{"files":{"SKILL.md":"---\nname: permitio-api\ndescription: \"Permit.io API skill. Use when working with Permit.io for members, api-key, orgs. Covers 258 endpoints.\"\nversion: 1.0.0\ngenerator: lapsh\n---\n\n# Permit.io API\nAPI version: 2.0.0\n\n## Auth\nBearer bearer\n\n## Base URL\nNot specified.\n\n## Setup\n1. Set Authorization header with Bearer token\n2. GET /v2/members/me -- get the authenticated account member\n3. POST /v2/members -- create first member\n\n## Endpoints\n258 endpoints across 14 groups. See references/api-spec.lap for full details.\n\n### Members\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /v2/members/me | Get the authenticated account member |\n| GET | /v2/members | List Organization Members |\n| POST | /v2/members | Invite new members |\n| DELETE | /v2/members | Remove permission |\n| GET | /v2/members/{member_id} | Get Organization Member |\n| DELETE | /v2/members/{member_id} | Remove member |\n| PATCH | /v2/members/{member_id} | Edit members |\n\n### Api-key\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /v2/api-key/{proj_id}/{env_id} | Get Environment Api Key |\n| GET | /v2/api-key/scope | Get Api Key Scope |\n| GET | /v2/api-key | List Api Keys |\n| POST | /v2/api-key | Create Api Key |\n| GET | /v2/api-key/{api_key_id} | Get Api Key |\n| DELETE | /v2/api-key/{api_key_id} | Delete Api Key |\n| POST | /v2/api-key/{api_key_id}/rotate-secret | Rotate API Key |\n\n### Orgs\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /v2/orgs | List Organizations |\n| POST | /v2/orgs | Create Organization |\n| GET | /v2/orgs/{org_id} | Get Organization |\n| DELETE | /v2/orgs/{org_id} | Delete Organization |\n| PATCH | /v2/orgs/{org_id} | Update Organization |\n| GET | /v2/orgs/active/org | Get Active Organization |\n| GET | /v2/orgs/{org_id}/stats | Stats Organization |\n| GET | /v2/orgs/{org_id}/invites | List Organization Invites |\n| POST | /v2/orgs/{org_id}/invites | Invite Members To Organization |\n| DELETE | /v2/orgs/{org_id}/invites/{invite_id} | Cancel Invite |\n\n### Projects\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /v2/projects | List Projects |\n| POST | /v2/projects | Create Project |\n| GET | /v2/projects/{proj_id} | Get Project |\n| DELETE | /v2/projects/{proj_id} | Delete Project |\n| PATCH | /v2/projects/{proj_id} | Update Project |\n| GET | /v2/projects/{proj_id}/envs/{env_id}/stats | Stats Environments |\n| GET | /v2/projects/{proj_id}/envs | List Environments |\n| POST | /v2/projects/{proj_id}/envs | Create Environment |\n| GET | /v2/projects/{proj_id}/envs/{env_id} | Get Environment |\n| DELETE | /v2/projects/{proj_id}/envs/{env_id} | Delete Environment |\n| PATCH | /v2/projects/{proj_id}/envs/{env_id} | Update Environment |\n| POST | /v2/projects/{proj_id}/envs/{env_id}/copy | Copy Environment |\n| POST | /v2/projects/{proj_id}/envs/{env_id}/copy/async | Copy Environment Async |\n| GET | /v2/projects/{proj_id}/envs/{env_id}/copy/async/{task_id}/result | Get Copy Environment Task Result |\n| POST | /v2/projects/{proj_id}/envs/{env_id}/test_jwks | Test Jwks By Url |\n| GET | /v2/projects/{proj_id}/repos | List Policy Repos |\n| POST | /v2/projects/{proj_id}/repos | Create Policy Repo |\n| GET | /v2/projects/{proj_id}/repos/active | Get Active Policy Repo |\n| PUT | /v2/projects/{proj_id}/repos/disable | Disable Active Policy Repo |\n| PUT | /v2/projects/{proj_id}/repos/{repo_id}/activate | Activate Policy Repo |\n| GET | /v2/projects/{proj_id}/repos/{repo_id} | Get Policy Repo |\n| DELETE | /v2/projects/{proj_id}/repos/{repo_id} | Delete Policy Repo |\n| GET | /v2/projects/{proj_id}/{env_id}/opal_scope | Get Scope Config |\n| PUT | /v2/projects/{proj_id}/{env_id}/opal_scope | Set Scope Config |\n| DELETE | /v2/projects/{proj_id}/{env_id}/opal_scope | Reset Scope Config |\n\n### Schema\n| Method | Path | Description |\n|--------|------|-------------|\n| PUT | /v2/schema/{proj_id}/{env_id}/bulk/roles | Bulk Create Or Replace Roles |\n| GET | /v2/schema/{proj_id}/{env_id}/condition_sets | List Condition Sets |\n| POST | /v2/schema/{proj_id}/{env_id}/condition_sets | Create Condition Set |\n| GET | /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id} | Get Condition Set |\n| DELETE | /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id} | Delete Condition Set |\n| PATCH | /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id} | Update Condition Set |\n| GET | /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}/ancestors | Get Condition Set Ancestors |\n| GET | /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}/descendants | Get Condition Set Descendants |\n| POST | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/implicit_grants | Create Implicit Grant |\n| DELETE | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/implicit_grants | Delete Implicit Grant |\n| PUT | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/implicit_grants/conditions | Update Implicit Grants Conditions |\n| GET | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups | List Resource Action Groups |\n| POST | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups | Create Resource Action Group |\n| GET | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id} | Get Resource Action Group |\n| DELETE | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id} | Delete Resource Action Group |\n| PATCH | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id} | Update Resource Action Group |\n| GET | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions | List Resource Actions |\n| POST | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions | Create Resource Action |\n| GET | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id} | Get Resource Action |\n| DELETE | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id} | Delete Resource Action |\n| PATCH | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id} | Update Resource Action |\n| GET | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes | List Resource Attributes |\n| POST | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes | Create Resource Attribute |\n| GET | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id} | Get Resource Attribute |\n| DELETE | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id} | Delete Resource Attribute |\n| PATCH | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id} | Update Resource Attribute |\n| GET | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations | List Resource Relations |\n| POST | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations | Create Resource Relation |\n| GET | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations/{relation_id} | Get Resource Relation |\n| DELETE | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations/{relation_id} | Delete Resource Relation |\n| GET | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles | List Resource Roles |\n| POST | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles | Create Resource Role |\n| GET | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id} | Get Resource Role |\n| DELETE | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id} | Delete Resource Role |\n| PATCH | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id} | Update Resource Role |\n| POST | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/permissions | Assign Permissions to Role |\n| DELETE | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/permissions | Remove Permissions from Role |\n| GET | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/ancestors | Get Resource Role Ancestors |\n| GET | /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/descendants | Get Resource Role Descendants |\n| GET | /v2/schema/{proj_id}/{env_id}/resources | List Resources |\n| POST | /v2/schema/{proj_id}/{env_id}/resources | Create Resource |\n| GET | /v2/schema/{proj_id}/{env_id}/resources/{resource_id} | Get Resource |\n| PUT | /v2/schema/{proj_id}/{env_id}/resources/{resource_id} | Replace Resource |\n| DELETE | /v2/schema/{proj_id}/{env_id}/resources/{resource_id} | Delete Resource |\n| PATCH | /v2/schema/{proj_id}/{env_id}/resources/{resource_id} | Update Resource |\n| GET | /v2/schema/{proj_id}/{env_id}/roles | List Roles |\n| POST | /v2/schema/{proj_id}/{env_id}/roles | Create Role |\n| GET | /v2/schema/{proj_id}/{env_id}/roles/{role_id} | Get Role |\n| DELETE | /v2/schema/{proj_id}/{env_id}/roles/{role_id} | Delete Role |\n| PATCH | /v2/schema/{proj_id}/{env_id}/roles/{role_id} | Update Role |\n| POST | /v2/schema/{proj_id}/{env_id}/roles/{role_id}/permissions | Assign Permissions To Role |\n| DELETE | /v2/schema/{proj_id}/{env_id}/roles/{role_id}/permissions | Remove Permissions From Role |\n| GET | /v2/schema/{proj_id}/{env_id}/roles/{role_id}/ancestors | Get Role Ancestors |\n| GET | /v2/schema/{proj_id}/{env_id}/roles/{role_id}/descendants | Get Role Descendants |\n| GET | /v2/schema/{proj_id}/{env_id}/users/attributes | List User Attributes |\n| POST | /v2/schema/{proj_id}/{env_id}/users/attributes | Create User Attribute |\n| GET | /v2/schema/{proj_id}/{env_id}/users/attributes/{attribute_id} | Get User Attribute |\n| DELETE | /v2/schema/{proj_id}/{env_id}/users/attributes/{attribute_id} | Delete User Attribute |\n| PATCH | /v2/schema/{proj_id}/{env_id}/users/attributes/{attribute_id} | Update User Attribute |\n| GET | /v2/schema/{proj_id}/{env_id}/groups/direct | List Direct Group |\n| GET | /v2/schema/{proj_id}/{env_id}/groups/direct/{group_instance_key} | Get Direct Group |\n| GET | /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/children | List group children (EAP) |\n| GET | /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/parents | List group parents (EAP) |\n| GET | /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users | List group users (EAP) |\n| GET | /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/roles | List group roles (EAP) |\n| POST | /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/roles | Assign Role To Group |\n| DELETE | /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/roles | Remove Role From Group |\n| GET | /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key} | Get Group |\n| DELETE | /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key} | Delete Group |\n| GET | /v2/schema/{proj_id}/{env_id}/groups | List Group |\n| POST | /v2/schema/{proj_id}/{env_id}/groups | Create Group |\n| PUT | /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users/{user_id} | Assign User To Group |\n| DELETE | /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users/{user_id} | Remove User From Group |\n| PUT | /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/assign_group | Assign Group To Group |\n| DELETE | /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/assign_group | Remove Group From Group |\n\n### Facts\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /v2/facts/{proj_id}/{env_id}/users | List Users |\n| POST | /v2/facts/{proj_id}/{env_id}/users | Create User |\n| GET | /v2/facts/{proj_id}/{env_id}/users/{user_id} | Get User |\n| PUT | /v2/facts/{proj_id}/{env_id}/users/{user_id} | Replace User |\n| DELETE | /v2/facts/{proj_id}/{env_id}/users/{user_id} | Delete User |\n| PATCH | /v2/facts/{proj_id}/{env_id}/users/{user_id} | Update User |\n| POST | /v2/facts/{proj_id}/{env_id}/users/{user_id}/roles | Assign Role To User |\n| DELETE | /v2/facts/{proj_id}/{env_id}/users/{user_id}/roles | Unassign Role From User |\n| GET | /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}/users | List Tenant Users |\n| POST | /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}/users | Add User To Tenant |\n| GET | /v2/facts/{proj_id}/{env_id}/tenants | List Tenants |\n| POST | /v2/facts/{proj_id}/{env_id}/tenants | Create Tenant |\n| GET | /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id} | Get Tenant |\n| DELETE | /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id} | Delete Tenant |\n| PATCH | /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id} | Update Tenant |\n| DELETE | /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}/users/{user_id} | Delete Tenant User |\n| GET | /v2/facts/{proj_id}/{env_id}/role_assignments/detailed | List Role Assignments Detailed |\n| GET | /v2/facts/{proj_id}/{env_id}/role_assignments | List Role Assignments |\n| POST | /v2/facts/{proj_id}/{env_id}/role_assignments | Assign Role |\n| DELETE | /v2/facts/{proj_id}/{env_id}/role_assignments | Unassign Role |\n| POST | /v2/facts/{proj_id}/{env_id}/role_assignments/bulk | Bulk create role assignments |\n| DELETE | /v2/facts/{proj_id}/{env_id}/role_assignments/bulk | Bulk Unassign Role |\n| GET | /v2/facts/{proj_id}/{env_id}/set_rules | List Set Permissions |\n| POST | /v2/facts/{proj_id}/{env_id}/set_rules | Assign Set Permissions |\n| DELETE | /v2/facts/{proj_id}/{env_id}/set_rules | Unassign Set Permissions |\n| GET | /v2/facts/{proj_id}/{env_id}/resource_instances/detailed | List Resource Instances Detailed |\n| GET | /v2/facts/{proj_id}/{env_id}/resource_instances | List Resource Instances |\n| POST | /v2/facts/{proj_id}/{env_id}/resource_instances | Create Resource Instance |\n| GET | /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id} | Get Resource Instance |\n| DELETE | /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id} | Delete Resource Instance |\n| PATCH | /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id} | Update Resource Instance |\n| GET | /v2/facts/{proj_id}/{env_id}/proxy_configs | List Proxy Configs |\n| POST | /v2/facts/{proj_id}/{env_id}/proxy_configs | Create Proxy Config |\n| GET | /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id} | Get Proxy Config |\n| DELETE | /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id} | Delete Proxy Config |\n| PATCH | /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id} | Update Proxy Config |\n| PUT | /v2/facts/{proj_id}/{env_id}/bulk/users | Bulk Replace Users |\n| POST | /v2/facts/{proj_id}/{env_id}/bulk/users | Bulk Create Users |\n| DELETE | /v2/facts/{proj_id}/{env_id}/bulk/users | Bulk Delete Users |\n| POST | /v2/facts/{proj_id}/{env_id}/bulk/tenants | Bulk Create Tenants |\n| DELETE | /v2/facts/{proj_id}/{env_id}/bulk/tenants | Bulk Delete Tenants |\n| PUT | /v2/facts/{proj_id}/{env_id}/bulk/resource_instances | Bulk Replace Resource Instances |\n| DELETE | /v2/facts/{proj_id}/{env_id}/bulk/resource_instances | Bulk Delete Resource Instances |\n| GET | /v2/facts/{proj_id}/{env_id}/email_configurations | Get Email Configuration |\n| POST | /v2/facts/{proj_id}/{env_id}/email_configurations | Create Or Update Email Configuration |\n| POST | /v2/facts/{proj_id}/{env_id}/email_configurations/send_test_email | Send Test Email |\n| GET | /v2/facts/{proj_id}/{env_id}/email_templates/ | List Templates |\n| GET | /v2/facts/{proj_id}/{env_id}/email_templates/{template_type} | Get Template By Type |\n| POST | /v2/facts/{proj_id}/{env_id}/email_templates/{template_type} | Update Template By Type |\n| POST | /v2/facts/{proj_id}/{env_id}/email_templates/{template_type}/send_test_email | Send Test Email By Type |\n| GET | /v2/facts/{proj_id}/{env_id}/relationship_tuples/detailed | List Relationship Tuples Detailed |\n| GET | /v2/facts/{proj_id}/{env_id}/relationship_tuples | List Relationship Tuples |\n| POST | /v2/facts/{proj_id}/{env_id}/relationship_tuples | Create Relationship Tuple |\n| DELETE | /v2/facts/{proj_id}/{env_id}/relationship_tuples | Delete Relationship Tuple |\n| POST | /v2/facts/{proj_id}/{env_id}/relationship_tuples/bulk | Bulk create relationship tuples |\n| DELETE | /v2/facts/{proj_id}/{env_id}/relationship_tuples/bulk | Bulk Delete Relationship Tuples |\n| GET | /v2/facts/{proj_id}/{env_id}/user_invites | List User Invites |\n| POST | /v2/facts/{proj_id}/{env_id}/user_invites | Create User Invite |\n| GET | /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id} | Get User Invite |\n| DELETE | /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id} | Delete User Invite |\n| PATCH | /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id} | Update User Invite |\n| POST | /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}/approve | Approve User Invite |\n| GET | /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id} | List Access Requests |\n| POST | /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id} | Create Access Request |\n| GET | /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id} | Get Access Request |\n| PATCH | /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/reviewer | Update Access Request Reviewer |\n| PUT | /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/approve | Approve Access Request |\n| PUT | /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/deny | Deny Access Request |\n| PUT | /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/cancel | Cancel Access Request |\n\n### Pdps\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /v2/pdps/{proj_id}/{env_id}/configs | List PDP configurations |\n| GET | /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/values | Get PDP configuration |\n| PUT | /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/debug-audit-logs/enable | Enable debug audit logs |\n| PUT | /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/debug-audit-logs/disable | Disable debug audit logs |\n| POST | /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/rotate-api-key | Rotate PDP API Key |\n| POST | /v2/pdps/{proj_id}/{env_id}/configs/migrate-shards | Migrate PDP Config number of shards |\n| GET | /v2/pdps/{proj_id}/{env_id}/audit_logs | List Audit Logs |\n| GET | /v2/pdps/{proj_id}/{env_id}/audit_logs/{log_id} | Get detailed audit log |\n\n### Elements\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /v2/elements/{proj_id}/{env_id}/config | List Elements Configs |\n| POST | /v2/elements/{proj_id}/{env_id}/config | Create Elements Config |\n| GET | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id} | Get Elements Config |\n| PATCH | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id} | Update Elements Config |\n| GET | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/runtime | Get Elements Config Runtime |\n| DELETE | /v2/elements/{proj_id}/{env_id}/{elements_config_id} | Delete Elements Config |\n| GET | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users | List users |\n| POST | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users | Create user |\n| DELETE | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id} | Delete user |\n| GET | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/user-invites | List all Elements User Invites |\n| GET | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/roles | List roles |\n| POST | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id}/roles | Assign role to user |\n| DELETE | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id}/roles | Unassign role from user |\n| POST | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/active | Set Config Active |\n| GET | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/audit_logs | List audit logs |\n| GET | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests | List Access Requests |\n| POST | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests | Create Access Request |\n| GET | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id} | Get Access Request |\n| PATCH | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/reviewer | Update Access Request Reviewer |\n| PUT | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/approve | Approve Access Request |\n| PUT | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/deny | Deny Access Request |\n| PUT | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/cancel | Cancel Access Request |\n| GET | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval | List Operation Approvals |\n| POST | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval | Create Operation Approval |\n| GET | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id} | Get Operation Approval |\n| PATCH | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/reviewer | Update Operation Approval Reviewer |\n| PUT | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/approve | Approve Operation Approval |\n| PUT | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/deny | Deny Operation Approval |\n| PUT | /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/cancel | Cancel Operation Approval |\n\n### Deprecated\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /v2/deprecated/history | List Api Events |\n| GET | /v2/deprecated/history/{event_id} | Get Api Event |\n| GET | /v2/deprecated/history/{event_id}/request | Get Request Body |\n| GET | /v2/deprecated/history/{event_id}/response | Get Response Body |\n| GET | /v2/deprecated/activity | List Activity Events |\n| GET | /v2/deprecated/activity/types | List Activity Types |\n\n### History\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /v2/history | List Api Events |\n| GET | /v2/history/{event_id} | Get Api Event |\n| GET | /v2/history/{event_id}/request | Get Request Body |\n| GET | /v2/history/{event_id}/response | Get Response Body |\n\n### Activity\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /v2/activity | List Activity Events |\n| GET | /v2/activity/types | List Activity Types |\n\n### Policy_guards\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /v2/policy_guards/scopes | List Policy Guard Scopes |\n| POST | /v2/policy_guards/scopes | Create Policy Guard Scope |\n| GET | /v2/policy_guards/scopes/{policy_guard_scope_id} | Get Policy Guard Scope |\n| DELETE | /v2/policy_guards/scopes/{policy_guard_scope_id} | Delete Policy Guard Scope |\n| POST | /v2/policy_guards/scopes/{policy_guard_scope_id}/associate | Associate Policy Guard Scope |\n| DELETE | /v2/policy_guards/scopes/{policy_guard_scope_id}/disassociate | Disassociate Policy Guard Scope |\n| GET | /v2/policy_guards/scopes/{policy_guard_scope_id}/rules | List Policy Guard Rules |\n| POST | /v2/policy_guards/scopes/{policy_guard_scope_id}/rules | Create Policy Guard Rule |\n| DELETE | /v2/policy_guards/scopes/{policy_guard_scope_id}/rules | Delete Policy Guard Rule |\n\n### Audit-log-replay\n| Method | Path | Description |\n|--------|------|-------------|\n| POST | /v2/audit-log-replay | Run the audit log replay |\n\n### Internal\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/optimized | Get All Data Optimized |\n| GET | /v2/internal/opal_data/{org_id}/{proj_id}/{env_id} | Get All Data |\n| GET | /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/users | Get All Users Data |\n| GET | /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/role_assignments | Get All Role Assignments Data |\n| GET | /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/resource_instances | Get All Resource Instances Data |\n| GET | /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/relationships | Get All Relationships Data |\n\n## Common Questions\nMatch user requests to endpoints in references/api-spec.lap. Key patterns:\n- \"List all me?\" -> GET /v2/members/me\n- \"List all members?\" -> GET /v2/members\n- \"Create a member?\" -> POST /v2/members\n- \"Get member details?\" -> GET /v2/members/{member_id}\n- \"Delete a member?\" -> DELETE /v2/members/{member_id}\n- \"Partially update a member?\" -> PATCH /v2/members/{member_id}\n- \"Get api-key details?\" -> GET /v2/api-key/{proj_id}/{env_id}\n- \"List all scope?\" -> GET /v2/api-key/scope\n- \"List all api-key?\" -> GET /v2/api-key\n- \"Create a api-key?\" -> POST /v2/api-key\n- \"Delete a api-key?\" -> DELETE /v2/api-key/{api_key_id}\n- \"Create a rotate-secret?\" -> POST /v2/api-key/{api_key_id}/rotate-secret\n- \"Search orgs?\" -> GET /v2/orgs\n- \"Create a org?\" -> POST /v2/orgs\n- \"Get org details?\" -> GET /v2/orgs/{org_id}\n- \"Delete a org?\" -> DELETE /v2/orgs/{org_id}\n- \"Partially update a org?\" -> PATCH /v2/orgs/{org_id}\n- \"List all org?\" -> GET /v2/orgs/active/org\n- \"List all stats?\" -> GET /v2/orgs/{org_id}/stats\n- \"List all invites?\" -> GET /v2/orgs/{org_id}/invites\n- \"Create a invite?\" -> POST /v2/orgs/{org_id}/invites\n- \"Delete a invite?\" -> DELETE /v2/orgs/{org_id}/invites/{invite_id}\n- \"List all projects?\" -> GET /v2/projects\n- \"Create a project?\" -> POST /v2/projects\n- \"Get project details?\" -> GET /v2/projects/{proj_id}\n- \"Delete a project?\" -> DELETE /v2/projects/{proj_id}\n- \"Partially update a project?\" -> PATCH /v2/projects/{proj_id}\n- \"List all envs?\" -> GET /v2/projects/{proj_id}/envs\n- \"Create a env?\" -> POST /v2/projects/{proj_id}/envs\n- \"Get env details?\" -> GET /v2/projects/{proj_id}/envs/{env_id}\n- \"Delete a env?\" -> DELETE /v2/projects/{proj_id}/envs/{env_id}\n- \"Partially update a env?\" -> PATCH /v2/projects/{proj_id}/envs/{env_id}\n- \"Create a copy?\" -> POST /v2/projects/{proj_id}/envs/{env_id}/copy\n- \"Create a async?\" -> POST /v2/projects/{proj_id}/envs/{env_id}/copy/async\n- \"List all result?\" -> GET /v2/projects/{proj_id}/envs/{env_id}/copy/async/{task_id}/result\n- \"Create a test_jwk?\" -> POST /v2/projects/{proj_id}/envs/{env_id}/test_jwks\n- \"Search condition_sets?\" -> GET /v2/schema/{proj_id}/{env_id}/condition_sets\n- \"Create a condition_set?\" -> POST /v2/schema/{proj_id}/{env_id}/condition_sets\n- \"Get condition_set details?\" -> GET /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}\n- \"Delete a condition_set?\" -> DELETE /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}\n- \"Partially update a condition_set?\" -> PATCH /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}\n- \"List all ancestors?\" -> GET /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}/ancestors\n- \"List all descendants?\" -> GET /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}/descendants\n- \"Create a implicit_grant?\" -> POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/implicit_grants\n- \"List all action_groups?\" -> GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups\n- \"Create a action_group?\" -> POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups\n- \"Get action_group details?\" -> GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id}\n- \"Delete a action_group?\" -> DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id}\n- \"Partially update a action_group?\" -> PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id}\n- \"List all actions?\" -> GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions\n- \"Create a action?\" -> POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions\n- \"Get action details?\" -> GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id}\n- \"Delete a action?\" -> DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id}\n- \"Partially update a action?\" -> PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id}\n- \"List all attributes?\" -> GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes\n- \"Create a attribute?\" -> POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes\n- \"Get attribute details?\" -> GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id}\n- \"Delete a attribute?\" -> DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id}\n- \"Partially update a attribute?\" -> PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id}\n- \"List all relations?\" -> GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations\n- \"Create a relation?\" -> POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations\n- \"Get relation details?\" -> GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations/{relation_id}\n- \"Delete a relation?\" -> DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations/{relation_id}\n- \"List all roles?\" -> GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles\n- \"Create a role?\" -> POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles\n- \"Get role details?\" -> GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}\n- \"Delete a role?\" -> DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}\n- \"Partially update a role?\" -> PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}\n- \"Create a permission?\" -> POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/permissions\n- \"Search resources?\" -> GET /v2/schema/{proj_id}/{env_id}/resources\n- \"Create a resource?\" -> POST /v2/schema/{proj_id}/{env_id}/resources\n- \"Get resource details?\" -> GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}\n- \"Update a resource?\" -> PUT /v2/schema/{proj_id}/{env_id}/resources/{resource_id}\n- \"Delete a resource?\" -> DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}\n- \"Partially update a resource?\" -> PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}\n- \"Search roles?\" -> GET /v2/schema/{proj_id}/{env_id}/roles\n- \"Search direct?\" -> GET /v2/schema/{proj_id}/{env_id}/groups/direct\n- \"Get direct details?\" -> GET /v2/schema/{proj_id}/{env_id}/groups/direct/{group_instance_key}\n- \"List all children?\" -> GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/children\n- \"List all parents?\" -> GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/parents\n- \"List all users?\" -> GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users\n- \"Get group details?\" -> GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}\n- \"Delete a group?\" -> DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}\n- \"Search groups?\" -> GET /v2/schema/{proj_id}/{env_id}/groups\n- \"Create a group?\" -> POST /v2/schema/{proj_id}/{env_id}/groups\n- \"Update a user?\" -> PUT /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users/{user_id}\n- \"Delete a user?\" -> DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users/{user_id}\n- \"Search users?\" -> GET /v2/facts/{proj_id}/{env_id}/users\n- \"Create a user?\" -> POST /v2/facts/{proj_id}/{env_id}/users\n- \"Get user details?\" -> GET /v2/facts/{proj_id}/{env_id}/users/{user_id}\n- \"Partially update a user?\" -> PATCH /v2/facts/{proj_id}/{env_id}/users/{user_id}\n- \"Search tenants?\" -> GET /v2/facts/{proj_id}/{env_id}/tenants\n- \"Create a tenant?\" -> POST /v2/facts/{proj_id}/{env_id}/tenants\n- \"Get tenant details?\" -> GET /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}\n- \"Delete a tenant?\" -> DELETE /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}\n- \"Partially update a tenant?\" -> PATCH /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}\n- \"List all detailed?\" -> GET /v2/facts/{proj_id}/{env_id}/role_assignments/detailed\n- \"List all role_assignments?\" -> GET /v2/facts/{proj_id}/{env_id}/role_assignments\n- \"Create a role_assignment?\" -> POST /v2/facts/{proj_id}/{env_id}/role_assignments\n- \"Create a bulk?\" -> POST /v2/facts/{proj_id}/{env_id}/role_assignments/bulk\n- \"List all set_rules?\" -> GET /v2/facts/{proj_id}/{env_id}/set_rules\n- \"Create a set_rule?\" -> POST /v2/facts/{proj_id}/{env_id}/set_rules\n- \"Search detailed?\" -> GET /v2/facts/{proj_id}/{env_id}/resource_instances/detailed\n- \"Search resource_instances?\" -> GET /v2/facts/{proj_id}/{env_id}/resource_instances\n- \"Create a resource_instance?\" -> POST /v2/facts/{proj_id}/{env_id}/resource_instances\n- \"Get resource_instance details?\" -> GET /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id}\n- \"Delete a resource_instance?\" -> DELETE /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id}\n- \"Partially update a resource_instance?\" -> PATCH /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id}\n- \"List all proxy_configs?\" -> GET /v2/facts/{proj_id}/{env_id}/proxy_configs\n- \"Create a proxy_config?\" -> POST /v2/facts/{proj_id}/{env_id}/proxy_configs\n- \"Get proxy_config details?\" -> GET /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id}\n- \"Delete a proxy_config?\" -> DELETE /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id}\n- \"Partially update a proxy_config?\" -> PATCH /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id}\n- \"List all email_configurations?\" -> GET /v2/facts/{proj_id}/{env_id}/email_configurations\n- \"Create a email_configuration?\" -> POST /v2/facts/{proj_id}/{env_id}/email_configurations\n- \"Create a send_test_email?\" -> POST /v2/facts/{proj_id}/{env_id}/email_configurations/send_test_email\n- \"List all email_templates?\" -> GET /v2/facts/{proj_id}/{env_id}/email_templates/\n- \"Get email_template details?\" -> GET /v2/facts/{proj_id}/{env_id}/email_templates/{template_type}\n- \"List all relationship_tuples?\" -> GET /v2/facts/{proj_id}/{env_id}/relationship_tuples\n- \"Create a relationship_tuple?\" -> POST /v2/facts/{proj_id}/{env_id}/relationship_tuples\n- \"Search user_invites?\" -> GET /v2/facts/{proj_id}/{env_id}/user_invites\n- \"Create a user_invite?\" -> POST /v2/facts/{proj_id}/{env_id}/user_invites\n- \"Get user_invite details?\" -> GET /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}\n- \"Delete a user_invite?\" -> DELETE /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}\n- \"Partially update a user_invite?\" -> PATCH /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}\n- \"Create a approve?\" -> POST /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}/approve\n- \"List all configs?\" -> GET /v2/pdps/{proj_id}/{env_id}/configs\n- \"List all values?\" -> GET /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/values\n- \"Create a rotate-api-key?