Replace the Default Expiration Policy of a Site
/sites/management/api/v1/sites/{id}/extend/policy
Replace the policy associated with the extend site expiration operation. When a site is created from a template that is associated with a policy the extend site expiration operation will inherit the expiration period from the template policy. If the policy needs to be changed it can be replaced or updated. Replacing the policy also clears any access list or approver list members associated with the policy.
Introduced in release 19.4.1.
Authorization
To invoke this operation, the authenticated user or client application must have one of the following roles:
- CECSitesAdministrator
Expiration Date
When the policy is replaced then the site expiration date will be updated to match the expiration period if the policy is active. If an expiration period is set, the site expiration date is recalculated and updated. If no expiration period is set then the site expiration date is cleared. This ensures that the site expiration date is kept in line any changes made to the site expiration policy.
Updating Policies
Policies that have been associated with the extend site expiration operation can also be updated using the policy resource. This allows individual fields to be updated, where replacing the policy sets all the policy fields to the provided values and resets the approver and access lists associated with the policy.
For more information, see Update the Fields of a Policy.
Path Alternative Identifiers
The default identifier for a Site resource is the Site Identifier. The Site resource supports alternative identifiers.
nameSite Name
Instead of the site identifier, the site name can be used to uniquely identify a site in the resource path. The default resource path parameter for a site is the site identifier, but when working with sites the human-readable site name is sometimes easier.
http://api.example.com/sites/management/api/v1/sites/name:MyNewProduct/extend/policy
Introduced in release 19.4.1.
Successful Response Examples
This operation responds with the following success (2xx) responses. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.
200OK - Replace the Site Expiration Period for a Site
Change the expiration period associated with a site so that when site managers extend the expiration date of the site they get a new expiration date for the provided period. Extending the site expiration period requires no approval and is allowed.
Request
PUT https://api.example.com/sites/management/api/v1/sites/{id}/extend/policy
Request Body
{ "status": "active", "approvalType": "automatic", "expiration": { "amount": 6, "unit": "months" } }
Client Error Response Examples
This operation responds with following client error (4xx) responses with exception details in the response body. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.
400Bad Request - Unsupported Policy Field
Indicates that a field in the policy should not be provided. For example, a repository should not be specified in a policy for a standard template.
Error Code
OCE-SITEMGMT-009036
Resolution - Remove Localization Policy Allowed
Remove the policy localizationPolicyAllowed field if the associated template is a standard template.
Resolution - Remove Site Prefix Allowed
Remove the policy sitePrefixAllowed field if the associated template is a standard template.
Resolution - Remove Repository
Remove the policy repository field if the associated template is a standard template.
Exception Detail Fields
This error type includes the following fields/values in the response:
| Field Name | Description |
field | Field name that is incompatible with the type of site. |
For detailed information about this exception detail type, consult the UnsupportedPolicyFieldExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Unsupported Policy Field", "status": "400", "detail": "Field '{field}' should not be provided for this policy.", "o:errorCode": "OCE-SITEMGMT-009036", "field": "repository" }
400Bad Request - Invalid Site Expiration
The provided site expiration period is either too small or too large.
Error Code
OCE-SITEMGMT-009067
Resolution - Choose a Smaller Site Expiration Period
Specify a smaller site expiration period.
Resolution - Choose a Larger Site Expiration Period
Specify a larger site expiration period.
Exception Detail Fields
This error type includes the following fields/values in the response:
| Field Name | Description |
minimum | Minimum site expiration amount. |
maximum | Maximum site expiration amount. |
For detailed information about this exception detail type, consult the InvalidSiteExpirationExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Site Expiration", "status": "400", "detail": "Site expiration must be set to between '{minimum.amount} {minimum.unit}' and '{maximum.amount} {maximum.unit}'.", "o:errorCode": "OCE-SITEMGMT-009067", "minimum": { "amount": "2", "unit": "months" }, "maximum": { "amount": "2", "unit": "months" } }
Introduced in release 19.4.1.
