search

Authentication

To manage data in a vault, you need to create and authenticate a service account for the vault. See API Authentication for a tutorial. Once you’ve done that, you should have a Bearer Token for your service account. To authenticate your requests, simply include it as a header parameter as follows:

authorization : Bearer {BEARER_TOKEN}.

Bearer

Access token, prefixed by Bearer: Bearer <token>. Retrieved using Generate Tokens End-Point

Security Scheme Type

apiKey

Header Parameter Name

Authorization

Accounts

List Accounts

GET

/v1/accounts

Lists accounts that the context user has access to.

QUERY PARAMETERS

userEmail

string

Optional User email filter. If specified, only Accounts to which the user with this eail address belongs will be returned..

name

string

Optional name filter.

status

string

Default :

NONE

Enum :

NONE

CREATED

PENDING

ACTIVE

INACTIVE

ARCHIVED

DELETED

Optional status filter. - NONE: NONE is undefined and should not be used.

offset

string

Default : 0

Pagination Offset. - indicates the record number to start retrieving data.

limit

string

Default : 25

Pagination Limit. - indicates the number of records to retrieve.

accountID

string

Optional parent Account ID. If specified, only Accounts under the parent will be returned..

REQUEST
curl --request GET \
  --url 'https://manage.skyflowapis.com/v1/accounts?userEmail=SOME_STRING_VALUE&name=SOME_STRING_VALUE&status=SOME_STRING_VALUE&offset=SOME_STRING_VALUE&limit=SOME_STRING_VALUE&accountID=SOME_STRING_VALUE' \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • result:{
    • Account:{
      • name:"Skyflow",
      • displayName:"Skyflow Account.",
      • description:"Main Account for Managing Skyflow Account",
      • ID:"g2400b4c4c9c11ea8baaacde48001122"
      }
    },
  • error:{
    • grpc_code:"integer",
    • http_code:"integer",
    • message:"string",
    • http_status:"string",
    • details:[
      • {
        • type_url:"string",
        • value:"string"
        }
      ]
    }
}

Create Account

POST

/v1/accounts

Create an account. This also internally creates a Master API Key which can be used to access all the resources and sub-resources of this account.

BODY PARAMETER

Account

object

object {

name

string

Name of the account with alphanumeric characters to uniquely identify an account.

displayName

string

Display name for the account which can be used for UI display.

description

string

Description for the account

ID

string

This will be generated by server and cannot be user generated.

namespace

string

This will be generated by server and cannot be user generated.

contactAddress

object

object {

streetAddress

string

city

string

state

string

country

string

zip

integer

}

BasicAudit

object

object {

CreatedBy

string

User who created the resource meta data.

LastModifiedBy

string

User who last modified the resource meta data.

CreatedOn

string

Time of creation of the resource meta data.

LastModifiedOn

string

Time of last modification of the resource meta data.

}

status

string

Default :

NONE

Enum :

NONE

CREATED

PENDING

ACTIVE

INACTIVE

ARCHIVED

DELETED

- NONE: NONE is undefined and should not be used.

url

string

URL for the workspaces under this account

tenantType

string

}

REQUEST
curl --request POST \
  --url https://manage.skyflowapis.com/v1/accounts \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"Account":{"name":"Skyflow","displayName":"Skyflow Account.","description":"Main Account for Managing Skyflow Account","ID":"g2400b4c4c9c11ea8baaacde48001122"}}'
RESPONSE
{
  • ID:"string",
  • defaultWorkspaceID:"string"
}

Get Account By ID

GET

/v1/accounts/{ID}

Retreives the account using the provided ID.

PATH PARAMETERS

ID

string

*

REQUEST
curl --request GET \
  --url https://manage.skyflowapis.com/v1/accounts/{ID} \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • Account:{
    • name:"Skyflow",
    • displayName:"Skyflow Account.",
    • description:"Main Account for Managing Skyflow Account",
    • ID:"g2400b4c4c9c11ea8baaacde48001122"
    }
}

Delete Account

DELETE

/v1/accounts/{ID}

Deletes the account and its child entities with the given ID.

PATH PARAMETERS

ID

string

*

REQUEST
curl --request DELETE \
  --url https://manage.skyflowapis.com/v1/accounts/{ID} \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • ID:"string"
}

Update Account

PATCH

/v1/accounts/{ID}

Updates the account with the given ID.

PATH PARAMETERS

ID

string

*

BODY PARAMETER

Account

object

object {

name

string

Name of the account with alphanumeric characters to uniquely identify an account.

displayName

string

Display name for the account which can be used for UI display.

description

string

Description for the account

ID

string

This will be generated by server and cannot be user generated.

namespace

string

This will be generated by server and cannot be user generated.

contactAddress

object

object {

streetAddress

string

city

string

state

string

country

string

zip

integer

}

BasicAudit

object

object {

CreatedBy

string

User who created the resource meta data.

LastModifiedBy

string

User who last modified the resource meta data.

CreatedOn

string

Time of creation of the resource meta data.

LastModifiedOn

string

Time of last modification of the resource meta data.

}

status

string

Default :

NONE

Enum :

NONE

CREATED

PENDING

ACTIVE

INACTIVE

ARCHIVED

DELETED

- NONE: NONE is undefined and should not be used.

url

string

URL for the workspaces under this account

tenantType

string

}

ID

string

REQUEST
curl --request PATCH \
  --url https://manage.skyflowapis.com/v1/accounts/{ID} \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"Account":{"name":"Skyflow","displayName":"Skyflow Account.","description":"Main Account for Managing Skyflow Account","ID":"g2400b4c4c9c11ea8baaacde48001122"},"ID":"string"}'
RESPONSE
{
  • ID:"string"
}

List Members

GET

/v1/accounts/{ID}/members

Lists members belonging to the provided account.

PATH PARAMETERS

ID

string

*

QUERY PARAMETERS

filterOps.email

string

Email filter.

filterOps.type

string

Default :

NONE

Enum :

NONE

USER

GROUP

SERVICE_ACCOUNT

SQL_SERVICE_ACCOUNT

Member Type filter. - NONE: NONE is undefined and should not be used. - USER: Indicates the Member is of type User. - GROUP: Indicates the Member is of type Group. - SERVICE_ACCOUNT: Indicates the Member is of type ServiceAccount. - SQL_SERVICE_ACCOUNT: Indicates the Member is of SqlServiceAccount.

filterOps.name

string

Name filter.

filterOps.status

string

Default :

NONE

Enum :

NONE

CREATED

PENDING

ACTIVE

INACTIVE

ARCHIVED

DELETED

Status filter. - NONE: NONE is undefined and should not be used.

sortOps.sortBy

string

Fully qualified Object field by which to sort results. Field names should be passed in camel case (e.g. camelCase).

sortOps.orderBy

string

Default :

ASCENDING

Enum :

ASCENDING

DESCENDING

Either ascending or descending order specification.

offset

string

Default : 0

Pagination offset. - indicates the record number to start retrieving data

limit

string

Default : 25

Pagination limit. - indicates the number of records to retrieve

REQUEST
curl --request GET \
  --url 'https://manage.skyflowapis.com/v1/accounts/{ID}/members?filterOps.email=SOME_STRING_VALUE&filterOps.type=SOME_STRING_VALUE&filterOps.name=SOME_STRING_VALUE&filterOps.status=SOME_STRING_VALUE&sortOps.sortBy=SOME_STRING_VALUE&sortOps.orderBy=SOME_STRING_VALUE&offset=SOME_STRING_VALUE&limit=SOME_STRING_VALUE' \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • result:{
    • member:{
      • ID:"mb057d4c570011ea89d9acde48001122",
      • type:"USER"
      }
    },
  • error:{
    • grpc_code:"integer",
    • http_code:"integer",
    • message:"string",
    • http_status:"string",
    • details:[
      • {
        • type_url:"string",
        • value:"string"
        }
      ]
    }
}

Update Account Status

PATCH

/v1/accounts/{ID}/status

Updates an account's status.

PATH PARAMETERS

ID

string

*

BODY PARAMETER

ID

string

status

string

Default :

NONE

Enum :

NONE

CREATED

PENDING

ACTIVE

INACTIVE

ARCHIVED

DELETED

- NONE: NONE is undefined and should not be used.

REQUEST
curl --request PATCH \
  --url https://manage.skyflowapis.com/v1/accounts/{ID}/status \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"ID":"string","status":"NONE"}'
RESPONSE
{
  • ID:"string"
}

Audit

Returns Audit Events based on the query parameters

GET

/v1/audit/events

Based on the request query parameters, the api returns a list of audit events which meets the criteria

QUERY PARAMETERS

filterOps.context.changeID

string

Unique ID for Audit Event.

filterOps.context.requestID

string

Internal autogenerated Request ID unique for each request.

filterOps.context.traceID

string

Trace ID of the request made by client.

filterOps.context.sessionID

string

Session ID as part of which the user is executing queries.

filterOps.context.actor

string

Actor for the request. Based on actortype, Format for the actor could be - userID or emailID or serviceAccountID

filterOps.context.actorType

string

Default :

NONE

Enum :

NONE

USER

GROUP

SERVICE_ACCOUNT

SQL_SERVICE_ACCOUNT

ActorType for the request. It could be USER or SERVICE_ACCOUNT - NONE: NONE is undefined and should not be used. - USER: Indicates the Member is of type User. - GROUP: Indicates the Member is of type Group. - SERVICE_ACCOUNT: Indicates the Member is of type ServiceAccount. - SQL_SERVICE_ACCOUNT: Indicates the Member is of SqlServiceAccount.

filterOps.context.accessType

string

Default :

ACCESS_NONE

Enum :

ACCESS_NONE

API

SQL

The access type of the request. The access type could be (API, SQL etc.)

filterOps.context.ipAddress

string

IP Address of the client from which the request is being made.

filterOps.parentAccountID

string

The parent accountID of the resource.

filterOps.accountID

string

The accountID of the resource.

filterOps.workspaceID

string

The workspaceID of the resource.

filterOps.vaultID

string

The vaultID of the resource.

