Skip to main content
API docs by Redocly

SpaceBlocks.Permissions.WebServices.Main.Api Management (v1)

Download OpenAPI specification:Download

This is the management API.

MemberGroup

Create a new member-group

Authorizations:
Bearer
path Parameters
tenantId
required
string

The ID of the tenant where the member group belongs to

Request Body schema:
required

The create member-group request

id
string
name
string
subjectIds
Array of strings unique

Responses

Request samples

Content type
No sample

Response samples

Content type
No sample

Get a member-group by id

Authorizations:
Bearer
path Parameters
tenantId
required
string

The ID of the tenant where the member-group belongs to

id
required
string

The ID of the member-group

Responses

Response samples

Content type
No sample

Permission

Check if the subject has the requested sub-level permissions on the requested resource.

Authorizations:
Bearer
query Parameters
tenantId
string

The ID of the tenant

resourceTypeId
string

The resource type ID

resourceId
string

The ID of the resource to check permissions on

subjectId
string

The ID of the subject to check permissions for

permissionScope
string

The ID of the resource type on which the permission to check is defined

permission
Array of strings unique

The permission slug to check (can occur multiple times)

Responses

Response samples

Content type
No sample

Get the permissions of the subject on the requested resource.

Authorizations:
Bearer
query Parameters
tenantId
string

The ID of the tenant

resourceTypeId
string

The resource type ID

resourceId
string

The ID of the resource to check permissions on

subjectId
string

The ID of the subject to check permissions for

Responses

Response samples

Content type
No sample

Resource

Get a resource by id

Authorizations:
Bearer
path Parameters
tenantId
required
string

The ID of the tenant whom the resource belongs

resourceTypeId
required
string

The key of the permission level

id
required
string

The ID of the resource

Responses

Response samples

Content type
No sample

Update a resource

This triggers a recalculation of the permission tree.

Authorizations:
Bearer
path Parameters
tenantId
required
string

The ID of the tenant where the resource belongs to

resourceTypeId
required
string

The key to the corresponding permission-level of the resource

id
required
string

The ID of the resource

Request Body schema:
required

The UpdateResourceRequest DTO

object (UpdateResourceParent)
isInheritanceDisabled
boolean

Responses

Request samples

Content type
No sample

Response samples

Content type
No sample

Delete a resource.

Authorizations:
Bearer
path Parameters
tenantId
required
string

The ID of the tenant where the resource belongs to

resourceTypeId
required
string

The key to the corresponding permission-level of the resource

id
required
string

The ID of the deleted resource

Responses

Response samples

Content type
No sample

Create a new resource.

Authorizations:
Bearer
path Parameters
tenantId
required
string

The ID of the tenant whom the resource belongs

resourceTypeId
required
string

The key of the permission level

Request Body schema:
required

The create resource request

id
string
object (CreateResourceParent)
object (ResourceMembers)
isInheritanceDisabled
boolean

Responses

Request samples

Content type
No sample

Response samples

Content type
No sample

Get all resources within the given tenantId where the subject has the requested permissions.

Authorizations:
Bearer
path Parameters
tenantId
required
string

The ID of the tenant

resourceTypeId
required
string

The key to the corresponding permission-level of the resource

query Parameters
subjectId
string

The ID of the subject

permissionScope
string

The slug of the resource type on which the permission to check is defined

permission
Array of strings unique

The permission slug to check (can occur multiple times)

Responses

Response samples

Content type
No sample

Patch resource members

Upsert all members of an existing resource on a specific role in a PATCH bulk operation. An existing member gets their role updated; a new member gets the role assigned on the resource. This triggers a recalculation of the permission tree.

Authorizations:
Bearer
path Parameters
tenantId
required
string

The tenantId

resourceTypeId
required
string

The resourceTypeId

id
required
string

The resourceId

Request Body schema:
required

the UpsertMemberRequest object

object or null
object or null

Responses

Request samples

Content type
No sample

Response samples

Content type
No sample

Get all resources within the given tenantId where the subject has the requested permissions.

