Attributes

Attributes control specific settings for OPA Users and Groups.

List all Attribute Conflicts for a Team

Lists all attribute conflicts for your Team

This endpoint requires the following role: resource_admin.

SecuritybearerAuth
Request
path Parameters
team_name
required
string

The name of your Team

query Parameters
count
integer <int32>

The number of objects per page

descending
boolean

The object order

offset
string

The offset value for pagination. The rel="next" and rel="prev" Link headers define the offset for subsequent or previous pages.

prev
boolean

The direction of paging

Responses
200

OK

get/v1/teams/{team_name}/attributes/conflicts
Request samples
Response samples
application/json
{
  • "list": [
    • {
      },
    • {
      },
    • {
      },
    • {
      }
    ]
}

List all Attributes for a Group

Lists all Attributes for a specified Group

This endpoint requires one of the following roles: resource_admin, delegated_resource_admin.

SecuritybearerAuth
Request
path Parameters
team_name
required
string

The name of your Team

group_name
required
string

The name of a Group

query Parameters
count
integer <int32>

The number of objects per page

descending
boolean

The object order

offset
string

The offset value for pagination. The rel="next" and rel="prev" Link headers define the offset for subsequent or previous pages.

prev
boolean

The direction of paging

conflicting
boolean

When true, only return attributes that conflict with other attributes on your Team

Responses
200

OK

get/v1/teams/{team_name}/groups/{group_name}/attributes
Request samples
Response samples
application/json
{
  • "list": [
    • {
      },
    • {
      }
    ]
}

Retrieve a Group Attribute

Retrieves an Attribute for a Group

This endpoint requires one of the following roles: resource_admin, delegated_resource_admin.

SecuritybearerAuth
Request
path Parameters
team_name
required
string

The name of your Team

group_name
required
string

The name of a Group

attribute_id
required
string

The UUID of an Attribute

Responses
200

OK

get/v1/teams/{team_name}/groups/{group_name}/attributes/{attribute_id}
Request samples
Response samples
application/json
{
  • "attribute_name": "unix_group_name",
  • "attribute_value": "group_old",
  • "id": "36844d7c-f311-4a42-866c-f32a5a41e213",
  • "managed": false
}

Update a Group Attribute

Updates an Attribute for a Group

This endpoint requires the following role: resource_admin.

SecuritybearerAuth
Request
path Parameters
team_name
required
string

The name of your Team

group_name
required
string

The name of a Group

attribute_id
required
string

The UUID of an Attribute

Request Body schema: application/json
required
attribute_name
required
string (GroupAttributeName)

The type of attribute

Enum: "unix_gid" "unix_group_name" "windows_group_name"
required
unix_gid (integer) or unix_group_name (string) or windows_group_name (string)
One of:

The associated Unix group ID

[ 100 .. 2147483647 ]
integer <int32> (unix_gid) [ 100 .. 2147483647 ]
Responses
204

No Content

put/v1/teams/{team_name}/groups/{group_name}/attributes/{attribute_id}
Request samples
application/json
{
  • "attribute_name": "unix_group_name",
  • "attribute_value": "new_name"
}

List all Attributes for a User

Lists all Attributes for a specified user

This endpoint requires the following role: resource_admin.

SecuritybearerAuth
Request
path Parameters
team_name
required
string

The name of your Team

user_name
required
string

The username for an existing User

query Parameters
count
integer <int32>

The number of objects per page

descending
boolean

The object order

offset
string

The offset value for pagination. The rel="next" and rel="prev" Link headers define the offset for subsequent or previous pages.

prev
boolean

The direction of paging

conflicting
boolean

When true, only return attributes that conflict with other attributes on your Team

Responses
200

OK

get/v1/teams/{team_name}/users/{user_name}/attributes
Request samples
Response samples
application/json
{
  • "list": [
    • {
      },
    • {
      },
    • {
      },
    • {
      }
    ]
}

Retrieve a User Attribute

Retrieves an Attribute for a User

This endpoint requires the following role: resource_admin.

SecuritybearerAuth
Request
path Parameters
team_name
required
string

The name of your Team

user_name
required
string

The username for an existing User

attribute_id
required
string

The UUID of an Attribute

Responses
200

OK

get/v1/teams/{team_name}/users/{user_name}/attributes/{attribute_id}
Request samples
Response samples
application/json
{
  • "attribute_name": "unix_user_name",
  • "attribute_value": "augusta_ada_king",
  • "id": "11faefa1-6b59-4a52-9492-43195cd07385",
  • "managed": true
}

Update a User Attribute

Updates an Attribute for a User

This endpoint requires the following role: resource_admin.

SecuritybearerAuth
Request
path Parameters
team_name
required
string

The name of your Team

user_name
required
string

The username for an existing User

attribute_id
required
string

The UUID of an Attribute

Request Body schema: application/json
required
attribute_name
required
string (TeamUserAttributeName)

The type of attribute

Enum: "active_directory_identity" "active_directory_passwordless_identity" "gecos_field" "unix_gid" "unix_uid" "unix_user_name" "user_shell" "windows_user_name"
required
active_directory_identity (object) or active_directory_passwordless_identity (object) or gecos_field (object) or user_home_dir (object) or unix_gid (object) or unix_uid (object) or unix_user_name (object) or user_shell (object) or windows_user_name (object)
One of:

The AD usernames accessible by the User. Users must manually enter their password.

<= 256 characters
object (active_directory_identity) <= 256 characters
Responses
204

No Content

put/v1/teams/{team_name}/users/{user_name}/attributes/{attribute_id}
Request samples
application/json
{
  • "attribute_name": "unix_user_name",
  • "attribute_value": "ada_lovelace"
}