Skip to content
API Reference
/
/
Creates a new policy

Aritma IAM API (V1)

An API for interacting with the identity and access management system of Aritma.

Download OpenAPI description
iam-openapi.json
iam-openapi.yaml
Overview
URL
https://aritma.com/contact
Languages
Servers
Mock server
https://developer.aritma.com/_mock/apis/platform/iam/openapi/iam-openapi
IAM API
https://api.dev.aritma.io/core/iam

Actions

Actions related to IAM actions

Operations

Client

Actions related to clients in Aritma ID

Operations

Domains

Actions related to domains registered for the tenant, and their verification status

Operations

Me

Actions listing information about the currently authenticated user

Operations

Policies

Actions related to IAM policies

Operations

Creates a new policy

Request

Security
authorization_code_with_pkce(Required scopes:
services.iam
) or client_credentials(Required scopes:
services.iam
)
Bodyapplication/json

The policy request

subjectstringnon-emptyrequired

The subject identifier the policy should be created for.

Example: "user-00000000-0000-0000-0000-000000000000"
scopestring(uri)required

The resource scope the policy applies to.

Example: "/subscriptions/123"
actionstringnon-emptyrequired

The action to grant. Must be one of the actions returned by the /actions endpoint.

Example: "iam.policy.read"
application/json
{
  "subject": "user-00000000-0000-0000-0000-000000000000",
  "scope": "/subscriptions/123",
  "action": "iam.policy.read"
}

Responses

OK

Bodyapplication/json
subjectstringrequired

The subject identifier the policy applies to.

Example: "user-00000000-0000-0000-0000-000000000000"
scopestringrequired

The resource scope the policy applies to.

Example: "/subscriptions/123"
actionstringrequired

The action permitted by this policy.

Example: "iam.policy.read"
tenantstringrequired

The tenant this policy belongs to.

Example: "00000000-0000-0000-0000-000000000000"
Response
application/json
{
  "subject": "user-00000000-0000-0000-0000-000000000000",
  "scope": "/subscriptions/123",
  "action": "iam.policy.read",
  "tenant": "00000000-0000-0000-0000-000000000000"
}

Deletes a policy

Request

Security
authorization_code_with_pkce(Required scopes:
services.iam
) or client_credentials(Required scopes:
services.iam
)
Bodyapplication/json

The policy request

subjectstringnon-emptyrequired

The subject identifier the policy should be created for.

Example: "user-00000000-0000-0000-0000-000000000000"
scopestring(uri)required

The resource scope the policy applies to.

Example: "/subscriptions/123"
actionstringnon-emptyrequired

The action to grant. Must be one of the actions returned by the /actions endpoint.

Example: "iam.policy.read"
application/json
{
  "subject": "user-00000000-0000-0000-0000-000000000000",
  "scope": "/subscriptions/123",
  "action": "iam.policy.read"
}

Responses

No Content

Response
No content

Finds policies that matches a request filter

Request

Requires the requesting party to have read access on the requested scope

Security
authorization_code_with_pkce(Required scopes:
services.iam
) or client_credentials(Required scopes:
services.iam
)
Query
pageSizeinteger(int32)

The number of items to return per page. Clamped between 10 and 200.

Example: pageSize=100
cursorstring

Opaque cursor returned from a previous response. Pass this to retrieve the next page.

Example: cursor=eyJhbGciOiJub25lIn0
includeDerivedboolean

If policies with a derived scope should be included

Example: includeDerived=false
includeInheritedboolean

If policies with parent scope should be included

Example: includeInherited=false
subjectstring

Filters results to policies belonging to this subject identifier

Example: subject=user-00000000-0000-0000-0000-000000000000
scopestring(uri)

Filters results to policies on this scope

Example: scope=https://api.aritma.com/tenants/my-tenant
actionstring

Filters results to policies granting this action

Example: action=iam.policy.read
No request payload

Responses

OK

Bodyapplication/json
policiesArray of objects(PolicyDto)required

The list of policies matching the request filter.

Example: [{"subject":"user-00000000-0000-0000-0000-000000000000","scope":"/subscriptions/123","action":"iam.policy.read","tenant":"00000000-0000-0000-0000-000000000000"}]
subjectstringrequired

The subject identifier the policy applies to.

Example: "user-00000000-0000-0000-0000-000000000000"
scopestringrequired

The resource scope the policy applies to.

Example: "/subscriptions/123"
actionstringrequired

The action permitted by this policy.

Example: "iam.policy.read"
tenantstringrequired

The tenant this policy belongs to.

Example: "00000000-0000-0000-0000-000000000000"
cursorstring or null

Opaque cursor to pass in the next request to retrieve the following page. null when there are no more pages.

Example: "eyJhbGciOiJub25lIn0"
Response
application/json
{
  "cursor": "eyJhbGciOiJub25lIn0",
  "policies": [
    { … }
  ]
}

Role

Actions related to Aritma ID roles

Operations

Scim

Actions related to SCIM tokens

Operations

Scope

Actions related to scopes in Aritma ID

Operations

SSO

Actions common for all SSO providers

Operations

SSO - Azure AD (Entra ID)

Actions relating to AzureAd as an SSO provider

Operations

SSO - Custom Providers

Actions relating to custom SSO providers

Operations

SSO - Google

Actions relating to Google as an SSO provider

Operations

SSO - Signicat

Actions relating to Signicat as an SSO provider

Operations

Subjects

Actions related to IAM subjects

Operations

User

Actions related to Aritma ID users

Operations