diff options
Diffstat (limited to 'data/en_us/eiam-developerapi/2022-02-25')
| -rw-r--r-- | data/en_us/eiam-developerapi/2022-02-25/api-docs.php | 6769 |
1 files changed, 3205 insertions, 3564 deletions
diff --git a/data/en_us/eiam-developerapi/2022-02-25/api-docs.php b/data/en_us/eiam-developerapi/2022-02-25/api-docs.php index e73b29d..ba5dbfa 100644 --- a/data/en_us/eiam-developerapi/2022-02-25/api-docs.php +++ b/data/en_us/eiam-developerapi/2022-02-25/api-docs.php @@ -1,337 +1,536 @@ <?php return [ 'version' => '1.0', - 'info' => [ - 'style' => 'ROA', - 'product' => 'Eiam-developerapi', - 'version' => '2022-02-25', - ], + 'info' => ['style' => 'ROA', 'product' => 'Eiam-developerapi', 'version' => '2022-02-25'], 'directories' => [ [ - 'id' => 404716, - 'title' => null, + 'children' => ['ObtainJwtAuthenticationToken', 'FetchOAuthAuthenticationToken', 'GenerateJwtAuthenticationToken', 'ListAuthenticationTokens', 'ObtainJwtAuthenticationTokenByDerivedShortToken', 'ReinstateAuthenticationToken', 'ReinstateAuthenticationTokenByConsumer', 'RevokeAuthenticationToken', 'RevokeAuthenticationTokenByConsumer', 'ValidateAuthenticationToken'], 'type' => 'directory', - 'children' => [ - 'ObtainCredential', - ], + 'title' => 'Authentication token API', ], [ - 'id' => 404718, - 'title' => null, + 'children' => ['CreateUserExclusiveCredential', 'ObtainCredential'], 'type' => 'directory', - 'children' => [ - 'ObtainCloudAccountRoleAccessCredential', - ], + 'title' => 'Credential API', ], [ - 'id' => 404720, - 'title' => null, + 'children' => ['ObtainCloudAccountRoleAccessCredential'], 'type' => 'directory', - 'children' => [ - 'GenerateToken', - 'GenerateDeviceCode', - 'GetUserInfo', - 'RevokeToken', - ], + 'title' => 'Cloud role access credential API', ], [ - 'id' => 404725, - 'title' => null, + 'children' => ['GenerateTokenByAuthorizationServer', 'GenerateToken', 'GenerateDeviceCode', 'GetUserInfo', 'RevokeToken'], 'type' => 'directory', - 'children' => [ - 'GetApplicationProvisioningScope', - ], + 'title' => 'OIDC API', ], [ - 'id' => 404727, - 'title' => null, + 'children' => ['GetApplicationProvisioningScope'], 'type' => 'directory', - 'children' => [ - 'CreateOrganizationalUnit', - 'PatchOrganizationalUnit', - 'GetOrganizationalUnit', - 'DeleteOrganizationalUnit', - 'ListOrganizationalUnits', - 'ListOrganizationalUnitParentIds', - 'GetOrganizationalUnitIdByExternalId', - ], + 'title' => 'Authorization scope API', ], [ - 'id' => 404735, - 'title' => null, + 'children' => ['CreateOrganizationalUnit', 'PatchOrganizationalUnit', 'GetOrganizationalUnit', 'DeleteOrganizationalUnit', 'ListOrganizationalUnits', 'ListOrganizationalUnitParentIds', 'GetOrganizationalUnitIdByExternalId'], 'type' => 'directory', - 'children' => [ - 'CreateUser', - 'PatchUser', - 'GetUser', - 'UpdateUserPassword', - 'DeleteUser', - 'ListUsers', - 'EnableUser', - 'DisableUser', - 'GetUserIdByEmail', - 'GetUserIdByPhoneNumber', - 'GetUserIdByUserExternalId', - 'GetUserIdByUsername', - 'SetUserPrimaryOrganizationalUnit', - 'AddUserToOrganizationalUnits', - 'RemoveUserFromOrganizationalUnits', - 'ListGroupsForUser', - ], + 'title' => 'Organization management API', ], [ - 'id' => 404752, - 'title' => null, + 'children' => ['CreateUser', 'PatchUser', 'GetUser', 'UpdateUserPassword', 'EnableUser', 'DisableUser', 'GetUserIdByEmail', 'GetUserIdByPhoneNumber', 'GetUserIdByUserExternalId', 'GetUserIdByUsername', 'SetUserPrimaryOrganizationalUnit', 'AddUserToOrganizationalUnits', 'RemoveUserFromOrganizationalUnits', 'ListGroupsForUser'], + 'type' => 'directory', + 'title' => 'Account management API', + ], + [ + 'children' => ['GetGroup', 'PatchGroup', 'AddUsersToGroup', 'ListUsersForGroup'], + 'type' => 'directory', + 'title' => 'Account group management API', + ], + [ + 'children' => ['CreateGroup', 'DeleteGroup', 'DeleteUser', 'ListGroups', 'ListUsers', 'RemoveUsersFromGroup'], + 'title' => 'Others', 'type' => 'directory', - 'children' => [ - 'GetGroup', - 'CreateGroup', - 'PatchGroup', - 'DeleteGroup', - 'ListGroups', - 'AddUsersToGroup', - 'RemoveUsersFromGroup', - 'ListUsersForGroup', - ], ], ], 'components' => [ 'schemas' => [], ], 'apis' => [ - 'ObtainCredential' => [ - 'summary' => '获取凭据明文。', - 'path' => '/v2/{instanceId}/credentials/_/actions/obtain', - 'methods' => [ - 'get', - ], - 'schemes' => [ - 'https', - ], + 'AddUserToOrganizationalUnits' => [ + 'summary' => 'Adds an EIAM account to one or more EIAM organizations. These organizations serve as subordinate organizations for the account. If the account is already a member of a specified organization, no update is performed.', + 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/addUserToOrganizationalUnits', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], - 'consumes' => [ - 'application/x-www-form-urlencoded', - 'application/json', - 'multipart/form-data', + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasCRU1S2'], ], - 'produces' => [ - 'application/json', + 'parameters' => [ + [ + 'name' => 'Authorization', + 'in' => 'header', + 'schema' => ['description' => 'The authentication information.'."\n" + .'Format: Bearer ${access\\_token}.', 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx', 'title' => ''], + ], + [ + 'name' => 'instanceId', + 'in' => 'path', + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + ], + [ + 'name' => 'applicationId', + 'in' => 'path', + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], + ], + [ + 'name' => 'userId', + 'in' => 'path', + 'schema' => ['description' => 'The account ID.', 'type' => 'string', 'required' => true, 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], + ], + [ + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', + 'schema' => [ + 'description' => 'The request body.', + 'type' => 'object', + 'properties' => [ + 'organizationalUnitIds' => [ + 'title' => '', + 'description' => 'A list of organization IDs.', + 'type' => 'array', + 'items' => ['description' => 'The organization ID.', 'type' => 'string', 'required' => false, 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'required' => true, + 'example' => '[ou_wovwffm62xifdziem7an7xxxxx]', + ], + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + ], ], - 'operationType' => 'read', + 'responses' => [ + 200 => [], + ], + 'title' => 'AddUserToOrganizationalUnits', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', + ], + 'AddUsersToGroup' => [ + 'summary' => 'Adds multiple Employee Identity and Access Management (EIAM) accounts to an EIAM group. If the accounts are already added to the specified group, no update is performed.', + 'path' => '/v2/{instanceId}/{applicationId}/groups/{groupId}/actions/addUsersToGroup', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'Anonymous' => [], + ], + ], + 'operationType' => 'write', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'none', - 'riskType' => 'high', + 'operationType' => 'update', + 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREidaasDPGRH1', - ], - 'autoTest' => true, - 'tenantRelevance' => 'tenant', + 'abilityTreeNodes' => ['FEATUREidaasIEJFYH'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', + 'schema' => ['title' => '', 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx'], + ], + [ + 'name' => 'instanceId', + 'in' => 'path', + 'schema' => ['title' => '', 'description' => 'The instance ID.'."\n", 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], + ], + [ + 'name' => 'applicationId', + 'in' => 'path', + 'schema' => ['title' => '', 'description' => 'The application ID.'."\n", 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx'], + ], + [ + 'name' => 'groupId', + 'in' => 'path', + 'schema' => ['title' => '', 'description' => 'The group ID.'."\n", 'type' => 'string', 'required' => true, 'example' => 'group_wovwffm62xifdziem7an7xxxxx'], + ], + [ + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => '认证信息。基于标准OAuth2.0或者OIDC协议签发的AccessToken', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxxxx', + 'description' => 'The request body.'."\n", + 'type' => 'object', + 'properties' => [ + 'userIds' => [ + 'title' => '', + 'description' => 'The account IDs.'."\n", + 'type' => 'array', + 'items' => ['description' => 'The account ID.'."\n", 'type' => 'string', 'required' => false, 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], + 'required' => true, + 'example' => '[user_d6sbsuumeta4h66ec3il7yxxxx}', + ], + ], + 'required' => false, + 'title' => '', + 'example' => '', ], ], + ], + 'responses' => [ + 200 => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', + 'title' => 'AddUsersToGroup', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + ], + 'CreateGroup' => [ + 'path' => '/v2/{instanceId}/{applicationId}/groups', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'Anonymous' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaas7VNWU7'], + ], + 'parameters' => [ + [ + 'name' => 'Authorization', + 'in' => 'header', + 'schema' => ['description' => 'The authentication information. The value is in the Bearer ${access\\_token} format. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx', 'title' => ''], + ], [ 'name' => 'instanceId', 'in' => 'path', + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + ], + [ + 'name' => 'applicationId', + 'in' => 'path', + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], + ], + [ + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => 'IDaaS实例ID', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - 'maxLength' => 64, + 'description' => 'The request body.', + 'type' => 'object', + 'properties' => [ + 'groupName' => ['description' => 'The organization name.', 'type' => 'string', 'required' => true, 'example' => 'name001', 'title' => ''], + 'groupExternalId' => ['description' => 'The external ID.', 'type' => 'string', 'example' => 'group_2bo6lefcewdausyyxxxx', 'title' => '', 'required' => false], + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'GroupIdObject', + 'description' => 'GroupIdObject', + 'type' => 'object', + 'properties' => [ + 'groupId' => ['description' => 'The group ID.', 'type' => 'string', 'example' => 'group_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + ], + 'example' => '', ], ], + ], + 'title' => 'CreateGroup', + 'summary' => 'Creates a group.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"groupId\\": \\"group_wovwffm62xifdziem7an7xxxxx\\"\\n}","type":"json"}]', + ], + 'CreateOrganizationalUnit' => [ + 'path' => '/v2/{instanceId}/{applicationId}/organizationalUnits', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'credentialIdentifier', - 'in' => 'query', + 'Anonymous' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaas3S4NKL'], + ], + 'parameters' => [ + [ + 'name' => 'Authorization', + 'in' => 'header', + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij', 'title' => ''], + ], + [ + 'name' => 'instanceId', + 'in' => 'path', + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + ], + [ + 'name' => 'applicationId', + 'in' => 'path', + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], + ], + [ + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => '云角色的外部唯一标识', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'credential_identifier_test', - 'maxLength' => 64, + 'description' => 'The request body.', + 'type' => 'object', + 'properties' => [ + 'organizationalUnitName' => ['description' => 'The name of the organizational unit.', 'type' => 'string', 'required' => true, 'example' => 'name001', 'title' => ''], + 'parentId' => ['description' => 'The ID of the parent organizational unit.', 'type' => 'string', 'required' => true, 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'organizationalUnitExternalId' => ['description' => 'The external ID of the organizational unit. The external ID can be used to map external data to the data of the organizational unit in Employee Identity and Access Management (EIAM) of Identity as a Service (IDaaS). By default, the external ID is the organizational unit ID.'."\n" + ."\n" + .'For organizational units with the same source type and source ID, each organizational unit has a unique external ID.', 'type' => 'string', 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => '', 'required' => false], + 'description' => ['description' => 'The description of the organizational unit.', 'type' => 'string', 'example' => '测试组织', 'title' => '', 'required' => false], + ], + 'required' => false, + 'example' => 'app_xx001', + 'title' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => '', - 'description' => '', + 'title' => 'OrganizationalUnitIdObject', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'instanceId' => [ - 'title' => 'EIAM实例ID。', - 'description' => 'EIAM实例ID。', - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'credentialId' => [ - 'title' => '凭据ID。', - 'description' => '凭据ID。', - 'type' => 'string', - 'example' => 'cred_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], - 'status' => [ - 'title' => '凭据状态', - 'description' => '凭据状态', - 'type' => 'string', - 'example' => 'enabled', - ], - 'credentialIdentifier' => [ - 'title' => '凭据标识', - 'description' => '凭据标识', - 'type' => 'string', - 'example' => 'credential_identifier_test', - ], - 'credentialName' => [ - 'title' => '凭据名称', - 'description' => '凭据名称', - 'type' => 'string', - 'example' => 'credential_name', - ], - 'credentialSubjectType' => [ - 'title' => '凭据所属的主体类型。', - 'description' => '凭据所属的主体类型。', - 'type' => 'string', - 'example' => 'authentication_token_provider', - ], - 'credentialSubjectId' => [ - 'title' => '凭据所属的主体ID。', - 'description' => '凭据所属的主体ID。', - 'type' => 'string', - 'example' => 'apt_werthgfdsasffxxxxx', - ], - 'credentialScenarioLabel' => [ - 'title' => '凭据的使用场景标签。', - 'description' => '凭据的使用场景标签。', - 'type' => 'string', - 'example' => 'llm', - ], - 'credentialType' => [ - 'title' => '凭据类型。', - 'description' => '凭据类型。', - 'type' => 'string', - 'example' => 'api_key', - ], - 'credentialCreationType' => [ - 'title' => '凭据的创建类型。', - 'description' => '凭据的创建类型。', - 'type' => 'string', - 'example' => 'user_custom', - ], - 'description' => [ - 'title' => '描述', - 'description' => '描述', - 'type' => 'string', - 'example' => 'credential_description', - ], - 'createTime' => [ - 'title' => '云角色创建时间', - 'description' => '云角色创建时间', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1649830225000', - ], - 'updateTime' => [ - 'title' => '云角色更新时间', - 'description' => '云角色更新时间', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1649830227000', - ], - 'credentialContent' => [ - 'title' => '凭据的内容', - 'description' => '凭据的内容。', + 'organizationalUnitId' => ['description' => 'The ID of the organizational unit.', 'type' => 'string', 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + ], + 'example' => '', + ], + ], + ], + 'title' => 'CreateOrganizationalUnit', + 'summary' => 'Creates an organizational unit.', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid\\_token | Access token is not valid | token无效|'."\n" + .'| 400 | OrganizationUnitIdNotInScopes | organizationUnitId : ou_wovwffm62xifdziem7an7xxxxx not in provisioning scope! | 组织不在同步范围内|'."\n" + .'| 400 | MissingParameter.OrganizationalUnitName | The specified parameter:OrganizationalUnitName is required! | 缺少组织名称参数|'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx| 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:organizational_unit:manage_all] | 缺少API授权信息 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"organizationalUnitId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\"\\n}","type":"json"}]', + ], + 'CreateUser' => [ + 'summary' => 'Creates a new EIAM account in a specified organization.', + 'path' => '/v2/{instanceId}/{applicationId}/users', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'Anonymous' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasCRU1S2'], + ], + 'parameters' => [ + [ + 'name' => 'Authorization', + 'in' => 'header', + 'schema' => ['description' => 'The authentication information.'."\n" + .'Format: `Bearer ${access_token}`.'."\n" + .'Example: `Bearer ATxxxx`.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij', 'title' => ''], + ], + [ + 'name' => 'instanceId', + 'in' => 'path', + 'schema' => ['description' => 'The ID of the instance.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + ], + [ + 'name' => 'applicationId', + 'in' => 'path', + 'schema' => ['description' => 'The ID of the application.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], + ], + [ + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', + 'schema' => [ + 'description' => 'The request body.', + 'type' => 'object', + 'properties' => [ + 'username' => ['description' => 'The username. It can contain letters, digits, and the following special characters: underscore (`_`), period (`.`), at sign (`@`), and hyphen (`-`). The maximum length is 256 characters.', 'type' => 'string', 'required' => true, 'example' => 'name001', 'title' => ''], + 'displayName' => ['description' => 'The display name. The maximum length is 128 characters.', 'type' => 'string', 'example' => 'display_name001', 'title' => '', 'required' => false], + 'password' => ['description' => 'The account password. For password complexity rules, see the password policy in the IDaaS console.', 'type' => 'string', 'example' => 'xxxxx', 'title' => '', 'required' => false], + 'phoneRegion' => ['description' => 'The phone region code. For example, the code for the Chinese mainland is `86`. Do not include a `00` prefix or a plus sign (`+`). This parameter is required if `phoneNumber` is set.', 'type' => 'string', 'example' => '86', 'title' => '', 'required' => false], + 'phoneNumber' => ['description' => 'The account phone number. It must be 6 to 15 digits long.', 'type' => 'string', 'example' => '156xxxxxxx', 'title' => '', 'required' => false], + 'phoneNumberVerified' => ['description' => 'Specifies whether the phone number is verified. This parameter is required if `phoneNumber` is set. Typically, set this to `true`.', 'type' => 'boolean', 'example' => 'true', 'title' => '', 'required' => false], + 'email' => ['description' => 'The email address. The local-part of the address can contain uppercase and lowercase letters, digits, periods (`.`), underscores (`_`), and hyphens (`-`). The maximum length is 128 characters.', 'type' => 'string', 'example' => 'example@example.com', 'title' => '', 'required' => false], + 'emailVerified' => ['description' => 'Specifies whether the email is verified. This parameter is required if `email` is set. Typically, set this to `true`.', 'type' => 'boolean', 'example' => 'true', 'title' => '', 'required' => false], + 'userExternalId' => ['description' => 'The external user ID, used to associate the account with an external system. The maximum length is 128 characters. If unspecified, it defaults to the account ID.', 'type' => 'string', 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => '', 'required' => false], + 'primaryOrganizationalUnitId' => ['description' => 'The ID of the primary organizational unit.', 'type' => 'string', 'required' => true, 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'description' => ['description' => 'The account description. The maximum length is 256 characters.', 'type' => 'string', 'example' => '测试账户', 'title' => '', 'required' => false], + 'passwordInitializationConfig' => [ + 'title' => '', + 'description' => 'The password initialization configuration.', 'type' => 'object', 'properties' => [ - 'oauthClientContent' => [ - 'title' => 'OAuth客户端认证凭证类型的凭据内容。', - 'description' => 'OAuth客户端认证凭证类型的凭据内容。', - 'type' => 'object', - 'properties' => [ - 'clientId' => [ - 'title' => 'OAuth协议的client_id', - 'description' => 'OAuth协议的client_id', - 'type' => 'string', - 'example' => 'dmvncmxersdxxxxxx', - ], - 'clientSecret' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'nsklnertyt5ddwizncxxxx', - ], - ], + 'passwordInitializationPolicyPriority' => ['description' => 'The priority of the password initialization policy. Valid values:'."\n" + ."\n" + .'- `global`: Uses the instance-level password initialization policy and ignores the custom settings in this request. For more information, see the password initialization policy configuration in the IDaaS console.'."\n" + ."\n" + .'- `custom`: Uses the custom password initialization policy defined in this request. This includes settings for forced password updates, the initialization type, and notification channels.', 'type' => 'string', 'example' => 'global', 'title' => '', 'required' => false], + 'passwordForcedUpdateStatus' => ['description' => 'The password forced update status. By default, this feature is disabled. Valid values:'."\n" + ."\n" + .'- `enabled`: Enables the feature.'."\n" + ."\n" + .'- `disabled`: Disables the feature.', 'type' => 'string', 'example' => 'enabled', 'title' => '', 'required' => false], + 'userNotificationChannels' => [ + 'title' => '', + 'description' => 'The user notification channels. Valid values:'."\n" + ."\n" + .'- `email`: Email'."\n" + ."\n" + .'- `sms`: SMS', + 'type' => 'array', + 'items' => ['description' => 'The user notification channel.', 'type' => 'string', 'required' => false, 'example' => 'email', 'title' => ''], + 'required' => false, + 'example' => 'sms', ], - 'apiKeyContent' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'apiKey' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'nsklncmwizncxxxx'."\n", - ], - ], + 'passwordInitializationType' => ['description' => 'The password initialization type. Valid values:'."\n" + ."\n" + .'- `random`: A randomly generated password.', 'type' => 'string', 'example' => 'random', 'title' => '', 'required' => false], + ], + 'required' => false, + 'example' => '', + ], + 'customFields' => [ + 'title' => '', + 'description' => 'A list of custom fields for the account.', + 'type' => 'array', + 'items' => [ + 'description' => 'An object containing the name and value of a custom field.', + 'type' => 'object', + 'properties' => [ + 'fieldName' => ['description' => 'The name of the custom field. You can view the field\'s data type and value range in the IDaaS console.', 'type' => 'string', 'example' => 'age', 'title' => '', 'required' => false], + 'fieldValue' => ['description' => 'The value of the custom field.', 'type' => 'string', 'example' => 'fieldValue_001', 'title' => '', 'required' => false], ], + 'required' => false, + 'title' => '', + 'example' => '', ], + 'required' => false, + 'example' => '', ], ], + 'required' => false, + 'example' => 'app_xx001', + 'title' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"credentialId\\": \\"cred_mkv7rgt4d7i4u7zqtzev2mxxxx\\",\\n \\"status\\": \\"enabled\\",\\n \\"credentialIdentifier\\": \\"credential_identifier_test\\",\\n \\"credentialName\\": \\"credential_name\\",\\n \\"credentialSubjectType\\": \\"authentication_token_provider\\",\\n \\"credentialSubjectId\\": \\"apt_werthgfdsasffxxxxx\\",\\n \\"credentialScenarioLabel\\": \\"llm\\",\\n \\"credentialType\\": \\"api_key\\",\\n \\"credentialCreationType\\": \\"user_custom\\",\\n \\"description\\": \\"credential_description\\",\\n \\"createTime\\": 1649830225000,\\n \\"updateTime\\": 1649830227000,\\n \\"credentialContent\\": {\\n \\"oauthClientContent\\": {\\n \\"clientId\\": \\"dmvncmxersdxxxxxx\\",\\n \\"clientSecret\\": \\"nsklnertyt5ddwizncxxxx\\"\\n },\\n \\"apiKeyContent\\": {\\n \\"apiKey\\": \\"nsklncmwizncxxxx\\\\n\\"\\n }\\n }\\n}","type":"json"}]', - ], - 'ObtainCloudAccountRoleAccessCredential' => [ - 'summary' => '获取云角色(CloudAccountRole)的临时访问凭证', - 'path' => '/v2/{instanceId}/cloudAccountRoles/_/actions/obtainAccessCredential', - 'methods' => [ - 'get', + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => '', + 'description' => 'The response object.', + 'type' => 'object', + 'properties' => [ + 'userId' => ['description' => 'The user ID.', 'type' => 'string', 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], + ], + 'example' => '', + ], + ], ], - 'schemes' => [ - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"userId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\"\\n}","type":"json"}]', + 'title' => 'CreateUser', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid_token | Access token is not valid | token无效|'."\n" + .'| 400 | invalid_request | Access token application id not match | 请求无效,token信息与参数应用ID不一致|'."\n" + .'| 400 | OrganizationUnitIdNotInScopes | organizationUnitId : ou_wovwffm62xifdziem7an7xxxxx not in provisioning scope! | 组织不存在或组织不在同步范围内|'."\n" + .'| 404 | instance\\_not\\_found | Instance id not found: idaas_ue2jvisn35ea5lmthk267xxxxx | 实例不存在 |'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:user:manager_all] | 缺少API授权信息 |'."\n" + .'| 400 | MissingParameter.Username | The specified parameter:Username is required! | 缺少账户名参数 |'."\n" + .'| 400 | MissingParameter.PhoneRegion | The specified parameter:PhoneRegion is required! | 缺少手机区号参数,若已设置手机号,此为必填项 |'."\n" + .'| 400 | MissingParameter.PhoneNumberVerified | The specified parameter:PhoneRegion is required! | 缺少手机区号是否已验证参数,若已设置手机号,此为必填项 |'."\n" + .'| 400 | MissingParameter.Email | The specified parameter:Email is required! | 缺少邮箱是否已验证参数,若已设置邮箱,此为必填项 |'."\n" + .'| 400 | MissingParameter.Username | The specified parameter:Username is required! | 缺少账户名参数 |'."\n" + .'| 400 | MissingParameter.PrimaryOrganizationalUnitId | The specified parameter:PrimaryOrganizationalUnitId is required! | 缺少主组织参数 |'."\n" + .'| 400 | InvalidParameter.PhoneNumber | The specified parameter:PhoneNumber is invalid. | 无效的手机号 |'."\n" + .'| 400 | InvalidParameter.PhoneRegion | The specified parameter:PhoneRegion is invalid. | 无效的手机区号 |'."\n" + .'| 400 | InvalidParameter.Password | The specified parameter:Password is invalid. | 密码不符合规则,请参考IDaaS控制台密码规则 |'."\n" + .'| 400 | InvalidParameter.Email | The specified parameter:Email is invalid. | 无效的邮箱 |'."\n" + .'| 400 | InvalidParameter.DisplayName | The specified parameter:DisplayName is invalid. | 账户显示名过长 |'."\n" + .'| 400 | InvalidParameter.Description | The specified parameter:Description is invalid. | 账户描述过长 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + ], + 'CreateUserExclusiveCredential' => [ + 'summary' => 'Creates a user exclusive credential.', + 'path' => '/v2/{instanceId}/credentials/_/actions/createUserExclusive', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'Anonymous' => [], ], ], - 'consumes' => [ - 'application/x-www-form-urlencoded', - 'application/json', - 'multipart/form-data', - ], - 'produces' => [ - 'application/json', - ], - 'operationType' => 'read', + 'consumes' => ['application/json'], + 'produces' => ['application/json'], + 'operationType' => 'write', 'deprecated' => false, 'systemTags' => [ 'operationType' => 'none', - 'riskType' => 'high', + 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREidaasDPGRH1', - ], + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], 'autoTest' => true, 'tenantRelevance' => 'tenant', ], @@ -339,672 +538,1117 @@ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。基于标准OAuth2.0或者OIDC协议签发的AccessToken', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxxxx', - ], + 'schema' => ['description' => 'The authentication information. The value must be in the `Bearer ${access_token}` format.'."\n" + ."\n" + .'> The access token must be issued by IDaaS.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'Bearer xxxxxx'], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => 'IDaaS实例ID', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The ID of the IDaaS instance.', 'type' => 'string', 'required' => true, 'maxLength' => 64, 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], ], [ - 'name' => 'cloudAccountRoleExternalId', - 'in' => 'query', - 'schema' => [ - 'title' => '云角色的外部唯一标识', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'acs:ram::xxx:role/role-test', - ], - ], - ], - 'responses' => [ - 200 => [ + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => '', - 'description' => '', 'type' => 'object', 'properties' => [ - 'cloudAccountId' => [ - 'title' => '云账号ID', - 'description' => '', - 'type' => 'string', - 'example' => 'ca_01kmegjc11qa1txxxxx', - ], - 'cloudAccountRoleId' => [ - 'title' => '云账号角色ID', - 'description' => '', - 'type' => 'string', - 'example' => 'carole_01kmek49aqxxxx', - ], - 'cloudAccountRoleName' => [ - 'title' => '云账号角色名称', - 'description' => '', - 'type' => 'string', - 'example' => 'role-test', - ], - 'cloudAccountRoleExternalId' => [ - 'title' => '云账号角色外部唯一键', - 'description' => '', - 'type' => 'string', - 'example' => 'acs:ram::xxx:role/role-test', - ], - 'cloudAccountVendorType' => [ - 'title' => '云账号身份类型(云厂商类型)', - 'description' => '', - 'type' => 'string', - 'enumValueTitles' => [ - 'alibaba_cloud' => 'alibaba_cloud', - ], - 'example' => 'alibaba_cloud', - ], - 'cloudAccountRoleAccessCredential' => [ - 'title' => '可用于扮演云角色的临时访问凭证', - 'description' => '', + 'credentialIdentifier' => ['description' => 'The credential identifier.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'credential_identifier_test'], + 'credentialName' => ['description' => 'The credential name.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'credential_name'], + 'credentialScenarioLabel' => ['description' => 'The use case for the credential. Valid values:'."\n" + ."\n" + .'- `llm`: Large Language Model (LLM).'."\n" + ."\n" + .'- `saas`: Third-party Software as a Service (SaaS).', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'llm'], + 'credentialType' => ['description' => 'The credential type. Valid values:'."\n" + ."\n" + .'- `api_key`: API key credential.'."\n" + ."\n" + .'- `oauth_client`: OAuth client credential.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'api_key'], + 'credentialContent' => [ 'type' => 'object', 'properties' => [ - 'accessCredentialExpiresAt' => [ - 'title' => '云角色临时访问凭证的过期时间,单位秒。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1767196800', - ], - 'alibabaCloudStsToken' => [ - 'title' => '代表阿里云Role的STS Token', - 'description' => '', + 'apiKeyContent' => [ 'type' => 'object', 'properties' => [ - 'accessKeyId' => [ - 'title' => '访问密钥ID', - 'description' => '', - 'type' => 'string', - 'example' => 'STS.NUgYrLnoC37mZZCNnAbez****', - ], - 'accessKeySecret' => [ - 'title' => '访问密钥密文', - 'description' => '', - 'type' => 'string', - 'example' => 'CVwjCkNzTMupZ8NbTCxCBRq3K16jtcWFTJAyBEv2****', - ], - 'securityToken' => [ - 'title' => '临时凭证会话安全令牌', - 'description' => '', - 'type' => 'string', - 'example' => 'CAIShwJ1q6Ft5B2yfSjIr5bSEsj4g7BihPWGWHz****', - ], - 'expiration' => [ - 'title' => 'STS Token到期失效时间(UTC时间)'."\n", - 'description' => '', - 'type' => 'string', - 'example' => '2021-10-20T04:27:09Z', - ], + 'apiKey' => ['description' => 'The value of the API key. This parameter is required if `credentialType` is set to `api_key`.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'sk-nsklncmwizncxxxx'], ], + 'title' => '', + 'description' => 'The content of the API key credential. This parameter is required if `credentialType` is set to `api_key`.', + 'required' => false, + 'example' => '', ], ], + 'required' => true, + 'title' => '', + 'description' => 'The content of the credential.', + 'example' => '', ], + 'description' => ['description' => 'The description of the credential.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'credential_description'], + 'credentialExternalId' => ['type' => 'string', 'description' => '', 'title' => '', 'example' => ''], ], + 'description' => 'The request body.', + 'required' => false, + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => '', + 'type' => 'object', + 'properties' => [ + 'credentialId' => ['description' => 'The credential ID.', 'type' => 'string', 'title' => '', 'example' => 'cred_mkv7rgt4d7i4u7zqtzev2mxxxx'], + 'credentialIdentifier' => ['description' => 'The credential identifier.', 'type' => 'string', 'title' => '', 'example' => 'credential_identifier_test'], + ], + 'description' => 'The response body.', + 'example' => '', + ], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"cloudAccountId\\": \\"ca_01kmegjc11qa1txxxxx\\",\\n \\"cloudAccountRoleId\\": \\"carole_01kmek49aqxxxx\\",\\n \\"cloudAccountRoleName\\": \\"role-test\\",\\n \\"cloudAccountRoleExternalId\\": \\"acs:ram::xxx:role/role-test\\",\\n \\"cloudAccountVendorType\\": \\"alibaba_cloud\\",\\n \\"cloudAccountRoleAccessCredential\\": {\\n \\"accessCredentialExpiresAt\\": 1767196800,\\n \\"alibabaCloudStsToken\\": {\\n \\"accessKeyId\\": \\"STS.NUgYrLnoC37mZZCNnAbez****\\",\\n \\"accessKeySecret\\": \\"CVwjCkNzTMupZ8NbTCxCBRq3K16jtcWFTJAyBEv2****\\",\\n \\"securityToken\\": \\"CAIShwJ1q6Ft5B2yfSjIr5bSEsj4g7BihPWGWHz****\\",\\n \\"expiration\\": \\"2021-10-20T04:27:09Z\\"\\n }\\n }\\n}","type":"json"}]', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'CreateUserExclusiveCredential', + 'description' => 'This API operation uses an IDaaS-issued access token for authentication and authorization.'