{"openapi":"3.0.2","info":{"title":"Security API","version":"2024.09.c"},"servers":[{"url":"https://{host}/platform/security/v1","variables":{"host":{"enum":["api-euw1.rms.com","api-use1.rms.com"],"default":"api-euw1.rms.com","description":"Data center that hosts the tenant instance: api-euw1.rms.com or api-use1.rms.com"}}}],"x-readme":{"explorer-enabled":false,"parameter-ordering":["header","path","query","body","form","cookie"],"samples-languages":["json","curl","python","java","csharp","node"],"proxy-enabled":true,"samples-enabled":true},"security":[{"rms_api_key":[]},{"rms_bearer_token":[]}],"paths":{"/groups":{"get":{"tags":["Groups"],"summary":"Search user groups","operationId":"getGroups","parameters":[{"$ref":"#/components/parameters/OffsetParam"},{"$ref":"#/components/parameters/LimitParam"},{"$ref":"#/components/parameters/SortParam"},{"$ref":"#/components/parameters/UserNameParam"},{"$ref":"#/components/parameters/GroupIncludeParam"},{"$ref":"#/components/parameters/GroupStatusParam"}],"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/FilteredGroups"}}}},"400":{"description":"Bad Request: Please validate the request against specifications","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ValidationErrorMessage"}}}},"401":{"description":"Unauthorized: API key or Bearer token is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"404":{"description":"Not Found: Resource not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"429":{"description":"Too many consecutive requests. Your request has been throttled.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"500":{"description":"Internal server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}}}},"post":{"tags":["Groups"],"summary":"Create user group","operationId":"createGroup","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/NewGroupRequest"}}}},"responses":{"201":{"description":"Created","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Group"}}},"headers":{"Location":{"description":"Location header returns user group ID.","schema":{"type":"string","format":"uri"}}}},"400":{"description":"Bad Request: Please validate the request against specifications","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ValidationErrorMessage"}}}},"401":{"description":"Unauthorized: API key or Bearer token is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"404":{"description":"Not Found: Resource not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"429":{"description":"Too many consecutive requests. Your request has been throttled.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"500":{"description":"Internal server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}}}}},"/groups/{groupId}":{"get":{"tags":["Groups"],"summary":"Get user group","operationId":"getGroup","description":"ID of user group.","parameters":[{"$ref":"#/components/parameters/GroupIdPathParam"}],"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Group"}}}},"401":{"description":"Unauthorized: API key or Bearer token is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"404":{"description":"Not Found: Resource not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"429":{"description":"Too many consecutive requests. Your request has been throttled.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"500":{"description":"Internal server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}}}},"delete":{"tags":["Groups"],"summary":"Delete user group","operationId":"deleteGroup","parameters":[{"name":"groupId","description":"ID of user group.","in":"path","required":true,"schema":{"type":"string","format":"uuid"}}],"responses":{"200":{"description":"Success"},"400":{"description":"Bad Request: Please validate the request against specifications","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ValidationErrorMessage"}}}},"401":{"description":"Unauthorized: API key or Bearer token is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"404":{"description":"Not Found: Resource not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"429":{"description":"Too many consecutive requests. Your request has been throttled.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"500":{"description":"Internal server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}}}},"patch":{"tags":["Groups"],"summary":"Update user group","operationId":"updateGroup","parameters":[{"name":"groupId","in":"path","description":"ID of user group.","required":true,"schema":{"type":"string","format":"uuid"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/PatchGroupOperation"}}}}},"responses":{"200":{"description":"OK. All went well.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Group"}}}},"400":{"description":"Bad Request: Please validate the request against specifications","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ValidationErrorMessage"}}}},"401":{"description":"Unauthorized: API key or Bearer token is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"404":{"description":"Not Found: Resource not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"429":{"description":"Too many consecutive requests. Your request has been throttled.