IAM API

Overview

This API allow you to create child API user and to control to access each API resource.
Account created on business portal can create child API user and can manage role to access each API resource.
We named the account the role manager.
The role manager can create child API users, usergroups, and roles by API. And if you want to validate the role of child API user, you have to make the child API user belong to the usergroup, the role belong to the usergroup.
Immediately after creating, child API user can't use all API because child API user don't belong any usergroups and any roles.

- USER

 Child API user account was created by the roles manager. Child API user can use API in role set by the role manager.

- USERGROUP

Usergroup is a set of child API users.

- ROLE

Role is a set of allowed APIs, source IP address, and others.
The role manager can set some entities* to a role.

*entity: In network service, if you set a network contract ID to a Role, child API user can request only network API had the ID.

Child API user, usergroup, and role relationship

Child API user, usergroup, and role relationship is below the figure.
iam_relation

Evaluation IAM Logic

Child API user can belong to multiple usergroups, usergroup can have multiple roles.
Logic judgment in the case of attached multiple roles is below the figure.
logic
① Written multiple authrise in a role is "OR"
② Attached multiple role with a usergroup is "AND"
③ Attached multiple usergroup with a user is "OR"

Caution of using role manager's API key

The role manager can use all API. You should use the role manager's API key when you use manager's API -e.g. IAM API. We recommend using API key of child API user when you use other API.

How to use this API

Flow of Seting IAM below.

1.Create child API user, usergroup, and role

First, you need to create child API user, usergroup, and role in no particular order.

  • Create child API user
  • Create usergroup
  • Create role

2.Attach child API user to usergroup, role to usergroup

Second, you need to attach child API user to usergroup, role to usergroup in no particular order.

  • Attach child API user to usergroup
  • Attach usergroup to role

Resource URL

Please use global common domain ,or the individual region domain.
If you want to use the global common domain, depending on the circumstances of your available points, and then connect to the nearest API gateway.1

1.Base Path(Global Load Balance)

https://api.ntt.com/v1/oauth/accesstokens

2.Base Path(Region)

https://{region}.api.ntt.com/v1/oauth/accesstokens
  • region is jp|us|uk
  • e.g. https://us.api.ntt.com/v1/oauth/accesstokens

Resource Information

Key Value
Response Format JSON
Authorization(OAuth) Yes
Rate Limiting#1 Yes
  • #1 appropriate flow restriction

Create child API user

Create child API user using API.

POST /v1/iam/users

Request Parameters

Name Description Type Mandatory Notes
mail Creating child API user's mail address JSON Yes Mail must be no longer than 60 characters.
Mail can contail (-),(_),('),(.).
portalUse Use of develoerp portal #1 JSON Yes
distributorFlag Creating child API user's affiliation #2 JSON Yes
password Child API user's developer portal password JSON No If portalUse is "1", password is mandatory.
Password must have
at least 1 uppercase letter and
at least 1 lowercase letter and
at least number and
at least 8 digits and
at most 60 digits.
  • #1 0: Don't use / 1: use
  • #2 0: your company's person / 1: enduser of wholesale

Example Request

 POST /v1/iam/users
 [
    {
        "mail":"test@example.com",
        "portalUse":"1",
        "password":"xxxxxx",
        "distributorFlag":"0"
    }
 ]

Response Parameters

Name Description type mandatory
consumerKey Child API user's API Key String
consumerSecret Child API user's API Secret String
distributorFlag Child API user's affiliation Int
mail Child API user's mail address String
portalUse Child API user's portalUse status Int
uuid Child API user's user ID String

Example Result

{
    "users": [
        {
            "consumerKey": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", 
            "consumerSecret": "xxxxxxxxxxxxxxxx", 
            "distributorFlag": 0, 
            "mail": "test01@example.com", 
            "portalUse": 1, 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Confirm child API list

GET /v1/iam/users

Request Parameters

none

Example Request

 GET /v1/iam/users

Response Parameters

Name Description type mandatory
distributorFlag Child API user's affiliation
0:your company's person 1:enduser of wholesale
Int
mail Child API user's mail address String
portalUse Child API user's portalUse status
0:Don't use 1:use
Int
uuid Child API user's user ID String