."\n" + ."\n" + .'The access token must have the "Manage Static Credentials" permission for the built-in Privileged Access Management (PAM) application in IDaaS.'."\n" + ."\n" + .'> The required scope is `urn:cloud:idaas:pam|credential:manage`.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"credentialId\\": \\"cred_mkv7rgt4d7i4u7zqtzev2mxxxx\\",\\n \\"credentialIdentifier\\": \\"credential_identifier_test\\"\\n}","type":"json"}]', ], - 'GenerateToken' => [ - 'summary' => 'Generates a token for accessing an application in an instance.', - 'path' => '/v2/{instanceId}/{applicationId}/oauth2/token', - 'methods' => [ - 'post', + 'DeleteGroup' => [ + 'summary' => 'Deletes a group.', + 'path' => '/v2/{instanceId}/{applicationId}/groups/{groupId}', + 'methods' => ['delete'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'Anonymous' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasJ7WKML', 'FEATUREidaas7VNWU7'], + ], + 'parameters' => [ + [ + 'name' => 'Authorization', + 'in' => 'header', + 'schema' => ['title' => '', 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx'], + ], + [ + 'name' => 'instanceId', + 'in' => 'path', + 'schema' => ['title' => '', 'description' => 'The instance ID.'."\n", 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], + ], + [ + 'name' => 'applicationId', + 'in' => 'path', + 'schema' => ['title' => '', 'description' => 'The application ID.'."\n", 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx'], + ], + [ + 'name' => 'groupId', + 'in' => 'path', + 'schema' => ['title' => '', 'description' => 'The group ID.'."\n", 'type' => 'string', 'required' => true, 'example' => 'group_wovwffm62xifdziem7an7xxxxx'], + ], + ], + 'responses' => [ + 200 => [], ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', + 'title' => 'DeleteGroup', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + ], + 'DeleteOrganizationalUnit' => [ + 'summary' => 'Deletes an organizational unit.', + 'path' => '/v2/{instanceId}/{applicationId}/organizationalUnits/{organizationalUnitId}', + 'methods' => ['delete'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], - 'produces' => [], + 'operationType' => 'write', 'deprecated' => false, - 'systemTags' => [], + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaas3S4NKL'], + ], 'parameters' => [ [ + 'name' => 'Authorization', + 'in' => 'header', + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij'."\n", 'title' => ''], + ], + [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'client_id', - 'in' => 'query', - 'schema' => [ - 'description' => 'The client ID.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'name' => 'organizationalUnitId', + 'in' => 'path', + 'schema' => ['description' => 'The ID of the organizational unit.', 'type' => 'string', 'required' => true, 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], ], + ], + 'responses' => [ + 200 => [], + ], + 'title' => 'DeleteOrganizationalUnit', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid\\_token | Access token is not valid | token无效|'."\n" + .'| 400 | OrganizationUnitIdNotInScopes | organizationUnitId : ou_wovwffm62xifdziem7an7xxxxx not in provisioning scope! | 组织不在同步范围内或不存在|'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:organizational_unit:manage_all] | 缺少API授权信息 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', + ], + 'DeleteUser' => [ + 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}', + 'methods' => ['delete'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'client_secret', - 'in' => 'query', - 'schema' => [ - 'description' => 'The client secret. This parameter is required if grant_type is set to client_credentials.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'CSEHDcHcrUKHw1CuxkJEHPveWRXBGqVqRsxxxx', - ], + 'Anonymous' => [], ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasCRU1S2'], + ], + 'parameters' => [ [ - 'name' => 'grant_type', - 'in' => 'query', - 'schema' => [ - 'title' => '授权类型', - 'description' => 'The supported authorization types are as follows:'."\n" - .'- client_credentials:Client credentials flow, requires client_id and client_secret.'."\n" - .'- refresh_token:Refresh token flow.'."\n" - .'- authorization_code:Authorization code flow.'."\n" - .'- urn:ietf:params:oauth:grant-type:device_code:Device authorization flow.'."\n" - .'- password:Password (Resource Owner Password Credentials) flow.', - 'type' => 'string', - 'required' => true, - 'enumValueTitles' => [], - 'example' => 'client_credentials', - 'enum' => [ - 'authorization_code', - 'urn:ietf:params:oauth:grant-type:device_code', - 'refresh_token', - 'client_credentials', - 'password', - ], - ], + 'name' => 'Authorization', + 'in' => 'header', + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij', 'title' => ''], ], [ - 'name' => 'code', - 'in' => 'query', - 'schema' => [ - 'title' => 'code码', - 'description' => 'The authorization code. This parameter is required if grant_type is set to authorization_code.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'xxxx', - ], + 'name' => 'instanceId', + 'in' => 'path', + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ - 'name' => 'username', - 'in' => 'query', - 'schema' => [ - 'title' => '用户名', - 'description' => 'The username. This parameter is required if grant_type is set to password. The password authentication type is not supported.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'uesrname_001', - ], + 'name' => 'applicationId', + 'in' => 'path', + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'password', - 'in' => 'query', - 'schema' => [ - 'title' => '密码', - 'description' => 'The username. This parameter is required if grant_type is set to password. The password authentication type is not supported.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'xxxxxx', - ], + 'name' => 'userId', + 'in' => 'path', + 'schema' => ['description' => 'The account ID.', 'type' => 'string', 'required' => true, 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], ], + ], + 'responses' => [ + 200 => [], + ], + 'title' => 'DeleteUser', + 'summary' => 'Deletes an Employee Identity and Access Management (EIAM) account.', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid\\_token | Access token is not valid | token无效|'."\n" + .'| 404 | ResourceNotFound.User | The specified User resource: user_d6sbsuumeta4h66ec3il7yxxxx not found. | 账户不存在 |'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:user:manager_all] | 缺少API授权信息 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', + ], + 'DisableUser' => [ + 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/disable', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'device_code', - 'in' => 'query', - 'schema' => [ - 'title' => '设备码', - 'description' => 'The device code. This parameter is required if grant_type is set to authorization_code.urn:ietf:params:oauth:grant-type:device_code.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'xxxx', - ], + 'Anonymous' => [], ], + ], + 'operationType' => 'readAndWrite', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaas1FXU07'], + ], + 'parameters' => [ [ - 'name' => 'redirect_uri', - 'in' => 'query', - 'schema' => [ - 'title' => '重定向URI', - 'description' => 'The redirect URI. This parameter is required if grant_type is set to authorization_code. The value of this parameter must be the same as the redirect URI in the request to obtain the authorization code.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'xxx', - ], + 'name' => 'Authorization', + 'in' => 'header', + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx', 'title' => ''], ], [ - 'name' => 'refresh_token', - 'in' => 'query', - 'schema' => [ - 'title' => '更新token', - 'description' => 'The refreshed token. This parameter is required if grant_type is set to refresh_token.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'ATxxx', - ], + 'name' => 'instanceId', + 'in' => 'path', + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ - 'name' => 'code_verifier', - 'in' => 'query', - 'schema' => [ - 'title' => '验证code', - 'description' => 'The verification code.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'xxx', - ], + 'name' => 'applicationId', + 'in' => 'path', + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'exclusive_tag', - 'in' => 'query', - 'schema' => [ - 'title' => '排除的tag', - 'description' => 'The excluded tags.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'ATxxx', - ], + 'name' => 'userId', + 'in' => 'path', + 'schema' => ['description' => 'The account ID.', 'type' => 'string', 'required' => true, 'example' => 'user_001', 'title' => ''], ], + ], + 'responses' => [ + 200 => [], + ], + 'title' => 'DisableUser', + 'summary' => 'Disables an Employee Identity and Access Management (EIAM) account.', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid_token | Access token is not valid | '."\n" + .'| 404 | ResourceNotFound.User | The specified User resource: user_xxxx not found. | '."\n" + .'| 404 | application_not_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | '."\n" + .'| 403 | application_disabled | Application is disabled | '."\n" + .'| 403 | application_api_disabled | Application api invoke disabled | '."\n" + .'| 403 | permission_denied | Require scopes: [urn:alibaba:idaas:scope:user:manager_all] | '."\n" + .'| 500 | Internal Server Error | Internal Server Error |', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', + ], + 'EnableUser' => [ + 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/enable', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'scope', - 'in' => 'query', + 'Anonymous' => [], + ], + ], + 'operationType' => 'readAndWrite', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaas1FXU07'], + ], + 'parameters' => [ + [ + 'name' => 'Authorization', + 'in' => 'header', + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx', 'title' => ''], + ], + [ + 'name' => 'instanceId', + 'in' => 'path', + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + ], + [ + 'name' => 'applicationId', + 'in' => 'path', + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], + ], + [ + 'name' => 'userId', + 'in' => 'path', + 'schema' => ['description' => 'The account ID.', 'type' => 'string', 'required' => true, 'example' => 'user_001', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [], + ], + 'title' => 'EnableUser', + 'summary' => 'Enables an Employee Identity and Access Management (EIAM) account.', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid_token | Access token is not valid | '."\n" + .'| 404 | ResourceNotFound.User | The specified User resource: user_xxxx not found. | '."\n" + .'| 404 | application_not_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | '."\n" + .'| 403 | application_disabled | Application is disabled | '."\n" + .'| 403 | application_api_disabled | Application api invoke disabled | '."\n" + .'| 403 | permission_denied | Require scopes: [urn:alibaba:idaas:scope:user:manager_all] | '."\n" + .'| 500 | Internal Server Error | Internal Server Error |', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', + ], + 'FetchOAuthAuthenticationToken' => [ + 'path' => '/v2/{instanceId}/authenticationTokens/_/actions/fetchOAuthAccessToken', + 'methods' => ['post'], + 'schemes' => ['https'], + 'security' => [ + [ + 'Anonymous' => [], + ], + ], + 'consumes' => ['application/json'], + 'produces' => ['application/json'], + 'operationType' => 'readAndWrite', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'none', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Authorization', + 'in' => 'header', + 'schema' => ['description' => 'The authentication information. The format is \\`Bearer ${access\\_token}\\`.'."\n" + ."\n" + .'> Enter the access token issued by IDaaS.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'Bearer xxxxxx'], + ], + [ + 'name' => 'instanceId', + 'in' => 'path', + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'maxLength' => 64, 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], + ], + [ + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => 'scope范围', - 'description' => 'The authorization scope. Valid values:'."\n" - ."\n" - .'* openid'."\n" - .'* email'."\n" - .'* phone'."\n" - .'* profile'."\n", - 'type' => 'string', + 'type' => 'object', + 'properties' => [ + 'credentialProviderIdentifier' => ['description' => 'The identifier of the credential provider.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'test_example_identifier'], + 'scope' => ['description' => 'The scope for the OAuth protocol.'."\n" + ."\n" + .'> If you do not specify this parameter, the scope of the issued OAuth access token is determined by the scope configuration of the credential provider.'."\n" + ."\n" + .'><notice>'."\n" + ."\n" + .'Separate multiple scope values with spaces.'."\n" + ."\n" + .'></notice>', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'example:test_01 example:test_02'], + ], + 'description' => 'The request body.', 'required' => false, - 'example' => 'xxxx', + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'token信息', - 'description' => 'The response parameters.'."\n", + 'title' => '', 'type' => 'object', 'properties' => [ - 'token_type' => [ - 'title' => 'token类型,包含Basic,Bearer', - 'description' => 'The type of the token. Valid values: Basic Bearer'."\n", - 'type' => 'string', - 'enumValueTitles' => [ - 'Basic' => 'Basic', - 'Bearer' => 'Bearer', + 'instanceId' => ['description' => 'The instance ID.', 'type' => 'string', 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], + 'authenticationTokenId' => ['description' => 'The authentication token ID.', 'type' => 'string', 'title' => '', 'example' => 'atntkn_01kqflm0sxxx8nmdc1cb5dskxxxxx'], + 'credentialProviderId' => ['description' => 'The credential provider ID.', 'type' => 'string', 'title' => '', 'example' => 'atp_01kr2cmj5gxxx4fvmls2e93dxxxxx'], + 'createTime' => ['description' => 'The time when the authentication token was created. This is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1649830225000'], + 'updateTime' => ['description' => 'The time when the authentication token was last updated. This is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1649830225000'], + 'authenticationTokenType' => ['description' => 'The type of the authentication token.'."\n" + ."\n" + .'> The value is fixed to `oauth_access_token`, which indicates an OAuth access token.', 'type' => 'string', 'title' => '', 'example' => 'oauth_access_token'], + 'revoked' => ['description' => 'Indicates whether the authentication token is revoked.', 'type' => 'boolean', 'title' => '', 'example' => 'false'], + 'creatorType' => ['description' => 'The type of the creator of the authentication token. Valid value:'."\n" + ."\n" + .'- \\`application\\`: An application.', 'type' => 'string', 'title' => '', 'example' => 'application'], + 'creatorId' => ['description' => 'The ID of the creator of the authentication token.', 'type' => 'string', 'title' => '', 'example' => 'app_ngtkgrrxxxxktg5eao6z4xxxxx'], + 'consumerType' => ['description' => 'The type of the consumer of the authentication token. Valid values:'."\n" + ."\n" + .'- \\`application\\`: An application.'."\n" + ."\n" + .'- \\`custom\\`: A custom type.', 'type' => 'string', 'title' => '', 'example' => 'application'], + 'consumerId' => ['description' => 'The ID of the consumer of the authentication token.', 'type' => 'string', 'title' => '', 'example' => 'app_ngtkgrrxxxxktg5eao6z4xxxxx'], + 'expirationTime' => ['description' => 'The time when the authentication token expires. This is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1772693568000'], + 'oauthAccessTokenContent' => [ + 'type' => 'object', + 'properties' => [ + 'accessTokenValue' => ['description' => 'The \\`access\\_token\\` field in the response from the token endpoint of the OAuth protocol.', 'type' => 'string', 'title' => '', 'example' => 'DgEBAGP2xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'], + 'tokenType' => ['description' => 'The \\`token\\_type\\` field in the response from the token endpoint of the OAuth protocol.', 'type' => 'string', 'title' => '', 'example' => 'Bearer'], + 'scope' => ['description' => 'The \\`scope\\` field in the response from the token endpoint of the OAuth protocol.', 'type' => 'string', 'title' => '', 'example' => 'example:test_01 example:test_02'], ], - 'example' => 'Bearer', - ], - 'access_token' => [ - 'title' => 'access_token', - 'description' => 'The access token.'."\n", - 'type' => 'string', - 'example' => 'ATxxx', - ], - 'refresh_token' => [ - 'title' => 'refresh_token', - 'description' => 'The refresh token.'."\n", - 'type' => 'string', - 'example' => 'RTxxx', - ], - 'expires_in' => [ - 'title' => '有效时长,单位秒', - 'description' => 'The remaining validity period of the token. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1200', - ], - 'expires_at' => [ - 'title' => '过期时间', - 'description' => 'The time when the token expires. This value is a UNIX timestamp representing the number of seconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1653288641', - ], - 'id_token' => [ - 'title' => 'id_token', - 'description' => 'The ID token.'."\n", - 'type' => 'string', - 'example' => 'xxxxx', + 'title' => '', + 'description' => 'The content of the OAuth access token.', + 'example' => '', ], ], + 'description' => 'The details of the OAuth authentication token.', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"token_type\\": \\"Bearer\\",\\n \\"access_token\\": \\"ATxxx\\",\\n \\"refresh_token\\": \\"RTxxx\\",\\n \\"expires_in\\": 1200,\\n \\"expires_at\\": 1653288641,\\n \\"id_token\\": \\"xxxxx\\"\\n}","type":"json"}]', - 'title' => 'GenerateToken', - 'description' => 'The following authorization types are supported: authorization code, device code, refresh token, and client credentials.', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'FetchOAuthAuthenticationToken', + 'summary' => 'Fetches a valid OAuth authentication token.', + 'description' => 'This API performs identity authentication and authorization using an access token issued by IDaaS.'."\n" + ."\n" + .'Ensure that the access token has permission to obtain authentication tokens from the built-in Privileged Access Management (PAM) application in IDaaS.'."\n" + ."\n" + .'> The corresponding scope is `urn:cloud:idaas:pam|authentication_token:obtain`.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"authenticationTokenId\\": \\"atntkn_01kqflm0sxxx8nmdc1cb5dskxxxxx\\",\\n \\"credentialProviderId\\": \\"atp_01kr2cmj5gxxx4fvmls2e93dxxxxx\\",\\n \\"createTime\\": 1649830225000,\\n \\"updateTime\\": 1649830225000,\\n \\"authenticationTokenType\\": \\"oauth_access_token\\",\\n \\"revoked\\": false,\\n \\"creatorType\\": \\"application\\",\\n \\"creatorId\\": \\"app_ngtkgrrxxxxktg5eao6z4xxxxx\\",\\n \\"consumerType\\": \\"application\\",\\n \\"consumerId\\": \\"app_ngtkgrrxxxxktg5eao6z4xxxxx\\",\\n \\"expirationTime\\": 1772693568000,\\n \\"oauthAccessTokenContent\\": {\\n \\"accessTokenValue\\": \\"DgEBAGP2xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\\",\\n \\"tokenType\\": \\"Bearer\\",\\n \\"scope\\": \\"example:test_01 example:test_02\\"\\n }\\n}","type":"json"}]', ], 'GenerateDeviceCode' => [ 'summary' => 'Generates a device code.', 'path' => '/v2/{instanceId}/{applicationId}/oauth2/device/code', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'readAndWrite', 'deprecated' => false, - 'systemTags' => [], + 'systemTags' => [ + 'operationType' => 'none', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasUATW0R', 'FEATUREidaasLUEH19'], + ], 'parameters' => [ [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ 'name' => 'scope', 'in' => 'query', - 'schema' => [ - 'title' => 'scope范围', - 'description' => 'The authorization scope.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'xxx', - ], + 'schema' => ['description' => 'The authorization scope.', 'type' => 'string', 'example' => 'xxx', 'title' => '', 'required' => false], ], ], 'responses' => [ 200 => [ 'schema' => [ 'title' => 'DeviceCodeResponse', - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'device_code' => [ - 'title' => '设备验证码', - 'description' => 'The device code.'."\n", - 'type' => 'string', - 'example' => 'xxxxx', - ], - 'user_code' => [ - 'title' => '终端用户验证码', - 'description' => 'The user authorization code.'."\n", - 'type' => 'string', - 'example' => 'xxxxx', - ], - 'verification_uri' => [ - 'title' => '验证URI', - 'description' => 'The verification URI.'."\n", - 'type' => 'string', - 'example' => 'https://example.com/authorize/device', - ], - 'verification_uri_complete' => [ - 'title' => '包含user_code的完整验证URI', - 'description' => 'The complete verification URI.'."\n", - 'type' => 'string', - 'example' => 'https://example.com/authorize/device?user_code='."\n" - .'xxxx', - ], - 'expires_in' => [ - 'title' => 'device_code和user_code的有效时长,单位秒', - 'description' => 'The remaining validity period of the device code. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1200', - ], - 'expires_at' => [ - 'title' => '过期时间', - 'description' => 'The time when the token expires. This value is a UNIX timestamp representing the number of seconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1653288641', - ], - 'interval' => [ - 'title' => '请求token节点的超时时间,单位秒', - 'description' => 'The timeout period of the request token. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '5', - ], + 'device_code' => ['description' => 'The device code.', 'type' => 'string', 'example' => 'xxxxx', 'title' => ''], + 'user_code' => ['description' => 'The user authorization code.', 'type' => 'string', 'example' => 'xxxxx', 'title' => ''], + 'verification_uri' => ['description' => 'The verification URI.', 'type' => 'string', 'example' => 'https://example.com/authorize/device', 'title' => ''], + 'verification_uri_complete' => ['description' => 'The complete verification URI.', 'type' => 'string', 'example' => 'https://example.com/authorize/device?user_code='."\n" + .'xxxx', 'title' => ''], + 'expires_in' => ['description' => 'The remaining validity period of the device code. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1200', 'title' => ''], + 'expires_at' => ['description' => 'The time when the token expires. This value is a UNIX timestamp representing the number of seconds that have elapsed since January 1, 1970, 00:00:00 UTC.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1653288641'], + 'interval' => ['description' => 'The timeout period of the request token. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '5', 'title' => ''], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"device_code\\": \\"xxxxx\\",\\n \\"user_code\\": \\"xxxxx\\",\\n \\"verification_uri\\": \\"https://example.com/authorize/device\\",\\n \\"verification_uri_complete\\": \\"https://example.com/authorize/device?user_code=\\\\nxxxx\\",\\n \\"expires_in\\": 1200,\\n \\"expires_at\\": 1653288641,\\n \\"interval\\": 5\\n}","type":"json"}]', 'title' => 'GenerateDeviceCode', - ], - 'GetUserInfo' => [ - 'summary' => 'Queries the information of a user by using the user token.', - 'path' => '/v2/{instanceId}/{applicationId}/oauth2/userinfo', - 'methods' => [ - 'get', - ], - 'schemes' => [ - 'http', - 'https', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid\\_request | Application is not turn device grant flow on| 设备流授权未开启 |'."\n" + .'| 400 | invalid\\_request | Invalid client id| client id无效 |'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"device_code\\": \\"xxxxx\\",\\n \\"user_code\\": \\"xxxxx\\",\\n \\"verification_uri\\": \\"https://example.com/authorize/device\\",\\n \\"verification_uri_complete\\": \\"https://example.com/authorize/device?user_code=\\\\nxxxx\\",\\n \\"expires_in\\": 1200,\\n \\"expires_at\\": 1653288641,\\n \\"interval\\": 5\\n}","type":"json"}]', + ], + 'GenerateJwtAuthenticationToken' => [ + 'path' => '/v2/{instanceId}/authenticationTokens/_/actions/generateJwt', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'consumes' => ['application/json'], + 'produces' => ['application/json'], + 'operationType' => 'write', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'none', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ - 'name' => 'instanceId', - 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'name' => 'Authorization', + 'in' => 'header', + 'schema' => ['description' => 'Authentication information. Format: Bearer ${access\\_token}.'."\n" + ."\n" + .'> Enter the Access Token issued by IDaaS.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'Bearer xxxxxx'], ], [ - 'name' => 'applicationId', + 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'Instance ID.', 'type' => 'string', 'required' => true, 'maxLength' => 64, 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], ], [ - 'name' => 'Authorization', - 'in' => 'header', + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => '认证信息,格式:Bearer access_token', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', + 'type' => 'object', + 'properties' => [ + 'credentialProviderIdentifier' => ['description' => 'Credential provider identity.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'test_example_identifier'], + 'issuer' => ['description' => 'The \\`iss\\` field of the JWT.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'https://test.issuer.com'], + 'subject' => ['description' => 'The \\`sub\\` field of the JWT.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'test_jwt_subject'], + 'audiences' => [ + 'type' => 'array', + 'items' => ['description' => 'JWT audience.', 'type' => 'string', 'required' => false, 'example' => 'test_jwt_audience', 'title' => ''], + 'required' => true, + 'title' => '', + 'description' => 'The \\`aud\\` field of the JWT.', + 'example' => '', + ], + 'customClaims' => [ + 'type' => 'object', + 'additionalProperties' => ['description' => 'Custom claim key-value pairs.', 'type' => 'any', 'title' => '', 'example' => '-'], + 'title' => '', + 'description' => 'Custom claims.'."\n" + ."\n" + .'><notice>'."\n" + ."\n" + .'Key-value pairs. Keys must be strings.'."\n" + ."\n" + .'></notice>', + 'required' => false, + 'example' => '', + ], + 'expiration' => ['description' => 'The validity period of the JWT, in seconds.', 'type' => 'integer', 'format' => 'int32', 'minimum' => '0', 'exclusiveMinimum' => true, 'title' => '', 'required' => false, 'example' => '900'], + 'includeDerivedShortToken' => ['description' => 'Whether the generated JWT needs to include a "derived short token".', 'type' => 'boolean', 'title' => '', 'required' => false, 'example' => 'true'], + ], + 'description' => 'Request body.', + 'required' => false, + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Map', - 'description' => 'The response parameters.'."\n", + 'title' => '', 'type' => 'object', - 'additionalProperties' => [ - 'type' => 'any', - 'description' => 'The user information.'."\n", - 'example' => 'none', + 'properties' => [ + 'instanceId' => ['description' => 'Instance ID.', 'type' => 'string', 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], + 'authenticationTokenId' => ['description' => 'Authentication token ID.', 'type' => 'string', 'title' => '', 'example' => 'atntkn_01kqflm0sxxx8nmdc1cb5dskxxxxx'], + 'credentialProviderId' => ['description' => 'Credential provider ID.', 'type' => 'string', 'title' => '', 'example' => 'atp_01kr2cmj5gxxx4fvmls2e93dxxxxx'], + 'createTime' => ['description' => 'The creation time of the authentication token, UNIX timestamp, in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1649830225000'], + 'updateTime' => ['description' => 'The update time of the authentication token, UNIX timestamp, in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1649830225000'], + 'authenticationTokenType' => ['description' => 'Authentication token type.'."\n" + ."\n" + .'> The value is fixed as `jwt`, indicating a JWT authentication token.', 'type' => 'string', 'title' => '', 'example' => 'jwt'], + 'revoked' => ['description' => 'Whether the authentication token is revoked.', 'type' => 'boolean', 'title' => '', 'example' => 'false'], + 'creatorType' => ['description' => 'Authentication token creator type. Valid values:'."\n" + ."\n" + .'- application: Application', 'type' => 'string', 'title' => '', 'example' => 'application'], + 'creatorId' => ['description' => 'Authentication token creator ID.', 'type' => 'string', 'title' => '', 'example' => 'app_ngtkgrrxxxxktg5eao6z4xxxxx'], + 'consumerType' => ['description' => 'Authentication token consumer type. Valid values:'."\n" + ."\n" + .'- application: Application'."\n" + ."\n" + .'- custom: Custom type', 'type' => 'string', 'title' => '', 'example' => 'custom'], + 'consumerId' => ['description' => 'Authentication token consumer ID.', 'type' => 'string', 'title' => '', 'example' => 'test_jwt_subject'], + 'expirationTime' => ['description' => 'Authentication token expiration time, UNIX timestamp, in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1772693568000'], + 'jwtContent' => [ + 'type' => 'object', + 'properties' => [ + 'jwtValue' => ['description' => 'JWT content.', 'type' => 'string', 'title' => '', 'example' => 'eyJhbGciOixxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'], + 'derivedShortToken' => ['description' => 'The derived short token of the JWT.', 'type' => 'string', 'title' => '', 'example' => 'sk-Nx2vzxxxxxxxxxxxxxxxxx'], + ], + 'title' => '', + 'description' => 'JWT authentication token content.', + 'example' => '', + ], ], + 'description' => 'JWT authentication token details.', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"key\\": \\"无\\"\\n}","type":"json"}]', - 'title' => 'GetUserInfo', - ], - 'RevokeToken' => [ - 'summary' => 'Revokes an access token or refresh token.', - 'path' => '/v2/{instanceId}/{applicationId}/oauth2/revoke', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'GenerateJwtAuthenticationToken', + 'summary' => 'Generates a JSON Web Token (JWT) authentication token.', + 'description' => 'This API performs identity authentication and authorization using the Access Token issued by IDaaS.'."\n" + ."\n" + .'Ensure that the provided Access Token has the authorization to access the "Obtain Authentication Token" feature of the built-in Privileged Access Management (PAM) application in IDaaS.'."\n" + ."\n" + .'> The corresponding scope is `urn:cloud:idaas:pam|authentication_token:obtain`.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"authenticationTokenId\\": \\"atntkn_01kqflm0sxxx8nmdc1cb5dskxxxxx\\",\\n \\"credentialProviderId\\": \\"atp_01kr2cmj5gxxx4fvmls2e93dxxxxx\\",\\n \\"createTime\\": 1649830225000,\\n \\"updateTime\\": 1649830225000,\\n \\"authenticationTokenType\\": \\"jwt\\",\\n \\"revoked\\": false,\\n \\"creatorType\\": \\"application\\",\\n \\"creatorId\\": \\"app_ngtkgrrxxxxktg5eao6z4xxxxx\\",\\n \\"consumerType\\": \\"custom\\",\\n \\"consumerId\\": \\"test_jwt_subject\\",\\n \\"expirationTime\\": 1772693568000,\\n \\"jwtContent\\": {\\n \\"jwtValue\\": \\"eyJhbGciOixxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\\",\\n \\"derivedShortToken\\": \\"sk-Nx2vzxxxxxxxxxxxxxxxxx\\"\\n }\\n}","type":"json"}]', + ], + 'GenerateToken' => [ + 'summary' => 'Generates an access token for an application in a specified IDaaS instance based on credential information.', + 'path' => '/v2/{instanceId}/{applicationId}/oauth2/token', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'produces' => [], + 'operationType' => 'readAndWrite', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'none', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], ], 'parameters' => [ [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ 'name' => 'client_id', 'in' => 'query', - 'schema' => [ - 'description' => 'The client ID.