Turia IAM API Product (1.0.0)
Turia IAM API Product
Operations with members, including creation, listing, deletion, and management of individual or batch grants.
Returns a list of members of the organization
Authorizations:
OAuth2
query Parameters
Email (string) or Email (null) (Email) Example: email=john.doe@example.com |
Responses
Response samples
- 200
- 403
Content type
application/json
[- {
- "uuid": "550e8400-e29b-41d4-a716-446655440000",
- "email": "john.doe@example.com",
- "name": "John Doe",
- "tenant_id": "123e4567-e89b-12d3-a456-426614174000",
- "profile": "administrator"
}
]
Add a member to the organization
Authorizations:
OAuth2
Request Body schema: application/jsonrequired
email required | string <email> (Email) |
roles | Array of strings (Roles) |
permissions | Array of strings (Permissions) |
Responses
Request samples
- Payload
Content type
application/json
{- "email": "user@example.com",
- "roles": [
- "editor"
], - "permissions": [
- "turia_iam_editor"
]
}
Response samples
- 200
- 403
- 422
Content type
application/json
{- "uuid": "550e8400-e29b-41d4-a716-446655440000",
- "email": "john.doe@example.com",
- "name": "John Doe",
- "tenant_id": "123e4567-e89b-12d3-a456-426614174000",
- "profile": "administrator"
}
Add or remove roles and permissions for a member
Authorizations:
OAuth2
path Parameters
uuid required | string <uuid> (Uuid) Example: 9f1c2d3e-4567-89ab-cdef-1234567890ab |
Request Body schema: application/jsonrequired
operation required | string (Operation) Enum: "add" "remove" |
roles | Array of strings (Roles) Default: [] |
permissions | Array of strings (Permissions) Default: [] |
Responses
Request samples
- Payload
Content type
application/json
{- "operation": "add",
- "roles": [
- "editor"
], - "permissions": [
- "turia_iam_editor"
]
}
Response samples
- 403
- 422
Content type
application/json
{- "origin": "permissionsAPI",
- "permission": "turia_iam_editor",
- "product": "turiaiam",
- "message": "User action not authorized for permission turia_iam_editor"
}
Add or remove roles and permissions for multiple members at once
Authorizations:
OAuth2
Request Body schema: application/jsonrequired
member_ids required | Array of strings <uuid> (Member Ids) [ items <uuid > ] |
operation required | string (Operation) Enum: "add" "remove" |
role_names | Array of strings (Role Names) Default: [] |
permission_names | Array of strings (Permission Names) Default: [] |
Responses
Request samples
- Payload
Content type
application/json
{- "member_ids": [
- "550e8400-e29b-41d4-a716-446655440000"
], - "operation": "add",
- "role_names": [
- "editor"
], - "permission_names": [
- "turia_iam_editor"
]
}
Response samples
- 403
- 422
Content type
application/json
{- "origin": "permissionsAPI",
- "permission": "turia_iam_editor",
- "product": "turiaiam",
- "message": "User action not authorized for permission turia_iam_editor"
}
Operations with access control, including detailed retrieval, creation, and updating of settings
Create access control
Authorizations:
OAuth2
Request Body schema: application/jsonrequired
required | Name (string) or Name (null) (Name) |
Description (string) or Description (null) (Description) | |
User (string) or User (null) (User) |
Responses
Request samples
- Payload
Content type
application/json
{- "name": "Turia",
- "description": "Organization managing IAM and access settings.",
- "user": "string"
}
Response samples
- 201
- 403
- 422
Content type
application/json
{- "name": "Turia",
- "description": "Organization managing IAM and access settings.",
- "tenant_id": "8e4f75f4-4298-49e7-87c9-652178c0ecd0",
- "enabled": true,
- "enforce_mfa": true
}
Update access control settings
Authorizations:
OAuth2
Request Body schema: application/jsonrequired
status | boolean (Status) |
enforce_mfa | boolean (Enforce Mfa) |
Responses
Request samples
- Payload
Content type
application/json
{- "status": true,
- "enforce_mfa": true
}
Response samples
- 200
- 403
- 422
Content type
application/json
{- "name": "Turia",
- "description": "Organization managing IAM and access settings.",
- "tenant_id": "8e4f75f4-4298-49e7-87c9-652178c0ecd0",
- "enabled": true,
- "enforce_mfa": true
}
Get Products And Permissions
Authorizations:
OAuth2
query Parameters
Product Name (string) or Product Name (null) (Product Name) | |
Partial Match (boolean) or Partial Match (null) (Partial Match) Default: false | |
Case Sensitive (boolean) or Case Sensitive (null) (Case Sensitive) Default: true |
Responses
Response samples
- 200
- 403
- 422
Content type
application/json
[- {
- "id": "string",
- "name": "string",
- "permissions": [
- {
- "id": "string",
- "name": "string",
- "description": "string"
}
]
}
]
Operations with roles, including creation, listing, deletion, permission management, and member listing.