Example Result

{
    "count": 3, 
    "users": [
        {
            "distributorFlag": 0, 
            "mail": "test01@example.com", 
            "portalUse": 1, 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }, 
        {
            "distributorFlag": 0, 
            "mail": "test02@example.com", 
            "portalUse": 1, 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }, 
        {
            "distributorFlag": 0, 
            "mail": "test03@example.com", 
            "portalUse": 0, 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Confirm child API user's information

GET /v1/iam/users/{userId}

Request Parameters

Name Description Type Mandatory Notes
userId Child API user's user ID Path Yes

Example Request

 GET /v1/iam/users/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Response Parameters

Name Description type mandatory
distributorFlag Child API user's affiliation
0:your company's person 1:enduser of wholesale
Int
mail Child API user's mail address String
portalUse Child API user's portalUse status
0:Don't use 1:use
Int
uuid Child API user's user ID String

Example Result

{
    "users": [
        {
            "distributorFlag": 0, 
            "mail": "test03@example.com", 
            "portalUse": 0, 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Modify child API user's information

  • Child API user's information can be changed is only portalUse status.

    PUT /v1/iam/users/{userId}

Request Parameters

Name Description Type Mandatory Notes
userId Target child API user's user ID Path Yes
portalUse Child API user’s portalUse status
0:Don't use 1:use
JSON Yes

Example Request

 PUT /v1/iam/users/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
    {
        "portalUse": "1"
    }

Response Parameters

Name Description type mandatory
distributorFlag Child API user's affiliation Int
mail Child API user's mail address String
portalUse Child API user’s portalUse status Int
uuid Child API user's UUID String

Example Result

{
    "users": [
        {
            "distributorFlag": 0, 
            "mail": "test03@example.com", 
            "portalUse": 1, 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

DELETE API user

DELETE /v1/iam/users/{userId}

Request Parameters

Name Description Type Mandatory Notes
userId deleted child API user's uuid Path Yes

Example Request

 DELETE /v1/iam/users/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Response Parameters

Name Description type mandatory
uuid deleted child API user's userId String

Example Result

{
    "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}

Confirm usergroup list to which a particular user belongs

GET /v1/iam/users/{userId}/groups

Request Parameters

Name Description Type Mandatory Notes
userId a particular child API user's uuid Path Yes

Example Request

 GET /v1/iam/users/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/groups

Response Parameters

Name Description type mandatory
groupId usergroup's UUID String
groupName usergroup's name String
roleId role's UUID to which the usergroup belongs String

Example Result

{
    "count": 1, 
    "entities": [
        {
            "groupId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", 
            "groupName": "sample_group", 
            "roles": [
                {
                    "roleId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
                }
            ]
        }
    ]
}

Confirm child API user's API key information

GET /v1/iam/users/{userId}/keys

Request Parameters

Name Description Type Mandatory Notes
userId Child API user ID confirmed API Key Path Yes

Example Request

 GET /v1/iam/users/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/keys

Response Parameters

Name Description type mandatory
consumerKey Child API user's API Key String
consumerSecret Child API user's API Secret String
status API Key status (approved/revoke) String
uuid Child API user's UUID confirmed API Key String

Example Result

{
    "consumerKey": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", 
    "consumerSecret": "xxxxxxxxxxxxxxxx", 
    "status": "approved", 
    "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}

Regenerate child API user's API Key

POST /v1/iam/users/{userId}/keys

Request Parameters

Name Description Type Mandatory Notes
userId Child API user ID regenerated API Key Path Yes

Example Request

 POST /v1/iam/users/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/keys

Response Parameters

Name Description type mandatory
consumerKey Child API user's new API Key String
consumerSecret Child API user's new API Secret String
uuid Child API user's UUID regenerated API Key String

Example Result

{
    "consumerKey": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", 
    "consumerSecret": "xxxxxxxxxxxxxxxx", 
    "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}

Change approval status of API Key

POST /v1/iam/users/{userId}/keys/{API Key}

Request Parameters

Name Description Type Mandatory Notes
userId Target child API user's user ID Path Yes
API Key API Key changed approval status Path Yes
action Approval status (approve/revoke) query argument Yes

