NAV
HTTP Shell C++ Java Kotlin C# Go JavaScript Node.js Python Ruby

SGNL Public API v2.0.0

Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.

SGNL Public API

Base URLs:

Product Documentation
Email: API Support
Web: API Support
License: Apache 2.0
Terms of service

Introduction

The SGNL API is based on REST. It accepts JSON-encoded requests, returns JSON-encoded responses and uses standard HTTP verbs, authentication and response codes. The access API endpoint is used by integrations to make access requests and uses Bearer Authentication for access control and authentication. The authentication token is generated during integration configuration. Use -H "Authorization: Bearer <authentication_token>" in your requests. All API requests must be made over HTTPS.

Access Evaluation

accessEvaluation

Code samples

POST /access/v2/evaluations HTTP/1.1
Content-Type: application/json
Accept: application/json
X-Request-Id: bfe9eb29-ab87-4ca3-be83-a1d5d8305716
Accept-Language: en, en-US;q=0.8, es;q=0.7
Authorization: Bearer {access-token}
Host: access.sgnlapis.cloud
Content-Length: 179

{"principal":{"id":"john.doe@sgnl.ai","ipAddress":"172.217.22.14","deviceId":"48:65:ee:17:7e:0b"},"queries":[{"action":"delete","assetId":"3cdd2459-d9d3-4df4-abbd-8cee6fecea2d"}]}
curl --request POST \
  --url https://access.sgnlapis.cloud/access/v2/evaluations \
  --header 'Accept: application/json' \
  --header 'Accept-Language: en, en-US;q=0.8, es;q=0.7' \
  --header 'Authorization: Bearer {access-token}' \
  --header 'Content-Type: application/json' \
  --header 'X-Request-Id: bfe9eb29-ab87-4ca3-be83-a1d5d8305716' \
  --data '{"principal":{"id":"john.doe@sgnl.ai","ipAddress":"172.217.22.14","deviceId":"48:65:ee:17:7e:0b"},"queries":[{"action":"delete","assetId":"3cdd2459-d9d3-4df4-abbd-8cee6fecea2d"}]}'
CURL *hnd = curl_easy_init();

curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://access.sgnlapis.cloud/access/v2/evaluations");

struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Content-Type: application/json");
headers = curl_slist_append(headers, "Accept: application/json");
headers = curl_slist_append(headers, "X-Request-Id: bfe9eb29-ab87-4ca3-be83-a1d5d8305716");
headers = curl_slist_append(headers, "Accept-Language: en, en-US;q=0.8, es;q=0.7");
headers = curl_slist_append(headers, "Authorization: Bearer {access-token}");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);

curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\",\"assetId\":\"3cdd2459-d9d3-4df4-abbd-8cee6fecea2d\"}]}");

CURLcode ret = curl_easy_perform(hnd);
HttpResponse<String> response = Unirest.post("https://access.sgnlapis.cloud/access/v2/evaluations")
  .header("Content-Type", "application/json")
  .header("Accept", "application/json")
  .header("X-Request-Id", "bfe9eb29-ab87-4ca3-be83-a1d5d8305716")
  .header("Accept-Language", "en, en-US;q=0.8, es;q=0.7")
  .header("Authorization", "Bearer {access-token}")
  .body("{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\",\"assetId\":\"3cdd2459-d9d3-4df4-abbd-8cee6fecea2d\"}]}")
  .asString();
val client = OkHttpClient()

val mediaType = MediaType.parse("application/json")
val body = RequestBody.create(mediaType, "{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\",\"assetId\":\"3cdd2459-d9d3-4df4-abbd-8cee6fecea2d\"}]}")
val request = Request.Builder()
  .url("https://access.sgnlapis.cloud/access/v2/evaluations")
  .post(body)
  .addHeader("Content-Type", "application/json")
  .addHeader("Accept", "application/json")
  .addHeader("X-Request-Id", "bfe9eb29-ab87-4ca3-be83-a1d5d8305716")
  .addHeader("Accept-Language", "en, en-US;q=0.8, es;q=0.7")
  .addHeader("Authorization", "Bearer {access-token}")
  .build()