404Not Found - Site Not Found
The site does not exist or has been deleted, or the authenticated user or client application does not have access to the site.
Error Code
OCE-SITEMGMT-009003
Resolution - Check Identifier
Check that the site identifier is valid.
Resolution - Check Membership
Check that the authenticated user is a member of the site or a site administrator.
Exception Detail Fields
This error type includes the following fields/values in the response:
| Field Name | Description |
site | Site that does not exist or is not visible to the authenticated user. |
For detailed information about this exception detail type, consult the SiteNotFoundExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Site Not Found", "status": "404", "detail": "Site does not exist or has been deleted, or the authenticated user or client application does not have access to the site.", "o:errorCode": "OCE-SITEMGMT-009003", "site": { "id": "FCA9C0E5CDCB549A19FFB85987A2352778961003B8A0" } }
404Not Found - Relationship Not Found
An attempt to read a relationship has failed because the relationship does not exist. Reading a relationship can fail if the relationship no longer exists or the authenticated identity is not authorized to read the relationship details.
Error Code
PAAS-005027
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Relationship Not Found", "status": "404", "detail": "Relationship resource not found. There is a relationship to a resource, but the resource at the end of the relationship does not exist, or the authenticated identity cannot see the resource.", "o:errorCode": "PAAS-005027" }
409Conflict - Site Deleted
The operation cannot be performed on a soft deleted site. This error can only occur when the includeDeleted query parameter is set to true.
Error Code
OCE-SITEMGMT-009059
Resolution - Restore Site
Restore the site and then try the operation again.
Exception Detail Fields
This error type includes the following fields/values in the response:
| Field Name | Description |
site | Site that is soft deleted, if the site identifier has been provided. |
For detailed information about this exception detail type, consult the SiteDeletedExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Site Deleted", "status": "409", "detail": "The operation cannot be performed as the site has been soft deleted.", "o:errorCode": "OCE-SITEMGMT-009059", "site": { "id": "FCA9C0E5CDCB549A19FFB85987A2352778961003B8A0" } }
Introduced in release 19.4.1.
This resource represents the relationship between a Site and Policy resource. If the Policy has been deleted or the authenticated user is not authorized to read the resource then the response status code will be 404 Not Found and a Relationship Not Found error will be returned in the response body.
Request
- application/json
-
id: string
Immutable identifier for the site.
Policy details to associate with the extend site expiration date operation.
object-
accessType(optional):
string
Determines whether the policy is applicable to everyone, or to just the users that are part of the access list.
Valid values are:
-
everyone- Policy, when active, is applicable to everyone -
restricted- Policy, when active, is applicable to users that are part of the access list
-
-
approvalType:
string
When a request is made that is associated with this policy, the request will require the type of approval defined by the policy. If the type of approval is automatic then the request will not require manual approval.
Valid values are:
-
automatic- A request will automatically be approved without any human approval process involved -
admin- Any user with the site administrator role can approve the associated request -
named- Site creation will require approval from one user that is a member of the approvers list associated with the policy
-
-
expiration(optional):
expiration
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1. -
links(optional):
array links
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
-
localizationPolicyAllowed(optional):
boolean
If a localization policy is not allowed, then the requester will not be permitted to specify a localization policy at the time of requesting a site. The localization policy associated with the template will be used. If a localization policy is allowed, then the requester must specify one at the time of requesting a site. This property can be set only when the template associated with the policy is an enterprise templates.
Introduced in release 19.2.3. -
repository(optional):
string
When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.
Introduced in release 19.2.3. -
security(optional):
security
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
sitePrefixAllowed(optional):
boolean
If
Introduced in release 19.2.3.true, a request for a new site can include an explicit site prefix. Iffalse, then a site prefix must not be provided and will be generated automatically. This property can be set only when the template associated with the policy is an enterprise templates. -
status:
string
The policy status specifies whether the policy can be used to perform the operation associated with the policy. If the policy status is inactive then the operation cannot be performed. If the policy status is active then the operation can be performed. For example, for a policy associated with a site template, a status of active means that users can create sites from that site template.
