Update the Fields of a Policy
/sites/management/api/v1/policies/{id}
Update one or more fields of a policy. The policy status can be changed to inactive to prevent the operation associated with the policy from being performed on the related resource. For example, for a policy that is associated with a template, making the policy inactive will prevent the template from being used to create sites. For a policy associated with the copy operation of a site, making the policy inactive will prevent the site from being copied. If the policy status is active the operation is allowed to be performed on the resource associated with the policy.
Other fields can be updated, such as site expiration periods, type of approval required to perform the operation and site security restrictions.
Policies for site operations default to active status, with field values derived from the original request that created the site. These derived site policies can be replaced or updated. If a derived site policy is updated the policy will first be automatically replaced before the update. For copy policies this will mean associated data such as the approval members will be reset to empty as it is no longer linked to the approval members of the request.
Authorization
To invoke this operation, the authenticated user or client application must have one of the following roles:
- CECSitesAdministrator
Pending Requests Relating to a Policy
If the policy defines that the operation requires approval when the operation associated with the policy is performed
a request will be created. This request will be marked as pending, waiting for manual approval. Any pending requests
will fail on approval if the associated policy status has been changed to inactive. For example, a template policy
may be changed to inactive whilst the template is being modified and then set back to active again once changes
to the template are complete. Any pending requests to create sites from that template may fail because the policy was
made inactive. However, any failed requests can be retried once the policy is made active again.
All other changes to a policy affect only new requests that relate to the policy.
Any existing requests use a snapshot of the policy details captured at the time of the request.
Expiration Date
If the policy is a site expiration policy and the expiration period is changed the site expiration date will be updated to match the expiration period if the policy is active. If an expiration period is set, the site expiration date is recalculated and updated. If no expiration period is set then the site expiration date is cleared. This ensures that the site expiration date is kept in line any changes made to the site expiration policy.
Associate a Policy with a Template
Policies are created as relationships with site templates or sites; the policies resource does not provide a way to directly create a policy, only to update a policy that already exists. Once a policy has been associated with a template or site, the policy can be updated directly via the policy resource.
For more information, see Associate a Policy with a Template.
Listing Templates
Policy status and accessType will affect which templates can be listed for site creation. An inactive policy cannot be used to create sites.
For more information, see List or Batch Read Templates.
Read a Site Copy Policy
Policy status will affect which sites can be copied. An inactive policy for the copy operation will be prevent these sites from being copied.
For more information, see Get the Copy Policy for a Site.
Read a Site Expiration Extension Policy
Policy status will affect which sites can have their expiration date extended. An inactive policy for the extend operation will be prevent these sites from being extended.
For more information, see Get the Expiration Policy for a Site.
Successful Response Examples
This operation responds with the following success (2xx) responses. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.
200OK - Activate a Policy
A policy can be activated by changing the status field to a value of active.
Request
PATCH https://api.example.com/sites/management/api/v1/policies/{id}
Request Body
{ "status": "active" }
200OK - Deactivate a Policy
A policy can be deactivated by changing the status field to a value of inactive.
Request
PATCH https://api.example.com/sites/management/api/v1/policies/{id}
Request Body
{ "status": "inactive" }
200OK - Change a Policy to Administrator Approval
A policy approval can be by changed by altering the approvalType field.
Request
PATCH https://api.example.com/sites/management/api/v1/policies/{id}
Request Body
{ "approvalType": "admin" }
200OK - Change a Policy to Automatic Approval
A policy approval can be by changed by altering the approvalType field.
Request
PATCH https://api.example.com/sites/management/api/v1/policies/{id}
Request Body
{ "approvalType": "automatic" }
200OK - Change a Policy to Named Approval
A policy approval can be by changed by altering the approvalType field. Once a policy is changed to named approval, the list of approvers can be read and changed using the approvers list resource. This resource provides the ability to list, add, replace and delete users, applications or groups approvers.
Request
PATCH https://api.example.com/sites/management/api/v1/policies/{id}
Request Body
{ "approvalType": "named" }Introduced in release 19.3.3.
200OK - Change the Site Security Level
A site security policy can be by change by altering the security field. In this example only the security level is being changed.
Request
PATCH https://api.example.com/sites/management/api/v1/policies/{id}
Request Body
{ "security": { "level": "service" } }
200OK - Change the Access Type to Everyone
A policy can be updated so that the associated access list is ignored so that any user can perform the operation associated with a policy, as long as the policy is active.
Request
PATCH https://api.example.com/sites/management/api/v1/policies/{id}
Request Body
{ "accessType": "everyone" }
200OK - Change the Access Type to Restricted
A policy can be updated so that the associated access list is used to control which users can perform the operation associated with a policy, as long as the policy is active.
