IAM
Manage Projects and Access Policies with IAM Service.
Install Dependency
Package: pkg:maven/com.affinidi.tdk/iam.client@1.2.1
<dependency>
<groupId>com.affinidi.tdk</groupId>
<artifactId>iam.client</artifactId>
<version><version_number></version>
</dependency>You can check the latest version of this module on the Maven repository or view the source code at the GitHub repository.
Classes and Methods
Projects API
Use the Projects API to manage your projects including providing access to other users on your projects.
addPrincipalToProject
Add principal to the project to get access.
Parameters
addUserToProjectInput [Object]
JSON object to provide the principal ID and principal type to add to the project. See more here.
{
"principalId": "<PRINCIPAL_ID>",
"principalType": "<PRINCIPAL_TYPE>"
}Example
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.ProjectsApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
import com.affinidi.tdk.iam.client.models.AddUserToProjectInput;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
ProjectsApi apiInstance = new ProjectsApi(defaultClient);
AddUserToProjectInput requestInput = new AddUserToProjectInput()
.principalId("PAT_ID")
.principalType("token");
apiInstance.addPrincipalToProject(requestInput);
} catch (Exception e) {
e.printStackTrace();
}createProject
Create a project for your account.
Parameters
CreateProjectInput [Object]
JSON object to provide the project name and description. See more here.
{
"name": "<PROJECT_NAME>",
"description": "<PROJECT_DESCRIPTION>"
}Example
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.ProjectsApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
import com.affinidi.tdk.iam.client.models.CreateProjectInput;
import com.affinidi.tdk.iam.client.models.ProjectDto;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
ProjectsApi apiInstance = new ProjectsApi(defaultClient);
CreateProjectInput requestInput = new CreateProjectInput()
.name("Project Name")
.description("Project Description");
ProjectDto response = apiInstance.createProject(requestInput);
System.out.println(response.toString());
} catch (Exception e) {
e.printStackTrace();
}deletePrincipalFromProject
Delete principal (user or PAT) from the project to remove access.
Parameters
principalId [String]
ID of the User or Personal Access Token (PAT).
principalType [String]
Type of the Principal, user for User or token for Personal Access Token.
Example
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.ProjectsApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
ProjectsApi apiInstance = new ProjectsApi(defaultClient);
String principalId = "<PAT_ID>";
String principalType = "token";
apiInstance.deletePrincipalFromProject(principalId, principalType);
} catch (Exception e) {
e.printStackTrace();
}listPrincipalsOfProject
Get the list of principals assigned to the project.
Parameters
No Parameters Required
Example
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.ProjectsApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
import com.affinidi.tdk.iam.client.models.UserList;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
ProjectsApi apiInstance = new ProjectsApi(defaultClient);
Integer limit = 100;
UserList response = apiInstance.listPrincipalsOfProject(limit, null);
System.out.println(response.toString());
} catch (Exception e) {
e.printStackTrace();
}listProject
Get the list of projects.
Parameters
No Parameters Required
Example
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.ProjectsApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
import com.affinidi.tdk.iam.client.models.ProjectList;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
ProjectsApi apiInstance = new ProjectsApi(defaultClient);
Integer limit = 10;
ProjectList response = apiInstance.listProject(limit, null);
System.out.println(response.toString());
} catch (Exception e) {
e.printStackTrace();
}updateProject
Update the project details.
Parameters
projectId [String]
ID of the project to update.
UpdateProjectInput [Object]
JSON object to provide the project name and description. See more here.
{
"name": "<PROJECT_NAME",
"description": "<PROJECT_DESCRIPTION>"
}Example
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.ProjectsApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
import com.affinidi.tdk.iam.client.models.ProjectDto;
import com.affinidi.tdk.iam.client.models.UpdateProjectInput;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
ProjectsApi apiInstance = new ProjectsApi(defaultClient);
String projectId = "<PROJECT_ID>";
UpdateProjectInput requestInput = new UpdateProjectInput()
.name("Project Name")
.description("Project Description");
ProjectDto response = apiInstance.updateProject(projectId, requestInput);
System.out.println(response.toString());
} catch (Exception e) {
e.printStackTrace();
}Policies API
Use the Policies API to manage access to your projects and related resources for other users.
getPolicies
Retrieves the policy attached to a principal.
