Assigning ACL Permissions for Resources
Before you Begin
- The user must have admin privileges or specific ACL management permissions to modify the access control settings.
Request Structure
| Endpoint: | resource/certificate/group |
| Type: | POST |
| Action: | cert-acl-save-permissions |
| Sample URL: |
To understand the elements of the sample URL, click here. |
| Headers | |
| Content-Type: | application/json |
| Name | Description |
|---|---|
| sessionId
|
(Mandatory if username and password
are not provided) Session ID received after login Type: String Constraint: Required if username and password are not provided. |
| username
|
(Mandatory if sessionId is not provided)
AppViewX login username Type: String |
| password
|
(Mandatory if sessionId is not provided)
AppViewX login password. Type: String Constraint: Required if sessionId is not provided. |
| Content-Type
|
(Mandatory) Specifies the nature of the data in the
payload Type: String Constraint: Value of the parameter should be ‘application/json’ |
| resourceName
|
(Mandatory) Name of the resource for which the ACL
permissions are to be modified Type: String |
| gwsource
|
(Mandatory) Source from which the request is
triggered. (E.g. external) Type: String |
| Payload
|
Contains all the parameters to be included in the
request body for the POST request. Type: Payload |
Payload
| Name | Description |
|---|---|
| assignedObjects | (Optional) Array of user groups and the specific
access permissions granted to each Type: assignedObjects |
| unAssignedObjects | (Optional) Array of user groups and the specific
access permissions to be revoked from each Type: unAssignedObjects |
| Name | Description |
|---|---|
| accessMode | (Mandatory) Level of access to be granted to the
group Type: String Possible values: R (Read-only access), RW (Read-Write access) |
| groupName | (Mandatory) Name of the certificate group being
assigned the specified access permissions Type: String |
| Name | Description |
|---|---|
| accessMode | (Mandatory) Level of access to be revoked from the
group Type: String Possible values: R (Read-only access), RW (Read-Write access) |
| groupName | (Mandatory) Name of the certificate group from which
the specified access permissions have to be revoked Type: String |
Response Structure
Response returns string of type application/json with the following body parameters:
| Name | Description |
|---|---|
| response | Contains the response attributes Type: response |
| message | Success message or failure description in case of
error. Type: String |
| appStatusCode | Application specific status code for the response.
It is a non-null value for a failure response. Type: String |
| tags | Additional information in case of failure response. |
| Name | Description |
|---|---|
| httpStatusCode | HTTP status code indicating the outcome of the API request. |
| message | Success message or failure description in case of error. |
| data | Additional data related to the API response, if applicable |
| totalCount | Total number of certificate groups affected |
Status codes
| HTTP Code | appStatusCode | Response Message |
|---|---|---|
| 202 Accepted | null | Deletion action has been triggered successfully |
| 401 Unauthorized | AVX_GW_003 | Authentication failed, reason - Invalid Credentials.
Remediation: Ensure that valid username and password or a valid sessionId is provided as header parameters. |
| 404 Not Found | NO_RECORDS_FOUND | No matching records found. Remediation: Check and ensure that the values provided for commonName / serialNumber / resourceId are correct. |
| 400 Bad Request | INVALID_REQUEST | Please give valid common name and serial number or
resourceId. Remediation: Provide a valid commonName and serialNumber or resourceId. |
| 400 Bad Request | INVALID_REQUEST | Please provide a valid action. Remediation: Provide a valid action. |
| 400 Bad Request | MANDATORY_FIELD_MISSING | Mandatory field is missing or invalid -
action. Remediation: Ensure that the action field is available in the request payload. |
| 404 Not Found | CERT-GRP-0003 | Groups not found in inventory Remediation: Ensure that the group name provided in the request is correct. If the issue still persists, contact AppViewX support. |
| 400 Bad Request | VALIDATION_ERROR_0004 | Validation Failure: Field 'accessMode' does not have
the expected value Remediation: Ensure that accessMode has the correct access permission values. |
Sample Request/Response
{
"assignedObjects": [
{
"accessMode": "RW",
"groupName": "MasterGroup11"
},
{
"accessMode": "R",
"groupName": "MasterGroup5"
}
],
"unAssignedObjects": [
{
"accessMode": "R",
"groupName": "Testgroup"
}
]
}
{
"response": {
"httpStatusCode": 200,
"message": "Successfully assigned / unassigned certificate groups data for null",
"data": null,
"totalCount": 0
},
"message": null,
"appStatusCode": null,
"tags": {},
"headers": null
}
References
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port
A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: execute-hook
- gwsource: Source or origin of a gateway, for example: external.