Request
PATCH https://api.example.com/sites/management/api/v1/policies/{id}
Request Body
{ "accessType": "restricted" }Introduced in release 19.3.1.
200OK - Set a Site Expiration Period
If a policy has a site expiration period then when sites are created from a template associated with the policy a site expiration date will be calculated and set on the site. If the policy is associated with a site then the expiration period is used to set expiration dates on copies of the site, or when the site expiration date is extended. The example sets an expiration period of six months.
Request
PATCH https://api.example.com/sites/management/api/v1/policies/{id}
Request Body
{ "expiration": { "amount": 6, "unit": "months" } }Introduced in release 19.4.1.
200OK - Clear the Site Expiration Period
Any site created from a template associated with a policy that does not have an expiration period will not have an expiration date.
Request
PATCH https://api.example.com/sites/management/api/v1/policies/{id}
Request Body
{ "expiration": null }Introduced in release 19.4.1.
Client Error Response Examples
This operation responds with following client error (4xx) responses with exception details in the response body. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.
400Bad Request - Invalid Security Scope
The site security scope named cannot be used with a security level of everyone. A site security scope of all must be used when using a security level of everyone.
Error Code
OCE-SITEMGMT-009018
Resolution - Edit Site Security Scope
Change the security scope to the suggested required scope value.
Exception Detail Fields
This error type includes the following fields/values in the response:
| Field Name | Description |
level | Specified site security level. Valid values are:
|
specifiedScope | Specified site security scope. Valid values are:
|
requiredScope | Required site security scope. Valid values are:
|
For detailed information about this exception detail type, consult the InvalidSecurityScopeExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Security Scope", "status": "400", "detail": "Site security scope '{specifiedScope}' is not valid with a site security level of '{level}'. Use a security scope of '{requiredScope}'.", "o:errorCode": "OCE-SITEMGMT-009018", "level": "service", "specifiedScope": "named", "requiredScope": "all" }
400Bad Request - Invalid Repository
The referenced repository could not be found. Either the repository does not exist or has been deleted, or the authenticated user or client application does not have access to the repository.
Error Code
OCE-CAAS-001006
Resolution - Check Identifier
Check that the repository identifier is valid.
Resolution - Check Membership
Check that the authenticated user is a member of the repository and they have the relevant role to perform the operation relating to the repository.
Exception Detail Fields
This error type includes the following fields/values in the response:
| Field Name | Description |
repository | Repository that does not exist or is not visible to the authenticated user, if the repository identifier has been provided. |
For detailed information about this exception detail type, consult the InvalidRepositoryExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Repository", "status": "400", "detail": "Repository does not exist or has been deleted, or the authenticated user or client application does not have access to the repository.", "o:errorCode": "OCE-CAAS-001006", "repository": { "id": "F81629473A3DB8B2A28669F19E68209BBAD3340745B0" } }
Introduced in release 19.2.3.
400Bad Request - Invalid Site Template
The template referenced in the request or associated with the resource does not exist, or has been deleted, or the authenticated user or client application does not have access to the template.
Error Code
OCE-SITEMGMT-009010
Resolution - Check Identifier
Check that the template identifier is valid.
Resolution - Check Authorization
Check that the authenticated user is authorized to access to the template.
Exception Detail Fields
This error type includes the following fields/values in the response:
| Field Name | Description |
template | Template that does not exist or is not visible to the authenticated user. |
For detailed information about this exception detail type, consult the InvalidTemplateExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Site Template", "status": "400", "detail": "Template does not exist or has been deleted, or the authenticated user or client application does not have access to the template.", "o:errorCode": "OCE-SITEMGMT-009010", "template": { "id": "F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6" } }
400Bad Request - Unsupported Policy Field
Indicates that a field in the policy should not be provided. For example, a repository should not be specified in a policy for a standard template.
Error Code
OCE-SITEMGMT-009036
Resolution - Remove Localization Policy Allowed
Remove the policy localizationPolicyAllowed field if the associated template is a standard template.
Resolution - Remove Site Prefix Allowed
Remove the policy sitePrefixAllowed field if the associated template is a standard template.
Resolution - Remove Repository
Remove the policy repository field if the associated template is a standard template.
Exception Detail Fields
This error type includes the following fields/values in the response:
| Field Name | Description |
field | Field name that is incompatible with the type of site. |
For detailed information about this exception detail type, consult the UnsupportedPolicyFieldExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Unsupported Policy Field", "status": "400", "detail": "Field '{field}' should not be provided for this policy.", "o:errorCode": "OCE-SITEMGMT-009036", "field": "repository" }
400Bad Request - Mandatory Policy Field
Indicates that a field in the policy is being cleared, but the field is mandatory in a policy and cannot be set to null.