Valid values are:
-
inactive- Policy that is marked as inactive means the associated operation cannot be requested -
active- Policy that is marked as active means the associated operation can be requested
-
{
"status":"active",
"approvalType":"automatic",
"expiration":{
"amount":6,
"unit":"months"
}
}When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1.-
object
SiteExpirationPeriod
Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.
arrayHATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
object
SecurityPolicy
The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
objectSite expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.-
amount(optional):
integer(int32)
Amount of time used to measure site expiration.
Introduced in release 19.4.1. -
unit(optional):
string
Unit of time used to measure site expiration.
Valid values are:
-
months- Expiration expressed in the number of months -
years- Expiration expressed in the number of years
-
objectREST HATEOAS link and related metadata. If responses provide links (for example, a self link to the resource itself) the links provided will include one or more of the properties defined on this link structure.
-
href(optional):
string
The target resource URI. URI RFC3986 or URI Template RFC6570. If the value is set to URI Template, then the
templatedproperty must be set totrue. -
mediaType(optional):
string
Media type, as defined by RFC 2046, describing the link target.
-
method(optional):
string
HTTP method for requesting the target of the link.
Valid values are:
-
OPTIONS- HTTP OPTIONS -
HEAD- HTTP HEAD -
GET- HTTP GET -
POST- HTTP POST -
PUT- HTTP PUT -
PATCH- HTTP PATCH -
DELETE- HTTP DELETE
-
-
profile(optional):
string(uri)
Link to the metadata of the resource, such as JSON-schema, that describes the resource expected when dereferencing the target resource.
-
rel(optional):
string
Name of the link relation that, in addition to the type property, can be used to retrieve link details.
-
templated(optional):
boolean
Boolean flag that specifies the
hrefproperty is a URI or URI Template. The property can be assumed to befalseif the property is not present.
objectThe security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
-
appliesTo(optional):
string
Define which types of users may access a site. Can include all users or be restricted to named users only.
Valid values are:
-
named- Only named users within a specified level can access -
all- All users within a specified level can access
-
-
level(optional):
string
Maximum open security level that can be set on a site.
Valid values are:
-
service- Only service users -
cloud- Only cloud users who can sign in to your domain -
everyone- Anyone without signing in
-
Response
- application/json
200 Response
-
Cache-Control: string
Directives for caching mechanisms.
-
Content-Length: string
Size of the response body.
-
Content-Type: string
Content type of the response.
-
allOf
Policy
A policy controls how a request to perform a site-related operation is approved and whether there are any particular restrictions or defaults to apply when that operation is performed.
A policy is associated with a resource, for example a site creation policy can be associated with a site template. A site creation policy, for example, could specify that site administrator approval is required to create a site from a particular site template and that site template has a security level of domain users only.
A policy can be marked as inactive which prevents the operation from being performed or requested.
A policy controls how a request to perform a site-related operation is approved and whether there are any particular restrictions or defaults to apply when that operation is performed.
A policy is associated with a resource, for example a site creation policy can be associated with a site template. A site creation policy, for example, could specify that site administrator approval is required to create a site from a particular site template and that site template has a security level of domain users only.
A policy can be marked as inactive which prevents the operation from being performed or requested.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Policy-allOf[1]
objectAll singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
links(optional):
array links
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
object-
access(optional):
object access
List of users and groups who have the ability to perform the operation associated with the policy. For example, the list of users and groups who can create a site from a template. If the access list is empty all users can perform the policy operation. The access list is only used if the
Introduced in release 19.3.1.accessTypeof the policy is set torestricted. -
accessType(optional):
string
Determines whether the policy is applicable to everyone, or to just the users that are part of the access list.
