{"note":"OpenAPI conversion -- returning structured metadata","name":"permit","description":"Permit.io API","version":"2.0.0","base_url":"","endpoints":258,"raw":"@lap v0.3\n# Machine-readable API spec. Each @endpoint block is one API call.\n@api Permit.io API\n@version 2.0.0\n@auth Bearer bearer\n@endpoints 258\n@hint download_for_search\n@toc members(7), api-key(7), orgs(10), projects(25), schema(75), facts(69), pdps(8), elements(29), deprecated(6), history(4), activity(2), policy_guards(9), audit-log-replay(1), internal(6)\n\n@group members\n@endpoint GET /v2/members/me\n@desc Get the authenticated account member\n@returns(200) {id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map, grants: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/members\n@desc List Organization Members\n@optional {project_id: str(uuid), env_id: str(uuid), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/members\n@desc Invite new members\n@required {permissions: [map{organization_id!: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type!: str, access_level!: str, organization_key: str, project_key: str, environment_key: str, organization_name: str, project_name: str, environment_name: str}]}\n@optional {inviter_name: str, inviter_email: str, id: str(uuid) # Unique id of the account member, email: str(email) # Email of the user controlling this account}\n@returns(200) {id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map, grants: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/members\n@desc Remove permission\n@required {id: str(uuid) # Unique id of the account member, permissions: [map{organization_id!: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type!: str, access_level!: str, organization_key: str, project_key: str, environment_key: str, organization_name: str, project_name: str, environment_name: str}]}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/members/{member_id}\n@desc Get Organization Member\n@required {member_id: str # Either the unique id (UUID) of the account member, or the email address of the account member.}\n@returns(200) {id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map, grants: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/members/{member_id}\n@desc Remove member\n@required {member_id: str # Either the unique id (UUID) of the account member, or the email address of the account member.}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/members/{member_id}\n@desc Edit members\n@required {member_id: str # Either the unique id (UUID) of the account member, or the email address of the account member.}\n@optional {settings: map # Custom permit.io dashboard settings, such as preferred theme, etc., onboarding_step: any # updates the onboarding step (optional)}\n@returns(200) {id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map, grants: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group api-key\n@endpoint GET /v2/api-key/{proj_id}/{env_id}\n@desc Get Environment Api Key\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type: any, access_level: any, owner_type: str, name: str, id: str(uuid), secret: str, created_at: str(date-time), created_by_member: map{id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map}, last_used_at: str(date-time), env: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map}, project: map{key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/api-key/scope\n@desc Get Api Key Scope\n@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/api-key\n@desc List Api Keys\n@optional {object_type: str, proj_id: str # Optional project filter by project id or key, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/api-key\n@desc Create Api Key\n@required {organization_id: str(uuid)}\n@optional {project_id: str(uuid), environment_id: str(uuid), object_type: any=env, access_level: any=admin, owner_type: any=member, name: str}\n@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type: any, access_level: any, owner_type: str, name: str, id: str(uuid), secret: str, created_at: str(date-time), created_by_member: map{id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map}, last_used_at: str(date-time), env: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map}, project: map{key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/api-key/{api_key_id}\n@desc Get Api Key\n@required {api_key_id: str # The unique id of the API key}\n@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type: any, access_level: any, owner_type: str, name: str, id: str(uuid), secret: str, created_at: str(date-time), created_by_member: map{id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map}, last_used_at: str(date-time), env: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map}, project: map{key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/api-key/{api_key_id}\n@desc Delete Api Key\n@required {api_key_id: str # The unique id of the API key}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/api-key/{api_key_id}/rotate-secret\n@desc Rotate API Key\n@required {api_key_id: str(uuid) # The unique id of the API key}\n@returns(200) {organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), object_type: any, access_level: any, owner_type: str, name: str, id: str(uuid), secret: str, created_at: str(date-time), created_by_member: map{id: str(uuid), email: str(email), email_verified: bool, name: str, given_name: str, family_name: str, picture: str, is_superuser: bool, is_onboarding: bool, onboarding_step: any, created_at: str(date-time), last_login: str(date-time), last_ip: str, logins_count: int, identities: [map], invite: map{member_id: str(uuid), email: str(email), role: any, id: str(uuid), organization_id: str(uuid), invite_code: str(uuid), created_at: str(date-time), status: any, failed_reason: str}, settings: map}, last_used_at: str(date-time), env: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map}, project: map{key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)}} # Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group orgs\n@endpoint GET /v2/orgs\n@desc List Organizations\n@optional {search: any # Text search for the org name or key or id, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/orgs\n@desc Create Organization\n@required {key: str # A URL-friendly name of the organization (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the organization., name: str # The name of the organization, usually it's your company's name.}\n@optional {page_full_url: str=page_full_url, settings: map # the settings for this project}\n@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map, api_key_id: str(uuid), api_key_secret: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/orgs/{org_id}\n@desc Get Organization\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/orgs/{org_id}\n@desc Delete Organization\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/orgs/{org_id}\n@desc Update Organization\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\").}\n@optional {name: str # The name of the organization, usually it's your company's name., settings: map # the settings for this project}\n@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/orgs/active/org\n@desc Get Active Organization\n@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/orgs/{org_id}/stats\n@desc Stats Organization\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), is_enterprise: bool, usage_limits: any, created_at: str(date-time), updated_at: str(date-time), name: str, settings: map, stats: map{projects: int, environments: int, users: int}, historical_usage: map{current_month: map{mau: int, tenants: int, monthly_tenants: [str(uuid)], month: int, year: int}, previous_month: map{mau: int, tenants: int, monthly_tenants: [str(uuid)], month: int, year: int}, two_months_ago: map{mau: int, tenants: int, monthly_tenants: [str(uuid)], month: int, year: int}}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/orgs/{org_id}/invites\n@desc List Organization Invites\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/orgs/{org_id}/invites\n@desc Invite Members To Organization\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\").}\n@optional {inviter_name: str, inviter_email: str}\n@returns(200) {success: [map], failed: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/orgs/{org_id}/invites/{invite_id}\n@desc Cancel Invite\n@required {org_id: str # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., invite_id: str(uuid) # Id of the invite to cancel}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group projects\n@endpoint GET /v2/projects\n@desc List Projects\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/projects\n@desc Create Project\n@required {key: str # A URL-friendly name of the project (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the project., name: str # The name of the project}\n@optional {urn_namespace: str # Optional namespace for URNs. If empty, URNs will be generated from project key., description: str # a longer description outlining the project objectives, settings: map # the settings for this project, active_policy_repo_id: str(uuid) # the id of the policy repo to use for this project, initial_environments: [map{key!: str, name!: str, description: str, custom_branch_name: str, jwks: any, settings: map}]=[object Object],[object Object] # The initial environments to create for this project. By default, 'Development' and 'Production' are created, specify [] (empty list) to skip that.}\n@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}\n@desc Get Project\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/projects/{proj_id}\n@desc Delete Project\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/projects/{proj_id}\n@desc Update Project\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@optional {name: str # The name of the project, description: str # a longer description outlining the project objectives, settings: map # the settings for this project, active_policy_repo_id: str(uuid) # the id of the policy repo to use for this project}\n@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}/envs/{env_id}/stats\n@desc Stats Environments\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map, pdp_configs: [map], stats: map{roles: int, users: int, policies: int, resources: int, tenants: int, has_decision_logs: bool, members: [map], mau: int}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}/envs\n@desc List Environments\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/projects/{proj_id}/envs\n@desc Create Environment\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., key: str # A URL-friendly name of the environment (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the environment., name: str # The name of the environment}\n@optional {description: str # an optional longer description of the environment, custom_branch_name: str # when using gitops feature, an optional branch name for the environment, jwks: any # jwks for element frontend only login, settings: map # the settings for this environment}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}/envs/{env_id}\n@desc Get Environment\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map, email_configuration: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/projects/{proj_id}/envs/{env_id}\n@desc Delete Environment\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/projects/{proj_id}/envs/{env_id}\n@desc Update Environment\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # The name of the environment, description: str # an optional longer description of the environment, custom_branch_name: str # when using gitops feature, an optional branch name for the environment, jwks: any # jwks for element frontend only login, settings: map # the settings for this environment}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/projects/{proj_id}/envs/{env_id}/copy\n@desc Copy Environment\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., target_env: any # If copying a new environment, the environment configuration. If copying to an existing environment, the environment identifier}\n@optional {conflict_strategy: any=fail # Action to take when detecting a conflict when copying. Only applies to copying into an existing environment, scope: any=[object Object] # Filters to include and exclude copied objects}\n@returns(201) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), avp_policy_store_id: str, name: str, description: str, custom_branch_name: str, jwks: any, settings: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/projects/{proj_id}/envs/{env_id}/copy/async\n@desc Copy Environment Async\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., target_env: any # If copying a new environment, the environment configuration. If copying to an existing environment, the environment identifier}\n@optional {wait: num=0 # Time in seconds to wait for the task to complete. Default is 0, means no wait., conflict_strategy: any=fail # Action to take when detecting a conflict when copying. Only applies to copying into an existing environment, scope: any=[object Object] # Filters to include and exclude copied objects}\n@returns(202) {task_id: str, status: any, result: any, error: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}/envs/{env_id}/copy/async/{task_id}/result\n@desc Get Copy Environment Task Result\n@required {task_id: str # The unique id of the task., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {wait: num=0 # Time in seconds to wait for the task to complete. Default is 0, means no wait.