Update the Fields of a Request
/sites/management/api/v1/requests/{id}
Update details of the request, such as changing the justification of a request if it has been rejected. Requests can be updated only if they are in a pending, rejected or failed state. Approved or completed requests cannot be updated. When a failed or rejected request is updated, the status is automatically changed to pending and reviews associated with the request are removed; the approval flow is restarted as if the request had been created. To approve or reject a request add a review because the request status cannot be directly updated.
Forked Requests
If a failed or rejected request is updated, the request is forked to ensure that a history of the request is
maintained. A fork of the request is a copy of the request and reviews. A forked request is associated with
the request that was updated, maintaining a relationship between the updated request and the fork. A fork
is also marked as deleted so that the forked request, by default, does not get returned when requests
are listed. When requests are listed, forked requests can be read by using the includeDeleted
query parameter.
Forked requests provide a form of revision history for the request, providing a record of all the updates
and reviews for a request. Forked requests can be discovered by listing requests with a filter query parameter
of original.id eq "identifier" and includeDeleted eq "true"
, where identifier
is the identifier of the
request that was updated.
Authorization
Users can update any request they created. Any request can be updated by a site administrator.
Successful Response Examples
This operation responds with the following success (2xx) responses. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.
200OK - Update the Site Name and Description
Update a rejected or failed request for a new site with a new site name and description. The request status will change to pending
and the request will be ready for review. The name and description can be updated independently, but this example shows both fields being updated together.
Request
PATCH https://api.example.com/sites/management/api/v1/requests/{id}
Request Body
{ "name": "AcmeProductLaunch2019", "description": "Marketing site for Acme New Product Launch 2019." }
Response Body
{ "requestType": "SiteRequest", "id": "e77229e8-1f44-4c27-bacb-9a99b7c77af7", "isDeleted": false, "justification": "I require a site for our new product launch.", "status": "pending", "createdAt": "2018-11-21T12:10:15.123Z", "lastModifiedAt": "2018-11-21T12:10:15.123Z", "revision": 1, "name": "AcmeProductLaunch2019", "description": "Marketing site for Acme New Product Launch 2019.", "policy": { "id": "request:e77229e8-1f44-4c27-bacb-9a99b7c77af7", "status": "active", "approvalType": "admin", "accessType": "everyone", "security": { "level": "cloud", "appliesTo": "all" } } }
200OK - Update the Justification
Update a rejected or failed request for a new site with a new justification. The request status will change to pending
and the request will ready for review.
Request
PATCH https://api.example.com/sites/management/api/v1/requests/{id}
Request Body
{ "justification": "I need this site by tomorrow, please approve as soon as possible." }
Response Body
{ "requestType": "SiteRequest", "id": "e77229e8-1f44-4c27-bacb-9a99b7c77af7", "isDeleted": false, "justification": "I need this site by tomorrow, please approve as soon as possible.", "status": "pending", "createdAt": "2018-11-21T12:10:15.123Z", "lastModifiedAt": "2018-11-21T12:10:15.123Z", "revision": 1, "name": "AcmeProductLaunch", "description": "Marketing site for Acme New Product Launch.", "policy": { "id": "request:e77229e8-1f44-4c27-bacb-9a99b7c77af7", "status": "active", "approvalType": "admin", "accessType": "everyone", "security": { "level": "cloud", "appliesTo": "all" } } }
Client Error Response Examples
This operation responds with following client error (4xx) responses with exception details in the response body. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.
400Bad Request - Invalid Site Template
The template referenced in the request or associated with the resource does not exist, or has been deleted, or the authenticated user or client application does not have access to the template.
Error Code
OCE-SITEMGMT-009010
Resolution - Check Identifier
Check that the template identifier is valid.
Resolution - Check Authorization
Check that the authenticated user is authorized to access to the template.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
template | Template that does not exist or is not visible to the authenticated user. |
For detailed information about this exception detail type, consult the InvalidTemplateExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Site Template", "status": "400", "detail": "Template does not exist or has been deleted, or the authenticated user or client application does not have access to the template.", "o:errorCode": "OCE-SITEMGMT-009010", "template": { "id": "F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6" } }
400Bad Request - Invalid Site
Site does not exist or has been deleted, or the authenticated user or client application does not have access to the site.
Error Code
OCE-SITEMGMT-009023
Resolution - Check Authorization
Check that the authenticated user is authorized to access to the site.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
site | Site that does not exist or is not visible to the authenticated user, if the site identifier has been provided. |
For detailed information about this exception detail type, consult the InvalidSiteExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Site", "status": "400", "detail": "Site does not exist or has been deleted, or the authenticated user or client application does not have access to the site.", "o:errorCode": "OCE-SITEMGMT-009023", "site": { "id": "FCA9C0E5CDCB549A19FFB85987A2352778961003B8A0" } }
400Bad Request - Invalid Site Name
The provided site name cannot be used because it contains characters or words that are not allowed. The reason the site name is invalid will be reported in the error message.
Error Code
OCE-SITEMGMT-009012
Resolution - Remove Spaces
Change the site name so that it does not contain spaces.
Resolution - Check Characters
Use only letters, numbers, hyphens, and underscores in site names.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
siteName | Invalid site name. |
reason | Reason the site name is invalid. Valid values are:
|
For detailed information about this exception detail type, consult the InvalidSiteNameExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Site Name", "status": "400", "detail": "Site name '{siteName}' cannot be used to create a site.", "o:errorCode": "OCE-SITEMGMT-009012", "siteName": "MyNewProduct", "reason": "tooLong" }
400Bad Request - Invalid Site Prefix
Site prefix is not a valid prefix.
Error Code
OCE-SITEMGMT-009034
Resolution - Remove Spaces
Change the site prefix so that it does not contain spaces.
Resolution - Check Characters
Use only letters, numbers, hyphens, and underscores in site prefixes.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
sitePrefix | Invalid site prefix value. Site prefixes are limit to 15 characters in length. |
For detailed information about this exception detail type, consult the InvalidSitePrefixExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Site Prefix", "status": "400", "detail": "Site prefix '{sitePrefix}' contains invalid characters.", "o:errorCode": "OCE-SITEMGMT-009034", "sitePrefix": "News Site" }
400Bad Request - Invalid Site Field
Indicates that a field in the request should not be specified because the associated site (for a copy request) or template (for a new site request) does not require or support the field. For example, a request for a site using a standard template should not specify a localization policy.
Error Code
OCE-SITEMGMT-009017
Resolution - Remove the Default Language Field
Remove the request defaultLanguage
field if the template or site is a standard template or standard site.
Resolution - Remove the Localization Policy Field
Remove the request localizationPolicy
field if the template or site is a standard template or standard site.
Resolution - Remove the Repository Field
Remove the request repository
field if the template or site is a standard template or standard site.
Resolution - Remove the Site Prefix Field
Remove the request sitePrefix
field if the template or site is a standard template or standard site.
Resolution - Remove the Default Language Field
Remove the request defaultLanguage
field if the template or site is a standard template or standard site.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
fieldName | Field name that is incompatible with the type of site. |
For detailed information about this exception detail type, consult the InvalidSiteFieldExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Site Field", "status": "400", "detail": "Field '{fieldName}' should not be provided for this request.", "o:errorCode": "OCE-SITEMGMT-009017", "fieldName": "defaultLanguage" }
400Bad Request - Invalid Repository
The referenced repository could not be found. Either the repository does not exist or has been deleted, or the authenticated user or client application does not have access to the repository.
Error Code
OCE-CAAS-001006
Resolution - Check Identifier
Check that the repository identifier is valid.
Resolution - Check Membership
Check that the authenticated user is a member of the repository and they have the relevant role to perform the operation relating to the repository.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
repository | Repository that does not exist or is not visible to the authenticated user, if the repository identifier has been provided. |
For detailed information about this exception detail type, consult the InvalidRepositoryExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Repository", "status": "400", "detail": "Repository does not exist or has been deleted, or the authenticated user or client application does not have access to the repository.", "o:errorCode": "OCE-CAAS-001006", "repository": { "id": "F81629473A3DB8B2A28669F19E68209BBAD3340745B0" } }
Introduced in release 19.2.3.
400Bad Request - Invalid Localization Policy
The referenced localization policy could not be found. Either the localization policy does not exist or has been deleted, or the identifier provided is incorrect.
Error Code
OCE-CAAS-001004
Resolution - Check Identifier
Check that the localization policy identifier is valid.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
localizationPolicy | Localization policy that does not exist. |
For detailed information about this exception detail type, consult the InvalidLocalizationPolicyExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Localization Policy", "status": "400", "detail": "Localization policy does not exist.", "o:errorCode": "OCE-CAAS-001004", "localizationPolicy": { "id": "7D77CB6653BC1FF8E0530100007F6630" } }
Introduced in release 19.2.3.
400Bad Request - Invalid Default Language
The default language is either missing or not one of the required languages supported by the associated localization policy.
Error Code
OCE-CAAS-001003
Resolution - Default Language Missing
If the default language has not been provided, then ensure a default language listed in the error message is provided.
Resolution - Language Not Supported
If a default language has been provided, then ensure that the provided language matches one of the languages listed in the error message.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
localizationPolicy | Localization policy that does not allow the specified default language. |
defaultLanguage | Invalid default language. |
For detailed information about this exception detail type, consult the InvalidDefaultLanguageExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Default Language", "status": "400", "detail": "Default Language '{defaultLanguage}' is not valid. The default language must be one of the localization policy's required languages.", "o:errorCode": "OCE-CAAS-001003", "defaultLanguage": "en-US" }
Introduced in release 19.2.3.