Retrieve roles
Authorizations:
OAuth2
query Parameters
role_name | string Example: role_name=editor Optional role name to filter results |
Responses
Response samples
- 200
- 403
- 422
Content type
application/json
[- {
- "name": "financeiro",
- "description": "Papel com responsabilidade de leitura de dados de faturamento.",
- "origin": "default"
}
]
Create a new role
Authorizations:
OAuth2
Request Body schema: application/jsonrequired
name required | string (Name) |
description | string (Description) |
permissions | Array of strings (Permissions) Default: [] |
based_role | string (Based Role) |
Responses
Request samples
- Payload
Content type
application/json
{- "name": "manager",
- "description": "Role with administrative privileges for managing users.",
- "permissions": [
- "turia_iam_editor"
], - "based_role": "editor"
}
Response samples
- 201
- 400
- 403
Content type
application/json
{- "name": "financeiro",
- "description": "Papel com responsabilidade de leitura de dados de faturamento.",
- "origin": "default"
}
Response samples
- 403
- 422
Content type
application/json
{- "origin": "permissionsAPI",
- "permission": "turia_iam_editor",
- "product": "turiaiam",
- "message": "User action not authorized for permission turia_iam_editor"
}
Retrieve permissions of a role
Authorizations:
OAuth2
path Parameters
role_name required | string (Role Name) |
Responses
Response samples
- 200
- 403
- 422
Content type
application/json
{- "name": "manager",
- "description": "Role with administrative privileges for managing users",
- "origin": "custom",
- "permissions": [
- "turia_iam_editor"
]
}
Update role permissions
Authorizations:
OAuth2
path Parameters
role_name required | string (Role Name) Example: manager Name of the role to update |
Request Body schema: application/jsonrequired
add | Array of strings (Add) Default: [] |
remove | Array of strings (Remove) Default: [] |
Responses
Request samples
- Payload
Content type
application/json
{- "add": [
- "turia_iam_adm"
], - "remove": [
- "turia_iam_editor"
]
}
Response samples
- 200
- 403
- 422
Content type
application/json
[- {
- "name": "financeiro",
- "description": "Papel com responsabilidade de leitura de dados de faturamento.",
- "origin": "default"
}
]
Retrieve members of a role
Authorizations:
OAuth2
path Parameters
role_name required | string (Role Name) |
Responses
Response samples
- 200
- 403
- 422
Content type
application/json
[- {
- "member_uuid": "a4bddb3f-0acf-4981-bb85-03feb4ee0d08",
- "name": "John Doe",
- "email": "john.doe@example.com",
- "member_role": "administrator",
- "roles": [
- "editor"
]
}
]
Operations with service accounts, including creation, listing, editing, deletion, and management of their API keys.