}\n@returns(200) {task_id: str, status: any, result: any, error: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/projects/{proj_id}/envs/{env_id}/test_jwks\n@desc Test Jwks By Url\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {url: str # URL of JWKs to test}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group schema\n@endpoint PUT /v2/schema/{proj_id}/{env_id}/bulk/roles\n@desc Bulk Create Or Replace Roles\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., operations: [map{name!: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key!: str, resource: str}]}\n@returns(200) {created: [str], updated: [str]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/condition_sets\n@desc List Condition Sets\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the condition sets name or key, type: any # if provided, will return only the condition sets of the specified type. e.g: only user sets., include_total_count: bool=false # Include total count in response, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/condition_sets\n@desc Create Condition Set\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique id by which Permit will identify the condition set. The key will be used as the generated rego rule name., name: str # A descriptive name for the set, i.e: 'US based employees' or 'Users behind VPN'}\n@optional {type: any=userset # the type of the set: UserSet or ResourceSet, autogenerated: bool=false # whether the set was autogenerated by the system., resource_id: any # For ResourceSets, the id of the base resource., description: str # an optional longer description of the set, conditions: map=[object Object] # a boolean expression that consists of multiple conditions, with and/or logic., parent_id: any # Parent Condition Set}\n@returns(200) {key: str, type: any, autogenerated: bool, resource_id: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map}, name: str, description: str, conditions: map, parent_id: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}\n@desc Get Condition Set\n@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, type: any, autogenerated: bool, resource_id: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map}, name: str, description: str, conditions: map, parent_id: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}\n@desc Delete Condition Set\n@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}\n@desc Update Condition Set\n@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # A descriptive name for the set, i.e: 'US based employees' or 'Users behind VPN', description: str # an optional longer description of the set, conditions: map=[object Object] # a boolean expression that consists of multiple conditions, with and/or logic., parent_id: any # Parent Condition Set}\n@returns(200) {key: str, type: any, autogenerated: bool, resource_id: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map}, name: str, description: str, conditions: map, parent_id: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}/ancestors\n@desc Get Condition Set Ancestors\n@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/condition_sets/{condition_set_id}/descendants\n@desc Get Condition Set Descendants\n@required {condition_set_id: str # Either the unique id of the condition set, or the URL-friendly key of the condition set (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/implicit_grants\n@desc Create Implicit Grant\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role key that needs to exist on the related resource (from the relation), on_resource: str # the resource key that needs to exist on the related role (from the relation), linked_by_relation: str # the relation key that needs to exist between the resource and the related resource}\n@optional {when: any=[object Object] # the settings of the derived role rule}\n@returns(200) {role_id: str(uuid), resource_id: str(uuid), relation_id: str(uuid), role: str, on_resource: str, linked_by_relation: str, when: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/implicit_grants\n@desc Delete Implicit Grant\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role key that needs to exist on the related resource (from the relation), on_resource: str # the resource key that needs to exist on the related role (from the relation), linked_by_relation: str # the relation key that needs to exist between the resource and the related resource}\n@optional {when: any=[object Object] # the settings of the derived role rule}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/implicit_grants/conditions\n@desc Update Implicit Grants Conditions\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {no_direct_roles_on_object: bool=false # If true, the derived role or the specific rule will not apply if the resource has any direct role}\n@returns(200) {no_direct_roles_on_object: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups\n@desc List Resource Action Groups\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups\n@desc Create Resource Action Group\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the action group (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the action group., name: str # The name of the action group}\n@optional {description: str # An optional longer description of what this action group represents in your system, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this action group. This metadata can be used to filter action groups using query parameters with attr_ prefix, actions: [str]=}\n@returns(200) {name: str, description: str, attributes: map, actions: [str], key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id}\n@desc Get Resource Action Group\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., action_group_id: str # Either the unique id of the action group, or the URL-friendly key of the action group (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {name: str, description: str, attributes: map, actions: [str], key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id}\n@desc Delete Resource Action Group\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., action_group_id: str # Either the unique id of the action group, or the URL-friendly key of the action group (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/action_groups/{action_group_id}\n@desc Update Resource Action Group\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., action_group_id: str # Either the unique id of the action group, or the URL-friendly key of the action group (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # The name of the action group, description: str # An optional longer description of what this action group represents in your system, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this action group. This metadata can be used to filter action groups using query parameters with attr_ prefix, actions: [str]=}\n@returns(200) {name: str, description: str, attributes: map, actions: [str], key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions\n@desc List Resource Actions\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions\n@desc Create Resource Action\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the action (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the action., name: str # The name of the action}\n@optional {description: str # An optional longer description of what this action respresents in your system, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this action. This metadata can be used to filter actions using query parameters with attr_ prefix, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str}\n@returns(200) {name: str, description: str, attributes: map, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str, key: str, id: str(uuid), permission_name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id}\n@desc Get Resource Action\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., action_id: str # Either the unique id of the action, or the URL-friendly key of the action (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {name: str, description: str, attributes: map, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str, key: str, id: str(uuid), permission_name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id}\n@desc Delete Resource Action\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., action_id: str # Either the unique id of the action, or the URL-friendly key of the action (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/actions/{action_id}\n@desc Update Resource Action\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., action_id: str # Either the unique id of the action, or the URL-friendly key of the action (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # The name of the action, description: str # An optional longer description of what this action respresents in your system, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this action. This metadata can be used to filter actions using query parameters with attr_ prefix, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str}\n@returns(200) {name: str, description: str, attributes: map, v1compat_path: str, v1compat_is_built_in: bool, v1compat_name: str, key: str, id: str(uuid), permission_name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes\n@desc List Resource Attributes\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes\n@desc Create Resource Attribute\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the attribute (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the attribute., type: any # The type of the attribute, we currently support: `bool`, `number` (ints, floats), `time` (a timestamp), `string`, and `json`.}\n@optional {description: str # An optional longer description of what this attribute respresents in your system}\n@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id}\n@desc Get Resource Attribute\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id}\n@desc Delete Resource Attribute\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/attributes/{attribute_id}\n@desc Update Resource Attribute\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {type: any # The type of the attribute, we currently support: `bool`, `number` (ints, floats), `time` (a timestamp), `string`, and `json`., description: str # An optional longer description of what this attribute respresents in your system}\n@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations\n@desc List Resource Relations\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations\n@desc Create Resource Relation\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the relation (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the relation., name: str # The name of the relation, subject_resource: str # The subject resource ID or key}\n@optional {description: str # An optional longer description of what this relation represents in your system}\n@returns(200) {description: str, subject_resource: str, key: str, name: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), object_resource_id: str(uuid), object_resource: str, subject_resource_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations/{relation_id}\n@desc Get Resource Relation\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., relation_id: str # Either the unique id of the relation, or the URL-friendly key of the relation (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {description: str, subject_resource: str, key: str, name: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), object_resource_id: str(uuid), object_resource: str, subject_resource_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/relations/{relation_id}\n@desc Delete Resource Relation\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., relation_id: str # Either the unique id of the relation, or the URL-friendly key of the relation (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles\n@desc List Resource Roles\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles\n@desc Create Resource Role\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the role (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the