xsd.authz-rest-api.xsd Maven / Gradle / Ivy
Same function as in SCIM
schema:
An identifier for the Resource as defined by the Service
Consumer. The externalId may simplify identification of the
Resource between Service Consumer and Service
provider by allowing
the Consumer
to refer to the Resource with its own identifier,
obviating the need to store a local mapping between the local
identifier of the Resource and the identifier
used by the Service
Provider. Each
Resource MAY include a non-empty
externalId value. The
value of the externalId attribute is always issued be the
Service
Consumer and can never be specified by
the Service Provider. The
Service
Provider MUST always interpret the externalId as scoped to
the Service Consumer's tenant.
Information about resource managed with this API
Set of resources managed with this API
Link to resource
Data Model for RESTful API
of Authorization
Service
Content of domain resource managed with this API
Writable (and readable) properties of the domain's
policy service: PRP, PDP, etc.
Extra implementation-specific feature ID
Reference expression (with version pattern(s)) to a policy
to be enforced by the PDP as root policy. This policy and any
other policy referenced (directly or indirectly) from it via XACML
PolicySetIdReference must correspond to a resource under URL path
'/policies'.
Writable/updatable PDP properties
Policies actually applicable/in force by a PDP
Fixed reference (PolicySetId and constant Version) to the policy
actually enforced by the PDP as root policy, after resolving the rootPolicyRef pattern defined as part of the 'pdpRWPropertyElements' group.
Policy referenced (directly or indirectly) from
the root policy - identified above by 'rootPolicyRef' element - via XACML PolicySetIdReference. In this context,
the Version must be
statically defined, i.e. the actual resolved
version identifier (used by the PDP) must be
specified, no version
pattern may be used.
All (writable and read-only) PDP properties
In this context, the rootPolicyRef must be
statically defined, i.e. the actual resolved version identifier
(used by the PDP) must be
specified, no Version pattern may be
used.
Policies applicable by the PDP
Date/time of last modification of the PDP, due to
change of policies, attribute providers, etc.
All (writable and read-only) PRP (Policy
Repository) properties
Maximum number of policies. No limit if this
element is missing.
Maximum number of versions per policy. No limit
if this element is missing.
True iff versions are automatically removed to
keep the number of versions under 'maxVersionCountPerPolicy',
especially when this max is already reached. The strategy for
removing versions is implementation-specific; e.g. implementations
may remove the oldest versions first.
Implementations must make
sure it does not
break the 'rootPolicyRef' defined previously or
any Policy
reference from it (direct or indirect).
Version ID is either a XACML version string or
"latest". The latter is a special keyword meaning the latest
version.