Valid values are:
-
everyone- Policy, when active, is applicable to everyone -
restricted- Policy, when active, is applicable to users that are part of the access list
-
-
approvalType(optional):
string
When a request is made that is associated with this policy, the request will require the type of approval defined by the policy. If the type of approval is automatic then the request will not require manual approval.
Valid values are:
-
automatic- A request will automatically be approved without any human approval process involved -
admin- Any user with the site administrator role can approve the associated request -
named- Site creation will require approval from one user that is a member of the approvers list associated with the policy
-
-
approvers(optional):
object approvers
List of users and groups who have the ability to approve any request associated with the policy. For example, the list of users and groups who can approve creating a site from a template. The approval list is only used if the approval type is set to named approvers.
Introduced in release 19.3.3. -
expiration(optional):
expiration
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1. -
id(optional):
string
Globally unique identifier for a policy.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
localizationPolicyAllowed(optional):
boolean
If a localization policy is not allowed, then the requester will not be permitted to specify a localization policy at the time of requesting a site. The localization policy associated with the template will be used. If a localization policy is allowed, then the requester must specify one at the time of requesting a site. This property can be set only when the template associated with the policy is an enterprise templates.
Introduced in release 19.2.3. -
repository(optional):
repository
When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.
Introduced in release 19.2.3. -
revision(optional):
integer(int64)
Every time a policy is edited, the revision number is incremented. Revision numbers start at zero. The revision number can be used to see if a policy has changed since it was last requested as the revision is also used as the strong
ETagvalue for this resource. -
security(optional):
security
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
sitePrefixAllowed(optional):
boolean
If
Introduced in release 19.2.3.true, a request for a new site can include an explicit site prefix. Iffalse, then a site prefix must not be provided and will be generated automatically. This property can be set only when the template associated with the policy is an enterprise templates. -
status(optional):
string
The policy status specifies whether the policy can be used to perform the operation associated with the policy. If the policy status is inactive then the operation cannot be performed. If the policy status is active then the operation can be performed. For example, for a policy associated with a site template, a status of active means that users can create sites from that site template.
Valid values are:
-
inactive- Policy that is marked as inactive means the associated operation cannot be requested -
active- Policy that is marked as active means the associated operation can be requested
-
arrayHATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
objectREST HATEOAS link and related metadata. If responses provide links (for example, a self link to the resource itself) the links provided will include one or more of the properties defined on this link structure.
-
href(optional):
string
The target resource URI. URI RFC3986 or URI Template RFC6570. If the value is set to URI Template, then the
templatedproperty must be set totrue. -
mediaType(optional):
string
Media type, as defined by RFC 2046, describing the link target.
-
method(optional):
string
HTTP method for requesting the target of the link.
Valid values are:
-
OPTIONS- HTTP OPTIONS -
HEAD- HTTP HEAD -
GET- HTTP GET -
POST- HTTP POST -
PUT- HTTP PUT -
PATCH- HTTP PATCH -
DELETE- HTTP DELETE
-
-
profile(optional):
string(uri)
Link to the metadata of the resource, such as JSON-schema, that describes the resource expected when dereferencing the target resource.
-
rel(optional):
string
Name of the link relation that, in addition to the type property, can be used to retrieve link details.
-
templated(optional):
boolean
Boolean flag that specifies the
hrefproperty is a URI or URI Template. The property can be assumed to befalseif the property is not present.
objectList of users and groups who have the ability to perform the operation associated with the policy. For example, the list of users and groups who can create a site from a template. If the access list is empty all users can perform the policy operation. The access list is only used if the accessType of the policy is set to restricted.
-
items:
array items
Collection of Policy Access Member elements.
Introduced in release 19.3.1.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
objectList of users and groups who have the ability to approve any request associated with the policy. For example, the list of users and groups who can approve creating a site from a template. The approval list is only used if the approval type is set to named approvers.
Introduced in release 19.3.3.-
items:
array items
Collection of Policy Approvers Member elements.