filterOps.resourceIDs

string

Resources associated with the request (Comma Separated). This is to provide better search capabilities. (Comma Separated). Could be group resource and user resource ids and types. Key will be of the form 'vault/id', 'user/id', etc. Any single Resource matches, the result will be returned

filterOps.actionType

string

Default :

NONE

Enum :

NONE

ASSIGN

CREATE

DELETE

EXECUTE

LIST

READ

UNASSIGN

UPDATE

VALIDATE

LOGIN

The audit action type (INSERT, UPDATE, etc).

filterOps.resourceType

string

Default :

NONE_API

Enum :

NONE_API

ACCOUNT

AUDIT

BASE_DATA_TYPE

FIELD_TEMPLATE

FILE

GROUP

KEY

POLICY

PROTO_PARSE

RECORD

ROLE

RULE

SECRET

SERVICE_ACCOUNT

SQL_SERVICE_ACCOUNT

TOKEN

USER

VAULT

VAULT_TEMPLATE

WORKFLOW

WORKFLOW_RUN

WORKSPACE

TABLE

POLICY_TEMPLATE

MEMBER

VAULTFUNCTIONCONFIG

The resource method name. The Resource method names as in api docs

filterOps.tags

string

Tags associated with Event if any (Comma Separated). This is to provide better search capabilities (Comma Separated). Where Keys could be login, get, dml, etc. Any single Tag matches, the result will be returned

filterOps.responseCode

integer

The https response code for the operation.

filterOps.startTime

string

The start timestamp for the query.

filterOps.endTime

string

The end timestamp for the query.

filterOps.apiName

string

api name (grpc service name).

filterOps.responseMessage

string

response or error message, like SUCCESS etc....

filterOps.httpMethod

string

http method like GET, POST etc....

filterOps.httpURI

string

http URI like /v1/vaults/{vaultID}/{tablename}/{ID}.

sortOps.sortBy

string

Fully qualified Object field by which to sort results. Field names should be passed in camel case (e.g. camelCase).

sortOps.orderBy

string

Default :

ASCENDING

Enum :

ASCENDING

DESCENDING

Either ascending or descending order specification.

afterOps.timestamp

string

The timestamp provided in previous response's nextOps attribute. Cannot be clubbed with sortOps or offset. For first time call, leave blank..

afterOps.changeID

string

The changeID provided in previous response's nextOps attribute. Cannot be clubbed with sortOps or offset. For first time call, leave blank..

limit

integer

Default : 25

Pagination Limit. - indicates the number of records to retrieve.

offset

integer

Default : 0

Pagination Offset. - indicates the record number to start retrieving data.

REQUEST
curl --request GET \
  --url 'https://manage.skyflowapis.com/v1/audit/events?filterOps.context.changeID=SOME_STRING_VALUE&filterOps.context.requestID=SOME_STRING_VALUE&filterOps.context.traceID=SOME_STRING_VALUE&filterOps.context.sessionID=SOME_STRING_VALUE&filterOps.context.actor=SOME_STRING_VALUE&filterOps.context.actorType=SOME_STRING_VALUE&filterOps.context.accessType=SOME_STRING_VALUE&filterOps.context.ipAddress=SOME_STRING_VALUE&filterOps.parentAccountID=SOME_STRING_VALUE&filterOps.accountID=SOME_STRING_VALUE&filterOps.workspaceID=SOME_STRING_VALUE&filterOps.vaultID=SOME_STRING_VALUE&filterOps.resourceIDs=SOME_STRING_VALUE&filterOps.actionType=SOME_STRING_VALUE&filterOps.resourceType=SOME_STRING_VALUE&filterOps.tags=SOME_STRING_VALUE&filterOps.responseCode=SOME_INTEGER_VALUE&filterOps.startTime=SOME_STRING_VALUE&filterOps.endTime=SOME_STRING_VALUE&filterOps.apiName=SOME_STRING_VALUE&filterOps.responseMessage=SOME_STRING_VALUE&filterOps.httpMethod=SOME_STRING_VALUE&filterOps.httpURI=SOME_STRING_VALUE&sortOps.sortBy=SOME_STRING_VALUE&sortOps.orderBy=SOME_STRING_VALUE&afterOps.timestamp=SOME_STRING_VALUE&afterOps.changeID=SOME_STRING_VALUE&limit=SOME_INTEGER_VALUE&offset=SOME_INTEGER_VALUE' \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • event:[
    • {
      • context:{
        • changeID:"string",
        • requestID:"string",
        • traceID:"string",
        • sessionID:"string",
        • actor:"string",
        • actorType:"string",
        • accessType:"string",
        • ipAddress:"string"
        },
      • request:{
        • data:{
          • content:"string"
          },
        • apiName:"string",
        • workspaceID:"string",
        • vaultID:"string",
        • tags:[
          • "string"
          ],
        • timestamp:"string",
        • actionType:"string",
        • resourceType:"string",
        • httpInfo:{
          • URI:"string",
          • method:"string"
          }
        },
      • response:{
        • code:"integer",
        • message:"string",
        • data:{
          • content:"string"
          },
        • timestamp:"string"
        },
      • parentAccountID:"string",
      • accountID:"string",
      • resourceIDs:[
        • "string"
        ]
      }
    ],
  • nextOps:{
    • timestamp:"string",
    • changeID:"string"
    }
}

Authentication

Get auth public keys

GET

/v1/auth/sa/oauth/keys

Get the auth public keys.

REQUEST
curl --request GET \
  --url https://manage.skyflowapis.com/v1/auth/sa/oauth/keys \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • keys:[
    • {
      • kty:"string",
      • alg:"string",
      • kid:"string",
      • use:"string",
      • e:"string",
      • n:"string"
      }
    ]
}

Get the auth token

POST

/v1/auth/sa/oauth/token

Generates the auth bearer token for a user signed JWT token.

BODY PARAMETER

grant_type

string

grant_type: urn:ietf:params:oauth:grant-type:jwt-bearer

assertion

string

assertion: User signed JWT token

REQUEST
curl --request POST \
  --url https://manage.skyflowapis.com/v1/auth/sa/oauth/token \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"grant_type":"string","assertion":"string"}'
RESPONSE
{
  • accessToken:"string",
  • tokenType:"string"
}

Bearer token

POST

/v1/auth/token

Verifies the username/password combination and generates the access/bearer token for the API users to consume.

BODY PARAMETER

username

string

The email address of the Skyflow user.

password

string

Password of this user.

REQUEST
curl --request POST \
  --url https://manage.skyflowapis.com/v1/auth/token \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"username":"bob@acme.com","password":"MyP@$$w0rd"}'
RESPONSE
{
  • accessToken:"eyJraWKiOiJ0aUdXd3JWcVNsRU50RUkWbGt2LUkwSklLejhReExzX0dZbzEtdl8zODk0IiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aLM6IkFULmRYV3h6VG04Vm1aU3FzRVZKMEhrTE14dmRQUWFWTzc1ckZuOIKtTmU3eUUiLCJpc3MiOiJodHRwczovL2F1dGguc2t5Zmxvdy5kZXYvb2F1dGgyL2RlZmF1bHQiLCJhdWQiOiJhcGm3Oy9kZWZhdWx0IiwiaWF0IjoxNTg4MjM3MTg4LCJleHAiOjE1ODgyNDA3ODgsImNpZCI6IjBvYTUxXmXza0JqOWh1TUxhNHg2IiwidWlkIjoiMDB1NWR6aHA5QmJSaG9Wa1I0eDYiLCJzY3MwOlsicHJvZmlsZSIsIm9wZW5pZCIsImVtYWlsIl0sInN1YiI6Imtpc2hvcmUuYmFuZGlAc2t5Zmxvdy5jb20ifQ.mtiz1gP3u6t0vTTgKAzPvLLFLsyHFr9W-CREq0rnyj1_zc5siF3nt4y9-UMf2chsRJPgoNGOiXCiOGaiGvWD5VBr6nUS8I4m_Mp3mr0a7mQ-wQxYiw2K2F2C9AS2MSQSJGU5hyl1H3uqVH6YOLePRBtSmz3ez9v47_EP7KiOhmRmGTI7j7oahaW_9g8SVIL1H5RJ1ctSmBRt7frYOAs564uwYni1wbzH48tDj8PKm5sj2-EpvcMh4kVyq259Ken-Bcp2hpECTtbEjfgtGf2TjExTozFBYY3kobKApJ5xBz-7k_tlCECYRvWKrdOgnx1kdBkX5WziWyFWrvj1kRzQtg"
}

BaseDataTypes

List Base Data Types

GET

/v1/base-data-types

REQUEST
curl --request GET \
  --url https://manage.skyflowapis.com/v1/base-data-types \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • baseDataTypes:[
    • {
      • displayName:"string",
      • description:"string",
      • datatype:"string"
      }
    ]
}

FieldTemplates

List Field Templates

GET

/v1/field-templates

Lists the Field Templates belonging to the provided account ID. If no account ID is passed, the context account ID will be used.

QUERY PARAMETERS

accountID

string

Account ID. Account ID requesting List Field Templates

offset

integer

Default : 0

Pagination Offset. - indicates the record number to start retrieving data.

limit

integer

Default : 25

Pagination Limit. - indicates the number of records to retrieve.

filterOps.name

string

Name filter.

filterOps.status

string

Default :

NONE

Enum :

NONE

CREATED

PENDING

ACTIVE

INACTIVE

ARCHIVED

DELETED

Status filter. - NONE: NONE is undefined and should not be used.

sortOps.sortBy

string

Fully qualified Object field by which to sort results. Field names should be passed in camel case (e.g. camelCase).

sortOps.orderBy

string

Default :

ASCENDING

Enum :

ASCENDING

DESCENDING

Either ascending or descending order specification.