Example Request

 POST /v1/iam/users/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/keys/***********

Response Parameters

Name Description type mandatory
consumerKey Child API user's API Key String
consumerSecret Child API user's API Secret String
status Approval status of API Key (approved/revoked) String
uuid Child API user's UUID changed approval status of API key String

Example Result

{
    "consumerKey": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", 
    "consumerSecret": "xxxxxxxxxxxxxxxx", 
    "status": "revoked", 
    "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}

Create usergroup

POST /v1/iam/groups

Request Parameters

Name Description Type Mandatory Notes
groupName A creating usergroup's name JSON Yes

Example Request

 POST /v1/iam/groups
{
    "groupName":"example_group"
}

Response Parameters

Name Description type mandatory
groupName A created usergroup's name String
uuid A created usergroup's groupId String

Example Result

{
    "groups": [
        {
            "groupName": "example_group", 
            "roles": [], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Confirm usergroup list

GET /v1/iam/groups

Request Parameters

none

Example Request

 GET /v1/iam/groups

Response Parameters

Name Description type mandatory
groupName Usergroup's name String
roleId Role's UUID to which the usergroup belongs String
uuid Usergroup's group ID String

Example Result

{
    "count": 10, 
    "cursor": "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWX", 
    "groups": [
        {
            "groupName": "example_group01", 
            "roles": [
                {
                    "roleId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
                }
            ], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }, 
        {
            "groupName": "example_group02", 
            "roles": [
                {
                    "roleId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
                }
            ], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }, 
〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜
        {
            "groupName": "example_group09", 
            "roles": [
                {
                    "roleId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
                }
            ], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }, 
        {
            "groupName": "example_group10", 
            "roles": [
                {
                    "roleId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
                }
            ], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Confirm the usergroup

GET /v1/iam/groups/{groupId}

Request Parameters

Name Description Type Mandatory Notes
groupId Usergroup's UUID Path Yes

Example Request

 GET /v1/iam/groups/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Response Parameters

Name Description type mandatory
groupName Usergroup's name String
roleId Role's UUID to which the usergroup belongs String
uuid Usergroup's group ID String

Example Result

{
    "groups": [
        {
            "groupName": "example_group", 
            "roles": [
                {
                    "roleId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
                }
            ], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Update usergroup's name

PUT /v1/iam/groups/{groupId}

Request Parameters

Name Description Type Mandatory Notes
groupId Usergroup's UUID Path Yes
groupName Usergroup's name of post-update JSON Yes

Example Request

 PUT /v1/iam/groups/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
{
"groupName": "new_group_name"
}

Response Parameters

Name Description type mandatory
groupName Updated usergroup's name String
roleId Role's UUID to which the usergroup belongs String
uuid Updated usergroup's groupId String
{
    "groups": [
        {
            "groupName": "new_group_name", 
            "roles": [
                {
                    "roleId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
                }
            ], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Delete usergroup

*You need braking away the role from usergroup before delete usergroup.

DELETE /v1/iam/groups/{groupId}

Request Parameters

Name Description Type Mandatory Notes
groupId Deleting usergroup's UUID Path Yes

Example Request

 DELETE /v1/iam/groups/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Response Parameters

Name Description type mandatory
groupName Deleted usergroup's name String
uuid Deleted usergroup's groupId String
{
    "groups": [
        {
            "groupName": "example_group", 
            "resources": [], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Confirm child API user list to belong to a particular group

GET /v1/iam/groups/{groupId}/users

Request Parameters

Name Description Type Mandatory Notes
groupId Usergroup's UUID Path Yes

Example Request

 GET /v1/iam/groups/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/users

Response Parameters

Name Description type mandatory
userId User's UUID to which the usergroup belongs String
uuid Usergroup's groupId String
{
    "count": 1, 
    "groups": [
        {
            "users": [
                {
                    "userId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
                }
            ], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Attach user to usergroup

PUT /v1/iam/groups/{groupId}/users/{userId}

Request Parameters

Name Description Type Mandatory Notes
groupId Usergroup's UUID attaching user Path Yes
userId Attaching child API user's UUID Path Yes