400Bad Request - Inactive Template Policy
The template does not have a policy that is marked as active. This error indicates that a site cannot be created from this template because a site administrator has not marked the template as suitable for creating sites from. This error can occur only when site governance is enabled.
Error Code
OCE-SITEMGMT-009015
Resolution - Check Policy is Active
Get a site administrator to check that there is a policy associated with the template and that it is marked as active.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
template | Template that does not have a policy, or the policy is inactive. |
For detailed information about this exception detail type, consult the InactiveTemplatePolicyExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Inactive Template Policy", "status": "400", "detail": "There is no active policy associated with the template.", "o:errorCode": "OCE-SITEMGMT-009015", "template": { "id": "F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6" } }
400Bad Request - Restricted Template Policy
This error indicates that the requester cannot use this this template to create a site as a site administrator has restricted site creation to a restricted audience that does not include the requester. This error can only occur when site governance is enabled.
Error Code
OCE-SITEMGMT-009033
Resolution - Add User to the Access List
Get a site administrator to add the user as a member of the policy access list.
Resolution - Change the Policy to Everyone Access
Get a site administrator to change the template policy accessType
to everyone
.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
template | Template that has the restricted policy. |
user | User or application that is not a member of the template policy access list. |
For detailed information about this exception detail type, consult the RestrictedTemplatePolicyExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Restricted Template Policy", "status": "400", "detail": "The policy associated with template has a restricted audience and can't be used by the user that created the request.", "o:errorCode": "OCE-SITEMGMT-009033", "template": { "id": "F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6" }, "user": { "id": "1234" } }
Introduced in release 19.3.2.
404Not Found - Request Not Found
The request does not exist or has been deleted, or the authenticated user or client application does not have access to the request.
Error Code
OCE-SITEMGMT-009001
Resolution - Check Identifier
Check that the request identifier is valid.
Resolution - Check Authorization
Check that the authenticated user can review the request or that the authenticated user is the user that created the request.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
request | Request that does not exist or is not visible to the authenticated user. |
For detailed information about this exception detail type, consult the RequestNotFoundExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Request Not Found", "status": "404", "detail": "Request does not exist or has been deleted, or the authenticated user or client application does not have access to the request.", "o:errorCode": "OCE-SITEMGMT-009001", "request": { "id": "e77229e8-1f44-4c27-bacb-9a99b7c77af7" } }
409Conflict - Invalid Request Status
The operation cannot be performed due to the current request status. When a request is created, approved, rejected or completed, the request status changes accordingly. Depending on the status of the request, some operations will be prevented. Only a pending or rejected request can be approved. A request that has been approved cannot be edited. Only a failed request can be retried.
Error Code
OCE-SITEMGMT-009009
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
request | Request on which the operation is being performed. |
required | Required status of the request for the operation to be valid. Valid values are:
|
For detailed information about this exception detail type, consult the InvalidRequestStatusExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Request Status", "status": "409", "detail": "Operation cannot be performed on a request with status '{request.status}'.", "o:errorCode": "OCE-SITEMGMT-009009", "required": [ "pending" ] }
409Conflict - Site Policy Violation
A template or site policy requires that a field value (that is missing) be present or prohibits the use of a field value (that is present). The error message will specify the field name and whether the field is prohibited or required. This error can occur only when site governance is enabled.
Error Code
OCE-SITEMGMT-009035
Resolution - Check Localization Policy is Allowed
If specifying a localization policy, check that the policy allows a localization policy to be specified in the request.
Resolution - Check Site Prefix is Allowed
If specifying a site prefix, check that the policy allows a site prefix to be specified in the request.
Resolution - Do Not Specify a Repository
If specifying a repository, check that the policy does not already specify a repository.
Resolution - Specify a Repository
If the policy does not specify a repository, then the request must specify a repository.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
fieldName | Name of the field. |
constraint | Indication that the field is required or prohibited. Valid values are:
|
For detailed information about this exception detail type, consult the PolicyConstraintViolationExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Site Policy Violation", "status": "409", "detail": "Field '{fieldName}' is {constraint} by the policy associated with this request.", "o:errorCode": "OCE-SITEMGMT-009035", "fieldName": "repository", "constraint": "required" }
Introduced in release 19.2.3.
409Conflict - Site Already Exists
A site with the same name already exists. Site names must be unique across all sites.
Error Code
OCE-SITEMGMT-009004
Resolution - Edit the Site Name
Edit the site name in the request so that it does not clash with an existing site.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
name | Duplicate name. |
For detailed information about this exception detail type, consult the SiteAlreadyExistsExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Site Already Exists", "status": "409", "detail": "A site with the same name already exists.", "o:errorCode": "OCE-SITEMGMT-009004", "name": "Oracle Content and Experience" }
409Conflict - Site Prefix Already Exists
A site with the same site prefix already exists. Site prefixes must be unique across all sites.
Error Code
OCE-SITEMGMT-009029
Resolution - Edit the Site Prefix
Edit the site prefix in the request so that it does not clash with an existing site.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
sitePrefix | Site prefix value that has clashed with an existing site. Site prefixes are limit to 15 characters in length. |
For detailed information about this exception detail type, consult the SitePrefixAlreadyExistsExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Site Prefix Already Exists", "status": "409", "detail": "Site with prefix '{sitePrefix}' already exists.", "o:errorCode": "OCE-SITEMGMT-009029", "sitePrefix": "News" }
Introduced in release 19.2.3.
Request
- application/merge-patch+json
-
id: string
Globally unique immutable identifier for a request.
-
includeDeleted(optional): boolean
Resources that have been marked for deletion can be read, modified, and support extended operations as long this query parameter is set to
true
. When theincludeDeleted
query parameter is not sent then the response to read, modification, and extended operations will be identical to that which would be returned if the resource was permanently deleted.
-
If-Match(optional): string
The if match request header is used with a method to make it conditional. A client that has one or more entity tag values previously obtained with the resource can verify that one of those entity tag values is current. If the requested resource does not match any of the provided entity tag values a precondition failed response will be returned without any body.
-
If-None-Match(optional): string
The if none match request header is used with a method to make it conditional. A client that has one or more entity tag values previously obtained with the resource can verify that none of those entity tag values is current.
Only properties that are being updated should be provided in the request. To remove a property, include it in the request with a value of null
. Properties that cannot be updated are ignored.
object
-
contentSecurity(optional):
contentSecurity
The security category for the site.
Targeted for a Future Release
This operation is targeted for an undecided future release. This operation may be subject to change.
-
defaultLanguage(optional):
string
The default language of the site. Must be one of the required languages of the localization policy. Required in requests for an enterprise site.
Introduced in release 19.2.3. -
description(optional):
string
Maximum Length:
1000
The site description is used to help people understand the purpose and usage of the site. There is no restriction on the contents of the description; it can be a single line or multiple lines with any characters.
-
includeUpdates(optional):
boolean
Include unpublished updates in the copy.
Introduced in release 19.2.2. -
justification(optional):
string
Maximum Length:
1000
The justification is to help human approvers review this request. There is no restriction on the contents of the description; it can be a single line or multiple lines with any characters.
-
links(optional):
array links
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
-
localizationPolicy(optional):
string
The localization policy that will be associated with the site when it is created. Localization policies can be set only for enterprise sites. A localization policy cannot be associated with a request if the policy associated with the request specifies a localization policy.
Introduced in release 19.2.3. -
name(optional):
string
Maximum Length:
242
This name is used during the site creation process and is used to identify the new site. Names must be unique; the name provided cannot be the same as the name of any existing site.
-
repository(optional):
string
The asset repository that will be associated with the site when it is created. Repositories can be set only for enterprise sites. A repository cannot be associated with a request if the policy associated with the request specifies a repository.
Introduced in release 19.2.3. -
sitePrefix(optional):
string
Maximum Length:
15
The site prefix that will be set on a site when it is created. Will be set only on requests for an enterprise site. Can only be set only if the policy associated with the request allows; otherwise, the site prefix will be automatically generated. Site prefixes are limit to 15 characters in length.
Introduced in release 19.2.3.
{
"name":"AcmeProductLaunch2019",
"description":"Marketing site for Acme New Product Launch 2019."
}
The security category for the site.
Targeted for a Future Release
This operation is targeted for an undecided future release. This operation may be subject to change.
-
object
SiteContentSecurity
Content security for a site.
Targeted for a Future Release
This operation is targeted for an undecided future release. This operation may be subject to change.
array
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
object
Content security for a site.
Targeted for a Future Release
This operation is targeted for an undecided future release. This operation may be subject to change.
-
category(optional):
string
Associated Taxonomy Category resource.
Targeted for a Future Release
This operation is targeted for an undecided future release. This operation may be subject to change.
-
taxonomy(optional):
string
Associated Taxonomy resource.
Targeted for a Future Release
This operation is targeted for an undecided future release. This operation may be subject to change.
object
REST HATEOAS link and related metadata. If responses provide links (for example, a self
link to the resource itself) the links provided will include one or more of the properties defined on this link structure.
-
href(optional):
string
The target resource URI. URI RFC3986 or URI Template RFC6570. If the value is set to URI Template, then the
templated
property must be set totrue
. -
mediaType(optional):
string
Media type, as defined by RFC 2046, describing the link target.
-
method(optional):
string
HTTP method for requesting the target of the link.
