Skip to content
/Me

Aritma IAM API (V1)

An API for interacting with the identity and access management system of Aritma.

Download OpenAPI description
iam-openapi.json
iam-openapi.yaml
Overview
URL
https://aritma.com/contact
Languages
Servers
Mock server
https://developer.aritma.com/_mock/apis/platform/iam/openapi/iam-openapi
IAM API
https://api.dev.aritma.io/core/iam

Actions

Actions related to IAM actions

Operations

Client

Actions related to clients in Aritma ID

Operations

Domains

Actions related to domains registered for the tenant, and their verification status

Operations

Me

Actions listing information about the currently authenticated user

Operations

Gets information about the user

Request

Security
authorization_code_with_pkce(Required scopes:
services.iam
) or client_credentials(Required scopes:
services.iam
)
No request payload

Responses

OK

Bodyapplication/json
idstringrequired

The unique identifier of the user.

Example: "00000000-0000-0000-0000-000000000001"
userNamestringrequired

The username (login name) of the user.

Example: "jane.doe@aritma.com"
emailstringrequired

The email address of the user.

Example: "jane.doe@aritma.com"
phoneNumberstringrequired

The phone number of the user, if registered.

Example: "+4712345678"
twoFactorEnabledbooleanrequired

Indicates whether two-factor authentication is enabled for the user.

Example: false
rolesArray of objects(RoleDto)required

The roles assigned to the user.

idstringrequired

The unique identifier of the role.

namestringrequired

The name of the role.

Response
application/json
{
  "id": "00000000-0000-0000-0000-000000000001",
  "userName": "jane.doe@aritma.com",
  "email": "jane.doe@aritma.com",
  "phoneNumber": "+4712345678",
  "twoFactorEnabled": false,
  "roles": [
    { … }
  ]
}

Returns an unpaginated list of all claims assigned to you

Request

Security
authorization_code_with_pkce(Required scopes:
services.iam
) or client_credentials(Required scopes:
services.iam
)
No request payload

Responses

OK

Bodyapplication/jsonArray [
claimIdinteger(int32)required

The internal claim identifier.

Example: 42
userIdstringrequired

The user the claim belongs to.

Example: "00000000-0000-0000-0000-000000000001"
claimTypestringrequired

The claim type (e.g. a URI or short name).

Example: "email"
claimValuestringrequired

The claim value.

Example: "user@aritma.com"
]
Response
application/json
[
  {
    "claimId": 42,
    "userId": "00000000-0000-0000-0000-000000000001",
    "claimType": "email",
    "claimValue": "user@aritma.com"
  }
]

Gets permissions for the currently authenticated user

Request

Security
authorization_code_with_pkce(Required scopes:
services.iam
) or client_credentials(Required scopes:
services.iam
)
Query
resourceTypestring

Filters results to policies on resources of this type.

Example: resourceType=subscriptions
resourceProviderstring

Filters results to policies on resources from this provider.

Example: resourceProvider=aritma.control
actionstring

Filters results to policies granting this action.

Example: action=iam.policy.read
No request payload

Responses

OK

Bodyapplication/json
policiesArray of objects(PolicyDto)required

The policies that applies to the subject, filtered to scopes the requesting party has read access on.

Example: [{"subject":"user-00000000-0000-0000-0000-000000000000","scope":"/subscriptions/123","action":"iam.policy.read","tenant":"00000000-0000-0000-0000-000000000000"}]
subjectstringrequired

The subject identifier the policy applies to.

Example: "user-00000000-0000-0000-0000-000000000000"
scopestringrequired

The resource scope the policy applies to.

Example: "/subscriptions/123"
actionstringrequired

The action permitted by this policy.

Example: "iam.policy.read"
tenantstringrequired

The tenant this policy belongs to.

Example: "00000000-0000-0000-0000-000000000000"
tenantRolesArray of stringsrequired

The tenant-level OIDC roles assigned to the subject.

Example: ["TenantAdmin"]
subjectstringrequired

The subject identifier this response is for.

Example: "user-00000000-0000-0000-0000-000000000000"
Response
application/json
{
  "tenantRoles": [
    "TenantAdmin"
  ],
  "subject": "user-00000000-0000-0000-0000-000000000000",
  "policies": [
    { … }
  ]
}

Returns an unpaginated list of all roles assigned to you

Request

Security
authorization_code_with_pkce(Required scopes:
services.iam
) or client_credentials(Required scopes:
services.iam
)
No request payload

Responses

OK

Bodyapplication/jsonArray [
idstringrequired

The unique identifier of the role.

namestringrequired

The name of the role.

]
Response
application/json
[
  {
    "id": "string",
    "name": "string"
  }
]

Policies

Actions related to IAM policies

Operations

Role

Actions related to Aritma ID roles

Operations

Scim

Actions related to SCIM tokens

Operations

Scope

Actions related to scopes in Aritma ID

Operations

SSO

Actions common for all SSO providers

Operations

SSO - Azure AD (Entra ID)

Actions relating to AzureAd as an SSO provider

Operations

SSO - Custom Providers

Actions relating to custom SSO providers

Operations

SSO - Google

Actions relating to Google as an SSO provider

Operations

SSO - Signicat

Actions relating to Signicat as an SSO provider

Operations

Subjects

Actions related to IAM subjects

Operations

User

Actions related to Aritma ID users

Operations