Skip to content
ConductorOne Docs
  • Auto
  • Light
  • Dark
Get Started

IAM

IAM

IAM

IAMPersonal Clients

Create
post/api/v1/iam/personal_clients
Get
get/api/v1/iam/personal_clients/{id}
Update
post/api/v1/iam/personal_clients/{id}
NOTE: Only shows personal clients for the current user.
get/api/v1/iam/personal_clients
Delete
delete/api/v1/iam/personal_clients/{id}
Personal Client
PersonalClientobject

The PersonalClient message contains information about a presonal client credential.

ShowShow
idstring
optional

The unique ID of the personal client credential.

allowSourceCidrarray of string
optional

If set, only allows the CIDRs in the array to use the credential.

clientIdstring
optional

The clientID of the credential.

createdAtstring
optional
formatdate-time
deletedAtstring
optional
formatdate-time
displayNamestring
optional

The display name of the personal client credential.

expiresTimestring
optional
formatdate-time
lastUsedAtstring
optional
formatdate-time
scopedRolesarray of string
optional

scoped_roles provides a list of IAM Roles that this OAuth2 Client's API permissions are reduced to. The permissions granted to OAuth2 Client are AND'ed against the owning User's own permissions.

updatedAtstring
optional
formatdate-time
userIdstring
optional

The ID of the user that this credential is created for.

IAMRoles

Get
get/api/v1/iam/roles/{role_id}
Update
post/api/v1/iam/roles/{role_id}
List
get/api/v1/iam/roles
Role
Roleobject

Role is a role that can be assigned to a user in ConductorOne.

ShowShow
idstring
optional

The id of the role.

createdAtstring
optional
formatdate-time
deletedAtstring
optional
formatdate-time
displayNamestring
optional

The display name of the role.

namestring
optional

The internal name of the role.

permissionsarray of string
optional

The list of permissions this role has.

serviceRolesarray of string
optional

The list of serviceRoles that this role has.

systemApiOnlyboolean
optional

This Role is intended for API keys usage only, and the user interface may not function as expected.

systemBuiltinboolean
optional

The system builtin field. If this field is set, the role is not editable.

updatedAtstring
optional
formatdate-time