Valid values are:
-
OPTIONS
- HTTP OPTIONS -
HEAD
- HTTP HEAD -
GET
- HTTP GET -
POST
- HTTP POST -
PUT
- HTTP PUT -
PATCH
- HTTP PATCH -
DELETE
- HTTP DELETE
-
-
profile(optional):
string(uri)
Link to the metadata of the resource, such as JSON-schema, that describes the resource expected when dereferencing the target resource.
-
rel(optional):
string
Name of the link relation that, in addition to the type property, can be used to retrieve link details.
-
templated(optional):
boolean
Boolean flag that specifies the
href
property is a URI or URI Template. The property can be assumed to befalse
if the property is not present.
Response
- application/json
- application/vnd.oracle.resource+json;type=singular
200 Response
-
Cache-Control: string
Directives for caching mechanisms.
-
Content-Length: string
Size of the response body.
-
Content-Type: string
Content type of the response.
-
ETag: string
Opaque identifier assigned by the origin server to a specific version of a resource.
-
allOf
Request
Discriminator:
requestType
A request represents an operation that needs approval before being fulfilled. An example request is a request for a new site to be created. A request can also be rejected. A request is approved or rejected by adding one or more reviews to the request. Requests, once created, cannot change apart from adding reviews that affect the approval or rejected status of the request. A request that is no longer valid can be deleted. If a request is rejected, then a new request needs to be created. Once a request is approved no further reviews can be added to the request. A rejected request can still be approved by creating a review that approves the request. Requests will fail if site governance is disabled.
requestType
A request represents an operation that needs approval before being fulfilled. An example request is a request for a new site to be created. A request can also be rejected. A request is approved or rejected by adding one or more reviews to the request. Requests, once created, cannot change apart from adding reviews that affect the approval or rejected status of the request. A request that is no longer valid can be deleted. If a request is rejected, then a new request needs to be created. Once a request is approved no further reviews can be added to the request. A rejected request can still be approved by creating a review that approves the request. Requests will fail if site governance is disabled.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Request-allOf[1]
object
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
links(optional):
array links
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
object
-
approvers(optional):
object approvers
List of users and groups who have the ability to approve this request. The approval list will be empty if the approval type is not named approvers.
Introduced in release 19.3.3. -
createdAt(optional):
string(date-time)
Date and time the request was created. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
format using a UTC timezone. -
createdBy(optional):
createdBy
Get the user or client application that created the request. When a request is created, the authenticated user or client application is captured and associated with the request.
-
failure(optional):
object failure
If the request processing has failed, the details of the failure will be available in this property. If the request is not marked as failed, there will be no failure details.
-
id(optional):
string
Globally unique immutable identifier for a request.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
isDeleted(optional):
boolean
Indicates that the request is has been marked as soft deleted.
-
job(optional):
object job
When a request is approved, any processing required by the request will be initiated, for example a request for a new site would start the site creation processing. The progress of this processing can be monitored by the job status details. The job status is always available for a request, if the request has not been approved then the status will indicate that the request is
blocked
- blocked waiting for approval. A completed request will also have a job status that iscompleted
. -
justification(optional):
string
Maximum Length:
1000
The justification is to help human approvers review this request. There is no restriction on the contents of the description; it can be a single line or multiple lines with any characters.
-
lastModifiedAt(optional):
string(date-time)
Date and time the request was last updated. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
format using a UTC timezone. -
original(optional):
string
Original request if the request is a fork of an edited request. If a request is updated, and the request is failed or rejected, the request and associated reviews are copied and linked to the updated request. This forked request captures the details of the request and any reviews that were associated with the request at the time of editing. If multiple updates are performed there may be multiple forked copies, each fork is linked to the original request. Forked requests are given new identifiers as the original request being edited maintains the same identity.
-
policy(optional):
policy
Snapshot of all the policy details for this request at the time the request was made. This can be used to determine what approval this request requires, for example.
Introduced in release 19.2.1. -
requestType(optional):
string
Type of Request. Valid values are:
SiteRequest
,CopySiteRequest
. -
reviews(optional):
object reviews
Reviews associated with the request. If the request requires manual approval, this property reflects the set of reviews that have been associated with this request. When a request is first created there will be no reviews.
-
revision(optional):
integer(int64)
Every time a request is edited, the revision number is incremented. Revision numbers start at zero. The revision number can be used to see if a request has changed since it was last requested as the revision is also used as the strong
ETag
value for this resource. -
status(optional):
string
Approval or rejection status of this request. The status of the request reflects whether the associated reviews are not yet created, approved or rejected.
Valid values are:
-
pending
- Request is pending approval -
rejected
- Request has not been approved -
approved
- Request has been approved -
failed
- Request has been approved but failed during the request processing -
complete
- Request has been approved and is now complete
-
array
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
object
REST HATEOAS link and related metadata. If responses provide links (for example, a self
link to the resource itself) the links provided will include one or more of the properties defined on this link structure.
-
href(optional):
string
The target resource URI. URI RFC3986 or URI Template RFC6570. If the value is set to URI Template, then the
templated
property must be set totrue
. -
mediaType(optional):
string
Media type, as defined by RFC 2046, describing the link target.
-
method(optional):
string
HTTP method for requesting the target of the link.
Valid values are:
-
OPTIONS
- HTTP OPTIONS -
HEAD
- HTTP HEAD -
GET
- HTTP GET -
POST
- HTTP POST -
PUT
- HTTP PUT -
PATCH
- HTTP PATCH -
DELETE
- HTTP DELETE
-
-
profile(optional):
string(uri)
Link to the metadata of the resource, such as JSON-schema, that describes the resource expected when dereferencing the target resource.
-
rel(optional):
string
Name of the link relation that, in addition to the type property, can be used to retrieve link details.
-
templated(optional):
boolean
Boolean flag that specifies the
href
property is a URI or URI Template. The property can be assumed to befalse
if the property is not present.
object
List of users and groups who have the ability to approve this request. The approval list will be empty if the approval type is not named approvers.
Introduced in release 19.3.3.-
items:
array items
Collection of Request Approvers Member elements.
Introduced in release 19.3.3.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
Get the user or client application that created the request. When a request is created, the authenticated user or client application is captured and associated with the request.
object
If the request processing has failed, the details of the failure will be available in this property. If the request is not marked as failed, there will be no failure details.
object
When a request is approved, any processing required by the request will be initiated, for example a request for a new site would start the site creation processing. The progress of this processing can be monitored by the job status details. The job status is always available for a request, if the request has not been approved then the status will indicate that the request is blocked
- blocked waiting for approval. A completed request will also have a job status that is completed
.
-
completed:
boolean
Whether the asynchronous job is completed or not.
-
completedPercentage(optional):
integer(int32)
A number between 0 and 100, capturing how much of the process has been completed. If the asynchronous job has not started the percentage complete will not be provided. Not all background asynchronous jobs support granular process, so the percentage complete may jump from zero to one hundred without any steps.
-
context(optional):
string
Job context identifier value that can be used to correlate the response to the original asynchronous job. Depending on how the asynchronous job was initiated will determine whether there is a context value and what the context value is.
-
endTime(optional):
string(date-time)
Time when the asynchronous job finished running, or when the asynchronous job failed. If the asynchronous job has not finished or failed (or not started) this property will not be present. Certain background jobs may not record a stop time, so if if the job has completed there may not be a stop time. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
format using a UTC timezone. -
error(optional):
object error
Error details for the asynchronous job response when the job fails. This is only available if the asynchronous job has run but failed.
-
intervalToPoll(optional):
integer(int64)
A number in milliseconds, as a hint to the client on how long the client should wait before checking the status again. Absence of this value means there is no suggested polling interval and the client can poll as required.
-
links(optional):
array links
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
-
message(optional):
string
Human-readable message about the current processing status. This message can be used to communicate progress to the end user. Asynchronous requests or jobs may not provide a human-readable status message.
-
progress:
string
The current progress of the asynchronous job. These values indicate that the asynchronous job has ended:
succeeded
,failed
,aborted
. The valueblocked
means that the asynchronous job requires action, such as waiting for a human to approve something. The values that indicate the asynchronous job is in process are:pending
,processing
,paused
.Valid values are:
-
pending
- Request is waiting to run -
processing
- Request is running -
succeeded
- Request has completed successfully -
failed
- Request has failed
-
aborted
- Request was aborted
-
paused
- Request was running, but is now paused -
blocked
- Request is blocked
-
-
requestStatus(optional):
integer(int32)
HTTP status code of the asynchronous asynchronous job request. This status is not the status obtaining when querying the asynchronous job status, but the status response of the asynchronous job when it is completed. This value is only available after the asynchronous job has ended.
-
result(optional):
result
It may be desirable to include the final result in the status resource so that the client can get the result when it polls the service for the status. The result is captured in this optional property. This property should only be used when the HTTP response can be efficiently returned inside the status resource. If this property is present, then the
requestStatus
property will be omitted to avoid duplication. The body of the response is a JSON object comprised of response-specific properties. Non-JSON response data may be supported either by Base64 encoding the non-JSON data as a byte string inside the body property or providing a link to the non-JSON resource in the 'links' property of the status resource. -
startTime(optional):
string(date-time)
Time when the asynchronous job started running. If the asynchronous job has not started this property will not be present. Certain background jobs may not record a start time, so if if the job has started there may not be a start time. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
format using a UTC timezone.
Snapshot of all the policy details for this request at the time the request was made. This can be used to determine what approval this request requires, for example.
Introduced in release 19.2.1.-
allOf
Policy
A policy controls how a request to perform a site-related operation is approved and whether there are any particular restrictions or defaults to apply when that operation is performed.