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The client ID.', 'type' => 'string', 'required' => false, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ 'name' => 'client_secret', 'in' => 'query', - 'schema' => [ - 'description' => 'The client secret.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'CSEHDcHcrUKHw1CuxkJEHPveWRXBGqVqRsxxxx', - ], + 'schema' => ['description' => 'The client secret. This parameter is required when \\`grant\\_type\\` is \\`client\\_credentials\\` and the \\`client\\_secret\\_post\\` method is used.', 'type' => 'string', 'required' => false, 'example' => 'CSEHDcHcrUKHw1CuxkJEHPveWRXBGqVqRsxxxx', 'title' => ''], ], [ - 'name' => 'token', + 'name' => 'grant_type', 'in' => 'query', 'schema' => [ - 'title' => '撤销的token', - 'description' => 'The token to be revoked.'."\n", + 'description' => 'The authorization grant type. The following types are supported:'."\n" + ."\n" + .'- \\`client\\_credentials\\`: Client credentials grant. Requires \\`client\\_id\\` and \\`client\\_secret\\`.'."\n" + ."\n" + .'- \\`refresh\\_token\\`: Refresh token grant.'."\n" + ."\n" + .'- \\`authorization\\_code\\`: Authorization code grant.'."\n" + ."\n" + .'- \\`urn:ietf:params:oauth:grant-type:device\\_code\\`: Device flow.'."\n" + ."\n" + .'- \\`password\\`: Password grant.', + 'enumValueTitles' => [], 'type' => 'string', 'required' => true, - 'example' => 'ATxxxx', + 'enum' => ['authorization_code', 'urn:ietf:params:oauth:grant-type:device_code', 'refresh_token', 'client_credentials', 'password'], + 'title' => '', + 'example' => 'client_credentials', ], ], [ - 'name' => 'token_type_hint', + 'name' => 'code', + 'in' => 'query', + 'schema' => ['description' => 'The authorization code. This parameter is required when \\`grant\\_type\\` is \\`authorization\\_code\\`.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'xxxx'], + ], + [ + 'name' => 'username', + 'in' => 'query', + 'schema' => ['description' => 'The username. This parameter is required for the password grant type.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'uesrname_001'], + ], + [ + 'name' => 'password', + 'in' => 'query', + 'schema' => ['description' => 'The username. This parameter is required for password mode.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'xxxxxx'], + ], + [ + 'name' => 'device_code', + 'in' => 'query', + 'schema' => ['description' => 'The device code. This parameter is required when \\`grant\\_type\\` is \\`urn:ietf:params:oauth:grant-type:device\\_code\\` (device flow).', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'xxxx'], + ], + [ + 'name' => 'redirect_uri', + 'in' => 'query', + 'schema' => ['description' => 'The redirection URI. This parameter is required for the authorization code grant type. It must match the redirection URI in the request to get the authorization code.', 'type' => 'string', 'example' => 'xxx', 'title' => '', 'required' => false], + ], + [ + 'name' => 'refresh_token', 'in' => 'query', + 'schema' => ['description' => 'The refresh token. This parameter is required when \\`grant\\_type\\` is \\`refresh\\_token\\` (refresh token grant).', 'type' => 'string', 'example' => 'ATxxx', 'title' => '', 'required' => false], + ], + [ + 'name' => 'code_verifier', + 'in' => 'query', + 'schema' => ['description' => 'The code verifier. This is used in the authorization code grant type when PKCE is enabled.', 'type' => 'string', 'example' => 'xxx', 'title' => '', 'required' => false], + ], + [ + 'name' => 'exclusive_tag', + 'in' => 'query', + 'schema' => ['description' => 'The excluded tag.', 'type' => 'string', 'example' => 'ATxxx', 'title' => '', 'required' => false], + ], + [ + 'name' => 'scope', + 'in' => 'query', + 'schema' => ['description' => 'The scope. This parameter is optional. Multiple values are supported. Separate multiple values with spaces.'."\n" + .'Valid values:'."\n" + ."\n" + .'- openid'."\n" + ."\n" + .'- email'."\n" + ."\n" + .'- phone'."\n" + ."\n" + .'- profile', 'type' => 'string', 'example' => 'xxxx', 'title' => '', 'required' => false], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'title' => 'token类型', - 'description' => 'The type of the token. Valid values: access_token refresh_token'."\n", - 'type' => 'string', - 'required' => false, - 'enumValueTitles' => [ - 'access_token' => 'access_token', - 'refresh_token' => 'refresh_token', + 'title' => '', + 'description' => 'The response.', + 'type' => 'object', + 'properties' => [ + 'token_type' => [ + 'description' => 'The token type. Valid values:'."\n" + .'Basic - Basic type'."\n" + .'Bearer - Bearer type', + 'enumValueTitles' => ['Basic' => 'Basic', 'Bearer' => 'Bearer'], + 'type' => 'string', + 'title' => '', + 'example' => 'Bearer', + ], + 'access_token' => ['title' => 'access_token', 'description' => 'The access token.', 'type' => 'string', 'example' => 'ATxxx'], + 'refresh_token' => ['title' => 'refresh_token', 'description' => 'The refresh token.', 'type' => 'string', 'example' => 'RTxxx'], + 'expires_in' => ['description' => 'The validity period of the token in seconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1200'], + 'expires_at' => ['description' => 'The expiration time. The value is a UNIX timestamp in seconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1653288641'], + 'id_token' => ['title' => 'id_token', 'description' => 'The ID token.', 'type' => 'string', 'example' => 'xxxxx'], ], - 'example' => 'access_token', + 'example' => '', ], ], ], + 'title' => 'GenerateToken', + 'description' => 'The following methods are supported: Authorization Code, Device Flow, Refresh Token, Client Credentials, and Password.'."\n" + ."\n" + .'### 1. Authorization Code'."\n" + ."\n" + .'Scenario: This is the standard OAuth 2.0 authorization code flow, which is suitable for web applications with frontend interaction.'."\n" + .'Example call:'."\n" + ."\n" + .'```'."\n" + .'POST /v2/{instanceId}/{applicationId}/oauth2/token'."\n" + .'Content-Type: application/x-www-form-urlencoded'."\n" + ."\n" + .'grant_type=authorization_code'."\n" + .'&code={authorization_code}'."\n" + .'&redirect_uri={redirect_uri}'."\n" + .'&client_id={client_id}'."\n" + .'&client_secret={client_secret}'."\n" + .'```'."\n" + ."\n" + .'Parameters:'."\n" + ."\n" + .'● code: The authorization code obtained from the authorization endpoint.'."\n" + ."\n" + .'● redirect\\_uri: Must be the same as the redirect\\_uri that was used to obtain the authorization code.'."\n" + ."\n" + .'### 1.1 Authorization Code for public clients'."\n" + ."\n" + .'Scenario: This scenario is suitable for applications that cannot securely store a secret, such as single-page applications (SPAs) or native applications. In this flow, a client\\_secret is not required, but you must use the Proof Key for Code Exchange (PKCE) mechanism. Example call:'."\n" + ."\n" + .'```'."\n" + .'POST /v2/{instanceId}/{applicationId}/oauth2/token'."\n" + .'Content-Type: application/x-www-form-urlencoded'."\n" + ."\n" + .'grant_type=authorization_code'."\n" + .'&code={authorization_code}'."\n" + .'&redirect_uri={redirect_uri}'."\n" + .'&client_id={client_id}'."\n" + .'&code_verifier={code_verifier}'."\n" + .'```'."\n" + ."\n" + .'Parameters:'."\n" + ."\n" + .'● code\\_verifier: The code verifier for the PKCE mechanism. The client generates it when initiating an authorization request and uses it to derive the \\`code\\_challenge\\`. When exchanging for a token, you must submit this value. It must be identical to the value used to generate the \\`code\\_challenge\\`.'."\n" + ."\n" + .'Java example for generating a code\\_verifier and code\\_challenge:'."\n" + ."\n" + .'```java'."\n" + .'String codeVerifier = Base64.getUrlEncoder().withoutPadding().encodeToString(new SecureRandom().generateSeed(43));'."\n" + .'String codeChallenge = Base64.getUrlEncoder().withoutPadding().encodeToString(java.security.MessageDigest.getInstance("SHA-256").digest(codeVerifier.getBytes()));'."\n" + .'```'."\n" + ."\n" + .'### 2. Device Flow'."\n" + ."\n" + .'Scenario: This scenario is suitable for input-constrained devices, such as TVs and IoT devices. Example call:'."\n" + ."\n" + .'```'."\n" + .'POST /v2/{instanceId}/{applicationId}/oauth2/token'."\n" + .'Content-Type: application/x-www-form-urlencoded'."\n" + ."\n" + .'grant_type=urn:ietf:params:oauth:grant-type:device_code'."\n" + .'&device_code={device_code}'."\n" + .'&client_id={client_id}'."\n" + .'&client_secret={client_secret}'."\n" + .'```'."\n" + ."\n" + .'To obtain the device code, first call `/oauth2/device/code` to retrieve the device\\_code and user\\_code.'."\n" + ."\n" + .'### 2.1 Device Flow for public clients'."\n" + ."\n" + .'Scenario: This scenario is used when interactive logon is not convenient and the client is a public client. Example call:'."\n" + ."\n" + .'```'."\n" + .'POST /v2/{instanceId}/{applicationId}/oauth2/token'."\n" + .'Content-Type: application/x-www-form-urlencoded'."\n" + ."\n" + .'grant_type=urn:ietf:params:oauth:grant-type:device_code'."\n" + .'&device_code={device_code}'."\n" + .'&client_id={client_id}'."\n" + .'```'."\n" + ."\n" + .'### 3. Refresh Token'."\n" + ."\n" + .'Scenario: This scenario uses a refresh\\_token to obtain a new access\\_token. Example call:'."\n" + ."\n" + .'```'."\n" + .'POST /v2/{instanceId}/{applicationId}/oauth2/token'."\n" + .'Content-Type: application/x-www-form-urlencoded'."\n" + ."\n" + .'grant_type=refresh_token'."\n" + .'&refresh_token={refresh_token}'."\n" + .'&client_id={client_id}'."\n" + .'&client_secret={client_secret}'."\n" + .'```'."\n" + ."\n" + .'### 4. Client Credentials'."\n" + ."\n" + .'Scenario: This scenario is for server-to-server authentication without user involvement. Example call:'."\n" + ."\n" + .'```'."\n" + .'POST /v2/{instanceId}/{applicationId}/oauth2/token'."\n" + .'Content-Type: application/x-www-form-urlencoded'."\n" + ."\n" + .'grant_type=client_credentials'."\n" + .'&client_id={client_id}'."\n" + .'&client_secret={client_secret}'."\n" + .'&scope={scope}'."\n" + .'```'."\n" + ."\n" + .'### 5. Password'."\n" + ."\n" + .'Scenario: This scenario uses traditional username and password authentication. Use this method with caution. Example call:'."\n" + ."\n" + .'```'."\n" + .'POST /v2/{instanceId}/{applicationId}/oauth2/token'."\n" + .'Content-Type: application/x-www-form-urlencoded'."\n" + ."\n" + .'grant_type=password'."\n" + .'&username={username}'."\n" + .'&password={password}'."\n" + .'&client_id={client_id}'."\n" + .'&scope={scope}'."\n" + .'```', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid\\_grant | Invalid or not supported grant\\_type: client\\_credentials| 应用API未开放 |'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"token_type\\": \\"Bearer\\",\\n \\"access_token\\": \\"ATxxx\\",\\n \\"refresh_token\\": \\"RTxxx\\",\\n \\"expires_in\\": 1200,\\n \\"expires_at\\": 1653288641,\\n \\"id_token\\": \\"xxxxx\\"\\n}","type":"json"}]', + ], + 'GenerateTokenByAuthorizationServer' => [ + 'path' => '/v2/{instanceId}/authorizationServer/{authorizationServerId}/oauth2/token', + 'methods' => ['post'], + 'schemes' => ['https'], + 'security' => [ + [ + 'Anonymous' => [], + ], + ], + 'produces' => ['application/json'], + 'operationType' => 'readAndWrite', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'none', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], + ], + 'parameters' => [ + [ + 'name' => 'instanceId', + 'in' => 'path', + 'schema' => ['description' => 'Instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + ], + [ + 'name' => 'authorizationServerId', + 'in' => 'path', + 'schema' => ['description' => 'Authorization server ID.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'iauths_system'], + ], + [ + 'name' => 'grant_type', + 'in' => 'query', + 'schema' => ['description' => 'Grant type.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'authorization_code'], + ], + [ + 'name' => 'client_id', + 'in' => 'query', + 'schema' => ['description' => 'Client ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], + ], + [ + 'name' => 'code', + 'in' => 'query', + 'schema' => ['description' => 'Authorization code. Required when grant\\_type is authorization\\_code.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'CO541xY59EsKniV2wvWDXZ4jiKxxxxx'], + ], + [ + 'name' => 'username', + 'in' => 'query', + 'schema' => ['description' => 'Username.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'userxxxxx'], + ], + [ + 'name' => 'password', + 'in' => 'query', + 'schema' => ['description' => 'Password.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'testxxxxx'], + ], + [ + 'name' => 'device_code', + 'in' => 'query', + 'schema' => ['description' => 'Device code. Required when grant\\_type is urn:ietf:params:oauth:grant-type:device\\_code.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'DCxxxxxx'], + ], + [ + 'name' => 'redirect_uri', + 'in' => 'query', + 'schema' => ['description' => 'Redirection URI. Required when grant\\_type is authorization\\_code. Must match the redirect\\_uri used in the authorization code request.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'https://example.com/xxxxx'], + ], + [ + 'name' => 'refresh_token', + 'in' => 'query', + 'schema' => ['description' => 'Refresh token.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'RTxxxxx'], + ], + [ + 'name' => 'scope', + 'in' => 'query', + 'schema' => ['description' => 'Scope.', 'type' => 'string', 'required' => false, 'title' => '', 'example' => 'openid'], + ], + [ + 'name' => 'code_verifier', + 'in' => 'query', + 'schema' => ['description' => 'You can validate the code.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'xxxxx'], + ], + [ + 'name' => 'client_assertion', + 'in' => 'query', + 'schema' => ['description' => 'Client assertion.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'eyJraWQiOiJLRVlLZ0Iyxxxxx'], + ], + [ + 'name' => 'client_assertion_type', + 'in' => 'query', + 'schema' => ['description' => 'Client assertion type.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer'], + ], + [ + 'name' => 'application_federated_credential_name', + 'in' => 'query', + 'schema' => ['description' => 'Federated application credential name.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'testxxxxx'], + ], + [ + 'name' => 'client_x509', + 'in' => 'query', + 'schema' => ['description' => 'Client certificate.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'testxxxxx'], + ], + [ + 'name' => 'client_x509_chain', + 'in' => 'query', + 'schema' => ['description' => 'Intermediate certificate list.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'testxxxxx'], + ], + [ + 'name' => 'client_secret', + 'in' => 'query', + 'schema' => ['description' => 'Client key.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'CSEHDcHcrUKHw1CuxkJEHPveWRxxxxx'], + ], + ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'RevokeResponse', - 'description' => 'The response parameters.'."\n", 'type' => 'object', + 'properties' => [ + 'token_type' => ['description' => 'Token type.', 'type' => 'string', 'example' => 'Bearer', 'title' => ''], + 'access_token' => ['description' => 'Access credential.', 'type' => 'string', 'example' => 'eyJraWQiOiJLRVlLZ0Iyxxxxx'."\n", 'title' => ''], + 'refresh_token' => ['description' => 'Refresh token.', 'type' => 'string', 'example' => 'ATxxxxx', 'title' => ''], + 'expires_in' => ['description' => 'Validity period of the access credential, in seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1200', 'title' => ''], + 'expires_at' => ['description' => 'Expiration time of the access credential, as a UNIX timestamp in seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1653288641', 'title' => ''], + 'id_token' => ['description' => 'Identity credential.', 'type' => 'string', 'example' => 'eyJraWQiOiJLRVlLZ0Iyxxxxx'."\n", 'title' => ''], + 'scope' => ['description' => 'Scope.', 'type' => 'string', 'example' => 'openid', 'title' => ''], + ], + 'title' => '', + 'description' => 'Token information.', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"test\\": \\"test\\",\\n \\"test2\\": 1\\n}","type":"json"}]', - 'title' => 'RevokeToken', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'GenerateTokenByAuthorizationServer', + 'summary' => 'The token endpoint for an instance-level authorization server.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"token_type\\": \\"Bearer\\",\\n \\"access_token\\": \\"eyJraWQiOiJLRVlLZ0Iyxxxxx\\\\n\\",\\n \\"refresh_token\\": \\"ATxxxxx\\",\\n \\"expires_in\\": 1200,\\n \\"expires_at\\": 1653288641,\\n \\"id_token\\": \\"eyJraWQiOiJLRVlLZ0Iyxxxxx\\\\n\\",\\n \\"scope\\": \\"openid\\"\\n}","type":"json"}]', ], 'GetApplicationProvisioningScope' => [ - 'summary' => 'Queries the synchronization scope of an application in an instance.', 'path' => '/v2/{instanceId}/{applicationId}/provisioningScope', - 'methods' => [ - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], @@ -1016,2670 +1660,2083 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREidaas60YEMV', - ], + 'abilityTreeNodes' => ['FEATUREidaas60YEMV'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息,格式:Bearer access_token', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => ' '."\n" - .'Bearer AT8csE2seYxxxxxij', - ], + 'schema' => ['description' => 'The authentication information.'."\n" + .'Format: Bearer ${access\\_token}.'."\n" + .'Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => ' '."\n" + .'Bearer AT8csE2seYxxxxxij', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => '同步授权范围', - 'description' => 'The response parameters.'."\n", + 'title' => '', + 'description' => 'The response.', 'type' => 'object', 'properties' => [ 'organizationalUnitIds' => [ - 'title' => '机构ID列表', - 'description' => 'The IDs of organizational units.'."\n", + 'title' => '', + 'description' => 'The list of organization IDs.', 'type' => 'array', - 'items' => [ - 'description' => 'The ID of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], + 'items' => ['description' => 'The organization ID.', 'type' => 'string', 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], 'example' => '[ou_xxx001]', ], 'groupIds' => [ + 'description' => 'The list of group IDs.', 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], + 'items' => ['description' => 'The group ID.', 'type' => 'string', 'example' => 'group_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'title' => '', + 'example' => '', ], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"organizationalUnitIds\\": [\\n \\"ou_wovwffm62xifdziem7an7xxxxx\\"\\n ],\\n \\"groupIds\\": [\\n \\"group_wovwffm62xifdziem7an7xxxxx\\"\\n ]\\n}","type":"json"}]', 'title' => 'GetApplicationProvisioningScope', - 'description' => '> '."\n" - ."\n" - .'* You can go to the Applications page in the IDaaS console to set the synchronization scope. After an application is created, the application has the permission to call this operation by default.'."\n", - ], - 'CreateOrganizationalUnit' => [ - 'summary' => 'Creates an organizational unit.', - 'path' => '/v2/{instanceId}/{applicationId}/organizationalUnits', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', + 'summary' => 'The GetApplicationProvisioningScope operation retrieves the synchronization scope of an application in a specific instance.', + 'description' => '> - You can set the synchronization scope in Application Management in the IDaaS console. After you create an application, you have permission to call this API by default.', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid\\_token | Access token is not valid | token无效|'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_001| 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:user:read_all] | 缺少API授权信息 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"organizationalUnitIds\\": [\\n \\"ou_wovwffm62xifdziem7an7xxxxx\\"\\n ],\\n \\"groupIds\\": [\\n \\"group_wovwffm62xifdziem7an7xxxxx\\"\\n ]\\n}","type":"json"}]', + ], + 'GetGroup' => [ + 'summary' => 'Retrieves the details of a group.', + 'path' => '/v2/{instanceId}/{applicationId}/groups/{groupId}', + 'methods' => ['get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaas1LGU5E'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息,格式:Bearer access_token', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij', - ], + 'schema' => ['description' => 'The authentication information. The value is in the Bearer ${access\\_token} format. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'body', - 'in' => 'body', - 'style' => 'json', - 'schema' => [ - 'description' => 'The request body.'."\n", - 'type' => 'object', - 'properties' => [ - 'organizationalUnitName' => [ - 'title' => '机构名称', - 'description' => 'The name of the organizational unit.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'name001', - ], - 'parentId' => [ - 'title' => '父机构ID', - 'description' => 'The ID of the parent organizational unit.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - 'organizationalUnitExternalId' => [ - 'title' => '机构外部ID', - 'description' => 'The external ID of the organizational unit. The external ID can be used to map external data to the data of the organizational unit in Employee Identity and Access Management (EIAM) of Identity as a Service (IDaaS). By default, the external ID is the organizational unit ID.'."\n" - ."\n" - .'For organizational units with the same source type and source ID, each organizational unit has a unique external ID.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - 'description' => [ - 'title' => '描述', - 'description' => 'The description of the organizational unit.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test organizational unit', - ], - ], - 'required' => false, - 'example' => 'app_xx001', - ], + 'name' => 'groupId', + 'in' => 'path', + 'schema' => ['description' => 'The group ID.', 'type' => 'string', 'required' => true, 'example' => 'group_wovwffm62xifdziem7an7xxxxx', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'OrganizationalUnitIdObject', - 'description' => 'The response parameters.'."\n", + 'title' => 'DeveloperGroupDTO', + 'description' => 'DeveloperGroupDTO', 'type' => 'object', 'properties' => [ - 'organizationalUnitId' => [ - 'title' => '机构ID', - 'description' => 'The ID of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], + 'instanceId' => ['description' => 'The instance ID.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'groupId' => ['description' => 'The group ID.', 'type' => 'string', 'example' => 'group_ufdsasn35ea5lmthk267xxxxx', 'title' => ''], + 'groupName' => ['description' => 'The group name.', 'type' => 'string', 'example' => 'name_test', 'title' => ''], + 'description' => ['description' => 'The group description.', 'type' => 'string', 'example' => 'description_demo', 'title' => ''], + 'groupExternalId' => ['description' => 'The external ID of the group.', 'type' => 'string', 'example' => 'group_ufdsasn35ea5lmthk267xxxxx', 'title' => ''], + 'groupSourceType' => ['description' => 'The source type of the group. Valid values: build\\_in, ding\\_talk, ad, and ldap.', 'type' => 'string', 'example' => 'build_in', 'title' => ''], + 'groupSourceId' => ['description' => 'The source ID of the group.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'createTime' => ['description' => 'The time when the group was created. The value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], + 'updateTime' => ['description' => 'The time when the group was last updated. The value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"organizationalUnitId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\"\\n}","type":"json"}]', - 'title' => 'CreateOrganizationalUnit', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"groupId\\": \\"group_ufdsasn35ea5lmthk267xxxxx\\",\\n \\"groupName\\": \\"name_test\\",\\n \\"description\\": \\"description_demo\\",\\n \\"groupExternalId\\": \\"group_ufdsasn35ea5lmthk267xxxxx\\",\\n \\"groupSourceType\\": \\"build_in\\",\\n \\"groupSourceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"createTime\\": 1652085686179,\\n \\"updateTime\\": 1652085686179\\n}","type":"json"}]', + 'title' => 'GetGroup', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], ], - 'PatchOrganizationalUnit' => [ - 'summary' => 'Modifies an EIAM organizational unit.', + 'GetOrganizationalUnit' => [ + 'summary' => 'Retrieves the information about an organizational unit.', 'path' => '/v2/{instanceId}/{applicationId}/organizationalUnits/{organizationalUnitId}', - 'methods' => [ - 'patch', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaas3S4NKL'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息,格式:Bearer access_token', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => ' '."\n" - .'Bearer AT8csE2seYxxxxxij', - ], + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ 'name' => 'organizationalUnitId', 'in' => 'path', - 'schema' => [ - 'title' => '机构ID', - 'description' => 'The ID of the organizational unit.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], + 'schema' => ['description' => 'The ID of the organizational unit.', 'type' => 'string', 'required' => true, 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], ], - [ - 'name' => 'body', - 'in' => 'body', - 'style' => 'json', + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The request body.'."\n", + 'title' => 'DeveloperOrganizationalUnitDTO', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'organizationalUnitName' => [ - 'title' => '机构名称', - 'description' => 'The name of the organizational unit.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'name001', - ], - 'description' => [ - 'title' => '机构描述', - 'description' => 'The description of the organizational unit.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test organizational unit', - ], + 'instanceId' => ['description' => 'The instance ID.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'organizationalUnitId' => ['description' => 'The ID of the organizational unit.', 'type' => 'string', 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'organizationalUnitName' => ['description' => 'The name of the organizational unit.', 'type' => 'string', 'example' => 'name001', 'title' => ''], + 'parentId' => ['description' => 'The ID of the parent organizational unit.', 'type' => 'string', 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'organizationalUnitExternalId' => ['description' => 'The external ID of the organizational unit.', 'type' => 'string', 'example' => 'id_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'organizationalUnitSourceType' => ['description' => 'The source type of the organizational unit. Valid values:'."\n" + ."\n" + .'- build\\_in: The organizational unit was created in Identity as a Service (IDaaS).'."\n" + ."\n" + .'- ding\\_talk: The organizational unit was imported from DingTalk.'."\n" + ."\n" + .'- ad: The organizational unit was imported from Microsoft Active Directory (AD).'."\n" + ."\n" + .'- ldap: The organizational unit was imported from a Lightweight Directory Access Protocol (LDAP) service.', 'type' => 'string', 'example' => 'build_in', 'title' => ''], + 'organizationalUnitSourceId' => ['description' => 'The source ID of the organizational unit.', 'type' => 'string', 'example' => 'id_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'createTime' => ['description' => 'The time when the organizational unit was created. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652083425923', 'title' => ''], + 'updateTime' => ['description' => 'The time when the organizational unit was last updated. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652083425923', 'title' => ''], + 'description' => ['description' => 'The description of the organizational unit.', 'type' => 'string', 'example' => 'xxxxx', 'title' => ''], ], - 'required' => false, - 'example' => 'ou_xxx001', + 'example' => '', ], ], ], - 'responses' => [ - 200 => [], + 'title' => 'GetOrganizationalUnit', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid\\_token | Access token is not valid | token无效|'."\n" + .'| 400 | OrganizationUnitIdNotInScopes | organizationUnitId : ou_wovwffm62xifdziem7an7xxxxx not in provisioning scope! | 组织不在同步范围内|'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:organizational_unit:read_all] | 缺少API授权信息 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', - 'title' => 'PatchOrganizationalUnit', - 'description' => 'The operation conforms to the HTTP PATCH request method. The value of a parameter is modified only if the parameter is specified in the request.'."\n", - 'responseParamsDescription' => '> If the request was successful, the HTTP status code 200 is returned by default.'."\n", + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"organizationalUnitId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitName\\": \\"name001\\",\\n \\"parentId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitExternalId\\": \\"id_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitSourceType\\": \\"build_in\\",\\n \\"organizationalUnitSourceId\\": \\"id_wovwffm62xifdziem7an7xxxxx\\",\\n \\"createTime\\": 1652083425923,\\n \\"updateTime\\": 1652083425923,\\n \\"description\\": \\"xxxxx\\"\\n}","type":"json"}]', ], - 'GetOrganizationalUnit' => [ - 'summary' => 'Queries the information of an organizational unit.', - 'path' => '/v2/{instanceId}/{applicationId}/organizationalUnits/{organizationalUnitId}', - 'methods' => [ - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'GetOrganizationalUnitIdByExternalId' => [ + 'summary' => 'Obtains the ID of an organizational unit based on the external ID', + 'path' => '/v2/{instanceId}/{applicationId}/organizationalUnits/_/actions/getOrganizationalUnitIdByExternalId', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasZCZ2SC'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息,格式:Bearer access_token', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij', - ], + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij'."\n", 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'organizationalUnitId', - 'in' => 'path', + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => '机构ID', - 'description' => 'The ID of the organizational unit.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', + 'description' => 'The request body.', + 'type' => 'object', + 'properties' => [ + 'organizationalUnitExternalId' => ['description' => 'The external ID of the organizational unit. The external ID can be used to map external data to the data of the organizational unit in Employee Identity and Access Management (EIAM) of Identity as a Service (IDaaS). By default, the external ID is the organizational unit ID.'."\n" + ."\n" + .'Note: For organizational units with the same source type and source ID, each organizational unit has a unique external ID.', 'type' => 'string', 'required' => true, 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'organizationalUnitSourceType' => ['description' => 'The source type of the organizational unit. Valid values:'."\n" + ."\n" + .'- build\\_in: The organizational unit was created in IDaaS.'."\n" + ."\n" + .'- ding\\_talk: The organizational unit was imported from DingTalk.'."\n" + ."\n" + .'- ad: The organizational unit was imported from Microsoft Active Directory (AD).'."\n" + ."\n" + .'- ldap: The organizational unit was imported from a Lightweight Directory Access Protocol (LDAP) service.', 'type' => 'string', 'required' => true, 'example' => 'build_in', 'title' => ''], + 'organizationalUnitSourceId' => ['description' => 'The source ID of the organizational unit.'."\n" + ."\n" + .'If the organizational unit was created in IDaaS, its source ID is the ID of the IDaaS instance. If the organizational unit was imported, its source ID is the enterprise ID in the source. For example, if the organizational unit was imported from DingTalk, its source ID is the corpId value of the enterprise in DingTalk.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + ], + 'required' => false, + 'example' => 'xxx001', + 'title' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'DeveloperOrganizationalUnitDTO', - 'description' => 'The response parameters.'."