\" -> POST /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/rotate-api-key\n- \"Create a migrate-shard?\" -> POST /v2/pdps/{proj_id}/{env_id}/configs/migrate-shards\n- \"Search audit_logs?\" -> GET /v2/pdps/{proj_id}/{env_id}/audit_logs\n- \"Get audit_log details?\" -> GET /v2/pdps/{proj_id}/{env_id}/audit_logs/{log_id}\n- \"List all repos?\" -> GET /v2/projects/{proj_id}/repos\n- \"Create a repo?\" -> POST /v2/projects/{proj_id}/repos\n- \"List all active?\" -> GET /v2/projects/{proj_id}/repos/active\n- \"Get repo details?\" -> GET /v2/projects/{proj_id}/repos/{repo_id}\n- \"Delete a repo?\" -> DELETE /v2/projects/{proj_id}/repos/{repo_id}\n- \"List all config?\" -> GET /v2/elements/{proj_id}/{env_id}/config\n- \"Create a config?\" -> POST /v2/elements/{proj_id}/{env_id}/config\n- \"Get config details?\" -> GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}\n- \"Partially update a config?\" -> PATCH /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}\n- \"List all runtime?\" -> GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/runtime\n- \"Delete a element?\" -> DELETE /v2/elements/{proj_id}/{env_id}/{elements_config_id}\n- \"Search user-invites?\" -> GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/user-invites\n- \"Create a active?\" -> POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/active\n- \"List all access_requests?\" -> GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests\n- \"Create a access_request?\" -> POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests\n- \"Get access_request details?\" -> GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}\n- \"List all operation_approval?\" -> GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval\n- \"Create a operation_approval?\" -> POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval\n- \"Get operation_approval details?\" -> GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}\n- \"List all history?\" -> GET /v2/deprecated/history\n- \"Get history details?\" -> GET /v2/deprecated/history/{event_id}\n- \"List all request?\" -> GET /v2/deprecated/history/{event_id}/request\n- \"List all response?\" -> GET /v2/deprecated/history/{event_id}/response\n- \"List all activity?\" -> GET /v2/activity\n- \"List all types?\" -> GET /v2/activity/types\n- \"List all scopes?\" -> GET /v2/policy_guards/scopes\n- \"Create a scope?\" -> POST /v2/policy_guards/scopes\n- \"Get scope details?\" -> GET /v2/policy_guards/scopes/{policy_guard_scope_id}\n- \"Delete a scope?\" -> DELETE /v2/policy_guards/scopes/{policy_guard_scope_id}\n- \"Create a associate?\" -> POST /v2/policy_guards/scopes/{policy_guard_scope_id}/associate\n- \"List all rules?\" -> GET /v2/policy_guards/scopes/{policy_guard_scope_id}/rules\n- \"Create a rule?\" -> POST /v2/policy_guards/scopes/{policy_guard_scope_id}/rules\n- \"List all opal_scope?\" -> GET /v2/projects/{proj_id}/{env_id}/opal_scope\n- \"Create a audit-log-replay?\" -> POST /v2/audit-log-replay\n- \"List all optimized?\" -> GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/optimized\n- \"Get opal_data details?\" -> GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}\n- \"List all resource_instances?\" -> GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/resource_instances\n- \"List all relationships?\" -> GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/relationships\n- \"How to authenticate?\" -> See Auth section above\n\n## Response Tips\n- Check response schemas in references/api-spec.lap for field details\n- Paginated endpoints accept limit/offset or cursor parameters\n- Create/update endpoints return the modified resource on success\n- Error responses include status codes and descriptions in the spec\n\n## References\n- Full spec: See references/api-spec.lap for complete endpoint details, parameter tables, and response schemas\n\n> Generated from the official API spec by [LAP](https://lap.sh)\n","references/api-spec.lap":"@lap v0.3\n# Machine-readable API spec. Each @endpoint block is one API call.\n@api Permit.io API\n@version 2.0.0\n@auth Bearer bearer\n@endpoints 258\n@hint download_for_search\n@toc members(7), api-key(7), orgs(10), projects(25), schema(75), facts(69), pdps(8), elements(29), deprecated(6), history(4), activity(2), policy_guards(9), audit-log-replay(1), internal(6)\n\n@group members\n@endpoint GET /v2/members/me\n@desc Get the authenticated account member\n@returns(200) {id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map, grants: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/members\n@desc List Organization Members\n@optional {project_id: str(uuid), env_id: str(uuid), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/members\n@desc Invite new members\n@required {permissions: [map{organization_id!: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type!: str, access_level!: str, organization_key: str, project_key: str, environment_key: str, organization_name: str, project_name: str, environment_name: str}]}\n@optional {inviter_name: str, inviter_email: str, id: str(uuid) # Unique id of the account member, email: str(email) # Email of the user controlling this account}\n@returns(200) {id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map, grants: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/members\n@desc Remove permission\n@required {id: str(uuid) # Unique id of the account member, permissions: [map{organization_id!: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type!: str, access_level!: str, organization_key: str, project_key: str, environment_key: str, organization_name: str, project_name: str, environment_name: str}]}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/members/{member_id}\n@desc Get Organization Member\n@required {member_id: str # Either the unique id (UUID) of the account member, or the email address of the account member.}\n@returns(200) {id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map, grants: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/members/{member_id}\n@desc Remove member\n@required {member_id: str # Either the unique id (UUID) of the account member, or the email address of the account member.}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/members/{member_id}\n@desc Edit members\n@required {member_id: str # Either the unique id (UUID) of the account member, or the email address of the account member.}\n@optional {settings: map # Custom permit.io dashboard settings, such as preferred theme, etc., onboarding_step: any # updates the onboarding step (optional)}\n@returns(200) {id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map, grants: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group api-key\n@endpoint GET /v2/api-key/{proj_id}/{env_id}\n@desc Get Environment Api Key\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type: any, access_level: any, owner_type: str, name: str, id: str(uuid), secret: str, created_at: str(date-time), created_by_member: map{id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map}, last_used_at: str(date-time), env: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map}, project: map{key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/api-key/scope\n@desc Get Api Key Scope\n@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/api-key\n@desc List Api Keys\n@optional {object_type: str, proj_id: str # Optional project filter by project id or key, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/api-key\n@desc Create Api Key\n@required {organization_id: str(uuid)}\n@optional {project_id: str(uuid), environment_id: str(uuid), object_type: any=env, access_level: any=admin, owner_type: any=member, name: str}\n@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type: any, access_level: any, owner_type: str, name: str, id: str(uuid), secret: str, created_at: str(date-time), created_by_member: map{id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map}, last_used_at: str(date-time), env: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map}, project: map{key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/api-key/{api_key_id}\n@desc Get Api Key\n@required {api_key_id: str # The unique id of the API key}\n@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type: any, access_level: any, owner_type: str, name: str, id: str(uuid), secret: str, created_at: str(date-time), created_by_member: map{id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map}, last_used_at: str(date-time), env: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map}, project: map{key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/api-key/{api_key_id}\n@desc Delete Api Key\n@required {api_key_id: str # The unique id of the API key}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/api-key/{api_key_id}/rotate-secret\n@desc Rotate API Key\n@required {api_key_id: str(uuid) # The unique id of the API key}\n@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type: any, access_level: any, owner_type: str, name: str, id: str(uuid), secret: str, created_at: str(date-time), created_by_member: map{id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map}, last_used_at: str(date-time), env: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map}, project: map{key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)}} # Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group orgs\n@endpoint GET /v2/orgs\n@desc List Organizations\n@optional {search: any # Text search for the org name or key or id, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/orgs\n@desc Create Organization\n@required {key: str # A URL-friendly name of the organization (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the organization., name: str # The name of the organization, usually it's your company's name.}\n@optional {page_full_url: str=page_full_url, settings: map # the settings for this project}\n@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map, api_key_id: str(uuid), api_key_secret: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/orgs/{org_id}\n@desc Get Organization\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/orgs/{org_id}\n@desc Delete Organization\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/orgs/{org_id}\n@desc Update Organization\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\").}\n@optional {name: str # The name of the organization, usually it's your company's name., settings: map # the settings for this project}\n@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/orgs/active/org\n@desc Get Active Organization\n@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/orgs/{org_id}/stats\n@desc Stats Organization\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map, stats: map{projects: int, environments: int, users: int}, historical_usage: map{current_month: map{mau: int, tenants: int, monthly_tenants: [str(uuid)], month: int, year: int}, previous_month: map{mau: int, tenants: int, monthly_tenants: [str(uuid)], month: int, year: int}, two_months_ago: map{mau: int, tenants: int, monthly_tenants: [str(uuid)], month: int, year: int}}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/orgs/{org_id}/invites\n@desc List Organization Invites\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/orgs/{org_id}/invites\n@desc Invite Members To Organization\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\").}\n@optional {inviter_name: str, inviter_email: str}\n@returns(200) {success: [map], failed: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/orgs/{org_id}/invites/{invite_id}\n@desc Cancel Invite\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., invite_id: str(uuid) # Id of the invite to cancel}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group projects\n@endpoint GET /v2/projects\n@desc List Projects\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/projects\n@desc Create Project\n@required {key: str # A URL-friendly name of the project (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the project., name: str # The name of the project}\n@optional {urn_namespace: str # Optional namespace for URNs. If empty, URNs will be generated from project key., description: str # a longer description outlining the project objectives, settings: map # the settings for this project, active_policy_repo_id: str(uuid) # the id of the policy repo to use for this project, initial_environments: [map{key!: str, name!: str, description: str, custom_branch_name: str, jwks: any, settings: map}]=[object Object],[object Object] # The initial environments to create for this project. By default, 'Development' and 'Production' are created, specify [] (empty list) to skip that.}\n@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}\n@desc Get Project\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/projects/{proj_id}\n@desc Delete Project\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/projects/{proj_id}\n@desc Update Project\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@optional {name: str # The name of the project, description: str # a longer description outlining the project objectives, settings: map # the settings for this project, active_policy_repo_id: str(uuid) # the id of the policy repo to use for this project}\n@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}/envs/{env_id}/stats\n@desc Stats Environments\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map, pdp_configs: [map], stats: map{roles: int, users: int, policies: int, resources: int, tenants: int, has_decision_logs: bool, members: [map], mau: int}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}/envs\n@desc List Environments\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/projects/{proj_id}/envs\n@desc Create Environment\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., key: str # A URL-friendly name of the environment (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the environment., name: str # The name of the environment}\n@optional {description: str # an optional longer description of the environment, custom_branch_name: str # when using gitops feature, an optional branch name for the environment, jwks: any # jwks for element frontend only login, settings: map # the settings for this environment}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}/envs/{env_id}\n@desc Get Environment\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map, email_configuration: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/projects/{proj_id}/envs/{env_id}\n@desc Delete Environment\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/projects/{proj_id}/envs/{env_id}\n@desc Update Environment\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # The name of the environment, description: str # an optional longer description of the environment, custom_branch_name: str # when using gitops feature, an optional branch name for the environment, jwks: any # jwks for element frontend only login, settings: map # the settings for this environment}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/projects/{proj_id}/envs/{env_id}/copy\n@desc Copy Environment\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., target_env: any # If copying a new environment, the environment configuration. If copying to an existing environment, the environment identifier}\n@optional {conflict_strategy: any=fail # Action to take when detecting a conflict when copying. Only applies to copying into an existing environment, scope: any=[object Object] # Filters to include and exclude copied objects}\n@returns(201) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/projects/{proj_id}/envs/{env_id}/copy/async\n@desc Copy Environment Async\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., target_env: any # If copying a new environment, the environment configuration. If copying to an existing environment, the environment identifier}\n@optional {wait: num=0 # Time in seconds to wait for the task to complete. Default is 0, means no wait., conflict_strategy: any=fail # Action to take when detecting a conflict when copying. Only applies to copying into an existing environment, scope: any=[object Object] # Filters to include and exclude copied objects}\n@returns(202) {task_id: str, status: any, result: any, error: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}/envs/{env_id}/copy/async/{task_id}/result\n@desc Get Copy Environment Task Result\n@required {task_id: str # The unique id of the task., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {wait: num=0 # Time in seconds to wait for the task to complete. Default is 0, means no wait.