Error Code
OCE-SITEMGMT-009037
Resolution - Do Not Clear Field
Do not attempt to clear the security field. The field can be changed only to a different value.
Exception Detail Fields
This error type includes the following fields/values in the response:
| Field Name | Description |
policy | Policy whose field is mandatory. |
fieldName | Field name that is being cleared. |
For detailed information about this exception detail type, consult the MandatoryPolicyFieldExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Mandatory Policy Field", "status": "400", "detail": "Field '{fieldName}' should not be set to 'null'.", "o:errorCode": "OCE-SITEMGMT-009037", "policy": { "id": "721af08b-32db-4eee-b6af-0c38d3ba4681" }, "fieldName": "security" }
400Bad Request - Invalid Site Expiration
The provided site expiration period is either too small or too large.
Error Code
OCE-SITEMGMT-009067
Resolution - Choose a Smaller Site Expiration Period
Specify a smaller site expiration period.
Resolution - Choose a Larger Site Expiration Period
Specify a larger site expiration period.
Exception Detail Fields
This error type includes the following fields/values in the response:
| Field Name | Description |
minimum | Minimum site expiration amount. |
maximum | Maximum site expiration amount. |
For detailed information about this exception detail type, consult the InvalidSiteExpirationExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Site Expiration", "status": "400", "detail": "Site expiration must be set to between '{minimum.amount} {minimum.unit}' and '{maximum.amount} {maximum.unit}'.", "o:errorCode": "OCE-SITEMGMT-009067", "minimum": { "amount": "2", "unit": "months" }, "maximum": { "amount": "2", "unit": "months" } }
Introduced in release 19.4.1.
404Not Found - Policy Not Found
The policy does not exist or has been deleted, or the authenticated user or client application does not have access to the policy.
Error Code
OCE-SITEMGMT-009022
Resolution - Check Identifier
Check that the policy identifier is valid.
Resolution - Check Role
Check that the authenticated user is a site administrator.
Resolution - Check Access
If the user is not a site administrator then check the policy 'accessType' includes the authenticated user.
Exception Detail Fields
This error type includes the following fields/values in the response:
| Field Name | Description |
policy | Policy that does not exist or is not visible to the authenticated user. |
For detailed information about this exception detail type, consult the PolicyNotFoundExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Policy Not Found", "status": "404", "detail": "Policy does not exist or has been deleted, or the authenticated user or client application does not have access to the policy.", "o:errorCode": "OCE-SITEMGMT-009022", "policy": { "id": "721af08b-32db-4eee-b6af-0c38d3ba4681" } }
409Conflict - Policy Read Only
The policy is read only and cannot be modified. Only policies associated with a template or site can be edited. Policies associated with a request are read only.
Error Code
OCE-SITEMGMT-009032
Resolution - Edit Template Policy
If the intention was to change the policy associated with a template, use the policy identifier from the template policy resource.
Resolution - Edit Copy Site Policy
If the intention was to change the policy associated with the copy site operation, use the policy identifier from the copy operation policy resource.
Resolution - Edit Extend Site Expiration Policy
If the intention was to change the policy associated with the copy site operation, use the policy identifier from the extend site expiration operation policy resource.
Exception Detail Fields
This error type includes the following fields/values in the response:
| Field Name | Description |
policy | Policy that is read only. |
For detailed information about this exception detail type, consult the PolicyReadOnlyExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Policy Read Only", "status": "409", "detail": "The policy is read-only and cannot be modified.", "o:errorCode": "OCE-SITEMGMT-009032", "policy": { "id": "721af08b-32db-4eee-b6af-0c38d3ba4681" } }
409Conflict - Missing Template Localization Policy
The policy must allow the user to specify a localization policy because the associated enterprise site template does not have a default localization policy.
If the localization policy associated with a template is deleted, then this error can also occur. If a template localization policy is missing it will prevent site requests from completing where the associated policy specifies that the template localization policy should be used.
Error Code
OCE-SITEMGMT-009030
Resolution - Update the Localization Policy
Change the template policy to allow a localization policy to be specified by the requesting user.
Exception Detail Fields
This error type includes the following fields/values in the response:
| Field Name | Description |
template | Template that has a missing localization policy. |
For detailed information about this exception detail type, consult the MissingTemplateLocalizationPolicyExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Missing Template Localization Policy", "status": "409", "detail": "The template does not have a localization policy, or the localization policy associated with the template has been deleted.", "o:errorCode": "OCE-SITEMGMT-009030", "template": { "id": "F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6" } }
Request
- application/merge-patch+json
-
id: string
Globally unique identifier for a policy.
