Read PolicySet with Dependencies
GET {{apiPath}}/v2/policy-manager/policysets/{{policySetId}}/dependencies?branch={{branchId}}The GET /v2/policy-manager/policysets/{{policySetId}}/dependencies operation returns the policy set with the ID specified in the request URL, along with any dependencies of the policy set (e.g., child policies and dependencies of those policies). The request must provide either a branch ID or a snapshot ID in the request URL.
Prerequisites
-
Create a branch to get a branch ID.
-
Create a snapshot to get a snapshot ID.
Query parameters
| Query parameter | Description |
|---|---|
|
Branch ID or name |
|
Snapshot ID |
Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/v2/policy-manager/policysets/{{policySetId}}/dependencies?branch={{branchId}}' \
--header 'x-user-id: {{userId}}'var options = new RestClientOptions("{{apiPath}}/v2/policy-manager/policysets/{{policySetId}}/dependencies?branch={{branchId}}")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Get);
request.AddHeader("x-user-id", "{{userId}}");
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/v2/policy-manager/policysets/{{policySetId}}/dependencies?branch={{branchId}}"
method := "GET"
client := &http.Client {
}
req, err := http.NewRequest(method, url, nil)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("x-user-id", "{{userId}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}GET /v2/policy-manager/policysets/{{policySetId}}/dependencies?branch={{branchId}} HTTP/1.1
Host: {{apiPath}}
x-user-id: {{userId}}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("text/plain");
RequestBody body = RequestBody.create(mediaType, "");
Request request = new Request.Builder()
.url("{{apiPath}}/v2/policy-manager/policysets/{{policySetId}}/dependencies?branch={{branchId}}")
.method("GET", body)
.addHeader("x-user-id", "{{userId}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/v2/policy-manager/policysets/{{policySetId}}/dependencies?branch={{branchId}}",
"method": "GET",
"timeout": 0,
"headers": {
"x-user-id": "{{userId}}"
},
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'GET',
'url': '{{apiPath}}/v2/policy-manager/policysets/{{policySetId}}/dependencies?branch={{branchId}}',
'headers': {
'x-user-id': '{{userId}}'
}
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
url = "{{apiPath}}/v2/policy-manager/policysets/{{policySetId}}/dependencies?branch={{branchId}}"
payload = {}
headers = {
'x-user-id': '{{userId}}'
}
response = requests.request("GET", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/v2/policy-manager/policysets/{{policySetId}}/dependencies?branch={{branchId}}');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'x-user-id' => '{{userId}}'
));
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "net/http"
url = URI("{{apiPath}}/v2/policy-manager/policysets/{{policySetId}}/dependencies?branch={{branchId}}")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Get.new(url)
request["x-user-id"] = "{{userId}}"
response = http.request(request)
puts response.read_bodyvar request = URLRequest(url: URL(string: "{{apiPath}}/v2/policy-manager/policysets/{{policySetId}}/dependencies?branch={{branchId}}")!,timeoutInterval: Double.infinity)
request.addValue("{{userId}}", forHTTPHeaderField: "x-user-id")
request.httpMethod = "GET"
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
200 OK
{
"pagination": {
"page": 1,
"pageSize": 100,
"totalItems": 9,
"totalPages": 1
},
"data": [
{
"id": "3e80f4b0-ae1d-48e6-bdab-74c0fe06e6d5",
"version": "62a55dfc-ddd1-4fd0-9c91-ba9de50ac632",
"type": "PolicySet",
"name": "PDP API Endpoint Policies",
"description": "Policies for the PDP API endpoint",
"shared": false,
"disabled": false,
"combiningAlgorithm": {
"algorithm": "PermitUnlessDeny",
"evaluateAll": false
},
"children": [
{
"id": "e792b7ec-331d-422e-8aec-d5ff589889aa",
"type": "Policy"
}
],
"permissions": {
"inherit": true,
"rolePermissions": []
},
"targets": [
"e41403c2-589e-4981-a088-3e004aef4d59"
],
"statements": [],
"properties": [],
"condition": {
"empty": {}
}
},
{
"id": "e41403c2-589e-4981-a088-3e004aef4d59",
"version": "8b12b4ac-3251-4502-9888-2e01c2318c44",
"type": "Target",
"name": "Inline target",
"description": "",
"shared": false,
"permissions": {
"inherit": true,
