-
Notifications
You must be signed in to change notification settings - Fork 0
Terms and Conditions API
- ⏬ Getting Started
- ⏬ Deploy and Configure the Policy Decision Point
- ⏬ Chart Configuration
- ⏬ Integration Guide
- ⏬ Policy Management
- ⏬ Policy Language
▶️ Terms and Conditions API (this page)- ⏬ Policy Checks
- ⏬ Policy Decision Endpoint API
The following Wiki page serves as an Integration Guide for Client Applications willing to utilize the policy protection platform for the policy decision point. In particular the usage of Terms and Conditions as an optional security feature.
As a Resource Owner there is a need to apply Terms & Conditions to resources that must be accepted before a user is granted access. This will allow services to provide their own terms and conditions for the application usage.
In order to interact with policy operations for the PDP, it is mandatory to pass an Authenticated user to it by giving an ID_TOKEN. The endponint will receive any REST request in order to insert, delete, update and fetch policies and some mandatory parameters such as:
- Parameters:
- headers: The response will be a json format so the Content-Type must be set to application/json and the Authorization must include an ID_TOKEN from the user
- Response:
- 200: lists all T&C stored in the database
- Example:
curl -XGET https://<HOSTNAME>/terms/ -H 'Content-Type: application/json, Authorization: Bearer <ID_TOKEN>'
- Parameters:
- payload: JSON format with T&C
- headers: The response will be a json format so the Content-Type must be set to application/json and the Authorization must include an ID_TOKEN from the user
- Response:
- 200: JSON format with terms data
- 401: Unauthorized
- 404: Not found
- Example:
curl -k -v -XPOST 'http://<DOMAIN>/terms/' -H 'Content-Type: application/json, Authorization: Bearer <OAuth access_token or JWT id_token>' -d '{"terms_id": "<some-id-for-this-term-and-condition>","terms_description": "<some-term-and-condition-description>"}'
- Parameters:
- headers: The response will be a json format so the Content-Type must be set to application/json and the Authorization must include an ID_TOKEN from the user
- Response:
- 200: JSON format of the policy asked
- 404: Term not found
- Example:
Get by term id:
curl -k -v -XGET 'http://<DOMAIN>/terms/5f32f236ea1bacfddd396e97' -H 'Content-Type: application/json, Authorization: Bearer <ID_TOKEN>'
The term specified will be updated with the content within the payload
- Parameters:
- payload: JSON format with policy content
- headers: The response will be a json format so the Content-Type must be set to application/json and the Authorization must include an ID_TOKEN from the user
- Response:
- 200: JSON format with terms data
- 401: Unauthorized
- 404: Not found
- Example:
curl -k -v -XPOST 'http://<DOMAIN>/terms/5f32f236ea1bacfddd396e97' -H 'Content-Type: application/json, Authorization: Bearer <OAuth access_token or JWT id_token>' -d '{"terms_id": "<some-id-for-this-term-and-condition>","terms_description": "<some-term-and-condition-description>"}'
- Parameters:
- headers: The response will be a json format so the Content-Type must be set to application/json and the Authorization must include an ID_TOKEN from the user
- Response:
- 200: Term deleted
- 401: Unauthorized
- 404: Not found
- Example:
curl -k -v -XDELETE 'http://<DOMAIN>/terms/5f32f236ea1bacfddd396e97' -H 'Content-Type: application/json, Authorization: Bearer <ID_TOKEN>'
⏭️ Next step: Policy Checks