role., name: str # The name of the role}\n@optional {description: str # optional description string explaining what this role represents, or what permissions are granted to it., permissions: [str] # list of action keys that define what actions this resource role is permitted to do, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this role. This metadata can be used to filter role using query parameters with attr_ prefix, currently supports only 'equals' operator, extends: [str] # list of role keys that define what roles this role extends. In other words: this role will automatically inherit all the permissions of the given roles in this list., granted_to: any # Derived role that inherit will be applied on this role, v1compat_settings: map, v1compat_attributes: map}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}\n@desc Get Resource Role\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}\n@desc Delete Resource Role\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}\n@desc Update Resource Role\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # The name of the role, description: str # optional description string explaining what this role represents, or what permissions are granted to it., permissions: [str] # list of action keys that define what actions this resource role is permitted to do, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this role. This metadata can be used to filter role using query parameters with attr_ prefix, currently supports only 'equals' operator, extends: [str]= # list of role keys that define what roles this role extends. In other words: this role will automatically inherit all the permissions of the given roles in this list., granted_to: any # Derived role that inherit will be applied on this role}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/permissions\n@desc Assign Permissions to Role\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., permissions: [str] # List of permissions to assign to the role. If a permission is already granted to the role it is skipped. Each permission can be either a resource action id, or `{resource_key}:{action_key}`, i.e: the \"permission name\".}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/permissions\n@desc Remove Permissions from Role\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., permissions: [str] # List of permissions to remove from the role. If a permission is not found it is skipped. Each permission can be either a resource action id, or `{resource_key}:{action_key}`,i.e: the \"permission name\".}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), resource_id: str(uuid), resource: str, created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/ancestors\n@desc Get Resource Role Ancestors\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {roles: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/descendants\n@desc Get Resource Role Descendants\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {roles: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources\n@desc List Resources\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {include_built_in: bool=false # Whether to include or exclude built-in resources, default is False, include_total_count: bool=false # Include total count in response, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., search: str # Text search for the object name or key}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/resources\n@desc Create Resource\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the resource (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the resource., name: str # The name of the resource, actions: map # A actions definition block, typically contained within a resource type definition block.         The actions represents the ways you can interact with a protected resource.}\n@optional {urn: str # The [URN](https://en.wikipedia.org/wiki/Uniform_Resource_Name) (Uniform Resource Name) of the resource, description: str # An optional longer description of what this resource respresents in your system, type_attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this resource. This metadata can be used to filter resource using query parameters with attr_ prefix, attributes: map # Attributes that each resource of this type defines, and can be used in your ABAC policies., roles: map # Roles defined on this resource. The key is the role name, and the value contains the role properties such as granted permissions, base roles, etc., relations: map # Relations to other resources. The key is the relation key, and the value is the related resource., v1compat_path: str, v1compat_type: str, v1compat_name: str}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/resources/{resource_id}\n@desc Get Resource\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/schema/{proj_id}/{env_id}/resources/{resource_id}\n@desc Replace Resource\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., name: str # The name of the resource, actions: map # A actions definition block, typically contained within a resource type definition block.         The actions represents the ways you can interact with a protected resource.}\n@optional {urn: str # The [URN](https://en.wikipedia.org/wiki/Uniform_Resource_Name) (Uniform Resource Name) of the resource, description: str # An optional longer description of what this resource respresents in your system, type_attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this resource. This metadata can be used to filter resource using query parameters with attr_ prefix, attributes: map # Attributes that each resource of this type defines, and can be used in your ABAC policies., roles: map # Roles defined on this resource. The key is the role name, and the value contains the role properties such as granted permissions, base roles, etc., relations: map # Relations to other resources. The key is the relation key, and the value is the related resource., v1compat_path: str, v1compat_type: str, v1compat_name: str}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/resources/{resource_id}\n@desc Delete Resource\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/resources/{resource_id}\n@desc Update Resource\n@required {resource_id: str # Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # The name of the resource, urn: str # The [URN](https://en.wikipedia.org/wiki/Uniform_Resource_Name) (Uniform Resource Name) of the resource, description: str # An optional longer description of what this resource respresents in your system, actions: map # A actions definition block, typically contained within a resource type definition block.         The actions represents the ways you can interact with a protected resource., type_attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this resource. This metadata can be used to filter resource using query parameters with attr_ prefix, attributes: map # Attributes that each resource of this type defines, and can be used in your ABAC policies., roles: map # Roles defined on this resource. The key is the role name, and the value contains the role properties such as granted permissions, base roles, etc., relations: map # Relations to other resources. The key is the relation key, and the value is the related resource., v1compat_path: str, v1compat_type: str, v1compat_name: str}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, urn: str, description: str, actions: map, type_attributes: map, attributes: map, roles: map, relations: map, v1compat_path: str, v1compat_type: str, v1compat_name: str, action_groups: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/roles\n@desc List Roles\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {include_total_count: bool=false # Include total count in response, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., search: str # Text search for the object name or key}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/roles\n@desc Create Role\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the role (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the role., name: str # The name of the role}\n@optional {description: str # optional description string explaining what this role represents, or what permissions are granted to it., permissions: [str] # list of action keys that define what actions this resource role is permitted to do, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this role. This metadata can be used to filter role using query parameters with attr_ prefix, currently supports only 'equals' operator, extends: [str] # list of role keys that define what roles this role extends. In other words: this role will automatically inherit all the permissions of the given roles in this list., granted_to: any # Derived role that inherit will be applied on this role, v1compat_settings: map, v1compat_attributes: map, v1compat_is_built_in: bool}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/roles/{role_id}\n@desc Get Role\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/roles/{role_id}\n@desc Delete Role\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/roles/{role_id}\n@desc Update Role\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # The name of the role, description: str # optional description string explaining what this role represents, or what permissions are granted to it., permissions: [str] # list of action keys that define what actions this resource role is permitted to do, attributes: map # optional dictionary of key-value pairs that can be used to store arbitrary metadata about this role. This metadata can be used to filter role using query parameters with attr_ prefix, currently supports only 'equals' operator, extends: [str] # list of role keys that define what roles this role extends. In other words: this role will automatically inherit all the permissions of the given roles in this list., granted_to: any # Derived role that inherit will be applied on this role, v1compat_settings: map, v1compat_attributes: map}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/roles/{role_id}/permissions\n@desc Assign Permissions To Role\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., permissions: [str] # List of permissions to assign to the role. If a permission is already granted to the role it is skipped. Each permission can be either a resource action id, or `{resource_key}:{action_key}`, i.e: the \"permission name\".}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/roles/{role_id}/permissions\n@desc Remove Permissions From Role\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., permissions: [str] # List of permissions to remove from the role. If a permission is not found it is skipped. Each permission can be either a resource action id, or `{resource_key}:{action_key}`,i.e: the \"permission name\".}\n@returns(200) {name: str, description: str, permissions: [str], attributes: map, extends: [str], granted_to: any, v1compat_settings: map, v1compat_attributes: map, key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/roles/{role_id}/ancestors\n@desc Get Role Ancestors\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {roles: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/roles/{role_id}/descendants\n@desc Get Role Descendants\n@required {role_id: str # Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {roles: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/users/attributes\n@desc List User Attributes\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {resource_id: str=__user, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/users/attributes\n@desc Create User Attribute\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the attribute (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the attribute., type: any # The type of the attribute, we currently support: `bool`, `number` (ints, floats), `time` (a timestamp), `string`, and `json`.