Response samples
- 200
- 403
Content type
application/json
[- {
- "uuid": "d4f3a9c2-1b8a-4e6b-b5a1-9f2d3e7c4b1a",
- "name": "Analytics Engine",
- "description": "Service account for analytics pipelines",
- "email": "analytics.engine.001@company.example.com",
- "tenant": {
- "uuid": "f1a2b3c4-5678-90ab-cdef-1234567890ab",
- "legal_name": "Example Corp Ltda"
}
}
]
Create service account
Authorizations:
OAuth2
Request Body schema: application/jsonrequired
name required | string (Name) |
description required | string (Description) |
email required | string <email> (Email) |
Responses
Request samples
- Payload
Content type
application/json
{- "name": "Analytics Engine",
- "description": "Service account for analytics pipelines",
- "email": "analytics.engine.001@company.example.com"
}
Response samples
- 201
- 403
- 422
Content type
application/json
{- "uuid": "d4f3a9c2-1b8a-4e6b-b5a1-9f2d3e7c4b1a",
- "name": "Analytics Engine",
- "description": "Service account for analytics pipelines",
- "email": "analytics.engine.001@company.example.com",
- "tenant": {
- "uuid": "f1a2b3c4-5678-90ab-cdef-1234567890ab",
- "legal_name": "Example Corp Ltda"
}
}
Remove service account
Authorizations:
OAuth2
path Parameters
sa_uuid required | string <uuid> (Service Account Uuid) Example: d4f3a9c2-1b8a-4e6b-b5a1-9f2d3e7c4b1a |
Responses
Response samples
- 403
- 404
- 422
Content type
application/json
{- "origin": "permissionsAPI",
- "permission": "turia_iam_editor",
- "product": "turiaiam",
- "message": "User action not authorized for permission turia_iam_editor"
}
Update service account
Authorizations:
OAuth2
path Parameters
sa_uuid required | string <uuid> (Service Account Uuid) Example: d4f3a9c2-1b8a-4e6b-b5a1-9f2d3e7c4b1a |
Request Body schema: application/jsonrequired
Name (string) or Name (null) (Name) | |
Description (string) or Description (null) (Description) |
Responses
Request samples
- Payload
Content type
application/json
{- "name": "Analytics Engine",
- "description": "Service account for analytics pipelines"
}
Response samples
- 200
- 403
- 404
- 422
Content type
application/json
{- "uuid": "d4f3a9c2-1b8a-4e6b-b5a1-9f2d3e7c4b1a",
- "name": "Analytics Engine",
- "description": "Service account for analytics pipelines",
- "email": "analytics.engine.001@company.example.com",
- "tenant": {
- "uuid": "f1a2b3c4-5678-90ab-cdef-1234567890ab",
- "legal_name": "Example Corp Ltda"
}
}
Create API key for service account
Authorizations:
OAuth2
path Parameters
sa_uuid required | string <uuid> (Service Account Uuid) Example: d4f3a9c2-1b8a-4e6b-b5a1-9f2d3e7c4b1a |
Request Body schema: application/jsonrequired
name required | string (Name) |
Description (string) or Description (null) (Description) | |
Array of Scopes (strings) or Scopes (null) (Scopes) Default: [] |
Responses
Request samples
- Payload
Content type
application/json
{- "name": "Analytics Key",
- "description": "Key for accessing analytics service",
- "scopes": [
- "iam:read"
]
}
Response samples
- 201
- 403
- 404
- 422
Content type
application/json
{- "uuid": "e8a77a53-ea0b-49a7-9f8d-a7116a800df5",
- "name": "Analytics Key",
- "description": "Key for accessing analytics service",