Example Request

 PUT /v1/iam/groups/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/users/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Response Parameters

Name Description type mandatory
userId Attached child API user's UUID String
uuid Usergroup's groupId attached user String
{
    "groups": [
        {
            "users": [
                {
                    "userId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
                }
            ], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Detach user from usergroup

DELETE /v1/iam/groups/{groupId}/users/{userId}

Request Parameters

Name Description Type Mandatory Notes
groupId Usergroup's UUID Path Yes
userId Detaching child API user's UUID Path Yes

Example Request

 DELETE /v1/iam/groups/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/users/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Response Parameters

Name Description type mandatory
userId Detached child API user's UUID String
uuid Usergroup's groupId String
{
    "groups": [
        {
            "users": [
                {
                    "userId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
                }
            ], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Confirm status of attaching user to usergroup

GET /v1/iam/groups/{groupId}/users/{userId}

Request Parameters

Name Description Type Mandatory Notes
groupId Usergroup's UUID Path Yes
userId child API user's UUID Path Yes

Example Request

 GET /v1/iam/groups/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/users/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Response Parameters

Name Description type mandatory
userId Child API user's UUID String
uuid Usergroup's groupId String
{
    "count": 1, 
    "groups": [
        {
            "users": [
                {
                    "userId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
                }
            ], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Attach role to usergroup

PUT /v1/iam/groups/{groupId}/roles/{roleId}

Request Parameters

Name Description Type Mandatory Notes
groupId Usergroup's UUID Path Yes
roleId Role's UUID Path Yes

Example Request

 PUT /v1/iam/groups/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/roles/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Response Parameters

Name Description type mandatory
groupName Usergroup's name String
roleId Role's UUID String
uuid Usergroup's groupId String
{
    "groups": [
        {
            "groupName": "example_group01", 
            "roles": [
                {
                    "roleId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
                }
            ], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Detach role from usergroup

DELETE /v1/iam/groups/{groupId}/roles/{roleId}

Request Parameters

Name Description Type Mandatory Notes
groupId Usergroup's UUID Path Yes
roleId Role's UUID Path Yes

Example Request

 DELETE /v1/iam/groups/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/roles/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Response Parameters

Name Description type mandatory
groupName Usergroup's name String
uuid Usergroup's groupId String
{
    "groups": [
        {
            "groupName": "example_group01", 
            "roles": [], 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Create role

You can create API role by white list.

POST /v1/iam/roles

Request Parameters

Name Description Type Mandatory Notes
roleName Role's name JSON Yes
basePath API's name #1 JSON Yes Wildcard is *.
ipAddress Source IP address #2 JSON Yes Wildcard is *.
path API resource name #3 JSON Yes Wildcard is *.
verb Method name #4 JSON Yes Wildcard is *.
  • #1 How to write basePath

    API Name value
    Business Process API /business-process
    APILog API /apilog
    Cloudn Compute API /cloudn
    Arcstar Universal One Mobile Global M2M API /global-m2m
    Enterprise Cloud API /ec-vcd/api
    Nexcenter API /nexcenter

  • #2 How to write ipAddress
    192.168.0.10/24 or 192.168.0.2

  • #3 How to write path

    API Name value
    Business Process API /contracts, /tickets, etc
    APILog API -
    Cloudn Compute API /compute
    Arcstar Universal One Mobile Global M2M API /connectivitydirectory, /subscriptionstatus, etc
    Enterprise Cloud API /login, /vAPP, etc
    Nexcenter /data_centers, /entry_apply, etc

  • #4 GET,POST,PUT,DELETE

Example Request

 POST /v1/iam/roles
{
    "resources": [
        {
            "basePath": "*", 
            "ipAddress": "*", 
            "path": "*", 
            "verb": "*"
        }
    ], 
    "roleName": "example_role01"
}

Response Parameters

Name Description type mandatory
roleName Role's name JSON Yes
basePath API's name JSON
ipAddress Source IP address JSON
path API resource name JSON
verb Method name JSON
uuid Role's roleId JSON Yes