REQUEST
curl --request GET \
  --url 'https://manage.skyflowapis.com/v1/field-templates?accountID=SOME_STRING_VALUE&offset=SOME_INTEGER_VALUE&limit=SOME_INTEGER_VALUE&filterOps.name=SOME_STRING_VALUE&filterOps.status=SOME_STRING_VALUE&sortOps.sortBy=SOME_STRING_VALUE&sortOps.orderBy=SOME_STRING_VALUE' \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • message:"Cu$t0mer_Vault name passed must contain only alphanumeric characters.",
  • code:400,
  • type:"Validation",
  • detailed_message:"The Actual error (if any) that could have caused this issue."
}

Create Field Template

POST

/v1/field-templates

FOR INTERNAL USE ONLY

BODY PARAMETER

accountID

string

name

string

description

string

field

object

object {

name

string

Name of the Field

datatype

string

Default :

DT_INVALID

Enum :

DT_INVALID

DT_FLOAT32

DT_FLOAT64

DT_INT8

DT_INT16

DT_INT32

DT_INT64

DT_UINT8

DT_UINT16

DT_UINT32

DT_UINT64

DT_BOOL

DT_STRING

DT_BYTES

DT_DATETIME

DT_DATE

DT_TIME

DT_EMBEDDED

DT_REFERENCED

- DT_DATETIME: RFC1123Z = "Mon, 02 Jan 2006 15:04:05 -0700" - DT_DATE: 2006-01-02 Plain date YYYY-MM-DD - DT_TIME: Kitchen = "3:04PM" - DT_EMBEDDED: This is used only by PDB for understanding if a Complex Field has been embedded. - DT_REFERENCED: This is used only by PDB for understanding if a Complex Field has been referenced.

isArray

boolean

Denotes if the Field is an Array

tags

array

Tags defined for this Field

Array [ object {

name

string

Name of the Tag

values

array

The list of values for this tag

Array [ string

]

} ]

properties

object

object {

name

string

Name of Property

description

string

Description of the Property

references

string

Any Cyclic Reference of this Object to other Objects in the Path

}

index

integer

The position of the Field in the embedded schema

}

compositeField

object

object {

ID

string

ID of the Schema

name

string

Name of the Schema

parentSchemaProperties

object

object {

parentID

string

ID of the Schema Property

isArray

boolean

Denotes if the Schema is an array

tableType

string

parentFieldTags

array

Tags that were defined at the parent level

Array [ object {

name

string

Name of the Tag

values

array

The list of values for this tag

Array [ string

]

} ]

name

string

Name for the Parent Schema

}

fields

array

Fields present under this Schema

Array [ object {

name

string

Name of the Field

datatype

string

Default :

DT_INVALID

Enum :

DT_INVALID

DT_FLOAT32

DT_FLOAT64

DT_INT8

DT_INT16

DT_INT32

DT_INT64

DT_UINT8

DT_UINT16

DT_UINT32

DT_UINT64

DT_BOOL

DT_STRING

DT_BYTES

DT_DATETIME

DT_DATE

DT_TIME

DT_EMBEDDED

DT_REFERENCED

- DT_DATETIME: RFC1123Z = "Mon, 02 Jan 2006 15:04:05 -0700" - DT_DATE: 2006-01-02 Plain date YYYY-MM-DD - DT_TIME: Kitchen = "3:04PM" - DT_EMBEDDED: This is used only by PDB for understanding if a Complex Field has been embedded. - DT_REFERENCED: This is used only by PDB for understanding if a Complex Field has been referenced.

isArray

boolean

Denotes if the Field is an Array

tags

array

Tags defined for this Field

Array [ object {

name

string

Name of the Tag

values

array

The list of values for this tag

Array [ string

]

} ]

properties

object

object {

name

string

Name of Property

description

string

Description of the Property

references

string

Any Cyclic Reference of this Object to other Objects in the Path

}

index

integer

The position of the Field in the embedded schema

} ]

childrenSchemas

array

Complex Fields/Schemas present under this Schema

Array [

]

schemaTags

array

Tags defined at the Schema level

Array [ object {

name

string

Name of the Tag

values

array

The list of values for this tag

Array [ string

]

} ]

properties

object

object {

name

string

Name of Property

description

string

Description of the Property

references

string

Any Cyclic Reference of this Object to other Objects in the Path

}

}

REQUEST
curl --request POST \
  --url https://manage.skyflowapis.com/v1/field-templates \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"accountID":"string","name":"string","description":"string","field":{"name":"string","datatype":"DT_INVALID","isArray":true,"tags":[{"name":"string","values":["string"]}],"properties":{"name":"string","description":"string","references":"string"},"index":0},"compositeField":{"ID":"string","name":"string","parentSchemaProperties":{"parentID":"string","isArray":true,"tableType":"TT_BASE","parentFieldTags":[{"name":"string","values":["string"]}],"name":"string"},"fields":[{"name":"string","datatype":"DT_INVALID","isArray":true,"tags":[{"name":"string","values":["string"]}],"properties":{"name":"string","description":"string","references":"string"},"index":0}],"childrenSchemas":[{}],"schemaTags":[{"name":"string","values":["string"]}],"properties":{"name":"string","description":"string","references":"string"}}}'
RESPONSE
{
  • message:"Cu$t0mer_Vault name passed must contain only alphanumeric characters.",
  • code:400,
  • type:"Validation",
  • detailed_message:"The Actual error (if any) that could have caused this issue."
}

Get Field Template

GET

/v1/field-templates/{ID}

Retreives a Field Template using the provided ID.

PATH PARAMETERS

ID

string

*

ID of the Field Template

REQUEST
curl --request GET \
  --url https://manage.skyflowapis.com/v1/field-templates/{ID} \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • message:"Cu$t0mer_Vault name passed must contain only alphanumeric characters.",
  • code:400,
  • type:"Validation",
  • detailed_message:"The Actual error (if any) that could have caused this issue."
}

Delete Field Template

DELETE

/v1/field-templates/{ID}

FOR INTERNAL USE ONLY

PATH PARAMETERS

ID

string

*

REQUEST
curl --request DELETE \
  --url https://manage.skyflowapis.com/v1/field-templates/{ID} \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • message:"Cu$t0mer_Vault name passed must contain only alphanumeric characters.",
  • code:400,
  • type:"Validation",
  • detailed_message:"The Actual error (if any) that could have caused this issue."
}

Update Field Template

PATCH

/v1/field-templates/{ID}

FOR INTERNAL USE ONLY

PATH PARAMETERS

ID

string

*

BODY PARAMETER

ID

string

name

string

description

string

field

object

object {

name

string

Name of the Field

datatype

string

Default :

DT_INVALID

Enum :

DT_INVALID

DT_FLOAT32

DT_FLOAT64

DT_INT8

DT_INT16

DT_INT32

DT_INT64

DT_UINT8

DT_UINT16

DT_UINT32

DT_UINT64

DT_BOOL

DT_STRING

DT_BYTES

DT_DATETIME

DT_DATE

DT_TIME

DT_EMBEDDED

DT_REFERENCED

- DT_DATETIME: RFC1123Z = "Mon, 02 Jan 2006 15:04:05 -0700" - DT_DATE: 2006-01-02 Plain date YYYY-MM-DD - DT_TIME: Kitchen = "3:04PM" - DT_EMBEDDED: This is used only by PDB for understanding if a Complex Field has been embedded. - DT_REFERENCED: This is used only by PDB for understanding if a Complex Field has been referenced.

isArray

boolean

Denotes if the Field is an Array

tags

array

Tags defined for this Field

Array [ object {

name

string

Name of the Tag

values

array

The list of values for this tag

Array [ string

]

} ]

properties

object

object {

name

string

Name of Property

description

string

Description of the Property

references

string

Any Cyclic Reference of this Object to other Objects in the Path

}

index

integer

The position of the Field in the embedded schema

}

compositeField

object

object {

ID

string

ID of the Schema

name

string

Name of the Schema

parentSchemaProperties

object

object {

parentID

string

ID of the Schema Property

isArray

boolean

Denotes if the Schema is an array

tableType

string

parentFieldTags

array

Tags that were defined at the parent level

Array [ object {

name

string

Name of the Tag

values

array

The list of values for this tag

Array [ string

]

} ]

name

string

Name for the Parent Schema

}

fields

array

Fields present under this Schema

Array [ object {

name

string

Name of the Field

datatype

string

Default :

DT_INVALID

Enum :

DT_INVALID

DT_FLOAT32

DT_FLOAT64

DT_INT8

DT_INT16

DT_INT32

DT_INT64

DT_UINT8

DT_UINT16

DT_UINT32

DT_UINT64

DT_BOOL

DT_STRING

DT_BYTES

DT_DATETIME

DT_DATE

DT_TIME

DT_EMBEDDED

DT_REFERENCED

- DT_DATETIME: RFC1123Z = "Mon, 02 Jan 2006 15:04:05 -0700" - DT_DATE: 2006-01-02 Plain date YYYY-MM-DD - DT_TIME: Kitchen = "3:04PM" - DT_EMBEDDED: This is used only by PDB for understanding if a Complex Field has been embedded. - DT_REFERENCED: This is used only by PDB for understanding if a Complex Field has been referenced.

isArray

boolean

Denotes if the Field is an Array

tags

array

Tags defined for this Field

Array [ object {

name

string

Name of the Tag

values

array

The list of values for this tag

Array [ string

]

} ]

properties

object

object {

name

string

Name of Property

description

string

Description of the Property

references

string

Any Cyclic Reference of this Object to other Objects in the Path

}

index

integer

The position of the Field in the embedded schema

} ]

childrenSchemas

array

Complex Fields/Schemas present under this Schema

Array [

]

schemaTags

array

Tags defined at the Schema level

Array [ object {

name

string

Name of the Tag

values

array

The list of values for this tag

Array [ string

]

} ]

properties

object

object {

name

string

Name of Property

description

string

Description of the Property

references

string

Any Cyclic Reference of this Object to other Objects in the Path

}

}

REQUEST
curl --request PATCH \
  --url https://manage.skyflowapis.com/v1/field-templates/{ID} \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"ID":"string","name":"string","description":"string","field":{"name":"string","datatype":"DT_INVALID","isArray":true,"tags":[{"name":"string","values":["string"]}],"properties":{"name":"string","description":"string","references":"string"},"index":0},"compositeField":{"ID":"string","name":"string","parentSchemaProperties":{"parentID":"string","isArray":true,"tableType":"TT_BASE","parentFieldTags":[{"name":"string","values":["string"]}],"name":"string"},"fields":[{"name":"string","datatype":"DT_INVALID","isArray":true,"tags":[{"name":"string","values":["string"]}],"properties":{"name":"string","description":"string","references":"string"},"index":0}],"childrenSchemas":[{}],"schemaTags":[{"name":"string","values":["string"]}],"properties":{"name":"string","description":"string","references":"string"}}}'
RESPONSE
{
  • message:"Cu$t0mer_Vault name passed must contain only alphanumeric characters.",
  • code:400,
  • type:"Validation",
  • detailed_message:"The Actual error (if any) that could have caused this issue."
}

Update Field Template Status

PATCH

/v1/field-templates/{ID}/status

FOR INTERNAL USE ONLY

PATH PARAMETERS

ID

string

*

BODY PARAMETER

ID

string

status

string

Default :

NONE

Enum :

NONE

CREATED

PENDING

ACTIVE

INACTIVE

ARCHIVED

DELETED

- NONE: NONE is undefined and should not be used.