Introduced in release 19.3.3.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1.-
object
SiteExpirationPeriod
Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.
When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.
Introduced in release 19.2.3.-
allOf
Repository
Repositories are a storage location for files, both text and images. Repository administrators can create a repository with channel policies and localization policies designated for the repository. Multiple repositories can be created to handle different marketing needs.
A repository can be used to manage all the assets you need in one place. For example, perhaps your company sells computer equipment. One repository could be set up to handle the files related to desktop computers. Another repository could be used for tablets. Each repository might contain photos, graphics, and content about the different kinds of computers. The assets in each repository are controlled by the policies you allocate to the repository.
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
object
SecurityPolicy
The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
arrayCollection of Policy Access Member elements.
Introduced in release 19.3.1.All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
CollectionResource-allOf[1]
object-
count(optional):
integer(int32)
Total number of resources in the response.
-
hasMore(optional):
boolean
Collection has more elements that match the request. Indicates whether there are more items to be returned when a paged request is made and the page was not big enough to return all elements.
-
limit(optional):
integer(int32)
Actual response size limit used. If the request specifies too large a limit, or does not specify a limit then the response will specify the limit used.
-
offset(optional):
integer(int64)
Actual response offset used. If the request specifies no offset then the actual offset is provided in the response.
-
totalResults(optional):
integer(int64)
Total number of resources that match the request. If provided, this is the total number of available items. If not specified the total is not known, or is not viable to return. Paging limits or offsets are ignored when calculating this value. Only returned if the
totalResultsparameter is supported and is set totrueby the client.
object-
displayName(optional):
string
Display name for the user, client application or group.
Introduced in release 19.3.1. -
group(optional):
group
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.1. -
groupType(optional):
string
If the member is a group, then the type of group is specified. If the member is a user this field is not present.
Valid values are:
-
oce- Content management group -
idp- identity provider group
-
-
id:
string
Identifier for the user, client application or group member.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.1. -
isExternalUser(optional):
boolean
Will be set to true if the associated user or client application has only the external user role.
Introduced in release 21.10.2. -
name:
string
Unique name for the user, client application or group. If the member is a user the name is the user name. If the member is a group the name is the group name.
Introduced in release 19.3.1. -
type:
string
Indicates the member is a user, client application or group.
Valid values are:
-
user- Member is a user or a client application. No distinction is made between a member that is a user or a
-
group- Member is a group
-
-
user(optional):
user
User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.1.
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.1.User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.1.A group is a collection of users and groups. A group has a human readable group name.
Introduced in release 19.3.1.-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Group-allOf[1]
object-
displayName(optional):
string
Human-readable name for the group.
Introduced in release 19.3.1. -
groupName(optional):
string
Group name that is unique within the service instance.
Introduced in release 19.3.1. -
id(optional):
string
Unique identifer for the group.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.1. -
roles(optional):
array roles
Roles.
Valid values are:
-
CECServiceAdministrator- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator- Repository Administrator -
CECDeveloperUser- Developer User -
CECContentAdministrator- Content Administrator
- Create new content types and publish items
-
CECStandardUser- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser- External User
-
CECIntegrationUser- Integration User
-
CECSitesVisitor- Sites Visitor
-
-
type(optional):
string
Type of the group.
Valid values are:
-
oce- Content management group -
idp- identity provider group
-
arrayRoles.
Valid values are:
-
CECServiceAdministrator- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator- Repository Administrator -
CECDeveloperUser- Developer User -
CECContentAdministrator- Content Administrator
- Create new content types and publish items
-
CECStandardUser- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser- External User
-
CECIntegrationUser- Integration User
-
CECSitesVisitor- Sites Visitor
typeIdentity representing a user or client application. The identity contains the common information such as the identity identifier, unique name and display name.
Introduced in release 20.3.1.-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Identity-allOf[1]
object-
displayName(optional):
string
Human-readable display name.