Parameters
principalId [String]
ID of the User or Personal Access Token (PAT).
principalType [String]
Type of the Principal, user for User or token for Personal Access Token.
Example
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.PoliciesApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
import com.affinidi.tdk.iam.client.models.PolicyDto;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
PoliciesApi apiInstance = new PoliciesApi(defaultClient);
String principalId = "<PAT_ID>";
String principalType = "token";
PolicyDto response = apiInstance.getPolicies(principalId, principalType);
System.out.println(response.toString());
} catch (Exception e) {
e.printStackTrace();
}updatePolicies
Update the Policy for the principal.
Parameters
principalId [String]
ID of the User or Personal Access Token (PAT).
principalType [String]
Type of the Principal, user for User or token for Personal Access Token.
policyDto [Object]
JSON object of Policy rules. See more here.
{
"version": "2022-12-15",
"statement": [
{
"principal": [
"<PRINCIPAL_ID>"
],
"action": [
""
],
"resource": [
""
],
"effect": "Allow"
}
]
}Example
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.PoliciesApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
import com.affinidi.tdk.iam.client.models.PolicyDto;
import com.affinidi.tdk.iam.client.models.PolicyStatementDto;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
PoliciesApi apiInstance = new PoliciesApi(defaultClient);
String principalId = "<PAT_ID>";
String principalType = "token";
ArrayList<String> actions = new ArrayList<String>();
ArrayList<String> resources = new ArrayList<String>();
ArrayList<String> principals = new ArrayList<String>();
// all access
actions.add("*");
resources.add("*");
principals.add("<PAT_ID>");
PolicyDto policyDto = new PolicyDto()
.version("2022-12-15")
.statement(new ArrayList<PolicyStatementDto>(
List.of(new PolicyStatementDto()
.action(actions)
.principal(principals)
.resource(resources)
.effect("Allow")
)));
PolicyDto response = apiInstance.updatePolicies(principalId, principalType, policyDto);
System.out.println(response.toString());
} catch (Exception e) {
e.printStackTrace();
}Secure Token Exchange (STS) API
Use the STS (Secure Token Exchange) API to create a Project Scoped Token and get the current session information.
createProjectScopedToken
Create a Project Scoped Token to access resources in the project.
Parameters
CreateProjectScopedTokenInput [Object]
JSON Object to provide the Project ID to generate the token. See more here.
{
"projectId": "<PROJECT_ID>"
}Example
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.StsApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
import com.affinidi.tdk.iam.client.models.CreateProjectScopedTokenInput;
import com.affinidi.tdk.iam.client.models.CreateProjectScopedTokenOutput;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
StsApi apiInstance = new StsApi(defaultClient);
CreateProjectScopedTokenInput requestInput = new CreateProjectScopedTokenInput()
.projectId(<PROJECT_ID>);
CreateProjectScopedTokenOutput response = apiInstance.createProjectScopedToken(requestInput);
System.out.println(response.toString());
} catch (Exception e) {
e.printStackTrace();
}whoami
Retrieve the principal information of the current user.
Paramaters
No Parameters Required
Example
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.StsApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
import com.affinidi.tdk.iam.client.models.WhoamiDto;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
StsApi apiInstance = new StsApi(defaultClient);
WhoamiDto response = apiInstance.whoami();
System.out.println(response.toString());
} catch (Exception e) {
e.printStackTrace();
}Tokens API
Use the Tokens API to create a Personal Access Token (PAT) to call Affinidi services on your behalf. Alternatively, use the Token command from Affinidi CLI.
createToken
Create a Personal Access Token.
Parameters
CreateTokenInput [Object]
JSON object to provide the details of the PAT like name and the public key info. See more here.