}\n@optional {resource_id: str=__user, description: str # An optional longer description of what this attribute respresents in your system}\n@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/users/attributes/{attribute_id}\n@desc Get User Attribute\n@required {attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {resource_id: str=__user}\n@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/users/attributes/{attribute_id}\n@desc Delete User Attribute\n@required {attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {resource_id: str=__user, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/schema/{proj_id}/{env_id}/users/attributes/{attribute_id}\n@desc Update User Attribute\n@required {attribute_id: str # Either the unique id of the attribute, or the URL-friendly key of the attribute (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {resource_id: str=__user, type: any # The type of the attribute, we currently support: `bool`, `number` (ints, floats), `time` (a timestamp), `string`, and `json`., description: str # An optional longer description of what this attribute respresents in your system}\n@returns(200) {type: any, description: str, key: str, id: str(uuid), resource_id: str(uuid), resource_key: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), built_in: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/direct\n@desc List Direct Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {tenant: str # The tenant key or id to filter by, resource: str # The resource key or id to filter by, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., search: str # Text search for the object name or key}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/direct/{group_instance_key}\n@desc Get Direct Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@returns(200) {group_resource_type_key: str, group_instance_key: str, group_tenant: str, id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/children\n@desc List group children (EAP)\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/parents\n@desc List group parents (EAP)\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users\n@desc List group users (EAP)\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/roles\n@desc List group roles (EAP)\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/roles\n@desc Assign Role To Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\")., role: str # The role key or id that will be assigned to the group., resource: str # The resource key or id that the role belongs to., resource_instance: str # The resource instance key or id that the role belongs to., tenant: str # The tenant key or id that the role belongs to.}\n@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/roles\n@desc Remove Role From Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\")., role: str # The role key or id that will be assigned to the group., resource: str # The resource key or id that the role belongs to., resource_instance: str # The resource instance key or id that the role belongs to., tenant: str # The tenant key or id that the role belongs to.}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}\n@desc Get Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}\n@desc Delete Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/schema/{proj_id}/{env_id}/groups\n@desc List Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {tenant: str # The tenant key or id to filter by, resource: str # The resource key or id to filter by, include_total_count: bool=false # Include total count in response(will make the request slower), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., search: str # Text search for the object name or key}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/schema/{proj_id}/{env_id}/groups\n@desc Create Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance that that the group belongs to, or the URL-friendly key of the  (i.e: file:my_file), group_tenant: str # The tenant key or id that the group belongs to.}\n@optional {group_resource_type_key: str=group # The key of the resource type that the group belongs to.}\n@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users/{user_id}\n@desc Assign User To Group\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\")., tenant: str # The tenant key or id that the user belongs to.}\n@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/users/{user_id}\n@desc Remove User From Group\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\")., tenant: str # The tenant key or id that the user belongs to.}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/assign_group\n@desc Assign Group To Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance that that the group belongs to, or the URL-friendly key of the  (i.e: file:my_file)}\n@returns(200) {assigned_roles: [str], users: [str(uuid)], group_resource_type_key: str, group_instance_key: str, group_tenant: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/schema/{proj_id}/{env_id}/groups/{group_instance_key}/assign_group\n@desc Remove Group From Group\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance, or the URL-friendly key of the resource instance (i.e: the \"slug\")., group_instance_key: str # Either the unique id of the resource instance that that the group belongs to, or the URL-friendly key of the  (i.e: file:my_file)}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group facts\n@endpoint GET /v2/facts/{proj_id}/{env_id}/users\n@desc List Users\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the email field, role: str # Match users with a specific role. To filter users without any roles, send an empty string., include_resource_instance_roles: bool=false # Should add resource instance roles, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/users\n@desc Create User\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique id by which Permit will identify the user for permission checks.}\n@optional {email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies., role_assignments: [map{role!: str, tenant: str, resource_instance: str}] # List of roles to assign to the user in the environment.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/users/{user_id}\n@desc Get User\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/facts/{proj_id}/{env_id}/users/{user_id}\n@desc Replace User\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique id by which Permit will identify the user for permission checks.}\n@optional {email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies., role_assignments: [map{role!: str, tenant: str, resource_instance: str}] # List of roles to assign to the user in the environment.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # An existing user was replaced\n@returns(201) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # An new user was created\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/users/{user_id}\n@desc Delete User\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/facts/{proj_id}/{env_id}/users/{user_id}\n@desc Update User\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/users/{user_id}/roles\n@desc Assign Role To User\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role that will be assigned (accepts either the role id or the role key)}\n@optional {tenant: str # the tenant the role is associated with (accepts either the tenant id or the tenant key), resource_instance: str # the resource instance the role is associated with (accepts either the resource instance id or key using this format resource_type:resource_instance)The resource instance will be implicitly created if the tenant parameter is specified and the resource instance does not exist.}\n@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/users/{user_id}/roles\n@desc Unassign Role From User\n@required {user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role that will be unassigned (accepts either the role id or the role key), tenant: str # the tenant the role is associated with (accepts either the tenant id or the tenant key)}\n@optional {return_deleted: bool=false # Whether to return the deleted role assignment, status code will be 200 instead of the default 204 if true, resource_instance: str # the resource instance the role is associated with (accepts either the resource instance id or key using this format resource_type:resource_instance)}\n@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Role assignment removed successfully\n@returns(204) Role assignment removed successfully\n@errors {404: Role assignment not found, 422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}/users\n@desc List Tenant Users\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the email field, role: str # Match users with a specific role, include_resource_instance_roles: bool=false # Should add resource instance roles, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}/users\n@desc Add User To Tenant\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique id by which Permit will identify the user for permission checks.}\n@optional {email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies., role_assignments: [map{role!: str, tenant: str, resource_instance: str}] # List of roles to assign to the user in the environment.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/tenants\n@desc List Tenants\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the tenant name or key, include_total_count: bool=false # Include total count in response, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/tenants\n@desc Create Tenant\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique id by which Permit will identify the tenant. The tenant key must be url-friendly (slugified)., name: str # A descriptive name for the tenant}\n@optional {description: str # an optional longer description of the tenant, attributes: map=[object Object] # Arbitraty tenant attributes that will be used to enforce attribute-based access control policies.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), last_action_at: str(date-time), name: str, description: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}\n@desc Get Tenant\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), last_action_at: str(date-time), name: str, description: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}\n@desc Delete Tenant\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}\n@desc Update Tenant\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {name: str # A descriptive name for the tenant, description: str # an optional longer description of the tenant, attributes: map=[object Object] # Arbitraty tenant attributes that will be used to enforce attribute-based access control policies.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), last_action_at: str(date-time), name: str, description: str, attributes: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/tenants/{tenant_id}/users/{user_id}\n@desc Delete Tenant User\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/role_assignments/detailed\n@desc List Role Assignments Detailed\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {user: [str] # optional user(s) filter, will only return role assignments granted to this user(s)., role: [str] # optional role(s) filter, will only return role assignments granting this role(s)., tenant: [str] # optional tenant(s) filter, will only return role assignments granted in that tenant(s)., resource: str # optional resource **type** filter, will only return role assignments granted on that resource type., resource_instance: str # optional resource instance filter, will only return role assignments granted on that resource instance., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 1000).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/role_assignments\n@desc List Role Assignments\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {user: [str] # optional user(s) filter, will only return role assignments granted to this user(s)., role: [str] # optional role(s) filter, will only return role assignments granting this role(s)., tenant: [str] # optional tenant(s) filter, will only return role assignments granted in that tenant(s)., resource: str # optional resource **type** filter, will only return role assignments granted on that resource type., resource_instance: str # optional resource instance filter, will only return role assignments granted on that resource instance., detailed: bool=false # Whether to return full details about the user, tenant and role, include_total_count: bool=false # If true, returns the list of role assignments and the total count., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 1000).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/role_assignments\n@desc Assign Role\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role that will be assigned (accepts either the role id or the role key), user: str # the user the role will be assigned to (accepts either the user id or the user key)}\n@optional {tenant: str # the tenant the role is associated with (accepts either the tenant id or the tenant key), resource_instance: str # the resource instance the role is associated with (accepts either the resource instance id or key using this format resource_type:resource_instance)The resource instance will be implicitly created if the tenant parameter is specified and the resource instance does not exist.