A policy is associated with a resource, for example a site creation policy can be associated with a site template. A site creation policy, for example, could specify that site administrator approval is required to create a site from a particular site template and that site template has a security level of domain users only.
A policy can be marked as inactive which prevents the operation from being performed or requested.
object
Reviews associated with the request. If the request requires manual approval, this property reflects the set of reviews that have been associated with this request. When a request is first created there will be no reviews.
-
items:
array items
Collection of Review elements.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
array
Collection of Request Approvers Member elements.
Introduced in release 19.3.3.All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
CollectionResource-allOf[1]
object
-
count(optional):
integer(int32)
Total number of resources in the response.
-
hasMore(optional):
boolean
Collection has more elements that match the request. Indicates whether there are more items to be returned when a paged request is made and the page was not big enough to return all elements.
-
limit(optional):
integer(int32)
Actual response size limit used. If the request specifies too large a limit, or does not specify a limit then the response will specify the limit used.
-
offset(optional):
integer(int64)
Actual response offset used. If the request specifies no offset then the actual offset is provided in the response.
-
totalResults(optional):
integer(int64)
Total number of resources that match the request. If provided, this is the total number of available items. If not specified the total is not known, or is not viable to return. Paging limits or offsets are ignored when calculating this value. Only returned if the
totalResults
parameter is supported and is set totrue
by the client.
object
-
displayName(optional):
string
Display name for the user, client application or group.
Introduced in release 19.3.3. -
group(optional):
group
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3. -
groupType(optional):
string
If the member is a group, then the type of group is specified. If the member is a user this field is not present.
Valid values are:
-
oce
- Content management group -
idp
- identity provider group
-
-
id:
string
Identifier for the user, client application or group member.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.3. -
isExternalUser(optional):
boolean
Will be set to true if the associated user or client application has only the external user role.
Introduced in release 21.10.2. -
name:
string
Unique name for the user, client application or group. If the member is a user the name is the user name. If the member is a group the name is the group name.
Introduced in release 19.3.3. -
type:
string
Indicates the member is a user, client application or group.
Valid values are:
-
user
- Member is a user or a client application. No distinction is made between a member that is a user or a
-
group
- Member is a group
-
-
user(optional):
user
User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3.User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.A group is a collection of users and groups. A group has a human readable group name.
Introduced in release 19.3.1.-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Group-allOf[1]
object
-
displayName(optional):
string
Human-readable name for the group.
Introduced in release 19.3.1. -
groupName(optional):
string
Group name that is unique within the service instance.
Introduced in release 19.3.1. -
id(optional):
string
Unique identifer for the group.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.1. -
roles(optional):
array roles
Roles.
Valid values are:
-
CECServiceAdministrator
- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator
- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator
- Repository Administrator -
CECDeveloperUser
- Developer User -
CECContentAdministrator
- Content Administrator
- Create new content types and publish items
-
CECStandardUser
- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser
- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser
- External User
-
CECIntegrationUser
- Integration User
-
CECSitesVisitor
- Sites Visitor
-
-
type(optional):
string
Type of the group.
Valid values are:
-
oce
- Content management group -
idp
- identity provider group
-
array
Roles.
Valid values are:
-
CECServiceAdministrator
- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator
- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator
- Repository Administrator -
CECDeveloperUser
- Developer User -
CECContentAdministrator
- Content Administrator
- Create new content types and publish items
-
CECStandardUser
- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser
- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser
- External User
-
CECIntegrationUser
- Integration User
-
CECSitesVisitor
- Sites Visitor
type
Identity representing a user or client application. The identity contains the common information such as the identity identifier, unique name and display name.
Introduced in release 20.3.1.-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Identity-allOf[1]
object
-
displayName(optional):
string
Human-readable display name.
Introduced in release 20.3.1. -
id(optional):
string
An identifier value allocated by CEC for the user or client application. The identifier is unique within the scope of the service.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 20.3.1. -
name(optional):
string
Unique name, such as the user name or client application name.
Introduced in release 20.3.1. -
roles(optional):
array roles
Roles.
Valid values are:
-
CECServiceAdministrator
- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator
- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator
- Repository Administrator -
CECDeveloperUser
- Developer User -
CECContentAdministrator
- Content Administrator
- Create new content types and publish items
-
CECStandardUser
- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser
- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser
- External User
-
CECIntegrationUser
- Integration User
-
CECSitesVisitor
- Sites Visitor
-
-
type(optional):
string
Type of Identity. Valid values are:
Introduced in release 20.3.1.user
,service
,application
,unknown
.
array
Roles.
Valid values are:
-
CECServiceAdministrator
- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator
- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator
- Repository Administrator -
CECDeveloperUser
- Developer User -
CECContentAdministrator
- Content Administrator
- Create new content types and publish items
-
CECStandardUser
- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser
- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser
- External User
-
CECIntegrationUser
- Integration User
-
CECSitesVisitor
- Sites Visitor
object
Error details for the asynchronous job response when the job fails. This is only available if the asynchronous job has run but failed.
array
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
It may be desirable to include the final result in the status resource so that the client can get the result when it polls the service for the status. The result is captured in this optional property. This property should only be used when the HTTP response can be efficiently returned inside the status resource. If this property is present, then the requestStatus
property will be omitted to avoid duplication. The body of the response is a JSON object comprised of response-specific properties. Non-JSON response data may be supported either by Base64 encoding the non-JSON data as a byte string inside the body property or providing a link to the non-JSON resource in the 'links' property of the status resource.
-
object
HttpResponse
Captures a HTTP response so that it can be returned as structured data, for example capturing a HTTP response for an asynchronous request.
object
Captures a HTTP response so that it can be returned as structured data, for example capturing a HTTP response for an asynchronous request.
-
headers(optional):
array headers
HTTP response headers.
-
status(optional):
object status
HTTP status code response value and reason.
object
HTTP status code response value and reason.
-
code:
integer(int32)
The corresponding HTTP status code for the exception. For exception that includes a resource does not exist would have a HTTP status of
404
. -
reason:
string
Short, human-readable summary of the status code.
object
-
name:
string
Header name.
-
value(optional):
string
Header value.
A policy controls how a request to perform a site-related operation is approved and whether there are any particular restrictions or defaults to apply when that operation is performed.
A policy is associated with a resource, for example a site creation policy can be associated with a site template. A site creation policy, for example, could specify that site administrator approval is required to create a site from a particular site template and that site template has a security level of domain users only.
A policy can be marked as inactive which prevents the operation from being performed or requested.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Policy-allOf[1]
object
-
access(optional):
object access
List of users and groups who have the ability to perform the operation associated with the policy. For example, the list of users and groups who can create a site from a template. If the access list is empty all users can perform the policy operation. The access list is only used if the
Introduced in release 19.3.1.accessType
of the policy is set torestricted
. -
accessType(optional):
string
Determines whether the policy is applicable to everyone, or to just the users that are part of the access list.
Valid values are:
-
everyone
- Policy, when active, is applicable to everyone -
restricted
- Policy, when active, is applicable to users that are part of the access list
-
-
approvalType(optional):
string
When a request is made that is associated with this policy, the request will require the type of approval defined by the policy. If the type of approval is automatic then the request will not require manual approval.
Valid values are:
-
automatic
- A request will automatically be approved without any human approval process involved -
admin
- Any user with the site administrator role can approve the associated request -
named
- Site creation will require approval from one user that is a member of the approvers list associated with the policy
-
-
approvers(optional):
object approvers
List of users and groups who have the ability to approve any request associated with the policy. For example, the list of users and groups who can approve creating a site from a template. The approval list is only used if the approval type is set to named approvers.
Introduced in release 19.3.3. -
expiration(optional):
expiration
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1. -
id(optional):
string
Globally unique identifier for a policy.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
localizationPolicyAllowed(optional):
boolean
If a localization policy is not allowed, then the requester will not be permitted to specify a localization policy at the time of requesting a site. The localization policy associated with the template will be used. If a localization policy is allowed, then the requester must specify one at the time of requesting a site. This property can be set only when the template associated with the policy is an enterprise templates.
Introduced in release 19.2.3. -
repository(optional):
repository
When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.
Introduced in release 19.2.3. -
revision(optional):
integer(int64)
Every time a policy is edited, the revision number is incremented. Revision numbers start at zero. The revision number can be used to see if a policy has changed since it was last requested as the revision is also used as the strong
ETag
value for this resource. -
security(optional):
security
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
sitePrefixAllowed(optional):
boolean
If
Introduced in release 19.2.3.true
, a request for a new site can include an explicit site prefix. Iffalse
, then a site prefix must not be provided and will be generated automatically. This property can be set only when the template associated with the policy is an enterprise templates. -
status(optional):
string
The policy status specifies whether the policy can be used to perform the operation associated with the policy. If the policy status is inactive then the operation cannot be performed. If the policy status is active then the operation can be performed. For example, for a policy associated with a site template, a status of active means that users can create sites from that site template.
Valid values are:
-
inactive
- Policy that is marked as inactive means the associated operation cannot be requested -
active
- Policy that is marked as active means the associated operation can be requested
-
object
List of users and groups who have the ability to perform the operation associated with the policy. For example, the list of users and groups who can create a site from a template. If the access list is empty all users can perform the policy operation. The access list is only used if the accessType
of the policy is set to restricted
.
-
items:
array items
Collection of Policy Access Member elements.
Introduced in release 19.3.1.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
object
List of users and groups who have the ability to approve any request associated with the policy. For example, the list of users and groups who can approve creating a site from a template. The approval list is only used if the approval type is set to named approvers.