-
If-Match(optional): string
The if match request header is used with a method to make it conditional. A client that has one or more entity tag values previously obtained with the resource can verify that one of those entity tag values is current. If the requested resource does not match any of the provided entity tag values a precondition failed response will be returned without any body.
-
If-None-Match(optional): string
The if none match request header is used with a method to make it conditional. A client that has one or more entity tag values previously obtained with the resource can verify that none of those entity tag values is current.
Only properties that are being updated should be provided in the request. To remove a property, include it in the request with a value of null. Properties that cannot be updated are ignored.
object-
accessType(optional):
string
Determines whether the policy is applicable to everyone, or to just the users that are part of the access list.
Valid values are:
-
everyone- Policy, when active, is applicable to everyone -
restricted- Policy, when active, is applicable to users that are part of the access list
-
-
approvalType(optional):
string
When a request is made that is associated with this policy, the request will require the type of approval defined by the policy. If the type of approval is automatic then the request will not require manual approval.
Valid values are:
-
automatic- A request will automatically be approved without any human approval process involved -
admin- Any user with the site administrator role can approve the associated request -
named- Site creation will require approval from one user that is a member of the approvers list associated with the policy
-
-
expiration(optional):
expiration
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1. -
links(optional):
array links
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
-
localizationPolicyAllowed(optional):
boolean
If a localization policy is not allowed, then the requester will not be permitted to specify a localization policy at the time of requesting a site. The localization policy associated with the template will be used. If a localization policy is allowed, then the requester must specify one at the time of requesting a site. This property can be set only when the template associated with the policy is an enterprise templates.
Introduced in release 19.2.3. -
repository(optional):
string
When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.
Introduced in release 19.2.3. -
security(optional):
object security
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
sitePrefixAllowed(optional):
boolean
If
Introduced in release 19.2.3.true, a request for a new site can include an explicit site prefix. Iffalse, then a site prefix must not be provided and will be generated automatically. This property can be set only when the template associated with the policy is an enterprise templates. -
status(optional):
string
The policy status specifies whether the policy can be used to perform the operation associated with the policy. If the policy status is inactive then the operation cannot be performed. If the policy status is active then the operation can be performed. For example, for a policy associated with a site template, a status of active means that users can create sites from that site template.
Valid values are:
-
inactive- Policy that is marked as inactive means the associated operation cannot be requested -
active- Policy that is marked as active means the associated operation can be requested
-
{
"status":"active"
}When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1.-
object
SiteExpirationPeriod
Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.
arrayHATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
objectSecurity policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
appliesTo(optional):
string
Define which types of users may access a site. Can include all users or be restricted to named users only.
Valid values are:
-
named- Only named users within a specified level can access -
all- All users within a specified level can access
-
-
level(optional):
string
Maximum open security level that can be set on a site.
Valid values are:
-
service- Only service users -
cloud- Only cloud users who can sign in to your domain -
everyone- Anyone without signing in
-
objectSite expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.-
amount(optional):
integer(int32)
Amount of time used to measure site expiration.
Introduced in release 19.4.1. -
unit(optional):
string
Unit of time used to measure site expiration.
Valid values are:
-
months- Expiration expressed in the number of months -
years- Expiration expressed in the number of years
-
objectREST HATEOAS link and related metadata. If responses provide links (for example, a self link to the resource itself) the links provided will include one or more of the properties defined on this link structure.
-
href(optional):
string
The target resource URI. URI RFC3986 or URI Template RFC6570. If the value is set to URI Template, then the
templatedproperty must be set totrue. -
mediaType(optional):
string
Media type, as defined by RFC 2046, describing the link target.
-
method(optional):
string
HTTP method for requesting the target of the link.
Valid values are:
-
OPTIONS- HTTP OPTIONS -
HEAD- HTTP HEAD -
GET- HTTP GET -
POST- HTTP POST -
PUT- HTTP PUT -
PATCH- HTTP PATCH -
DELETE- HTTP DELETE
-
-
profile(optional):
string(uri)
Link to the metadata of the resource, such as JSON-schema, that describes the resource expected when dereferencing the target resource.
-
rel(optional):
string
Name of the link relation that, in addition to the type property, can be used to retrieve link details.
-
templated(optional):
boolean
Boolean flag that specifies the
hrefproperty is a URI or URI Template. The property can be assumed to befalseif the property is not present.
Response
- application/json
- application/vnd.oracle.resource+json;type=singular
200 Response
-
Cache-Control: string
Directives for caching mechanisms.