}\n@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/role_assignments\n@desc Unassign Role\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role that will be unassigned (accepts either the role id or the role key), tenant: str # the tenant the role is associated with (accepts either the tenant id or the tenant key), user: str # the user the role will be unassigned from (accepts either the user id or the user key)}\n@optional {return_deleted: bool=false # Whether to return the deleted role assignment, status code will be 200 instead of the default 204 if true, resource_instance: str # the resource instance the role is associated with (accepts either the resource instance id or key using this format resource_type:resource_instance)}\n@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Role assignment removed successfully\n@returns(204) Role assignment removed successfully\n@errors {404: Role assignment not found, 422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/role_assignments/bulk\n@desc Bulk create role assignments\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {missing_user_policy: any=fail # Policy for missing users - 'fail': Fail the entire operation if a user is missing; 'ignore': Skip assignments for missing users; 'create': Create missing users and continue with the operation}\n@returns(200) {assignments_created: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/role_assignments/bulk\n@desc Bulk Unassign Role\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {assignments_removed: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/set_rules\n@desc List Set Permissions\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {user_set: str # optional user set filter, will only return rules where the permission is granted to this user set, permission: str # optional permission filter, will only return condition set rules granting this permission, resource_set: str # optional resource set filter, will only return rules where the permission is granted on this resource set, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/set_rules\n@desc Assign Set Permissions\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., user_set: str # The userset that will be given permission, i.e: all the users matching this rule will be given the specified permission, permission: str # The permission that will be granted to the userset *on* the resourceset. The permission can be either a resource action id, or `{resource_key}:{action_key}`, i.e: the \"permission name\"., resource_set: str # The resourceset that represents the resources that are granted for access, i.e: all the resources matching this rule can be accessed by the userset to perform the granted *permission*}\n@optional {is_role: bool=false # if True, will set the condition set rule to the role's autogen user-set., is_resource: bool=false # if True, will set the condition set rule to the resource's autogen resource-set.}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/set_rules\n@desc Unassign Set Permissions\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., user_set: str # The userset that will be unassigned these permission, i.e: all the users matching this rule will lose the specified permission, permission: str # The permission that will be removed from the userset *on* the resourceset. The permission can be either a resource action id, or `{resource_key}:{action_key}`, i.e: the \"permission name\"., resource_set: str # The resourceset that represents the resources that are no longer granted for access, i.e: all the resources matching this rule can no longer be accessed by the userset, and will be revoked the specified *permission*}\n@optional {is_role: bool=false # if True, will set the condition set rule to the role's autogen user-set., is_resource: bool=false # if True, will set the condition set rule to the resource's autogen resource-set.}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/resource_instances/detailed\n@desc List Resource Instances Detailed\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {tenant: str # The tenant key or id to filter by, resource: str # The resource key or id to filter by, search: [str] # The resource instance key or id to filter by (supports multi-value like this url?search=key-1&search=key-2), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/resource_instances\n@desc List Resource Instances\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {tenant: str # The tenant key or id to filter by, resource: str # The resource key or id to filter by, search: [str] # The resource instance key or id to filter by (supports multi-value like this url?search=key-1&search=key-2), detailed: bool=false # If true, will return the relationships of the resource instance., include_total_count: bool=false # Include total count in response(will make the request slower), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/resource_instances\n@desc Create Resource Instance\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique identifier by which Permit will identify the resource instance for permission checks. You will later pass this identifier to the `permit.check()` API. A key can be anything: for example the resource db id, a url slug, a UUID or anything else as long as it's unique on your end. The resource instance key must be url-friendly., tenant: str # the *key* of the tenant that this resource belongs to, used to enforce tenant boundaries in multi-tenant apps., resource: str # the *key* of the resource (type) of this resource instance. For example: if this resource instance is the annual budget document, the key of the resource might be `document`.}\n@optional {attributes: map=[object Object] # Arbitrary resource attributes that will be used to enforce attribute-based access control policies.}\n@returns(200) {key: str, tenant: str, resource: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource_id: str(uuid), tenant_id: str(uuid), attributes: map, relationships: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id}\n@desc Get Resource Instance\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., instance_id: str # f'Either the unique id of the resource instance, or the URL-friendly key of the  (i.e: file:my_file.txt).'}\n@optional {detailed: bool=false # If true, will return the relationships of the resource instance.}\n@returns(200) {key: str, tenant: str, resource: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource_id: str(uuid), tenant_id: str(uuid), attributes: map, relationships: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id}\n@desc Delete Resource Instance\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., instance_id: str # f'Either the unique id of the resource instance, or the URL-friendly key of the  (i.e: file:my_file.txt).'}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/facts/{proj_id}/{env_id}/resource_instances/{instance_id}\n@desc Update Resource Instance\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., instance_id: str # f'Either the unique id of the resource instance, or the URL-friendly key of the  (i.e: file:my_file.txt).'}\n@optional {attributes: map=[object Object] # Arbitrary resource attributes that will be used to enforce attribute-based access control policies.}\n@returns(200) {key: str, tenant: str, resource: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), resource_id: str(uuid), tenant_id: str(uuid), attributes: map, relationships: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/proxy_configs\n@desc List Proxy Configs\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/proxy_configs\n@desc Create Proxy Config\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., secret: any # Proxy config secret is set to enable the Permit Proxy to make proxied requests to the backend service., key: str # Proxy Config is set to enable the Permit Proxy to make proxied requests as part of the Frontend AuthZ., name: str # The name of the proxy config, for example: 'Stripe API'}\n@optional {mapping_rules: [map{url!: str, url_type: str, http_method!: any, resource!: str, headers: map, action: str, priority: int}]= # Proxy config mapping rules will include the rules that will be used to map the request to the backend service by a URL and a http method., auth_mechanism: any=Bearer # Proxy config auth mechanism will define the authentication mechanism that will be used to authenticate the request.  Bearer injects the secret into the Authorization header as a Bearer token,  Basic injects the secret into the Authorization header as a Basic user:password,  Headers injects plain headers into the request.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), secret: any, name: str, mapping_rules: [map], auth_mechanism: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id}\n@desc Get Proxy Config\n@required {proxy_config_id: str # Either the unique id of the proxy config, or the URL-friendly key of the proxy config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), secret: any, name: str, mapping_rules: [map], auth_mechanism: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id}\n@desc Delete Proxy Config\n@required {proxy_config_id: str # Either the unique id of the proxy config, or the URL-friendly key of the proxy config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/facts/{proj_id}/{env_id}/proxy_configs/{proxy_config_id}\n@desc Update Proxy Config\n@required {proxy_config_id: str # Either the unique id of the proxy config, or the URL-friendly key of the proxy config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {secret: any # Proxy config secret is set to enable the Permit Proxy to make proxied requests to the backend service., name: str # The name of the proxy config, for example: 'Stripe API', mapping_rules: [map{url!: str, url_type: str, http_method!: any, resource!: str, headers: map, action: str, priority: int, should_delete: bool}]= # Proxy config mapping rules, with optional should_delete flag to indicate deletion., auth_mechanism: any=Bearer # Proxy config auth mechanism will define the authentication mechanism that will be used to authenticate the request.  Bearer injects the secret into the Authorization header as a Bearer token,  Basic injects the secret into the Authorization header as a Basic user:password,  Headers injects plain headers into the request.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), secret: any, name: str, mapping_rules: [map], auth_mechanism: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/facts/{proj_id}/{env_id}/bulk/users\n@desc Bulk Replace Users\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., operations: [map{key!: str, email: str(email), first_name: str, last_name: str, attributes: map, role_assignments: [map]}]}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/bulk/users\n@desc Bulk Create Users\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., operations: [map{key!: str, email: str(email), first_name: str, last_name: str, attributes: map, role_assignments: [map]}]}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/bulk/users\n@desc Bulk Delete Users\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., idents: [str] # List of user idents to delete. Either the unique id or the key of the users.}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/bulk/tenants\n@desc Bulk Create Tenants\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., operations: [map{key!: str, name!: str, description: str, attributes: map}]}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/bulk/tenants\n@desc Bulk Delete Tenants\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., idents: [str] # List of tenant idents to delete. Either the unique id or the key of the tenants.