val response = client.newCall(request).execute()
var client = new RestClient("https://access.sgnlapis.cloud/access/v2/evaluations");
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Accept", "application/json");
request.AddHeader("X-Request-Id", "bfe9eb29-ab87-4ca3-be83-a1d5d8305716");
request.AddHeader("Accept-Language", "en, en-US;q=0.8, es;q=0.7");
request.AddHeader("Authorization", "Bearer {access-token}");
request.AddParameter("application/json", "{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\",\"assetId\":\"3cdd2459-d9d3-4df4-abbd-8cee6fecea2d\"}]}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
package main

import (
    "fmt"
    "strings"
    "net/http"
    "io/ioutil"
)

func main() {

    url := "https://access.sgnlapis.cloud/access/v2/evaluations"

    payload := strings.NewReader("{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\",\"assetId\":\"3cdd2459-d9d3-4df4-abbd-8cee6fecea2d\"}]}")

    req, _ := http.NewRequest("POST", url, payload)

    req.Header.Add("Content-Type", "application/json")
    req.Header.Add("Accept", "application/json")
    req.Header.Add("X-Request-Id", "bfe9eb29-ab87-4ca3-be83-a1d5d8305716")
    req.Header.Add("Accept-Language", "en, en-US;q=0.8, es;q=0.7")
    req.Header.Add("Authorization", "Bearer {access-token}")

    res, _ := http.DefaultClient.Do(req)

    defer res.Body.Close()
    body, _ := ioutil.ReadAll(res.Body)

    fmt.Println(res)
    fmt.Println(string(body))

}
const data = JSON.stringify({
  "principal": {
    "id": "john.doe@sgnl.ai",
    "ipAddress": "172.217.22.14",
    "deviceId": "48:65:ee:17:7e:0b"
  },
  "queries": [
    {
      "action": "delete",
      "assetId": "3cdd2459-d9d3-4df4-abbd-8cee6fecea2d"
    }
  ]
});

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("POST", "https://access.sgnlapis.cloud/access/v2/evaluations");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("X-Request-Id", "bfe9eb29-ab87-4ca3-be83-a1d5d8305716");
xhr.setRequestHeader("Accept-Language", "en, en-US;q=0.8, es;q=0.7");
xhr.setRequestHeader("Authorization", "Bearer {access-token}");

xhr.send(data);
const http = require("https");

const options = {
  "method": "POST",
  "hostname": "access.sgnlapis.cloud",
  "port": null,
  "path": "/access/v2/evaluations",
  "headers": {
    "Content-Type": "application/json",
    "Accept": "application/json",
    "X-Request-Id": "bfe9eb29-ab87-4ca3-be83-a1d5d8305716",
    "Accept-Language": "en, en-US;q=0.8, es;q=0.7",
    "Authorization": "Bearer {access-token}"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.write(JSON.stringify({
  principal: {
    id: 'john.doe@sgnl.ai',
    ipAddress: '172.217.22.14',
    deviceId: '48:65:ee:17:7e:0b'
  },
  queries: [{action: 'delete', assetId: '3cdd2459-d9d3-4df4-abbd-8cee6fecea2d'}]
}));
req.end();
import http.client

conn = http.client.HTTPSConnection("access.sgnlapis.cloud")

payload = "{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\",\"assetId\":\"3cdd2459-d9d3-4df4-abbd-8cee6fecea2d\"}]}"

headers = {
    'Content-Type': "application/json",
    'Accept': "application/json",
    'X-Request-Id': "bfe9eb29-ab87-4ca3-be83-a1d5d8305716",
    'Accept-Language': "en, en-US;q=0.8, es;q=0.7",
    'Authorization': "Bearer {access-token}"
    }