-
Content-Length: string
Size of the response body.
-
Content-Type: string
Content type of the response.
-
ETag: string
Opaque identifier assigned by the origin server to a specific version of a resource.
-
allOf
Policy
A policy controls how a request to perform a site-related operation is approved and whether there are any particular restrictions or defaults to apply when that operation is performed.
A policy is associated with a resource, for example a site creation policy can be associated with a site template. A site creation policy, for example, could specify that site administrator approval is required to create a site from a particular site template and that site template has a security level of domain users only.
A policy can be marked as inactive which prevents the operation from being performed or requested.
A policy controls how a request to perform a site-related operation is approved and whether there are any particular restrictions or defaults to apply when that operation is performed.
A policy is associated with a resource, for example a site creation policy can be associated with a site template. A site creation policy, for example, could specify that site administrator approval is required to create a site from a particular site template and that site template has a security level of domain users only.
A policy can be marked as inactive which prevents the operation from being performed or requested.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Policy-allOf[1]
objectAll singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
links(optional):
array links
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
object-
access(optional):
object access
List of users and groups who have the ability to perform the operation associated with the policy. For example, the list of users and groups who can create a site from a template. If the access list is empty all users can perform the policy operation. The access list is only used if the
Introduced in release 19.3.1.accessTypeof the policy is set torestricted. -
accessType(optional):
string
Determines whether the policy is applicable to everyone, or to just the users that are part of the access list.
Valid values are:
-
everyone- Policy, when active, is applicable to everyone -
restricted- Policy, when active, is applicable to users that are part of the access list
-
-
approvalType(optional):
string
When a request is made that is associated with this policy, the request will require the type of approval defined by the policy. If the type of approval is automatic then the request will not require manual approval.
Valid values are:
-
automatic- A request will automatically be approved without any human approval process involved -
admin- Any user with the site administrator role can approve the associated request -
named- Site creation will require approval from one user that is a member of the approvers list associated with the policy
-
-
approvers(optional):
object approvers
List of users and groups who have the ability to approve any request associated with the policy. For example, the list of users and groups who can approve creating a site from a template. The approval list is only used if the approval type is set to named approvers.
Introduced in release 19.3.3. -
expiration(optional):
expiration
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1. -
id(optional):
string
Globally unique identifier for a policy.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
localizationPolicyAllowed(optional):
boolean
If a localization policy is not allowed, then the requester will not be permitted to specify a localization policy at the time of requesting a site. The localization policy associated with the template will be used. If a localization policy is allowed, then the requester must specify one at the time of requesting a site. This property can be set only when the template associated with the policy is an enterprise templates.
Introduced in release 19.2.3. -
repository(optional):
repository
When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.
Introduced in release 19.2.3. -
revision(optional):
integer(int64)
Every time a policy is edited, the revision number is incremented. Revision numbers start at zero. The revision number can be used to see if a policy has changed since it was last requested as the revision is also used as the strong
ETagvalue for this resource. -
security(optional):
security
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
sitePrefixAllowed(optional):
boolean
If
Introduced in release 19.2.3.true, a request for a new site can include an explicit site prefix. Iffalse, then a site prefix must not be provided and will be generated automatically. This property can be set only when the template associated with the policy is an enterprise templates. -
status(optional):
string
The policy status specifies whether the policy can be used to perform the operation associated with the policy. If the policy status is inactive then the operation cannot be performed. If the policy status is active then the operation can be performed. For example, for a policy associated with a site template, a status of active means that users can create sites from that site template.
Valid values are:
-
inactive- Policy that is marked as inactive means the associated operation cannot be requested -
active- Policy that is marked as active means the associated operation can be requested
-
arrayHATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
objectREST HATEOAS link and related metadata. If responses provide links (for example, a self link to the resource itself) the links provided will include one or more of the properties defined on this link structure.
-
href(optional):
string
The target resource URI. URI RFC3986 or URI Template RFC6570. If the value is set to URI Template, then the
templatedproperty must be set totrue. -
mediaType(optional):
string
Media type, as defined by RFC 2046, describing the link target.
-
method(optional):
string
HTTP method for requesting the target of the link.
Valid values are:
-
OPTIONS- HTTP OPTIONS -
HEAD- HTTP HEAD -
GET- HTTP GET -
POST- HTTP POST -
PUT- HTTP PUT -
PATCH- HTTP PATCH -
DELETE- HTTP DELETE
-
-
profile(optional):
string(uri)
Link to the metadata of the resource, such as JSON-schema, that describes the resource expected when dereferencing the target resource.
-
rel(optional):
string
Name of the link relation that, in addition to the type property, can be used to retrieve link details.