}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/facts/{proj_id}/{env_id}/bulk/resource_instances\n@desc Bulk Replace Resource Instances\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., operations: [map{key!: str, tenant!: str, resource!: str, attributes: map}]}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/bulk/resource_instances\n@desc Bulk Delete Resource Instances\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., idents: [str] # List of resource instance idents to delete. Either the unique id of the resource instance, or the URL-friendly key of the  (i.e: file:my_file)}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/email_configurations\n@desc Get Email Configuration\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/email_configurations\n@desc Create Or Update Email Configuration\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/email_configurations/send_test_email\n@desc Send Test Email\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/email_templates/\n@desc List Templates\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/email_templates/{template_type}\n@desc Get Template By Type\n@required {template_type: str, proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {template_type: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), from_address: str(email), redirect_to: str(uri), url_ttl: str, subject: str, messages: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/email_templates/{template_type}\n@desc Update Template By Type\n@required {template_type: str, proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., from_address: str(email) # The from address the mails will be sent from, redirect_to: str(uri) # The redirect url the user will be redirected to after clicking the link in the email, url_ttl: str # The time to live of the url in the email, in seconds, subject: str # The subject of the email template, messages: [map{message_type!: any, message_content!: str}] # The messages of the email template}\n@returns(200) {template_type: any, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), from_address: str(email), redirect_to: str(uri), url_ttl: str, subject: str, messages: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/email_templates/{template_type}/send_test_email\n@desc Send Test Email By Type\n@required {template_type: str, proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., from_address: str(email) # The from address the mails will be sent from, redirect_to: str(uri) # The redirect url the user will be redirected to after clicking the link in the email, url_ttl: str # The time to live of the url in the email, in seconds, subject: str # The subject of the email template, messages: [map{message_type!: any, message_content!: str}] # The messages of the email template}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/relationship_tuples/detailed\n@desc List Relationship Tuples Detailed\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., tenant: str # The tenant key or id to filter by, subject: str # The subject to filter by, accepts either the resource instance id or resource_type:resource_instance, relation: str # The relation id or key to filter by, object: str # The object to filter by, accepts either the resource instance id or resource_type:resource_instance, object_type: str # The object type to filter by, accepts resource type id or key, subject_type: str # The subject type to filter by, accepts resource type id or key}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/relationship_tuples\n@desc List Relationship Tuples\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {detailed: bool=false # If true, will return the full subject and object resource instances., include_total_count: bool=false # If true, returns the list of resource instances and the total count., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., tenant: str # The tenant key or id to filter by, subject: str # The subject to filter by, accepts either the resource instance id or resource_type:resource_instance, relation: str # The relation id or key to filter by, object: str # The object to filter by, accepts either the resource instance id or resource_type:resource_instance, object_type: str # The object type to filter by, accepts resource type id or key, subject_type: str # The subject type to filter by, accepts resource type id or key}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/relationship_tuples\n@desc Create Relationship Tuple\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., subject: str # the resource instance assigned the new relation (accepts either the resource instance id or resource_key:resource_instance_key), relation: str # the relation to assign between the subject and object, object: str # the resource instance on which the new relation is assigned (accepts either the resource instance id or resource_key:resource_instance_key)}\n@optional {tenant: str # The tenant the subject and object belong to, if the resource instances don't exist yet, the tenant is required to create them. otherwise it is ignored}\n@returns(200) {subject: str, relation: str, object: str, id: str(uuid), tenant: str, subject_id: str(uuid), relation_id: str(uuid), object_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), subject_details: any, relation_details: any, object_details: any, tenant_details: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/relationship_tuples\n@desc Delete Relationship Tuple\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., subject: str # the resource instance assigned the new relation (accepts either the resource instance id or resource_key:resource_instance_key), relation: str # the relation to assign between the subject and object, object: str # the resource instance on which the new relation is assigned (accepts either the resource instance id or resource_key:resource_instance_key)}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/relationship_tuples/bulk\n@desc Bulk create relationship tuples\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., operations: [map{subject!: str, relation!: str, object!: str, tenant: str}]}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/relationship_tuples/bulk\n@desc Bulk Delete Relationship Tuples\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., idents: [map{subject!: str, relation!: str, object!: str}] # List of relationship tuples objects to delete}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/user_invites\n@desc List User Invites\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {role: str # optional role filter, will only return invited users with this role., tenant: str # optional tenant filter, will only return invited users in that tenant., search: str # optional search, will only return invited users to that email, key or name., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/user_invites\n@desc Create User Invite\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # The key of the user that is being invited, status: any # The status of the user invite, email: str(email) # The email of the user that being invited, first_name: str # The first name of the user that is being invited, last_name: str # The last name of the user that is being invited, role_id: str(uuid) # The role of the user that is being invited, tenant_id: str(uuid) # The tenant id of the user that is being invited, resource_instance_id: str(uuid) # The resource instance id of the user that is being invited}\n@returns(200) {id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), key: str, status: any, email: str(email), first_name: str, last_name: str, role_id: str(uuid), tenant_id: str(uuid), resource_instance_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}\n@desc Get User Invite\n@required {user_invite_id: str # Either the unique id of the user_invite, or the URL-friendly key of the user_invite (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), key: str, status: any, email: str(email), first_name: str, last_name: str, role_id: str(uuid), tenant_id: str(uuid), resource_instance_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}\n@desc Delete User Invite\n@required {user_invite_id: str # Either the unique id of the user_invite, or the URL-friendly key of the user_invite (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}\n@desc Update User Invite\n@required {user_invite_id: str # Either the unique id of the user_invite, or the URL-friendly key of the user_invite (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # The key of the user that is being invited, status: any # The status of the user invite, email: str(email) # The email of the user that being invited, first_name: str # The first name of the user that is being invited, last_name: str # The last name of the user that is being invited, role_id: str(uuid) # The role of the user that is being invited, tenant_id: str(uuid) # The tenant id of the user that is being invited, resource_instance_id: str(uuid) # The resource instance id of the user that is being invited}\n@returns(200) {id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), key: str, status: any, email: str(email), first_name: str, last_name: str, role_id: str(uuid), tenant_id: str(uuid), resource_instance_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/user_invites/{user_invite_id}/approve\n@desc Approve User Invite\n@required {user_invite_id: str # Either the unique id of the user_invite, or the URL-friendly key of the user_invite (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., email: str(email) # The email of the user that being invited, key: str # The key of the elements user invite, attributes: map # The attributes of the user}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), associated_tenants: [map], roles: [map], created_at: str(date-time), updated_at: str(date-time), email: str(email), first_name: str, last_name: str, attributes: map} # Successful Response\n@errors {400: The user already approved or the email requested doesn't match the email of the invite., 422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}\n@desc List Access Requests\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {status: any # Optional status filter, will only return access requests with this status., role: str # Optional role filter, will only return access request granted with that role., resource: str # Optional resource filter, will only return access request granted in that resource., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}\n@desc Create Access Request\n@required {tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., access_request_details: any # details of the access request, including the resource and tenant}\n@optional {reason: str # Optional business justification provided by the user requesting access}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}\n@desc Get Access Request\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/reviewer\n@desc Update Access Request Reviewer\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id, role: str # role id or key that the user is requesting access to}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/approve\n@desc Approve Access Request\n@required {access_request_id: str(uuid) # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id, role: str # role id or key that the user is requesting access to}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/deny\n@desc Deny Access Request\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/facts/{proj_id}/{env_id}/access_requests/{elements_config_id}/user/{user_id}/tenant/{tenant_id}/{access_request_id}/cancel\n@desc Cancel Access Request\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., tenant_id: str # Either the unique id of the tenant, or the URL-friendly key of the tenant (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group pdps\n@endpoint GET /v2/pdps/{proj_id}/{env_id}/configs\n@desc List PDP configurations\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/values\n@desc Get PDP configuration\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., pdp_id: str(uuid) # The unique id of the pdp}\n@optional {X-Shard-ID: int}\n@returns(200) {opal_common: map{FETCHING_CALLBACK_TIMEOUT: int, AUTH_PUBLIC_KEY: str}, opal_client: map{DATA_TOPICS: [str], CLIENT_TOKEN: str, SERVER_URL: str, SERVER_WS_URL: str, SERVER_PUBSUB_URL: str, DEFAULT_DATA_SOURCES_CONFIG_URL: str, SCOPE_ID: str, SHOULD_REPORT_ON_DATA_UPDATES: bool, DEFAULT_UPDATE_CALLBACKS: map{callbacks: [any]}, DEFAULT_UPDATE_CALLBACK_CONFIG: map{fetcher: str, headers: map, is_json: bool, process_data: bool, method: any, data: any}}, pdp: any, context: map{customer_id: str(uuid), client_id: str, backend_tier: str(uri), component: str, org_id: str(uuid), project_id: str(uuid), env_id: str(uuid)}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/debug-audit-logs/enable\n@desc Enable debug audit logs\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., pdp_id: str(uuid) # The unique id of the pdp}\n@returns(200) {id: str(uuid), name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), client_secret: str, opal_server_access_token: str, num_shards: int, debug_audit_logs: bool, min_pdp_version: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/debug-audit-logs/disable\n@desc Disable debug audit logs\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., pdp_id: str(uuid) # The unique id of the pdp}\n@returns(200) {id: str(uuid), name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), client_secret: str, opal_server_access_token: str, num_shards: int, debug_audit_logs: bool, min_pdp_version: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/pdps/{proj_id}/{env_id}/configs/{pdp_id}/rotate-api-key\n@desc Rotate PDP API Key\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., pdp_id: str(uuid) # The unique id of the pdp}\n@returns(200) {id: str(uuid), name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), client_secret: str, opal_server_access_token: str, num_shards: int, debug_audit_logs: bool, min_pdp_version: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/pdps/{proj_id}/{env_id}/configs/migrate-shards\n@desc Migrate PDP Config number of shards\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., num_shards: int}\n@returns(200) {id: str(uuid), name: str, organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), client_secret: str, opal_server_access_token: str, num_shards: int, debug_audit_logs: bool, min_pdp_version: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/pdps/{proj_id}/{env_id}/audit_logs\n@desc List Audit Logs\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {pdp_id: str(uuid) # Filter by pdp config id, users: [str] # List of user keys or emails to filter by, decision: bool # Filter by decision result, resources: [str] # Filter by resources, tenant: str # Filter by tenant, action: str # Filter by action, timestamp_from: int # Filter by timestamp from, timestamp_to: int # Filter by timestamp to, sort_by: any=timestamp # Sort by column, query: any=check # Filter by the type of query that generated the audit log.'check' - permit/root, permit/check, permit/bulk'get_user_permissions' - permit/user_permissions'get_authorized_users' - permit/authorized_users, permit/authorized_users_new'none' - All queries, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int, pagination_count: int} # Successful Response\n@errors {400: Overreach of pagination limits, 422: Validation Error}\n\n@endpoint GET /v2/pdps/{proj_id}/{env_id}/audit_logs/{log_id}\n@desc Get detailed audit log\n@required {log_id: str(uuid) # The unique id of the audit log, proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {id: str(uuid), raw_data: any, timestamp: str(date-time), created_at: str(date-time), query: str, user_key: str, user_email: str, user_name: str, resource_type: str, tenant: str, action: str, decision: bool, reason: str, org_id: str(uuid), project_id: str(uuid), env_id: str(uuid), pdp_config_id: str(uuid), input: any, result: any, context: any, objects: any} # Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group projects\n@endpoint GET /v2/projects/{proj_id}/repos\n@desc List Policy Repos\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/projects/{proj_id}/repos\n@desc Create Policy Repo\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., key: str # A URL-friendly name of the policy repo (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the policy repo., url: str # The SSH URL of the git repository (e.g. git@github.com:username/repository.git), credentials: map{auth_type: str, username!: str, public_key: str, private_key!: str}}\n@optional {main_branch_name: str=main, activate_when_validated: bool=false # if you want to change your policy repository to this repo right after it is validated}\n@returns(200) {id: str(uuid), status: str, key: str, url: str, main_branch_name: str, credentials: map{auth_type: str, username: str, public_key: str, private_key: str}, activate_when_validated: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}/repos/active\n@desc Get Active Policy Repo\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@returns(200) {id: str(uuid), status: str, key: str, url: str, main_branch_name: str, credentials: map{auth_type: str, username: str, public_key: str, private_key: str}, activate_when_validated: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/projects/{proj_id}/repos/disable\n@desc Disable Active Policy Repo\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").}\n@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/projects/{proj_id}/repos/{repo_id}/activate\n@desc Activate Policy Repo\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., repo_id: str # Either the unique id of the policy repo, or the URL-friendly key of the policy repo (i.e: the \"slug\").}\n@returns(200) {key: str, urn_namespace: str, id: str(uuid), organization_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), name: str, description: str, settings: map, active_policy_repo_id: str(uuid)} # Successful Response\n@errors {400: Invalid policy repo status, 422: Validation Error}\n\n@endpoint GET /v2/projects/{proj_id}/repos/{repo_id}\n@desc Get Policy Repo\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., repo_id: str # Either the unique id of the policy repo, or the URL-friendly key of the policy repo (i.e: the \"slug\").}\n@returns(200) {id: str(uuid), status: str, key: str, url: str, main_branch_name: str, credentials: map{auth_type: str, username: str, public_key: str, private_key: str}, activate_when_validated: bool} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/projects/{proj_id}/repos/{repo_id}\n@desc Delete Policy Repo\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., repo_id: str # Either the unique id of the policy repo, or the URL-friendly key of the policy repo (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group elements\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config\n@desc List Elements Configs\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/elements/{proj_id}/{env_id}/config\n@desc Create Elements Config\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A URL-friendly name of the elements_config (i.e: slug). You will be able to query later using this key instead of the id (UUID) of the elements_config., name: str # The name of the elements_config, elements_type: any # The type of the elements interface, e.g: user management, settings: map # Obj with the options of the elements interface, e.g: primary color, roles_to_levels: map # Obj with levels as keys and role ids as values}\n@optional {email_notifications: bool=false # Whether to send email notifications to users using your Email Provider you set, webhook: map{type: str, url!: str, bearer_token: str}}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), is_active: bool, name: str, elements_type: any, settings: map, email_notifications: bool, roles_to_levels: map, webhook: map{type: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), url: str}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}\n@desc Get Elements Config\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), is_active: bool, name: str, elements_type: any, settings: map, email_notifications: bool, roles_to_levels: map, webhook: map{type: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), url: str}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}\n@desc Update Elements Config\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., roles_to_levels: map # Obj with levels as keys and role ids as values}\n@optional {name: str # The name of the elements_config, elements_type: any # The type of the elements interface, e.g: user management, settings: map # Obj with the options of the elements interface, e.g: primary color, email_notifications: bool=false # Whether to send email notifications to users using your Email Provider you set, webhook: map{url: str, bearer_token: str}}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), is_active: bool, name: str, elements_type: any, settings: map, email_notifications: bool, roles_to_levels: map, webhook: map{type: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), url: str}} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/runtime\n@desc Get Elements Config Runtime\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) {config: map{key: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), is_active: bool, name: str, elements_type: any, settings: map, email_notifications: bool, roles_to_levels: map, webhook: map{type: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), url: str}}, current_permission_level: str} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/elements/{proj_id}/{env_id}/{elements_config_id}\n@desc Delete Elements Config\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users\n@desc List users\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the email field, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users\n@desc Create user\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., key: str # A unique id by which Permit will identify the user for permission checks.}\n@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on, email: str(email) # The email of the user. If synced, will be unique inside the environment., first_name: str # First name of the user., last_name: str # Last name of the user., attributes: map=[object Object] # Arbitrary user attributes that will be used to enforce attribute-based access control policies., role_assignments: [map{role!: str, tenant: str, resource_instance: str}] # List of roles to assign to the user in the environment., role: str}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id}\n@desc Delete user\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\").}\n@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/user-invites\n@desc List all Elements User Invites\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the email field, status: any # Status of the user invite, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/roles\n@desc List roles\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {search: str # Text search for the email field, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id}/roles\n@desc Assign role to user\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role that will be assigned (accepts either the role id or the role key)}\n@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) {id: str(uuid), user: str, role: str, tenant: str, resource_instance: str, resource_instance_id: str(uuid), user_id: str(uuid), role_id: str(uuid), tenant_id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id}/roles\n@desc Unassign role from user\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., user_id: str # Either the unique id of the user, or the URL-friendly key of the user (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., role: str # the role that will be unassigned (accepts either the role id or the role key)}\n@optional {resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/active\n@desc Set Config Active\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/audit_logs\n@desc List audit logs\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {search: str # Text search for the email field, page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int, pagination_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests\n@desc List Access Requests\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {status: any # Optional status filter, will only return access requests with this status., tenant: str # Optional tenant filter, will only return access request granted in that tenant., role: str # Optional role filter, will only return access request granted with that role., resource: str # Optional resource filter, will only return access request granted in that resource., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100)., resource_instance_id: str # For ReBAC Elements, the resource instance ID or key to work on}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests\n@desc Create Access Request\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., access_request_details: any # details of the access request, including the resource and tenant}\n@optional {reason: str # Optional business justification provided by the user requesting access}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}\n@desc Get Access Request\n@required {elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/reviewer\n@desc Update Access Request Reviewer\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id, role: str # role id or key that the user is requesting access to}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/approve\n@desc Approve Access Request\n@required {access_request_id: str(uuid) # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id, role: str # role id or key that the user is requesting access to}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/deny\n@desc Deny Access Request\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/access_requests/{access_request_id}/cancel\n@desc Cancel Access Request\n@required {access_request_id: str # Either the unique id of the access_request, or the URL-friendly key of the access_request (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval\n@desc List Operation Approvals\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {status: any # Optional status filter, will only return access requests with this status., resource: str # Optional resource filter, will only return access request granted in that resource., resource_instance: str # Optional resource instance filter, will only return access request granted in that resource instance., page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval\n@desc Create Operation Approval\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\")., access_request_details: any # details of the operation approval, including the resource and tenant}\n@optional {reason: str # Optional business justification provided by the user requesting operation approval}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}\n@desc Get Operation Approval\n@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PATCH /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/reviewer\n@desc Update Operation Approval Reviewer\n@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id}\n@returns(200) {access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, reviewer_comment: str, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/approve\n@desc Approve Operation Approval\n@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/deny\n@desc Deny Operation Approval\n@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@optional {reviewer_comment: str # comment provided by the reviewer_user_id}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/operation_approval/{operation_approval_id}/cancel\n@desc Cancel Operation Approval\n@required {operation_approval_id: str # Either the unique id of the operation_approval, or the URL-friendly key of the operation_approval (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\")., elements_config_id: str # Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e: the \"slug\").