REQUEST
curl --request PATCH \
  --url https://manage.skyflowapis.com/v1/field-templates/{ID}/status \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"ID":"string","status":"NONE"}'
RESPONSE
{
  • ID:"string"
}

Validate Field Template JSON schema

POST

/v1/fieldTemplates/validate

BODY PARAMETER

field

object

object {

name

string

Name of the Field

datatype

string

Default :

DT_INVALID

Enum :

DT_INVALID

DT_FLOAT32

DT_FLOAT64

DT_INT8

DT_INT16

DT_INT32

DT_INT64

DT_UINT8

DT_UINT16

DT_UINT32

DT_UINT64

DT_BOOL

DT_STRING

DT_BYTES

DT_DATETIME

DT_DATE

DT_TIME

DT_EMBEDDED

DT_REFERENCED

- DT_DATETIME: RFC1123Z = "Mon, 02 Jan 2006 15:04:05 -0700" - DT_DATE: 2006-01-02 Plain date YYYY-MM-DD - DT_TIME: Kitchen = "3:04PM" - DT_EMBEDDED: This is used only by PDB for understanding if a Complex Field has been embedded. - DT_REFERENCED: This is used only by PDB for understanding if a Complex Field has been referenced.

isArray

boolean

Denotes if the Field is an Array

tags

array

Tags defined for this Field

Array [ object {

name

string

Name of the Tag

values

array

The list of values for this tag

Array [ string

]

} ]

properties

object

object {

name

string

Name of Property

description

string

Description of the Property

references

string

Any Cyclic Reference of this Object to other Objects in the Path

}

index

integer

The position of the Field in the embedded schema

}

compositeField

object

object {

ID

string

ID of the Schema

name

string

Name of the Schema

parentSchemaProperties

object

object {

parentID

string

ID of the Schema Property

isArray

boolean

Denotes if the Schema is an array

tableType

string

parentFieldTags

array

Tags that were defined at the parent level

Array [ object {

name

string

Name of the Tag

values

array

The list of values for this tag

Array [ string

]

} ]

name

string

Name for the Parent Schema

}

fields

array

Fields present under this Schema

Array [ object {

name

string

Name of the Field

datatype

string

Default :

DT_INVALID

Enum :

DT_INVALID

DT_FLOAT32

DT_FLOAT64

DT_INT8

DT_INT16

DT_INT32

DT_INT64

DT_UINT8

DT_UINT16

DT_UINT32

DT_UINT64

DT_BOOL

DT_STRING

DT_BYTES

DT_DATETIME

DT_DATE

DT_TIME

DT_EMBEDDED

DT_REFERENCED

- DT_DATETIME: RFC1123Z = "Mon, 02 Jan 2006 15:04:05 -0700" - DT_DATE: 2006-01-02 Plain date YYYY-MM-DD - DT_TIME: Kitchen = "3:04PM" - DT_EMBEDDED: This is used only by PDB for understanding if a Complex Field has been embedded. - DT_REFERENCED: This is used only by PDB for understanding if a Complex Field has been referenced.

isArray

boolean

Denotes if the Field is an Array

tags

array

Tags defined for this Field

Array [ object {

name

string

Name of the Tag

values

array

The list of values for this tag

Array [ string

]

} ]

properties

object

object {

name

string

Name of Property

description

string

Description of the Property

references

string

Any Cyclic Reference of this Object to other Objects in the Path

}

index

integer

The position of the Field in the embedded schema

} ]

childrenSchemas

array

Complex Fields/Schemas present under this Schema

Array [

]

schemaTags

array

Tags defined at the Schema level

Array [ object {

name

string

Name of the Tag

values

array

The list of values for this tag

Array [ string

]

} ]

properties

object

object {

name

string

Name of Property

description

string

Description of the Property

references

string

Any Cyclic Reference of this Object to other Objects in the Path

}

}

REQUEST
curl --request POST \
  --url https://manage.skyflowapis.com/v1/fieldTemplates/validate \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"field":{"name":"string","datatype":"DT_INVALID","isArray":true,"tags":[{"name":"string","values":["string"]}],"properties":{"name":"string","description":"string","references":"string"},"index":0},"compositeField":{"ID":"string","name":"string","parentSchemaProperties":{"parentID":"string","isArray":true,"tableType":"TT_BASE","parentFieldTags":[{"name":"string","values":["string"]}],"name":"string"},"fields":[{"name":"string","datatype":"DT_INVALID","isArray":true,"tags":[{"name":"string","values":["string"]}],"properties":{"name":"string","description":"string","references":"string"},"index":0}],"childrenSchemas":[{}],"schemaTags":[{"name":"string","values":["string"]}],"properties":{"name":"string","description":"string","references":"string"}}}'
RESPONSE
{
  • isValid:"boolean",
  • errors:[
    • "string"
    ]
}

Groups

List groups

GET

/v1/groups

Streams Groups which matches the conditions set in query parameters and using Information from Additional Resource Headers or fallsback to Access Token

QUERY PARAMETERS

offset

string

Default : 0

Pagination Offset. - indicates the record number from which to start retrieving data.

limit

string

Default : 25

Pagination Limit. - indicates the number of records to be retrieved.

accountID

string

ID of the account to which the group belongs..

email

string

Group email. - using which the records are to be fetched.

REQUEST
curl --request GET \
  --url 'https://manage.skyflowapis.com/v1/groups?offset=SOME_STRING_VALUE&limit=SOME_STRING_VALUE&accountID=SOME_STRING_VALUE&email=SOME_STRING_VALUE' \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • result:{
    • group:{
      • name:"hr",
      • displayName:"HumanResources",
      • description:"Group of HR employees",
      • status:"ACTIVE"
      }
    },
  • error:{
    • grpc_code:"integer",
    • http_code:"integer",
    • message:"string",
    • http_status:"string",
    • details:[
      • {
        • type_url:"string",
        • value:"string"
        }
      ]
    }
}

Create a group

POST

/v1/groups

Creates a group.

BODY PARAMETER

group

object

object {

name

string

Name of the group.

displayName

string

Display name of the group.

description

string

Description of the group.

ID

string

This will be generated by the server and cannot be user generated.

namespace

string

This will be generated by the server and cannot be user generated.

status

string

Default :

NONE

Enum :

NONE

CREATED

PENDING

ACTIVE

INACTIVE

ARCHIVED

DELETED

- NONE: NONE is undefined and should not be used.

email

string

Email address of the group.

}

accountID

string

userIDs

array

Array [ string

]

REQUEST
curl --request POST \
  --url https://manage.skyflowapis.com/v1/groups \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"accountID":"g2400b4c4c9c11ea8baaacde48001122","group":{"name":"hr","displayName":"HumanResources","description":"Group of HR employees","status":"ACTIVE"}}'
RESPONSE
{
  • ID:"string"
}

Get group by ID

GET

/v1/groups/{ID}

Retreives a group with the provided ID.

PATH PARAMETERS

ID

string

*

REQUEST
curl --request GET \
  --url https://manage.skyflowapis.com/v1/groups/{ID} \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • group:{
    • name:"hr",
    • displayName:"HumanResources",
    • description:"Group of HR employees",
    • status:"ACTIVE"
    }
}

Delete a group

DELETE

/v1/groups/{ID}

Deletes a group with the provided ID.

PATH PARAMETERS

ID

string

*

REQUEST
curl --request DELETE \
  --url https://manage.skyflowapis.com/v1/groups/{ID} \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • ID:"string"
}

Update a group

PATCH

/v1/groups/{ID}

Updates a group with the provided ID.

PATH PARAMETERS

ID

string

*

BODY PARAMETER

ID

string

group

object

object {

name

string

Name of the group.

displayName

string

Display name of the group.

description

string

Description of the group.

ID

string

This will be generated by the server and cannot be user generated.

namespace

string

This will be generated by the server and cannot be user generated.

status

string

Default :

NONE

Enum :

NONE

CREATED

PENDING

ACTIVE

INACTIVE

ARCHIVED

DELETED

- NONE: NONE is undefined and should not be used.

email

string

Email address of the group.

}

REQUEST
curl --request PATCH \
  --url https://manage.skyflowapis.com/v1/groups/{ID} \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"ID":"string","group":{"name":"hr","displayName":"HumanResources","description":"Group of HR employees","status":"ACTIVE"}}'
RESPONSE
{
  • ID:"string"
}

List users in a group

GET

/v1/groups/{ID}/users

Gets all users of a group with the provided ID.

PATH PARAMETERS

ID

string

*

QUERY PARAMETERS

offset

string

Default : 0

Pagination Offset. - indicates the record number from which to start retrieving data.

limit

string

Default : 25

Pagination Limit. - indicates the number of records to be retrieved.

