1. REST API for Sites Management
  2. Tasks
  3. Policies
  4. Access Lists

Get an Example Request Body for Creating Policy Access Member Resources

get

/sites/management/api/v1/policies/{id}/access/create-form

CREATE FORM

Get a template request body suitable for creating a new policy access member.The create-form resource provides an example request body that clients can use as a template when creating a new Policy Access Member. The example request body property values can be edited, removed or added to and then used as the request body when creating a Policy Access Member. Use of the create form is optional, it is only provided as a guide to the request body format.

Introduced in release 19.3.1.

Authorization

To access this create-form resource requires read access to the parent resource.

Enabling the Access List

The access list is only used if the accessType of the associated policy is set to restricted. If the access type is set to everyone the members of the access list are ignored. However, it is valid to alter the access list members when the policy access type is set to everyone.

For more information, see Update the Fields of a Policy.

Successful Response Examples

This operation responds with the following success (2xx) responses. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.

200OK - Add User

A user is added using the user:username syntax.

Request

GET https://api.example.com/sites/management/api/v1/policies/{id}/access/create-form

Response Body

"user:jsmith"

200OK - Add Application

A client application is added using the user:applicationname syntax.

Request

GET https://api.example.com/sites/management/api/v1/policies/{id}/access/create-form

Response Body

"application:MyProduct_APPID"
Introduced in release 20.3.3.

200OK - Add Group

A group is added using the group:groupname syntax. If both an Oracle Content Management group and Identity Provider group have the same name, the OCE group is used.

Request

GET https://api.example.com/sites/management/api/v1/policies/{id}/access/create-form

Response Body

"group:marketing"

200OK - Add Oracle Content Management Group

An Oracle Content Management group is referenced using the group:oce:groupname syntax. If there is a name clash between an OCE group and an identity provider group this syntax can be used to be explicit about the type of group being added.

Request

GET https://api.example.com/sites/management/api/v1/policies/{id}/access/create-form

Response Body

"group:oce:marketing"

200OK - Add Identity Provider Group

An identity provider supplied group is referenced using the group:idp:groupname syntax. If there is a name clash between an Oracle Content Management group and an IDP group this syntax can be used to be explicit about the type of group being added.

Request

GET https://api.example.com/sites/management/api/v1/policies/{id}/access/create-form

Response Body

"group:idp:marketing"

Client Error Response Examples

This operation responds with following client error (4xx) responses with exception details in the response body. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.

404Not Found - Policy Not Found

The policy does not exist or has been deleted, or the authenticated user or client application does not have access to the policy.

Error Code

OCE-SITEMGMT-009022

Resolution - Check Identifier

Check that the policy identifier is valid.

Resolution - Check Role

Check that the authenticated user is a site administrator.

Resolution - Check Access

If the user is not a site administrator then check the policy 'accessType' includes the authenticated user.

Exception Detail Fields

This error type includes the following fields/values in the response:

Field NameDescription
policyPolicy that does not exist or is not visible to the authenticated user.

For detailed information about this exception detail type, consult the PolicyNotFoundExceptionDetail schema in the definitions section of the swagger document.

Example Response Body
{
  "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
  "title": "Policy Not Found",
  "status": "404",
  "detail": "Policy does not exist or has been deleted, or the authenticated user or client application does not have access to the policy.",
  "o:errorCode": "OCE-SITEMGMT-009022",
  "policy": {
    "id": "721af08b-32db-4eee-b6af-0c38d3ba4681"
  }
}

Request

Path Parameters
Query Parameters

  • Comma-delimited string of field names that should not be included in the response.

  • Comma-separated list of link relation names to exclude from the response.

  • Comma-delimited string of field names to include in the response. Nested fields can be identified using a dot to separate the field names. Field names are case-sensitive. Field names are ignored if the field does not exist.

  • Comma-separated list of link relation names to include in the response. By default, all links are returned.

    The following links are provided by this resource:

    Link RelationshipDescription
    parentDescribes where the parent resource can be read. Equivalent to an up link, this link provides the link to the parent resource, such as the collection resource that contains a singular resource.
    selfDescribes the current returned representation of the resource. Used for links that represent the resource itself. For example, if a resource is returned as part of a collection, the self link will provide the URL path for the individual resource.
    canonicalDescribes the preferred representation of the requested resource. Used for links that represent the canonical form of the resource. For example, if a resource is returned as part of a collection, the canonical link will provide the URL path for the canonical form of the individual resource.
    createDescribes where the resource can be created. Used on collection resources to indicate where a post can be performed to create a new resource in the collection.
    describedByDescribes the schema resource providing metadata information about the resource. Used on collection, singular and relation resources to indicate where the schema resource is that describes the resource.
Back to Top

Response

Supported Media Types

200 Response

OK
Headers
Body ()
Root Schema : schema
Type: object
Show Source

  • Identifier for the user, client application or group member.

    No assumptions should be made about the content of the field; the field should be treated as an opaque value.

    Introduced in release 19.3.1.
  • links

    HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.

Nested Schema : links
Type: array

HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.

Show Source
Nested Schema : items
Match All
Show Source
  • Link
Example Response (Add User)
"user:jsmith"

400 Response

Bad Request

401 Response

Unauthorized

403 Response

Forbidden

404 Response

Not Found
Headers
Body ()
Root Schema : schema
Match All
Show Source
Nested Schema : PolicyNotFoundExceptionDetail
Match All
Show Source
Nested Schema : ExceptionDetail
Type: object

In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.

Show Source
Nested Schema : PolicyNotFoundExceptionDetail-allOf[1]
Type: object
Show Source
Nested Schema : o:errorDetails
Type: array

Multiple errors can be organized in a hierarchical structure.

Show Source
Nested Schema : items
Match All
Show Source
  • ExceptionDetail

    In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.

Example Response (Policy Not Found)
{
    "type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
    "title":"Policy Not Found",
    "status":"404",
    "detail":"Policy does not exist or has been deleted, or the authenticated user or client application does not have access to the policy.",
    "o:errorCode":"OCE-SITEMGMT-009022",
    "policy":{
        "id":"721af08b-32db-4eee-b6af-0c38d3ba4681"
    }
}

406 Response

Not Acceptable

416 Response

Range Not Satisfiable

429 Response

Too Many Requests

500 Response

Internal Server Error

501 Response

Not Implemented

502 Response

Bad Gateway

503 Response

Service Unavailable

504 Response

Gateway Timeout
Back to Top