\n", + 'title' => 'OrganizationalUnitIdObject', + 'description' => 'OrganizationalUnitIdObject', 'type' => 'object', 'properties' => [ - 'instanceId' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'organizationalUnitId' => [ - 'title' => '机构ID', - 'description' => 'The ID of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - 'organizationalUnitName' => [ - 'title' => '机构名称', - 'description' => 'The name of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'name001', - ], - 'parentId' => [ - 'title' => '父机构ID', - 'description' => 'The ID of the parent organizational unit.'."\n", - 'type' => 'string', - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - 'organizationalUnitExternalId' => [ - 'title' => '外部ID', - 'description' => 'The external ID of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'id_wovwffm62xifdziem7an7xxxxx', - ], - 'organizationalUnitSourceType' => [ - 'title' => '来源类型', - 'description' => 'The source type of the organizational unit. Valid values:'."\n" - ."\n" - .'* build_in: The organizational unit was created in Identity as a Service (IDaaS).'."\n" - .'* ding_talk: The organizational unit was imported from DingTalk.'."\n" - .'* ad: The organizational unit was imported from Microsoft Active Directory (AD).'."\n" - .'* ldap: The organizational unit was imported from a Lightweight Directory Access Protocol (LDAP) service.'."\n", - 'type' => 'string', - 'example' => 'build_in', - ], - 'organizationalUnitSourceId' => [ - 'title' => '来源ID', - 'description' => 'The source ID of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'id_wovwffm62xifdziem7an7xxxxx', - ], - 'createTime' => [ - 'title' => '创建时间,毫秒', - 'description' => 'The time when the organizational unit was created. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652083425923', - ], - 'updateTime' => [ - 'title' => '最近一次更新时间,毫秒', - 'description' => 'The time when the organizational unit was last updated. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652083425923', - ], - 'description' => [ - 'title' => '描述', - 'description' => 'The description of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'xxxxx', - ], + 'organizationalUnitId' => ['description' => 'The ID of the organizational unit.', 'type' => 'string', 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"organizationalUnitId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitName\\": \\"name001\\",\\n \\"parentId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitExternalId\\": \\"id_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitSourceType\\": \\"build_in\\",\\n \\"organizationalUnitSourceId\\": \\"id_wovwffm62xifdziem7an7xxxxx\\",\\n \\"createTime\\": 1652083425923,\\n \\"updateTime\\": 1652083425923,\\n \\"description\\": \\"xxxxx\\"\\n}","type":"json"}]', - 'title' => 'GetOrganizationalUnit', - ], - 'DeleteOrganizationalUnit' => [ - 'summary' => 'Deletes an organizational unit.', - 'path' => '/v2/{instanceId}/{applicationId}/organizationalUnits/{organizationalUnitId}', - 'methods' => [ - 'delete', - ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'GetOrganizationalUnitIdByExternalId', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"organizationalUnitId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\"\\n}","type":"json"}]', + ], + 'GetUser' => [ + 'summary' => 'Retrieves the details of an Employee Identity and Access Management (EIAM) account.', + 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}', + 'methods' => ['get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasY4QW79'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息,格式:Bearer access_token', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij'."\n", - ], + 'schema' => ['description' => 'The authentication information. The value is in the Bearer ${access\\_token} format. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'organizationalUnitId', + 'name' => 'userId', 'in' => 'path', + 'schema' => ['description' => 'The account ID.', 'type' => 'string', 'required' => true, 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'title' => '机构ID', - 'description' => 'The ID of the organizational unit.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', + 'title' => 'DeveloperUserDetailDTO', + 'description' => 'The response parameters.', + 'type' => 'object', + 'properties' => [ + 'instanceId' => ['description' => 'The instance ID.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'organizationalUnits' => [ + 'title' => '', + 'description' => 'The organizational units to which the account belongs.', + 'type' => 'array', + 'items' => [ + 'description' => 'The organizational unit.', + 'type' => 'object', + 'properties' => [ + 'organizationalUnitId' => ['description' => 'The ID of the organizational unit.', 'type' => 'string', 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'organizationalUnitName' => ['description' => 'The name of the organizational unit.', 'type' => 'string', 'example' => 'name001', 'title' => ''], + 'primary' => ['description' => 'Indicates whether the organizational unit is the primary organizational unit.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'example' => '', + ], + 'primaryOrganizationalUnitId' => ['description' => 'The ID of the primary organizational unit of the account.', 'type' => 'string', 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'customFields' => [ + 'title' => '', + 'description' => 'The extended fields of the account.', + 'type' => 'array', + 'items' => [ + 'description' => '', + 'type' => 'object', + 'properties' => [ + 'fieldName' => ['description' => 'The name of the extended field.', 'type' => 'string', 'example' => 'xxxx', 'title' => ''], + 'fieldValue' => ['description' => 'The value of the extended field. Field values are returned as strings regardless of the data types of the fields. For example, true or false is returned for a Boolean field.', 'type' => 'string', 'example' => '字段数据值', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'example' => '', + ], + 'userId' => ['description' => 'The account ID.', 'type' => 'string', 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], + 'username' => ['description' => 'The username of the account.', 'type' => 'string', 'example' => 'name001', 'title' => ''], + 'displayName' => ['description' => 'The display name of the account.', 'type' => 'string', 'example' => 'display_name001', 'title' => ''], + 'passwordSet' => ['description' => 'Indicates whether the password is set.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'phoneRegion' => ['description' => 'The country code of the mobile number. For example, the country code of China is 86 without 00 or +.', 'type' => 'string', 'example' => '86', 'title' => ''], + 'phoneNumber' => ['description' => 'The mobile number of the user who owns the account.', 'type' => 'string', 'example' => '156xxxxxxx', 'title' => ''], + 'phoneNumberVerified' => ['description' => 'Indicates whether the mobile number has been verified. A value of true indicates that the mobile number has been verified by the user or has been set to the verified status by the administrator. A value of false indicates that the mobile number has not been verified.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'email' => ['description' => 'The email address of the user.', 'type' => 'string', 'example' => 'example@example.com', 'title' => ''], + 'emailVerified' => ['description' => 'Indicates whether the email address has been verified. A value of true indicates that the email address has been verified by the user or has been set to the verified status by the administrator. A value of false indicates that the email address has not been verified.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'userExternalId' => ['description' => 'The external ID of the account. The external ID can be used to map external data to the data of the account in EIAM of Identity as a Service (IDaaS). By default, the external ID is the account ID.'."\n" + ."\n" + .'Note: For accounts with the same source type and source ID, each account has a unique external ID.', 'type' => 'string', 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], + 'userSourceType' => ['description' => 'The source type of the account. Valid values:'."\n" + ."\n" + .'- build\\_in: The account was created in IDaaS.'."\n" + ."\n" + .'- ding\\_talk: The account was imported from DingTalk.'."\n" + ."\n" + .'- ad: The account was imported from Microsoft Active Directory (AD).'."\n" + ."\n" + .'- ldap: The account was imported from a Lightweight Directory Access Protocol (LDAP) service.', 'type' => 'string', 'example' => 'build_in', 'title' => ''], + 'userSourceId' => ['description' => 'The source ID of the account.'."\n" + ."\n" + .'If the account was created in IDaaS, its source ID is the ID of the IDaaS instance. If the account was imported, its source ID is the enterprise ID in the source. For example, if the account was imported from DingTalk, its source ID is the corpId value of the enterprise in DingTalk.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'status' => ['description' => 'The status of the account. Valid values: enabled disabled', 'type' => 'string', 'example' => 'enabled', 'title' => ''], + 'accountExpireTime' => ['description' => 'The time when the account expires. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], + 'registerTime' => ['description' => 'The time when the account was registered. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], + 'lockExpireTime' => ['description' => 'The time when the account lock expires. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], + 'createTime' => ['description' => 'The time when the account was created. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], + 'updateTime' => ['description' => 'The time when the account was last modified. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], + 'description' => ['description' => 'The description of the account.', 'type' => 'string', 'example' => '测试账户', 'title' => ''], + 'groups' => [ + 'title' => '', + 'description' => 'The groups to which the account belongs.', + 'type' => 'array', + 'items' => [ + 'description' => 'The information about the group to which the account belongs.', + 'type' => 'object', + 'properties' => [ + 'groupId' => ['description' => 'The group ID.', 'type' => 'string', 'example' => 'group_ufdsasn35ea5lmthk267xxxxx', 'title' => ''], + 'groupName' => ['description' => 'The group name.', 'type' => 'string', 'example' => 'name_test', 'title' => ''], + 'description' => ['description' => 'The group description.', 'type' => 'string', 'example' => 'description_demo', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'example' => '', + ], + ], + 'example' => '', ], ], ], - 'responses' => [ - 200 => [], + 'title' => 'GetUser', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid\\_token | Access token is not valid | token无效|'."\n" + .'| 400 | MissingParameter.xxxx | The specified parameter:xxx is required! | 缺少xxxx参数 |'."\n" + .'| 400 | InvalidParameter.xxxx | The specified parameter:xxxx is required! | xxxx参数无效 |'."\n" + .'| 404 | ResourceNotFound.User | The specified User resource: user_d6sbsuumeta4h66ec3il7yxxxx not found. | 账户不存在 |'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:user:read_all] | 缺少API授权信息 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', - 'title' => 'DeleteOrganizationalUnit', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"organizationalUnits\\": [\\n {\\n \\"organizationalUnitId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitName\\": \\"name001\\",\\n \\"primary\\": true\\n }\\n ],\\n \\"primaryOrganizationalUnitId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"customFields\\": [\\n {\\n \\"fieldName\\": \\"xxxx\\",\\n \\"fieldValue\\": \\"字段数据值\\"\\n }\\n ],\\n \\"userId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\",\\n \\"username\\": \\"name001\\",\\n \\"displayName\\": \\"display_name001\\",\\n \\"passwordSet\\": true,\\n \\"phoneRegion\\": \\"86\\",\\n \\"phoneNumber\\": \\"156xxxxxxx\\",\\n \\"phoneNumberVerified\\": true,\\n \\"email\\": \\"example@example.com\\",\\n \\"emailVerified\\": true,\\n \\"userExternalId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\",\\n \\"userSourceType\\": \\"build_in\\",\\n \\"userSourceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"status\\": \\"enabled\\",\\n \\"accountExpireTime\\": 1652085686179,\\n \\"registerTime\\": 1652085686179,\\n \\"lockExpireTime\\": 1652085686179,\\n \\"createTime\\": 1652085686179,\\n \\"updateTime\\": 1652085686179,\\n \\"description\\": \\"测试账户\\",\\n \\"groups\\": [\\n {\\n \\"groupId\\": \\"group_ufdsasn35ea5lmthk267xxxxx\\",\\n \\"groupName\\": \\"name_test\\",\\n \\"description\\": \\"description_demo\\"\\n }\\n ]\\n}","type":"json"}]', ], - 'ListOrganizationalUnits' => [ - 'summary' => 'Queries the information of Employee Identity and Access Management (EIAM) organizational units by page.', - 'path' => '/v2/{instanceId}/{applicationId}/organizationalUnits', - 'methods' => [ - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'GetUserIdByEmail' => [ + 'path' => '/v2/{instanceId}/{applicationId}/users/_/actions/getUserIdByEmail', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasY4QW79'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息,格式:Bearer access_token', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij'."\n", - ], + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], - ], - [ - 'name' => 'parentId', - 'in' => 'query', - 'schema' => [ - 'title' => '父机构ID', - 'description' => 'The ID of the parent organizational unit.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - ], - [ - 'name' => 'pageNumber', - 'in' => 'query', - 'schema' => [ - 'title' => '页码,默认1', - 'description' => 'The page number. Default value: 1.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'pageSize', - 'in' => 'query', + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => '单页大小,默认20', - 'description' => 'The number of entries per page. Default value: 20. Valid values: 1 to 100.'."\n", - 'type' => 'integer', - 'format' => 'int32', + 'description' => 'The request body.', + 'type' => 'object', + 'properties' => [ + 'email' => ['description' => 'The email address of the user who owns the account.', 'type' => 'string', 'required' => true, 'example' => 'example@example.com', 'title' => ''], + ], 'required' => false, - 'example' => '20', + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'GeneralDataListResponse', - 'description' => 'The response parameters.'."\n", + 'title' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'totalCount' => [ - 'title' => '记录总数', - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1000', - ], - 'data' => [ - 'description' => 'The queried organizational units.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The queried organizational unit.'."\n", - 'type' => 'object', - 'properties' => [ - 'instanceId' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'organizationalUnitId' => [ - 'title' => '机构ID', - 'description' => 'The ID of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - 'organizationalUnitName' => [ - 'title' => '机构名称', - 'description' => 'The name of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'name001', - ], - 'parentId' => [ - 'title' => '父机构ID', - 'description' => 'The ID of the parent organizational unit.'."\n", - 'type' => 'string', - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - 'organizationalUnitExternalId' => [ - 'title' => '外部ID', - 'description' => 'The external ID of the organizational unit. The external ID can be used to map external data to the data of the organizational unit in EIAM of Identity as a Service (IDaaS). By default, the external ID is the organizational unit ID.'."\n" - ."\n" - .'Note: For organizational units with the same source type and source ID, each organizational unit has a unique external ID.'."\n", - 'type' => 'string', - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - 'organizationalUnitSourceType' => [ - 'title' => '来源类型', - 'description' => 'The source type of the organizational unit. Valid values:'."\n" - ."\n" - .'* build_in: The organizational unit was created in IDaaS.'."\n" - .'* ding_talk: The organizational unit was imported from DingTalk.'."\n" - .'* ad: The organizational unit was imported from Microsoft Active Directory (AD).'."\n" - .'* ldap: The organizational unit was imported from a Lightweight Directory Access Protocol (LDAP) service.'."\n", - 'type' => 'string', - 'example' => 'build_in', - ], - 'organizationalUnitSourceId' => [ - 'title' => '来源ID', - 'description' => 'The source ID of the organizational unit.'."\n" - ."\n" - .'If the organizational unit was created in IDaaS, its source ID is the ID of the IDaaS instance. If the organizational unit was imported, its source ID is the enterprise ID in the source. For example, if the organizational unit was imported from DingTalk, its source ID is the corpId value of the enterprise in DingTalk.'."\n", - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'createTime' => [ - 'title' => '创建时间,毫秒', - 'description' => 'The time when the organizational unit was created. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652083425923', - ], - 'updateTime' => [ - 'title' => '最近一次更新时间,毫秒', - 'description' => 'The time when the organizational unit was last updated. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652083425923', - ], - 'description' => [ - 'title' => '描述', - 'description' => 'The description of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'test organizational unit', - ], - ], - ], - ], + 'userId' => ['description' => 'The account ID.', 'type' => 'string', 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"totalCount\\": 1000,\\n \\"data\\": [\\n {\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"organizationalUnitId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitName\\": \\"name001\\",\\n \\"parentId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitExternalId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitSourceType\\": \\"build_in\\",\\n \\"organizationalUnitSourceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"createTime\\": 1652083425923,\\n \\"updateTime\\": 1652083425923,\\n \\"description\\": \\"测试组织\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'ListOrganizationalUnits', - 'description' => "\n", - ], - 'ListOrganizationalUnitParentIds' => [ - 'summary' => 'Queries the information of all the parent organizational units of an organizational unit.', - 'path' => '/v2/{instanceId}/{applicationId}/organizationalUnits/{organizationalUnitId}/parentIds', - 'methods' => [ - 'get', - ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'GetUserIdByEmail', + 'summary' => 'Queries the ID of an Employee Identity and Access Management (EIAM) account by email address.', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid_token | Access token is not valid | token无效|'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:user:manager_all] | 缺少API授权信息 |'."\n" + .'| 400 | MissingParameter.Email | The specified parameter: Email is required! | 缺少Email参数 |'."\n" + .'| 400 | ResourceNotFound.UserId| The specified UserId resource: %s not found. | 账户ID不存在 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"userId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\"\\n}","type":"json"}]', + ], + 'GetUserIdByPhoneNumber' => [ + 'path' => '/v2/{instanceId}/{applicationId}/users/_/actions/getUserIdByPhoneNumber', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasY4QW79'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息,格式:Bearer access_token', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij', - ], + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij'."\n", 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'organizationalUnitId', - 'in' => 'path', + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => '机构ID', - 'description' => 'The ID of the organizational unit.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', + 'description' => 'The request body.', + 'type' => 'object', + 'properties' => [ + 'phoneNumber' => ['description' => 'The mobile number of the user who owns the account.', 'type' => 'string', 'required' => true, 'example' => '156xxxxxxx', 'title' => ''], + ], + 'required' => false, + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => '父机构列表响应结果', - 'description' => 'The response parameters.'."\n", + 'title' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'parentIds' => [ - 'title' => '父机构ID列表,顺序层级从上到下', - 'description' => 'The IDs of the parent organizational units. The IDs of the organizational unit are ordered based on their levels from high to low. Only the IDs of the organizational units within the authorization scope are displayed.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The ID of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - 'example' => '[ou_xxx001]', - ], + 'userId' => ['description' => 'The account ID.', 'type' => 'string', 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"parentIds\\": [\\n \\"ou_wovwffm62xifdziem7an7xxxxx\\"\\n ]\\n}","type":"json"}]', - 'title' => 'ListOrganizationalUnitParentIds', - ], - 'GetOrganizationalUnitIdByExternalId' => [ - 'summary' => 'Obtains the ID of an organizational unit based on the external ID', - 'path' => '/v2/{instanceId}/{applicationId}/organizationalUnits/_/actions/getOrganizationalUnitIdByExternalId', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'GetUserIdByPhoneNumber', + 'summary' => 'Queries the ID of an Employee Identity and Access Management (EIAM) account based on the mobile number.', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid_token | Access token is not valid | token无效|'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:user:manager_all] | 缺少API授权信息 |'."\n" + .'| 400 | MissingParameter.PhoneNumber| The specified parameter: PhoneNumber is required! | 缺少Email参数 |'."\n" + .'| 400 | ResourceNotFound.UserId| The specified UserId resource: %s not found. | 账户ID不存在 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"userId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\"\\n}","type":"json"}]', + ], + 'GetUserIdByUserExternalId' => [ + 'path' => '/v2/{instanceId}/{applicationId}/users/_/actions/getUserIdByExternalId', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasY4QW79'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息,格式:Bearer access_token', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij'."\n", - ], + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ 'name' => 'body', 'in' => 'body', 'style' => 'json', 'schema' => [ - 'description' => 'The request body.'."\n", + 'description' => 'The request body.', 'type' => 'object', 'properties' => [ - 'organizationalUnitExternalId' => [ - 'title' => '组织外部ID', - 'description' => 'The external ID of the organizational unit. The external ID can be used to map external data to the data of the organizational unit in Employee Identity and Access Management (EIAM) of Identity as a Service (IDaaS). By default, the external ID is the organizational unit ID.'."\n" - ."\n" - .'Note: For organizational units with the same source type and source ID, each organizational unit has a unique external ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - 'organizationalUnitSourceType' => [ - 'title' => '组织来源类型, 取值可选范围: build_in(自建), ding_talk(钉钉导入),ad(AD导入),ldap(LDAP导入)', - 'description' => 'The source type of the organizational unit. Valid values:'."\n" - ."\n" - .'* build_in: The organizational unit was created in IDaaS.'."\n" - .'* ding_talk: The organizational unit was imported from DingTalk.'."\n" - .'* ad: The organizational unit was imported from Microsoft Active Directory (AD).'."\n" - .'* ldap: The organizational unit was imported from a Lightweight Directory Access Protocol (LDAP) service.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'build_in', - ], - 'organizationalUnitSourceId' => [ - 'title' => '组织来源ID,自建类型(build_in)值为实例ID,非自建类型,为对应企业ID,比如钉钉,对应的corpId', - 'description' => 'The source ID of the organizational unit.'."\n" - ."\n" - .'If the organizational unit was created in IDaaS, its source ID is the ID of the IDaaS instance. If the organizational unit was imported, its source ID is the enterprise ID in the source. For example, if the organizational unit was imported from DingTalk, its source ID is the corpId value of the enterprise in DingTalk.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'userExternalId' => ['description' => 'The external ID of the account.', 'type' => 'string', 'required' => true, 'example' => 'xxx001', 'title' => ''], + 'userSourceType' => ['description' => 'The source type of the account. Valid values:'."\n" + ."\n" + .'- build\\_in: The account was created in Identity as a Service (IDaaS).'."\n" + ."\n" + .'- ding\\_talk: The account was imported from DingTalk.'."\n" + ."\n" + .'- ad: The account was imported from Microsoft Active Directory (AD).'."\n" + ."\n" + .'- ldap: The account was imported from a Lightweight Directory Access Protocol (LDAP) service.', 'type' => 'string', 'required' => true, 'example' => 'build_in', 'title' => ''], + 'userSourceId' => ['description' => 'The source ID of the account. If the account was created in IDaaS, its source ID is the ID of the IDaaS instance. If the account was imported, its source ID is the enterprise ID in the source. For example, if the account was imported from DingTalk, its source ID is the corpId value of the enterprise in DingTalk.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], 'required' => false, - 'example' => 'xxx001', + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'OrganizationalUnitIdObject', - 'description' => 'OrganizationalUnitIdObject'."\n", + 'title' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'organizationalUnitId' => [ - 'title' => '机构ID', - 'description' => 'The ID of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], + 'userId' => ['description' => 'The account ID.', 'type' => 'string', 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"organizationalUnitId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\"\\n}","type":"json"}]', - 'title' => 'GetOrganizationalUnitIdByExternalId', - ], - 'CreateUser' => [ - 'summary' => 'Creates an Employee Identity and Access Management (EIAM) account in an organizational unit.', - 'path' => '/v2/{instanceId}/{applicationId}/users', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'GetUserIdByUserExternalId', + 'summary' => 'Queries the ID of an Employee Identity and Access Management (EIAM) account based on the external ID.', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid_token | Access token is not valid | token无效|'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:user:manager_all] | 缺少API授权信息 |'."\n" + .'| 400 | MissingParameter.UserExternalId | The specified parameter: UserExternalId is required! | 缺少UserExternalId参数 |'."\n" + .'| 400 | MissingParameter.UserSourceType | The specified parameter: UserSourceType is required! | 缺少UserSourceType参数 |'."\n" + .'| 400 | MissingParameter.UserSourceId | The specified parameter: UserSourceId is required! | 缺少UserSourceId参数 |'."\n" + .'| 400 | ResourceNotFound.UserId| The specified UserId resource: %s not found. | 账户ID不存在 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"userId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\"\\n}","type":"json"}]', + ], + 'GetUserIdByUsername' => [ + 'path' => '/v2/{instanceId}/{applicationId}/users/_/actions/getUserIdByUsername', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasY4QW79'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij', - ], + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ 'name' => 'body', 'in' => 'body', 'style' => 'json', 'schema' => [ - 'description' => 'The request body.'."\n", + 'description' => 'The request body.', 'type' => 'object', 'properties' => [ - 'username' => [ - 'title' => '账户名称。', - 'description' => 'The username of the account.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'name001', - ], - 'displayName' => [ - 'title' => '账户展示名。', - 'description' => 'The display name of the account. The display name can be up to 64 characters in length.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'display_name001', - ], - 'password' => [ - 'title' => '密码, 参考密码策略', - 'description' => 'The password of the account. For information about the password rules, go to the Create User panel in the Identity as a Service (IDaaS) console.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'xxxxx', - ], - 'phoneRegion' => [ - 'title' => '手机地区编号,示例:中国大陆手区号为86,不带 00 或 +, 手机号若设置,此参数必填', - 'description' => 'The country code of the mobile number. For example, the country code of China is 86 without 00 or +. This parameter is required if a mobile number is specified.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '86', - ], - 'phoneNumber' => [ - 'title' => '手机号', - 'description' => 'The mobile number of the user who owns the account.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '156xxxxxxx', - ], - 'phoneNumberVerified' => [ - 'title' => '手机号是否验证,手机号若设置此字段必须设置,无特殊业务可直接设置为true', - 'description' => 'Indicates whether the mobile number is verified. This field is required if a mobile number is specified. If you have no special requirement, set this parameter to true.'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'email' => [ - 'title' => '邮箱', - 'description' => 'The email address of the user who owns the account.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'example@example.com', - ], - 'emailVerified' => [ - 'title' => '邮箱是否验证,邮箱若设置此字段必须设置,无特殊业务可直接设置为true', - 'description' => 'Indicates whether the email address is verified. This field is required if an email address is specified. If you have no special requirement, set this parameter to true.'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'userExternalId' => [ - 'title' => '账户外部ID', - 'description' => 'The external ID of the account. The external ID can be used to map external data to the data of the account in EIAM of Identity as a Service (IDaaS). By default, the external ID is the account ID.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], - 'primaryOrganizationalUnitId' => [ - 'title' => '账户主机构ID', - 'description' => 'The ID of the primary organizational unit.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - 'description' => [ - 'title' => '描述', - 'description' => 'The description of the account. The description can be up to 256 characters in length.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test user', - ], - 'passwordInitializationConfig' => [ - 'title' => '密码初始化配置', - 'description' => 'Configure the initial password', - 'type' => 'object', - 'properties' => [ - 'passwordInitializationPolicyPriority' => [ - 'title' => '密码初始化策略优先级,不传不生效。枚举取值:global(全局优先)、custom(自定义优先)', - 'description' => 'Password policy', - 'type' => 'string', - 'required' => false, - 'example' => 'global', - ], - 'passwordForcedUpdateStatus' => [ - 'title' => '强制修改密码状态,默认不启用。枚举取值:enabled(开启)、disabled(禁用)', - 'description' => 'Password forced update', - 'type' => 'string', - 'required' => false, - 'example' => 'enabled', - ], - 'userNotificationChannels' => [ - 'title' => '密码通知渠道。枚举取值:email(邮件)、sms(短信)', - 'description' => 'User Notification Channels', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'email', - ], - 'required' => false, - 'example' => 'sms', - ], - 'passwordInitializationType' => [ - 'title' => '密码初始化方式。枚举取值:random(随机)', - 'description' => 'Password Initialization Type', - 'type' => 'string', - 'required' => false, - 'example' => 'random', - ], - ], - 'required' => false, - ], - 'customFields' => [ - 'title' => '扩展字段列表', - 'description' => 'Custom fields', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'fieldName' => [ - 'title' => '扩展字段标识', - 'description' => 'Field name', - 'type' => 'string', - 'required' => false, - 'example' => 'age', - ], - 'fieldValue' => [ - 'title' => '扩展字段值', - 'description' => 'Filed value', - 'type' => 'string', - 'required' => false, - 'example' => 'fieldValue_001', - ], - ], - 'required' => false, - ], - 'required' => false, - ], + 'username' => ['description' => 'The username of the account.', 'type' => 'string', 'required' => true, 'example' => 'username_001', 'title' => ''], ], 'required' => false, - 'example' => 'app_xx001', + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => '调用CreateUser接口在指定组织下,创建新的EIAM的账户资源', - 'description' => 'The response parameters.'