}\n@returns(200) {task_id: str, status: any, result: any, error: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/projects/{proj_id}/envs/{env_id}/test_jwks\n@desc Test Jwks By Url\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {url: str # URL of JWKs to test}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group schema\n@endpoint PUT /v2/schema/{proj_id}/{env_id}/bulk/roles\n@desc Bulk Create Or Replace Roles\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., operations: [map{name!: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key!: str, resource: str}]}\n@returns(200) {created: [str], updated: [str]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/condition_sets\n@desc List Condition Sets\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the condition sets name or key, type: any # if provided, will return only the condition sets of the specified type. e.g: only user sets., include_total_count: bool=false # Include total count in response, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/condition_sets\n@desc Create Condition Set\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique id by which Permit will identify the condition set. The key will be used as the generated rego rule name., name: str # A descriptive name for the set, i.e: 'US based employees' or 'Users behind VPN'}\n@optional {type: any=userset # the type of the set: UserSet or ResourceSet, autogenerated: bool=false # whether the set was autogenerated by the system., resource_id: any # For ResourceSets, the id of the base resource., description: str # an optional longer description of the set, conditions: map=[object Object] # a boolean expression that consists of multiple conditions, with and/or logic., parent_id: any # Parent Condition Set}\n@returns(200) {key: str, type: any, autogenerated: bool, resource_id: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map}, name: str, description: str, conditions: map, parent_id: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}\n@desc Get Condition Set\n@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, type: any, autogenerated: bool, resource_id: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map}, name: str, description: str, conditions: map, parent_id: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}\n@desc Delete Condition Set\n@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}\n@desc Update Condition Set\n@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # A descriptive name for the set, i.e: 'US based employees' or 'Users behind VPN', description: str # an optional longer description of the set, conditions: map=[object Object] # a boolean expression that consists of multiple conditions, with and/or logic., parent_id: any # Parent Condition Set}\n@returns(200) {key: str, type: any, autogenerated: bool, resource_id: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map}, name: str, description: str, conditions: map, parent_id: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}/ancestors\n@desc Get Condition Set Ancestors\n@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}/descendants\n@desc Get Condition Set Descendants\n@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/implicit_grants\n@desc Create Implicit Grant\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role key that needs to exist on the related resource (from the relation), on_resource: str # the resource key that needs to exist on the related role (from the relation), linked_by_relation: str # the relation key that needs to exist between the resource and the related resource}\n@optional {when: any=[object Object] # the settings of the derived role rule}\n@returns(200) {role_id: str(uuid), resource_id: str(uuid), relation_id: str(uuid), role: str, on_resource: str, linked_by_relation: str, when: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/implicit_grants\n@desc Delete Implicit Grant\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role key that needs to exist on the related resource (from the relation), on_resource: str # the resource key that needs to exist on the related role (from the relation), linked_by_relation: str # the relation key that needs to exist between the resource and the related resource}\n@optional {when: any=[object Object] # the settings of the derived role rule}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/implicit_grants/conditions\n@desc Update Implicit Grants Conditions\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {no_direct_roles_on_object: bool=false # If true, the derived role or the specific rule will not apply if the resource has any direct role}\n@returns(200) {no_direct_roles_on_object: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups\n@desc List Resource Action Groups\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups\n@desc Create Resource Action Group\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the action group (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the action group., name: str # The name of the action group}\n@optional {description: str # An optional longer description of what this action group represents in your system, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this action group. This metadata can be used to filter action groups using query parameters with attr_ prefix, actions: [str]=}\n@returns(200) {name: str, description: str, attributes: map, actions: [str], key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id}\n@desc Get Resource Action Group\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., action_group_id: str # Either the unique id of the action group, or the URL-friendly key of the action group (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {name: str, description: str, attributes: map, actions: [str], key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id}\n@desc Delete Resource Action Group\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., action_group_id: str # Either the unique id of the action group, or the URL-friendly key of the action group (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id}\n@desc Update Resource Action Group\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., action_group_id: str # Either the unique id of the action group, or the URL-friendly key of the action group (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # The name of the action group, description: str # An optional longer description of what this action group represents in your system, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this action group. This metadata can be used to filter action groups using query parameters with attr_ prefix, actions: [str]=}\n@returns(200) {name: str, description: str, attributes: map, actions: [str], key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions\n@desc List Resource Actions\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions\n@desc Create Resource Action\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the action (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the action., name: str # The name of the action}\n@optional {description: str # An optional longer description of what this action respresents in your system, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this action. This metadata can be used to filter actions using query parameters with attr_ prefix, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str}\n@returns(200) {name: str, description: str, attributes: map, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str, key: str, id: str(uuid), permission_name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id}\n@desc Get Resource Action\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., action_id: str # Either the unique id of the action, or the URL-friendly key of the action (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {name: str, description: str, attributes: map, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str, key: str, id: str(uuid), permission_name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id}\n@desc Delete Resource Action\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., action_id: str # Either the unique id of the action, or the URL-friendly key of the action (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id}\n@desc Update Resource Action\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., action_id: str # Either the unique id of the action, or the URL-friendly key of the action (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # The name of the action, description: str # An optional longer description of what this action respresents in your system, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this action. This metadata can be used to filter actions using query parameters with attr_ prefix, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str}\n@returns(200) {name: str, description: str, attributes: map, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str, key: str, id: str(uuid), permission_name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes\n@desc List Resource Attributes\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes\n@desc Create Resource Attribute\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the attribute (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the attribute., type: any # The type of the attribute, we currently support: `bool`, `number` (ints, floats), `time` (a timestamp), `string`, and `json`.}\n@optional {description: str # An optional longer description of what this attribute respresents in your system}\n@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id}\n@desc Get Resource Attribute\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id}\n@desc Delete Resource Attribute\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id}\n@desc Update Resource Attribute\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {type: any # The type of the attribute, we currently support: `bool`, `number` (ints, floats), `time` (a timestamp), `string`, and `json`., description: str # An optional longer description of what this attribute respresents in your system}\n@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations\n@desc List Resource Relations\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations\n@desc Create Resource Relation\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the relation (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the relation., name: str # The name of the relation, subject_resource: str # The subject resource ID or key}\n@optional {description: str # An optional longer description of what this relation represents in your system}\n@returns(200) {description: str, subject_resource: str, key: str, name: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), object_resource_id: str(uuid), object_resource: str, subject_resource_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations/{relation_id}\n@desc Get Resource Relation\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., relation_id: str # Either the unique id of the relation, or the URL-friendly key of the relation (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {description: str, subject_resource: str, key: str, name: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), object_resource_id: str(uuid), object_resource: str, subject_resource_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations/{relation_id}\n@desc Delete Resource Relation\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., relation_id: str # Either the unique id of the relation, or the URL-friendly key of the relation (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles\n@desc List Resource Roles\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles\n@desc Create Resource Role\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the role (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the role., name: str # The name of the role}\n@optional {description: str # optional description string explaining what this role represents, or what permissions are granted to it., permissions: [str] # list of action keys that define what actions this resource role is permitted to do, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this role. This metadata can be used to filter role using query parameters with attr_ prefix, currently supports only 'equals' operator, extends: [str] # list of role keys that define what roles this role extends. In other words: this role will automatically inherit all the permissions of the given roles in this list., granted_to: any # Derived role that inherit will be applied on this role, v1compat_settings: map, v1compat_attributes: map}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}\n@desc Get Resource Role\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}\n@desc Delete Resource Role\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}\n@desc Update Resource Role\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # The name of the role, description: str # optional description string explaining what this role represents, or what permissions are granted to it., permissions: [str] # list of action keys that define what actions this resource role is permitted to do, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this role. This metadata can be used to filter role using query parameters with attr_ prefix, currently supports only 'equals' operator, extends: [str]= # list of role keys that define what roles this role extends. In other words: this role will automatically inherit all the permissions of the given roles in this list., granted_to: any # Derived role that inherit will be applied on this role}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/permissions\n@desc Assign Permissions to Role\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., permissions: [str] # List of permissions to assign to the role. If a permission is already granted to the role it is skipped. Each permission can be either a resource action id, or `{resource_key}:{action_key}`, i.e: the \"permission name\".}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/permissions\n@desc Remove Permissions from Role\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., permissions: [str] # List of permissions to remove from the role. If a permission is not found it is skipped. Each permission can be either a resource action id, or `{resource_key}:{action_key}`,i.e: the \"permission name\".}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/ancestors\n@desc Get Resource Role Ancestors\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {roles: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/descendants\n@desc Get Resource Role Descendants\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {roles: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources\n@desc List Resources\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {include_built_in: bool=false # Whether to include or exclude built-in resources, default is False, include_total_count: bool=false # Include total count in response, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., search: str # Text search for the object name or key}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources\n@desc Create Resource\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the resource (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the resource., name: str # The name of the resource, actions: map # A actions definition block, typically contained within a resource type definition block.         The actions represents the ways you can interact with a protected resource.}\n@optional {urn: str # The [URN](https://en.wikipedia.org/wiki/Uniform_Resource_Name) (Uniform Resource Name) of the resource, description: str # An optional longer description of what this resource respresents in your system, type_attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this resource. This metadata can be used to filter resource using query parameters with attr_ prefix, attributes: map # Attributes that each resource of this type defines, and can be used in your ABAC policies., roles: map # Roles defined on this resource. The key is the role name, and the value contains the role properties such as granted permissions, base roles, etc., relations: map # Relations to other resources. The key is the relation key, and the value is the related resource., v1compat_path: str, v1compat_type: str, v1compat_name: str}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}\n@desc Get Resource\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/schema/{proj_id}/{env_id}/resources/{resource_id}\n@desc Replace Resource\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., name: str # The name of the resource, actions: map # A actions definition block, typically contained within a resource type definition block.         