Authorizations:
Bearer
path Parameters
tenantId
required
string

The ID of the tenant

resourceTypeId
required
string

The key to the corresponding permission-level of the resource

query Parameters
subjectId
string

The ID of the subject

permissionScope
string

The slug of the resource type on which the permission to check is defined

permission
Array of strings unique

The permission slug to check (can occur multiple times)

Responses

Response samples

Content type
No sample

GetResourcePermissions

Authorizations:
Bearer
path Parameters
tenantId
required
string
resourceTypeId
required
string
id
required
string

Responses

Response samples

Content type
No sample

Role

Create a new role for a specific tenant

Authorizations:
Bearer
path Parameters
tenantId
required
string

The ID of the tenant where the role should be created in.

Request Body schema:
required

The create role request

id
string or null
name
string
description
string
object

Responses

Request samples

Content type
No sample

Response samples

Content type
No sample

Get all roles of a tenant

Authorizations:
Bearer
path Parameters
tenantId
required
string

the ID of the tenant

Responses

Response samples

Content type
No sample

Get a role by id

Authorizations:
Bearer
path Parameters
tenantId
required
string

The ID of the tenant where the role belongs to

id
required
string

The ID of the role

Responses

Response samples

Content type
No sample

Update a role

This triggers a recalculation of the permission tree.

Authorizations:
Bearer
path Parameters
tenantId
required
string

The ID of the tenant that the role belongs to

id
required
string

The ID of the role to update

Request Body schema:
required

The updateRoleRequest DTO

object or null
name
string or null
description
string or null

Responses

Request samples

Content type
No sample

Response samples

Content type
No sample

Delete a role

This triggers a recalculation of the permission tree.

Authorizations:
Bearer
path Parameters
tenantId
required
string

The ID of the tenant that the role belongs to

id
required
string

The ID of the role to delete

Responses

Response samples

Content type
No sample

Tenant

Create a new tenant

This triggers a recalculation of the permission tree.

Authorizations:
Bearer
Request Body schema:
id
string
name
string
object (ResourceMembers)

Responses

Request samples

Content type
No sample

Response samples

Content type
No sample

Returns all tenants in the database. If subjectId is provided, only tenants that the subject has access to will be returned.

Authorizations:
Bearer
query Parameters
subjectId
string

The ID of the subject to check for access to the tenants (optional)

permissionScope
string

The slug of the resource type on which the permission to check is defined (only required, if subjectId is passed)

permission
Array of strings unique

The permission slug to check (optional; can occur multiple times - empty means no permissions are required)

Responses

Response samples

Content type
No sample

GetTenant

Authorizations:
Bearer
path Parameters
id
required
string

Responses

Response samples

Content type
No sample

UpdateTenant

Authorizations:
Bearer
path Parameters
id
required
string
Request Body schema:
name
string

Responses

Request samples

Content type
No sample

Response samples

Content type
No sample

Delete a tenant from the database

Authorizations:
Bearer
path Parameters
id
required
string

The ID of the tenant to delete

Responses

Response samples

Content type
No sample

Patch Tenant Members

This triggers a recalculation of the permission tree.

Authorizations:
Bearer
path Parameters
id
required
string
Request Body schema:
object or null
object or null

Responses

Request samples

Content type
No sample

Response samples

Content type
No sample

Check if the subject has the requested sub-level permissions on the requested resource.

Authorizations:
Bearer
path Parameters
id
required
string

The ID of the tenant

query Parameters
subjectId
string

The ID of the subject to check permissions for

permissionScope
string

The slug of the resource type on which the permission to check is defined

permission
Array of strings unique

The permission slug to check (can occur multiple times)

Responses

Response samples

Content type
No sample

Get the permissions of the subject on the requested resource.

Authorizations:
Bearer
path Parameters
id
required
string

The ID of the tenant

query Parameters
subjectId
string

The ID of the subject to check permissions for

Responses

Response samples

Content type
No sample

Get all tenant ids where the subject has the requested permissions.

Authorizations:
Bearer
query Parameters
subjectId
string

The ID of the subject

permissionScope
string

The slug of the resource type on which the permission to check is defined

permission
Array of strings unique

The permission slug to check (can occur multiple times)

Responses

Response samples

Content type
No sample

GetTenantPermissions

Authorizations:
Bearer
path Parameters
id
required
string

Responses

Response samples

Content type
No sample