Section | Method | Resource Path |
---|---|---|
|
/opss/v2/ |
|
|
/opss/v2/ |
|
|
/opss/v2/ |
|
|
/opss/v2/ |
Use the POST method to register a new client. An application role with a unique name inside the OPSS rest application stripe is created. Users and groups that are passed as input of the POST method are made members of the application role. Grants to the specified resources are automatically provisioned in the OPSS REST application stripe.
Note:
The same clientName
attribute value is required to identify the client when making changes to registration data.
REST Request
POST /opss/v2/opssRestClient/
Request Body
Media Types: |
|
The request body contains the details of the register request:
Table 2-1 Registration Attributes
Attribute | Description | Required |
---|---|---|
|
A unique name that identifies the client. |
Yes |
|
The policy store stripe to which the client is assigned |
No |
|
A list of keystores used for the client |
No |
|
A name of the credential map that is used to store credential keys. |
No |
|
A unique name to identify the audit rules for a client |
No |
|
A list identity domains that can issue trust tokens |
No |
|
A list identity domains that can validate trust tokens |
No |
|
A group with the operator role |
No |
|
A group with the operator role |
No |
|
A group with the viewer role |
No |
All attributes other than clientName
can be specified multiple times. A user should specify at least one of either: policystoreStripe
, keystore
, credentialMap
, auditComponent
, trustIssueIDD
, or trustValidateIDD
for the service scopes. In addition, a user should specify at least one of either: adminGroup
, operatorGroup
, or viewerGroup
so that some group has privileges.
For service scope attributes, a wild card (*
) can be specified to grant all scopes to the client. The wildcard should be used carefully.
Response Body
The output of a POST request is a Resource ID.
cURL Example
The following example shows how to register a client by submitting a POST request on the REST resource using cURL
curl -i -X POST -u username:password --data @register.json -H Content-Type:application/json https://myhost:7001/opss/v2/opssRestClient
Example of Request Body
The following shows an example of the request body in JSON format.
{ "clientName": "myClientName", "policystoreStripe": "CRM", "keystore": ["appA", "appB/store1"], "credentialMap": "mapA", "auditComponent": "myComponent", "trustIssueIDD" : ["cisco", "intel"], "trustValidateIDD" : ["cisco", "intel"], "adminGroup":"myGroup1", "operatorGroup":"myGroup2", "viewerGroup":"myGroup3" }
Use the GET method to view the client attributes for a registered client.
REST Request
GET /opss/v2/opssRestClient/
clientName
Response Body
Media Types: |
|
The response body contains the client registration attributes. For details about the registration attributes, see Table 2-1.
cURL Example
The following example shows how to view the registered client by submitting a GET request on the REST resource using cURL
curl -i -X GET -u username:password https://myhost:7001/opss/v2/opssRestClient/ myClientName
Example of Response Header
The following shows an example of the response header. For more about the HTTP status codes, see HTTP Status Codes for HTTP Methods.
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{ "clientName": "myClientName", "policystoreStripe": "CRM", "keystore": ["appA", "appB/store1"], "credentialMap": "mapA", "auditComponent": "myComponent", "trustIssueIDD" : ["cisco", "intel"], "trustValidateIDD" : ["cisco", "intel"], "adminGroup":"myGroup1", "operatorGroup":"myGroup2", "viewerGroup":"myGroup3" }
Use the PUT method to update the attributes of a registered client.
REST Request
PUT /opss/v2/opssRestClient/
clientName
Request Body
Media Types: |
|
The request body contains the client registration attributes. For details about the registration attributes, see Table 2-1.
cURL Example
The following example shows how to update client attributes by submitting a PUT request on the REST resource using cURL
curl -i -X POST -u username:password --data @register.json -H Content-Type:application/json https://myhost:7001/opss/v2/opssRestClient/ myClientName
Example of Request Body
The following shows an example of the request body in JSON format.
{ "clientName": "myClientName", "policystoreStripe": "CRM", "keystore": ["appA", "appB/store1"], "credentialMap": "mapA", "auditComponent": "myComponent", "trustIssueIDD" : ["cisco", "intel"], "trustValidateIDD" : ["cisco", "intel"], "adminGroup":"myGroup1", "operatorGroup":"myGroup2", "viewerGroup":"myGroup3" }
Use the DELETE method to remove a registered client.
REST Request
DELETE /opss/v2/opssRestClient/
clientName
cURL Example
The following example shows how to delete a delete a registered client by submitting a DELETE request on the REST resource using cURL.
curl -i -X DELETE -u username:password https://myhost:7001/opss/v2/opssRestClient/ myClientName