-
templated(optional):
boolean
Boolean flag that specifies the
hrefproperty is a URI or URI Template. The property can be assumed to befalseif the property is not present.
objectList of users and groups who have the ability to perform the operation associated with the policy. For example, the list of users and groups who can create a site from a template. If the access list is empty all users can perform the policy operation. The access list is only used if the accessType of the policy is set to restricted.
-
items:
array items
Collection of Policy Access Member elements.
Introduced in release 19.3.1.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
objectList of users and groups who have the ability to approve any request associated with the policy. For example, the list of users and groups who can approve creating a site from a template. The approval list is only used if the approval type is set to named approvers.
Introduced in release 19.3.3.-
items:
array items
Collection of Policy Approvers Member elements.
Introduced in release 19.3.3.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1.-
object
SiteExpirationPeriod
Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.
When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.
Introduced in release 19.2.3.-
allOf
Repository
Repositories are a storage location for files, both text and images. Repository administrators can create a repository with channel policies and localization policies designated for the repository. Multiple repositories can be created to handle different marketing needs.
A repository can be used to manage all the assets you need in one place. For example, perhaps your company sells computer equipment. One repository could be set up to handle the files related to desktop computers. Another repository could be used for tablets. Each repository might contain photos, graphics, and content about the different kinds of computers. The assets in each repository are controlled by the policies you allocate to the repository.
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
object
SecurityPolicy
The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
arrayCollection of Policy Access Member elements.
Introduced in release 19.3.1.All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
CollectionResource-allOf[1]
object-
count(optional):
integer(int32)
Total number of resources in the response.
-
hasMore(optional):
boolean
Collection has more elements that match the request. Indicates whether there are more items to be returned when a paged request is made and the page was not big enough to return all elements.
-
limit(optional):
integer(int32)
Actual response size limit used. If the request specifies too large a limit, or does not specify a limit then the response will specify the limit used.
-
offset(optional):
integer(int64)
Actual response offset used. If the request specifies no offset then the actual offset is provided in the response.
-
totalResults(optional):
integer(int64)
Total number of resources that match the request. If provided, this is the total number of available items. If not specified the total is not known, or is not viable to return. Paging limits or offsets are ignored when calculating this value. Only returned if the
totalResultsparameter is supported and is set totrueby the client.
object-
displayName(optional):
string
Display name for the user, client application or group.
Introduced in release 19.3.1. -
group(optional):
group
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.1. -
groupType(optional):
string
If the member is a group, then the type of group is specified. If the member is a user this field is not present.
Valid values are:
-
oce- Content management group -
idp- identity provider group
-
-
id:
string
Identifier for the user, client application or group member.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.1. -
isExternalUser(optional):
boolean
Will be set to true if the associated user or client application has only the external user role.
Introduced in release 21.10.2. -
name:
string
Unique name for the user, client application or group. If the member is a user the name is the user name. If the member is a group the name is the group name.
Introduced in release 19.3.1. -
type:
string
Indicates the member is a user, client application or group.
Valid values are:
-
user- Member is a user or a client application. No distinction is made between a member that is a user or a
-
group- Member is a group
-
-
user(optional):
user
User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.1.
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.1.User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.1.A group is a collection of users and groups. A group has a human readable group name.
Introduced in release 19.3.1.-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Group-allOf[1]
object-
displayName(optional):
string
Human-readable name for the group.
Introduced in release 19.3.1. -
groupName(optional):
string
Group name that is unique within the service instance.
Introduced in release 19.3.1. -
id(optional):
string
Unique identifer for the group.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.1. -
roles(optional):
array roles
Roles.
Valid values are:
-
CECServiceAdministrator- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator- Repository Administrator -
CECDeveloperUser- Developer User -
CECContentAdministrator- Content Administrator
- Create new content types and publish items
-
CECStandardUser- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser- External User
-
CECIntegrationUser- Integration User
-
CECSitesVisitor- Sites Visitor
-
-
type(optional):
string
Type of the group.
Valid values are:
-
oce- Content management group -
idp- identity provider group
-
arrayRoles.
Valid values are:
-
CECServiceAdministrator- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator- Repository Administrator -
CECDeveloperUser- Developer User -
CECContentAdministrator- Content Administrator
- Create new content types and publish items
-
CECStandardUser- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser- External User
-
CECIntegrationUser- Integration User
-
CECSitesVisitor- Sites Visitor
typeIdentity representing a user or client application. The identity contains the common information such as the identity identifier, unique name and display name.
Introduced in release 20.3.1.-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Identity-allOf[1]
object-
displayName(optional):
string
Human-readable display name.