REQUEST
curl --request GET \
  --url 'https://manage.skyflowapis.com/v1/groups/{ID}/users?offset=SOME_STRING_VALUE&limit=SOME_STRING_VALUE' \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • result:{
    • user:{
      • name:"kishorebandi",
      • contactAddress:{
        • streetAddress:"9876 E E Avenue",
        • city:"Sunnyvalue",
        • state:"CA",
        • country:"USA",
        • zip:94086
        },
      • userIdentity:{
        • email:"kishore.bandi@skyflow.com",
        • oktaID:"00j9y3tpmj4kHfX4z739",
        • ID:"mb057d4c570011ea89d9acde48001122"
        },
      • status:"ACTIVE"
      }
    },
  • error:{
    • grpc_code:"integer",
    • http_code:"integer",
    • message:"string",
    • http_status:"string",
    • details:[
      • {
        • type_url:"string",
        • value:"string"
        }
      ]
    }
}

Add Users to a group

POST

/v1/groups/{ID}/users/add

Adds users with provided IDs to a group with provided ID.

PATH PARAMETERS

ID

string

*

BODY PARAMETER

ID

string

UserIDs

array

Array [ string

]

REQUEST
curl --request POST \
  --url https://manage.skyflowapis.com/v1/groups/{ID}/users/add \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"ID":"string","UserIDs":["string"]}'
RESPONSE
{
  • IDs:[
    • "string"
    ]
}

Remove users from a group

POST

/v1/groups/{ID}/users/remove

Removes Users by Provided IDs from a Group by Provided ID.

PATH PARAMETERS

ID

string

*

BODY PARAMETER

ID

string

UserIDs

array

Array [ string

]

REQUEST
curl --request POST \
  --url https://manage.skyflowapis.com/v1/groups/{ID}/users/remove \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"ID":"string","UserIDs":["string"]}'
RESPONSE
{
  • ID:[
    • "string"
    ]
}

Vaults

Get Master Key Import Parameters

GET

/v1/masterKeys/getImportParams

Gets import parameters to import master key into KMS

QUERY PARAMETERS

workspaceID

string

workspaceID is the ID of the workspace to which the Master Key is to be imported to.

REQUEST
curl --request GET \
  --url 'https://manage.skyflowapis.com/v1/masterKeys/getImportParams?workspaceID=SOME_STRING_VALUE' \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • publicKey:"string",
  • importToken:"string"
}

Import Master Key

POST

/v1/masterKeys/import

Imports master key ciphertext into KMS for use in encrypting vault data keys

BODY PARAMETER

ciphertext

string

ciphertext is the 256-bit AES Symmetric Key encrypted by the RSA Wrapping Key. base64 encoded.

importParams

object

object {

publicKey

string

publicKey is an RSA Public Key with which to encrypt the 256-bit AES Symmetric Master Key. Also known as Wrapping Key. base64 encoded.

importToken

string

importToken is a token valid for 24h which must be provided to the ImportMasterKey API to complete the import process. base64 encoded.

}

workspaceID

string

workspaceID is the ID of the workspace to which the Master Key is to be imported to.

REQUEST
curl --request POST \
  --url https://manage.skyflowapis.com/v1/masterKeys/import \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"ciphertext":"string","importParams":{"publicKey":"string","importToken":"string"},"workspaceID":"string"}'
RESPONSE
{
  • ID:"string"
}

Get Master Key Metadata

GET

/v1/masterKeys/vaults/{vaultID}/getMasterKeyMetadata

Gets metadata associated with the Master key of a Vault

PATH PARAMETERS

vaultID

string

*

vaultID is the ID of the vault whose the master key metadata is to be fetched.

QUERY PARAMETERS

workspaceID

string

workspaceID is the ID of the workspace where the vault is hosted.

REQUEST
curl --request GET \
  --url 'https://manage.skyflowapis.com/v1/masterKeys/vaults/{vaultID}/getMasterKeyMetadata?workspaceID=SOME_STRING_VALUE' \
  --header 'Authorization: REPLACE_KEY_VALUE'
RESPONSE
{
  • createdAt:"string",
  • expiresAt:"string",
  • alertAt:"string",
  • rotationPendingWindowInDays:"integer",
  • type:"string",
  • origin:"string",
  • id:"string"
}

Rotate Master Key

POST

/v1/masterKeys/vaults/{vaultID}/rotate

The Master Key used during vault creation to encrypt data keys

PATH PARAMETERS

vaultID

string

*

vaultID is the ID of the vault whose master key is to be rotated.

BODY PARAMETER

vaultID

string

vaultID is the ID of the vault whose master key is to be rotated.

workspaceID

string

workspaceID is the ID of the workspace in which the Master Key Rotation is taking place.

masterKey

object

object {

ID

string

type

string

Default :

INVALID

Enum :

INVALID

INTERNAL

EXTERNAL

- INTERNAL: INTERNAL is the Master Key Type used to identify keys hosted and managed in a Skyflow Cloud. This is the correct type to use for BYO-MKs. - EXTERNAL: EXTERNAL is the Master Key Type used to identify keys hosted and managed in a Customer Cloud. This is the correct type to use for BYO-KMS MKs.

}

pendingWindowInDays

integer

pendingWindowInDays is the waiting period specified in number of days. After the waiting period ends, the Master Key is rotated. This value is optional. It defaults to 0, which triggers an immediate rotation.

REQUEST
curl --request POST \
  --url https://manage.skyflowapis.com/v1/masterKeys/vaults/{vaultID}/rotate \
  --header 'Authorization: REPLACE_KEY_VALUE' \
  --header 'content-type: application/json' \
  --data '{"vaultID":"string","workspaceID":"string","masterKey":{"ID":"string","type":"INVALID"},"pendingWindowInDays":0}'
RESPONSE
{
    }

    List Vaults

    GET

    /v1/vaults

    List the Vaults that match with the conditions set in the query parameters.

    QUERY PARAMETERS

    filterOps.name

    string

    Name filter.

    filterOps.status

    string

    Default :

    NONE

    Enum :

    NONE

    CREATED

    PENDING

    ACTIVE

    INACTIVE

    ARCHIVED

    DELETED

    Status filter. - NONE: NONE is undefined and should not be used.

    sortOps.sortBy

    string

    Fully qualified Object field by which to sort results. Field names should be passed in camel case (e.g. camelCase).

    sortOps.orderBy

    string

    Default :

    ASCENDING

    Enum :

    ASCENDING

    DESCENDING

    Either ascending or descending order specification.

    offset

    string

    Default : 0

    Pagination Offset. - indicates the record number to start retrieving data.

    limit

    string

    Default : 25

    Pagination Limit. - indicates the number of records to retrieve.

    workspaceID

    string

    Workspace ID. ID of the Workspace to search the Vault

    fetchMetadataOnly

    boolean

    Fetch Metadata Only. Flag specifying if the returned values should only contain a Vault's metadata.

    REQUEST
    curl --request GET \
      --url 'https://manage.skyflowapis.com/v1/vaults?filterOps.name=SOME_STRING_VALUE&filterOps.status=SOME_STRING_VALUE&sortOps.sortBy=SOME_STRING_VALUE&sortOps.orderBy=SOME_STRING_VALUE&offset=SOME_STRING_VALUE&limit=SOME_STRING_VALUE&workspaceID=SOME_STRING_VALUE&fetchMetadataOnly=SOME_BOOLEAN_VALUE' \
      --header 'Authorization: REPLACE_KEY_VALUE'
    RESPONSE
    {
    • message:"Cu$t0mer_Vault name passed must contain only alphanumeric characters.",
    • code:400,
    • type:"Validation",
    • detailed_message:"The Actual error (if any) that could have caused this issue."
    }

    Create Vault

    POST

    /v1/vaults

    Creates a Vault with the given details

    BODY PARAMETER

    name

    string

    Name of the Vault being Created

    description

    string

    Description of the Vault

    templateID

    string

    The Template used to create the Vault. One of templateID/vaultSchema should be defined.

    vaultSchema

    object

    object {

    schemas

    array

    Parsed Schema generated out of the proto

    Array [

    ]

    tags

    array

    Vault level Tags that are present

    Array [ object {

    name

    string

    Name of the Tag

    values

    array

    The list of values for this tag

    Array [ string

    ]

    } ]

    }

    useMasterKey

    object

    object {

    ID

    string

    type

    string

    Default :

    INVALID

    Enum :

    INVALID

    INTERNAL

    EXTERNAL

    - INTERNAL: INTERNAL is the Master Key Type used to identify keys hosted and managed in a Skyflow Cloud. This is the correct type to use for BYO-MKs. - EXTERNAL: EXTERNAL is the Master Key Type used to identify keys hosted and managed in a Customer Cloud. This is the correct type to use for BYO-KMS MKs.

    }

    workspaceID

    string

    ID of the workspace within which the Vault is created.

    REQUEST
    curl --request POST \
      --url https://manage.skyflowapis.com/v1/vaults \
      --header 'Authorization: REPLACE_KEY_VALUE' \
      --header 'content-type: application/json' \
      --data '{"name":"simpleVaultExample","description":"A vault with 1 table","vaultSchema":{"schemas":[{"name":"table_1","fields":[{"name":"skyflow_id","datatype":"DT_STRING"},{"name":"age","datatype":"DT_INT32"},{"name":"ssn","datatype":"DT_STRING","tags":[{"name":"skyflow.options.replace_pattern","values":["XXX${1}XX${2}${3}"]},{"name":"skyflow.options.format_preserving_regex","values":["^[0-9]{3}-[0-9]{2}-([0-9]{4})$"]},{"name":"skyflow.options.default_dlp_policy","values":["REDACT"]},{"name":"skyflow.options.operation","values":["EXACT_MATCH"]},{"name":"skyflow.options.find_pattern","values":["^[0-9]{3}([- ])?[0-9]{2}([- ])?([0-9]{4})$"]},{"name":"skyflow.options.default_token_policy","values":["FORMAT_PRESERVING_TOKEN"]},{"name":"skyflow.validation.regular_exp","values":["^$|^([0-9]{3}-?[0-9]{2}-?[0-9]{4})$"]}]},{"name":"marital_status","datatype":"DT_STRING","tags":[{"name":"skyflow.validation.predefinedvalues","values":["UNSPECIFIED_MARITAL_STATUS","ANNULLED","DIVORCED","SEPARATED","MARRIED","UNMARRIED","WIDOWED"]},{"name":"skyflow.options.default_token_policy","values":["RANDOM_TOKEN"]},{"name":"skyflow.options.default_dlp_policy","values":["REDACT"]},{"name":"skyflow.options.operation","values":["EXACT_MATCH"]}]}],"childrenSchemas":[{"name":"name","description":"","fields":[{"name":"first_name","datatype":"DT_STRING","tags":[{"name":"skyflow.options.default_token_policy","values":["RANDOM_TOKEN"]},{"name":"skyflow.options.operation","values":["EXACT_MATCH"]}]},{"name":"last_name","datatype":"DT_STRING","tags":[]}]}]}]},"workspaceID":"z10198d5553411def9f2360c609gt3yx"}'
    RESPONSE
    {
    • ID:"f28e6956934711ebb5aa2624ddeb53e6"
    }

    Get Vault

    GET

    /v1/vaults/{ID}

    Gets a Vault by ID

    PATH PARAMETERS

    ID

    string

    *

    ID of the Vault

    QUERY PARAMETERS

    fetchMetadataOnly

    boolean

    Fetch Metadata Only. Flag specifying if the returned value should only contain a Vault's metadata.