."\n", + 'title' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'userId' => [ - 'title' => '账户ID。', - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], + 'userId' => ['description' => 'The account ID.', 'type' => 'string', 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], ], + 'example' => '', ], ], ], + 'title' => 'GetUserIdByUsername', + 'summary' => 'Queries the ID of an Employee Identity and Access Management (EIAM) account based on the username.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"userId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\"\\n}","type":"json"}]', - 'title' => 'CreateUser', ], - 'PatchUser' => [ - 'summary' => 'Modifies an Employee Identity and Access Management (EIAM) account.', - 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}', - 'methods' => [ - 'patch', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'GetUserInfo' => [ + 'summary' => 'Retrieves the information about a user by using the user token.', + 'path' => '/v2/{instanceId}/{applicationId}/oauth2/userinfo', + 'methods' => ['get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasY4QW79'], ], 'parameters' => [ [ + 'name' => 'instanceId', + 'in' => 'path', + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + ], + [ + 'name' => 'applicationId', + 'in' => 'path', + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], + ], + [ 'name' => 'Authorization', 'in' => 'header', + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij', + 'title' => 'Map', + 'description' => 'The response parameters.', + 'type' => 'object', + 'additionalProperties' => ['description' => 'The user information.', 'type' => 'any', 'example' => '无', 'title' => ''], + 'example' => '', ], ], + ], + 'title' => 'GetUserInfo', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid\\_request | Application is not OIDC application| 非OIDC应用 |'."\n" + .'| 400 | invalid\\_token | Invalid token| token无效 |'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"key\\": \\"无\\"\\n}","type":"json"}]', + ], + 'ListAuthenticationTokens' => [ + 'summary' => 'Lists authentication tokens.', + 'path' => '/v2/{instanceId}/authenticationTokens', + 'methods' => ['get'], + 'schemes' => ['https'], + 'security' => [ + [ + 'Anonymous' => [], + ], + ], + 'consumes' => ['application/json'], + 'produces' => ['application/json'], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'none', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Authorization', + 'in' => 'header', + 'schema' => ['description' => 'Authentication information. Format: Bearer ${access\\_token}.'."\n" + ."\n" + .'> Enter an IDaaS-issued Access Token.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'Bearer xxxxxx'], + ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'Instance ID.', 'type' => 'string', 'required' => true, 'maxLength' => 64, 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], ], [ - 'name' => 'applicationId', - 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'name' => 'nextToken', + 'in' => 'query', + 'schema' => ['description' => 'Token that marks the start of the next page in a paged query.', 'type' => 'string', 'example' => 'NTxxxxxexample', 'title' => '', 'required' => false], ], [ - 'name' => 'userId', - 'in' => 'path', - 'schema' => [ - 'title' => '账户ID', - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], + 'name' => 'maxResults', + 'in' => 'query', + 'schema' => ['description' => 'Maximum number of records to return in this paged query.', 'type' => 'integer', 'format' => 'int64', 'example' => '20', 'default' => '20', 'title' => '', 'required' => false], ], [ - 'name' => 'body', - 'in' => 'body', - 'style' => 'json', + 'name' => 'consumerId', + 'in' => 'query', + 'schema' => ['description' => 'ID of the authentication token consumer.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'app_ngtkgrrxxxxktg5eao6z4xxxxx'], + ], + [ + 'name' => 'credentialProviderIdentifier', + 'in' => 'query', + 'schema' => ['description' => 'Credential provider identifier.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'test_example_identifier'], + ], + [ + 'name' => 'revoked', + 'in' => 'query', + 'schema' => ['description' => 'Indicates whether the authentication token is revoked.', 'type' => 'boolean', 'title' => '', 'required' => false, 'example' => 'false'], + ], + [ + 'name' => 'expired', + 'in' => 'query', + 'schema' => ['description' => 'Indicates whether the authentication token is expired.', 'type' => 'boolean', 'title' => '', 'required' => false, 'example' => 'false'], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The request body.'."\n", 'type' => 'object', 'properties' => [ - 'username' => [ - 'title' => '账户名', - 'description' => 'The name of the account.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'name001', - ], - 'displayName' => [ - 'title' => '账户展示名', - 'description' => 'The display name of the account.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'display_name001', - ], - 'phoneRegion' => [ - 'title' => '手机地区编号,示例:中国大陆手区号为86,不带 00 或 +, 手机号若设置,此参数必填', - 'description' => 'The country code of the mobile number. For example, the country code of China is 86 without 00 or +. This parameter is required if a mobile number is specified.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '86', - ], - 'phoneNumber' => [ - 'title' => '手机号', - 'description' => 'The mobile number.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '156xxxxxxx', - ], - 'phoneNumberVerified' => [ - 'title' => '手机号是否验证,手机号若设置此字段必须设置,无特殊业务可直接设置为true', - 'description' => 'Specifies whether the mobile number is verified. This field is required if a mobile number is specified. If you have no special requirement, set this parameter to true.'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'email' => [ - 'title' => '邮箱', - 'description' => 'The email address.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'example@example.com', - ], - 'emailVerified' => [ - 'title' => '邮箱是否验证,邮箱若设置此字段必须设置,无特殊业务可直接设置为true', - 'description' => 'Specifies whether the email address is verified. This field is required if an email address is specified. If you have no special requirement, set this parameter to true.'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'customFields' => [ - 'title' => '扩展字段列表', - 'description' => 'The extended fields of the account.'."\n", + 'entities' => [ + 'description' => 'List of resource entities.', 'type' => 'array', 'items' => [ - 'description' => 'The extended field.'."\n", 'type' => 'object', 'properties' => [ - 'operator' => [ - 'description' => 'The type of the operation. This parameter is deprecated. Replace it with operation.'."\n", - 'type' => 'string', - 'deprecated' => true, - 'required' => false, - 'example' => 'replace', - ], - 'fieldName' => [ - 'title' => '扩展字段标识', - 'description' => 'The name of the extended field. For more information about the type and valid values of the extended field, see the detailed description of the extended field in the IDaaS console.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'age', - ], - 'fieldValue' => [ - 'title' => '扩展字段值', - 'description' => 'The value of the extended field.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test_value', - ], - 'operation' => [ - 'description' => 'The operation to be performed on the field. Valid values:'."\n" - ."\n" - .'* add'."\n" - .'* replace If you leave the value of the extended field empty, the replace operation is converted to an add operation.'."\n" - .'* remove'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'replace', - ], + 'instanceId' => ['description' => 'Instance ID.', 'type' => 'string', 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], + 'authenticationTokenId' => ['description' => 'Authentication token ID.', 'type' => 'string', 'title' => '', 'example' => 'atntkn_01kqflm0sxxx8nmdc1cb5dskxxxxx'], + 'credentialProviderId' => ['description' => 'Credential provider ID.', 'type' => 'string', 'title' => '', 'example' => 'atp_01kr2cmj5gxxx4fvmls2e93dxxxxx'], + 'createTime' => ['description' => 'Creation time of the authentication token, as a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1649830225000'], + 'updateTime' => ['description' => 'Last update time of the authentication token, as a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1649830225000'], + 'authenticationTokenType' => ['description' => 'Authentication token type. Valid values:'."\n" + ."\n" + .'- jwt: JWT authentication token'."\n" + ."\n" + .'- oauth\\_access\\_token: OAuth Access Token authentication token', 'type' => 'string', 'title' => '', 'example' => 'jwt'], + 'revoked' => ['description' => 'Indicates whether the authentication token is revoked.', 'type' => 'boolean', 'title' => '', 'example' => 'false'], + 'creatorType' => ['description' => 'Type of the authentication token creator. Valid values:'."\n" + ."\n" + .'- application: Application', 'type' => 'string', 'title' => '', 'example' => 'application'], + 'creatorId' => ['description' => 'ID of the authentication token creator.', 'type' => 'string', 'title' => '', 'example' => 'app_ngtkgrrxxxxktg5eao6z4xxxxx'], + 'consumerType' => ['description' => 'Type of the authentication token consumer. Valid values:'."\n" + ."\n" + .'- application: Application'."\n" + ."\n" + .'- custom: Custom type', 'type' => 'string', 'title' => '', 'example' => 'custom'], + 'consumerId' => ['description' => 'ID of the authentication token consumer.', 'type' => 'string', 'title' => '', 'example' => 'test_jwt_subject'], + 'expirationTime' => ['description' => 'Expiration time of the authentication token, as a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1772693568000'], ], - 'required' => false, + 'title' => '', + 'description' => 'Authentication token details.', + 'example' => '', ], - 'required' => false, + 'title' => '', + 'example' => '', ], + 'totalCount' => ['description' => 'Total number of resource entities that match the query criteria.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'], + 'nextToken' => ['description' => 'Token returned by this call. Use it for the next paged query to get the next page.', 'type' => 'string', 'title' => '', 'example' => 'NTxxxexample'], + 'maxResults' => ['description' => 'Maximum number of records returned in this query.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'], ], - 'required' => false, - 'example' => 'user_001', + 'description' => 'Paged query result.', + 'title' => '', + 'example' => '', ], ], ], - 'responses' => [ - 200 => [], + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'ListAuthenticationTokens', + 'description' => 'This API uses an Access Token issued by IDaaS for identity authentication and authorization.'."\n" + ."\n" + .'Ensure that the Access Token you provide has the Query authentication tokens permission for the built-in Privileged Access Management (PAM) application in IDaaS.'."\n" + ."\n" + .'> The required scope is `urn:cloud:idaas:pam|authentication_token:read`.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', - 'title' => 'PatchUser', - 'description' => 'The operation conforms to the HTTP PATCH request method. The value of a parameter is modified only if the parameter is specified in the request.'."\n", + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"entities\\": [\\n {\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"authenticationTokenId\\": \\"atntkn_01kqflm0sxxx8nmdc1cb5dskxxxxx\\",\\n \\"credentialProviderId\\": \\"atp_01kr2cmj5gxxx4fvmls2e93dxxxxx\\",\\n \\"createTime\\": 1649830225000,\\n \\"updateTime\\": 1649830225000,\\n \\"authenticationTokenType\\": \\"jwt\\",\\n \\"revoked\\": false,\\n \\"creatorType\\": \\"application\\",\\n \\"creatorId\\": \\"app_ngtkgrrxxxxktg5eao6z4xxxxx\\",\\n \\"consumerType\\": \\"custom\\",\\n \\"consumerId\\": \\"test_jwt_subject\\",\\n \\"expirationTime\\": 1772693568000\\n }\\n ],\\n \\"totalCount\\": 100,\\n \\"nextToken\\": \\"NTxxxexample\\",\\n \\"maxResults\\": 20\\n}","type":"json"}]', ], - 'GetUser' => [ - 'summary' => 'Queries the details of an Employee Identity and Access Management (EIAM) account.', - 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}', - 'methods' => [ - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'ListGroups' => [ + 'summary' => 'Retrieves information about Employee Identity and Access Management (EIAM) groups by page.', + 'path' => '/v2/{instanceId}/{applicationId}/groups', + 'methods' => ['get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaas1LGU5E'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij', - ], + 'schema' => ['description' => 'The authentication information. The value is in the Bearer ${access\\_token} format. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'userId', - 'in' => 'path', - 'schema' => [ - 'title' => '账户ID', - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], + 'name' => 'groupNameStartWith', + 'in' => 'query', + 'schema' => ['description' => 'The prefix of the group name.', 'type' => 'string', 'example' => 'group_xxx', 'title' => '', 'required' => false], + ], + [ + 'name' => 'nextToken', + 'in' => 'query', + 'schema' => ['title' => 'nextToken', 'description' => 'nextToken', 'type' => 'string', 'example' => 'NTxxx', 'required' => false], + ], + [ + 'name' => 'maxResults', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => '', 'required' => false], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'DeveloperUserDetailDTO', - 'description' => 'The response parameters.'."\n", + 'title' => 'DeveloperNextTokenResponse', + 'description' => 'DeveloperNextTokenResponse', 'type' => 'object', 'properties' => [ - 'instanceId' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'organizationalUnits' => [ - 'title' => '账户所属组织列表', - 'description' => 'The organizational units to which the account belongs.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The organizational unit.'."\n", - 'type' => 'object', - 'properties' => [ - 'organizationalUnitId' => [ - 'title' => '机构ID', - 'description' => 'The ID of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - 'organizationalUnitName' => [ - 'title' => '机构名称', - 'description' => 'The name of the organizational unit.'."\n", - 'type' => 'string', - 'example' => 'name001', - ], - 'primary' => [ - 'title' => '是否主机构', - 'description' => 'Indicates whether the organizational unit is the primary organizational unit.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - ], - ], - ], - 'primaryOrganizationalUnitId' => [ - 'title' => '账户主机构ID', - 'description' => 'The ID of the primary organizational unit of the account.'."\n", - 'type' => 'string', - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - 'customFields' => [ - 'title' => '账户扩展字段列表', - 'description' => 'The extended fields of the account.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'fieldName' => [ - 'title' => '字段标识', - 'description' => 'The name of the extended field.'."\n", - 'type' => 'string', - 'example' => 'xxxx', - ], - 'fieldValue' => [ - 'title' => '字段数据值', - 'description' => 'The value of the extended field. Field values are returned as strings regardless of the data types of the fields. For example, true or false is returned for a Boolean field.'."\n", - 'type' => 'string', - 'example' => '字段数据值', - ], - ], - ], - ], - 'userId' => [ - 'title' => '账户ID', - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], - 'username' => [ - 'title' => '账户名', - 'description' => 'The username of the account.'."\n", - 'type' => 'string', - 'example' => 'name001', - ], - 'displayName' => [ - 'title' => '显示名', - 'description' => 'The display name of the account.'."\n", - 'type' => 'string', - 'example' => 'display_name001', - ], - 'passwordSet' => [ - 'title' => '密码是否已设置', - 'description' => 'Indicates whether the password is set.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'phoneRegion' => [ - 'title' => '手机地区编号,示例:中国大陆手区号为86,不带 00 或 +', - 'description' => 'The country code of the mobile number. For example, the country code of China is 86 without 00 or +.'."\n", - 'type' => 'string', - 'example' => '86', - ], - 'phoneNumber' => [ - 'title' => '手机号', - 'description' => 'The mobile number of the user who owns the account.'."\n", - 'type' => 'string', - 'example' => '156xxxxxxx', - ], - 'phoneNumberVerified' => [ - 'title' => '手机号是否验证', - 'description' => 'Indicates whether the mobile number has been verified. A value of true indicates that the mobile number has been verified by the user or has been set to the verified status by the administrator. A value of false indicates that the mobile number has not been verified.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'email' => [ - 'title' => '邮箱', - 'description' => 'The email address of the user.'."\n", - 'type' => 'string', - 'example' => 'example@example.com', - ], - 'emailVerified' => [ - 'title' => '邮箱是否验证', - 'description' => 'Indicates whether the email address has been verified. A value of true indicates that the email address has been verified by the user or has been set to the verified status by the administrator. A value of false indicates that the email address has not been verified.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'userExternalId' => [ - 'title' => '外部ID', - 'description' => 'The external ID of the account. The external ID can be used to map external data to the data of the account in EIAM of Identity as a Service (IDaaS). By default, the external ID is the account ID.'."\n" - ."\n" - .'Note: For accounts with the same source type and source ID, each account has a unique external ID.'."\n", - 'type' => 'string', - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], - 'userSourceType' => [ - 'title' => '来源类型,build_in[自建],ding_talk[钉钉导入],ad[AD导入],ldap[LDAP导入]', - 'description' => 'The source type of the account. Valid values:'."\n" - ."\n" - .'* build_in: The account was created in IDaaS.'."\n" - .'* ding_talk: The account was imported from DingTalk.'."\n" - .'* ad: The account was imported from Microsoft Active Directory (AD).'."\n" - .'* ldap: The account was imported from a Lightweight Directory Access Protocol (LDAP) service.'."\n", - 'type' => 'string', - 'example' => 'build_in', - ], - 'userSourceId' => [ - 'title' => '来源ID', - 'description' => 'The source ID of the account.'."\n" - ."\n" - .'If the account was created in IDaaS, its source ID is the ID of the IDaaS instance. If the account was imported, its source ID is the enterprise ID in the source. For example, if the account was imported from DingTalk, its source ID is the corpId value of the enterprise in DingTalk.'."\n", - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'status' => [ - 'title' => '账户状态, enabled:启用,disabled:禁用', - 'description' => 'The status of the account. Valid values: enabled disabled'."\n", - 'type' => 'string', - 'example' => 'enabled', - ], - 'accountExpireTime' => [ - 'title' => '账户过期时间, 毫秒时间', - 'description' => 'The time when the account expires. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], - 'registerTime' => [ - 'description' => 'The time when the account was registered. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], - 'lockExpireTime' => [ - 'title' => '锁定过期时间, 毫秒时间', - 'description' => 'The time when the account lock expires. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], - 'createTime' => [ - 'title' => '创建时间, 毫秒时间', - 'description' => 'The time when the account was created. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], - 'updateTime' => [ - 'title' => '最近一次更新时间, 毫秒时间', - 'description' => 'The time when the account was last modified. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], - 'description' => [ - 'title' => '账号描述', - 'description' => 'The description of the account.'."\n", - 'type' => 'string', - 'example' => 'xxxx', - ], - 'groups' => [ - 'title' => '账户所属组列表', - 'description' => 'The groups to which the account belongs.'."\n", + 'totalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '1000', 'title' => ''], + 'data' => [ + 'description' => 'The returned data.', 'type' => 'array', 'items' => [ - 'description' => 'The information about the group to which the account belongs.'."\n", + 'description' => 'The returned data.', 'type' => 'object', 'properties' => [ - 'groupId' => [ - 'title' => '组ID。', - 'description' => 'The group ID.'."\n", - 'type' => 'string', - 'example' => 'group_ufdsasn35ea5lmthk267xxxxx', - ], - 'groupName' => [ - 'title' => '组名称。', - 'description' => 'The group name.'."\n", - 'type' => 'string', - 'example' => 'name_test', - ], - 'description' => [ - 'title' => '组描述。', - 'description' => 'The group description.'."\n", - 'type' => 'string', - 'example' => 'description_demo', - ], + 'instanceId' => ['description' => 'The instance ID.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'groupId' => ['description' => 'The group ID.', 'type' => 'string', 'example' => 'group_ufdsasn35ea5lmthk267xxxxx', 'title' => ''], + 'groupName' => ['description' => 'The group name.', 'type' => 'string', 'example' => 'name_test', 'title' => ''], + 'description' => ['description' => 'The group description.', 'type' => 'string', 'example' => 'description_demo', 'title' => ''], + 'groupExternalId' => ['description' => 'The external ID of the group.', 'type' => 'string', 'example' => 'group_ufdsasn35ea5lmthk267xxxxx', 'title' => ''], + 'groupSourceType' => ['description' => 'The source type of the group. Valid values: build\\_in, ding\\_talk, ad, and ldap.', 'type' => 'string', 'example' => 'build_in', 'title' => ''], + 'groupSourceId' => ['description' => 'The source ID of the group.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'createTime' => ['description' => 'The time when the group was created. The value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], + 'updateTime' => ['description' => 'The time when the group was last updated. The value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], + 'nextToken' => ['description' => 'The start position of the query. If this parameter is left empty, the query starts from the beginning.', 'type' => 'string', 'example' => 'NTxxx', 'title' => ''], + 'maxResults' => ['description' => 'The maximum number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"organizationalUnits\\": [\\n {\\n \\"organizationalUnitId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitName\\": \\"name001\\",\\n \\"primary\\": true\\n }\\n ],\\n \\"primaryOrganizationalUnitId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"customFields\\": [\\n {\\n \\"fieldName\\": \\"xxxx\\",\\n \\"fieldValue\\": \\"字段数据值\\"\\n }\\n ],\\n \\"userId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\",\\n \\"username\\": \\"name001\\",\\n \\"displayName\\": \\"display_name001\\",\\n \\"passwordSet\\": true,\\n \\"phoneRegion\\": \\"86\\",\\n \\"phoneNumber\\": \\"156xxxxxxx\\",\\n \\"phoneNumberVerified\\": true,\\n \\"email\\": \\"example@example.com\\",\\n \\"emailVerified\\": true,\\n \\"userExternalId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\",\\n \\"userSourceType\\": \\"build_in\\",\\n \\"userSourceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"status\\": \\"enabled\\",\\n \\"accountExpireTime\\": 1652085686179,\\n \\"registerTime\\": 1652085686179,\\n \\"lockExpireTime\\": 1652085686179,\\n \\"createTime\\": 1652085686179,\\n \\"updateTime\\": 1652085686179,\\n \\"description\\": \\"测试账户\\",\\n \\"groups\\": [\\n {\\n \\"groupId\\": \\"group_ufdsasn35ea5lmthk267xxxxx\\",\\n \\"groupName\\": \\"name_test\\",\\n \\"description\\": \\"description_demo\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'GetUser', - ], - 'UpdateUserPassword' => [ - 'summary' => '更新账户密码', - 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/updateUserPassword', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'ListGroups', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"totalCount\\": 1000,\\n \\"data\\": [\\n {\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"groupId\\": \\"group_ufdsasn35ea5lmthk267xxxxx\\",\\n \\"groupName\\": \\"name_test\\",\\n \\"description\\": \\"description_demo\\",\\n \\"groupExternalId\\": \\"group_ufdsasn35ea5lmthk267xxxxx\\",\\n \\"groupSourceType\\": \\"build_in\\",\\n \\"groupSourceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"createTime\\": 1652085686179,\\n \\"updateTime\\": 1652085686179\\n }\\n ],\\n \\"nextToken\\": \\"NTxxx\\",\\n \\"maxResults\\": 20\\n}","type":"json"}]', + ], + 'ListGroupsForUser' => [ + 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/listGroupsForUser', + 'methods' => ['get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasY4QW79'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['description' => 'The authentication information.'."\n" + .'Format: Bearer ${access\\_token}.'."\n" + .'Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ 'name' => 'userId', 'in' => 'path', - 'schema' => [ - 'title' => '账户ID', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], + 'schema' => ['description' => 'The user ID.', 'type' => 'string', 'required' => true, 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], ], [ - 'name' => 'body', - 'in' => 'body', - 'style' => 'json', + 'name' => 'nextToken', + 'in' => 'query', + 'schema' => ['title' => 'nextToken', 'description' => 'The token to retrieve the next page of results. Leave this parameter empty to query from the first page.', 'type' => 'string', 'example' => 'NTxxx', 'required' => false], + ], + [ + 'name' => 'maxResults', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => '', 'required' => false], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => '', + 'title' => 'DeveloperNextTokenResponse', + 'description' => 'The response object.', 'type' => 'object', 'properties' => [ - 'password' => [ - 'title' => '密码', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'xxxx', + 'totalCount' => ['description' => 'The total number of entries.', 'type' => 'integer', 'format' => 'int64', 'example' => '1000', 'title' => ''], + 'data' => [ + 'description' => 'The data object.', + 'type' => 'array', + 'items' => [ + 'description' => 'The data object.', + 'type' => 'object', + 'properties' => [ + 'instanceId' => ['description' => 'The instance ID.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'groupId' => ['description' => 'The group ID.', 'type' => 'string', 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], + 'groupMemberRelationSourceId' => ['description' => 'The source ID of the group membership.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'groupMemberRelationSourceType' => ['description' => 'The source type of the group membership.', 'type' => 'string', 'example' => 'build_in', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], + 'nextToken' => ['description' => 'The token to retrieve the next page of results. If this parameter is not returned, all results have been returned.', 'type' => 'string', 'example' => 'NTxxx', 'title' => ''], + 'maxResults' => ['description' => 'The maximum number of entries returned on each page.', 'type' => 'integer', 'format' => 'int64', 'example' => '20', 'title' => ''], ], - 'required' => false, + 'example' => '', ], ], ], - 'responses' => [ - 200 => [], + 'title' => 'ListGroupsForUser', + 'summary' => 'Lists the groups that an EIAM user is a member of.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', - 'title' => 'UpdateUserPassword', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"totalCount\\": 1000,\\n \\"data\\": [\\n {\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"groupId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\",\\n \\"groupMemberRelationSourceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"groupMemberRelationSourceType\\": \\"build_in\\"\\n }\\n ],\\n \\"nextToken\\": \\"NTxxx\\",\\n \\"maxResults\\": 20\\n}","type":"json"}]', ], - 'DeleteUser' => [ - 'summary' => 'Deletes an Employee Identity and Access Management (EIAM) account.', - 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}', - 'methods' => [ - 'delete', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'ListOrganizationalUnitParentIds' => [ + 'path' => '/v2/{instanceId}/{applicationId}/organizationalUnits/{organizationalUnitId}/parentIds', + 'methods' => ['get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaas3S4NKL'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息,格式:Bearer access_token', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij', - ], + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'userId', + 'name' => 'organizationalUnitId', 'in' => 'path', + 'schema' => ['description' => 'The ID of the organizational unit.', 'type' => 'string', 'required' => true, 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'title' => '账户ID', - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', + 'title' => '', + 'description' => 'The response parameters.', + 'type' => 'object', + 'properties' => [ + 'parentIds' => [ + 'title' => '', + 'description' => 'The IDs of the parent organizational units. The IDs of the organizational unit are ordered based on their levels from high to low. Only the IDs of the organizational units within the authorization scope are displayed.', + 'type' => 'array', + 'items' => ['description' => 'The ID of the organizational unit.', 'type' => 'string', 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'example' => '[ou_xxx001]', + ], + ], + 'example' => '', ], ], ], - 'responses' => [ - 200 => [], + 'title' => 'ListOrganizationalUnitParentIds', + 'summary' => 'Retrieves the information about all the parent organizational units of an organizational unit.', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid\\_token | Access token is not valid | token无效|'."\n" + .'| 400 | OrganizationUnitIdNotInScopes | organizationUnitId : ou_wovwffm62xifdziem7an7xxxxx not in provisioning scope! | 组织不在同步范围内|'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:organizational_unit:read_all] | 缺少API授权信息 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', - 'title' => 'DeleteUser', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"parentIds\\": [\\n \\"ou_wovwffm62xifdziem7an7xxxxx\\"\\n ]\\n}","type":"json"}]', ], - 'ListUsers' => [ - 'summary' => 'Queries the information of Employee Identity and Access Management (EIAM) accounts by page.', - 'path' => '/v2/{instanceId}/{applicationId}/users', - 'methods' => [ - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'ListOrganizationalUnits' => [ + 'path' => '/v2/{instanceId}/{applicationId}/organizationalUnits', + 'methods' => ['get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasZCZ2SC'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij', - ], + 'schema' => ['description' => 'The authentication information. The value must be in the format of \\`Bearer ${access\\_token}\\`. Example: \\`Bearer ATxxxx\\`.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij'."\n", 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'organizationalUnitId', + 'name' => 'parentId', 'in' => 'query', - 'schema' => [ - 'title' => '机构ID', - 'description' => 'The ID of the organizational unit.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], + 'schema' => ['description' => 'The parent organization ID.', 'type' => 'string', 'required' => true, 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], ], [ 'name' => 'pageNumber', 'in' => 'query', - 'schema' => [ - 'title' => '页码,默认1', - 'description' => 'The page number. Default value: 1.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'The page number. The default value is 1.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => '', 'required' => false], ], [ 'name' => 'pageSize', 'in' => 'query', - 'schema' => [ - 'title' => '单页大小,默认20', - 'description' => 'The number of entries per page. Default value: 20. Valid values: 1 to 100.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '20', - ], + 'schema' => ['description' => 'The number of records on each page. The default value is 20. The value can range from 1 to 100.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => '', 'required' => false], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => '查询账户列表响应结果', - 'description' => 'The response parameters.'."\n", + 'title' => 'GeneralDataListResponse', + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'totalCount' => [ - 'title' => '记录总数', - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1000', - ], + 'totalCount' => ['description' => 'The total number of records.