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"500":{"description":"Internal server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}}}}},"/users":{"get":{"tags":["Users"],"summary":"Search users","operationId":"searchUsers","parameters":[{"$ref":"#/components/parameters/OffsetParam"},{"$ref":"#/components/parameters/LimitParam"},{"$ref":"#/components/parameters/SortParam"},{"$ref":"#/components/parameters/UserIncludeParam"},{"$ref":"#/components/parameters/UserStatusParam"},{"$ref":"#/components/parameters/GroupIdQueryParam"},{"$ref":"#/components/parameters/UserTypeParam"}],"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/FilteredUsers"}}}},"400":{"description":"Bad Request: Please validate the request against specifications","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ValidationErrorMessage"}}}},"401":{"description":"Unauthorized: API key or Bearer token is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"404":{"description":"Not Found: Resource not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"429":{"description":"Too many consecutive requests. Your request has been throttled.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"500":{"description":"Internal server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}}}},"post":{"tags":["Users"],"summary":"Create user","operationId":"createUser","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/NewUser"}}}},"responses":{"201":{"description":"Created","headers":{"Location":{"description":"Resource Location","style":"simple","schema":{"type":"string","format":"uri"}}}},"400":{"description":"Bad Request: Please validate the request against specifications","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ValidationErrorMessage"}}}},"401":{"description":"Unauthorized: API key or Bearer token is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"403":{"description":"Forbidden: Access to this resource is denied or not authorized","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"429":{"description":"Too many consecutive requests. Your request has been throttled.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"500":{"description":"Internal server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}}}}},"/roles":{"get":{"tags":["Roles"],"summary":"Search user roles","operationId":"searchRoles","parameters":[{"$ref":"#/components/parameters/OffsetParam"},{"$ref":"#/components/parameters/LimitParam"},{"$ref":"#/components/parameters/SortParam"},{"$ref":"#/components/parameters/RoleIncludeParam"},{"$ref":"#/components/parameters/RoleNameQueryParam"}],"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/FilteredRoles"}}}},"400":{"description":"Bad Request: Please validate the request against specifications","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ValidationErrorMessage"}}}},"401":{"description":"Unauthorized: API key or Bearer token is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"403":{"description":"Forbidden: Access to this resource is denied or not authorized","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"404":{"description":"Not Found: Resource not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"500":{"description":"Internal server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}}}}},"/users/{userName}":{"get":{"tags":["Users"],"summary":"Get user","operationId":"getUser","parameters":[{"in":"path","name":"userName","description":"Login of <<glossary:principal>> e.g. `user.name@company.com` or `SSO_user.name@company` for <<glossary:federated tenant>>s. Login strings are lowercase. See [Logins](principals).","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/User"}}}},"401":{"description":"Unauthorized: API key or Bearer token is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"404":{"description":"Not Found: Resource not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"429":{"description":"Too many consecutive requests. Your request has been throttled.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"500":{"description":"Internal server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}}}},"delete":{"tags":["Users"],"summary":"Delete user","operationId":"deleteUser","parameters":[{"in":"path","name":"userName","description":"Login of <<glossary:principal>> e.g. `user.name@company.com` or `SSO_user.name@company` for <<glossary:federated tenant>>s. Login strings are lowercase. See [Logins](principals).","example":"user.name@company.com","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Success"},"400":{"description":"Bad Request: Please validate the request against specifications","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ValidationErrorMessage"}}}},"401":{"description":"Unauthorized: API key or Bearer token is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"403":{"description":"Forbidden: Access to this resource is denied or not authorized","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"429":{"description":"Too many consecutive requests. Your request has been throttled.