Admin - Get effective policy for a key share
GET/admin/policies/get-effective-key-policy
This API endpoint requires an API Key with at least one of the following Roles: SystemAdmin | PoliciesManager | ResourceViewer
Get effective policy for a key share. If no policy is attached directly to the key, the default policy for the key owner will be returned.
Request
Query Parameters
Header Parameters
The AUTHORIZATION header must be set to the API Key of the user. The API Key is returned when a new user is created using the /admin/create-user endpoint.
Responses
- 200
- 400
- 401
- 404
- 500
- application/json
- Schema
Schema
- MOD1
- MOD2
Array [
- MOD1
]
oneOf
string
attached
object
required
Describes a policy schema with an attachment method and associated policy details.
policy
object
required
rules
object[]
required
oneOf
rule
object
required
pubkey
object
required
The public key of the external rule server, in PEM format. This key is used to verify the JWT signature of the response.
Possible values: [External]
Specifies whether a setting should use a specified key or a user default.
Possible values: [key, user_default]
- application/json
- Schema
- Example (from schema)
Schema
Possible values: [already_performed_keygen, api_key_not_found, bad_n_and_t_params, bad_request_params, batch_too_large, cant_delete_boot_admin, cluster_already_exists, cluster_not_found, executor_result, failed_to_import_key_share, invalid_domain, key_not_found, key_operation_before_keygen, no_backup_private_key, no_backup_public_key, plaintext_backup_disabled, policy_already_exists, policy_in_use_by_keys, policy_in_use_by_users, policy_not_found, policy_validation_failed, room_creation_problem, rule_already_exists, rule_in_use, rule_not_found, rule_not_in_policy, user_already_exists, user_has_associated_keys, user_not_found, vertex_already_exists, vertex_not_found]
{
"err_msg": "string",
"err_type": "already_performed_keygen"
}
- application/json
- Schema
- Example (from schema)
Schema
Possible values: [access_denied, bad_key_permission]
{
"err_msg": "string",
"err_type": "access_denied"
}
- application/json
- Schema
- Example (from schema)
Schema
Possible values: [not_found]
{
"err_msg": "string",
"err_type": "not_found"
}
- application/json
- Schema
- Example (from schema)
Schema
Possible values: [internal_problem]
{
"err_msg": "string",
"err_type": "internal_problem"
}