conn.request("POST", "/access/v2/evaluations", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://access.sgnlapis.cloud/access/v2/evaluations")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE

request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request["Accept"] = 'application/json'
request["X-Request-Id"] = 'bfe9eb29-ab87-4ca3-be83-a1d5d8305716'
request["Accept-Language"] = 'en, en-US;q=0.8, es;q=0.7'
request["Authorization"] = 'Bearer {access-token}'
request.body = "{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\",\"assetId\":\"3cdd2459-d9d3-4df4-abbd-8cee6fecea2d\"}]}"

response = http.request(request)
puts response.read_body

POST /access/v2/evaluations

Evaluate whether a principal can perform actions on assets.

Body parameter

{
  "principal": {
    "id": "john.doe@sgnl.ai",
    "ipAddress": "172.217.22.14",
    "deviceId": "48:65:ee:17:7e:0b"
  },
  "queries": [
    {
      "action": "delete",
      "assetId": "3cdd2459-d9d3-4df4-abbd-8cee6fecea2d"
    }
  ]
}

Parameters

Name In Type Required Description
X-Request-Id header string false Arbitrary string identifier used to correlate requests with responses. The response will contain the X-Request-Id header with the same value.
Accept-Language header string false none
body body AccessEvaluationRequest false none
principal body Principal true Principal trying to access a protected asset
id body string true Identifier for the principal
ipAddress body string false IP address from which the principal is making the request
deviceId body string false The identifier for the device making the request
queries body [Query] true Collection of assets and/or actions
action body string false Action the principal is trying to perform on the asset
assetId body string false Identifer for the asset

Example responses

200 Response

{
  "issuedAt": "2023-01-04T22:06:54.530672786Z",
  "principalId": "john.doe@sgnl.ai",
  "evaluationDuration": 2550,
  "decisions": [
    {
      "action": "delete",
      "assetId": "3cdd2459-d9d3-4df4-abbd-8cee6fecea2d",
      "decision": "Allow",
      "reasons": [
        "this is a denial reason"
      ]
    }
  ]
}

Responses

Status Meaning Description Schema
200 OK OK AccessEvaluationResponse
400 Bad Request Invalid request ErrorResponse
401 Unauthorized Unauthorized ErrorResponse
403 Forbidden Forbidden ErrorResponse
500 Internal Server Error Internal Error ErrorResponse

Response Headers

Status Header Type Format Description
200 X-Request-Id string none
400 X-Request-Id string none
401 X-Request-Id string none
403 X-Request-Id string none
500 X-Request-Id string none

Assets search

accessSearch

Code samples

POST /access/v2/search HTTP/1.1
Content-Type: application/json
Accept: application/json
X-Request-Id: bfe9eb29-ab87-4ca3-be83-a1d5d8305716
Authorization: Bearer {access-token}
Host: access.sgnlapis.cloud
Content-Length: 130

{"principal":{"id":"john.doe@sgnl.ai","ipAddress":"172.217.22.14","deviceId":"48:65:ee:17:7e:0b"},"queries":[{"action":"delete"}]}
curl --request POST \
  --url https://access.sgnlapis.cloud/access/v2/search \
  --header 'Accept: application/json' \
  --header 'Authorization: Bearer {access-token}' \
  --header 'Content-Type: application/json' \
  --header 'X-Request-Id: bfe9eb29-ab87-4ca3-be83-a1d5d8305716' \
  --data '{"principal":{"id":"john.doe@sgnl.ai","ipAddress":"172.217.22.14","deviceId":"48:65:ee:17:7e:0b"},"queries":[{"action":"delete"}]}'
CURL *hnd = curl_easy_init();

curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://access.sgnlapis.cloud/access/v2/search");

struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Content-Type: application/json");
headers = curl_slist_append(headers, "Accept: application/json");
headers = curl_slist_append(headers, "X-Request-Id: bfe9eb29-ab87-4ca3-be83-a1d5d8305716");
headers = curl_slist_append(headers, "Authorization: Bearer {access-token}");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);

curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\"}]}");