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"500":{"description":"Internal server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}}}},"put":{"tags":["Users"],"summary":"Update user","operationId":"updateUser","parameters":[{"in":"path","name":"userName","description":"Login of <<glossary:principal>> e.g. `user.name@company.com` or `SSO_user.name@company` for <<glossary:federated tenant>>s. Login strings are lowercase. See [Logins](principals).","example":"user.name@company.com","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/UpdateUser"}}}},"responses":{"204":{"description":"Success"},"400":{"description":"Bad Request: Please validate the request against specifications","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ValidationErrorMessage"}}}},"401":{"description":"Unauthorized: API key or Bearer token is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"403":{"description":"Forbidden: Access to this resource is denied or not authorized","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"404":{"description":"Not Found: Resource not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"429":{"description":"Too many consecutive requests. Your request has been throttled.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"500":{"description":"Internal server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}}}}},"/roles/{roleId}":{"get":{"tags":["Roles"],"summary":"Get user role","operationId":"getRole","parameters":[{"in":"path","name":"roleId","description":"ID of role.","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Role"}}}},"401":{"description":"Unauthorized: API key or Bearer token is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"403":{"description":"Forbidden: Access to this resource is denied or not authorized","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"404":{"description":"Not Found: Resource not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}},"500":{"description":"Internal server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorMessage"}}}}}}}},"components":{"parameters":{"RoleNameQueryParam":{"in":"query","name":"roleName","description":"Name of role.","required":false,"schema":{"type":"string"}},"ApplicationPathParam":{"name":"applicationName","in":"path","required":true,"schema":{"type":"string"}},"ActionPathParam":{"name":"actionName","in":"path","description":"Name of permission assigned to user role.","required":true,"schema":{"type":"string"}},"RoleIncludeParam":{"in":"query","name":"include","required":false,"description":"List of subnode. User can supply the sub node names (multivalued) to be included in the response. By default, subnode details are not returned.","schema":{"type":"array","description":"List of case insensitive ENUM values.","items":{"type":"string","enum":["roleDetails","actions"]}}},"ApplicationIncludeParam":{"in":"query","name":"include","required":false,"description":"User can supply the sub node names (multivalued) to be included in the response, by default no sub nodes are returned","schema":{"type":"array","description":"List of case insensitive ENUM values.","items":{"type":"string","enum":["actions"]}}},"ActionIncludeParam":{"in":"query","name":"include","required":false,"description":"User can supply the sub node names (multivalued) to be included in the response, by default no sub nodes are returned","schema":{"type":"array","description":"List of case insensitive ENUM values.","items":{"type":"string","enum":["actionDetails"]}}},"ApplicationQueryParam":{"in":"query","schema":{"type":"string"},"name":"applicationName","required":false},"ActionNameParam":{"in":"query","name":"actionname","required":false,"schema":{"type":"string","items":{"type":"string"}}},"ResourceQueryParam":{"in":"query","schema":{"type":"string"},"name":"resourceName","required":false},"GroupIdQueryParam":{"in":"query","schema":{"type":"string"},"name":"groupId","description":"ID of user group.","required":false},"GroupIdPathParam":{"in":"path","schema":{"type":"string"},"name":"groupId","description":"ID of user group.","required":true},"GroupStatusParam":{"name":"groupStatus","in":"query","description":"Status of user group. One of `enabled`, `disabled`.","schema":{"type":"string","enum":["enabled","disabled"],"default":"enabled"},"required":false},"UserStatusParam":{"in":"query","name":"userStatus","description":"Status of user.","schema":{"type":"string","enum":["CONFIRMED","Disabled","Enabled","FORCE_CHANGE_PASSWORD"]},"required":false},"AuthParam":{"in":"header","name":"Authentication","schema":{"type":"string"},"required":true},"OffsetParam":{"in":"query","name":"offset","schema":{"type":"integer","default":0},"description":"Number of page displaying the returned records, starting _0_"},"LimitParam":{"in":"query","name":"limit","schema":{"type":"integer","default":100},"description":"Number of records returned per page. See [Response Pagination](doc:response-pagination)."