Introduced in release 19.3.3.-
items:
array items
Collection of Policy Approvers Member elements.
Introduced in release 19.3.3.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1.-
object
SiteExpirationPeriod
Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.
When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.
Introduced in release 19.2.3.-
allOf
Repository
Repositories are a storage location for files, both text and images. Repository administrators can create a repository with channel policies and localization policies designated for the repository. Multiple repositories can be created to handle different marketing needs.
A repository can be used to manage all the assets you need in one place. For example, perhaps your company sells computer equipment. One repository could be set up to handle the files related to desktop computers. Another repository could be used for tablets. Each repository might contain photos, graphics, and content about the different kinds of computers. The assets in each repository are controlled by the policies you allocate to the repository.
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
object
SecurityPolicy
The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
array
Collection of Policy Access Member elements.
Introduced in release 19.3.1.object
-
displayName(optional):
string
Display name for the user, client application or group.
Introduced in release 19.3.1. -
group(optional):
group
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.1. -
groupType(optional):
string
If the member is a group, then the type of group is specified. If the member is a user this field is not present.
Valid values are:
-
oce
- Content management group -
idp
- identity provider group
-
-
id:
string
Identifier for the user, client application or group member.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.1. -
isExternalUser(optional):
boolean
Will be set to true if the associated user or client application has only the external user role.
Introduced in release 21.10.2. -
name:
string
Unique name for the user, client application or group. If the member is a user the name is the user name. If the member is a group the name is the group name.
Introduced in release 19.3.1. -
type:
string
Indicates the member is a user, client application or group.
Valid values are:
-
user
- Member is a user or a client application. No distinction is made between a member that is a user or a
-
group
- Member is a group
-
-
user(optional):
user
User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.1.
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.1.User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.1.array
Collection of Policy Approvers Member elements.
Introduced in release 19.3.3.object
-
displayName(optional):
string
Display name for the user, client application or group.
Introduced in release 19.3.3. -
group(optional):
group
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3. -
groupType(optional):
string
If the member is a group, then the type of group is specified. If the member is a user this field is not present.
Valid values are:
-
oce
- Content management group -
idp
- identity provider group
-
-
id:
string
Identifier for the user, client application or group member.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.3. -
isExternalUser(optional):
boolean
Will be set to true if the associated user or client application has only the external user role.
Introduced in release 21.10.2. -
name:
string
Unique name for the user, client application or group. If the member is a user the name is the user name. If the member is a group the name is the group name.
Introduced in release 19.3.3. -
type:
string
Indicates the member is a user, client application or group.
Valid values are:
-
user
- Member is a user or a client application. No distinction is made between a member that is a user or a
-
group
- Member is a group
-
-
user(optional):
user
User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3.User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.object
Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.-
amount(optional):
integer(int32)
Amount of time used to measure site expiration.
Introduced in release 19.4.1. -
unit(optional):
string
Unit of time used to measure site expiration.
Valid values are:
-
months
- Expiration expressed in the number of months -
years
- Expiration expressed in the number of years
-
Repositories are a storage location for files, both text and images. Repository administrators can create a repository with channel policies and localization policies designated for the repository. Multiple repositories can be created to handle different marketing needs.
A repository can be used to manage all the assets you need in one place. For example, perhaps your company sells computer equipment. One repository could be set up to handle the files related to desktop computers. Another repository could be used for tablets. Each repository might contain photos, graphics, and content about the different kinds of computers. The assets in each repository are controlled by the policies you allocate to the repository.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Repository-allOf[1]
object
-
autoTagEnabled(optional):
boolean
Whether auto tagging is enabled for the repository.
-
channels(optional):
array channels
Channels associated with the repository.
-
contentTypes(optional):
array contentTypes
Content types associated with the repository.
-
createdBy(optional):
string
User that created the repository.
-
createdDate(optional):
createdDate
Date and time the repository was created.
-
defaultLanguage(optional):
string
Default language of the repository.
-
description(optional):
string
Human-readable description of the repository to give consumers an idea of what content this repository contains.
-
id(optional):
string
Unique identifier for the repository.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
languageOptions(optional):
array languageOptions
Language options for the repository.
-
name(optional):
string
Short human-readable name to identify the repository.
-
roleName(optional):
string
The role the authenticated user has within the repository.
Valid values are:
-
owner
- Owner of the resource -
custom
- Custom role -
manager
- Manager role -
contributor
- Contributor role -
downloader
- Downloader role -
viewer
- Viewer role
-
-
updatedBy(optional):
string
User that last updated the repository. If the repository has not been updated the updated by will be the user that created the repository.
-
updatedDate(optional):
updatedDate
Date and time the repository was last updated.
Date and time the repository was created.
-
object
DateTimeZone
Date, time and time zone.
Date and time the repository was last updated.
-
object
DateTimeZone
Date, time and time zone.
object
Channel identifier.
-
id(optional):
string
Unique identifier for the repository.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
name(optional):
string
Short unique human-readable name to identify the channel.
object
Content type identifier.
-
name(optional):
string
Content type name.
object
Date, time and time zone.
-
description(optional):
string
Description of the date, time and time zone information.
-
timezone(optional):
string
Timezone in Olson database format.
-
value(optional):
string(date-time)
Date in ISO 8601 format. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
format using a UTC timezone.
object
The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
-
appliesTo(optional):
string
Define which types of users may access a site. Can include all users or be restricted to named users only.
Valid values are:
-
named
- Only named users within a specified level can access -
all
- All users within a specified level can access
-
-
level(optional):
string
Maximum open security level that can be set on a site.
Valid values are:
-
service
- Only service users -
cloud
- Only cloud users who can sign in to your domain -
everyone
- Anyone without signing in
-
-
allOf
Review
A review is the human initiated review of a request, with the aim to approve or reject the request. A review either approves or rejects the request, with an an optional comment which can be used by the request initiator to understand why the request was approved or rejected by the user. Depending on the type of approval associated with a request, zero or more reviews may be required. For example, auto approved requests do not need a review. An administrator approval requires one administrator to review the request.
A review is the human initiated review of a request, with the aim to approve or reject the request. A review either approves or rejects the request, with an an optional comment which can be used by the request initiator to understand why the request was approved or rejected by the user. Depending on the type of approval associated with a request, zero or more reviews may be required. For example, auto approved requests do not need a review. An administrator approval requires one administrator to review the request.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Review-allOf[1]
object
-
comment(optional):
string
Maximum Length:
1000
A comment associated with the review can be used to describe why the request was approved or rejected. There is no restriction on the contents of the description; it can be a single line or multiple lines with any characters.
-
createdAt(optional):
string(date-time)
Date and time that the review was created. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
format using a UTC timezone. -
decision(optional):
string
Outcome of this review, either approve or reject the request.
Valid values are:
-
approved
- Associated request is approved -
rejected
- Associated request is rejected
-
-
id(optional):
integer(int32)
Request scoped identifier for the review. Reviews identifiers are generated by the system when the review is created and cannot be changed. The identifier is only unique within the scope of the parent request. Newest reviews have the smaller identifier value.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
reviewedBy(optional):
reviewedBy
Get the details of the user or client application that created the review.
Get the details of the user or client application that created the review.
{
"requestType":"SiteRequest",
"id":"e77229e8-1f44-4c27-bacb-9a99b7c77af7",
"isDeleted":false,
"justification":"I require a site for our new product launch.",
"status":"pending",
"createdAt":"2018-11-21T12:10:15.123Z",
"lastModifiedAt":"2018-11-21T12:10:15.123Z",
"revision":1,
"name":"AcmeProductLaunch2019",
"description":"Marketing site for Acme New Product Launch 2019.",
"policy":{
"id":"request:e77229e8-1f44-4c27-bacb-9a99b7c77af7",
"status":"active",
"approvalType":"admin",
"accessType":"everyone",
"security":{
"level":"cloud",
"appliesTo":"all"
}
}
}
400 Response
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
InvalidTemplateExceptionDetail-allOf[1]
object
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
title
ordetail
. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCode
for this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object
-
template(optional):
string
Template that does not exist or is not visible to the authenticated user.
array
Multiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Site Template",
"status":"400",
"detail":"Template does not exist or has been deleted, or the authenticated user or client application does not have access to the template.",
"o:errorCode":"OCE-SITEMGMT-009010",
"template":{
"id":"F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6"
}
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Site",
"status":"400",
"detail":"Site does not exist or has been deleted, or the authenticated user or client application does not have access to the site.",
"o:errorCode":"OCE-SITEMGMT-009023",
"site":{
"id":"FCA9C0E5CDCB549A19FFB85987A2352778961003B8A0"
}
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Site Name",
"status":"400",
"detail":"Site name '{siteName}' cannot be used to create a site.",
"o:errorCode":"OCE-SITEMGMT-009012",
"siteName":"MyNewProduct",
"reason":"tooLong"
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Site Prefix",
"status":"400",
"detail":"Site prefix '{sitePrefix}' contains invalid characters.",
"o:errorCode":"OCE-SITEMGMT-009034",
"sitePrefix":"News Site"
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Site Field",
"status":"400",
"detail":"Field '{fieldName}' should not be provided for this request.",
"o:errorCode":"OCE-SITEMGMT-009017",
"fieldName":"defaultLanguage"
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Repository",
"status":"400",
"detail":"Repository does not exist or has been deleted, or the authenticated user or client application does not have access to the repository.",
"o:errorCode":"OCE-CAAS-001006",
"repository":{
"id":"F81629473A3DB8B2A28669F19E68209BBAD3340745B0"
}
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Localization Policy",
"status":"400",
"detail":"Localization policy does not exist.",
"o:errorCode":"OCE-CAAS-001004",
"localizationPolicy":{
"id":"7D77CB6653BC1FF8E0530100007F6630"
}
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Default Language",
"status":"400",
"detail":"Default Language '{defaultLanguage}' is not valid. The default language must be one of the localization policy's required languages.",
"o:errorCode":"OCE-CAAS-001003",
"defaultLanguage":"en-US"
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Inactive Template Policy",
"status":"400",
"detail":"There is no active policy associated with the template.",
"o:errorCode":"OCE-SITEMGMT-009015",
"template":{
"id":"F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6"
}
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Restricted Template Policy",
"status":"400",
"detail":"The policy associated with template has a restricted audience and can't be used by the user that created the request.",
"o:errorCode":"OCE-SITEMGMT-009033",
"template":{
"id":"F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6"
},
"user":{
"id":"1234"
}
}
401 Response
403 Response
404 Response
-
Cache-Control: string
Directives for caching mechanisms.