Introduced in release 20.3.1. -
id(optional):
string
An identifier value allocated by CEC for the user or client application. The identifier is unique within the scope of the service.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 20.3.1. -
name(optional):
string
Unique name, such as the user name or client application name.
Introduced in release 20.3.1. -
roles(optional):
array roles
Roles.
Valid values are:
-
CECServiceAdministrator- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator- Repository Administrator -
CECDeveloperUser- Developer User -
CECContentAdministrator- Content Administrator
- Create new content types and publish items
-
CECStandardUser- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser- External User
-
CECIntegrationUser- Integration User
-
CECSitesVisitor- Sites Visitor
-
-
type(optional):
string
Type of Identity. Valid values are:
Introduced in release 20.3.1.user,service,application,unknown.
arrayRoles.
Valid values are:
-
CECServiceAdministrator- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator- Repository Administrator -
CECDeveloperUser- Developer User -
CECContentAdministrator- Content Administrator
- Create new content types and publish items
-
CECStandardUser- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser- External User
-
CECIntegrationUser- Integration User
-
CECSitesVisitor- Sites Visitor
arrayCollection of Policy Approvers Member elements.
Introduced in release 19.3.3.object-
displayName(optional):
string
Display name for the user, client application or group.
Introduced in release 19.3.3. -
group(optional):
group
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3. -
groupType(optional):
string
If the member is a group, then the type of group is specified. If the member is a user this field is not present.
Valid values are:
-
oce- Content management group -
idp- identity provider group
-
-
id:
string
Identifier for the user, client application or group member.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.3. -
isExternalUser(optional):
boolean
Will be set to true if the associated user or client application has only the external user role.
Introduced in release 21.10.2. -
name:
string
Unique name for the user, client application or group. If the member is a user the name is the user name. If the member is a group the name is the group name.
Introduced in release 19.3.3. -
type:
string
Indicates the member is a user, client application or group.
Valid values are:
-
user- Member is a user or a client application. No distinction is made between a member that is a user or a
-
group- Member is a group
-
-
user(optional):
user
User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3.User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.objectSite expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.-
amount(optional):
integer(int32)
Amount of time used to measure site expiration.
Introduced in release 19.4.1. -
unit(optional):
string
Unit of time used to measure site expiration.
Valid values are:
-
months- Expiration expressed in the number of months -
years- Expiration expressed in the number of years
-
Repositories are a storage location for files, both text and images. Repository administrators can create a repository with channel policies and localization policies designated for the repository. Multiple repositories can be created to handle different marketing needs.
A repository can be used to manage all the assets you need in one place. For example, perhaps your company sells computer equipment. One repository could be set up to handle the files related to desktop computers. Another repository could be used for tablets. Each repository might contain photos, graphics, and content about the different kinds of computers. The assets in each repository are controlled by the policies you allocate to the repository.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Repository-allOf[1]
object-
autoTagEnabled(optional):
boolean
Whether auto tagging is enabled for the repository.
-
channels(optional):
array channels
Channels associated with the repository.
-
contentTypes(optional):
array contentTypes
Content types associated with the repository.
-
createdBy(optional):
string
User that created the repository.
-
createdDate(optional):
createdDate
Date and time the repository was created.
-
defaultLanguage(optional):
string
Default language of the repository.
-
description(optional):
string
Human-readable description of the repository to give consumers an idea of what content this repository contains.
-
id(optional):
string
Unique identifier for the repository.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
languageOptions(optional):
array languageOptions
Language options for the repository.
-
name(optional):
string
Short human-readable name to identify the repository.
-
roleName(optional):
string
The role the authenticated user has within the repository.
Valid values are:
-
owner- Owner of the resource -
custom- Custom role -
manager- Manager role -
contributor- Contributor role -
downloader- Downloader role -
viewer- Viewer role
-
-
updatedBy(optional):
string
User that last updated the repository. If the repository has not been updated the updated by will be the user that created the repository.
-
updatedDate(optional):
updatedDate
Date and time the repository was last updated.
Date and time the repository was created.
-
object
DateTimeZone
Date, time and time zone.
Date and time the repository was last updated.
-
object
DateTimeZone
Date, time and time zone.
objectChannel identifier.
-
id(optional):
string
Unique identifier for the repository.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
name(optional):
string
Short unique human-readable name to identify the channel.
objectContent type identifier.
-
name(optional):
string
Content type name.
objectDate, time and time zone.
-
description(optional):
string
Description of the date, time and time zone information.
-
timezone(optional):
string
Timezone in Olson database format.
