Authorization Security Principals
This Public Experimental API gets, creates, updates, and deletes authorization security principals.
An authorization security principal connects a user account with its permissions, which consists of a role and optional scopes.
API Methods
| Functionality | HTTP | URI | 
|---|---|---|
| Get a collection of authorization security principals in an organization. | 
 | 
 | 
| Get an individual authorization security principal. | 
 | 
 | 
| Create an individual authorization security principal. | 
 | 
 | 
| Update an authorization security principal. | 
 | 
 | 
| Delete an authorization security principal. | 
 | 
 | 
Get Authorization Security Principals
This method gets an individual or a collection of authorization security principals in your organization.
By default, the maximum number returned from a GET collection of authorization security principals is 500.
URI to Get a Collection of Authorization Security Principals
GET [api_version][org_href]/auth_security_principals
URI to Get an Individual Authorization Security Principal
Use the auth_security_principal_id in a GET collection response (the last set of numbers in an HREF field).
GET [api_version][org_href]/auth_security_principals/{auth_security_principal_id}Create an Authorization Security Principal
This method creates an individual authorization security principal.
URI to Create an Authorization Security Principal
POST [api_version][org_href]/auth_security_principals
Update an Authorization Security Principal
To update an individual authorization security principal, use its HREF, which is obtained from the response from a GET collection.
URI to Update an Individual Authorization Security Principal
PUT [api_version][auth_security_principal_href]
Delete an Authorization Security Principal
To delete an authorization security principal, use its HREF, which is returned in the response from a GET collection.
URI to Delete an Individual Authorization Security Principal
DELETE [api_version][auth_security_pincipal_href]
Authorization Security Principals Reference
This topic covers properties, parameters, and examples of authorization security principals.
Parameters
Parameters used for Auth Security Principals are:
| Parameter | Description | Type | Required | 
|---|---|---|---|
| 
 | Organization Id | Integer | Yes | 
| 
 | Name of the authorization security principal. 
 | String | GET, PUT: No POST: Yes | 
| 
 | One of two types of users, either  | String | GET, PUT: No POST: Yes | 
| 
 | UUID of the auth_security_principal. Required for  | String | Yes | 
| 
 | An optional display name for the authorization security principal. | String | No | 
| 
 | Access restriction assigned to this user | String NULL | No | 
Properties
| Property | Description | Type | Required | 
|---|---|---|---|
| 
 | URI of auth_security_principal | String | Yes | 
| 
 | Name of the authorization security principal. 
 | String | GET, PUT: No POST: Yes | 
| 
 | One of two types of users, either  | String | GET, PUT: No POST: Yes | 
| 
 | UUID of the auth_security_principal. Required for  | String | Yes | 
| 
 | An optional display name for the authorization security principal. | String | No | 
| 
 | Access restriction assigned to this user | String NULL | No | 
Examples
Curl Command to Get Authorization Security Principals
curl -i -X GET https://pce.my-company.com:8443/api/v2/orgs/2/auth_security_principals -H "Accept: application/json" -u $KEY:$TOKEN
Response
Each individual authorization security principal returned is identified by its HREF. You can use the HREF to GET, PUT, or DELETE an authorization security principal.
 {
      "href": "/orgs/7/auth_security_principals/97cb9898-027b-474e-9807-19e04460dfb0",
      "name": "[email protected]",
      "display_name": "Jimmy Joe Meeker",
      "type": "user"
   },
..............................
   {
      "href": "/orgs/7/auth_security_principals/db7a2657-dcb8-4237-a6e7-7269cdbaea5d",
      "name": "[email protected]",
      "display_name": "Foxy Brown",
      "type": "user"
   }
]Curl Command to Get an Authorization Security Principal
curl -i -X GET -H "Accept: application/json -u $KEY:'TOKEN' https://pce.my-company.com:8443/api/v2/orgs/2/auth_security_principals/db7a2657-dcb8-4237-a6e7-7269cdbaea5d
Request Body - Local User Authorization Security Principal
{
   "type": "user",
   "name": "[email protected]",
   "display_name": "Joe User"
}Response Body - Local User Authorization Security Principal
{
   "href": "/orgs/7/auth_security_principals/e8c232d2-e4bf-4ba5-bd77-ccfc3a8ad999",
   "name": "[email protected]",
   "display_name": "Joe User",
   "type": "user"
}Request Body - External Group User Authorization Security Principal
{
   "type": "group",
   "name": "jCQN=Bank-Admin,OU=EU,DC=Acme,DC=com",
   "display_name": "Provisioners for Bank Accounts"
}Response Body - External Group Authorization Security Principal
{
   "href": "/orgs/7/auth_security_principals/e8c232d2-e4bf-4ba5-bd77-ccfc3a8ad777",
   "name": "jCQN=Bank-Admin,OU=EU,DC=Acme,DC=com",
   "display_name": "Acme Bank Admins",
   "type": "group"
}Curl Command Create an Authorization Security Principal
curl -i -X POST https://pce.my-company.com:8443/api/v2/orgs/2/auth_security_principals -u $KEY:$TOKEN -H "Content-Type:application/json" -d '{"type": "user","name":"[email protected]", "display_name": "Joe User"}' Request body to ppdate an individual authorization security principal
{
   "type": "user",
   "name": "[email protected]",
   "display_name": "Joe User"
}Curl Command Create an Authorization Security Principle
curl -i -X PUT https://pce.my-company.com:8443/api/v2/orgs/2/sec_policy/draft/services/79 -H "Content-Type:application/json" -u $KEY:$TOKEN -d '{"type": "user", "name": "[email protected]", "display_name": "Joe User"}' Curl Command Delete the Authorization Security Principal
curl -i -X DELETE -H "Accept: application/json" -u $KEY:$TOKEN https://pce.my-company.com:8443/api/v2/orgs/2/auth_security_principals/e8c232d2-e4bf-4ba5-bd77-ccfc3a8ad777