- "key_pair_id": "be88e4f8-24ac-4cab-a59d-42cfdc02cbe7",
- "key_pair_secret": "8b4c58bc-d905-435b-8cd0-05bf4b150d52",
- "scopes": [
- "iam:read"
], - "scopes_pending_approval": [
- "iam:write"
], - "start_validity": "string",
- "end_validity": "string",
- "revoked_at": "string",
- "revoked_by": "string",
- "api_key": "eeac0a24-9948-4e92-b5d4-0aa2ea91d539"
}
Get API keys for a service account
Authorizations:
OAuth2
path Parameters
sa_uuid required | string <uuid> (Sa Uuid) Example: 8cf19575-674c-4bb0-b5c7-4dde54923183 |
Responses
Response samples
- 200
- 403
- 422
Content type
application/json
[- {
- "uuid": "e8a77a53-ea0b-49a7-9f8d-a7116a800df5",
- "name": "Analytics Key",
- "description": "Key for accessing analytics service",
- "key_pair_id": "be88e4f8-24ac-4cab-a59d-42cfdc02cbe7",
- "key_pair_secret": "8b4c58bc-d905-435b-8cd0-05bf4b150d52",
- "scopes": [
- "iam:read"
], - "scopes_pending_approval": [
- "iam:write"
], - "start_validity": "string",
- "end_validity": "string",
- "revoked_at": "string",
- "revoked_by": "string",
- "api_key": "eeac0a24-9948-4e92-b5d4-0aa2ea91d539"
}
]
Revoke an API key for a service account
Authorizations:
OAuth2
path Parameters
sa_uuid required | string <uuid> (Sa Uuid) Example: 8cf19575-674c-4bb0-b5c7-4dde54923183 |
apikey_uuid required | string <uuid> (Apikey Uuid) Example: e8a77a53-ea0b-49a7-9f8d-a7116a800df5 |
Responses
Response samples
- 403
- 422
Content type
application/json
{- "origin": "permissionsAPI",
- "permission": "turia_iam_editor",
- "product": "turiaiam",
- "message": "User action not authorized for permission turia_iam_editor"
}
Update API key
Authorizations:
OAuth2
path Parameters
sa_uuid required | string <uuid> (Sa Uuid) Example: 8cf19575-674c-4bb0-b5c7-4dde54923183 |
apikey_uuid required | string <uuid> (Apikey Uuid) Example: e8a77a53-ea0b-49a7-9f8d-a7116a800df5 |
Request Body schema: application/jsonrequired
Name (string) or Name (null) (Name) | |
Description (string) or Description (null) (Description) | |
Array of Scopes (strings) or Scopes (null) (Scopes) Default: [] |
Responses
Request samples
- Payload
Content type
application/json
{- "name": "My API Key",
- "description": "API key for automation tasks",
- "scopes": [
- "iam:read"
]
}
Response samples
- 200
- 403
- 422
Content type
application/json
{- "uuid": "e8a77a53-ea0b-49a7-9f8d-a7116a800df5",
- "name": "Analytics Key",
- "description": "Key for accessing analytics service",
- "key_pair_id": "be88e4f8-24ac-4cab-a59d-42cfdc02cbe7",
- "key_pair_secret": "8b4c58bc-d905-435b-8cd0-05bf4b150d52",
- "scopes": [
- "iam:read"
], - "scopes_pending_approval": [
- "iam:write"
], - "start_validity": "string",
- "end_validity": "string",
- "revoked_at": "string",
- "revoked_by": "string",
- "api_key": "eeac0a24-9948-4e92-b5d4-0aa2ea91d539"
}
Response samples
- 200
- 403
Content type
application/json
[- {
- "uuid": "c5457157-4359-44d7-a0ed-188362c91013",
- "name": "Magalu Cloud",
- "api_products": [
- {
- "uuid": "1dcfa8ce-4576-4944-a4fe-a0ca1f2f455d",
- "name": "API Product CMS",
- "scopes": [
- {
- "uuid": "28beb8a2-9d99-44db-8fb7-5b724eac79a2",
- "name": "cms:cloud-product-management:write",
- "title": "Write permission for cloud product management"
}
]
}
]
}
]