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1000'], 'data' => [ - 'description' => 'The queried EIAM accounts.'."\n", + 'description' => 'A list of data objects.', 'type' => 'array', 'items' => [ - 'description' => 'The queried EIAM account.'."\n", + 'description' => 'The data object.', 'type' => 'object', 'properties' => [ - 'instanceId' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'userId' => [ - 'title' => '账户ID', - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], - 'username' => [ - 'title' => '账户名', - 'description' => 'The username of the account.'."\n", - 'type' => 'string', - 'example' => 'name001', - ], - 'displayName' => [ - 'title' => '显示名', - 'description' => 'The display name of the account.'."\n", - 'type' => 'string', - 'example' => 'display_name001', - ], - 'passwordSet' => [ - 'title' => '密码是否已设置', - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'phoneRegion' => [ - 'title' => '手机地区编号,示例:中国大陆手区号为86,不带 00 或 +', - 'description' => 'The country code of the mobile number. For example, the country code of China is 86 without 00 or +.'."\n", - 'type' => 'string', - 'example' => '86', - ], - 'phoneNumber' => [ - 'title' => '手机号', - 'description' => 'The mobile number of the user who owns the account.'."\n", - 'type' => 'string', - 'example' => '156xxxxxxx', - ], - 'phoneNumberVerified' => [ - 'title' => '手机号是否验证', - 'description' => 'Indicates whether the mobile number has been verified. A value of true indicates that the mobile number has been verified by the user or has been set to the verified status by the administrator. A value of false indicates that the mobile number has not been verified.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'email' => [ - 'title' => '邮箱', - 'description' => 'The email address of the user who owns the account.'."\n", - 'type' => 'string', - 'example' => 'example@example.com', - ], - 'emailVerified' => [ - 'title' => '邮箱是否验证', - 'description' => 'Indicates whether the email address has been verified. A value of true indicates that the email address has been verified by the user or has been set to the verified status by the administrator. A value of false indicates that the email address has not been verified.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'userExternalId' => [ - 'title' => '外部ID', - 'description' => 'The external ID of the account. The external ID can be used to map external data to the data of the account in EIAM of Identity as a Service (IDaaS). By default, the external ID is the account ID.'."\n" - ."\n" - .'Note: For accounts with the same source type and source ID, each account has a unique external ID.'."\n", - 'type' => 'string', - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], - 'userSourceType' => [ - 'title' => '来源类型,build_in[自建],ding_talk[钉钉导入],ad[AD导入],ldap[LDAP导入]', - 'description' => 'The source type of the account. Valid values:'."\n" - ."\n" - .'* build_in: The account was created in IDaaS.'."\n" - .'* ding_talk: The account was imported from DingTalk.'."\n" - .'* ad: The account was imported from Microsoft Active Directory (AD).'."\n" - .'* ldap: The account was imported from a Lightweight Directory Access Protocol (LDAP) service.'."\n", - 'type' => 'string', - 'example' => 'build_in', - ], - 'userSourceId' => [ - 'title' => '来源ID', - 'description' => 'The source ID of the account.'."\n" - ."\n" - .'If the account was created in IDaaS, its source ID is the ID of the IDaaS instance. If the account was imported, its source ID is the enterprise ID in the source. For example, if the account was imported from DingTalk, its source ID is the corpId value of the enterprise in DingTalk.'."\n", - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'status' => [ - 'title' => '账户状态, enabled:启用,disabled:禁用', - 'description' => 'The status of the account. Valid values: enabled disabled'."\n", - 'type' => 'string', - 'example' => 'enabled', - ], - 'accountExpireTime' => [ - 'title' => '账户过期时间, 毫秒时间', - 'description' => 'The time when the account expires. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], - 'registerTime' => [ - 'description' => 'The time when the account was registered. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], - 'lockExpireTime' => [ - 'title' => '锁定过期时间, 毫秒时间', - 'description' => 'The time when the account lock expires. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], - 'createTime' => [ - 'title' => '创建时间, 毫秒时间', - 'description' => 'The time when the account was created. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], - 'updateTime' => [ - 'title' => '最近一次更新时间, 毫秒时间', - 'description' => 'The time when the account was last modified. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], - 'description' => [ - 'title' => '账号描述', - 'description' => '', - 'type' => 'string', - 'example' => 'xxxx', - ], + 'instanceId' => ['description' => 'The instance ID.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'organizationalUnitId' => ['description' => 'The organization ID.', 'type' => 'string', 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'organizationalUnitName' => ['description' => 'The organization name.', 'type' => 'string', 'example' => 'name001', 'title' => ''], + 'parentId' => ['description' => 'The parent organization ID.', 'type' => 'string', 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'organizationalUnitExternalId' => ['description' => 'The external ID of the organization. This ID is used to map external data to the organization\'s data in IDaaS. The default value is the IDaaS organization ID.'."\n" + ."\n" + .'Note: The external ID must be unique for the same source type and source ID.', 'type' => 'string', 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + 'organizationalUnitSourceType' => ['description' => 'The source type of the organization. Valid values:'."\n" + ."\n" + .'- \\`build\\_in\\`: The organization is created in IDaaS.'."\n" + ."\n" + .'- \\`ding\\_talk\\`: The organization is imported from DingTalk.'."\n" + ."\n" + .'- \\`ad\\`: The organization is imported from Active Directory (AD).'."\n" + ."\n" + .'- \\`ldap\\`: The organization is imported from LDAP.', 'type' => 'string', 'example' => 'build_in', 'title' => ''], + 'organizationalUnitSourceId' => ['description' => 'The source ID of the organization.'."\n" + ."\n" + .'For the \\`build\\_in\\` type, the default value is the instance ID. For other types, the value is the enterprise ID from the source. For example, if the source is DingTalk, the value is the \\`corpId\\` of the DingTalk enterprise.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'createTime' => ['description' => 'The time when the organization was created. This is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652083425923', 'title' => ''], + 'updateTime' => ['description' => 'The time when the organization was last updated. This is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652083425923', 'title' => ''], + 'description' => ['description' => 'The description of the organization.', 'type' => 'string', 'example' => '测试组织', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"totalCount\\": 1000,\\n \\"data\\": [\\n {\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"userId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\",\\n \\"username\\": \\"name001\\",\\n \\"displayName\\": \\"display_name001\\",\\n \\"passwordSet\\": true,\\n \\"phoneRegion\\": \\"86\\",\\n \\"phoneNumber\\": \\"156xxxxxxx\\",\\n \\"phoneNumberVerified\\": true,\\n \\"email\\": \\"example@example.com\\",\\n \\"emailVerified\\": true,\\n \\"userExternalId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\",\\n \\"userSourceType\\": \\"build_in\\",\\n \\"userSourceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"status\\": \\"enabled\\",\\n \\"accountExpireTime\\": 1652085686179,\\n \\"registerTime\\": 1652085686179,\\n \\"lockExpireTime\\": 1652085686179,\\n \\"createTime\\": 1652085686179,\\n \\"updateTime\\": 1652085686179,\\n \\"description\\": \\"测试账户\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'ListUsers', - ], - 'EnableUser' => [ - 'summary' => 'Enables an Employee Identity and Access Management (EIAM) account.', - 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/enable', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'ListOrganizationalUnits', + 'summary' => 'Performs a paged query to retrieve organization information from EIAM.', + 'description' => 'To retrieve the direct child organizations of the root organization, set the request parameter as follows:'."\n" + ."\n" + .'```'."\n" + .'{'."\n" + .' "parentOrganizationalUnitId": "ou_root"'."\n" + .'}'."\n" + .'```', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid_token | Access token is not valid | token无效|'."\n" + .'| 400 | OrganizationUnitIdNotInScopes | organizationUnitId : ou_wovwffm62xifdziem7an7xxxxx not in provisioning scope! | 组织不在同步范围内|'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:organizational_unit:read_all] | 缺少API授权信息 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"totalCount\\": 1000,\\n \\"data\\": [\\n {\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"organizationalUnitId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitName\\": \\"name001\\",\\n \\"parentId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitExternalId\\": \\"ou_wovwffm62xifdziem7an7xxxxx\\",\\n \\"organizationalUnitSourceType\\": \\"build_in\\",\\n \\"organizationalUnitSourceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"createTime\\": 1652083425923,\\n \\"updateTime\\": 1652083425923,\\n \\"description\\": \\"测试组织\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'ListUsers' => [ + 'path' => '/v2/{instanceId}/{applicationId}/users', + 'methods' => ['get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasY4QW79'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'userId', - 'in' => 'path', + 'name' => 'organizationalUnitId', + 'in' => 'query', + 'schema' => ['description' => 'The organization ID.', 'type' => 'string', 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => '', 'required' => false], + ], + [ + 'name' => 'pageNumber', + 'in' => 'query', + 'schema' => ['description' => 'The page number. The default value is 1.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => '', 'required' => false], + ], + [ + 'name' => 'pageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of records to return on each page. The default value is 20. The value must be in the range of 1 to 100.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => '', 'required' => false], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'title' => '账户ID', - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'user_001', + 'title' => '', + 'description' => 'The response object.', + 'type' => 'object', + 'properties' => [ + 'totalCount' => ['description' => 'The total number of records.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1000'], + 'data' => [ + 'description' => 'The list of returned data objects.', + 'type' => 'array', + 'items' => [ + 'description' => 'The returned data object.', + 'type' => 'object', + 'properties' => [ + 'instanceId' => ['description' => 'The instance ID.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'userId' => ['description' => 'The account ID.', 'type' => 'string', 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], + 'username' => ['description' => 'The account name.', 'type' => 'string', 'example' => 'name001', 'title' => ''], + 'displayName' => ['description' => 'The display name of the account.', 'type' => 'string', 'example' => 'display_name001', 'title' => ''], + 'passwordSet' => ['description' => 'Indicates whether a password is set.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'phoneRegion' => ['description' => 'The area code for the mobile phone number. For example, the area code for a mobile phone number in the Chinese mainland is 86. Do not add 00 or a plus sign (+).', 'type' => 'string', 'example' => '86', 'title' => ''], + 'phoneNumber' => ['description' => 'The mobile phone number of the account.', 'type' => 'string', 'example' => '156xxxxxxx', 'title' => ''], + 'phoneNumberVerified' => ['description' => 'Indicates whether the mobile phone number is verified. A value of true indicates that the mobile phone number is verified by the user or set to verified by the administrator. A value of false indicates that the mobile phone number is not verified.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'email' => ['description' => 'The email address of the account.', 'type' => 'string', 'example' => 'example@example.com', 'title' => ''], + 'emailVerified' => ['description' => 'Indicates whether the email address is verified. A value of true indicates that the email address is verified by the user or set to verified by the administrator. A value of false indicates that the email address is not verified.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'userExternalId' => ['description' => 'The external ID of the account. This ID is used to map external data to the IDaaS account. By default, this parameter is the same as the IDaaS account ID.'."\n" + ."\n" + .'Note: The external ID must be unique for the same source type and source ID.', 'type' => 'string', 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], + 'userSourceType' => ['description' => 'The source type of the account. Valid values:'."\n" + ."\n" + .'- build\\_in: The account is created in IDaaS.'."\n" + ."\n" + .'- ding\\_talk: The account is imported from DingTalk.'."\n" + ."\n" + .'- ad: The account is imported from Active Directory (AD).'."\n" + ."\n" + .'- ldap: The account is imported from LDAP.', 'type' => 'string', 'example' => 'build_in', 'title' => ''], + 'userSourceId' => ['description' => 'The source ID of the account.'."\n" + ."\n" + .'For accounts created in IDaaS, the default value is the instance ID. For other types of accounts, the value is the enterprise ID from the source. For example, for an account from DingTalk, the value is the corpId of the DingTalk enterprise.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'status' => ['description' => 'The status of the account. Valid values: enabled: The account is enabled. disabled: The account is disabled.', 'type' => 'string', 'example' => 'enabled', 'title' => ''], + 'accountExpireTime' => ['description' => 'The time when the account expires. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], + 'registerTime' => ['description' => 'The time when the account was registered. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], + 'lockExpireTime' => ['description' => 'The time when the account lock expires. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], + 'createTime' => ['description' => 'The time when the account was created. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], + 'updateTime' => ['description' => 'The time when the account was last updated. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652085686179', 'title' => ''], + 'description' => ['description' => 'The description of the account.', 'type' => 'string', 'example' => '测试账户', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'example' => '', ], ], ], - 'responses' => [ - 200 => [], + 'title' => 'ListUsers', + 'summary' => 'Performs a paged query for EIAM account information.', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid\\_token | Access token is not valid | token无效|'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app\\_001| 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:user:read\\_all] | 缺少API授权信息 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', - 'title' => 'EnableUser', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"totalCount\\": 1000,\\n \\"data\\": [\\n {\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"userId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\",\\n \\"username\\": \\"name001\\",\\n \\"displayName\\": \\"display_name001\\",\\n \\"passwordSet\\": true,\\n \\"phoneRegion\\": \\"86\\",\\n \\"phoneNumber\\": \\"156xxxxxxx\\",\\n \\"phoneNumberVerified\\": true,\\n \\"email\\": \\"example@example.com\\",\\n \\"emailVerified\\": true,\\n \\"userExternalId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\",\\n \\"userSourceType\\": \\"build_in\\",\\n \\"userSourceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"status\\": \\"enabled\\",\\n \\"accountExpireTime\\": 1652085686179,\\n \\"registerTime\\": 1652085686179,\\n \\"lockExpireTime\\": 1652085686179,\\n \\"createTime\\": 1652085686179,\\n \\"updateTime\\": 1652085686179,\\n \\"description\\": \\"测试账户\\"\\n }\\n ]\\n}","type":"json"}]', ], - 'DisableUser' => [ - 'summary' => 'Disables an Employee Identity and Access Management (EIAM) account.', - 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/disable', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'ListUsersForGroup' => [ + 'summary' => 'Queries accounts in an Employee Identity and Access Management (EIAM) group.', + 'path' => '/v2/{instanceId}/{applicationId}/groups/{groupId}/actions/listUsersForGroup', + 'methods' => ['get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasSNKQAN'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['description' => 'The authentication information. The value is in the Bearer ${access\\_token} format. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'userId', + 'name' => 'groupId', 'in' => 'path', + 'schema' => ['description' => 'The group ID.', 'type' => 'string', 'required' => true, 'example' => 'group_wovwffm62xifdziem7an7xxxxx', 'title' => ''], + ], + [ + 'name' => 'nextToken', + 'in' => 'query', + 'schema' => ['title' => 'nextToken', 'description' => 'nextToken', 'type' => 'string', 'example' => 'NTxxx', 'required' => false], + ], + [ + 'name' => 'maxResults', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => '', 'required' => false], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'title' => '账户ID', - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'user_001', + 'title' => 'DeveloperNextTokenResponse', + 'description' => 'DeveloperNextTokenResponse', + 'type' => 'object', + 'properties' => [ + 'totalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '1000', 'title' => ''], + 'data' => [ + 'description' => 'The returned data.', + 'type' => 'array', + 'items' => [ + 'description' => 'The returned data.', + 'type' => 'object', + 'properties' => [ + 'instanceId' => ['description' => 'The instance ID.', 'type' => 'string', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + 'userId' => ['description' => 'The account ID.', 'type' => 'string', 'example' => 'user_001', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + 'nextToken' => ['description' => 'A pagination token. If NextToken is empty, no next page exists.', 'type' => 'string', 'example' => 'NTxxx', 'title' => ''], + 'maxResults' => ['description' => 'The maximum number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''], + ], + 'example' => '', ], ], ], - 'responses' => [ - 200 => [], + 'title' => 'ListUsersForGroup', + 'requestParamsDescription' => 'If you set groupId to iggroup\\_all, the system queries accounts in all groups.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', - 'title' => 'DisableUser', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"totalCount\\": 1000,\\n \\"data\\": [\\n {\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"userId\\": \\"user_001\\"\\n }\\n ],\\n \\"nextToken\\": \\"NTxxx\\",\\n \\"maxResults\\": 20\\n}","type":"json"}]', ], - 'GetUserIdByEmail' => [ - 'summary' => 'Queries the ID of an Employee Identity and Access Management (EIAM) account by email address.', - 'path' => '/v2/{instanceId}/{applicationId}/users/_/actions/getUserIdByEmail', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'ObtainCloudAccountRoleAccessCredential' => [ + 'summary' => 'Gets temporary access credentials for a CloudAccountRole.', + 'path' => '/v2/{instanceId}/cloudAccountRoles/_/actions/obtainAccessCredential', + 'methods' => ['get'], + 'schemes' => ['https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'consumes' => ['application/x-www-form-urlencoded', 'application/json', 'multipart/form-data'], + 'produces' => ['application/json'], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'none', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息,格式:Bearer access_token', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij', - ], + 'schema' => ['description' => 'Authentication information. The format is `Bearer ${access_token}`.'."\n" + ."\n" + .'> The access token is issued by IDaaS.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'Bearer xxxxxx'], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], ], [ - 'name' => 'applicationId', - 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'name' => 'cloudAccountRoleExternalId', + 'in' => 'query', + 'schema' => ['description' => 'The external ID of the cloud role.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'acs:ram::xxx:role/role-test'], ], [ - 'name' => 'body', - 'in' => 'body', - 'style' => 'json', - 'schema' => [ - 'description' => 'The request body.'."\n", - 'type' => 'object', - 'properties' => [ - 'email' => [ - 'title' => '邮箱', - 'description' => 'The email address of the user who owns the account.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'example@example.com', - ], - ], - 'required' => false, - ], + 'name' => 'durationSeconds', + 'in' => 'query', + 'schema' => ['description' => 'The duration of the temporary security credentials (STS token) in seconds. The value must be between 900 and 43200 (15 minutes to 12 hours).'."\n" + ."\n" + .'- The minimum value is 900 seconds.'."\n" + ."\n" + .'- The maximum value is limited by the maximum session duration of the cloud provider\'s role or service account. For example, the default maximum session duration for an AWS role is 3,600 seconds.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1800', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => '响应结果', - 'description' => 'The response parameters.'."\n", + 'title' => '', 'type' => 'object', 'properties' => [ - 'userId' => [ - 'title' => '账户ID', - 'description' => 'The account ID.'."\n", + 'cloudAccountId' => ['description' => 'The ID of the cloud account.', 'type' => 'string', 'title' => '', 'example' => 'ca_01kmegjc11qa1txxxxx'], + 'cloudAccountRoleId' => ['description' => 'The ID of the cloud role.', 'type' => 'string', 'title' => '', 'example' => 'carole_01kmek49aqxxxx'], + 'cloudAccountRoleName' => ['description' => 'The name of the cloud role.', 'type' => 'string', 'title' => '', 'example' => 'role-test'], + 'cloudAccountRoleExternalId' => ['description' => 'The external ID of the cloud role.', 'type' => 'string', 'title' => '', 'example' => 'acs:ram::xxx:role/role-test'], + 'cloudAccountVendorType' => [ + 'description' => 'The type of the cloud account. The valid value is:'."\n" + ."\n" + .'- `alibaba_cloud`: Alibaba Cloud', + 'enumValueTitles' => ['alibaba_cloud' => 'alibaba\\_cloud'], 'type' => 'string', - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', + 'title' => '', + 'example' => 'alibaba_cloud', + ], + 'cloudAccountRoleAccessCredential' => [ + 'type' => 'object', + 'properties' => [ + 'accessCredentialExpiresAt' => ['description' => 'The expiration time of the temporary access credential for the cloud role, in Unix timestamp seconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1767196800'], + 'alibabaCloudStsToken' => [ + 'type' => 'object', + 'properties' => [ + 'accessKeyId' => ['description' => 'The access key ID.', 'type' => 'string', 'title' => '', 'example' => 'STS.NUgYrLnoC37mZZCNnAbez****'], + 'accessKeySecret' => ['description' => 'The access key secret.', 'type' => 'string', 'title' => '', 'example' => 'CVwjCkNzTMupZ8NbTCxCBRq3K16jtcWFTJAyBEv2****'], + 'securityToken' => ['description' => 'The security token.', 'type' => 'string', 'title' => '', 'example' => 'CAIShwJ1q6Ft5B2yfSjIr5bSEsj4g7BihPWGWHz****'], + 'expiration' => ['description' => 'The expiration time of the token, in UTC.', 'type' => 'string', 'title' => '', 'example' => '2021-10-20T04:27:09Z'], + ], + 'title' => '', + 'description' => 'The STS token used to assume an Alibaba Cloud RAM role.'."\n" + ."\n" + .'> This parameter is returned only when the cloud account type is `alibaba_cloud`.', + 'example' => '', + ], + 'awsStsToken' => [ + 'type' => 'object', + 'properties' => [ + 'accessKeyId' => ['description' => 'The access key ID.', 'type' => 'string', 'title' => '', 'example' => 'ASIAYBGN7XJKRFOM****'], + 'secretAccessKey' => ['description' => 'The secret access key.', 'type' => 'string', 'title' => '', 'example' => 'CVwjCkNzTMupZ8NbTCxCBRq3K16jtcWFTJAyBEv2****'], + 'sessionToken' => ['description' => 'The session token.', 'type' => 'string', 'title' => '', 'example' => 'FwoDYXdzEJzfSjIr5bSEsj4g7BihPWGWHz****'."\n"], + 'expiration' => ['description' => 'The expiration time of the STS token, in UTC.', 'type' => 'string', 'title' => '', 'example' => '2021-10-20T04:27:09Z'], + ], + 'description' => 'The STS token used to assume an AWS role.', + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'description' => 'The temporary access credential to assume the cloud role.', + 'example' => '', ], ], + 'description' => 'The response object.', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"userId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\"\\n}","type":"json"}]', - 'title' => 'GetUserIdByEmail', - ], - 'GetUserIdByPhoneNumber' => [ - 'summary' => 'Queries the ID of an Employee Identity and Access Management (EIAM) account based on the mobile number.', - 'path' => '/v2/{instanceId}/{applicationId}/users/_/actions/getUserIdByPhoneNumber', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'ObtainCloudAccountRoleAccessCredential', + 'description' => 'This API uses IDaaS-issued access tokens to authenticate and authorize requests.'."\n" + ."\n" + .'The access token must be authorized to obtain access credentials for a cloud role from the IDaaS Privileged Access Management (PAM) application.'."\n" + ."\n" + .'> The corresponding scope is `urn:cloud:idaas:pam|cloud_account_role:obtain_access_credential`.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"cloudAccountId\\": \\"ca_01kmegjc11qa1txxxxx\\",\\n \\"cloudAccountRoleId\\": \\"carole_01kmek49aqxxxx\\",\\n \\"cloudAccountRoleName\\": \\"role-test\\",\\n \\"cloudAccountRoleExternalId\\": \\"acs:ram::xxx:role/role-test\\",\\n \\"cloudAccountVendorType\\": \\"alibaba_cloud\\",\\n \\"cloudAccountRoleAccessCredential\\": {\\n \\"accessCredentialExpiresAt\\": 1767196800,\\n \\"alibabaCloudStsToken\\": {\\n \\"accessKeyId\\": \\"STS.NUgYrLnoC37mZZCNnAbez****\\",\\n \\"accessKeySecret\\": \\"CVwjCkNzTMupZ8NbTCxCBRq3K16jtcWFTJAyBEv2****\\",\\n \\"securityToken\\": \\"CAIShwJ1q6Ft5B2yfSjIr5bSEsj4g7BihPWGWHz****\\",\\n \\"expiration\\": \\"2021-10-20T04:27:09Z\\"\\n },\\n \\"awsStsToken\\": {\\n \\"accessKeyId\\": \\"ASIAYBGN7XJKRFOM****\\",\\n \\"secretAccessKey\\": \\"CVwjCkNzTMupZ8NbTCxCBRq3K16jtcWFTJAyBEv2****\\",\\n \\"sessionToken\\": \\"FwoDYXdzEJzfSjIr5bSEsj4g7BihPWGWHz****\\\\n\\",\\n \\"expiration\\": \\"2021-10-20T04:27:09Z\\"\\n }\\n }\\n}","type":"json"}]', + ], + 'ObtainCredential' => [ + 'summary' => 'Retrieves the plaintext of a secret.', + 'path' => '/v2/{instanceId}/credentials/_/actions/obtain', + 'methods' => ['get'], + 'schemes' => ['https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'consumes' => ['application/x-www-form-urlencoded', 'application/json', 'multipart/form-data'], + 'produces' => ['application/json'], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'none', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息,格式:Bearer access_token', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij'."\n", - ], + 'schema' => ['description' => 'Authentication information. The format is `Bearer ${access_token}`.'."\n" + ."\n" + .'> Use an access token issued by IDaaS.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'Bearer xxxxxx'], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The ID of the IDaaS instance.', 'type' => 'string', 'required' => true, 'maxLength' => 64, 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], ], [ - 'name' => 'applicationId', - 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], - ], - [ - 'name' => 'body', - 'in' => 'body', - 'style' => 'json', - 'schema' => [ - 'description' => 'The request body.'."\n", - 'type' => 'object', - 'properties' => [ - 'phoneNumber' => [ - 'title' => '手机号', - 'description' => 'The mobile number of the user who owns the account.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '156xxxxxxx', - ], - ], - 'required' => false, - ], + 'name' => 'credentialIdentifier', + 'in' => 'query', + 'schema' => ['description' => 'The identifier for the credential to obtain.', 'type' => 'string', 'required' => true, 'maxLength' => 64, 'title' => '', 'example' => 'credential_identifier_test'], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => '响应结果', - 'description' => 'The response parameters.'."\n", + 'title' => '', 'type' => 'object', 'properties' => [ - 'userId' => [ - 'title' => '账户ID', - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', + 'instanceId' => ['description' => 'The EIAM instance ID.', 'type' => 'string', 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], + 'credentialId' => ['description' => 'The credential ID.', 'type' => 'string', 'title' => '', 'example' => 'cred_mkv7rgt4d7i4u7zqtzev2mxxxx'], + 'status' => ['description' => 'The status of the credential. Valid values:'."\n" + ."\n" + .'- `enabled`: The credential can be used.'."\n" + ."\n" + .'- `disabled`: The credential cannot be used.', 'type' => 'string', 'title' => '', 'example' => 'enabled'], + 'credentialIdentifier' => ['description' => 'The credential identifier.', 'type' => 'string', 'title' => '', 'example' => 'credential_identifier_test'], + 'credentialName' => ['description' => 'The credential name.', 'type' => 'string', 'title' => '', 'example' => 'credential_name'], + 'credentialSubjectType' => ['description' => 'The credential\'s subject type. Valid values:'."\n" + ."\n" + .'- `authentication_token_provider`: An authentication token provider.', 'type' => 'string', 'title' => '', 'example' => 'authentication_token_provider'], + 'credentialSubjectId' => ['description' => 'The ID of the credential\'s subject.', 'type' => 'string', 'title' => '', 'example' => 'apt_werthgfdsasffxxxxx'], + 'credentialScenarioLabel' => ['description' => 'The usage scenario for the credential. Valid values:'."\n" + ."\n" + .'- `llm`: For use with a large language model.'."\n" + ."\n" + .'- `saas`: For use with a third-party SaaS application.', 'type' => 'string', 'title' => '', 'example' => 'llm'], + 'credentialType' => ['description' => 'The credential type. Valid values:'."\n" + ."\n" + .'- `api_key`: The credential is an API key.'."\n" + ."\n" + .'- `oauth_client`: The credential represents an OAuth client.', 'type' => 'string', 'title' => '', 'example' => 'api_key'], + 'credentialCreationType' => ['description' => 'Indicates how the credential was created. Valid values:'."\n" + ."\n" + .'- `system_init`: System-initiated.'."\n" + ."\n" + .'- `user_custom`: User-created.', 'type' => 'string', 'title' => '', 'example' => 'user_custom'], + 'description' => ['description' => 'The credential description.', 'type' => 'string', 'title' => '', 'example' => 'credential_description'], + 'createTime' => ['description' => 'The creation time of the credential, formatted as a Unix timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1649830225000'], + 'updateTime' => ['description' => 'The last update time of the credential, formatted as a Unix timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1649830227000'], + 'credentialContent' => [ + 'description' => 'The detailed content of the credential. The structure of this object depends on the value of `credentialType`.', + 'type' => 'object', + 'properties' => [ + 'oauthClientContent' => [ + 'description' => 'Contains details for an OAuth client credential. Returned only when `credentialType` is `oauth_client`.', + 'type' => 'object', + 'properties' => [ + 'clientId' => ['description' => 'The `client_id` for OAuth 2.0.', 'type' => 'string', 'title' => '', 'example' => 'dmvncmxersdxxxxxx'], + 'clientSecret' => ['description' => 'The `client_secret` for OAuth 2.0.', 'type' => 'string', 'title' => '', 'example' => 'nsklnertyt5ddwizncxxxx'], + ], + 'title' => '', + 'example' => '', + ], + 'apiKeyContent' => [ + 'type' => 'object', + 'properties' => [ + 'apiKey' => ['description' => 'The API key value.', 'type' => 'string', 'title' => '', 'example' => 'sk-nsklncmwizncxxxx'."