},"QueryParam":{"name":"q","in":"query","description":"Filters applied to the query results.","schema":{"type":"string"}},"SortParam":{"in":"query","name":"sort","description":"Comma-delimited list of properties. Sort order defined by one of `ASC` (ascending) or `DESC` (descending).","schema":{"type":"string"}},"UserNameParam":{"in":"query","name":"username","description":"Login of <<glossary:principal>> e.g. `user.name@company.com` or `SSO_user.name@company.com` for <<glossary:federated tenant>>s.","required":false,"schema":{"type":"string","items":{"type":"string"}}},"UserTypeParam":{"in":"query","name":"type","description":"Type of the user. One of  `Api` or `EndUser`","required":false,"schema":{"type":"string","enum":["Api","EndUser"]}},"GroupParam":{"in":"query","name":"groupId","description":"ID of <<glossary:user group>>.","required":false,"schema":{"type":"string","items":{"type":"string"}}},"GroupIncludeParam":{"in":"query","name":"include","required":false,"description":"List of subnodes to return. One or more of `groupDetails`, `roles`, `usernames`. By default, no subnodes are returned","schema":{"type":"array","description":"List of case insensitive ENUM values.","items":{"type":"string","enum":["groupDetails","usernames","roles"]}},"explode":false},"UserIncludeParam":{"in":"query","name":"include","required":false,"description":"List of subnodes to include in response. One or more of `groups` or `userDetails`.\n\n- If `groups`, response returns list of <<glossary:user group>>s assigned to <<glossary:principal>>.\n- If `userDetails`, response returns `userDetails` object that includes `email`, `groupCount`, `userCreated`, `userLastModified`, `givenName` and `familyName` properties.","schema":{"type":"array","description":"List of case insensitive ENUM values.","items":{"type":"string","enum":["userDetails","groups"]}},"explode":false}},"schemas":{"PatchGroupOperation":{"required":["operation","targetProperty","value"],"type":"object","properties":{"targetProperty":{"description":"Property to update.","enum":["groupName","status","usernames","roleIds"],"type":"string"},"operation":{"description":"Update to perform.","enum":["Add","Remove","Update"],"type":"string"},"value":{"description":"Value to specify.","type":"string"}},"additionalProperties":false},"NewGroupRequest":{"required":["groupName"],"type":"object","properties":{"groupName":{"pattern":"^([a-zA-Z]{1}[a-zA-Z0-9-'._ ]{0,253}[a-zA-Z0-9]{1})$","type":"string","description":"Name of user group."},"usernames":{"type":"array","description":"List of logins that identify <<principal>>s, e.g. `user.name@company.com` or `SSO_user.name@company.com` for <<glossary:federated tenant>>s. Client applications are identifed by the name of API key.","items":{"type":"string"},"nullable":true},"roleIds":{"type":"array","description":"List of role IDs.\n\nA role is a predefined collection of permissions that may be granted to a user group. Role-based permissions determine who may view, update, create, upload, or download protected resources.","items":{"type":"string"},"nullable":true}},"additionalProperties":false},"ErrorMessage":{"type":"object","properties":{"message":{"type":"string"}}},"ValidationErrorMessage":{"allOf":[{"$ref":"#/components/schemas/ErrorMessage"},{"type":"object","properties":{"validationErrors":{"type":"array","items":{"$ref":"#/components/schemas/ValidationError"}}}}]},"ValidationError":{"type":"object","properties":{"field":{"type":"string"},"message":{"type":"string"}}},"LoginRequest":{"properties":{"tenantName":{"type":"string"},"username":{"type":"string","description":"Name of user."},"password":{"type":"string"}}},"LoginResponse":{"properties":{"username":{"type":"string","description":"Name of user."},"idToken":{"type":"string"},"refreshToken":{"type":"string"},"accessToken":{"type":"string"},"tokenType":{"type":"string"},"expiresIn":{"type":"integer"}}},"FilteredResult":{"properties":{"searchTotalMatch":{"type":"integer","description":"Number of records matching filter query.","format":"int64"}}},"FilteredUsers":{"allOf":[{"$ref":"#/components/schemas/FilteredResult"},{"type":"object","properties":{"searchItems":{"type":"array","description":"List of users matching query filter.","items":{"$ref":"#/components/schemas/User"}}}}]},"FilteredGroups":{"allOf":[{"$ref":"#/components/schemas/FilteredResult"},{"type":"object","properties":{"searchItems":{"type":"array","description":"List of user groups matching query filter.","items":{"$ref":"#/components/schemas/Group"}}}}]},"FilteredRoles":{"allOf":[{"$ref":"#/components/schemas/FilteredResult"},{"type":"object","properties":{"searchItems":{"type":"array","description":"List of user roles matching query filter.","items":{"$ref":"#/components/schemas/Role"}}}}]},"FilteredApplications":{"allOf":[{"$ref":"#/components/schemas/FilteredResult"},{"type":"object","properties":{"searchItems":{"type":"array","description":"List of applications matching query filter.","items":{"$ref":"#/components/schemas/Application"}}}}]},"FilteredActions":{"allOf":[{"$ref":"#/components/schemas/FilteredResult"},{"type":"object","properties":{"searchItems":{"type":"array","description":"List of actions matching filter query.","items":{"$ref":"#/components/schemas/Action"}}}}]},"UpdateUser":{"properties":{"givenName":{"type":"string","description":"First name of user."