-
Content-Length: string
Size of the response body.
-
Content-Type: string
Content type of the response.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
RequestNotFoundExceptionDetail-allOf[1]
object
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
title
ordetail
. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCode
for this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object
-
request(optional):
string
Request that does not exist or is not visible to the authenticated user.
array
Multiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Request Not Found",
"status":"404",
"detail":"Request does not exist or has been deleted, or the authenticated user or client application does not have access to the request.",
"o:errorCode":"OCE-SITEMGMT-009001",
"request":{
"id":"e77229e8-1f44-4c27-bacb-9a99b7c77af7"
}
}
406 Response
409 Response
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
InvalidRequestStatusExceptionDetail-allOf[1]
object
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
title
ordetail
. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCode
for this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object
-
request(optional):
request
Request on which the operation is being performed.
-
required(optional):
array required
Required status of the request for the operation to be valid.
Valid values are:
-
pending
- Request is pending approval -
rejected
- Request has not been approved -
approved
- Request has been approved -
failed
- Request has been approved but failed during the request processing -
complete
- Request has been approved and is now complete
-
array
Multiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
Request on which the operation is being performed.
-
allOf
Request
Discriminator:
requestType
A request represents an operation that needs approval before being fulfilled. An example request is a request for a new site to be created. A request can also be rejected. A request is approved or rejected by adding one or more reviews to the request. Requests, once created, cannot change apart from adding reviews that affect the approval or rejected status of the request. A request that is no longer valid can be deleted. If a request is rejected, then a new request needs to be created. Once a request is approved no further reviews can be added to the request. A rejected request can still be approved by creating a review that approves the request. Requests will fail if site governance is disabled.
array
Required status of the request for the operation to be valid.
Valid values are:
-
pending
- Request is pending approval -
rejected
- Request has not been approved -
approved
- Request has been approved -
failed
- Request has been approved but failed during the request processing -
complete
- Request has been approved and is now complete
requestType
A request represents an operation that needs approval before being fulfilled. An example request is a request for a new site to be created. A request can also be rejected. A request is approved or rejected by adding one or more reviews to the request. Requests, once created, cannot change apart from adding reviews that affect the approval or rejected status of the request. A request that is no longer valid can be deleted. If a request is rejected, then a new request needs to be created. Once a request is approved no further reviews can be added to the request. A rejected request can still be approved by creating a review that approves the request. Requests will fail if site governance is disabled.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Request-allOf[1]
object
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
links(optional):
array links
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
object
-
approvers(optional):
object approvers
List of users and groups who have the ability to approve this request. The approval list will be empty if the approval type is not named approvers.
Introduced in release 19.3.3. -
createdAt(optional):
string(date-time)
Date and time the request was created. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
format using a UTC timezone. -
createdBy(optional):
createdBy
Get the user or client application that created the request. When a request is created, the authenticated user or client application is captured and associated with the request.
-
failure(optional):
object failure
If the request processing has failed, the details of the failure will be available in this property. If the request is not marked as failed, there will be no failure details.
-
id(optional):
string
Globally unique immutable identifier for a request.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
isDeleted(optional):
boolean
Indicates that the request is has been marked as soft deleted.
-
job(optional):
object job
When a request is approved, any processing required by the request will be initiated, for example a request for a new site would start the site creation processing. The progress of this processing can be monitored by the job status details. The job status is always available for a request, if the request has not been approved then the status will indicate that the request is
blocked
- blocked waiting for approval. A completed request will also have a job status that iscompleted
. -
justification(optional):
string
Maximum Length:
1000
The justification is to help human approvers review this request. There is no restriction on the contents of the description; it can be a single line or multiple lines with any characters.
-
lastModifiedAt(optional):
string(date-time)
Date and time the request was last updated. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
format using a UTC timezone. -
original(optional):
string
Original request if the request is a fork of an edited request. If a request is updated, and the request is failed or rejected, the request and associated reviews are copied and linked to the updated request. This forked request captures the details of the request and any reviews that were associated with the request at the time of editing. If multiple updates are performed there may be multiple forked copies, each fork is linked to the original request. Forked requests are given new identifiers as the original request being edited maintains the same identity.
-
policy(optional):
policy
Snapshot of all the policy details for this request at the time the request was made. This can be used to determine what approval this request requires, for example.
Introduced in release 19.2.1. -
requestType(optional):
string
Type of Request. Valid values are:
SiteRequest
,CopySiteRequest
. -
reviews(optional):
object reviews
Reviews associated with the request. If the request requires manual approval, this property reflects the set of reviews that have been associated with this request. When a request is first created there will be no reviews.
-
revision(optional):
integer(int64)
Every time a request is edited, the revision number is incremented. Revision numbers start at zero. The revision number can be used to see if a request has changed since it was last requested as the revision is also used as the strong
ETag
value for this resource. -
status(optional):
string
Approval or rejection status of this request. The status of the request reflects whether the associated reviews are not yet created, approved or rejected.
Valid values are:
-
pending
- Request is pending approval -
rejected
- Request has not been approved -
approved
- Request has been approved -
failed
- Request has been approved but failed during the request processing -
complete
- Request has been approved and is now complete
-
array
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
object
REST HATEOAS link and related metadata. If responses provide links (for example, a self
link to the resource itself) the links provided will include one or more of the properties defined on this link structure.
-
href(optional):
string
The target resource URI. URI RFC3986 or URI Template RFC6570. If the value is set to URI Template, then the
templated
property must be set totrue
. -
mediaType(optional):
string
Media type, as defined by RFC 2046, describing the link target.
-
method(optional):
string
HTTP method for requesting the target of the link.
Valid values are:
-
OPTIONS
- HTTP OPTIONS -
HEAD
- HTTP HEAD -
GET
- HTTP GET -
POST
- HTTP POST -
PUT
- HTTP PUT -
PATCH
- HTTP PATCH -
DELETE
- HTTP DELETE
-
-
profile(optional):
string(uri)
Link to the metadata of the resource, such as JSON-schema, that describes the resource expected when dereferencing the target resource.
-
rel(optional):
string
Name of the link relation that, in addition to the type property, can be used to retrieve link details.
-
templated(optional):
boolean
Boolean flag that specifies the
href
property is a URI or URI Template. The property can be assumed to befalse
if the property is not present.
object
List of users and groups who have the ability to approve this request. The approval list will be empty if the approval type is not named approvers.
Introduced in release 19.3.3.-
items:
array items
Collection of Request Approvers Member elements.
Introduced in release 19.3.3.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
Get the user or client application that created the request. When a request is created, the authenticated user or client application is captured and associated with the request.
object
If the request processing has failed, the details of the failure will be available in this property. If the request is not marked as failed, there will be no failure details.
object
When a request is approved, any processing required by the request will be initiated, for example a request for a new site would start the site creation processing. The progress of this processing can be monitored by the job status details. The job status is always available for a request, if the request has not been approved then the status will indicate that the request is blocked
- blocked waiting for approval. A completed request will also have a job status that is completed
.
-
completed:
boolean
Whether the asynchronous job is completed or not.
-
completedPercentage(optional):
integer(int32)
A number between 0 and 100, capturing how much of the process has been completed. If the asynchronous job has not started the percentage complete will not be provided. Not all background asynchronous jobs support granular process, so the percentage complete may jump from zero to one hundred without any steps.
-
context(optional):
string
Job context identifier value that can be used to correlate the response to the original asynchronous job. Depending on how the asynchronous job was initiated will determine whether there is a context value and what the context value is.
-
endTime(optional):
string(date-time)
Time when the asynchronous job finished running, or when the asynchronous job failed. If the asynchronous job has not finished or failed (or not started) this property will not be present. Certain background jobs may not record a stop time, so if if the job has completed there may not be a stop time. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
format using a UTC timezone. -
error(optional):
object error
Error details for the asynchronous job response when the job fails. This is only available if the asynchronous job has run but failed.
-
intervalToPoll(optional):
integer(int64)
A number in milliseconds, as a hint to the client on how long the client should wait before checking the status again. Absence of this value means there is no suggested polling interval and the client can poll as required.
-
links(optional):
array links
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
-
message(optional):
string
Human-readable message about the current processing status. This message can be used to communicate progress to the end user. Asynchronous requests or jobs may not provide a human-readable status message.