Introduced in release 20.3.1. -
id(optional):
string
An identifier value allocated by CEC for the user or client application. The identifier is unique within the scope of the service.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 20.3.1. -
name(optional):
string
Unique name, such as the user name or client application name.
Introduced in release 20.3.1. -
roles(optional):
array roles
Roles.
Valid values are:
-
CECServiceAdministrator- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator- Repository Administrator -
CECDeveloperUser- Developer User -
CECContentAdministrator- Content Administrator
- Create new content types and publish items
-
CECStandardUser- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser- External User
-
CECIntegrationUser- Integration User
-
CECSitesVisitor- Sites Visitor
-
-
type(optional):
string
Type of Identity. Valid values are:
Introduced in release 20.3.1.user,service,application,unknown.
arrayRoles.
Valid values are:
-
CECServiceAdministrator- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator- Repository Administrator -
CECDeveloperUser- Developer User -
CECContentAdministrator- Content Administrator
- Create new content types and publish items
-
CECStandardUser- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser- External User
-
CECIntegrationUser- Integration User
-
CECSitesVisitor- Sites Visitor
arrayCollection of Policy Approvers Member elements.
Introduced in release 19.3.3.object-
displayName(optional):
string
Display name for the user, client application or group.
Introduced in release 19.3.3. -
group(optional):
group
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3. -
groupType(optional):
string
If the member is a group, then the type of group is specified. If the member is a user this field is not present.
Valid values are:
-
oce- Content management group -
idp- identity provider group
-
-
id:
string
Identifier for the user, client application or group member.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.3. -
isExternalUser(optional):
boolean
Will be set to true if the associated user or client application has only the external user role.
Introduced in release 21.10.2. -
name:
string
Unique name for the user, client application or group. If the member is a user the name is the user name. If the member is a group the name is the group name.
Introduced in release 19.3.3. -
type:
string
Indicates the member is a user, client application or group.
Valid values are:
-
user- Member is a user or a client application. No distinction is made between a member that is a user or a
-
group- Member is a group
-
-
user(optional):
user
User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3.User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.objectSite expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.-
amount(optional):
integer(int32)
Amount of time used to measure site expiration.
Introduced in release 19.4.1. -
unit(optional):
string
Unit of time used to measure site expiration.
Valid values are:
-
months- Expiration expressed in the number of months -
years- Expiration expressed in the number of years
-
Repositories are a storage location for files, both text and images. Repository administrators can create a repository with channel policies and localization policies designated for the repository. Multiple repositories can be created to handle different marketing needs.
A repository can be used to manage all the assets you need in one place. For example, perhaps your company sells computer equipment. One repository could be set up to handle the files related to desktop computers. Another repository could be used for tablets. Each repository might contain photos, graphics, and content about the different kinds of computers. The assets in each repository are controlled by the policies you allocate to the repository.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Repository-allOf[1]
object-
autoTagEnabled(optional):
boolean
Whether auto tagging is enabled for the repository.
-
channels(optional):
array channels
Channels associated with the repository.
-
contentTypes(optional):
array contentTypes
Content types associated with the repository.
-
createdBy(optional):
string
User that created the repository.
-
createdDate(optional):
createdDate
Date and time the repository was created.
-
defaultLanguage(optional):
string
Default language of the repository.
-
description(optional):
string
Human-readable description of the repository to give consumers an idea of what content this repository contains.
-
id(optional):
string
Unique identifier for the repository.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
languageOptions(optional):
array languageOptions
Language options for the repository.
-
name(optional):
string
Short human-readable name to identify the repository.
-
roleName(optional):
string
The role the authenticated user has within the repository.
Valid values are:
-
owner- Owner of the resource -
custom- Custom role -
manager- Manager role -
contributor- Contributor role -
downloader- Downloader role -
viewer- Viewer role
-
-
updatedBy(optional):
string
User that last updated the repository. If the repository has not been updated the updated by will be the user that created the repository.