The actions represents the ways you can interact with a protected resource.}\n@optional {urn: str # The [URN](https://en.wikipedia.org/wiki/Uniform_Resource_Name) (Uniform Resource Name) of the resource, description: str # An optional longer description of what this resource respresents in your system, type_attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this resource. This metadata can be used to filter resource using query parameters with attr_ prefix, attributes: map # Attributes that each resource of this type defines, and can be used in your ABAC policies., roles: map # Roles defined on this resource. The key is the role name, and the value contains the role properties such as granted permissions, base roles, etc., relations: map # Relations to other resources. The key is the relation key, and the value is the related resource., v1compat_path: str, v1compat_type: str, v1compat_name: str}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}\n@desc Delete Resource\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}\n@desc Update Resource\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # The name of the resource, urn: str # The [URN](https://en.wikipedia.org/wiki/Uniform_Resource_Name) (Uniform Resource Name) of the resource, description: str # An optional longer description of what this resource respresents in your system, actions: map # A actions definition block, typically contained within a resource type definition block.         The actions represents the ways you can interact with a protected resource., type_attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this resource. This metadata can be used to filter resource using query parameters with attr_ prefix, attributes: map # Attributes that each resource of this type defines, and can be used in your ABAC policies., roles: map # Roles defined on this resource. The key is the role name, and the value contains the role properties such as granted permissions, base roles, etc., relations: map # Relations to other resources. The key is the relation key, and the value is the related resource., v1compat_path: str, v1compat_type: str, v1compat_name: str}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/roles\n@desc List Roles\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {include_total_count: bool=false # Include total count in response, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., search: str # Text search for the object name or key}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/roles\n@desc Create Role\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the role (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the role., name: str # The name of the role}\n@optional {description: str # optional description string explaining what this role represents, or what permissions are granted to it., permissions: [str] # list of action keys that define what actions this resource role is permitted to do, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this role. This metadata can be used to filter role using query parameters with attr_ prefix, currently supports only 'equals' operator, extends: [str] # list of role keys that define what roles this role extends. In other words: this role will automatically inherit all the permissions of the given roles in this list., granted_to: any # Derived role that inherit will be applied on this role, v1compat_settings: map, v1compat_attributes: map, v1compat_is_built_in: bool}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/roles/{role_id}\n@desc Get Role\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/roles/{role_id}\n@desc Delete Role\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/roles/{role_id}\n@desc Update Role\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # The name of the role, description: str # optional description string explaining what this role represents, or what permissions are granted to it., permissions: [str] # list of action keys that define what actions this resource role is permitted to do, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this role. This metadata can be used to filter role using query parameters with attr_ prefix, currently supports only 'equals' operator, extends: [str] # list of role keys that define what roles this role extends. In other words: this role will automatically inherit all the permissions of the given roles in this list., granted_to: any # Derived role that inherit will be applied on this role, v1compat_settings: map, v1compat_attributes: map}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/roles/{role_id}/permissions\n@desc Assign Permissions To Role\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., permissions: [str] # List of permissions to assign to the role. If a permission is already granted to the role it is skipped. Each permission can be either a resource action id, or `{resource_key}:{action_key}`, i.e: the \"permission name\".}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/roles/{role_id}/permissions\n@desc Remove Permissions From Role\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., permissions: [str] # List of permissions to remove from the role. If a permission is not found it is skipped. Each permission can be either a resource action id, or `{resource_key}:{action_key}`,i.e: the \"permission name\".}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/roles/{role_id}/ancestors\n@desc Get Role Ancestors\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {roles: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/roles/{role_id}/descendants\n@desc Get Role Descendants\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {roles: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/users/attributes\n@desc List User Attributes\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {resource_id: str=__user, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/users/attributes\n@desc Create User Attribute\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the attribute (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the attribute., type: any # The type of the attribute, we currently support: `bool`, `number` (ints, floats), `time` (a timestamp), `string`, and `json`.}\n@optional {resource_id: str=__user, description: str # An optional longer description of what this attribute respresents in your system}\n@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/users/attributes/{attribute_id}\n@desc Get User Attribute\n@required {attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {resource_id: str=__user}\n@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/users/attributes/{attribute_id}\n@desc Delete User Attribute\n@required {attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {resource_id: str=__user, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/users/attributes/{attribute_id}\n@desc Update User Attribute\n@required {attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {resource_id: str=__user, type: any # The type of the attribute, we currently support: `bool`, `number` (ints, floats), `time` (a timestamp), `string`, and `json`., description: str # An optional longer description of what this attribute respresents in your system}\n@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/direct\n@desc List Direct Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {tenant: str # The tenant key or id to filter by, resource: str # The resource key or id to filter by, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., search: str # Text search for the object name or key}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/direct/{group_instance_key}\n@desc Get Direct Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@returns(200) {group_resource_type_key: str, group_instance_key: str, group_tenant: str, id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/children\n@desc List group children (EAP)\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/parents\n@desc List group parents (EAP)\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users\n@desc List group users (EAP)\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/roles\n@desc List group roles (EAP)\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/roles\n@desc Assign Role To Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\")., role: str # The role key or id that will be assigned to the group., resource: str # The resource key or id that the role belongs to., resource_instance: str # The resource instance key or id that the role belongs to., tenant: str # The tenant key or id that the role belongs to.}\n@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/roles\n@desc Remove Role From Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\")., role: str # The role key or id that will be assigned to the group., resource: str # The resource key or id that the role belongs to., resource_instance: str # The resource instance key or id that the role belongs to., tenant: str # The tenant key or id that the role belongs to.}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}\n@desc Get Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}\n@desc Delete Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups\n@desc List Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {tenant: str # The tenant key or id to filter by, resource: str # The resource key or id to filter by, include_total_count: bool=false # Include total count in response(will make the request slower), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., search: str # Text search for the object name or key}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/groups\n@desc Create Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance that that the group belongs to, or the URL-friendly key of the  (i.e: file:my_file), group_tenant: str # The tenant key or id that the group belongs to.}\n@optional {group_resource_type_key: str=group # The key of the resource type that the group belongs to.}\n@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users/{user_id}\n@desc Assign User To Group\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\")., tenant: str # The tenant key or id that the user belongs to.}\n@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users/{user_id}\n@desc Remove User From Group\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\")., tenant: str # The tenant key or id that the user belongs to.}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/assign_group\n@desc Assign Group To Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance that that the group belongs to, or the URL-friendly key of the  (i.e: file:my_file)}\n@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/assign_group\n@desc Remove Group From Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance that that the group belongs to, or the URL-friendly key of the  (i.e: file:my_file)}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group facts\n@endpoint GET /v2/facts/{proj_id}/{env_id}/users\n@desc List Users\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the email field, role: str # Match users with a specific role. To filter users without any roles, send an empty string., include_resource_instance_roles: bool=false # Should add resource instance roles, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/users\n@desc Create User\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique id by which Permit will identify the user for permission checks.}\n@optional {email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies., role_assignments: [map{role!: str, tenant: str, resource_instance: str}] # List of roles to assign to the user in the environment.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/users/{user_id}\n@desc Get User\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/facts/{proj_id}/{env_id}/users/{user_id}\n@desc Replace User\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique id by which Permit will identify the user for permission checks.}\n@optional {email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies., role_assignments: [map{role!: str, tenant: str, resource_instance: str}] # List of roles to assign to the user in the environment.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # An existing user was replaced\n@returns(201) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # An new user was created\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/users/{user_id}\n@desc Delete User\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/facts/{proj_id}/{env_id}/users/{user_id}\n@desc Update User\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/users/{user_id}/roles\n@desc Assign Role To User\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role that will be assigned (accepts either the role id or the role key)}\n@optional {tenant: str # the tenant the role is associated with (accepts either the tenant id or the tenant key), resource_instance: str # the resource instance the role is associated with (accepts either the resource instance id or key using this format resource_type:resource_instance)The resource instance will be implicitly created if the tenant parameter is specified and the resource instance does not exist.}\n@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/users/{user_id}/roles\n@desc Unassign Role From User\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role that will be unassigned (accepts either the role id or the role key), tenant: str # the tenant the role is associated with (accepts either the tenant id or the tenant key)}\n@optional {return_deleted: bool=false # Whether to return the deleted role assignment, status code will be 200 instead of the default 204 if true, resource_instance: str # the resource instance the role is associated with (accepts either the resource instance id or key using this format resource_type:resource_instance)}\n@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Role assignment removed successfully\n@returns(204) Role assignment removed successfully\n@errors {404: Role assignment not found, 422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}/users\n@desc List Tenant Users\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the email field, role: str # Match users with a specific role, include_resource_instance_roles: bool=false # Should add resource instance roles, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}/users\n@desc Add User To Tenant\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique id by which Permit will identify the user for permission checks.}\n@optional {email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies., role_assignments: [map{role!: str, tenant: str, resource_instance: str}] # List of roles to assign to the user in the environment.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/tenants\n@desc List Tenants\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the tenant name or key, include_total_count: bool=false # Include total count in response, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/tenants\n@desc Create Tenant\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique id by which Permit will identify the tenant. The tenant key must be url-friendly (slugified)., name: str # A descriptive name for the tenant}\n@optional {description: str # an optional longer description of the tenant, attributes: map=[object Object] # Arbitraty tenant attributes that will be used to enforce attribute-based access control policies.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), last_action_at: str(date-time), name: str, description: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}\n@desc Get Tenant\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), last_action_at: str(date-time), name: str, description: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}\n@desc Delete Tenant\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}\n@desc Update Tenant\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # A descriptive name for the tenant, description: str # an optional longer description of the tenant, attributes: map=[object Object] # Arbitraty tenant attributes that will be used to enforce attribute-based access control policies.