},"familyName":{"type":"string","description":"Last name of user."}}},"NewUser":{"allOf":[{"$ref":"#/components/schemas/UpdateUser"},{"type":"object","properties":{"userName":{"type":"string","description":"Login of <<glossary:principal>> e.g. `user.name@company.com` or `SSO_user.name@company` for <<glossary:federated tenant>>s. Login strings are lowercase. See [Logins](principals).","example":"user.name@company.com"},"groupIds":{"type":"array","description":"List of user groups.","items":{"type":"string","format":"uuid"},"nullable":true}}}]},"User":{"allOf":[{"$ref":"#/components/schemas/UserSummary"},{"type":"object","properties":{"userDetails":{"description":"Detailed information about user. Returned only if `userDetails` property is specified in `include` query parameter.","$ref":"#/components/schemas/UserDetails"}}},{"type":"object","properties":{"groups":{"type":"array","description":"List of <<glossary:user group>>s assigned to user. Returned only if `groups` property is specified in `include` query parameter.","items":{"$ref":"#/components/schemas/GroupSummary"}}}}]},"UserDetails":{"type":"object","properties":{"userCreated":{"description":"Date user was created in [ISO 8601](https://en.wikipedia.org/wiki/ISO_8601) format.","type":"string","example":"2022-03-23T15:33:35.1559998Z"},"userLastModified":{"description":"Date user was last modified in [ISO 8601](https://en.wikipedia.org/wiki/ISO_8601) format.","type":"string","example":"2022-03-23T15:33:35.1559998Z"},"familyName":{"type":"string","description":"Last name of user.","example":"Sobchak"},"givenName":{"type":"string","description":"First name of user.","example":"Walter"},"email":{"type":"string","description":"Email address of user, e.g. `user.name@company.com`.","example":"user.name@company.com"},"groupCount":{"type":"string","description":"Number of <<glossary:user groups>> assigned to user.","example":3},"authTime":{"type":"string","format":"date-time","nullable":true}}},"Group":{"allOf":[{"$ref":"#/components/schemas/GroupSummary"},{"type":"object","properties":{"groupDetails":{"description":"Information about group.","$ref":"#/components/schemas/GroupDetails"}}},{"type":"object","properties":{"users":{"type":"array","description":"List of users.","items":{"$ref":"#/components/schemas/UserSummary"}}}},{"type":"object","properties":{"roles":{"type":"array","description":"List of user roles.","items":{"$ref":"#/components/schemas/RoleSummary"}}}}]},"Usernames":{"type":"array","description":"List of users are members of user group.","items":{"type":"string"}},"GroupSummary":{"type":"object","properties":{"groupName":{"type":"string","description":"Name of user group.","example":"Admin"},"groupId":{"type":"string","description":"ID of user group.","example":"ad422c53-d970-4e90-b50e-c14aa18bb2bd","readOnly":true},"status":{"type":"string","description":"Status of user group.","example":"enabled","enum":["enabled","disabled"]}}},"GroupDetails":{"type":"object","properties":{"createdTime":{"description":"Date user group was created in [8601](https://en.wikipedia.org/wiki/ISO_8601) format, i.e. `YYYY-MM-DDThh:mm:ss.sss`.","type":"string","example":"2021-02-11T14:02:39.6848172+00:00"},"updatedTime":{"description":"Date user group was last updated in [8601](https://en.wikipedia.org/wiki/ISO_8601) format, i.e. `YYYY-MM-DDThh:mm:ss.sss`.","example":"2026-03-30T22:28:28.8032837+00:00","type":"string"},"userCount":{"type":"integer","description":"Number of <<principal>>s (end users and API keys) assigned to user group.","example":6},"roleCount":{"type":"integer","description":"Number of roles assigned to user group.","example":"5<<principal>>s"}}},"UserSummary":{"type":"object","properties":{"username":{"type":"string","description":"Name of user.","example":"user.name@company.com","readOnly":true},"status":{"type":"string","description":"Status of <<glossary:principal>>. Values depend on `type`:\n\n  - If `apiKey`, one of `enabled` or `disabled`.