-
progress:
string
The current progress of the asynchronous job. These values indicate that the asynchronous job has ended:
succeeded
,failed
,aborted
. The valueblocked
means that the asynchronous job requires action, such as waiting for a human to approve something. The values that indicate the asynchronous job is in process are:pending
,processing
,paused
.Valid values are:
-
pending
- Request is waiting to run -
processing
- Request is running -
succeeded
- Request has completed successfully -
failed
- Request has failed
-
aborted
- Request was aborted
-
paused
- Request was running, but is now paused -
blocked
- Request is blocked
-
-
requestStatus(optional):
integer(int32)
HTTP status code of the asynchronous asynchronous job request. This status is not the status obtaining when querying the asynchronous job status, but the status response of the asynchronous job when it is completed. This value is only available after the asynchronous job has ended.
-
result(optional):
result
It may be desirable to include the final result in the status resource so that the client can get the result when it polls the service for the status. The result is captured in this optional property. This property should only be used when the HTTP response can be efficiently returned inside the status resource. If this property is present, then the
requestStatus
property will be omitted to avoid duplication. The body of the response is a JSON object comprised of response-specific properties. Non-JSON response data may be supported either by Base64 encoding the non-JSON data as a byte string inside the body property or providing a link to the non-JSON resource in the 'links' property of the status resource. -
startTime(optional):
string(date-time)
Time when the asynchronous job started running. If the asynchronous job has not started this property will not be present. Certain background jobs may not record a start time, so if if the job has started there may not be a start time. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
format using a UTC timezone.
Snapshot of all the policy details for this request at the time the request was made. This can be used to determine what approval this request requires, for example.
Introduced in release 19.2.1.-
allOf
Policy
A policy controls how a request to perform a site-related operation is approved and whether there are any particular restrictions or defaults to apply when that operation is performed.
A policy is associated with a resource, for example a site creation policy can be associated with a site template. A site creation policy, for example, could specify that site administrator approval is required to create a site from a particular site template and that site template has a security level of domain users only.
A policy can be marked as inactive which prevents the operation from being performed or requested.
object
Reviews associated with the request. If the request requires manual approval, this property reflects the set of reviews that have been associated with this request. When a request is first created there will be no reviews.
-
items:
array items
Collection of Review elements.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
array
Collection of Request Approvers Member elements.
Introduced in release 19.3.3.All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
CollectionResource-allOf[1]
object
-
count(optional):
integer(int32)
Total number of resources in the response.
-
hasMore(optional):
boolean
Collection has more elements that match the request. Indicates whether there are more items to be returned when a paged request is made and the page was not big enough to return all elements.
-
limit(optional):
integer(int32)
Actual response size limit used. If the request specifies too large a limit, or does not specify a limit then the response will specify the limit used.
-
offset(optional):
integer(int64)
Actual response offset used. If the request specifies no offset then the actual offset is provided in the response.
-
totalResults(optional):
integer(int64)
Total number of resources that match the request. If provided, this is the total number of available items. If not specified the total is not known, or is not viable to return. Paging limits or offsets are ignored when calculating this value. Only returned if the
totalResults
parameter is supported and is set totrue
by the client.
object
-
displayName(optional):
string
Display name for the user, client application or group.
Introduced in release 19.3.3. -
group(optional):
group
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3. -
groupType(optional):
string
If the member is a group, then the type of group is specified. If the member is a user this field is not present.
Valid values are:
-
oce
- Content management group -
idp
- identity provider group
-
-
id:
string
Identifier for the user, client application or group member.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.3. -
isExternalUser(optional):
boolean
Will be set to true if the associated user or client application has only the external user role.
Introduced in release 21.10.2. -
name:
string
Unique name for the user, client application or group. If the member is a user the name is the user name. If the member is a group the name is the group name.
Introduced in release 19.3.3. -
type:
string
Indicates the member is a user, client application or group.
Valid values are:
-
user
- Member is a user or a client application. No distinction is made between a member that is a user or a
-
group
- Member is a group
-
-
user(optional):
user
User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3.User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.A group is a collection of users and groups. A group has a human readable group name.
Introduced in release 19.3.1.-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Group-allOf[1]
object
-
displayName(optional):
string
Human-readable name for the group.
Introduced in release 19.3.1. -
groupName(optional):
string
Group name that is unique within the service instance.
Introduced in release 19.3.1. -
id(optional):
string
Unique identifer for the group.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.1. -
roles(optional):
array roles
Roles.
Valid values are:
-
CECServiceAdministrator
- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator
- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator
- Repository Administrator -
CECDeveloperUser
- Developer User -
CECContentAdministrator
- Content Administrator
- Create new content types and publish items
-
CECStandardUser
- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser
- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser
- External User
-
CECIntegrationUser
- Integration User
-
CECSitesVisitor
- Sites Visitor
-
-
type(optional):
string
Type of the group.
Valid values are:
-
oce
- Content management group -
idp
- identity provider group
-
array
Roles.
Valid values are:
-
CECServiceAdministrator
- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator
- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator
- Repository Administrator -
CECDeveloperUser
- Developer User -
CECContentAdministrator
- Content Administrator
- Create new content types and publish items
-
CECStandardUser
- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser
- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser
- External User
-
CECIntegrationUser
- Integration User
-
CECSitesVisitor
- Sites Visitor
type
Identity representing a user or client application. The identity contains the common information such as the identity identifier, unique name and display name.
Introduced in release 20.3.1.-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Identity-allOf[1]
object
-
displayName(optional):
string
Human-readable display name.
Introduced in release 20.3.1. -
id(optional):
string
An identifier value allocated by CEC for the user or client application. The identifier is unique within the scope of the service.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 20.3.1. -
name(optional):
string
Unique name, such as the user name or client application name.
Introduced in release 20.3.1. -
roles(optional):
array roles
Roles.
Valid values are:
-
CECServiceAdministrator
- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator
- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator
- Repository Administrator -
CECDeveloperUser
- Developer User -
CECContentAdministrator
- Content Administrator
- Create new content types and publish items
-
CECStandardUser
- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser
- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser
- External User
-
CECIntegrationUser
- Integration User
-
CECSitesVisitor
- Sites Visitor
-
-
type(optional):
string
Type of Identity. Valid values are:
Introduced in release 20.3.1.user
,service
,application
,unknown
.
array
Roles.
Valid values are:
-
CECServiceAdministrator
- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator
- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator
- Repository Administrator -
CECDeveloperUser
- Developer User -
CECContentAdministrator
- Content Administrator
- Create new content types and publish items
-
CECStandardUser
- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser
- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser
- External User
-
CECIntegrationUser
- Integration User
-
CECSitesVisitor
- Sites Visitor
object
Error details for the asynchronous job response when the job fails. This is only available if the asynchronous job has run but failed.
array
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
It may be desirable to include the final result in the status resource so that the client can get the result when it polls the service for the status. The result is captured in this optional property. This property should only be used when the HTTP response can be efficiently returned inside the status resource. If this property is present, then the requestStatus
property will be omitted to avoid duplication. The body of the response is a JSON object comprised of response-specific properties. Non-JSON response data may be supported either by Base64 encoding the non-JSON data as a byte string inside the body property or providing a link to the non-JSON resource in the 'links' property of the status resource.
-
object
HttpResponse
Captures a HTTP response so that it can be returned as structured data, for example capturing a HTTP response for an asynchronous request.
object
Captures a HTTP response so that it can be returned as structured data, for example capturing a HTTP response for an asynchronous request.
-
headers(optional):
array headers
HTTP response headers.
-
status(optional):
object status
HTTP status code response value and reason.
object
HTTP status code response value and reason.
-
code:
integer(int32)
The corresponding HTTP status code for the exception. For exception that includes a resource does not exist would have a HTTP status of
404
. -
reason:
string
Short, human-readable summary of the status code.
object
-
name:
string
Header name.
-
value(optional):
string
Header value.
A policy controls how a request to perform a site-related operation is approved and whether there are any particular restrictions or defaults to apply when that operation is performed.
A policy is associated with a resource, for example a site creation policy can be associated with a site template. A site creation policy, for example, could specify that site administrator approval is required to create a site from a particular site template and that site template has a security level of domain users only.
A policy can be marked as inactive which prevents the operation from being performed or requested.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Policy-allOf[1]
object
-
access(optional):
object access
List of users and groups who have the ability to perform the operation associated with the policy. For example, the list of users and groups who can create a site from a template. If the access list is empty all users can perform the policy operation. The access list is only used if the
Introduced in release 19.3.1.accessType
of the policy is set torestricted
. -
accessType(optional):
string
Determines whether the policy is applicable to everyone, or to just the users that are part of the access list.
Valid values are:
-
everyone
- Policy, when active, is applicable to everyone -
restricted
- Policy, when active, is applicable to users that are part of the access list
-
-
approvalType(optional):
string
When a request is made that is associated with this policy, the request will require the type of approval defined by the policy. If the type of approval is automatic then the request will not require manual approval.
Valid values are:
-
automatic
- A request will automatically be approved without any human approval process involved -
admin
- Any user with the site administrator role can approve the associated request -
named
- Site creation will require approval from one user that is a member of the approvers list associated with the policy
-
-
approvers(optional):
object approvers
List of users and groups who have the ability to approve any request associated with the policy. For example, the list of users and groups who can approve creating a site from a template. The approval list is only used if the approval type is set to named approvers.
Introduced in release 19.3.3. -
expiration(optional):
expiration
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1. -
id(optional):
string
Globally unique identifier for a policy.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
localizationPolicyAllowed(optional):
boolean
If a localization policy is not allowed, then the requester will not be permitted to specify a localization policy at the time of requesting a site. The localization policy associated with the template will be used. If a localization policy is allowed, then the requester must specify one at the time of requesting a site. This property can be set only when the template associated with the policy is an enterprise templates.