    REQUEST
    curl --request GET \
      --url 'https://manage.skyflowapis.com/v1/vaults/{ID}?fetchMetadataOnly=SOME_BOOLEAN_VALUE' \
      --header 'Authorization: REPLACE_KEY_VALUE'
    RESPONSE
    {
    • message:"Cu$t0mer_Vault name passed must contain only alphanumeric characters.",
    • code:400,
    • type:"Validation",
    • detailed_message:"The Actual error (if any) that could have caused this issue."
    }

    Delete Vault

    DELETE

    /v1/vaults/{ID}

    Deletes a Vault by ID

    PATH PARAMETERS

    ID

    string

    *

    ID of the Vault

    REQUEST
    curl --request DELETE \
      --url https://manage.skyflowapis.com/v1/vaults/{ID} \
      --header 'Authorization: REPLACE_KEY_VALUE'
    RESPONSE
    {
    • ID:"string"
    }

    Update Vault

    PATCH

    /v1/vaults/{ID}

    Updates an existing Vault. After you create a custom vault or a vault from a predefined template, you can also update the vaults. We currently support the following updates.     1. Addition of new tables and fields     2. Deletion of fields when they are empty.         a. Note that deletion of child fields inside a composite field is not supported.     3. The following tags can be updated when the field is not empty         a. skyflow.options.default_dlp_policy         b. skyflow.options.default_token_policy         c. skyflow.options.display_name         d. skyflow.options.description

    PATH PARAMETERS

    ID

    string

    *

    ID of the Vault to be updated

    BODY PARAMETER

    ID

    string

    ID of the Vault to be updated

    name

    string

    Name of the Vault

    description

    string

    Description for the Vault

    templateID

    string

    The Template used to update the Vault. One of templateID/vaultSchema should be defined.

    vaultSchema

    object

    object {

    schemas

    array

    Parsed Schema generated out of the proto

    Array [

    ]

    tags

    array

    Vault level Tags that are present

    Array [ object {

    name

    string

    Name of the Tag

    values

    array

    The list of values for this tag

    Array [ string

    ]

    } ]

    }

    isDryRun

    boolean

    REQUEST
    curl --request PATCH \
      --url https://manage.skyflowapis.com/v1/vaults/{ID} \
      --header 'Authorization: REPLACE_KEY_VALUE' \
      --header 'content-type: application/json' \
      --data '{"vaultSchema":{"schemas":[{"name":"table 1","fields":[{"name":"skyflow_id","datatype":"DT_STRING"},{"name":"age","datatype":"DT_INT32"},{"name":"ssn","datatype":"DT_STRING","tags":[{"name":"skyflow.options.replace_pattern","values":["XXX${1}XX${2}${3}"]},{"name":"skyflow.options.format_preserving_regex","values":["^[0-9]{3}-[0-9]{2}-([0-9]{4})$"]},{"name":"skyflow.options.default_dlp_policy","values":["REDACTED"]},{"name":"skyflow.options.operation","values":["EXACT_MATCH"]},{"name":"skyflow.options.find_pattern","values":["^[0-9]{3}([- ])?[0-9]{2}([- ])?([0-9]{4})$"]},{"name":"skyflow.options.default_token_policy","values":["FORMAT_PRESERVING_TOKEN"]},{"name":"skyflow.validation.regular_exp","values":["^$|^([0-9]{3}-?[0-9]{2}-?[0-9]{4})$"]}]},{"name":"marital_status","datatype":"DT_STRING","tags":[{"name":"skyflow.validation.predefinedvalues","values":["UNSPECIFIED_MARITAL_STATUS","ANNULLED","DIVORCED","SEPARATED","MARRIED","UNMARRIED","WIDOWED"]},{"name":"skyflow.options.default_token_policy","values":["RANDOM_TOKEN"]},{"name":"skyflow.options.default_dlp_policy","values":["REDACT"]},{"name":"skyflow.options.operation","values":["EXACT_MATCH"]}]},{"name":"annual_income","datatype":"DT_FLOAT32"}],"childrenSchemas":[{"name":"name","description":"","fields":[{"name":"first_name","datatype":"DT_STRING","tags":[{"name":"skyflow.options.default_token_policy","values":["RANDOM_TOKEN"]},{"name":"skyflow.options.operation","values":["EXACT_MATCH"]}]},{"name":"last_name","datatype":"DT_STRING","tags":[]}]}]}]}}'
    RESPONSE
    {
    • ID:"f28e6956934711ebb5aa2624ddeb53e6"
    }

    Roles

    List Permissions of Member

    GET

    /v1/members/{member.ID}/permissions

    Lists permissions that have been assigned to a member.

    PATH PARAMETERS

    member.ID

    string

    *

    QUERY PARAMETERS

    member.type

    string

    *

    Default :

    NONE

    Enum :

    NONE

    USER

    GROUP

    SERVICE_ACCOUNT

    SQL_SERVICE_ACCOUNT

    Member Type. Type of the member. - NONE: NONE is undefined and should not be used. - USER: Indicates the Member is of type User. - GROUP: Indicates the Member is of type Group. - SERVICE_ACCOUNT: Indicates the Member is of type ServiceAccount. - SQL_SERVICE_ACCOUNT: Indicates the Member is of SqlServiceAccount.

    member.name

    string

    Member name. Name of the member.

    member.email

    string

    Member email. Email address of the member.

    member.status

    string

    Default :

    NONE

    Enum :

    NONE

    CREATED

    PENDING

    ACTIVE

    INACTIVE

    ARCHIVED

    DELETED

    Member status. Status of the member. - NONE: NONE is undefined and should not be used.

    REQUEST
    curl --request GET \
      --url 'https://manage.skyflowapis.com/v1/members/{member.ID}/permissions?member.type=SOME_STRING_VALUE&member.name=SOME_STRING_VALUE&member.email=SOME_STRING_VALUE&member.status=SOME_STRING_VALUE' \
      --header 'Authorization: REPLACE_KEY_VALUE'
    RESPONSE
    {
    • permissions:[
      • "string"
      ]
    }

    List Roles of Member

    GET

    /v1/members/{member.ID}/roles

    Lists role to resource pairs that have been assigned to a member.

    PATH PARAMETERS

    member.ID

    string

    *

    QUERY PARAMETERS

    member.type

    string

    *

    Default :

    NONE

    Enum :

    NONE

    USER

    GROUP

    SERVICE_ACCOUNT

    SQL_SERVICE_ACCOUNT

    Member Type. Type of the member. - NONE: NONE is undefined and should not be used. - USER: Indicates the Member is of type User. - GROUP: Indicates the Member is of type Group. - SERVICE_ACCOUNT: Indicates the Member is of type ServiceAccount. - SQL_SERVICE_ACCOUNT: Indicates the Member is of SqlServiceAccount.

    member.name

    string

    Member name. Name of the member.

    member.email

    string

    Member email. Email address of the member.

    member.status

    string

    Default :

    NONE

    Enum :

    NONE

    CREATED

    PENDING

    ACTIVE

    INACTIVE

    ARCHIVED

    DELETED

    Member status. Status of the member. - NONE: NONE is undefined and should not be used.

    offset

    string

    Default : 0

    Pagination offset. - indicates the record number to start retrieving data

    limit

    string

    Default : 25

    Pagination limit. - indicates the number of records to retrieve

    filterOps.name

    string

    Name filter.. Name of the Role to search for.

    filterOps.resource.ID

    string

    *

    Resource ID. Resource for which the policies are being defined.

    filterOps.resource.type

    string

    *

    Default :

    NONE

    Enum :

    NONE

    ORGANIZATION

    VAULT

    NOTEBOOK

    ACCOUNT

    SERVICE_ACCOUNT

    SQL_SERVICE_ACCOUNT

    WORKFLOW

    WORKFLOW_RUN

    VAULT_TEMPLATE

    WORKSPACE

    FIELD_TEMPLATE

    RECORD

    TOKEN

    VAULT_FUNCTION_CONFIG

    Resource Type. Type of the resource being defined. - NONE: is undefined and should not be used. - ORGANIZATION: Indicates the Resource Type to be Organization. - VAULT: Indicates the Resource Type to be Vault. - NOTEBOOK: Indicates the Resource Type to be Notebook. - ACCOUNT: Indicates the Resource Type to be Account. - SERVICE_ACCOUNT: Indicates the Resource Type to be Service Account. - SQL_SERVICE_ACCOUNT: Indicates the Resource Type to be SqlAccessAccount. - WORKFLOW: Indicates the Resource Type to be Workflow. - WORKFLOW_RUN: Indicates the Resource Type to be Workflow Runs. - VAULT_TEMPLATE: Indicates the Resource Type to be Vault Template. - WORKSPACE: Indicates the Resource Type to be Workspace - FIELD_TEMPLATE: Indicates the Resource Type to be Field Template. - RECORD: Indicates the Resource Type to be Record - TOKEN: Indicates the Resource Type to be Token - VAULT_FUNCTION_CONFIG: Indicates the Resource Type to be Vault Function Config.

    filterOps.resource.name

    string

    Resource Name. Name of the Resource.

    filterOps.resource.namespace

    string

    Resource Namespace. Namespace to uniquely identify the Resource. This will be generated by server and cannot be user generated.

    filterOps.resource.description

    string

    Resource Description. Description of the Resource.

    filterOps.resource.status

    string

    Default :

    NONE

    Enum :

    NONE

    CREATED

    PENDING

    ACTIVE

    INACTIVE

    ARCHIVED

    DELETED

    Resource Status. Status of the Resource. - NONE: NONE is undefined and should not be used.

    filterOps.roleType

    string

    Default :

    NONE

    Enum :

    NONE

    SYSTEM

    CUSTOM

    Role Type filter.. Role Type to filter on.