\n"], + ], + 'description' => 'Contains details for an API key credential. Returned only when `credentialType` is `api_key`.', + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', ], + 'credentialSharingScope' => ['description' => 'The sharing scope of the credential, such as whether it is exclusive to a specific account.', 'type' => 'string', 'example' => 'user_exclusive', 'title' => ''], + 'exclusiveUserId' => ['description' => 'The ID of the account that exclusively owns the credential. This field is present only when `credentialSharingScope` is `user_exclusive`.', 'type' => 'string', 'example' => 'user_xxx', 'title' => ''], + 'credentialExternalId' => ['type' => 'string', 'description' => '', 'title' => '', 'example' => ''], ], + 'description' => 'The details of the credential.', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"userId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\"\\n}","type":"json"}]', - 'title' => 'GetUserIdByPhoneNumber', - ], - 'GetUserIdByUserExternalId' => [ - 'summary' => 'Queries the ID of an Employee Identity and Access Management (EIAM) account based on the external ID.', - 'path' => '/v2/{instanceId}/{applicationId}/users/_/actions/getUserIdByExternalId', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'ObtainCredential', + 'description' => 'This API uses an access token from IDaaS for authentication and authorization.'."\n" + ."\n" + .'The access token must have permissions to obtain static credentials for the built-in privileged access management (PAM) application in IDaaS.'."\n" + ."\n" + .'> The required scope is `urn:cloud:idaas:pam|credential:obtain`.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"credentialId\\": \\"cred_mkv7rgt4d7i4u7zqtzev2mxxxx\\",\\n \\"status\\": \\"enabled\\",\\n \\"credentialIdentifier\\": \\"credential_identifier_test\\",\\n \\"credentialName\\": \\"credential_name\\",\\n \\"credentialSubjectType\\": \\"authentication_token_provider\\",\\n \\"credentialSubjectId\\": \\"apt_werthgfdsasffxxxxx\\",\\n \\"credentialScenarioLabel\\": \\"llm\\",\\n \\"credentialType\\": \\"api_key\\",\\n \\"credentialCreationType\\": \\"user_custom\\",\\n \\"description\\": \\"credential_description\\",\\n \\"createTime\\": 1649830225000,\\n \\"updateTime\\": 1649830227000,\\n \\"credentialContent\\": {\\n \\"oauthClientContent\\": {\\n \\"clientId\\": \\"dmvncmxersdxxxxxx\\",\\n \\"clientSecret\\": \\"nsklnertyt5ddwizncxxxx\\"\\n },\\n \\"apiKeyContent\\": {\\n \\"apiKey\\": \\"sk-nsklncmwizncxxxx\\\\n\\"\\n }\\n },\\n \\"credentialSharingScope\\": \\"user_exclusive\\",\\n \\"exclusiveUserId\\": \\"user_xxx\\",\\n \\"credentialExternalId\\": \\"\\"\\n}","type":"json"}]', + ], + 'ObtainJwtAuthenticationToken' => [ + 'path' => '/v2/{instanceId}/authenticationTokens/_/actions/obtainJwt', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'consumes' => ['application/json'], + 'produces' => ['application/json'], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'none', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息,格式:Bearer access_token', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer AT8csE2seYxxxxxij', - ], + 'schema' => ['description' => 'The authentication credential. The format is `Bearer ${access_token}`.'."\n" + ."\n" + .'> Use an access token issued by IDaaS.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'Bearer xxxxxx'], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - ], - [ - 'name' => 'applicationId', - 'in' => 'path', - 'schema' => [ - 'title' => '应用ID', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The ID of the instance.', 'type' => 'string', 'required' => true, 'maxLength' => 64, 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], ], [ 'name' => 'body', 'in' => 'body', 'style' => 'json', 'schema' => [ - 'description' => 'The request body.'."\n", 'type' => 'object', 'properties' => [ - 'userExternalId' => [ - 'title' => '账户外部ID', - 'description' => 'The external ID of the account.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'xxx001', - ], - 'userSourceType' => [ - 'title' => '账户来源类型, 取值可选范围: build_in(自建), ding_talk(钉钉导入),ad(AD导入),ldap(LDAP导入)', - 'description' => 'The source type of the account. Valid values:'."\n" - ."\n" - .'* build_in: The account was created in Identity as a Service (IDaaS).'."\n" - .'* ding_talk: The account was imported from DingTalk.'."\n" - .'* ad: The account was imported from Microsoft Active Directory (AD).'."\n" - .'* ldap: The account was imported from a Lightweight Directory Access Protocol (LDAP) service.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'build_in', - ], - 'userSourceId' => [ - 'title' => '账户来源ID,自建类型(build_in)值为实例ID,非自建类型,为对应企业ID,比如钉钉,对应的corpId', - 'description' => 'The source ID of the account. If the account was created in IDaaS, its source ID is the ID of the IDaaS instance. If the account was imported, its source ID is the enterprise ID in the source. For example, if the account was imported from DingTalk, its source ID is the corpId value of the enterprise in DingTalk.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'consumerId' => ['description' => 'The ID of the authentication token consumer.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'test_jwt_subject'], + 'authenticationTokenId' => ['description' => 'The ID of the authentication token.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'atntkn_01kqflm0sxxx8nmdc1cb5dskxxxxx'], ], + 'description' => 'The request body.', 'required' => false, + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => '响应结果', - 'description' => 'The response parameters.'."\n", + 'title' => '', 'type' => 'object', 'properties' => [ - 'userId' => [ - 'title' => '账户ID', - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', + 'instanceId' => ['description' => 'The ID of the instance.', 'type' => 'string', 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], + 'authenticationTokenId' => ['description' => 'The ID of the authentication token.', 'type' => 'string', 'title' => '', 'example' => 'atntkn_01kqflm0sxxx8nmdc1cb5dskxxxxx'], + 'credentialProviderId' => ['description' => 'The ID of the credential provider.', 'type' => 'string', 'title' => '', 'example' => 'atp_01kr2cmj5gxxx4fvmls2e93dxxxxx'], + 'createTime' => ['description' => 'The creation time of the authentication token, provided as a Unix timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1649830225000'], + 'updateTime' => ['description' => 'The time the authentication token was last updated, provided as a Unix timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1649830225000'], + 'authenticationTokenType' => ['description' => 'The type of the authentication token.'."\n" + ."\n" + .'> The value is always `jwt`, indicating a JWT-based authentication token.', 'type' => 'string', 'title' => '', 'example' => 'jwt'], + 'revoked' => ['description' => 'Indicates whether the authentication token has been revoked.', 'type' => 'boolean', 'title' => '', 'example' => 'false'], + 'creatorType' => ['description' => 'The type of the entity that created the authentication token. Valid value:'."\n" + ."\n" + .'- `application`: The token was created by an application.', 'type' => 'string', 'title' => '', 'example' => 'application'], + 'creatorId' => ['description' => 'The ID of the authentication token\'s creator.', 'type' => 'string', 'title' => '', 'example' => 'app_ngtkgrrxxxxktg5eao6z4xxxxx'], + 'consumerType' => ['description' => 'The type of entity that consumes the authentication token. Valid values:'."\n" + ."\n" + .'- `application`: The token is consumed by an application.'."\n" + ."\n" + .'- `custom`: Indicates a user-defined consumer.', 'type' => 'string', 'title' => '', 'example' => 'custom'], + 'consumerId' => ['description' => 'The ID of the authentication token consumer.', 'type' => 'string', 'title' => '', 'example' => 'test_jwt_subject'], + 'expirationTime' => ['description' => 'The expiration time of the authentication token, provided as a Unix timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1772693568000'], + 'jwtContent' => [ + 'type' => 'object', + 'properties' => [ + 'jwtValue' => ['description' => 'The JWT content.', 'type' => 'string', 'title' => '', 'example' => 'eyJhbGciOixxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'], + 'derivedShortToken' => ['description' => 'A short token derived from the JWT.', 'type' => 'string', 'title' => '', 'example' => 'sk-Nx2vzxxxxxxxxxxxxxxxxx'], + ], + 'title' => '', + 'description' => 'The content of the JWT-based authentication token.', + 'example' => '', ], ], + 'description' => 'The details of the JWT authentication token.', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"userId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\"\\n}","type":"json"}]', - 'title' => 'GetUserIdByUserExternalId', - ], - 'GetUserIdByUsername' => [ - 'summary' => 'Queries the ID of an Employee Identity and Access Management (EIAM) account based on the username.', - 'path' => '/v2/{instanceId}/{applicationId}/users/_/actions/getUserIdByUsername', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'ObtainJwtAuthenticationToken', + 'summary' => 'Obtains a JWT authentication token.', + 'description' => 'This API requires an access token issued by IDaaS for authentication and authorization.'."\n" + ."\n" + .'The provided access token must have permission to obtain authentication tokens for the built-in privileged access management (PAM) application in IDaaS.'."\n" + ."\n" + .'> The corresponding scope is `urn:cloud:idaas:pam|authentication_token:obtain`.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"authenticationTokenId\\": \\"atntkn_01kqflm0sxxx8nmdc1cb5dskxxxxx\\",\\n \\"credentialProviderId\\": \\"atp_01kr2cmj5gxxx4fvmls2e93dxxxxx\\",\\n \\"createTime\\": 1649830225000,\\n \\"updateTime\\": 1649830225000,\\n \\"authenticationTokenType\\": \\"jwt\\",\\n \\"revoked\\": false,\\n \\"creatorType\\": \\"application\\",\\n \\"creatorId\\": \\"app_ngtkgrrxxxxktg5eao6z4xxxxx\\",\\n \\"consumerType\\": \\"custom\\",\\n \\"consumerId\\": \\"test_jwt_subject\\",\\n \\"expirationTime\\": 1772693568000,\\n \\"jwtContent\\": {\\n \\"jwtValue\\": \\"eyJhbGciOixxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\\",\\n \\"derivedShortToken\\": \\"sk-Nx2vzxxxxxxxxxxxxxxxxx\\"\\n }\\n}","type":"json"}]', + ], + 'ObtainJwtAuthenticationTokenByDerivedShortToken' => [ + 'summary' => 'Obtain a JWT authentication token using a derived short token.', + 'path' => '/v2/{instanceId}/authenticationTokens/_/actions/obtainJwtByDerivedShortToken', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'consumes' => ['application/json'], + 'produces' => ['application/json'], + 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'none', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ - 'name' => 'Authorization', - 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. Format: Bearer ${access_token}. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], - ], - [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - ], - [ - 'name' => 'applicationId', - 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'Instance ID.', 'type' => 'string', 'required' => true, 'maxLength' => 64, 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], ], [ 'name' => 'body', 'in' => 'body', 'style' => 'json', 'schema' => [ - 'description' => 'The request body.'."\n", 'type' => 'object', 'properties' => [ - 'username' => [ - 'title' => '账户名。', - 'description' => 'The username of the account.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'username_001', - ], + 'derivedShortToken' => ['description' => 'Derived short token for the JWT authentication token.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'sk-Nx2vzxxxxxxxxxxxxxxxxx'], ], + 'description' => 'Request body.', 'required' => false, + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => '响应结果', - 'description' => 'The response parameters.'."\n", + 'title' => '', 'type' => 'object', 'properties' => [ - 'userId' => [ - 'title' => '账户ID。', - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', + 'instanceId' => ['description' => 'Instance ID.', 'type' => 'string', 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], + 'authenticationTokenId' => ['description' => 'Authentication token ID.', 'type' => 'string', 'title' => '', 'example' => 'atntkn_01kqflm0sxxx8nmdc1cb5dskxxxxx'], + 'credentialProviderId' => ['description' => 'Credential provider ID.', 'type' => 'string', 'title' => '', 'example' => 'atp_01kr2cmj5gxxx4fvmls2e93dxxxxx'], + 'createTime' => ['description' => 'Creation time of the authentication token, as a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1649830225000'], + 'updateTime' => ['description' => 'Last update time of the authentication token, as a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1649830225000'], + 'authenticationTokenType' => ['description' => 'Type of the authentication token.'."\n" + ."\n" + .'> The value is always `jwt`, indicating a JWT authentication token.', 'type' => 'string', 'title' => '', 'example' => 'jwt'], + 'revoked' => ['description' => 'Indicates whether the authentication token is revoked.', 'type' => 'boolean', 'title' => '', 'example' => 'false'], + 'creatorType' => ['description' => 'Type of the authentication token creator. Valid values:'."\n" + ."\n" + .'- application', 'type' => 'string', 'title' => '', 'example' => 'application'], + 'creatorId' => ['description' => 'ID of the authentication token creator.', 'type' => 'string', 'title' => '', 'example' => 'app_ngtkgrrxxxxktg5eao6z4xxxxx'], + 'consumerType' => ['description' => 'Type of the authentication token consumer. Valid values:'."\n" + ."\n" + .'- application'."\n" + ."\n" + .'- custom', 'type' => 'string', 'title' => '', 'example' => 'custom'], + 'consumerId' => ['description' => 'ID of the authentication token consumer.', 'type' => 'string', 'title' => '', 'example' => 'test_jwt_subject'], + 'expirationTime' => ['description' => 'Expiration time of the authentication token, as a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1772693568000'], + 'jwtContent' => [ + 'type' => 'object', + 'properties' => [ + 'jwtValue' => ['description' => 'JWT content.', 'type' => 'string', 'title' => '', 'example' => 'eyJhbGciOixxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'], + 'derivedShortToken' => ['description' => 'Derived short token for the JWT.', 'type' => 'string', 'title' => '', 'example' => 'sk-Nx2vzxxxxxxxxxxxxxxxxx'], + ], + 'title' => '', + 'description' => 'Content of the JWT authentication token.', + 'example' => '', ], ], + 'description' => 'Details of the JWT authentication token.', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"userId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\"\\n}","type":"json"}]', - 'title' => 'GetUserIdByUsername', - ], - 'SetUserPrimaryOrganizationalUnit' => [ - 'summary' => '将指定组织设置为账户主组织,移除旧主组织,加入新主组织。', - 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/setUserPrimaryOrganizationalUnit', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'ObtainJwtAuthenticationTokenByDerivedShortToken', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"authenticationTokenId\\": \\"atntkn_01kqflm0sxxx8nmdc1cb5dskxxxxx\\",\\n \\"credentialProviderId\\": \\"atp_01kr2cmj5gxxx4fvmls2e93dxxxxx\\",\\n \\"createTime\\": 1649830225000,\\n \\"updateTime\\": 1649830225000,\\n \\"authenticationTokenType\\": \\"jwt\\",\\n \\"revoked\\": false,\\n \\"creatorType\\": \\"application\\",\\n \\"creatorId\\": \\"app_ngtkgrrxxxxktg5eao6z4xxxxx\\",\\n \\"consumerType\\": \\"custom\\",\\n \\"consumerId\\": \\"test_jwt_subject\\",\\n \\"expirationTime\\": 1772693568000,\\n \\"jwtContent\\": {\\n \\"jwtValue\\": \\"eyJhbGciOixxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\\",\\n \\"derivedShortToken\\": \\"sk-Nx2vzxxxxxxxxxxxxxxxxx\\"\\n }\\n}","type":"json"}]', + ], + 'PatchGroup' => [ + 'summary' => 'Modifies information about an Employee Identity and Access Management (EIAM) group.', + 'path' => '/v2/{instanceId}/{applicationId}/groups/{groupId}', + 'methods' => ['patch'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'write', 'deprecated' => false, 'systemTags' => [ 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaas7VNWU7'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['title' => '', 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx'], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['title' => '', 'description' => 'The instance ID.'."\n", 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['title' => '', 'description' => 'The application ID.'."\n", 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx'], ], [ - 'name' => 'userId', + 'name' => 'groupId', 'in' => 'path', - 'schema' => [ - 'title' => '账户ID', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], + 'schema' => ['title' => '', 'description' => 'The group ID.'."\n", 'type' => 'string', 'required' => true, 'example' => 'group_xxx001'], ], [ 'name' => 'body', 'in' => 'body', 'style' => 'json', 'schema' => [ - 'description' => '', + 'description' => 'The request body.'."\n", 'type' => 'object', 'properties' => [ - 'organizationalUnitId' => [ - 'title' => '主组织ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], + 'groupName' => ['title' => '', 'description' => 'The group name.'."\n", 'type' => 'string', 'required' => false, 'example' => 'name001'], ], 'required' => false, + 'title' => '', + 'example' => '', ], ], ], @@ -3687,515 +3744,361 @@ 200 => [], ], 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', - 'title' => 'SetUserPrimaryOrganizationalUnit', - ], - 'AddUserToOrganizationalUnits' => [ - 'summary' => '将账户加入多个组织', - 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/addUserToOrganizationalUnits', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'PatchGroup', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + ], + 'PatchOrganizationalUnit' => [ + 'summary' => 'Modifies an EIAM organizational unit.', + 'path' => '/v2/{instanceId}/{applicationId}/organizationalUnits/{organizationalUnitId}', + 'methods' => ['patch'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'readAndWrite', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaas3S4NKL'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'userId', + 'name' => 'organizationalUnitId', 'in' => 'path', - 'schema' => [ - 'title' => '账户ID', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], + 'schema' => ['description' => 'The ID of the organizational unit.', 'type' => 'string', 'required' => true, 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], ], [ 'name' => 'body', 'in' => 'body', 'style' => 'json', 'schema' => [ - 'description' => '', + 'description' => 'The request body.', 'type' => 'object', 'properties' => [ - 'organizationalUnitIds' => [ - 'title' => '组织ID列表。', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', - ], - 'required' => true, - 'example' => '[ou_wovwffm62xifdziem7an7xxxxx]', - ], + 'organizationalUnitName' => ['description' => 'The name of the organizational unit.', 'type' => 'string', 'example' => 'name001', 'title' => '', 'required' => false], + 'description' => ['description' => 'The description of the organizational unit.', 'type' => 'string', 'example' => '测试组织', 'title' => '', 'required' => false], ], 'required' => false, + 'example' => 'ou_xxx001', + 'title' => '', ], ], ], 'responses' => [ 200 => [], ], + 'title' => 'PatchOrganizationalUnit', + 'description' => 'The operation conforms to the HTTP PATCH request method. The value of a parameter is modified only if the parameter is specified in the request.', + 'responseParamsDescription' => '> If the request was successful, the HTTP status code 200 is returned by default.', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid\\_token | Access token is not valid | token无效|'."\n" + .'| 400 | OrganizationUnitIdNotInScopes | organizationUnitId : ou_wovwffm62xifdziem7an7xxxxx not in provisioning scope! | 组织不在同步范围内|'."\n" + .'| 400 | ResourceDuplicated.OrganizationalUnitName | The specified OrganizationalUnitName resource: xxx already exist! | 组织名称已存在|'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:organizational_unit:manage_all] | 缺少API授权信息 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', ], - 'RemoveUserFromOrganizationalUnits' => [ - 'summary' => '将账户从多个组织移除【不支持移除主组织】', - 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/removeUserFromOrganizationalUnits', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'PatchUser' => [ + 'summary' => 'Modifies an Employee Identity and Access Management (EIAM) account.', + 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}', + 'methods' => ['patch'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'operationType' => 'readAndWrite', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasCRU1S2'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['description' => 'The authentication information. The value is in the Bearer ${access\\_token} format. Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer AT8csE2seYxxxxxij', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ 'name' => 'userId', 'in' => 'path', - 'schema' => [ - 'title' => '账户ID', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], + 'schema' => ['description' => 'The account ID.', 'type' => 'string', 'required' => true, 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], ], [ 'name' => 'body', 'in' => 'body', 'style' => 'json', 'schema' => [ - 'description' => '', + 'description' => 'The request body.', 'type' => 'object', 'properties' => [ - 'organizationalUnitIds' => [ - 'title' => '组织ID列表。', - 'description' => '', + 'username' => ['description' => 'The name of the account.', 'type' => 'string', 'example' => 'name001', 'title' => '', 'required' => false], + 'displayName' => ['description' => 'The display name of the account.', 'type' => 'string', 'example' => 'display_name001', 'title' => '', 'required' => false], + 'phoneRegion' => ['description' => 'The country code of the mobile number. For example, the country code of China is 86 without 00 or +. This parameter is required if a mobile number is specified.', 'type' => 'string', 'example' => '86', 'title' => '', 'required' => false], + 'phoneNumber' => ['description' => 'The mobile number.', 'type' => 'string', 'example' => '156xxxxxxx', 'title' => '', 'required' => false], + 'phoneNumberVerified' => ['description' => 'Specifies whether the mobile number is verified. This field is required if a mobile number is specified. If you have no special requirement, set this parameter to true.', 'type' => 'boolean', 'example' => 'true', 'title' => '', 'required' => false], + 'email' => ['description' => 'The email address.', 'type' => 'string', 'example' => 'example@example.com', 'title' => '', 'required' => false], + 'emailVerified' => ['description' => 'Specifies whether the email address is verified. This field is required if an email address is specified. If you have no special requirement, set this parameter to true.', 'type' => 'boolean', 'example' => 'true', 'title' => '', 'required' => false], + 'customFields' => [ + 'title' => '', + 'description' => 'The extended fields of the account.', 'type' => 'array', 'items' => [ - 'description' => '', - 'type' => 'string', + 'description' => 'The extended field.', + 'type' => 'object', + 'properties' => [ + 'operator' => ['description' => 'The type of the operation. This parameter is deprecated. Replace it with operation.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'replace', 'title' => ''], + 'fieldName' => ['description' => 'The name of the extended field. For more information about the type and valid values of the extended field, see the detailed description of the extended field in the IDaaS console.', 'type' => 'string', 'example' => 'age', 'title' => '', 'required' => false], + 'fieldValue' => ['description' => 'The value of the extended field.', 'type' => 'string', 'example' => 'test_value', 'title' => '', 'required' => false], + 'operation' => ['description' => 'The operation to be performed on the field. Valid values:'."\n" + ."\n" + .'- add'."\n" + ."\n" + .'- replace If you leave the value of the extended field empty, the replace operation is converted to an add operation.'."\n" + ."\n" + .'- remove', 'type' => 'string', 'required' => false, 'example' => 'replace', 'title' => ''], + ], 'required' => false, - 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', + 'title' => '', + 'example' => '', ], - 'required' => true, - 'example' => '[ou_wovwffm62xifdziem7an7xxxxx]', + 'required' => false, + 'example' => '', ], ], 'required' => false, + 'example' => 'user_001', + 'title' => '', ], ], ], 'responses' => [ 200 => [], ], + 'title' => 'PatchUser', + 'description' => 'The operation conforms to the HTTP PATCH request method. The value of a parameter is modified only if the parameter is specified in the request.', + 'extraInfo' => '### 错误码'."\n" + .'| HttpCode | Error Code | 错误信息 | 说明 |'."\n" + .'| ---- | ---- | ---- | ---- |'."\n" + .'| 400 | invalid\\_token | Access token is not valid | token无效|'."\n" + .'| 400 | MissingParameter.xxxx | The specified parameter:xxx is required! | 缺少xxxx参数 |'."\n" + .'| 400 | InvalidParameter.xxxx | The specified parameter:xxxx is required! | xxxx参数无效 |'."\n" + .'| 404 | ResourceNotFound.User | The specified User resource: user_d6sbsuumeta4h66ec3il7yxxxx not found. | 账户不存在 |'."\n" + .'| 404 | application\\_not\\_found | Application id not found: app_mkv7rgt4d7i4u7zqtzev2mxxxx | 应用不存在 |'."\n" + .'| 403 | application\\_disabled | Application is disabled| 应用处于禁用状态 |'."\n" + .'| 403 | application\\_api\\_disabled | Application api invoke disabled| 应用API未开放 |'."\n" + .'| 403 | permission\\_denied | Require scopes: [urn:alibaba:idaas:scope:user:manager_all] | 缺少API授权信息 |'."\n" + .'| 500 | Internal Server Error | Internal Server Error | 服务器内部错误|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', ], - 'ListGroupsForUser' => [ - 'summary' => '获取账户关联组列表', - 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/listGroupsForUser', - 'methods' => [ - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'ReinstateAuthenticationToken' => [ + 'summary' => 'Reinstate an authentication token.', + 'path' => '/v2/{instanceId}/authenticationTokens/_/actions/reinstate', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'Anonymous' => [], ], ], - 'operationType' => 'read', + 'consumes' => ['application/json'], + 'produces' => ['application/json'], + 'operationType' => 'write', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', - 'riskType' => 'none', + 'operationType' => 'none', + 'riskType' => 'high', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREidaasY4QW79', - ], + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}.'."\n" + ."\n" + .'> Enter an IDaaS-issued Access Token.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'Bearer xxxxxx'], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - ], - [ - 'name' => 'applicationId', - 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], - ], - [ - 'name' => 'userId', - 'in' => 'path', - 'schema' => [ - 'title' => '组ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'maxLength' => 64, 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], ], [ - 'name' => 'nextToken', - 'in' => 'query', - 'schema' => [ - 'title' => 'nextToken', - 'description' => 'nextToken', - 'type' => 'string', - 'required' => false, - 'example' => 'NTxxx', - ], - ], - [ - 'name' => 'maxResults', - 'in' => 'query', - 'schema' => [ - 'title' => '单页大小,默认20', - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '20', - ], - ], - ], - 'responses' => [ - 200 => [ + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => 'DeveloperNextTokenResponse', - 'description' => 'DeveloperNextTokenResponse', 'type' => 'object', 'properties' => [ - 'totalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1000', - ], - 'data' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'instanceId' => [ - 'title' => '实例ID', - 'description' => '', - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'groupId' => [ - 'title' => '账户ID', - 'description' => '', - 'type' => 'string', - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], - 'groupMemberRelationSourceType' => [ - 'title' => '账户成员关系来源类型', - 'description' => '', - 'type' => 'string', - 'example' => 'build_in', - ], - 'groupMemberRelationSourceId' => [ - 'title' => '账户成员关系来源ID', - 'description' => '', - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - ], - ], - ], - 'nextToken' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'NTxxx', - ], - 'maxResults' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '20', - ], + 'token' => ['description' => 'The original authentication token.'."\n" + ."\n" + .'> You can pass either the original authentication token or its derived short token.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'eyJhbGciOixxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'], + 'token_type_hint' => ['description' => 'A hint about the authentication token type.'."\n" + ."\n" + .'><notice>'."\n" + ."\n" + .'Do not provide a value for this parameter.'."\n" + ."\n" + .'></notice>', 'type' => 'string', 'title' => '', 'required' => false, 'example' => '-'], ], + 'description' => 'The request body.', + 'required' => false, + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"totalCount\\": 1000,\\n \\"data\\": [\\n {\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"groupId\\": \\"user_d6sbsuumeta4h66ec3il7yxxxx\\",\\n \\"groupMemberRelationSourceType\\": \\"build_in\\",\\n \\"groupMemberRelationSourceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\"\\n }\\n ],\\n \\"nextToken\\": \\"NTxxx\\",\\n \\"maxResults\\": 20\\n}","type":"json"}]', - ], - 'GetGroup' => [ - 'summary' => 'Queries the details of a group.', - 'path' => '/v2/{instanceId}/{applicationId}/groups/{groupId}', - 'methods' => [ - 'get', + 'responses' => [ + 200 => [], ], - 'schemes' => [ - 'http', - 'https', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'ReinstateAuthenticationToken', + 'description' => 'This API uses an IDaaS-issued Access Token for identity authentication and authorization.'."\n" + ."\n" + .'Ensure that the Access Token you provide has the Manage authentication tokens permission for the IDaaS built-in Privileged Access Management (PAM) application.'."\n" + ."\n" + .'> The required scope is `urn:cloud:idaas:pam|authentication_token:manage`.'."\n" + ."\n" + .'><notice>'."\n" + ."\n" + .'Only JWT authentication tokens support this operation.'."\n" + ."\n" + .'></notice>', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', + ], + 'ReinstateAuthenticationTokenByConsumer' => [ + 'path' => '/v2/{instanceId}/authenticationTokens/_/actions/reinstateByConsumer', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'Anonymous' => [], ], ], - 'operationType' => 'read', + 'consumes' => ['application/json'], + 'produces' => ['application/json'], + 'operationType' => 'write', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', - 'riskType' => 'none', + 'operationType' => 'none', + 'riskType' => 'high', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREidaas1LGU5E', - ], + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['description' => 'The authentication information. Format: Bearer ${access\\_token}.'."\n" + ."\n" + .'> Enter the Access Token issued by IDaaS.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'Bearer xxxxxx'], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'maxLength' => 64, 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], ], [ - 'name' => 'applicationId', - 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], - ], - [ - 'name' => 'groupId', - 'in' => 'path', - 'schema' => [ - 'title' => '组ID。', - 'description' => 'The group ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'group_wovwffm62xifdziem7an7xxxxx', - ], - ], - ], - 'responses' => [ - 200 => [ + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => 'DeveloperGroupDTO', - 'description' => 'DeveloperGroupDTO'."