-
value(optional):
string(date-time)
Date in ISO 8601 format. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'format using a UTC timezone.
objectThe security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
-
appliesTo(optional):
string
Define which types of users may access a site. Can include all users or be restricted to named users only.
Valid values are:
-
named- Only named users within a specified level can access -
all- All users within a specified level can access
-
-
level(optional):
string
Maximum open security level that can be set on a site.
Valid values are:
-
service- Only service users -
cloud- Only cloud users who can sign in to your domain -
everyone- Anyone without signing in
-
{
"id":"721af08b-32db-4eee-b6af-0c38d3ba4681",
"status":"inactive",
"approvalType":"automatic",
"accessType":"everyone",
"security":{
"level":"service",
"appliesTo":"named"
},
"localizationPolicyAllowed":false,
"sitePrefixAllowed":false,
"expiration":{
"amount":"2",
"unit":"months"
},
"revision":"0"
}400 Response
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
InvalidSecurityScopeExceptionDetail-allOf[1]
objectIn addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
titleordetail. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCodefor this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object-
level(optional):
string
Specified site security level.
Valid values are:
-
service- Only service users -
cloud- Only cloud users who can sign in to your domain -
everyone- Anyone without signing in
-
-
requiredScope(optional):
string
Required site security scope.
Valid values are:
-
named- Only named users within a specified level can access -
all- All users within a specified level can access
-
-
specifiedScope(optional):
string
Specified site security scope.
Valid values are:
-
named- Only named users within a specified level can access -
all- All users within a specified level can access
-
arrayMultiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Security Scope",
"status":"400",
"detail":"Site security scope '{specifiedScope}' is not valid with a site security level of '{level}'. Use a security scope of '{requiredScope}'.",
"o:errorCode":"OCE-SITEMGMT-009018",
"level":"service",
"specifiedScope":"named",
"requiredScope":"all"
}{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Repository",
"status":"400",
"detail":"Repository does not exist or has been deleted, or the authenticated user or client application does not have access to the repository.",
"o:errorCode":"OCE-CAAS-001006",
"repository":{
"id":"F81629473A3DB8B2A28669F19E68209BBAD3340745B0"
}
}{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Site Template",
"status":"400",
"detail":"Template does not exist or has been deleted, or the authenticated user or client application does not have access to the template.",
"o:errorCode":"OCE-SITEMGMT-009010",
"template":{
"id":"F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6"
}
}{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Unsupported Policy Field",
"status":"400",
"detail":"Field '{field}' should not be provided for this policy.",
"o:errorCode":"OCE-SITEMGMT-009036",
"field":"repository"
}{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Mandatory Policy Field",
"status":"400",
"detail":"Field '{fieldName}' should not be set to 'null'.",
"o:errorCode":"OCE-SITEMGMT-009037",
"policy":{
"id":"721af08b-32db-4eee-b6af-0c38d3ba4681"
},
"fieldName":"security"
}{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Site Expiration",
"status":"400",
"detail":"Site expiration must be set to between '{minimum.amount} {minimum.unit}' and '{maximum.amount} {maximum.unit}'.",
"o:errorCode":"OCE-SITEMGMT-009067",
"minimum":{
"amount":"2",
"unit":"months"
},
"maximum":{
"amount":"2",
"unit":"months"
}
}401 Response
403 Response
404 Response
-
Cache-Control: string
Directives for caching mechanisms.
-
Content-Length: string
Size of the response body.
-
Content-Type: string
Content type of the response.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
PolicyNotFoundExceptionDetail-allOf[1]
objectIn addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
titleordetail. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCodefor this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object-
policy(optional):
string
Policy that does not exist or is not visible to the authenticated user.
arrayMultiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Policy Not Found",
"status":"404",
"detail":"Policy does not exist or has been deleted, or the authenticated user or client application does not have access to the policy.",
"o:errorCode":"OCE-SITEMGMT-009022",
"policy":{
"id":"721af08b-32db-4eee-b6af-0c38d3ba4681"
}
}406 Response
409 Response
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
PolicyReadOnlyExceptionDetail-allOf[1]
objectIn addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
titleordetail. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCodefor this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object-
policy(optional):
string
Policy that is read only.
arrayMultiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Policy Read Only",
"status":"409",
"detail":"The policy is read-only and cannot be modified.",
"o:errorCode":"OCE-SITEMGMT-009032",
"policy":{
"id":"721af08b-32db-4eee-b6af-0c38d3ba4681"
}
}{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Missing Template Localization Policy",
"status":"409",
"detail":"The template does not have a localization policy, or the localization policy associated with the template has been deleted.",
"o:errorCode":"OCE-SITEMGMT-009030",
"template":{
"id":"F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6"
}
}