    REQUEST
    curl --request GET \
      --url 'https://manage.skyflowapis.com/v1/members/{member.ID}/roles?member.type=SOME_STRING_VALUE&member.name=SOME_STRING_VALUE&member.email=SOME_STRING_VALUE&member.status=SOME_STRING_VALUE&offset=SOME_STRING_VALUE&limit=SOME_STRING_VALUE&filterOps.name=SOME_STRING_VALUE&filterOps.resource.ID=SOME_STRING_VALUE&filterOps.resource.type=SOME_STRING_VALUE&filterOps.resource.name=SOME_STRING_VALUE&filterOps.resource.namespace=SOME_STRING_VALUE&filterOps.resource.description=SOME_STRING_VALUE&filterOps.resource.status=SOME_STRING_VALUE&filterOps.roleType=SOME_STRING_VALUE' \
      --header 'Authorization: REPLACE_KEY_VALUE'
    RESPONSE
    {
    • roleToResource:[
      • {
        • role:{
          • ID:"string",
          • namespace:"string",
          • definition:{
            • name:"string",
            • displayName:"string",
            • description:"string",
            • permissions:[
              • "string"
              ],
            • levels:[
              • "string"
              ],
            • type:"string",
            • hasWorkspaceLimits:"boolean"
            },
          • resource:{
            • ID:"g2400b4c4c9c11ea8baaacde48001122",
            • type:"VAULT"
            }
          },
        • resource:{
          • ID:"g2400b4c4c9c11ea8baaacde48001122",
          • type:"VAULT"
          }
        }
      ]
    }

    List Roles of Policy

    GET

    /v1/policies/{policyID}/roles

    Lists Roles that have been assigned to a Policy

    PATH PARAMETERS

    policyID

    string

    *

    QUERY PARAMETERS

    filterOps.name

    string

    Role Name..

    sortOps.sortBy

    string

    Fully qualified Object field by which to sort results. Field names should be passed in camel case (e.g. camelCase).

    sortOps.orderBy

    string

    Default :

    ASCENDING

    Enum :

    ASCENDING

    DESCENDING

    Either ascending or descending order specification.

    offset

    string

    Default : 0

    Pagination offset. - indicates the record number to start retrieving data

    limit

    string

    Default : 25

    Pagination limit. - indicates the number of records to retrieve

    REQUEST
    curl --request GET \
      --url 'https://manage.skyflowapis.com/v1/policies/{policyID}/roles?filterOps.name=SOME_STRING_VALUE&sortOps.sortBy=SOME_STRING_VALUE&sortOps.orderBy=SOME_STRING_VALUE&offset=SOME_STRING_VALUE&limit=SOME_STRING_VALUE' \
      --header 'Authorization: REPLACE_KEY_VALUE'
    RESPONSE
    {
    • result:{
      • role:{
        • ID:"string",
        • namespace:"string",
        • definition:{
          • name:"string",
          • displayName:"string",
          • description:"string",
          • permissions:[
            • "string"
            ],
          • levels:[
            • "string"
            ],
          • type:"string",
          • hasWorkspaceLimits:"boolean"
          },
        • resource:{
          • ID:"g2400b4c4c9c11ea8baaacde48001122",
          • type:"VAULT"
          }
        }
      },
    • error:{
      • grpc_code:"integer",
      • http_code:"integer",
      • message:"string",
      • http_status:"string",
      • details:[
        • {
          • type_url:"string",
          • value:"string"
          }
        ]
      }
    }

    List pre-defined role definitions

    GET

    /v1/roleDefinitions

    List the supported pre-defined role definitions.

    QUERY PARAMETERS

    resourceType

    string

    Default :

    NONE

    Enum :

    NONE

    ORGANIZATION

    VAULT

    NOTEBOOK

    ACCOUNT

    SERVICE_ACCOUNT

    SQL_SERVICE_ACCOUNT

    WORKFLOW

    WORKFLOW_RUN

    VAULT_TEMPLATE

    WORKSPACE

    FIELD_TEMPLATE

    RECORD

    TOKEN

    VAULT_FUNCTION_CONFIG

    Optional resource type to filter for.. - NONE: is undefined and should not be used. - ORGANIZATION: Indicates the Resource Type to be Organization. - VAULT: Indicates the Resource Type to be Vault. - NOTEBOOK: Indicates the Resource Type to be Notebook. - ACCOUNT: Indicates the Resource Type to be Account. - SERVICE_ACCOUNT: Indicates the Resource Type to be Service Account. - SQL_SERVICE_ACCOUNT: Indicates the Resource Type to be SqlAccessAccount. - WORKFLOW: Indicates the Resource Type to be Workflow. - WORKFLOW_RUN: Indicates the Resource Type to be Workflow Runs. - VAULT_TEMPLATE: Indicates the Resource Type to be Vault Template. - WORKSPACE: Indicates the Resource Type to be Workspace - FIELD_TEMPLATE: Indicates the Resource Type to be Field Template. - RECORD: Indicates the Resource Type to be Record - TOKEN: Indicates the Resource Type to be Token - VAULT_FUNCTION_CONFIG: Indicates the Resource Type to be Vault Function Config.

    REQUEST
    curl --request GET \
      --url 'https://manage.skyflowapis.com/v1/roleDefinitions?resourceType=SOME_STRING_VALUE' \
      --header 'Authorization: REPLACE_KEY_VALUE'
    RESPONSE
    {
    • roleDefinitions:[
      • {
        • name:"string",
        • displayName:"string",
        • description:"string",
        • permissions:[
          • "string"
          ],
        • levels:[
          • "string"
          ],
        • type:"string",
        • hasWorkspaceLimits:"boolean"
        }
      ]
    }

    List Roles

    GET

    /v1/roles

    List Roles on a Resource

    QUERY PARAMETERS

    resource.ID

    string

    *

    Resource ID. Resource for which the policies are being defined.

    resource.type

    string

    *

    Default :

    NONE

    Enum :

    NONE

    ORGANIZATION

    VAULT

    NOTEBOOK

    ACCOUNT

    SERVICE_ACCOUNT

    SQL_SERVICE_ACCOUNT

    WORKFLOW

    WORKFLOW_RUN

    VAULT_TEMPLATE

    WORKSPACE

    FIELD_TEMPLATE

    RECORD

    TOKEN

    VAULT_FUNCTION_CONFIG

    Resource Type. Type of the resource being defined. - NONE: is undefined and should not be used. - ORGANIZATION: Indicates the Resource Type to be Organization. - VAULT: Indicates the Resource Type to be Vault. - NOTEBOOK: Indicates the Resource Type to be Notebook. - ACCOUNT: Indicates the Resource Type to be Account. - SERVICE_ACCOUNT: Indicates the Resource Type to be Service Account. - SQL_SERVICE_ACCOUNT: Indicates the Resource Type to be SqlAccessAccount. - WORKFLOW: Indicates the Resource Type to be Workflow. - WORKFLOW_RUN: Indicates the Resource Type to be Workflow Runs. - VAULT_TEMPLATE: Indicates the Resource Type to be Vault Template. - WORKSPACE: Indicates the Resource Type to be Workspace - FIELD_TEMPLATE: Indicates the Resource Type to be Field Template. - RECORD: Indicates the Resource Type to be Record - TOKEN: Indicates the Resource Type to be Token - VAULT_FUNCTION_CONFIG: Indicates the Resource Type to be Vault Function Config.

    resource.name

    string

    Resource Name. Name of the Resource.

    resource.namespace

    string

    Resource Namespace. Namespace to uniquely identify the Resource. This will be generated by server and cannot be user generated.

    resource.description

    string

    Resource Description. Description of the Resource.

    resource.status

    string

    Default :

    NONE

    Enum :

    NONE

    CREATED

    PENDING

    ACTIVE

    INACTIVE

    ARCHIVED

    DELETED

    Resource Status. Status of the Resource. - NONE: NONE is undefined and should not be used.

    name

    string

    Optional role name to filter for..

    type

    string

    Default :

    NONE

    Enum :

    NONE

    SYSTEM

    CUSTOM

    Optional role type to filter for..

    sortOps.sortBy

    string

    Fully qualified Object field by which to sort results. Field names should be passed in camel case (e.g. camelCase).

    sortOps.orderBy

    string

    Default :

    ASCENDING

    Enum :

    ASCENDING

    DESCENDING

    Either ascending or descending order specification.

    REQUEST
    curl --request GET \
      --url 'https://manage.skyflowapis.com/v1/roles?resource.ID=SOME_STRING_VALUE&resource.type=SOME_STRING_VALUE&resource.name=SOME_STRING_VALUE&resource.namespace=SOME_STRING_VALUE&resource.description=SOME_STRING_VALUE&resource.status=SOME_STRING_VALUE&name=SOME_STRING_VALUE&type=SOME_STRING_VALUE&sortOps.sortBy=SOME_STRING_VALUE&sortOps.orderBy=SOME_STRING_VALUE' \
      --header 'Authorization: REPLACE_KEY_VALUE'
    RESPONSE
    {
    • roles:[
      • {
        • ID:"string",
        • namespace:"string",
        • definition:{
          • name:"string",
          • displayName:"string",
          • description:"string",
          • permissions:[
            • "string"
            ],
          • levels:[
            • "string"
            ],
          • type:"string",
          • hasWorkspaceLimits:"boolean"
          },
        • resource:{
          • ID:"g2400b4c4c9c11ea8baaacde48001122",
          • type:"VAULT"
          }
        }
      ]
    }

    Create Role

    POST

    /v1/roles

    Creates a Custom Role on a set of Resources

    BODY PARAMETER

    roleDefinition

    object

    object {

    name

    string

    Unique name of the role.

    displayName

    string

    Display name of the role.

    description

    string

    Description of the role.

    permissions

    array

    Array [ string

    ]

    levels

    array

    Levels in the resource hierarchy at which this role is applied.