\n", 'type' => 'object', 'properties' => [ - 'instanceId' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'groupId' => [ - 'title' => '组ID。', - 'description' => 'The group ID.'."\n", - 'type' => 'string', - 'example' => 'group_ufdsasn35ea5lmthk267xxxxx', - ], - 'groupName' => [ - 'title' => '组名称。', - 'description' => 'The group name.'."\n", - 'type' => 'string', - 'example' => 'name_test', - ], - 'description' => [ - 'title' => '组描述。', - 'description' => 'The group description.'."\n", - 'type' => 'string', - 'example' => 'description_demo', - ], - 'groupExternalId' => [ - 'title' => '组外部标识。', - 'description' => 'The external ID of the group.'."\n", - 'type' => 'string', - 'example' => 'group_ufdsasn35ea5lmthk267xxxxx', - ], - 'groupSourceType' => [ - 'title' => '组来源类型,build_in[自建],ding_talk[钉钉导入],ad[AD导入],ldap[LDAP导入]。', - 'description' => 'The source type of the group. Valid values: build_in, ding_talk, ad, and ldap.'."\n", - 'type' => 'string', - 'example' => 'build_in', - ], - 'groupSourceId' => [ - 'title' => '组来源ID。', - 'description' => 'The source ID of the group.'."\n", - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'createTime' => [ - 'title' => '组创建时间, Unix时间戳格式,单位为毫秒。', - 'description' => 'The time when the group was created. The value is a UNIX timestamp. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], - 'updateTime' => [ - 'title' => '组最近一次更新时间,Unix时间戳格式,单位为毫秒。', - 'description' => 'The time when the group was last updated. The value is a UNIX timestamp. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], + 'consumerId' => ['description' => 'The ID of the authentication token consumer.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'test_jwt_subject'], + 'credentialProviderIdentifier' => ['description' => 'The credential provider identifier.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'test_example_identifier'], ], + 'description' => 'The request body.', + 'required' => false, + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"groupId\\": \\"group_ufdsasn35ea5lmthk267xxxxx\\",\\n \\"groupName\\": \\"name_test\\",\\n \\"description\\": \\"description_demo\\",\\n \\"groupExternalId\\": \\"group_ufdsasn35ea5lmthk267xxxxx\\",\\n \\"groupSourceType\\": \\"build_in\\",\\n \\"groupSourceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"createTime\\": 1652085686179,\\n \\"updateTime\\": 1652085686179\\n}","type":"json"}]', - 'title' => 'GetGroup', - ], - 'CreateGroup' => [ - 'summary' => 'Creates a group.', - 'path' => '/v2/{instanceId}/{applicationId}/groups', - 'methods' => [ - 'post', + 'responses' => [ + 200 => [], ], - 'schemes' => [ - 'http', - 'https', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'ReinstateAuthenticationTokenByConsumer', + 'summary' => 'Reinstate an authentication token for a consumer.', + 'description' => 'This API uses an access token issued by IDaaS to perform identity authentication and authorization.'."\n" + ."\n" + .'Ensure that the provided access token is authorized to access the Manage Authentication Token feature in the IDaaS built-in PAM (Privileged Access Management) application.'."\n" + ."\n" + .'> The corresponding scope is `urn:cloud:idaas:pam|authentication_token:manage`.'."\n" + ."\n" + .'><notice>'."\n" + ."\n" + .'This operation supports only JWT-type authentication tokens.'."\n" + ."\n" + .'></notice>', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', + ], + 'RemoveUserFromOrganizationalUnits' => [ + 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/removeUserFromOrganizationalUnits', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], @@ -4204,106 +4107,73 @@ 'operationType' => 'write', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREidaas7VNWU7', - ], + 'abilityTreeNodes' => ['FEATUREidaas3S4NKL', 'FEATUREidaasCRU1S2'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['description' => 'The authorization credential for the request.'."\n" + .'Format: Bearer ${access\\_token}.'."\n" + .'Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], + ], + [ + 'name' => 'userId', + 'in' => 'path', + 'schema' => ['description' => 'The account ID.', 'type' => 'string', 'required' => true, 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], ], [ 'name' => 'body', 'in' => 'body', 'style' => 'json', 'schema' => [ - 'description' => 'The request body.'."\n", + 'description' => 'The request body.', 'type' => 'object', 'properties' => [ - 'groupName' => [ - 'title' => '组织名称。', - 'description' => 'The organization name.'."\n", - 'type' => 'string', + 'organizationalUnitIds' => [ + 'title' => '', + 'description' => 'The organizational unit IDs.', + 'type' => 'array', + 'items' => ['description' => 'The organizational unit ID.', 'type' => 'string', 'required' => false, 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], 'required' => true, - 'example' => 'name001', - ], - 'groupExternalId' => [ - 'title' => '外部ID。', - 'description' => 'The external ID.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'group_2bo6lefcewdausyyxxxx', + 'example' => '[ou_wovwffm62xifdziem7an7xxxxx]', ], ], 'required' => false, + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ - 200 => [ - 'schema' => [ - 'title' => 'GroupIdObject', - 'description' => 'GroupIdObject'."\n", - 'type' => 'object', - 'properties' => [ - 'groupId' => [ - 'title' => '组ID。', - 'description' => 'The group ID.'."\n", - 'type' => 'string', - 'example' => 'group_wovwffm62xifdziem7an7xxxxx', - ], - ], - ], - ], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"groupId\\": \\"group_wovwffm62xifdziem7an7xxxxx\\"\\n}","type":"json"}]', - 'title' => 'CreateGroup', - ], - 'PatchGroup' => [ - 'summary' => 'Modifies information about an Employee Identity and Access Management (EIAM) group.', - 'path' => '/v2/{instanceId}/{applicationId}/groups/{groupId}', - 'methods' => [ - 'patch', + 200 => [], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'RemoveUserFromOrganizationalUnits', + 'summary' => 'Removes an EIAM account from one or more EIAM organizational units. The operation succeeds even if the account is not in the specified organizational units.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', + ], + 'RemoveUsersFromGroup' => [ + 'summary' => 'Removes multiple Employee Identity and Access Management (EIAM) accounts from an EIAM group. If an account does not belong to the group, the removal succeeds by default.', + 'path' => '/v2/{instanceId}/{applicationId}/groups/{groupId}/actions/removeUsersFromGroup', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], @@ -4315,56 +4185,28 @@ 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREidaas7VNWU7', - ], + 'abilityTreeNodes' => ['FEATUREidaasIEJFYH'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['title' => '', 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx'], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['title' => '', 'description' => 'The instance ID.'."\n", 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['title' => '', 'description' => 'The application ID.'."\n", 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx'], ], [ 'name' => 'groupId', 'in' => 'path', - 'schema' => [ - 'title' => '组ID', - 'description' => 'The group ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'group_xxx001', - ], + 'schema' => ['title' => '', 'description' => 'The group ID.'."\n", 'type' => 'string', 'required' => true, 'example' => 'group_wovwffm62xifdziem7an7xxxxx'], ], [ 'name' => 'body', @@ -4374,15 +4216,18 @@ 'description' => 'The request body.'."\n", 'type' => 'object', 'properties' => [ - 'groupName' => [ - 'title' => '组名称', - 'description' => 'The group name.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'name001', + 'userIds' => [ + 'title' => '', + 'description' => 'The account IDs.'."\n", + 'type' => 'array', + 'items' => ['description' => 'The account ID.'."\n", 'type' => 'string', 'required' => false, 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx'."\n", 'title' => ''], + 'required' => true, + 'example' => '[user_d6sbsuumeta4h66ec3il7yxxxx}', ], ], 'required' => false, + 'title' => '', + 'example' => '', ], ], ], @@ -4390,395 +4235,309 @@ 200 => [], ], 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', - 'title' => 'PatchGroup', - ], - 'DeleteGroup' => [ - 'summary' => 'Deletes a group.', - 'path' => '/v2/{instanceId}/{applicationId}/groups/{groupId}', - 'methods' => [ - 'delete', - ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'RemoveUsersFromGroup', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + ], + 'RevokeAuthenticationToken' => [ + 'summary' => 'Revokes an authentication token.', + 'path' => '/v2/{instanceId}/authenticationTokens/_/actions/revoke', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'consumes' => ['application/json'], + 'produces' => ['application/json'], 'operationType' => 'write', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'delete', - 'riskType' => 'none', + 'operationType' => 'none', + 'riskType' => 'high', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREidaasJ7WKML', - 'FEATUREidaas7VNWU7', - ], + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['description' => 'Authentication information. Format: Bearer ${access\\_token}.'."\n" + ."\n" + .'> Enter the Access Token issued by IDaaS.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'Bearer xxxxxx'], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'Instance ID.', 'type' => 'string', 'required' => true, 'maxLength' => 64, 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], ], [ - 'name' => 'applicationId', - 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], - ], - [ - 'name' => 'groupId', - 'in' => 'path', + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => '组ID。', - 'description' => 'The group ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'group_wovwffm62xifdziem7an7xxxxx', + 'type' => 'object', + 'properties' => [ + 'token' => ['description' => 'Original authentication token.'."\n" + ."\n" + .'> You can pass either the original authentication token or a derived short token.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'eyJhbGciOixxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'], + 'token_type_hint' => ['description' => 'Authentication token type hint.'."\n" + ."\n" + .'><notice>'."\n" + ."\n" + .'Currently, no value is required.'."\n" + ."\n" + .'></notice>', 'type' => 'string', 'title' => '', 'required' => false, 'example' => '-'], + ], + 'description' => 'Request body.', + 'required' => false, + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [], ], + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'RevokeAuthenticationToken', + 'description' => 'This API uses an Access Token issued by IDaaS to perform identity authentication and authorization.'."\n" + ."\n" + .'Ensure that the Access Token is authorized to access the "Manage Authentication Tokens" feature of the built-in Privileged Access Management (PAM) application in IDaaS.'."\n" + ."\n" + .'> The corresponding scope is `urn:cloud:idaas:pam|authentication_token:manage`.'."\n" + ."\n" + .'><notice>'."\n" + ."\n" + .'This operation currently supports only JWT authentication tokens.'."\n" + ."\n" + .'></notice>', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', - 'title' => 'DeleteGroup', ], - 'ListGroups' => [ - 'summary' => 'Queries information about Employee Identity and Access Management (EIAM) groups by page.', - 'path' => '/v2/{instanceId}/{applicationId}/groups', - 'methods' => [ - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'RevokeAuthenticationTokenByConsumer' => [ + 'summary' => 'Revokes an authentication token for a consumer.', + 'path' => '/v2/{instanceId}/authenticationTokens/_/actions/revokeByConsumer', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'Anonymous' => [], ], ], - 'operationType' => 'read', + 'consumes' => ['application/json'], + 'produces' => ['application/json'], + 'operationType' => 'write', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'list', - 'riskType' => 'none', + 'operationType' => 'none', + 'riskType' => 'high', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREidaas1LGU5E', - ], + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['description' => 'Authentication information. Format: Bearer ${access\\_token}.'."\n" + ."\n" + .'> Enter the Access Token issued by IDaaS.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'Bearer xxxxxx'], ], [ 'name' => 'instanceId', 'in' => 'path', + 'schema' => ['description' => 'Instance ID.', 'type' => 'string', 'required' => true, 'maxLength' => 64, 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], + ], + [ + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', + 'type' => 'object', + 'properties' => [ + 'consumerId' => ['description' => 'Consumer ID of the authentication token.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'test_jwt_subject'], + 'credentialProviderIdentifier' => ['description' => 'Credential provider identifier.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'test_example_identifier'], + ], + 'description' => 'Request body.', + 'required' => false, + 'title' => '', + 'example' => '', ], ], + ], + 'responses' => [ + 200 => [], + ], + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'RevokeAuthenticationTokenByConsumer', + 'description' => 'This API uses an access token issued by IDaaS to authenticate and authorize requests.'."\n" + ."\n" + .'Make sure that the access token you provide has the \'Manage authentication tokens\' permission for the built-in Privileged Access Management (PAM) application in IDaaS.'."\n" + ."\n" + .'> The required scope is `urn:cloud:idaas:pam|authentication_token:manage`.'."\n" + ."\n" + .'><notice>'."\n" + ."\n" + .'This operation can revoke only JWT authentication tokens.'."\n" + ."\n" + .'></notice>', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', + ], + 'RevokeToken' => [ + 'path' => '/v2/{instanceId}/{applicationId}/oauth2/revoke', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'Anonymous' => [], + ], + ], + 'operationType' => 'readAndWrite', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'none', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREidaasJXI2A5'], + ], + 'parameters' => [ + [ + 'name' => 'instanceId', + 'in' => 'path', + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], + ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'groupNameStartWith', + 'name' => 'client_id', 'in' => 'query', - 'schema' => [ - 'title' => '组名称前缀', - 'description' => 'The prefix of the group name.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'group_xxx', - ], + 'schema' => ['description' => 'The client ID.', 'type' => 'string', 'required' => false, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'nextToken', + 'name' => 'client_secret', 'in' => 'query', - 'schema' => [ - 'title' => 'nextToken', - 'description' => 'nextToken'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'NTxxx', - ], + 'schema' => ['description' => 'The client secret.', 'type' => 'string', 'required' => false, 'example' => 'CSEHDcHcrUKHw1CuxkJEHPveWRXBGqVqRsxxxx', 'title' => ''], ], [ - 'name' => 'maxResults', + 'name' => 'token', + 'in' => 'query', + 'schema' => ['description' => 'The token to be revoked.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'ATxxxx'], + ], + [ + 'name' => 'token_type_hint', 'in' => 'query', 'schema' => [ - 'title' => '单页大小,默认20', - 'description' => 'The number of entries per page. Default value: 20.'."\n", - 'type' => 'integer', - 'format' => 'int32', + 'description' => 'The type of the token. Valid values: access\\_token refresh\\_token', + 'enumValueTitles' => ['access_token' => 'access\\_token', 'refresh_token' => 'refresh\\_token'], + 'type' => 'string', + 'title' => '', 'required' => false, - 'example' => '20', + 'example' => 'access_token', ], ], ], 'responses' => [ 200 => [ - 'schema' => [ - 'title' => 'DeveloperNextTokenResponse', - 'description' => 'DeveloperNextTokenResponse'."\n", - 'type' => 'object', - 'properties' => [ - 'totalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1000', - ], - 'data' => [ - 'description' => 'The returned data.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The returned data.'."\n", - 'type' => 'object', - 'properties' => [ - 'groupName' => [ - 'title' => '组名称。', - 'description' => 'The group name.'."\n", - 'type' => 'string', - 'example' => 'name_test', - ], - 'instanceId' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'createTime' => [ - 'title' => '组创建时间, Unix时间戳格式,单位为毫秒。', - 'description' => 'The time when the group was created. The value is a UNIX timestamp. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], - 'groupId' => [ - 'title' => '组ID。', - 'description' => 'The group ID.'."\n", - 'type' => 'string', - 'example' => 'group_ufdsasn35ea5lmthk267xxxxx', - ], - 'groupSourceType' => [ - 'title' => '组来源类型,build_in[自建],ding_talk[钉钉导入],ad[AD导入],ldap[LDAP导入]。', - 'description' => 'The source type of the group. Valid values: build_in, ding_talk, ad, and ldap.'."\n", - 'type' => 'string', - 'example' => 'build_in', - ], - 'description' => [ - 'title' => '组描述。', - 'description' => 'The group description.'."\n", - 'type' => 'string', - 'example' => 'description_demo', - ], - 'groupSourceId' => [ - 'title' => '组来源ID。', - 'description' => 'The source ID of the group.'."\n", - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'updateTime' => [ - 'title' => '组最近一次更新时间,Unix时间戳格式,单位为毫秒。', - 'description' => 'The time when the group was last updated. The value is a UNIX timestamp. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652085686179', - ], - 'groupExternalId' => [ - 'title' => '组外部标识。', - 'description' => 'The external ID of the group.'."\n", - 'type' => 'string', - 'example' => 'group_ufdsasn35ea5lmthk267xxxxx', - ], - ], - ], - ], - 'nextToken' => [ - 'description' => 'The start position of the query. If this parameter is left empty, the query starts from the beginning.'."\n", - 'type' => 'string', - 'example' => 'NTxxx', - ], - 'maxResults' => [ - 'description' => 'The maximum number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '20', - ], - ], - ], + 'schema' => ['title' => 'RevokeResponse', 'description' => 'The response parameters.', 'type' => 'object', 'example' => ''], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"totalCount\\": 1000,\\n \\"data\\": [\\n {\\n \\"groupName\\": \\"name_test\\",\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"createTime\\": 1652085686179,\\n \\"groupId\\": \\"group_ufdsasn35ea5lmthk267xxxxx\\",\\n \\"groupSourceType\\": \\"build_in\\",\\n \\"description\\": \\"description_demo\\",\\n \\"groupSourceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"updateTime\\": 1652085686179,\\n \\"groupExternalId\\": \\"group_ufdsasn35ea5lmthk267xxxxx\\"\\n }\\n ],\\n \\"nextToken\\": \\"NTxxx\\",\\n \\"maxResults\\": 20\\n}","type":"json"}]', - 'title' => 'ListGroups', - ], - 'AddUsersToGroup' => [ - 'summary' => 'Adds multiple Employee Identity and Access Management (EIAM) accounts to an EIAM group. If the accounts are already added to the specified group, no update is performed.', - 'path' => '/v2/{instanceId}/{applicationId}/groups/{groupId}/actions/addUsersToGroup', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'RevokeToken', + 'summary' => 'Revokes an access token or refresh token.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"test\\": \\"test\\",\\n \\"test2\\": 1\\n}","type":"json"}]', + ], + 'SetUserPrimaryOrganizationalUnit' => [ + 'summary' => 'Sets the primary organization for an EIAM account. This operation removes the account from the old primary organization and adds it to the new one.', + 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/setUserPrimaryOrganizationalUnit', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'readAndWrite', 'deprecated' => false, 'systemTags' => [ 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREidaasIEJFYH', - ], + 'abilityTreeNodes' => ['FEATUREidaasCRU1S2', 'FEATUREidaas3S4NKL'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['description' => 'The authentication information.'."\n" + .'Format: Bearer ${access\\_token}.'."\n" + .'Example: Bearer ATxxxx.', 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'groupId', + 'name' => 'userId', 'in' => 'path', - 'schema' => [ - 'title' => '组ID。', - 'description' => 'The group ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'group_wovwffm62xifdziem7an7xxxxx', - ], + 'schema' => ['description' => 'The account ID.', 'type' => 'string', 'required' => true, 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], ], [ 'name' => 'body', 'in' => 'body', 'style' => 'json', 'schema' => [ - 'description' => 'The request body.'."\n", + 'description' => 'The request body.', 'type' => 'object', 'properties' => [ - 'userIds' => [ - 'title' => '账户ID列表', - 'description' => 'The account IDs.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', - ], - 'required' => true, - 'example' => '[user_d6sbsuumeta4h66ec3il7yxxxx}', - ], + 'organizationalUnitId' => ['description' => 'The primary organization ID.', 'type' => 'string', 'required' => true, 'example' => 'ou_wovwffm62xifdziem7an7xxxxx', 'title' => ''], ], 'required' => false, + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [], ], + 'title' => 'SetUserPrimaryOrganizationalUnit', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', - 'title' => 'AddUsersToGroup', ], - 'RemoveUsersFromGroup' => [ - 'summary' => 'Removes multiple Employee Identity and Access Management (EIAM) accounts from an EIAM group. If an account does not belong to the group, the removal succeeds by default.', - 'path' => '/v2/{instanceId}/{applicationId}/groups/{groupId}/actions/removeUsersFromGroup', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'UpdateUserPassword' => [ + 'summary' => 'Updates the password for a specified EIAM account.', + 'path' => '/v2/{instanceId}/{applicationId}/users/{userId}/actions/updateUserPassword', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'Anonymous' => [], @@ -4788,266 +4547,148 @@ 'deprecated' => false, 'systemTags' => [ 'operationType' => 'update', - 'riskType' => 'none', + 'riskType' => 'high', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREidaasIEJFYH', - ], + 'abilityTreeNodes' => ['FEATUREidaasCRU1S2'], ], 'parameters' => [ [ 'name' => 'Authorization', 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], + 'schema' => ['description' => 'The authentication credential. Format: \\`Bearer ${access\\_token}\\`. Example: \\`Bearer ATxxxx\\`.', 'type' => 'string', 'required' => true, 'example' => 'Bearer xxxx', 'title' => ''], ], [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', 'title' => ''], ], [ 'name' => 'applicationId', 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], + 'schema' => ['description' => 'The application ID.', 'type' => 'string', 'required' => true, 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', 'title' => ''], ], [ - 'name' => 'groupId', + 'name' => 'userId', 'in' => 'path', - 'schema' => [ - 'title' => '组ID。', - 'description' => 'The group ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'group_wovwffm62xifdziem7an7xxxxx', - ], + 'schema' => ['description' => 'The account ID.', 'type' => 'string', 'required' => true, 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx', 'title' => ''], ], [ 'name' => 'body', 'in' => 'body', 'style' => 'json', 'schema' => [ - 'description' => 'The request body.'."\n", + 'description' => 'The request body.', 'type' => 'object', 'properties' => [ - 'userIds' => [ - 'title' => '账户ID列表', - 'description' => 'The account IDs.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'user_d6sbsuumeta4h66ec3il7yxxxx'."\n", - ], - 'required' => true, - 'example' => '[user_d6sbsuumeta4h66ec3il7yxxxx}', - ], + 'password' => ['description' => 'The new password. For the password requirements, see the password policy in the console.', 'type' => 'string', 'example' => 'xxxx', 'title' => '', 'required' => false], ], 'required' => false, + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [], ], + 'title' => 'UpdateUserPassword', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], 'responseDemo' => '[{"errorExample":"","example":"{}","type":"json"}]', - 'title' => 'RemoveUsersFromGroup', ], - 'ListUsersForGroup' => [ - 'summary' => 'Queries accounts in an Employee Identity and Access Management (EIAM) group.', - 'path' => '/v2/{instanceId}/{applicationId}/groups/{groupId}/actions/listUsersForGroup', - 'methods' => [ - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'ValidateAuthenticationToken' => [ + 'path' => '/v2/{instanceId}/authenticationTokens/_/actions/validate', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'Anonymous' => [], ], ], + 'consumes' => ['application/json'], + 'produces' => ['application/json'], 'operationType' => 'read', 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', - 'riskType' => 'none', + 'operationType' => 'none', + 'riskType' => 'high', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREidaasSNKQAN', - ], + 'abilityTreeNodes' => ['FEATUREidaasDPGRH1'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ - 'name' => 'Authorization', - 'in' => 'header', - 'schema' => [ - 'title' => '认证信息。'."\n" - .'格式:Bearer ${access_token}。'."\n" - .'示例:Bearer ATxxxx。', - 'description' => 'The authentication information. The value is in the Bearer ${access_token} format. Example: Bearer ATxxxx.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'Bearer xxxx', - ], - ], - [ 'name' => 'instanceId', 'in' => 'path', - 'schema' => [ - 'title' => '实例ID。', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - ], - [ - 'name' => 'applicationId', - 'in' => 'path', - 'schema' => [ - 'title' => '应用ID。', - 'description' => 'The application ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'app_mkv7rgt4d7i4u7zqtzev2mxxxx', - ], - ], - [ - 'name' => 'groupId', - 'in' => 'path', - 'schema' => [ - 'title' => '组ID。', - 'description' => 'The group ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'group_wovwffm62xifdziem7an7xxxxx', - ], - ], - [ - 'name' => 'nextToken', - 'in' => 'query', - 'schema' => [ - 'title' => 'nextToken', - 'description' => 'nextToken'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'NTxxx', - ], + 'schema' => ['description' => 'The instance ID.', 'type' => 'string', 'required' => true, 'maxLength' => 64, 'title' => '', 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx'], ], [ - 'name' => 'maxResults', - 'in' => 'query', + 'name' => 'body', + 'in' => 'body', + 'style' => 'json', 'schema' => [ - 'title' => '单页大小,默认20', - 'description' => 'The number of entries per page. Default value: 20.'."\n", - 'type' => 'integer', - 'format' => 'int32', + 'type' => 'object', + 'properties' => [ + 'token' => ['description' => 'The original authentication token.'."\n" + ."\n" + .'> Pass either the original authentication token or a derived short token.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'eyJhbGciOixxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'], + 'token_type_hint' => ['description' => 'A hint about the type of the authentication token.'."\n" + ."\n" + .'><notice>'."\n" + ."\n" + .'No value is currently required for this parameter.'."\n" + ."\n" + .'></notice>', 'type' => 'string', 'title' => '', 'required' => false, 'example' => '-'], + ], + 'description' => 'The request body.', 'required' => false, - 'example' => '20', + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'DeveloperNextTokenResponse', - 'description' => 'DeveloperNextTokenResponse'."\n", 'type' => 'object', 'properties' => [ - 'totalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1000', - ], - 'data' => [ - 'description' => 'The returned data.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The returned data.'."\n", - 'type' => 'object', - 'properties' => [ - 'instanceId' => [ - 'title' => '实例ID', - 'description' => 'The instance ID.'."\n", - 'type' => 'string', - 'example' => 'idaas_ue2jvisn35ea5lmthk267xxxxx', - ], - 'userId' => [ - 'title' => '账户ID', - 'description' => 'The account ID.'."\n", - 'type' => 'string', - 'example' => 'user_001', - ], - ], - ], - ], - 'nextToken' => [ - 'description' => 'A pagination token. If NextToken is empty, no next page exists.'."\n", - 'type' => 'string', - 'example' => 'NTxxx', - ], - 'maxResults' => [ - 'description' => 'The maximum number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '20', - ], + 'active' => ['description' => 'Indicates whether the authentication token is valid.', 'type' => 'boolean', 'title' => '', 'example' => 'true'], ], + 'description' => 'The validation result.', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"totalCount\\": 1000,\\n \\"data\\": [\\n {\\n \\"instanceId\\": \\"idaas_ue2jvisn35ea5lmthk267xxxxx\\",\\n \\"userId\\": \\"user_001\\"\\n }\\n ],\\n \\"nextToken\\": \\"NTxxx\\",\\n \\"maxResults\\": 20\\n}","type":"json"}]', - 'title' => 'ListUsersForGroup', - 'requestParamsDescription' => 'If you set groupId to iggroup_all, the system queries accounts in all groups.'."\n", + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'ValidateAuthenticationToken', + 'summary' => 'Validates an authentication token.', + 'description' => '><notice>'."\n" + ."\n" + .'This operation is supported only for JSON Web Token (JWT) authentication tokens.'."\n" + ."\n" + .'></notice>', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"active\\": true\\n}","type":"json"}]', ], ], 'endpoints' => [ - [ - 'regionId' => 'cn-hongkong', - 'endpoint' => 'eiam-developerapi.cn-hongkong.aliyuncs.com', - ], - [ - 'regionId' => 'ap-northeast-2', - 'endpoint' => 'eiam-developerapi.ap-northeast-2.aliyuncs.com', - ], - [ - 'regionId' => 'ap-southeast-1', - 'endpoint' => 'eiam-developerapi.ap-southeast-1.aliyuncs.com', - ], - [ - 'regionId' => 'ap-southeast-5', - 'endpoint' => 'eiam-developerapi.ap-southeast-5.aliyuncs.com', - ], - [ - 'regionId' => 'cn-hangzhou', - 'endpoint' => 'eiam-developerapi.cn-hangzhou.aliyuncs.com', - ], - [ - 'regionId' => 'eu-central-1', - 'endpoint' => 'eiam-developerapi.eu-central-1.aliyuncs.com', - ], + ['regionId' => 'cn-hongkong', 'regionName' => 'China (Hong Kong)', 'areaId' => 'asiaPacific', 'areaName' => 'Asia Pacific', 'public' => 'eiam-developerapi.cn-hongkong.aliyuncs.com', 'endpoint' => 'eiam-developerapi.cn-hongkong.aliyuncs.com', 'vpc' => 'eiam-developerapi-hk.vpc-proxy.aliyuncs.com'], + ['regionId' => 'ap-northeast-2', 'regionName' => 'South Korea (Seoul)', 'areaId' => 'asiaPacific', 'areaName' => 'Asia Pacific', 'public' => 'eiam-developerapi.ap-northeast-2.aliyuncs.com', 'endpoint' => 'eiam-developerapi.ap-northeast-2.aliyuncs.com', 'vpc' => 'eiam-developerapi-sel.vpc-proxy.aliyuncs.com'], + ['regionId' => 'ap-southeast-1', 'regionName' => 'Singapore', 'areaId' => 'asiaPacific', 'areaName' => 'Asia Pacific', 'public' => 'eiam-developerapi.ap-southeast-1.aliyuncs.com', 'endpoint' => 'eiam-developerapi.ap-southeast-1.aliyuncs.com', 'vpc' => 'eiam-developerapi-sg.vpc-proxy.aliyuncs.com'], + ['regionId' => 'ap-southeast-5', 'regionName' => 'Indonesia (Jakarta)', 'areaId' => 'asiaPacific', 'areaName' => 'Asia Pacific', 'public' => 'eiam-developerapi.ap-southeast-5.aliyuncs.com', 'endpoint' => 'eiam-developerapi.ap-southeast-5.aliyuncs.com', 'vpc' => 'eiam-developerapi-jk.vpc-proxy.aliyuncs.com'], + ['regionId' => 'cn-hangzhou', 'regionName' => 'China (Hangzhou)', 'areaId' => 'asiaPacific', 'areaName' => 'Asia Pacific', 'public' => 'eiam-developerapi.cn-hangzhou.aliyuncs.com', 'endpoint' => 'eiam-developerapi.cn-hangzhou.aliyuncs.com', 'vpc' => 'eiam-developerapi-cn.vpc-proxy.aliyuncs.com'], + ['regionId' => 'eu-central-1', 'regionName' => 'Germany (Frankfurt)', 'areaId' => 'europeAmerica', 'areaName' => 'Europe & Americas', 'public' => 'eiam-developerapi.eu-central-1.aliyuncs.com', 'endpoint' => 'eiam-developerapi.eu-central-1.aliyuncs.com', 'vpc' => 'eiam-developerapi-eu.vpc-proxy.aliyuncs.com'], + ], + 'errorCodes' => [], + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], ]; |
