The code of this module is tested in tests/test_api_system.py
The policy endpoints are a subset of the system endpoint.
This function checks, if the given parameters would match a defined policy or not.
Query Parameters: | |
---|---|
|
|
Return: | a json result with the keys allowed and policy in the value key |
Rtype: | json |
Status Codes: |
|
Example request:
GET /policy/check?user=admin&realm=r1&client=172.16.1.1 HTTP/1.1
Host: example.com
Accept: application/json
Example response:
HTTP/1.0 200 OK
Content-Type: application/json
{
"id": 1,
"jsonrpc": "2.0",
"result": {
"status": true,
"value": {
"pol_update_del": {
"action": "enroll",
"active": true,
"client": "172.16.0.0/16",
"name": "pol_update_del",
"realm": "r1",
"resolver": "test",
"scope": "selfservice",
"time": "",
"user": "admin"
}
}
},
"version": "privacyIDEA unknown"
}
This is a helper function that returns the POSSIBLE policy definitions, that can be used to define your policies.
Parameters: |
|
---|---|
Return: | The policy definitions of the allowed scope with the actions and |
action types. The top level key is the scope. :rtype: dict
this function is used to retrieve the policies that you defined. It can also be used to export the policy to a file.
Parameters: |
|
---|---|
JSON Parameters: | |
|
|
Return: | a json result with the configuration of the specified policies |
Rtype: | json |
Status Codes: |
|
Example request:
In this example a policy “pol1” is created.
GET /policy/pol1 HTTP/1.1
Host: example.com
Accept: application/json
Example response:
HTTP/1.0 200 OK
Content-Type: application/json
{
"id": 1,
"jsonrpc": "2.0",
"result": {
"status": true,
"value": {
"pol_update_del": {
"action": "enroll",
"active": true,
"client": "1.1.1.1",
"name": "pol_update_del",
"realm": "r1",
"resolver": "test",
"scope": "selfservice",
"time": "",
"user": "admin"
}
}
},
"version": "privacyIDEA unknown"
}
Disable a given policy by its name. :param name: The name of the policy :return: ID in the database
Enable a given policy by its name. :param name: Name of the policy :return: ID in the database
this function is used to retrieve the policies that you defined. It can also be used to export the policy to a file.
Parameters: |
|
---|---|
JSON Parameters: | |
|
|
Return: | a json result with the configuration of the specified policies |
Rtype: | json |
Status Codes: |
|
Example request:
In this example a policy “pol1” is created.
GET /policy/pol1 HTTP/1.1
Host: example.com
Accept: application/json
Example response:
HTTP/1.0 200 OK
Content-Type: application/json
{
"id": 1,
"jsonrpc": "2.0",
"result": {
"status": true,
"value": {
"pol_update_del": {
"action": "enroll",
"active": true,
"client": "1.1.1.1",
"name": "pol_update_del",
"realm": "r1",
"resolver": "test",
"scope": "selfservice",
"time": "",
"user": "admin"
}
}
},
"version": "privacyIDEA unknown"
}
This function is used to import policies from a file.
Parameters: |
|
---|---|
Form Parameters: | |
|
|
Return: | A json response with the number of imported policies. |
Status Codes: |
|
Example request:
POST /policy/import/backup-policy.cfg HTTP/1.1
Host: example.com
Accept: application/json
Example response:
HTTP/1.0 200 OK
Content-Type: application/json
{
"id": 1,
"jsonrpc": "2.0",
"result": {
"status": true,
"value": 2
},
"version": "privacyIDEA unknown"
}
This is a helper function that returns the POSSIBLE policy definitions, that can be used to define your policies.
Parameters: |
|
---|---|
Return: | The policy definitions of the allowed scope with the actions and |
action types. The top level key is the scope. :rtype: dict
Creates a new policy that defines access or behaviour of different actions in privacyIDEA
Parameters: |
|
---|---|
JSON Parameters: | |
|
|
Return: | a json result with success or error |
Status Codes: |
|
Example request:
In this example a policy “pol1” is created.
POST /policy/pol1 HTTP/1.1
Host: example.com
Accept: application/json
scope=admin
realm=realm1
action=enroll, disable
Example response:
HTTP/1.0 200 OK
Content-Length: 354
Content-Type: application/json
{
"id": 1,
"jsonrpc": "2.0",
"result": {
"status": true,
"value": {
"setPolicy pol1": 1
}
},
"version": "privacyIDEA unknown"
}
this function is used to retrieve the policies that you defined. It can also be used to export the policy to a file.
Parameters: |
|
---|---|
JSON Parameters: | |
|
|
Return: | a json result with the configuration of the specified policies |
Rtype: | json |
Status Codes: |
|
Example request:
In this example a policy “pol1” is created.
GET /policy/pol1 HTTP/1.1
Host: example.com
Accept: application/json
Example response:
HTTP/1.0 200 OK
Content-Type: application/json
{
"id": 1,
"jsonrpc": "2.0",
"result": {
"status": true,
"value": {
"pol_update_del": {
"action": "enroll",
"active": true,
"client": "1.1.1.1",
"name": "pol_update_del",
"realm": "r1",
"resolver": "test",
"scope": "selfservice",
"time": "",
"user": "admin"
}
}
},
"version": "privacyIDEA unknown"
}
This deletes the policy of the given name.
Parameters: |
|
---|---|
Return: | a json result about the delete success. In case of success value > 0 |
Status Codes: |
|
Example request:
In this example a policy “pol1” is created.
DELETE /policy/pol1 HTTP/1.1
Host: example.com
Accept: application/json
Example response:
HTTP/1.0 200 OK
Content-Type: application/json
{
"id": 1,
"jsonrpc": "2.0",
"result": {
"status": true,
"value": 1
},
"version": "privacyIDEA unknown"
}