Example
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.TokensApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
import com.affinidi.tdk.iam.client.models.CreateTokenInput;
import com.affinidi.tdk.iam.client.models.TokenAuthenticationMethodDto;
import com.affinidi.tdk.iam.client.models.TokenPrivateKeyAuthenticationMethodDtoPublicKeyInfo;
import com.affinidi.tdk.iam.client.models.TokenAuthenticationMethodDto.SigningAlgorithmEnum;
import com.affinidi.tdk.iam.client.models.TokenAuthenticationMethodDto.TypeEnum;
import com.affinidi.tdk.iam.client.models.TokenDto;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
TokensApi apiInstance = new TokensApi(defaultClient);
CreateTokenInput requestInput = new CreateTokenInput()
.name("MyToken")
.authenticationMethod(new TokenAuthenticationMethodDto()
.type(TypeEnum.PRIVATE_KEY)
.signingAlgorithm(SigningAlgorithmEnum.RS256)
.publicKeyInfo(new TokenPrivateKeyAuthenticationMethodDtoPublicKeyInfo()));
TokenDto response = apiInstance.createToken(requestInput);
System.out.println(response.toString());
} catch (Exception e) {
e.printStackTrace();
}deleteToken
Delete a Personal Access Token.
Parameters
tokenId [String]
ID of the Personal Access Token to delete.
Example
import java.util.UUID;
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.TokensApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
TokensApi apiInstance = new TokensApi(defaultClient);
UUID tokenId = UUID.fromString("<PAT_ID>");
apiInstance.deleteToken(tokenId);
} catch (Exception e) {
e.printStackTrace();
}getToken
Retrieve the Personal Access Token details.
Parameters
tokenId [String]
ID of the Personal Access Token to retrieve.
Example
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
TokensApi apiInstance = new TokensApi(defaultClient);
UUID tokenId = UUID.fromString("<PAT_ID>");
TokenDto response = apiInstance.getToken(tokenId);
System.out.println(response.toString());
} catch (Exception e) {
e.printStackTrace();
}listToken
Get the list of Personal Access Token.
Parameters
No Parameters Required
Example
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.TokensApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
import com.affinidi.tdk.iam.client.models.TokenList;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
TokensApi apiInstance = new TokensApi(defaultClient);
Integer limit = 10;
TokenList response = apiInstance.listToken(limit, null);
System.out.println(response.toString());
} catch (Exception e) {
e.printStackTrace();
}updateToken
Update an existing Personal Access Token.
Parameters
tokenId [String]
ID of the Personal Access Token to update.
UpdateTokenInput [Object]
JSON object to provide the details to update the Personal Access Token. See more here.
Example
import java.util.UUID;
import com.affinidi.tdk.authProvider.AuthProvider;
import com.affinidi.tdk.iam.client.ApiClient;
import com.affinidi.tdk.iam.client.Configuration;
import com.affinidi.tdk.iam.client.apis.TokensApi;
import com.affinidi.tdk.iam.client.auth.ApiKeyAuth;
import com.affinidi.tdk.iam.client.models.TokenDto;
import com.affinidi.tdk.iam.client.models.TokenPrivateKeyAuthenticationMethodDtoPublicKeyInfo;
import com.affinidi.tdk.iam.client.models.UpdateTokenInput;
import com.affinidi.tdk.iam.client.models.UpdateTokenPrivateKeyAuthenticationMethodDto;
import com.affinidi.tdk.iam.client.models.UpdateTokenPrivateKeyAuthenticationMethodDto.SigningAlgorithmEnum;
import com.affinidi.tdk.iam.client.models.UpdateTokenPrivateKeyAuthenticationMethodDto.TypeEnum;
try {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: ProjectTokenAuth
ApiKeyAuth ProjectTokenAuth = (ApiKeyAuth) defaultClient.getAuthentication("ProjectTokenAuth");
ProjectTokenAuth.setApiKey(authProvider.fetchProjectScopedToken());
TokensApi apiInstance = new TokensApi(defaultClient);
UUID tokenId = UUID.fromString("26eb3c8c-3209-435a-8a4f-7eca797f6bdd");
UpdateTokenInput requestInput = new UpdateTokenInput()
.name("MyToken")
.authenticationMethod(new UpdateTokenPrivateKeyAuthenticationMethodDto()
.type(TypeEnum.PRIVATE_KEY)
.signingAlgorithm(SigningAlgorithmEnum.RS256)
.publicKeyInfo(new TokenPrivateKeyAuthenticationMethodDtoPublicKeyInfo()));
TokenDto response = apiInstance.updateToken(tokenId, requestInput);
System.out.println(response.toString());
} catch (Exception e) {
e.printStackTrace();
}Was this page helpful?
Glad to hear it! Please tell us how we can improve more.
Sorry to hear that. Please tell us how we can improve.
Thank you for sharing your feedback so we can improve your experience.