Read Root Rules
GET {{apiPath}}/v2/policy-manager/rules/roots?branch={{branchId}}The GET /v2/policy-manager/rules/roots operation returns a collection of all root rules (a rule that is not the child of another policy) defined in the system. The request must provide either a branch ID or a snapshot ID in the request URL.
Prerequisites
-
Create a branch to get a branch ID.
-
Create a snapshot to get a snapshot ID.
Query parameters
| Query parameter | Description |
|---|---|
|
Snapshot ID |
|
Page number of returned policies |
|
Number of policies per page |
Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/v2/policy-manager/rules/roots?branch={{branchId}}' \
--header 'x-user-id: {{userId}}'var options = new RestClientOptions("{{apiPath}}/v2/policy-manager/rules/roots?branch={{branchId}}")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Get);
request.AddHeader("x-user-id", "{{userId}}");
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/v2/policy-manager/rules/roots?branch={{branchId}}"
method := "GET"
client := &http.Client {
}
req, err := http.NewRequest(method, url, nil)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("x-user-id", "{{userId}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}GET /v2/policy-manager/rules/roots?branch={{branchId}} HTTP/1.1
Host: {{apiPath}}
x-user-id: {{userId}}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("text/plain");
RequestBody body = RequestBody.create(mediaType, "");
Request request = new Request.Builder()
.url("{{apiPath}}/v2/policy-manager/rules/roots?branch={{branchId}}")
.method("GET", body)
.addHeader("x-user-id", "{{userId}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/v2/policy-manager/rules/roots?branch={{branchId}}",
"method": "GET",
"timeout": 0,
"headers": {
"x-user-id": "{{userId}}"
},
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'GET',
'url': '{{apiPath}}/v2/policy-manager/rules/roots?branch={{branchId}}',
'headers': {
'x-user-id': '{{userId}}'
}
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
url = "{{apiPath}}/v2/policy-manager/rules/roots?branch={{branchId}}"
payload = {}
headers = {
'x-user-id': '{{userId}}'
}
response = requests.request("GET", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/v2/policy-manager/rules/roots?branch={{branchId}}');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'x-user-id' => '{{userId}}'
));
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "net/http"
url = URI("{{apiPath}}/v2/policy-manager/rules/roots?branch={{branchId}}")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Get.new(url)
request["x-user-id"] = "{{userId}}"
response = http.request(request)
puts response.read_bodyvar request = URLRequest(url: URL(string: "{{apiPath}}/v2/policy-manager/rules/roots?branch={{branchId}}")!,timeoutInterval: Double.infinity)
request.addValue("{{userId}}", forHTTPHeaderField: "x-user-id")
request.httpMethod = "GET"
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
200 OK
{
"pagination": {
"page": 1,
"pageSize": 100,
"totalItems": 3,
"totalPages": 1
},
"data": [
{
"id": "ee832397-014f-4b2c-b571-0016f868108a",
"version": "1c434c9a-d1d1-499d-87f7-02fd7ec6bacd",
"type": "Rule",
"name": "Permitted OAuth client",
"description": "Rule for matching an access token's client_id value with a permitted OAuth client. Clone this rule to a policy and then replace CHANGEME with a permitted client ID.",
"shared": true,
"disabled": false,
"permissions": {
"inherit": true,
"rolePermissions": []
},
"targets": [],
"effectSettings": {
"type": "unconditionalPermit"
},
"statements": [],
"properties": [],
"condition": {
"and": {
"conditions": [
{
"comparison": {
"left": {
"attribute": {
"id": "4dd3a38e-39c6-44aa-99d7-106eb4e2b860"
}
},
"op": "Equals",
"right": {
"constant": {
"value": "CHANGEME"
}
}
}
}
]
}
}
},
{
"id": "f39b0dab-9500-4f91-906c-7235066add55",
"version": "fb07c95d-ace1-4b3b-9033-789fb4dea5b2",
"type": "Rule",
"name": "Permitted OAuth client 2",
"description": "Rule for matching an access token's client_id value with a permitted OAuth client. Clone this rule to a policy and then replace CHANGEME with a permitted client ID.",
"shared": true,
"disabled": false,
"permissions": {
"inherit": true,
"rolePermissions": []
},
"targets": [],
"effectSettings": {
"type": "unconditionalPermit"
},
"statements": [],
"properties": [],
"condition": {
"empty": {}
}
},
{
"id": "01f43d10-aac0-4ec2-976e-56954eb9c6a5",
"version": "3324156f-97f7-4f5f-898a-2f219641f0e5",
"type": "Rule",
"name": "Permitted SCIM scope for user",
"description": "Rule that permits a SCIM user to access its own attributes. Clone this rule to a policy, then replace CHANGEME with the name of a permitted scope.",
"shared": true,
"disabled": false,
"permissions": {
"inherit": true,
"rolePermissions": []
},
"targets": [],
"effectSettings": {
"type": "unconditionalPermit"
},
"statements": [],
"properties": [],
"condition": {
"and": {
"conditions": [
{
"comparison": {
"left": {
"attribute": {
"id": "447bf9bf-0cf0-4b62-9b55-58fc9f606f49"
}
},
"op": "Contains",
"right": {
"constant": {
"value": "CHANGEME"
}
}
}
},
{
"comparison": {
"left": {
"attribute": {
"id": "e8c5981b-fed8-4c44-b4aa-baf4dccdb166"
}
},
"op": "Equals",
"right": {
"attribute": {
"id": "70f94c27-358f-4a20-a968-43799acd3d1b"
}
}
}
}
]
}
}
}
]
}