Skip to content
ConductorOne Docs
  • Auto
  • Light
  • Dark
Get Started

IAM

IAM

IAM

IAMPersonal Clients

Create
client.iam.personalClients.create(PersonalClientCreateParamsbody?, RequestOptionsoptions?): clientPersonalClientclientSecretstringPersonalClientCreateResponse
post/api/v1/iam/personal_clients
Get
client.iam.personalClients.retrieve(stringid, RequestOptionsoptions?): clientPersonalClientPersonalClientRetrieveResponse
get/api/v1/iam/personal_clients/{id}
Update
client.iam.personalClients.update(stringid, PersonalClientUpdateParamsbody?, RequestOptionsoptions?): clientPersonalClientPersonalClientUpdateResponse
post/api/v1/iam/personal_clients/{id}
NOTE: Only shows personal clients for the current user.
client.iam.personalClients.list(RequestOptionsoptions?): listunionnextPageTokenstringPersonalClientListResponse
get/api/v1/iam/personal_clients
Delete
client.iam.personalClients.delete(stringid, PersonalClientDeleteParamsparams?, RequestOptionsoptions?): PersonalClientDeleteResponse
delete/api/v1/iam/personal_clients/{id}
Personal Client
PersonalClient

The PersonalClient message contains information about a presonal client credential.

ShowShow
idstring
optional

The unique ID of the personal client credential.

allowSourceCidrunion
optional
Array<string> | null

If set, only allows the CIDRs in the array to use the credential.

clientIdstring
optional

The clientID of the credential.

createdAtstring
optional
formatdate-time
deletedAtstring
optional
formatdate-time
displayNamestring
optional

The display name of the personal client credential.

expiresTimestring
optional
formatdate-time
lastUsedAtstring
optional
formatdate-time
scopedRolesunion
optional
Array<string> | null

scoped_roles provides a list of IAM Roles that this OAuth2 Client's API permissions are reduced to. The permissions granted to OAuth2 Client are AND'ed against the owning User's own permissions.

updatedAtstring
optional
formatdate-time
userIdstring
optional

The ID of the user that this credential is created for.

IAMRoles

Get
client.iam.roles.retrieve(stringroleID, RequestOptionsoptions?): roleRoleRoleRetrieveResponse
get/api/v1/iam/roles/{role_id}
Update
client.iam.roles.update(stringroleID, RoleUpdateParamsbody?, RequestOptionsoptions?): roleRoleRoleUpdateResponse
post/api/v1/iam/roles/{role_id}
List
client.iam.roles.list(RoleListParamsquery?, RequestOptionsoptions?): listunionnextPageTokenstringRoleListResponse
get/api/v1/iam/roles
Role
Role

Role is a role that can be assigned to a user in ConductorOne.

ShowShow
idstring
optional

The id of the role.

createdAtstring
optional
formatdate-time
deletedAtstring
optional
formatdate-time
displayNamestring
optional

The display name of the role.

namestring
optional

The internal name of the role.

permissionsunion
optional
Array<string> | null

The list of permissions this role has.

serviceRolesunion
optional
Array<string> | null

The list of serviceRoles that this role has.

systemApiOnlyboolean
optional

This Role is intended for API keys usage only, and the user interface may not function as expected.

systemBuiltinboolean
optional

The system builtin field. If this field is set, the role is not editable.

updatedAtstring
optional
formatdate-time