Example Result

{
    "roles": [
        {
            "resources": [
                {
                    "basePath": "*", 
                    "ipAddress": "*", 
                    "path": "*", 
                    "verb": "*"
                }
            ], 
            "roleName": "example_role01", 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Confirm role list

GET /v1/iam/roles

Request Parameters

None

Example Request

 GET /v1/iam/roles

Response Parameters

Name Description type mandatory
basePath API's name JSON
ipAddress Source IP address JSON
path API resource name JSON
verb Method name JSON
roleName Role's name String  Yes
uuid Role's roleId JSON Yes

Example Result

{
    "count": 10, 
    "cursor": "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWX", 
    "roles": [
        {
            "resources": [
                {
                    "basePath": "*", 
                    "ipAddress": "*", 
                    "path": "*", 
                    "verb": "*"
                }
            ], 
            "roleName": "example_role01", 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        },
        {
            "resources": [
                {
                    "basePath": "/v1/business-process", 
                    "ipAddress": "xx.xx.xx.xx/xx", 
                    "path": "/contracts", 
                    "verb": "GET"
                }
            ], 
            "roleName": "example_role02", 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }, 
〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜〜
        {
            "resources": [], 
            "roleName": "example_role09", 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }, 
        {
            "resources": [
                {
                    "basePath": "/v1/cloudn", 
                    "ipAddress": "*", 
                    "path": "/compute", 
                    "verb": "*"
                }
            ], 
            "roleName": "example_role10", 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        },
    ]
}

Confirm a specific role

GET /v1/iam/roles/{roleId}

Request Parameters

Name Description Type Mandatory Notes
roleId Role's UUID Path Yes

Example Request

 GET /v1/iam/roles/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Response Parameters

Name Description type mandatory
basePath API's name JSON
ipAddress Source IP address JSON
path API resource name JSON
verb Method name JSON
roleName Role's name String  Yes
uuid Role's roleId JSON Yes

Example Result

{
    "roles": [
        {
            "resources": [
                {
                    "basePath": "*", 
                    "ipAddress": "*", 
                    "path": "*", 
                    "verb": "*"
                }
            ], 
            "roleName": "example_role01", 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Update a specific role

PUT /v1/iam/roles/{roleId}

Request Parameters

Name Description Type Mandatory Notes
roleId Role's UUID Path Yes
roleName Role's name JSON
basePath API's name JSON
ipAddress Source IP address JSON
path API resource name JSON
verb Method name JSON
  • You have to send all data with the data to be changed.

Example Request

Pattern 1

 PUT /v1/iam/roles/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
{
    "roleName": "new_role_name"
}

Pattern 2

 PUT /v1/iam/roles/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
{
    "resources": [
        {
            "basePath": "*", 
            "ipAddress": "*", 
            "path": "/compute", 
            "verb": "*"
        }
    ]
}

Response Parameters

Name Description type mandatory
basePath API's name JSON
ipAddress Source IP address JSON
path API resource name JSON
verb Method name JSON
roleName Role's name String  Yes
uuid Role's roleId JSON Yes

Example Result

{
    "roles": [
        {
            "resources": [
                {
                    "basePath": "*", 
                    "ipAddress": "*", 
                    "path": "/compute", 
                    "verb": "*"
                }
            ], 
            "roleName": "new_role_name", 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

Delete role

DELETE /v1/iam/roles/{roleId}

Request Parameters

Name Description Type Mandatory Notes
roleId Role's UUID Path Yes

Example Request

 DELETE /v1/iam/roles/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Response Parameters

Name Description type mandatory
basePath API's name JSON
ipAddress Source IP address JSON
path API resource name JSON
verb Method name JSON
roleName Role's name String  Yes
uuid Role's roleId JSON Yes

Example Result

{
    "roles": [
        {
            "resources": [
                {
                    "basePath": "*", 
                    "ipAddress": "*", 
                    "path": "*", 
                    "verb": "*"
                }
            ], 
            "roleName": "example_role01", 
            "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
        }
    ]
}

  1. Dec. 2014 currently, DNS round robin operation. Apr. 2015 or later, API request will automatically connect to geographically close API gateway