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), last_action_at: str(date-time), name: str, description: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}/users/{user_id}\n@desc Delete Tenant User\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/role_assignments/detailed\n@desc List Role Assignments Detailed\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {user: [str] # optional user(s) filter, will only return role assignments granted to this user(s)., role: [str] # optional role(s) filter, will only return role assignments granting this role(s)., tenant: [str] # optional tenant(s) filter, will only return role assignments granted in that tenant(s)., resource: str # optional resource **type** filter, will only return role assignments granted on that resource type., resource_instance: str # optional resource instance filter, will only return role assignments granted on that resource instance., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 1000).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/role_assignments\n@desc List Role Assignments\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {user: [str] # optional user(s) filter, will only return role assignments granted to this user(s)., role: [str] # optional role(s) filter, will only return role assignments granting this role(s)., tenant: [str] # optional tenant(s) filter, will only return role assignments granted in that tenant(s)., resource: str # optional resource **type** filter, will only return role assignments granted on that resource type., resource_instance: str # optional resource instance filter, will only return role assignments granted on that resource instance., detailed: bool=false # Whether to return full details about the user, tenant and role, include_total_count: bool=false # If true, returns the list of role assignments and the total count., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 1000).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/role_assignments\n@desc Assign Role\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role that will be assigned (accepts either the role id or the role key), user: str # the user the role will be assigned to (accepts either the user id or the user key)}\n@optional {tenant: str # the tenant the role is associated with (accepts either the tenant id or the tenant key), resource_instance: str # the resource instance the role is associated with (accepts either the resource instance id or key using this format resource_type:resource_instance)The resource instance will be implicitly created if the tenant parameter is specified and the resource instance does not exist.}\n@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/role_assignments\n@desc Unassign Role\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role that will be unassigned (accepts either the role id or the role key), tenant: str # the tenant the role is associated with (accepts either the tenant id or the tenant key), user: str # the user the role will be unassigned from (accepts either the user id or the user key)}\n@optional {return_deleted: bool=false # Whether to return the deleted role assignment, status code will be 200 instead of the default 204 if true, resource_instance: str # the resource instance the role is associated with (accepts either the resource instance id or key using this format resource_type:resource_instance)}\n@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Role assignment removed successfully\n@returns(204) Role assignment removed successfully\n@errors {404: Role assignment not found, 422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/role_assignments/bulk\n@desc Bulk create role assignments\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {missing_user_policy: any=fail # Policy for missing users - 'fail': Fail the entire operation if a user is missing; 'ignore': Skip assignments for missing users; 'create': Create missing users and continue with the operation}\n@returns(200) {assignments_created: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/role_assignments/bulk\n@desc Bulk Unassign Role\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {assignments_removed: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/set_rules\n@desc List Set Permissions\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {user_set: str # optional user set filter, will only return rules where the permission is granted to this user set, permission: str # optional permission filter, will only return condition set rules granting this permission, resource_set: str # optional resource set filter, will only return rules where the permission is granted on this resource set, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/set_rules\n@desc Assign Set Permissions\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., user_set: str # The userset that will be given permission, i.e: all the users matching this rule will be given the specified permission, permission: str # The permission that will be granted to the userset *on* the resourceset. The permission can be either a resource action id, or `{resource_key}:{action_key}`, i.e: the \"permission name\"., resource_set: str # The resourceset that represents the resources that are granted for access, i.e: all the resources matching this rule can be accessed by the userset to perform the granted *permission*}\n@optional {is_role: bool=false # if True, will set the condition set rule to the role's autogen user-set., is_resource: bool=false # if True, will set the condition set rule to the resource's autogen resource-set.}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/set_rules\n@desc Unassign Set Permissions\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., user_set: str # The userset that will be unassigned these permission, i.e: all the users matching this rule will lose the specified permission, permission: str # The permission that will be removed from the userset *on* the resourceset. The permission can be either a resource action id, or `{resource_key}:{action_key}`, i.e: the \"permission name\"., resource_set: str # The resourceset that represents the resources that are no longer granted for access, i.e: all the resources matching this rule can no longer be accessed by the userset, and will be revoked the specified *permission*}\n@optional {is_role: bool=false # if True, will set the condition set rule to the role's autogen user-set., is_resource: bool=false # if True, will set the condition set rule to the resource's autogen resource-set.}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/resource_instances/detailed\n@desc List Resource Instances Detailed\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {tenant: str # The tenant key or id to filter by, resource: str # The resource key or id to filter by, search: [str] # The resource instance key or id to filter by (supports multi-value like this url?search=key-1&search=key-2), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/resource_instances\n@desc List Resource Instances\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {tenant: str # The tenant key or id to filter by, resource: str # The resource key or id to filter by, search: [str] # The resource instance key or id to filter by (supports multi-value like this url?search=key-1&search=key-2), detailed: bool=false # If true, will return the relationships of the resource instance., include_total_count: bool=false # Include total count in response(will make the request slower), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/resource_instances\n@desc Create Resource Instance\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique identifier by which Permit will identify the resource instance for permission checks. You will later pass this identifier to the `permit.check()` API. A key can be anything: for example the resource db id, a url slug, a UUID or anything else as long as it's unique on your end. The resource instance key must be url-friendly., tenant: str # the *key* of the tenant that this resource belongs to, used to enforce tenant boundaries in multi-tenant apps., resource: str # the *key* of the resource (type) of this resource instance. For example: if this resource instance is the annual budget document, the key of the resource might be `document`.}\n@optional {attributes: map=[object Object] # Arbitrary resource attributes that will be used to enforce attribute-based access control policies.}\n@returns(200) {key: str, tenant: str, resource: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource_id: str(uuid), tenant_id: str(uuid), attributes: map, relationships: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id}\n@desc Get Resource Instance\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., instance_id: str # f'Either the unique id of the resource instance, or the URL-friendly key of the  (i.e: file:my_file.txt).'}\n@optional {detailed: bool=false # If true, will return the relationships of the resource instance.}\n@returns(200) {key: str, tenant: str, resource: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource_id: str(uuid), tenant_id: str(uuid), attributes: map, relationships: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id}\n@desc Delete Resource Instance\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., instance_id: str # f'Either the unique id of the resource instance, or the URL-friendly key of the  (i.e: file:my_file.txt).'}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id}\n@desc Update Resource Instance\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., instance_id: str # f'Either the unique id of the resource instance, or the URL-friendly key of the  (i.e: file:my_file.txt).'}\n@optional {attributes: map=[object Object] # Arbitrary resource attributes that will be used to enforce attribute-based access control policies.}\n@returns(200) {key: str, tenant: str, resource: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource_id: str(uuid), tenant_id: str(uuid), attributes: map, relationships: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/proxy_configs\n@desc List Proxy Configs\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/proxy_configs\n@desc Create Proxy Config\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., secret: any # Proxy config secret is set to enable the Permit Proxy to make proxied requests to the backend service., key: str # Proxy Config is set to enable the Permit Proxy to make proxied requests as part of the Frontend AuthZ., name: str # The name of the proxy config, for example: 'Stripe API'}\n@optional {mapping_rules: [map{url!: str, url_type: str, http_method!: any, resource!: str, headers: map, action: str, priority: int}]= # Proxy config mapping rules will include the rules that will be used to map the request to the backend service by a URL and a http method., auth_mechanism: any=Bearer # Proxy config auth mechanism will define the authentication mechanism that will be used to authenticate the request.  Bearer injects the secret into the Authorization header as a Bearer token,  Basic injects the secret into the Authorization header as a Basic user:password,  Headers injects plain headers into the request.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), secret: any, name: str, mapping_rules: [map], auth_mechanism: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id}\n@desc Get Proxy Config\n@required {proxy_config_id: str # Either the unique id of the proxy config, or the URL-friendly key of the proxy config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), secret: any, name: str, mapping_rules: [map], auth_mechanism: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id}\n@desc Delete Proxy Config\n@required {proxy_config_id: str # Either the unique id of the proxy config, or the URL-friendly key of the proxy config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id}\n@desc Update Proxy Config\n@required {proxy_config_id: str # Either the unique id of the proxy config, or the URL-friendly key of the proxy config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {secret: any # Proxy config secret is set to enable the Permit Proxy to make proxied requests to the backend service., name: str # The name of the proxy config, for example: 'Stripe API', mapping_rules: [map{url!: str, url_type: str, http_method!: any, resource!: str, headers: map, action: str, priority: int, should_delete: bool}]= # Proxy config mapping rules, with optional should_delete flag to indicate deletion., auth_mechanism: any=Bearer # Proxy config auth mechanism will define the authentication mechanism that will be used to authenticate the request.  Bearer injects the secret into the Authorization header as a Bearer token,  Basic injects the secret into the Authorization header as a Basic user:password,  Headers injects plain headers into the request.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), secret: any, name: str, mapping_rules: [map], auth_mechanism: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/facts/{proj_id}/{env_id}/bulk/users\n@desc Bulk Replace Users\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., operations: [map{key!: str, email: str(email), first_name: str, last_name: str, attributes: map, role_assignments: [map]}]}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/bulk/users\n@desc Bulk Create Users\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., operations: [map{key!: str, email: str(email), first_name: str, last_name: str, attributes: map, role_assignments: [map]}]}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/bulk/users\n@desc Bulk Delete Users\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., idents: [str] # List of user idents to delete. Either the unique id or the key of the users.}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/bulk/tenants\n@desc Bulk Create Tenants\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., operations: [map{key!: str, name!: str, description: str, attributes: map}]}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/bulk/tenants\n@desc Bulk Delete Tenants\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., idents: [str] # List of tenant idents to delete. Either the unique id or the key of the tenants.}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/facts/{proj_id}/{env_id}/bulk/resource_instances\n@desc Bulk Replace Resource Instances\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., operations: [map{key!: str, tenant!: str, resource!: str, attributes: map}]}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/bulk/resource_instances\n@desc Bulk Delete Resource Instances\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., idents: [str] # List of resource instance idents to delete. Either the unique id of the resource instance, or the URL-friendly key of the  (i.e: file:my_file)}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/email_configurations\n@desc Get Email Configuration\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/email_configurations\n@desc Create Or Update Email Configuration\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/email_configurations/send_test_email\n@desc Send Test Email\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/email_templates/\n@desc List Templates\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/email_templates/{template_type}\n@desc Get Template By Type\n@required {template_type: str, proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {template_type: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), from_address: str(email), redirect_to: str(uri), url_ttl: str, subject: str, messages: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/email_templates/{template_type}\n@desc Update Template By Type\n@required {template_type: str, proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., from_address: str(email) # The from address the mails will be sent from, redirect_to: str(uri) # The redirect url the user will be redirected to after clicking the link in the email, url_ttl: str # The time to live of the url in the email, in seconds, subject: str # The subject of the email template, messages: [map{message_type!: any, message_content!: str}] # The messages of the email template}\n@returns(200) {template_type: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), from_address: str(email), redirect_to: str(uri), url_ttl: str, subject: str, messages: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/email_templates/{template_type}/send_test_email\n@desc Send Test Email By Type\n@required {template_type: str, proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., from_address: str(email) # The from address the mails will be sent from, redirect_to: str(uri) # The redirect url the user will be redirected to after clicking the link in the email, url_ttl: str # The time to live of the url in the email, in seconds, subject: str # The subject of