Activity Types
@returns(200) Successful Response
@errors {422: Validation Error}

@endgroup

@group deprecated
@endpoint GET /v2/deprecated/activity
@desc List Activity Events
@optional {actor_id: [str] # Actor ID to search, actor_display_name: str # Actor display name to search, actor_type: [str] # Actor type to search (member, user, api_key), project_id: [str] # Projects to include in search, env_id: [str] # Environments to include in search, timestamp_from: int # Retrieve only events after this timestamp (seconds since epoch), timestamp_until: int # Retrieve only events before this timestamp (seconds since epoch), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/deprecated/activity/types
@desc List Activity Types
@returns(200) Successful Response
@errors {422: Validation Error}

@endgroup

@group policy_guards
@endpoint GET /v2/policy_guards/scopes
@desc List Policy Guard Scopes
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/policy_guards/scopes
@desc Create Policy Guard Scope
@required {key: str # The unique key of the policy guard scope.}
@optional {policy_guard_scope_details: [map{project_id!: str}]= # list of projects that this policy guard is assigned to.}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), policy_guard_scope_details: [map]} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/policy_guards/scopes/{policy_guard_scope_id}
@desc Get Policy Guard Scope
@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the "slug").}
@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), policy_guard_scope_details: [map]} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/policy_guards/scopes/{policy_guard_scope_id}
@desc Delete Policy Guard Scope
@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/policy_guards/scopes/{policy_guard_scope_id}/associate
@desc Associate Policy Guard Scope
@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the "slug")., project_id: str # The unique identifier of the project of this policy scope.}
@optional {wait: num=0 # Time in seconds to wait for the task to complete. Default is 0, means no wait.}
@returns(200) {task_id: str, status: any, result: any, error: any} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/policy_guards/scopes/{policy_guard_scope_id}/disassociate
@desc Disassociate Policy Guard Scope
@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the "slug")., project_id: str # The unique identifier of the project of this policy scope.}
@returns(204) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/policy_guards/scopes/{policy_guard_scope_id}/rules
@desc List Policy Guard Rules
@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the "slug").}
@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint POST /v2/policy_guards/scopes/{policy_guard_scope_id}/rules
@desc Create Policy Guard Rule
@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the "slug")., is_allowed: bool # If True, the permission will be allowed for the role in the policy guard across all projectswithin the policy scope, and the permission will be locked from further editing., resource_key: str # The key of the resource., action_key: str # The key of the action.}
@optional {wait: num=0 # Time in seconds to wait for the task to complete. Default is 0, means no wait., role_key: str # The key of the role., resource_set: any # The resource set that the permission will be applied to., user_set: any # The user set that the permission will be applied to.}
@returns(200) {task_id: str, status: any, result: any, error: any} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/policy_guards/scopes/{policy_guard_scope_id}/rules
@desc Delete Policy Guard Rule
@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the "slug")., resource_key: str # The key of the resource., action_key: str # The key of the action.}
@optional {role_key: str # The key of the role., resource_set: any # The resource set that the permission will be applied to., user_set: any # The user set that the permission will be applied to.}
@returns(204) Successful Response
@errors {422: Validation Error}

@endgroup

@group projects
@endpoint GET /v2/projects/{proj_id}/{env_id}/opal_scope
@desc Get Scope Config
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(200) {data: map{entries: [map]}, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint PUT /v2/projects/{proj_id}/{env_id}/opal_scope
@desc Set Scope Config
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {data: map{entries: [map]} # Static list of Data Source Entries returned to client.  Answers this question for the client: from where should i get the full picture of data i need? (as opposed to incremental data updates)}
@returns(200) {data: map{entries: [map]}, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response
@errors {422: Validation Error}

@endpoint DELETE /v2/projects/{proj_id}/{env_id}/opal_scope
@desc Reset Scope Config
@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@returns(204) Successful Response
@errors {422: Validation Error}

@endgroup

@group audit-log-replay
@endpoint POST /v2/audit-log-replay
@desc Run the audit log replay
@required {pdp_url: str # URL of the PDP to test against}
@optional {start_time: int # Start time for the query (in seconds since epoch). Defaults to 24 hours ago., end_time: int # End time for the query (in seconds since epoch). Defaults to current time., concurrency_limit: int=10 # Concurrency limit for processing documents (max: 5), graceful_shutdown_s: int=60 # Graceful shutdown time in seconds}
@returns(202) {message: str, document_count: int} # Successful Response
@errors {422: Validation Error}

@endgroup

@group internal
@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/optimized
@desc Get All Data Optimized
@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {X-Shard-ID: int}
@returns(200) {use_debugger: bool, users: map, tenants: map, roles: map, condition_set_rules: map, condition_set_rules_expand: map, relationships: map, resource_types: map, condition_sets: map, role_assignments: map, role_permissions: map, mapping_rules: map, resource_instances: map} # Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}
@desc Get All Data
@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/users
@desc Get All Users Data
@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/role_assignments
@desc Get All Role Assignments Data
@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/resource_instances
@desc Get All Resource Instances Data
@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}
@returns(200) Successful Response
@errors {422: Validation Error}

@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/relationships
@desc Get All Relationships Data
@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the "slug")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").}
@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}
@returns(200) Successful Response
@errors {422: Validation Error}

@endgroup

@end