-
updatedDate(optional):
updatedDate
Date and time the repository was last updated.
Date and time the repository was created.
-
object
DateTimeZone
Date, time and time zone.
Date and time the repository was last updated.
-
object
DateTimeZone
Date, time and time zone.
objectChannel identifier.
-
id(optional):
string
Unique identifier for the repository.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
name(optional):
string
Short unique human-readable name to identify the channel.
objectContent type identifier.
-
name(optional):
string
Content type name.
objectDate, time and time zone.
-
description(optional):
string
Description of the date, time and time zone information.
-
timezone(optional):
string
Timezone in Olson database format.
-
value(optional):
string(date-time)
Date in ISO 8601 format. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'format using a UTC timezone.
objectThe security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
-
appliesTo(optional):
string
Define which types of users may access a site. Can include all users or be restricted to named users only.
Valid values are:
-
named- Only named users within a specified level can access -
all- All users within a specified level can access
-
-
level(optional):
string
Maximum open security level that can be set on a site.
Valid values are:
-
service- Only service users -
cloud- Only cloud users who can sign in to your domain -
everyone- Anyone without signing in
-
{
"id":"721af08b-32db-4eee-b6af-0c38d3ba4681",
"status":"inactive",
"approvalType":"automatic",
"accessType":"everyone",
"security":{
"level":"service",
"appliesTo":"named"
},
"localizationPolicyAllowed":false,
"sitePrefixAllowed":false,
"expiration":{
"amount":"2",
"unit":"months"
},
"revision":"0"
}400 Response
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
UnsupportedPolicyFieldExceptionDetail-allOf[1]
objectIn addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
titleordetail. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCodefor this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object-
field(optional):
string
Field name that is incompatible with the type of site.
arrayMultiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Unsupported Policy Field",
"status":"400",
"detail":"Field '{field}' should not be provided for this policy.",
"o:errorCode":"OCE-SITEMGMT-009036",
"field":"repository"
}{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Site Expiration",
"status":"400",
"detail":"Site expiration must be set to between '{minimum.amount} {minimum.unit}' and '{maximum.amount} {maximum.unit}'.",
"o:errorCode":"OCE-SITEMGMT-009067",
"minimum":{
"amount":"2",
"unit":"months"
},
"maximum":{
"amount":"2",
"unit":"months"
}
}401 Response
403 Response
404 Response
-
Cache-Control: string
Directives for caching mechanisms.
-
Content-Length: string
Size of the response body.
-
Content-Type: string
Content type of the response.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
SiteNotFoundExceptionDetail-allOf[1]
objectIn addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
titleordetail. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCodefor this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object-
site(optional):
string
Site that does not exist or is not visible to the authenticated user.
arrayMultiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Site Not Found",
"status":"404",
"detail":"Site does not exist or has been deleted, or the authenticated user or client application does not have access to the site.",
"o:errorCode":"OCE-SITEMGMT-009003",
"site":{
"id":"FCA9C0E5CDCB549A19FFB85987A2352778961003B8A0"
}
}{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Relationship Not Found",
"status":"404",
"detail":"Relationship resource not found. There is a relationship to a resource, but the resource at the end of the relationship does not exist, or the authenticated identity cannot see the resource.",
"o:errorCode":"PAAS-005027"
}406 Response
409 Response
-
allOf
SiteDeletedExceptionDetail
Introduced in release 19.4.1.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
SiteDeletedExceptionDetail-allOf[1]
objectIn addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
titleordetail. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCodefor this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object-
site(optional):
string
Site that is soft deleted, if the site identifier has been provided.
Introduced in release 19.4.1.
arrayMultiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Site Deleted",
"status":"409",
"detail":"The operation cannot be performed as the site has been soft deleted.",
"o:errorCode":"OCE-SITEMGMT-009059",
"site":{
"id":"FCA9C0E5CDCB549A19FFB85987A2352778961003B8A0"
}
}