1. REST API for Sites Management
  2. Tasks
  3. Templates
  4. Policies

Get an Example Request Body for Creating Policy Resources

get

/sites/management/api/v1/templates/{id}/policy/create-form

CREATE FORM

Get a template request body suitable for creating a new policy.The create-form resource provides an example request body that clients can use as a template when creating a new Policy. The example request body property values can be edited, removed or added to and then used as the request body when creating a Policy. Use of the create form is optional, it is only provided as a guide to the request body format.

Authorization

To access this create-form resource requires read access to the parent resource.

Updating Policies for Templates

Policies that have been associated with a template can be updated using the policy resource.

For more information, see Update the Fields of a Policy.

Path Alternative Identifiers

The default identifier for a Template resource is the Template Identifier. The Template resource supports alternative identifiers.

nameTemplate Name

Instead of the template identifier, the template name can be used to uniquely identify a template in the resource path. The default resource path parameter for a template is the template identifier, but when working with templates the human-readable template name is sometimes easier.

http://api.example.com/sites/management/api/v1/templates/name:CafeSupremo/policy/create-form

Introduced in release 19.4.1.

Successful Response Examples

This operation responds with the following success (2xx) responses. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.

200OK

Request

GET https://api.example.com/sites/management/api/v1/templates/{id}/policy/create-form

Response Body

{
  "approvalType": "automatic",
  "security": {
    "level": "service",
    "appliesTo": "named"
  },
  "status": "inactive",
  "accessType": "everyone",
  "repository": "F81629473A3DB8B2A28669F19E68209BBAD3340745B0",
  "localizationPolicyAllowed": false,
  "sitePrefixAllowed": false,
  "expiration": {
    "amount": "2",
    "unit": "months"
  }
}

Client Error Response Examples

This operation responds with following client error (4xx) responses with exception details in the response body. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.

404Not Found - Template Not Found

The site template does not exist or has been deleted, or the authenticated user or client application does not have access to the template.

Error Code

OCE-SITEMGMT-009000

Resolution - Check Identifier

Check that the template identifier is valid.

Resolution - Check Membership

Check that the authenticated user is a member of the template or a site administrator.

Exception Detail Fields

This error type includes the following fields/values in the response:

Field NameDescription
templateTemplate that does not exist or is not visible to the authenticated user.

For detailed information about this exception detail type, consult the TemplateNotFoundExceptionDetail schema in the definitions section of the swagger document.

Example Response Body
{
  "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
  "title": "Template Not Found",
  "status": "404",
  "detail": "Template does not exist or has been deleted, or the authenticated user or client application does not have access to the template.",
  "o:errorCode": "OCE-SITEMGMT-009000",
  "template": {
    "id": "F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6"
  }
}

Request

Path Parameters
Query Parameters

  • Comma-delimited string of field names that should not be included in the response.

  • Comma-separated list of link relation names to exclude from the response.

  • Comma-delimited string of field names to include in the response. Nested fields can be identified using a dot to separate the field names. Field names are case-sensitive. Field names are ignored if the field does not exist.

  • Resources that have been marked for deletion can be read, modified, and support extended operations as long this query parameter is set to true. When the includeDeleted query parameter is not sent then the response to read, modification, and extended operations will be identical to that which would be returned if the resource was permanently deleted.

  • Comma-separated list of link relation names to include in the response. By default, all links are returned.

    The following links are provided by this resource:

    Link RelationshipDescription
    parentDescribes where the parent resource can be read. Equivalent to an up link, this link provides the link to the parent resource, such as the collection resource that contains a singular resource.
    selfDescribes the current returned representation of the resource. Used for links that represent the resource itself. For example, if a resource is returned as part of a collection, the self link will provide the URL path for the individual resource.
    canonicalDescribes the preferred representation of the requested resource. Used for links that represent the canonical form of the resource. For example, if a resource is returned as part of a collection, the canonical link will provide the URL path for the canonical form of the individual resource.
    createDescribes where the resource can be created. Used on collection resources to indicate where a post can be performed to create a new resource in the collection.
    describedByDescribes the schema resource providing metadata information about the resource. Used on collection, singular and relation resources to indicate where the schema resource is that describes the resource.
Back to Top

Response

Supported Media Types

200 Response

OK
Headers
Body ()
Root Schema : schema
Type: object
Show Source

  • Determines whether the policy is applicable to everyone, or to just the users that are part of the access list.