the email template, messages: [map{message_type!: any, message_content!: str}] # The messages of the email template}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/relationship_tuples/detailed\n@desc List Relationship Tuples Detailed\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., tenant: str # The tenant key or id to filter by, subject: str # The subject to filter by, accepts either the resource instance id or resource_type:resource_instance, relation: str # The relation id or key to filter by, object: str # The object to filter by, accepts either the resource instance id or resource_type:resource_instance, object_type: str # The object type to filter by, accepts resource type id or key, subject_type: str # The subject type to filter by, accepts resource type id or key}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/relationship_tuples\n@desc List Relationship Tuples\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {detailed: bool=false # If true, will return the full subject and object resource instances., include_total_count: bool=false # If true, returns the list of resource instances and the total count., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., tenant: str # The tenant key or id to filter by, subject: str # The subject to filter by, accepts either the resource instance id or resource_type:resource_instance, relation: str # The relation id or key to filter by, object: str # The object to filter by, accepts either the resource instance id or resource_type:resource_instance, object_type: str # The object type to filter by, accepts resource type id or key, subject_type: str # The subject type to filter by, accepts resource type id or key}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/relationship_tuples\n@desc Create Relationship Tuple\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., subject: str # the resource instance assigned the new relation (accepts either the resource instance id or resource_key:resource_instance_key), relation: str # the relation to assign between the subject and object, object: str # the resource instance on which the new relation is assigned (accepts either the resource instance id or resource_key:resource_instance_key)}\n@optional {tenant: str # The tenant the subject and object belong to, if the resource instances don't exist yet, the tenant is required to create them. otherwise it is ignored}\n@returns(200) {subject: str, relation: str, object: str, id: str(uuid), tenant: str, subject_id: str(uuid), relation_id: str(uuid), object_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), subject_details: any, relation_details: any, object_details: any, tenant_details: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/relationship_tuples\n@desc Delete Relationship Tuple\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., subject: str # the resource instance assigned the new relation (accepts either the resource instance id or resource_key:resource_instance_key), relation: str # the relation to assign between the subject and object, object: str # the resource instance on which the new relation is assigned (accepts either the resource instance id or resource_key:resource_instance_key)}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/relationship_tuples/bulk\n@desc Bulk create relationship tuples\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., operations: [map{subject!: str, relation!: str, object!: str, tenant: str}]}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/relationship_tuples/bulk\n@desc Bulk Delete Relationship Tuples\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., idents: [map{subject!: str, relation!: str, object!: str}] # List of relationship tuples objects to delete}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/user_invites\n@desc List User Invites\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {role: str # optional role filter, will only return invited users with this role., tenant: str # optional tenant filter, will only return invited users in that tenant., search: str # optional search, will only return invited users to that email, key or name., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/user_invites\n@desc Create User Invite\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # The key of the user that is being invited, status: any # The status of the user invite, email: str(email) # The email of the user that being invited, first_name: str # The first name of the user that is being invited, last_name: str # The last name of the user that is being invited, role_id: str(uuid) # The role of the user that is being invited, tenant_id: str(uuid) # The tenant id of the user that is being invited, resource_instance_id: str(uuid) # The resource instance id of the user that is being invited}\n@returns(200) {id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), key: str, status: any, email: str(email), first_name: str, last_name: str, role_id: str(uuid), tenant_id: str(uuid), resource_instance_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}\n@desc Get User Invite\n@required {user_invite_id: str # Either the unique id of the user_invite, or the URL-friendly key of the user_invite (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), key: str, status: any, email: str(email), first_name: str, last_name: str, role_id: str(uuid), tenant_id: str(uuid), resource_instance_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}\n@desc Delete User Invite\n@required {user_invite_id: str # Either the unique id of the user_invite, or the URL-friendly key of the user_invite (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}\n@desc Update User Invite\n@required {user_invite_id: str # Either the unique id of the user_invite, or the URL-friendly key of the user_invite (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # The key of the user that is being invited, status: any # The status of the user invite, email: str(email) # The email of the user that being invited, first_name: str # The first name of the user that is being invited, last_name: str # The last name of the user that is being invited, role_id: str(uuid) # The role of the user that is being invited, tenant_id: str(uuid) # The tenant id of the user that is being invited, resource_instance_id: str(uuid) # The resource instance id of the user that is being invited}\n@returns(200) {id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), key: str, status: any, email: str(email), first_name: str, last_name: str, role_id: str(uuid), tenant_id: str(uuid), resource_instance_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}/approve\n@desc Approve User Invite\n@required {user_invite_id: str # Either the unique id of the user_invite, or the URL-friendly key of the user_invite (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., email: str(email) # The email of the user that being invited, key: str # The key of the elements user invite, attributes: map # The attributes of the user}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response\n@errors {400: The user already approved or the email requested doesn't match the email of the invite., 422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}\n@desc List Access Requests\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {status: any # Optional status filter, will only return access requests with this status., role: str # Optional role filter, will only return access request granted with that role., resource: str # Optional resource filter, will only return access request granted in that resource., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}\n@desc Create Access Request\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., access_request_details: any # details of the access request, including the resource and tenant}\n@optional {reason: str # Optional business justification provided by the user requesting access}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}\n@desc Get Access Request\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/reviewer\n@desc Update Access Request Reviewer\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id, role: str # role id or key that the user is requesting access to}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/approve\n@desc Approve Access Request\n@required {access_request_id: str(uuid) # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id, role: str # role id or key that the user is requesting access to}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/deny\n@desc Deny Access Request\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/cancel\n@desc Cancel Access Request\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group pdps\n@endpoint GET /v2/pdps/{proj_id}/{env_id}/configs\n@desc List PDP configurations\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/values\n@desc Get PDP configuration\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., pdp_id: str(uuid) # The unique id of the pdp}\n@optional {X-Shard-ID: int}\n@returns(200) {opal_common: map{FETCHING_CALLBACK_TIMEOUT: int, AUTH_PUBLIC_KEY: str}, opal_client: map{DATA_TOPICS: [str], CLIENT_TOKEN: str, SERVER_URL: str, SERVER_WS_URL: str, SERVER_PUBSUB_URL: str, DEFAULT_DATA_SOURCES_CONFIG_URL: str, SCOPE_ID: str, SHOULD_REPORT_ON_DATA_UPDATES: bool, DEFAULT_UPDATE_CALLBACKS: map{callbacks: [any]}, DEFAULT_UPDATE_CALLBACK_CONFIG: map{fetcher: str, headers: map, is_json: bool, process_data: bool, method: any, data: any}}, pdp: any, context: map{customer_id: str(uuid), client_id: str, backend_tier: str(uri), component: str, org_id: str(uuid), project_id: str(uuid), env_id: str(uuid)}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/debug-audit-logs/enable\n@desc Enable debug audit logs\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., pdp_id: str(uuid) # The unique id of the pdp}\n@returns(200) {id: str(uuid), name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), client_secret: str, opal_server_access_token: str, num_shards: int, debug_audit_logs: bool, min_pdp_version: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/debug-audit-logs/disable\n@desc Disable debug audit logs\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., pdp_id: str(uuid) # The unique id of the pdp}\n@returns(200) {id: str(uuid), name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), client_secret: str, opal_server_access_token: str, num_shards: int, debug_audit_logs: bool, min_pdp_version: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/rotate-api-key\n@desc Rotate PDP API Key\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., pdp_id: str(uuid) # The unique id of the pdp}\n@returns(200) {id: str(uuid), name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), client_secret: str, opal_server_access_token: str, num_shards: int, debug_audit_logs: bool, min_pdp_version: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/pdps/{proj_id}/{env_id}/configs/migrate-shards\n@desc Migrate PDP Config number of shards\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., num_shards: int}\n@returns(200) {id: str(uuid), name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), client_secret: str, opal_server_access_token: str, num_shards: int, debug_audit_logs: bool, min_pdp_version: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/pdps/{proj_id}/{env_id}/audit_logs\n@desc List Audit Logs\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {pdp_id: str(uuid) # Filter by pdp config id, users: [str] # List of user keys or emails to filter by, decision: bool # Filter by decision result, resources: [str] # Filter by resources, tenant: str # Filter by tenant, action: str # Filter by action, timestamp_from: int # Filter by timestamp from, timestamp_to: int # Filter by timestamp to, sort_by: any=timestamp # Sort by column, query: any=check # Filter by the type of query that generated the audit log.'check' - permit/root, permit/check, permit/bulk'get_user_permissions' - permit/user_permissions'get_authorized_users' - permit/authorized_users, permit/authorized_users_new'none' - All queries, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int, pagination_count: int} # Successful Response\n@errors {400: Overreach of pagination limits, 422: Validation Error}\n\n@endpoint GET /v2/pdps/{proj_id}/{env_id}/audit_logs/{log_id}\n@desc Get detailed audit log\n@required {log_id: str(uuid) # The unique id of the audit log, proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {id: str(uuid), raw_data: any, timestamp: str(date-time), created_at: str(date-time), query: str, user_key: str, user_email: str, user_name: str, resource_type: str, tenant: str, action: str, decision: bool, reason: str, org_id: str(uuid), project_id: str(uuid), env_id: str(uuid), pdp_config_id: str(uuid), input: any, result: any, context: any, objects: any} # Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group projects\n@endpoint GET /v2/projects/{proj_id}/repos\n@desc List Policy Repos\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/projects/{proj_id}/repos\n@desc Create Policy Repo\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., key: str # A URL-friendly name of the policy repo (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the policy repo., url: str # The SSH URL of the git repository (e.g. git@github.com:username/repository.git), credentials: map{auth_type: str, username!: str, public_key: str, private_key!: str}}\n@optional {main_branch_name: str=main, activate_when_validated: bool=false # if you want to change your policy repository to this repo right after it is validated}\n@returns(200) {id: str(uuid), status: str, key: str, url: str, main_branch_name: str, credentials: map{auth_type: str, username: str, public_key: str, private_key: str}, activate_when_validated: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}/repos/active\n@desc Get Active Policy Repo\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@returns(200) {id: str(uuid), status: str, key: str, url: str, main_branch_name: str, credentials: map{auth_type: str, username: str, public_key: str, private_key: str}, activate_when_validated: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/projects/{proj_id}/repos/disable\n@desc Disable Active Policy Repo\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/projects/{proj_id}/repos/{repo_id}/activate\n@desc Activate Policy Repo\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., repo_id: str # Either the unique id of the policy repo, or the URL-friendly key of the policy repo (i.e: the \"slug\").}\n@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response\n@errors {400: Invalid policy repo status, 422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}/repos/{repo_id}\n@desc Get Policy Repo\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., repo_id: str # Either the unique id of the policy repo, or the URL-friendly key of the policy repo (i.e: the \"slug\").