CURLcode ret = curl_easy_perform(hnd);
HttpResponse<String> response = Unirest.post("https://access.sgnlapis.cloud/access/v2/search")
  .header("Content-Type", "application/json")
  .header("Accept", "application/json")
  .header("X-Request-Id", "bfe9eb29-ab87-4ca3-be83-a1d5d8305716")
  .header("Authorization", "Bearer {access-token}")
  .body("{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\"}]}")
  .asString();
val client = OkHttpClient()

val mediaType = MediaType.parse("application/json")
val body = RequestBody.create(mediaType, "{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\"}]}")
val request = Request.Builder()
  .url("https://access.sgnlapis.cloud/access/v2/search")
  .post(body)
  .addHeader("Content-Type", "application/json")
  .addHeader("Accept", "application/json")
  .addHeader("X-Request-Id", "bfe9eb29-ab87-4ca3-be83-a1d5d8305716")
  .addHeader("Authorization", "Bearer {access-token}")
  .build()

val response = client.newCall(request).execute()
var client = new RestClient("https://access.sgnlapis.cloud/access/v2/search");
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Accept", "application/json");
request.AddHeader("X-Request-Id", "bfe9eb29-ab87-4ca3-be83-a1d5d8305716");
request.AddHeader("Authorization", "Bearer {access-token}");
request.AddParameter("application/json", "{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\"}]}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
package main

import (
    "fmt"
    "strings"
    "net/http"
    "io/ioutil"
)

func main() {

    url := "https://access.sgnlapis.cloud/access/v2/search"

    payload := strings.NewReader("{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\"}]}")

    req, _ := http.NewRequest("POST", url, payload)

    req.Header.Add("Content-Type", "application/json")
    req.Header.Add("Accept", "application/json")
    req.Header.Add("X-Request-Id", "bfe9eb29-ab87-4ca3-be83-a1d5d8305716")
    req.Header.Add("Authorization", "Bearer {access-token}")

    res, _ := http.DefaultClient.Do(req)

    defer res.Body.Close()
    body, _ := ioutil.ReadAll(res.Body)

    fmt.Println(res)
    fmt.Println(string(body))

}
const data = JSON.stringify({
  "principal": {
    "id": "john.doe@sgnl.ai",
    "ipAddress": "172.217.22.14",
    "deviceId": "48:65:ee:17:7e:0b"
  },
  "queries": [
    {
      "action": "delete"
    }
  ]
});

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("POST", "https://access.sgnlapis.cloud/access/v2/search");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("X-Request-Id", "bfe9eb29-ab87-4ca3-be83-a1d5d8305716");
xhr.setRequestHeader("Authorization", "Bearer {access-token}");

xhr.send(data);
const http = require("https");

const options = {
  "method": "POST",
  "hostname": "access.sgnlapis.cloud",
  "port": null,
  "path": "/access/v2/search",
  "headers": {
    "Content-Type": "application/json",
    "Accept": "application/json",
    "X-Request-Id": "bfe9eb29-ab87-4ca3-be83-a1d5d8305716",
    "Authorization": "Bearer {access-token}"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.write(JSON.stringify({
  principal: {
    id: 'john.doe@sgnl.ai',
    ipAddress: '172.217.22.14',
    deviceId: '48:65:ee:17:7e:0b'
  },
  queries: [{action: 'delete'}]
}));
req.end();
import http.client

conn = http.client.HTTPSConnection("access.sgnlapis.cloud")

payload = "{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\"}]}"

headers = {
    'Content-Type': "application/json",
    'Accept': "application/json",
    'X-Request-Id': "bfe9eb29-ab87-4ca3-be83-a1d5d8305716",
    'Authorization': "Bearer {access-token}"
    }

conn.request("POST", "/access/v2/search", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://access.sgnlapis.cloud/access/v2/search")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE

request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request["Accept"] = 'application/json'
request["X-Request-Id"] = 'bfe9eb29-ab87-4ca3-be83-a1d5d8305716'
request["Authorization"] = 'Bearer {access-token}'
request.body = "{\"principal\":{\"id\":\"john.doe@sgnl.ai\",\"ipAddress\":\"172.217.22.14\",\"deviceId\":\"48:65:ee:17:7e:0b\"},\"queries\":[{\"action\":\"delete\"}]}"

response = http.request(request)
puts response.read_body

POST /access/v2/search

Returns accessible assets for a principal given integration configuration

Body parameter

{
  "principal": {
    "id": "john.doe@sgnl.ai",
    "ipAddress": "172.217.22.14",
    "deviceId": "48:65:ee:17:7e:0b"
  },
  "queries": [
    {
      "action": "delete"
    }
  ]
}

Parameters

Name In Type Required Description
X-Request-Id header string false Arbitrary string identifier used to correlate requests with responses. The response will contain the X-Request-Id header with the same value.
pageToken query string false Token to use to get the next set of assets
pageSize query integer false Maximum number of assets returned in a single page
body body SearchRequest false none
principal body Principal true Principal trying to access a protected asset
id body string true Identifier for the principal
ipAddress body string false IP address from which the principal is making the request
deviceId body string false The identifier for the device making the request
queries body [SearchQuery] true Collection of actions
action body string false Action the principal is trying to perform on the asset

Example responses

200 Response

{
  "issuedAt": "2023-01-04T22:06:54.530672786Z",
  "principalId": "john.doe@sgnl.ai",
  "evaluationDuration": 2550,
  "decisions": [
    {
      "action": "delete",
      "assetId": "3cdd2459-d9d3-4df4-abbd-8cee6fecea2d",
      "decision": "Allow",
      "assetAttributes": {}
    }
  ],
  "nextPageToken": "NWU0OGFiZTItNjI1My00NTQ5LWEzYTctNWQ1YmE1MmVmM2Q4"
}

Responses

Status Meaning Description Schema
200 OK OK SearchResponse
400 Bad Request Invalid request ErrorResponse
401 Unauthorized Unauthorized ErrorResponse
403 Forbidden Forbidden ErrorResponse
500 Internal Server Error Internal Error ErrorResponse

Response Headers

Status Header Type Format Description
200 X-Request-Id string none
400 X-Request-Id string none
401 X-Request-Id string none
403 X-Request-Id string none
500 X-Request-Id string none

Schemas

ErrorResponse

{
  "error": {
    "code": 401,
    "internalCode": "SGNL-40100",
    "message": "The user is not authorized to make the request.",
    "status": "UNAUTHORIZED"
  }
}

Properties

Name Type Required Restrictions Description
error object false none none
code integer false none none
internalCode string false none none
message string false none none
status string false none none

AccessEvaluationRequest

{
  "principal": {
    "id": "john.doe@sgnl.ai",
    "ipAddress": "172.217.22.14",
    "deviceId": "48:65:ee:17:7e:0b"
  },
  "queries": [
    {
      "action": "delete",
      "assetId": "3cdd2459-d9d3-4df4-abbd-8cee6fecea2d"
    }
  ]
}

Request containing principal, assets and/or actions being sent for evaluation

Properties

Name Type Required Restrictions Description
principal Principal true none Principal that is trying to access a protected asset
queries [Query] true none Collection of assets and/or actions

SearchRequest

{
  "principal": {
    "id": "john.doe@sgnl.ai",
    "ipAddress": "172.217.22.14",
    "deviceId": "48:65:ee:17:7e:0b"
  },
  "queries": [
    {
      "action": "delete"
    }
  ]
}

Request containing principal and optional actions being sent for evaluation

Properties

Name Type Required Restrictions Description
principal Principal true none Principal that is trying to access protected assets
queries [SearchQuery] true none Collection of actions

Principal

{
  "id": "john.doe@sgnl.ai",
  "ipAddress": "172.217.22.14",
  "deviceId": "48:65:ee:17:7e:0b"
}