    Valid values are:

    • everyone - Policy, when active, is applicable to everyone
    • restricted - Policy, when active, is applicable to users that are part of the access list

    Introduced in release 19.3.1.

  • When a request is made that is associated with this policy, the request will require the type of approval defined by the policy. If the type of approval is automatic then the request will not require manual approval.

    Valid values are:

    • automatic - A request will automatically be approved without any human approval process involved
    • admin - Any user with the site administrator role can approve the associated request
    • named - Site creation will require approval from one user that is a member of the approvers list associated with the policy

  • expiration

    When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.

    Introduced in release 19.4.1.
  • links

    HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.

  • If a localization policy is not allowed, then the requester will not be permitted to specify a localization policy at the time of requesting a site. The localization policy associated with the template will be used. If a localization policy is allowed, then the requester must specify one at the time of requesting a site. This property can be set only when the template associated with the policy is an enterprise templates.

    Introduced in release 19.2.3.

  • When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.

    Introduced in release 19.2.3.
  • security

    Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.

  • If true, a request for a new site can include an explicit site prefix. If false, then a site prefix must not be provided and will be generated automatically. This property can be set only when the template associated with the policy is an enterprise templates.

    Introduced in release 19.2.3.

  • The policy status specifies whether the policy can be used to perform the operation associated with the policy. If the policy status is inactive then the operation cannot be performed. If the policy status is active then the operation can be performed. For example, for a policy associated with a site template, a status of active means that users can create sites from that site template.

    Valid values are:

    • inactive - Policy that is marked as inactive means the associated operation cannot be requested
    • active - Policy that is marked as active means the associated operation can be requested

Nested Schema : expiration

When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.

Introduced in release 19.4.1.
Match All
Show Source
  • SiteExpirationPeriod

    Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.

    Introduced in release 19.4.1.
Nested Schema : links
Type: array

HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.

Show Source
Nested Schema : security

Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.

Match All
Show Source
  • SecurityPolicy

    The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.

Nested Schema : SiteExpirationPeriod
Type: object

Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.

Introduced in release 19.4.1.
Show Source

  • Amount of time used to measure site expiration.

    Introduced in release 19.4.1.

  • Unit of time used to measure site expiration.

    Valid values are:

    • months - Expiration expressed in the number of months
    • years - Expiration expressed in the number of years

    Introduced in release 19.4.1.
Nested Schema : items
Match All
Show Source
  • Link
Nested Schema : SecurityPolicy
Type: object

The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.

Show Source

  • Define which types of users may access a site. Can include all users or be restricted to named users only.

    Valid values are:

    • named - Only named users within a specified level can access
    • all - All users within a specified level can access

  • Maximum open security level that can be set on a site.

    Valid values are:

    • service - Only service users
    • cloud - Only cloud users who can sign in to your domain
    • everyone - Anyone without signing in

Example Response ()
{
    "approvalType":"automatic",
    "security":{
        "level":"service",
        "appliesTo":"named"
    },
    "status":"inactive",
    "accessType":"everyone",
    "repository":"F81629473A3DB8B2A28669F19E68209BBAD3340745B0",
    "localizationPolicyAllowed":false,
    "sitePrefixAllowed":false,
    "expiration":{
        "amount":"2",
        "unit":"months"
    }
}

400 Response

Bad Request

401 Response

Unauthorized

403 Response

Forbidden

404 Response

Not Found
Headers
Body ()
Root Schema : schema
Match All
Show Source
Nested Schema : TemplateNotFoundExceptionDetail
Match All
Show Source
Nested Schema : ExceptionDetail
Type: object

In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.

Show Source
Nested Schema : TemplateNotFoundExceptionDetail-allOf[1]
Type: object
Show Source
Nested Schema : o:errorDetails
Type: array

Multiple errors can be organized in a hierarchical structure.

Show Source
Nested Schema : items
Match All
Show Source
  • ExceptionDetail

    In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.

Example Response (Template Not Found)
{
    "type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
    "title":"Template Not Found",
    "status":"404",
    "detail":"Template does not exist or has been deleted, or the authenticated user or client application does not have access to the template.",
    "o:errorCode":"OCE-SITEMGMT-009000",
    "template":{
        "id":"F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6"
    }
}

406 Response

Not Acceptable

416 Response

Range Not Satisfiable

429 Response

Too Many Requests

500 Response

Internal Server Error

501 Response

Not Implemented

502 Response

Bad Gateway

503 Response

Service Unavailable

504 Response

Gateway Timeout
Back to Top