}\n@returns(200) {reviewer_comment: str, access_request_details: any, reason: str, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time), requesting_user_id: str(uuid), reviewed_at: str(date-time), type: any, status: any, reviewer_user_id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group deprecated\n@endpoint GET /v2/deprecated/history\n@desc List Api Events\n@optional {method: [str] # HTTP methods to include in search, path: [str] # API paths to include in search, success: bool # Filter by API request success/failure, status_code: [int] # HTTP status codes to include in search, client_ip: [str] # IPs of clients to include in search, actor_type: [str] # Actor type to search (member, user, api_key), actor_id: [str] # Actor ID to search, actor_display_name: str # Actor display name to search, project_id: [str] # Projects to include in search, env_id: [str] # Environments to include in search, timestamp_from: int # Retrieve only events after this timestamp (seconds since epoch), timestamp_until: int # Retrieve only events before this timestamp (seconds since epoch), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/deprecated/history/{event_id}\n@desc Get Api Event\n@required {event_id: str(uuid)}\n@returns(200) {request_body: str(binary), response_body: str(binary), timestamp: str(date-time), timestamp_utc: str(date-time), method: str, path: str, success: bool, status: int, request_id: str(uuid), client_ip: str, actor_type: str, actor_id: str(uuid), actor_display_name: str, org_id: str(uuid), project_key: str, project_id: str(uuid), env_key: str, env_id: str(uuid), id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/deprecated/history/{event_id}/request\n@desc Get Request Body\n@required {event_id: str(uuid)}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/deprecated/history/{event_id}/response\n@desc Get Response Body\n@required {event_id: str(uuid)}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group history\n@endpoint GET /v2/history\n@desc List Api Events\n@optional {method: [str] # HTTP methods to include in search, path: [str] # API paths to include in search, success: bool # Filter by API request success/failure, status_code: [int] # HTTP status codes to include in search, client_ip: [str] # IPs of clients to include in search, actor_type: [str] # Actor type to search (member, user, api_key), actor_id: [str] # Actor ID to search, actor_display_name: str # Actor display name to search, project_id: [str] # Projects to include in search, env_id: [str] # Environments to include in search, timestamp_from: int # Retrieve only events after this timestamp (seconds since epoch), timestamp_until: int # Retrieve only events before this timestamp (seconds since epoch), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int, pagination_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/history/{event_id}\n@desc Get Api Event\n@required {event_id: str(uuid)}\n@returns(200) {request_body: str(binary), response_body: str(binary), timestamp: str(date-time), timestamp_utc: str(date-time), method: str, path: str, success: bool, status: int, request_id: str(uuid), client_ip: str, actor_type: str, actor_id: str(uuid), actor_display_name: str, org_id: str(uuid), project_key: str, project_id: str(uuid), env_key: str, env_id: str(uuid), id: str(uuid)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/history/{event_id}/request\n@desc Get Request Body\n@required {event_id: str(uuid)}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/history/{event_id}/response\n@desc Get Response Body\n@required {event_id: str(uuid)}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group activity\n@endpoint GET /v2/activity\n@desc List Activity Events\n@optional {actor_id: [str] # Actor ID to search, actor_display_name: str # Actor display name to search, actor_type: [str] # Actor type to search (member, user, api_key), project_id: [str] # Projects to include in search, env_id: [str] # Environments to include in search, timestamp_from: int # Retrieve only events after this timestamp (seconds since epoch), timestamp_until: int # Retrieve only events before this timestamp (seconds since epoch), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int, pagination_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/activity/types\n@desc List Activity Types\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group deprecated\n@endpoint GET /v2/deprecated/activity\n@desc List Activity Events\n@optional {actor_id: [str] # Actor ID to search, actor_display_name: str # Actor display name to search, actor_type: [str] # Actor type to search (member, user, api_key), project_id: [str] # Projects to include in search, env_id: [str] # Environments to include in search, timestamp_from: int # Retrieve only events after this timestamp (seconds since epoch), timestamp_until: int # Retrieve only events before this timestamp (seconds since epoch), page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) {data: [map], total_count: int, page_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/deprecated/activity/types\n@desc List Activity Types\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group policy_guards\n@endpoint GET /v2/policy_guards/scopes\n@desc List Policy Guard Scopes\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/policy_guards/scopes\n@desc Create Policy Guard Scope\n@required {key: str # The unique key of the policy guard scope.}\n@optional {policy_guard_scope_details: [map{project_id!: str}]= # list of projects that this policy guard is assigned to.}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), policy_guard_scope_details: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/policy_guards/scopes/{policy_guard_scope_id}\n@desc Get Policy Guard Scope\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\").}\n@returns(200) {key: str, id: str(uuid), organization_id: str(uuid), policy_guard_scope_details: [map]} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/policy_guards/scopes/{policy_guard_scope_id}\n@desc Delete Policy Guard Scope\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/policy_guards/scopes/{policy_guard_scope_id}/associate\n@desc Associate Policy Guard Scope\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\")., project_id: str # The unique identifier of the project of this policy scope.}\n@optional {wait: num=0 # Time in seconds to wait for the task to complete. Default is 0, means no wait.}\n@returns(200) {task_id: str, status: any, result: any, error: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/policy_guards/scopes/{policy_guard_scope_id}/disassociate\n@desc Disassociate Policy Guard Scope\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\")., project_id: str # The unique identifier of the project of this policy scope.}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/policy_guards/scopes/{policy_guard_scope_id}/rules\n@desc List Policy Guard Rules\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\").}\n@optional {page: int=1 # Page number of the results to fetch, starting at 1., per_page: int=30 # The number of results per page (max 100).}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint POST /v2/policy_guards/scopes/{policy_guard_scope_id}/rules\n@desc Create Policy Guard Rule\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\")., is_allowed: bool # If True, the permission will be allowed for the role in the policy guard across all projectswithin the policy scope, and the permission will be locked from further editing., resource_key: str # The key of the resource., action_key: str # The key of the action.}\n@optional {wait: num=0 # Time in seconds to wait for the task to complete. Default is 0, means no wait., role_key: str # The key of the role., resource_set: any # The resource set that the permission will be applied to., user_set: any # The user set that the permission will be applied to.}\n@returns(200) {task_id: str, status: any, result: any, error: any} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/policy_guards/scopes/{policy_guard_scope_id}/rules\n@desc Delete Policy Guard Rule\n@required {policy_guard_scope_id: str # Either the unique id of the policy_guard_scope, or the URL-friendly key of the policy_guard_scope (i.e: the \"slug\")., resource_key: str # The key of the resource., action_key: str # The key of the action.}\n@optional {role_key: str # The key of the role., resource_set: any # The resource set that the permission will be applied to., user_set: any # The user set that the permission will be applied to.}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group projects\n@endpoint GET /v2/projects/{proj_id}/{env_id}/opal_scope\n@desc Get Scope Config\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(200) {data: map{entries: [map]}, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint PUT /v2/projects/{proj_id}/{env_id}/opal_scope\n@desc Set Scope Config\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {data: map{entries: [map]} # Static list of Data Source Entries returned to client.  Answers this question for the client: from where should i get the full picture of data i need? (as opposed to incremental data updates)}\n@returns(200) {data: map{entries: [map]}, id: str(uuid), organization_id: str(uuid), project_id: str(uuid), environment_id: str(uuid), created_at: str(date-time), updated_at: str(date-time)} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint DELETE /v2/projects/{proj_id}/{env_id}/opal_scope\n@desc Reset Scope Config\n@required {proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@returns(204) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group audit-log-replay\n@endpoint POST /v2/audit-log-replay\n@desc Run the audit log replay\n@required {pdp_url: str # URL of the PDP to test against}\n@optional {start_time: int # Start time for the query (in seconds since epoch). Defaults to 24 hours ago., end_time: int # End time for the query (in seconds since epoch). Defaults to current time., concurrency_limit: int=10 # Concurrency limit for processing documents (max: 5), graceful_shutdown_s: int=60 # Graceful shutdown time in seconds}\n@returns(202) {message: str, document_count: int} # Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@group internal\n@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/optimized\n@desc Get All Data Optimized\n@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {X-Shard-ID: int}\n@returns(200) {use_debugger: bool, users: map, tenants: map, roles: map, condition_set_rules: map, condition_set_rules_expand: map, relationships: map, resource_types: map, condition_sets: map, role_assignments: map, role_permissions: map, mapping_rules: map, resource_instances: map} # Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}\n@desc Get All Data\n@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/users\n@desc Get All Users Data\n@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/role_assignments\n@desc Get All Role Assignments Data\n@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/resource_instances\n@desc Get All Resource Instances Data\n@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endpoint GET /v2/internal/opal_data/{org_id}/{proj_id}/{env_id}/relationships\n@desc Get All Relationships Data\n@required {org_id: str(uuid) # Either the unique id of the organization, or the URL-friendly key of the organization (i.e: the \"slug\")., proj_id: str # Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\")., env_id: str # Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").}\n@optional {timeout: num=600 # Timeout for the data generation in the new data generation mode, X-Shard-ID: int}\n@returns(200) Successful Response\n@errors {422: Validation Error}\n\n@endgroup\n\n@end\n"}