Introduced in release 19.2.3. -
repository(optional):
repository
When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.
Introduced in release 19.2.3. -
revision(optional):
integer(int64)
Every time a policy is edited, the revision number is incremented. Revision numbers start at zero. The revision number can be used to see if a policy has changed since it was last requested as the revision is also used as the strong
ETag
value for this resource. -
security(optional):
security
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
sitePrefixAllowed(optional):
boolean
If
Introduced in release 19.2.3.true
, a request for a new site can include an explicit site prefix. Iffalse
, then a site prefix must not be provided and will be generated automatically. This property can be set only when the template associated with the policy is an enterprise templates. -
status(optional):
string
The policy status specifies whether the policy can be used to perform the operation associated with the policy. If the policy status is inactive then the operation cannot be performed. If the policy status is active then the operation can be performed. For example, for a policy associated with a site template, a status of active means that users can create sites from that site template.
Valid values are:
-
inactive
- Policy that is marked as inactive means the associated operation cannot be requested -
active
- Policy that is marked as active means the associated operation can be requested
-
object
List of users and groups who have the ability to perform the operation associated with the policy. For example, the list of users and groups who can create a site from a template. If the access list is empty all users can perform the policy operation. The access list is only used if the accessType
of the policy is set to restricted
.
-
items:
array items
Collection of Policy Access Member elements.
Introduced in release 19.3.1.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
object
List of users and groups who have the ability to approve any request associated with the policy. For example, the list of users and groups who can approve creating a site from a template. The approval list is only used if the approval type is set to named approvers.
Introduced in release 19.3.3.-
items:
array items
Collection of Policy Approvers Member elements.
Introduced in release 19.3.3.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1.-
object
SiteExpirationPeriod
Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.
When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.
Introduced in release 19.2.3.-
allOf
Repository
Repositories are a storage location for files, both text and images. Repository administrators can create a repository with channel policies and localization policies designated for the repository. Multiple repositories can be created to handle different marketing needs.
A repository can be used to manage all the assets you need in one place. For example, perhaps your company sells computer equipment. One repository could be set up to handle the files related to desktop computers. Another repository could be used for tablets. Each repository might contain photos, graphics, and content about the different kinds of computers. The assets in each repository are controlled by the policies you allocate to the repository.
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
object
SecurityPolicy
The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
array
Collection of Policy Access Member elements.
Introduced in release 19.3.1.object
-
displayName(optional):
string
Display name for the user, client application or group.
Introduced in release 19.3.1. -
group(optional):
group
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.1. -
groupType(optional):
string
If the member is a group, then the type of group is specified. If the member is a user this field is not present.
Valid values are:
-
oce
- Content management group -
idp
- identity provider group
-
-
id:
string
Identifier for the user, client application or group member.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.1. -
isExternalUser(optional):
boolean
Will be set to true if the associated user or client application has only the external user role.
Introduced in release 21.10.2. -
name:
string
Unique name for the user, client application or group. If the member is a user the name is the user name. If the member is a group the name is the group name.
Introduced in release 19.3.1. -
type:
string
Indicates the member is a user, client application or group.
Valid values are:
-
user
- Member is a user or a client application. No distinction is made between a member that is a user or a
-
group
- Member is a group
-
-
user(optional):
user
User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.1.
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.1.User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.1.array
Collection of Policy Approvers Member elements.
Introduced in release 19.3.3.object
-
displayName(optional):
string
Display name for the user, client application or group.
Introduced in release 19.3.3. -
group(optional):
group
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3. -
groupType(optional):
string
If the member is a group, then the type of group is specified. If the member is a user this field is not present.
Valid values are:
-
oce
- Content management group -
idp
- identity provider group
-
-
id:
string
Identifier for the user, client application or group member.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.3. -
isExternalUser(optional):
boolean
Will be set to true if the associated user or client application has only the external user role.
Introduced in release 21.10.2. -
name:
string
Unique name for the user, client application or group. If the member is a user the name is the user name. If the member is a group the name is the group name.
Introduced in release 19.3.3. -
type:
string
Indicates the member is a user, client application or group.
Valid values are:
-
user
- Member is a user or a client application. No distinction is made between a member that is a user or a
-
group
- Member is a group
-
-
user(optional):
user
User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3.User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.object
Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.-
amount(optional):
integer(int32)
Amount of time used to measure site expiration.
Introduced in release 19.4.1. -
unit(optional):
string
Unit of time used to measure site expiration.
Valid values are:
-
months
- Expiration expressed in the number of months -
years
- Expiration expressed in the number of years
-
Repositories are a storage location for files, both text and images. Repository administrators can create a repository with channel policies and localization policies designated for the repository. Multiple repositories can be created to handle different marketing needs.
A repository can be used to manage all the assets you need in one place. For example, perhaps your company sells computer equipment. One repository could be set up to handle the files related to desktop computers. Another repository could be used for tablets. Each repository might contain photos, graphics, and content about the different kinds of computers. The assets in each repository are controlled by the policies you allocate to the repository.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Repository-allOf[1]
object
-
autoTagEnabled(optional):
boolean
Whether auto tagging is enabled for the repository.
-
channels(optional):
array channels
Channels associated with the repository.
-
contentTypes(optional):
array contentTypes
Content types associated with the repository.
-
createdBy(optional):
string
User that created the repository.
-
createdDate(optional):
createdDate
Date and time the repository was created.
-
defaultLanguage(optional):
string
Default language of the repository.
-
description(optional):
string
Human-readable description of the repository to give consumers an idea of what content this repository contains.
-
id(optional):
string
Unique identifier for the repository.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
languageOptions(optional):
array languageOptions
Language options for the repository.
-
name(optional):
string
Short human-readable name to identify the repository.
-
roleName(optional):
string
The role the authenticated user has within the repository.
Valid values are:
-
owner
- Owner of the resource -
custom
- Custom role -
manager
- Manager role -
contributor
- Contributor role -
downloader
- Downloader role -
viewer
- Viewer role
-
-
updatedBy(optional):
string
User that last updated the repository. If the repository has not been updated the updated by will be the user that created the repository.
-
updatedDate(optional):
updatedDate
Date and time the repository was last updated.
Date and time the repository was created.
-
object
DateTimeZone
Date, time and time zone.
Date and time the repository was last updated.
-
object
DateTimeZone
Date, time and time zone.
object
Channel identifier.
-
id(optional):
string
Unique identifier for the repository.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
name(optional):
string
Short unique human-readable name to identify the channel.
object
Content type identifier.
-
name(optional):
string
Content type name.
object
Date, time and time zone.
-
description(optional):
string
Description of the date, time and time zone information.
-
timezone(optional):
string
Timezone in Olson database format.
-
value(optional):
string(date-time)
Date in ISO 8601 format. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
format using a UTC timezone.
object
The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
-
appliesTo(optional):
string
Define which types of users may access a site. Can include all users or be restricted to named users only.
Valid values are:
-
named
- Only named users within a specified level can access -
all
- All users within a specified level can access
-
-
level(optional):
string
Maximum open security level that can be set on a site.
Valid values are:
-
service
- Only service users -
cloud
- Only cloud users who can sign in to your domain -
everyone
- Anyone without signing in
-
-
allOf
Review
A review is the human initiated review of a request, with the aim to approve or reject the request. A review either approves or rejects the request, with an an optional comment which can be used by the request initiator to understand why the request was approved or rejected by the user. Depending on the type of approval associated with a request, zero or more reviews may be required. For example, auto approved requests do not need a review. An administrator approval requires one administrator to review the request.
A review is the human initiated review of a request, with the aim to approve or reject the request. A review either approves or rejects the request, with an an optional comment which can be used by the request initiator to understand why the request was approved or rejected by the user. Depending on the type of approval associated with a request, zero or more reviews may be required. For example, auto approved requests do not need a review. An administrator approval requires one administrator to review the request.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Review-allOf[1]
object
-
comment(optional):
string
Maximum Length:
1000
A comment associated with the review can be used to describe why the request was approved or rejected. There is no restriction on the contents of the description; it can be a single line or multiple lines with any characters.
-
createdAt(optional):
string(date-time)
Date and time that the review was created. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
format using a UTC timezone. -
decision(optional):
string
Outcome of this review, either approve or reject the request.
Valid values are:
-
approved
- Associated request is approved -
rejected
- Associated request is rejected
-
-
id(optional):
integer(int32)
Request scoped identifier for the review. Reviews identifiers are generated by the system when the review is created and cannot be changed. The identifier is only unique within the scope of the parent request. Newest reviews have the smaller identifier value.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
reviewedBy(optional):
reviewedBy
Get the details of the user or client application that created the review.
Get the details of the user or client application that created the review.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Request Status",
"status":"409",
"detail":"Operation cannot be performed on a request with status '{request.status}'.",
"o:errorCode":"OCE-SITEMGMT-009009",
"required":[
"pending"
]
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Site Policy Violation",
"status":"409",
"detail":"Field '{fieldName}' is {constraint} by the policy associated with this request.",
"o:errorCode":"OCE-SITEMGMT-009035",
"fieldName":"repository",
"constraint":"required"
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Site Already Exists",
"status":"409",
"detail":"A site with the same name already exists.",
"o:errorCode":"OCE-SITEMGMT-009004",
"name":"Oracle Content and Experience"
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Site Prefix Already Exists",
"status":"409",
"detail":"Site with prefix '{sitePrefix}' already exists.",
"o:errorCode":"OCE-SITEMGMT-009029",
"sitePrefix":"News"
}