Principal trying to access a protected asset

Properties

Name Type Required Restrictions Description
id string true none Identifier for the principal
ipAddress string false none IP address from which the principal is making the request
deviceId string false none The identifier for the device making the request

SearchQuery

{
  "action": "delete"
}

Action used as parameter to the policies applied to evaluate access

Properties

Name Type Required Restrictions Description
action string false none Action the principal is trying to perform on the asset

Query

{
  "action": "delete",
  "assetId": "3cdd2459-d9d3-4df4-abbd-8cee6fecea2d"
}

Action and/or asset identifier used as parameters to the policies applied to evaluate access

Properties

Name Type Required Restrictions Description
action string false none Action the principal is trying to perform on the asset
assetId string false none Identifer for the asset

AccessEvaluationResponse

{
  "issuedAt": "2023-01-04T22:06:54.530672786Z",
  "principalId": "john.doe@sgnl.ai",
  "evaluationDuration": 2550,
  "decisions": [
    {
      "action": "delete",
      "assetId": "3cdd2459-d9d3-4df4-abbd-8cee6fecea2d",
      "decision": "Allow",
      "reasons": [
        "this is a denial reason"
      ]
    }
  ]
}

Properties

allOf

Name Type Required Restrictions Description
decision AbstractAccessResponse false none none

and

Name Type Required Restrictions Description
decision object false none none
decisions [AccessEvaluationQueryDecision] true none Access decisions returned by the access API

AbstractAccessResponse

{
  "issuedAt": "2023-01-04T22:06:54.530672786Z",
  "principalId": "john.doe@sgnl.ai",
  "evaluationDuration": 2550
}

Properties

Name Type Required Restrictions Description
issuedAt string(date-time) true none Time at which the decision was issued
principalId string true none Principal making the request
evaluationDuration integer true none The time taken to make a decision in milliseconds

SearchResponse

{
  "issuedAt": "2023-01-04T22:06:54.530672786Z",
  "principalId": "john.doe@sgnl.ai",
  "evaluationDuration": 2550,
  "decisions": [
    {
      "action": "delete",
      "assetId": "3cdd2459-d9d3-4df4-abbd-8cee6fecea2d",
      "decision": "Allow",
      "assetAttributes": {}
    }
  ],
  "nextPageToken": "NWU0OGFiZTItNjI1My00NTQ5LWEzYTctNWQ1YmE1MmVmM2Q4"
}

Properties

allOf

Name Type Required Restrictions Description
decision AbstractAccessResponse false none none

and

Name Type Required Restrictions Description
decision object false none none
decisions [SearchQueryDecision] true none Access decisions and assets
nextPageToken string false none Base64 encoded token used to retreive the next set of results

AccessEvaluationQueryDecision

{
  "action": "delete",
  "assetId": "3cdd2459-d9d3-4df4-abbd-8cee6fecea2d",
  "decision": "Allow",
  "reasons": [
    "this is a denial reason"
  ]
}

Properties

Name Type Required Restrictions Description
action string false none The action the principal is trying to perform on the asset
assetId string false none Identifer for the asset
decision AccessDecision true none Access decision returned by access API
reasons [string] false none Reasons associated to this decision

SearchQueryDecision

{
  "action": "delete",
  "assetId": "3cdd2459-d9d3-4df4-abbd-8cee6fecea2d",
  "decision": "Allow",
  "assetAttributes": {}
}

An asset on which the principal is allowed to perform an action

Properties

Name Type Required Restrictions Description
action string false none The action the principal is trying to perform on the asset
assetId string true none Identifier for the asset
decision AccessDecision true none Access decision returned by access API
assetAttributes object true none The attributes of the asset

AccessDecision

"Allow"

Access decision returned by access API

Properties

Name Type Required Restrictions Description
decision string false none Access decision returned by access API

Enumerated Values

Property Value
decision Allow
decision Deny