POST OAuth/UpdateRule

Updates an existing rule.

UpdateRule must express the complete configuration as desired. All fields in the structure will be stored when the request is received. If they are not set in the request, they will be defaulted.

A best practice is to get the current configuration using GetRules, modify that response as desired, and then pass the entire structure into the UpdateRule request.

Requirements

  • Roles: Admin or Application Owner. See OAuth roles for more information.
  • Token scope:  Admin

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Body parameters

Name

Description

Rule

object

(Required) The following are required to be passed in the Rule object:

  • ApplicationId (string): The ID of the rule to be updated.

  • TrusteePrefixedUniversal (string): The prefixed universal for the user this rule applies to.

  • AccessValidity (integer): The number of seconds a token for this rule should be valid for.

  • Description (string): A description for the rule.

  • GrantValidity (integer): The number of seconds a grant for this rule should be valid for.

  • MaximumScope (string): The maximum scope the application knows to use.

  • Name (string): The name of the application.

  • Renewable (boolean): true or false to set default behavior grant renewals.

Returns

Response description

Name

Description

HTTP 200

See OAuth result codes.

HTTP 400

For invalid requests, this call returns HTTP 400 Bad Request and the following data in the message body:

  • Error

    • invalid_request: The request is missing a required parameter or is otherwise malformed.

  • Error_description: If available, additional information about how to retry the request.

HTTP 401

For authentication errors, this call returns HTTP 401 Unauthorized and the following data in the message body:

  • Error

    • invalid_token: The access token is missing, or the provided token is expired, revoked, malformed, or invalid for other reasons.

    • insufficient_rights: The underlying user account does not have sufficient permissions for this request.

  • error_description: If available, additional information about how to retry the request.

HTTP 403

If the response is HTTP 403 Forbidden, the requester's token does not include the admin scope. Call POST Authorize/OAuth with the correct scope and restriction. Update the header with the new token and retry.

  • Error

    • insufficient_scope: The request requires a greater scope than provided by the access token.

  • error_description: If available, additional information about how to retry the request.

Examples

Request

POST /vedsdk/oauth/enumeraterules HTTP/1.1
Host: tpp-server-url
Content-Type: application/json
Accept: application/json
Authorization: Bearer 4MyGeneratedBearerTknz==
				
{
  "Rule": {
    "ApplicationId": "SSH Discovery",
    "TrusteePrefixedUniversal": "local:{5371f67c-c194-49e2-9c1a-e25c8b0e2e32}",
    "AccessValidity": 21557600,
    "Description": "Rule for User 3",
    "GrantValidity": 2776000,
    "MaximumScope": "ssh:discover",
    "Renewable": true
  }
}

Response

{
  "Result": 0,
  "Success": true
}