"rolePermissions": []
},
"properties": [],
"targeted": {
"services": [
"25769e5c-5b33-4daf-9780-3e09b6f32207"
]
}
},
{
"id": "e792b7ec-331d-422e-8aec-d5ff589889aa",
"version": "6a7ff851-e479-4f7c-9a18-458ac198758d",
"type": "Policy",
"name": "Token Authorization",
"description": "",
"shared": false,
"disabled": false,
"combiningAlgorithm": {
"algorithm": "DenyOverrides"
},
"children": [
{
"id": "5230e2e9-cf6a-4b38-88cd-c40ac56bb2d9",
"type": "Rule"
}
],
"repetitionSettings": null,
"permissions": {
"inherit": true,
"rolePermissions": []
},
"targets": [
"ba86bc60-6ae8-4e14-a4b7-ba6c5e3a463f"
],
"statements": [
"cde26a38-2035-4385-bbfe-159ee1822976"
],
"properties": [],
"condition": {
"empty": {}
}
},
{
"id": "25769e5c-5b33-4daf-9780-3e09b6f32207",
"version": "93d414d0-7ece-41e7-af14-fa62ee7d8121",
"type": "SERVICE",
"name": "PDP",
"fullName": "PDP",
"description": "PDP API endpoint service for directly requesting policy decisions from the PingAuthorize policy engine using XACML-JSON.",
"parentId": null,
"numberOfChildren": 0,
"valueType": "STRING",
"serviceType": "NONE",
"secret": false,
"permissions": {
"inherit": true,
"rolePermissions": []
},
"serviceSettings": {
"serviceSettingsType": "ServiceSettings",
"maximumConcurrentRequests": 2,
"maximumRequestsPerSecond": 1000000,
"retryStrategy": "BACKOFF",
"timeout": 2000,
"retries": 2,
"holdoff": 1000,
"retryJitter": 10,
"description": null,
"holdoffMultiplier": 2,
"definitions": []
},
"cacheSettings": null,
"valueProcessor": null,
"properties": []
},
{
"id": "ba86bc60-6ae8-4e14-a4b7-ba6c5e3a463f",
"version": "7c8a04a5-f38c-4e3c-8b5d-ed8507bc6a27",
"type": "Target",
"name": "Inline target",
"description": "",
"shared": false,
"permissions": {
"inherit": true,
"rolePermissions": []
},
"properties": [],
"targeted": {
"actions": [
"5c34b551-1dc4-4605-999b-6f1ec2bbe526"
]
}
},
{
"id": "5230e2e9-cf6a-4b38-88cd-c40ac56bb2d9",
"version": "a632c58b-0c1d-444c-905e-0832aa84c7c5",
"type": "Rule",
"name": "Token does not contain PDP scope",
"description": "",
"shared": false,
"disabled": false,
"permissions": {
"inherit": true,
"rolePermissions": []
},
"targets": [],
"effectSettings": {
"type": "unconditionalDeny"
},
"statements": [],
"properties": [],
"condition": {
"and": {
"conditions": [
{
"comparison": {
"left": {
"attribute": {
"id": "447bf9bf-0cf0-4b62-9b55-58fc9f606f49"
}
},
"op": "NotContains",
"right": {
"constant": {
"value": "urn:pingauthorize:pdp"
}
}
}
}
]
}
}
},
{
"id": "cde26a38-2035-4385-bbfe-159ee1822976",
"version": "360591f4-8de2-4640-97b9-28c2e74c3580",
"type": "Statement",
"name": "Invalid Token",
"description": "For use when a policy denies a request because the access token is inactive, expired, or otherwise invalid.",
"shared": true,
"code": "denied-reason",
"appliesTo": "DENY",
"appliesIf": "PATH_MATCHES",
"payload": "{\"status\":401, \"message\": \"invalid_token\", \"detail\":\"Access token is expired or otherwise invalid\"}",
"obligatory": true,
"permissions": {
"inherit": true,
"rolePermissions": []
},
"attributes": [],
"services": []
},
{
"id": "5c34b551-1dc4-4605-999b-6f1ec2bbe526",
"version": "920ce98a-2cce-4576-a6f4-836c08194e04",
"type": "ACTION",
"name": "authorize",
"fullName": "authorize",
"description": "Action used to authorize PDP API clients.",
"parentId": null,
"numberOfChildren": 0,
"permissions": {
"inherit": true,
"rolePermissions": []
},
"properties": []
},
{
"id": "447bf9bf-0cf0-4b62-9b55-58fc9f606f49",
"version": "da1545cf-f45e-473e-9cb2-92bb397774af",
"type": "ATTRIBUTE",
"name": "scope",
"fullName": "HttpRequest.AccessToken.scope",
"description": "The list of scopes granted to this token.",
"parentId": "8e568465-2e7c-4705-8d94-53102ea8550f",
"numberOfChildren": 0,
"valueType": "COLLECTION",
"defaultValue": "[]",
"repetitionSource": null,
"cacheConfig": {
"timeToLive": 0,
"scopeAttributeId": null,
"strategy": "NO_CACHING"
},
"secret": false,
"permissions": {
"inherit": true,
"rolePermissions": []
},
"resolvers": [
{
"attributeResolverType": "attribute",
"id": "8e568465-2e7c-4705-8d94-53102ea8550f",
"condition": null,
"valueProcessor": null,
"name": null
}
],
"querySettings": null,
"valueProcessor": {
"type": "json-path",
"expression": "scope",
"valueType": "COLLECTION",
"name": null
},
"properties": []
}
]
}