\n  - If `user`, one of `CONFIRMED` or `FORCE_CHANGE_PASSWORD`.","example":"CONFIRMED"},"type":{"type":"string","description":"Type of user.","enum":["User","Apikey"],"readOnly":true}}},"RoleSummary":{"type":"object","properties":{"roleName":{"type":"string","description":"Name of role.","example":"Cat Modeler"},"roleId":{"type":"string","description":"ID of role.","example":"Cat Modeler"},"tenantId":{"type":"string","description":"Name of <<glossary:tenant>>.","nullable":true}}},"NewGroup":{"required":["groupName"],"properties":{"groupName":{"type":"string","nullable":false},"usernames":{"description":"List of users that are members of user group.","$ref":"#/components/schemas/Usernames"},"roleIds":{"description":"List of user roles that assigned to user group.","$ref":"#/components/schemas/RoleIds"}}},"RoleIds":{"type":"array","items":{"type":"string"}},"PatchGroupOperationSingleValue":{"properties":{"operation":{"$ref":"#/components/schemas/PatchOperation"},"targetProperty":{"description":"User group property to update.","type":"string","enum":["groupName","status"]},"value":{"$ref":"#/components/schemas/PatchSingleValue"}}},"PatchGroupOperationMultiValue":{"properties":{"operation":{"$ref":"#/components/schemas/PatchOperation"},"targetProperty":{"description":"User group property to update.","type":"string","enum":["usernames","roleIds"]},"value":{"$ref":"#/components/schemas/PatchMultiValues"}}},"PatchGroupTargetProperty":{"description":"User group property to update.","type":"string","enum":["groupName","usernames","roleId"]},"PatchOperation":{"type":"string","enum":["add","remove","update"]},"PatchSingleValue":{"type":"string"},"PatchMultiValues":{"type":"array","items":{"type":"string"}},"Role":{"allOf":[{"$ref":"#/components/schemas/RoleSummary"},{"type":"object","properties":{"roleDetails":{"description":"Detailed information about user role.","$ref":"#/components/schemas/RoleDetails"}}},{"type":"object","properties":{"actions":{"type":"array","items":{"type":"object","properties":{"actionName":{"type":"string","description":"Name of permission assigned to user role."},"scopeName":{"type":"string","description":"Scope of action."},"entitlements":{"type":"array","description":"List of <glossary:entitlement>>s assigned to user role.","items":{"type":"string"}}}}}}}]},"RoleDetails":{"type":"object","properties":{"summary":{"type":"string","description":"Summary of user role.","nullable":true},"createdBy":{"type":"string","format":"email","description":"Login of <<glossary:principal>> that created user role,  e.g. `user.name@company.com` or `SSO_user.name@company` for <<glossary:federated tenant>>s. Login strings are lowercase. See [Logins](principals).","example":"user.name@company.com","nullable":true},"createdTime":{"type":"string","description":"Date user group was created in [8601](https://en.wikipedia.org/wiki/ISO_8601) format, i.e. `YYYY-MM-DDThh:mm:ss.sss`.","format":"date-time","nullable":true},"description":{"type":"string","description":"Description of user role.","nullable":true}}},"PatchRoleOperationSingleValue":{"properties":{"operation":{"$ref":"#/components/schemas/PatchOperation"},"targetProperty":{"description":"the role property to update.","type":"string","enum":["description"]},"value":{"$ref":"#/components/schemas/PatchSingleValue"}}},"PatchRoleOperationMultiValue":{"properties":{"operation":{"$ref":"#/components/schemas/PatchOperation"},"targetProperty":{"description":"the role property to update.","type":"string","enum":["actions"]},"value":{"$ref":"#/components/schemas/PatchMultiValues"}}},"ErrorDetails":{"type":"object","properties":{"type":{"type":"string","nullable":true},"title":{"type":"string","nullable":true},"status":{"type":"integer","format":"int32","nullable":true},"detail":{"type":"string","nullable":true},"instance":{"type":"string","nullable":true}},"additionalProperties":{}},"Application":{"type":"object","properties":{"applicationName":{"type":"string","nullable":true},"applicationDisplayName":{"type":"string","nullable":true},"actions":{"type":"array","description":"List of permissions assigned to user role.","items":{"allOf":[{"$ref":"#/components/schemas/ActionSummary"},{"type":"object","properties":{"resourceName":{"type":"string"}}}]}}}},"ActionSummary":{"type":"object","properties":{"actionName":{"type":"string","description":"Name of <<glossary:permission>>.","nullable":true},"accessLevel":{"$ref":"#/components/schemas/AccessLevel"},"summary":{"type":"string","nullable":true}},"additionalProperties":false},"Action":{"allOf":[{"$ref":"#/components/schemas/ActionSummary"},{"type":"object","properties":{"actionDetails":{"type":"object","properties":{"applicationName":{"type":"string"},"resourceName":{"type":"string"}}}}}]},"ApplicationSummary":{"type":"object","properties":{"applicationName":{"type":"string","nullable":true},"actionNames":{"type":"array","items":{"type":"string"},"nullable":true}},"additionalProperties":false},"NewRole":{"required":["roleName"],"type":"object","properties":{"roleName":{"pattern":"^([a-zA-Z]{1}[a-zA-Z0-9-'._ ]{0,253}[a-zA-Z0-9]{1})$","type":"string","description":"Name of role."},"applications":{"type":"array","items":{"$ref":"#/components/schemas/ApplicationSummary"},"nullable":true}},"additionalProperties":false},"AccessLevel":{"enum":["Read","Write"],"type":"string"}},"securitySchemes":{"rms_bearer_token":{"type":"http","description":"RMS tenant specific bearer token to make authorized requests with temporary life span","scheme":"bearer","bearerFormat":"JWT"},"rms_api_key":{"type":"apiKey","name":"Authorization","description":"RMS tenant specific api key to make authorized requests","in":"header"}}}}