}\n@returns(200) {id: str(uuid), status: str, key: str, url: str, main_branch_name: str, credentials: map{auth_type: str, username: str, public_key: str, private_key: str}, activate_when_validated: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/projects/{proj_id}/repos/{repo_id}\n@desc Delete Policy Repo\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., repo_id: str # Either the unique id of the policy repo, or the URL-friendly key of the policy repo (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group elements\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config\n@desc List Elements Configs\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/elements/{proj_id}/{env_id}/config\n@desc Create Elements Config\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the elements_config (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the elements_config., name: str # The name of the elements_config, elements_type: any # The type of the elements interface, e.g: user management, settings: map # Obj with the options of the elements interface, e.g: primary color, roles_to_levels: map # Obj with levels as keys and role ids as values}\n@optional {email_notifications: bool=false # Whether to send email notifications to users using your Email Provider you set, webhook: map{type: str, url!: str, bearer_token: str}}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), is_active: bool, name: str, elements_type: any, settings: map, email_notifications: bool, roles_to_levels: map, webhook: map{type: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), url: str}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}\n@desc Get Elements Config\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), is_active: bool, name: str, elements_type: any, settings: map, email_notifications: bool, roles_to_levels: map, webhook: map{type: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), url: str}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}\n@desc Update Elements Config\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., roles_to_levels: map # Obj with levels as keys and role ids as values}\n@optional {name: str # The name of the elements_config, elements_type: any # The type of the elements interface, e.g: user management, settings: map # Obj with the options of the elements interface, e.g: primary color, email_notifications: bool=false # Whether to send email notifications to users using your Email Provider you set, webhook: map{url: str, bearer_token: str}}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), is_active: bool, name: str, elements_type: any, settings: map, email_notifications: bool, roles_to_levels: map, webhook: map{type: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), url: str}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/runtime\n@desc Get Elements Config Runtime\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) {config: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), is_active: bool, name: str, elements_type: any, settings: map, email_notifications: bool, roles_to_levels: map, webhook: map{type: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), url: str}}, current_permission_level: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/elements/{proj_id}/{env_id}/{elements_config_id}\n@desc Delete Elements Config\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users\n@desc List users\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the email field, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users\n@desc Create user\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique id by which Permit will identify the user for permission checks.}\n@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on, email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies., role_assignments: [map{role!: str, tenant: str, resource_instance: str}] # List of roles to assign to the user in the environment., role: str}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id}\n@desc Delete user\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\").}\n@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/user-invites\n@desc List all Elements User Invites\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the email field, status: any # Status of the user invite, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/roles\n@desc List roles\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the email field, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id}/roles\n@desc Assign role to user\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role that will be assigned (accepts either the role id or the role key)}\n@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id}/roles\n@desc Unassign role from user\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role that will be unassigned (accepts either the role id or the role key)}\n@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/active\n@desc Set Config Active\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/audit_logs\n@desc List audit logs\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {search: str # Text search for the email field, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int, pagination_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests\n@desc List Access Requests\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {status: any # Optional status filter, will only return access requests with this status., tenant: str # Optional tenant filter, will only return access request granted in that tenant., role: str # Optional role filter, will only return access request granted with that role., resource: str # Optional resource filter, will only return access request granted in that resource., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests\n@desc Create Access Request\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., access_request_details: any # details of the access request, including the resource and tenant}\n@optional {reason: str # Optional business justification provided by the user requesting access}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}\n@desc Get Access Request\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/reviewer\n@desc Update Access Request Reviewer\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id, role: str # role id or key that the user is requesting access to}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/approve\n@desc Approve Access Request\n@required {access_request_id: str(uuid) # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id, role: str # role id or key that the user is requesting access to}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/deny\n@desc Deny Access Request\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/cancel\n@desc Cancel Access Request\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval\n@desc List Operation Approvals\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {status: any # Optional status filter, will only return access requests with this status., resource: str # Optional resource filter, will only return access request granted in that resource., resource_instance: str # Optional resource instance filter, will only return access request granted in that resource instance., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval\n@desc Create Operation Approval\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., access_request_details: any # details of the operation approval, including the resource and tenant}\n@optional {reason: str # Optional business justification provided by the user requesting operation approval}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}\n@desc Get Operation Approval\n@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/reviewer\n@desc Update Operation Approval Reviewer\n@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/approve\n@desc Approve Operation Approval\n@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/deny\n@desc Deny Operation Approval\n@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/cancel\n@desc Cancel Operation Approval\n@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group deprecated\n@endpoint GET /v2/deprecated/history\n@desc List Api Events\n@optional {method: [str] # HTTP methods to include in search, path: [str] # API paths to include in search, success: bool # Filter by API request success/failure, status_code: [int] # HTTP status codes to include in search, client_ip: [str] # IPs of clients to include in search, actor_type: [str] # Actor type to search (member, user, api_key), actor_id: [str] # Actor ID to search, actor_display_name: str # Actor display name to search, project_id: [str] # Projects to include in search, env_id: [str] # Environments to include in search, timestamp_from: int # Retrieve only events after this timestamp (seconds since epoch), timestamp_until: int # Retrieve only events before this timestamp (seconds since epoch), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/deprecated/history/{event_id}\n@desc Get Api Event\n@required {event_id: str(uuid)}\n@returns(200) {request_body: str(binary), response_body: str(binary), timestamp: str(date-time), timestamp_utc: str(date-time), method: str, path: str, success: bool, status: int, request_id: str(uuid), client_ip: str, actor_type: str, actor_id: str(uuid), actor_display_name: str, org_id: str(uuid), project_key: str, project_id: str(uuid), env_key: str, env_id: str(uuid), id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/deprecated/history/{event_id}/request\n@desc Get Request Body\n@required {event_id: str(uuid)}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/deprecated/history/{event_id}/response\n@desc Get Response Body\n@required {event_id: str(uuid)}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group history\n@endpoint GET /v2/history\n@desc List Api Events\n@optional {method: [str] # HTTP methods to include in search, path: [str] # API paths to include in search, success: bool # Filter by API request success/failure, status_code: [int] # HTTP status codes to include in search, client_ip: [str] # IPs of clients to include in search, actor_type: [str] # Actor type to search (member, user, api_key), actor_id: [str] # Actor ID to search, actor_display_name: str # Actor display name to search, project_id: [str] # Projects to include in search, env_id: [str] # Environments to include in search, timestamp_from: int # Retrieve only events after this timestamp (seconds since epoch), timestamp_until: int # Retrieve only events before this timestamp (seconds since epoch), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int, pagination_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/history/{event_id}\n@desc Get Api Event\n@required {event_id: str(uuid)}\n@returns(200) {request_body: str(binary), response_body: str(binary), timestamp: str(date-time), timestamp_utc: str(date-time), method: str, path: str, success: bool, status: int, request_id: str(uuid), client_ip: str, actor_type: str, actor_id: str(uuid), actor_display_name: str, org_id: str(uuid), project_key: str, project_id: str(uuid), env_key: str, env_id: str(uuid), id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/history/{event_id}/request\n@desc Get Request Body\n@required {event_id: str(uuid)}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/history/{event_id}/response\n@desc Get Response Body\n@required {event_id: str(uuid)}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group activity\n@endpoint GET /v2/activity\n@desc List Activity Events\n@optional {actor_id: [str] # Actor ID to search, actor_display_name: str # Actor display name to search, actor_type: [str] # Actor type to search (member, user, api_key), project_id: [str] # Projects to include in search, env_id: [str] # Environments to include in search, timestamp_from: int # Retrieve only events after this timestamp (seconds since epoch), timestamp_until: int # Retrieve only events before this timestamp (seconds since epoch), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int, pagination_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/activity/types\n@desc List Activity Types\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group deprecated\n@endpoint GET /v2/deprecated/activity\n@desc List Activity Events\n@optional {actor_id: [str] # Actor ID to search, actor_display_name: str # Actor display name to search, actor_type: [str] # Actor type to search (member, user, api_key), project_id: [str] # Projects to include in search, env_id: [str] # Environments to include in search, timestamp_from: int # Retrieve only events after this timestamp (seconds since epoch), timestamp_until: int # Retrieve only events before this timestamp (seconds since epoch), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/deprecated/activity/types\n@desc List Activity Types\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group policy_guards\n@endpoint GET /v2/policy_guards/scopes\n@desc List Policy Guard Scopes\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/policy_guards/scopes\n@desc Create Policy Guard Scope\n@required {key: str # The unique key of the policy guard scope.}\n@optional {policy_guard_scope_details: [map{project_id!: str}]= # list of projects that this policy guard is assigned to.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), policy_guard_scope_details: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/policy_guards/scopes/{policy_guard_scope_id}\n@desc Get Policy Guard Scope\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), policy_guard_scope_details: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/policy_guards/scopes/{policy_guard_scope_id}\n@desc Delete Policy Guard Scope\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/policy_guards/scopes/{policy_guard_scope_id}/associate\n@desc Associate Policy Guard Scope\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\")., project_id: str # The unique identifier of the project of this policy scope.}\n@optional {wait: num=0 # Time in seconds to wait for the task to complete. Default is 0, means no wait.}\n@returns(200) {task_id: str, status: any, result: any, error: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/policy_guards/scopes/{policy_guard_scope_id}/disassociate\n@desc Disassociate Policy Guard Scope\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\")., project_id: str # The unique identifier of the project of this policy scope.}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/policy_guards/scopes/{policy_guard_scope_id}/rules\n@desc List Policy Guard Rules\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/policy_guards/scopes/{policy_guard_scope_id}/rules\n@desc Create Policy Guard Rule\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\")., is_allowed: bool # If True, the permission will be allowed for the role in the policy guard across all projectswithin the policy scope, and the permission will be locked from further editing., resource_key: str # The key of the resource., action_key: str # The key of the action.}\n@optional {wait: num=0 # Time in seconds to wait for the task to complete. Default is 0, means no wait., role_key: str # The key of the role., resource_set: any # The resource set that the permission will be applied to., user_set: any # The user set that the permission will be applied to.}\n@returns(200) {task_id: str, status: any, result: any, error: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/policy_guards/scopes/{policy_guard_scope_id}/rules\n@desc Delete Policy Guard Rule\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\")., resource_key: str # The key of the resource., action_key: str # The key of the action.}\n@optional {role_key: str # The key of the role., resource_set: any # The resource set that the permission will be applied to., user_set: any # The user set that the permission will be applied to.}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group projects\n@endpoint GET /v2/projects/{proj_id}/{env_id}/opal_scope\n@desc Get Scope Config\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {data: map{entries: [map]}, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/projects/{proj_id}/{env_id}/opal_scope\n@desc Set Scope Config\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {data: map{entries: [map]} # Static list of Data Source Entries returned to client.  Answers this question for the client: from where should i get the full picture of data i need? (as opposed to incremental data updates)}\n@returns(200) {data: map{entries: [map]}, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/projects/{proj_id}/{env_id}/opal_scope\n@desc Reset Scope Config\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group audit-log-replay\n@endpoint POST /v2/audit-log-replay\n@desc Run the audit log replay\n@required {pdp_url: str # URL of the PDP to test against}\n@optional {start_time: int # Start time for the query (in seconds since epoch). Defaults to 24 hours ago., end_time: int # End time for the query (in seconds since epoch). Defaults to current time., concurrency_limit: int=10 # Concurrency limit for processing documents (max: 5), graceful_shutdown_s: int=60 # Graceful shutdown time in seconds}\n@returns(202) {message: str, document_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group internal\n@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/optimized\n@desc Get All Data Optimized\n@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {X-Shard-ID: int}\n@returns(200) {use_debugger: bool, users: map, tenants: map, roles: map, condition_set_rules: map, condition_set_rules_expand: map, relationships: map, resource_types: map, condition_sets: map, role_assignments: map, role_permissions: map, mapping_rules: map, resource_instances: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}\n@desc Get All Data\n@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/users\n@desc Get All Users Data\n@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/role_assignments\n@desc Get All Role Assignments Data\n@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/resource_instances\n@desc Get All Resource Instances Data\n@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/relationships\n@desc Get All Relationships Data\n@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@end\n"}}