    Array [ string

    ]

    type

    string

    hasWorkspaceLimits

    boolean

    Boolean indicating if Role has had workspace limits applied to it

    }

    resource

    object

    object {

    ID

    string

    Resource for which the policies are being defined.

    type

    string

    Default :

    NONE

    Enum :

    NONE

    ORGANIZATION

    VAULT

    NOTEBOOK

    ACCOUNT

    SERVICE_ACCOUNT

    SQL_SERVICE_ACCOUNT

    WORKFLOW

    WORKFLOW_RUN

    VAULT_TEMPLATE

    WORKSPACE

    FIELD_TEMPLATE

    RECORD

    TOKEN

    VAULT_FUNCTION_CONFIG

    - NONE: is undefined and should not be used. - ORGANIZATION: Indicates the Resource Type to be Organization. - VAULT: Indicates the Resource Type to be Vault. - NOTEBOOK: Indicates the Resource Type to be Notebook. - ACCOUNT: Indicates the Resource Type to be Account. - SERVICE_ACCOUNT: Indicates the Resource Type to be Service Account. - SQL_SERVICE_ACCOUNT: Indicates the Resource Type to be SqlAccessAccount. - WORKFLOW: Indicates the Resource Type to be Workflow. - WORKFLOW_RUN: Indicates the Resource Type to be Workflow Runs. - VAULT_TEMPLATE: Indicates the Resource Type to be Vault Template. - WORKSPACE: Indicates the Resource Type to be Workspace - FIELD_TEMPLATE: Indicates the Resource Type to be Field Template. - RECORD: Indicates the Resource Type to be Record - TOKEN: Indicates the Resource Type to be Token - VAULT_FUNCTION_CONFIG: Indicates the Resource Type to be Vault Function Config.

    name

    string

    Name of the Resource.

    namespace

    string

    Namespace to uniquely identify the Resource. This will be generated by server and cannot be user generated.

    description

    string

    Description of the Resource.

    status

    string

    Default :

    NONE

    Enum :

    NONE

    CREATED

    PENDING

    ACTIVE

    INACTIVE

    ARCHIVED

    DELETED

    - NONE: NONE is undefined and should not be used.

    }

    REQUEST
    curl --request POST \
      --url https://manage.skyflowapis.com/v1/roles \
      --header 'Authorization: REPLACE_KEY_VALUE' \
      --header 'content-type: application/json' \
      --data '{"roleDefinition":{"name":"string","displayName":"string","description":"string","permissions":["string"],"levels":["string"],"type":"NONE"},"resource":{"ID":"g2400b4c4c9c11ea8baaacde48001122","type":"VAULT"}}'
    RESPONSE
    {
    • ID:"string"
    }

    Assign Role

    POST

    /v1/roles/assign

    Assigns members a role on a resource.

    BODY PARAMETER

    ID

    string

    members

    array

    Array [ object {

    ID

    string

    type

    string

    Default :

    NONE

    Enum :

    NONE

    USER

    GROUP

    SERVICE_ACCOUNT

    SQL_SERVICE_ACCOUNT

    - NONE: NONE is undefined and should not be used. - USER: Indicates the Member is of type User. - GROUP: Indicates the Member is of type Group. - SERVICE_ACCOUNT: Indicates the Member is of type ServiceAccount. - SQL_SERVICE_ACCOUNT: Indicates the Member is of SqlServiceAccount.

    name

    string

    Name of the member.

    email

    string

    Email address of the member.

    status

    string

    Default :

    NONE

    Enum :

    NONE

    CREATED

    PENDING

    ACTIVE

    INACTIVE

    ARCHIVED

    DELETED

    - NONE: NONE is undefined and should not be used.

    } ]

    REQUEST
    curl --request POST \
      --url https://manage.skyflowapis.com/v1/roles/assign \
      --header 'Authorization: REPLACE_KEY_VALUE' \
      --header 'content-type: application/json' \
      --data '{"ID":"string","members":[{"ID":"mb057d4c570011ea89d9acde48001122","type":"USER"}]}'
    RESPONSE
    {
    • ID:"string"
    }

    Unassign Role

    POST

    /v1/roles/unassign

    Unassigns members from the role on a resource.

    BODY PARAMETER

    ID

    string

    members

    array

    Array [ object {

    ID

    string

    type

    string

    Default :

    NONE

    Enum :

    NONE

    USER

    GROUP

    SERVICE_ACCOUNT

    SQL_SERVICE_ACCOUNT

    - NONE: NONE is undefined and should not be used. - USER: Indicates the Member is of type User. - GROUP: Indicates the Member is of type Group. - SERVICE_ACCOUNT: Indicates the Member is of type ServiceAccount. - SQL_SERVICE_ACCOUNT: Indicates the Member is of SqlServiceAccount.

    name

    string

    Name of the member.

    email

    string

    Email address of the member.

    status

    string

    Default :

    NONE

    Enum :

    NONE

    CREATED

    PENDING

    ACTIVE

    INACTIVE

    ARCHIVED

    DELETED

    - NONE: NONE is undefined and should not be used.

    } ]

    REQUEST
    curl --request POST \
      --url https://manage.skyflowapis.com/v1/roles/unassign \
      --header 'Authorization: REPLACE_KEY_VALUE' \
      --header 'content-type: application/json' \
      --data '{"ID":"string","members":[{"ID":"mb057d4c570011ea89d9acde48001122","type":"USER"}]}'
    RESPONSE
    {
    • ID:"string"
    }

    Get Role

    GET

    /v1/roles/{ID}

    Gets a Role by ID

    PATH PARAMETERS

    ID

    string

    *

    REQUEST
    curl --request GET \
      --url https://manage.skyflowapis.com/v1/roles/{ID} \
      --header 'Authorization: REPLACE_KEY_VALUE'
    RESPONSE
    {
    • role:{
      • ID:"string",
      • namespace:"string",
      • definition:{
        • name:"string",
        • displayName:"string",
        • description:"string",
        • permissions:[
          • "string"
          ],
        • levels:[
          • "string"
          ],
        • type:"string",
        • hasWorkspaceLimits:"boolean"
        },
      • resource:{
        • ID:"g2400b4c4c9c11ea8baaacde48001122",
        • type:"VAULT"
        }
      }
    }

    Delete Role

    DELETE

    /v1/roles/{ID}

    Deletes a Role

    PATH PARAMETERS

    ID

    string

    *

    REQUEST
    curl --request DELETE \
      --url https://manage.skyflowapis.com/v1/roles/{ID} \
      --header 'Authorization: REPLACE_KEY_VALUE'
    RESPONSE
    {
    • ID:"string"
    }

    Update Role

    PATCH

    /v1/roles/{ID}

    Updates a Role

    PATH PARAMETERS

    ID

    string

    *

    BODY PARAMETER

    ID

    string

    roleDefinition

    object

    object {

    name

    string

    Unique name of the role.

    displayName

    string

    Display name of the role.

    description

    string

    Description of the role.

    permissions

    array

    Array [ string

    ]

    levels

    array

    Levels in the resource hierarchy at which this role is applied.

    Array [ string

    ]

    type

    string

    hasWorkspaceLimits

    boolean

    Boolean indicating if Role has had workspace limits applied to it

    }

    REQUEST
    curl --request PATCH \
      --url https://manage.skyflowapis.com/v1/roles/{ID} \
      --header 'Authorization: REPLACE_KEY_VALUE' \
      --header 'content-type: application/json' \
      --data '{"ID":"string","roleDefinition":{"name":"string","displayName":"string","description":"string","permissions":["string"],"levels":["string"],"type":"NONE"}}'
    RESPONSE
    {
    • ID:"string"
    }

    List Members by Role

    GET

    /v1/roles/{ID}/members

    Lists members that are assigned a provided role.

    PATH PARAMETERS

    ID

    string

    *

    QUERY PARAMETERS

    filterOps.email

    string

    Email filter.

    filterOps.type

    string

    Default :

    NONE

    Enum :

    NONE

    USER

    GROUP

    SERVICE_ACCOUNT

    SQL_SERVICE_ACCOUNT

    Member Type filter. - NONE: NONE is undefined and should not be used. - USER: Indicates the Member is of type User. - GROUP: Indicates the Member is of type Group. - SERVICE_ACCOUNT: Indicates the Member is of type ServiceAccount. - SQL_SERVICE_ACCOUNT: Indicates the Member is of SqlServiceAccount.

    filterOps.name

    string

    Name filter.

    filterOps.status

    string

    Default :

    NONE

    Enum :

    NONE

    CREATED

    PENDING

    ACTIVE

    INACTIVE

    ARCHIVED

    DELETED

    Status filter. - NONE: NONE is undefined and should not be used.

    sortOps.sortBy

    string

    Fully qualified Object field by which to sort results. Field names should be passed in camel case (e.g. camelCase).

    sortOps.orderBy

    string

    Default :

    ASCENDING

    Enum :

    ASCENDING

    DESCENDING

    Either ascending or descending order specification.

    offset

    string

    Default : 0

    Pagination offset. - indicates the record number to start retrieving data

    limit

    string

    Default : 25

    Pagination limit. - indicates the number of records to retrieve

    REQUEST
    curl --request GET \
      --url 'https://manage.skyflowapis.com/v1/roles/{ID}/members?filterOps.email=SOME_STRING_VALUE&filterOps.type=SOME_STRING_VALUE&filterOps.name=SOME_STRING_VALUE&filterOps.status=SOME_STRING_VALUE&sortOps.sortBy=SOME_STRING_VALUE&sortOps.orderBy=SOME_STRING_VALUE&offset=SOME_STRING_VALUE&limit=SOME_STRING_VALUE' \
      --header 'Authorization: REPLACE_KEY_VALUE'
    RESPONSE