Associate a Policy with a Template
/sites/management/api/v1/templates/{id}/policy
Create and associate a policy with a template. When site governance is enabled, only templates that are associated with a site creation policy that has an active
status can be used to create sites. Only one policy can be associated with a template. If a policy is created for an enterprise template, enterprise site-related fields, such as allowing a site prefix to be specified, can be specified in the policy. When site governance is disabled any policy associated with a template is ignored and has no affect.
Authorization
To invoke this operation, the authenticated user or client application must have one of the following roles:
- CECSitesAdministrator
Setting the Policy Access Type
If no access type is specified when creating a policy, the access type will default to everyone
. When specifying a policy with a restricted
access type the set of users, applications or groups that have access to the template are added using the access list.
For more information, see Add a User, Application or Group to the Access List.
Updating Policies for Templates
Policies that have been associated with a template can be updated using the policy resource.
For more information, see Update the Fields of a Policy.
Path Alternative Identifiers
The default identifier for a Template resource is the Template Identifier. The Template resource supports alternative identifiers.
nameTemplate Name
Instead of the template identifier, the template name can be used to uniquely identify a template in the resource path. The default resource path parameter for a template is the template identifier, but when working with templates the human-readable template name is sometimes easier.
http://api.example.com/sites/management/api/v1/templates/name:CafeSupremo/policy
Introduced in release 19.4.1.
Successful Response Examples
This operation responds with the following success (2xx) responses. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.
201Created - Create an Automatic Approval Policy
Associate a policy with a standard site template that allows anyone to create a site without approval. When the site is online the site allows access to everyone.
Request
POST https://api.example.com/sites/management/api/v1/templates/{id}/policy
Request Body
{ "status": "active", "approvalType": "automatic", "accessType": "everyone", "security": { "level": "everyone", "appliesTo": "all" } }
201Created - Create an Administrator Approved Policy
Associate a policy with an enterprise site template that only allows restricted users to request sites. A site administrator needs to approve the request before a site is created. The asset repository is also fixed by the policy and cannot be chosen by the user. Site prefixes and localization policy cannot be specified by the user requesting the site. When the site is online the site allows access to all authenticated cloud users.
Request
POST https://api.example.com/sites/management/api/v1/templates/{id}/policy
Request Body
{ "status": "active", "approvalType": "admin", "accessType": "restricted", "security": { "level": "cloud", "appliesTo": "all" }, "repository": "F81629473A3DB8B2A28669F19E68209BBAD3340745B0", "localizationPolicyAllowed": false, "sitePrefixAllowed": false }
201Created - Create a Named User Approved Policy
Associate a policy with a standard template that prevents anyone creating a site from the template, but can be activated at a later date. The policy, when activated, any one can request a site, but the request requires approval from a user that has been added to the policy approvers list.
Request
POST https://api.example.com/sites/management/api/v1/templates/{id}/policy
Request Body
{ "status": "inactive", "approvalType": "named", "accessType": "everyone", "security": { "level": "everyone", "appliesTo": "all" } }Introduced in release 19.3.3.
201Created - Create a Policy that Includes Site Expiration
Associate a policy with a standard template that includes a site expiration period. When sites are created from the template an expiration date will be calculated and set on the site.
Request
POST https://api.example.com/sites/management/api/v1/templates/{id}/policy
Request Body
{ "status": "inactive", "approvalType": "admin", "expiration": { "amount": 2, "unit": "years" } }Introduced in release 19.4.1.
Client Error Response Examples
This operation responds with following client error (4xx) responses with exception details in the response body. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.
400Bad Request - Unsupported Policy Field
Indicates that a field in the policy should not be provided. For example, a repository should not be specified in a policy for a standard template.
Error Code
OCE-SITEMGMT-009036
Resolution - Remove Localization Policy Allowed
Remove the policy localizationPolicyAllowed
field if the associated template is a standard template.
Resolution - Remove Site Prefix Allowed
Remove the policy sitePrefixAllowed
field if the associated template is a standard template.
Resolution - Remove Repository
Remove the policy repository
field if the associated template is a standard template.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
field | Field name that is incompatible with the type of site. |
For detailed information about this exception detail type, consult the UnsupportedPolicyFieldExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Unsupported Policy Field", "status": "400", "detail": "Field '{field}' should not be provided for this policy.", "o:errorCode": "OCE-SITEMGMT-009036", "field": "repository" }
400Bad Request - Invalid Security Scope
The site security scope named
cannot be used with a security level of everyone
. A site security scope of all
must be used when using a security level of everyone
.
Error Code
OCE-SITEMGMT-009018
Resolution - Edit Site Security Scope
Change the security scope to the suggested required scope value.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
level | Specified site security level. Valid values are:
|
specifiedScope | Specified site security scope. Valid values are:
|
requiredScope | Required site security scope. Valid values are:
|
For detailed information about this exception detail type, consult the InvalidSecurityScopeExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Security Scope", "status": "400", "detail": "Site security scope '{specifiedScope}' is not valid with a site security level of '{level}'. Use a security scope of '{requiredScope}'.", "o:errorCode": "OCE-SITEMGMT-009018", "level": "service", "specifiedScope": "named", "requiredScope": "all" }
400Bad Request - Invalid Repository
The referenced repository could not be found. Either the repository does not exist or has been deleted, or the authenticated user or client application does not have access to the repository.
Error Code
OCE-CAAS-001006
Resolution - Check Identifier
Check that the repository identifier is valid.
Resolution - Check Membership
Check that the authenticated user is a member of the repository and they have the relevant role to perform the operation relating to the repository.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
repository | Repository that does not exist or is not visible to the authenticated user, if the repository identifier has been provided. |
For detailed information about this exception detail type, consult the InvalidRepositoryExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Repository", "status": "400", "detail": "Repository does not exist or has been deleted, or the authenticated user or client application does not have access to the repository.", "o:errorCode": "OCE-CAAS-001006", "repository": { "id": "F81629473A3DB8B2A28669F19E68209BBAD3340745B0" } }
Introduced in release 19.2.3.
400Bad Request - Invalid Site Expiration
The provided site expiration period is either too small or too large.
Error Code
OCE-SITEMGMT-009067
Resolution - Choose a Smaller Site Expiration Period
Specify a smaller site expiration period.
Resolution - Choose a Larger Site Expiration Period
Specify a larger site expiration period.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
minimum | Minimum site expiration amount. |
maximum | Maximum site expiration amount. |
For detailed information about this exception detail type, consult the InvalidSiteExpirationExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Site Expiration", "status": "400", "detail": "Site expiration must be set to between '{minimum.amount} {minimum.unit}' and '{maximum.amount} {maximum.unit}'.", "o:errorCode": "OCE-SITEMGMT-009067", "minimum": { "amount": "2", "unit": "months" }, "maximum": { "amount": "2", "unit": "months" } }
Introduced in release 19.4.1.
404Not Found - Template Not Found
The site template does not exist or has been deleted, or the authenticated user or client application does not have access to the template.
Error Code
OCE-SITEMGMT-009000
Resolution - Check Identifier
Check that the template identifier is valid.
Resolution - Check Membership
Check that the authenticated user is a member of the template or a site administrator.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
template | Template that does not exist or is not visible to the authenticated user. |
For detailed information about this exception detail type, consult the TemplateNotFoundExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Template Not Found", "status": "404", "detail": "Template does not exist or has been deleted, or the authenticated user or client application does not have access to the template.", "o:errorCode": "OCE-SITEMGMT-009000", "template": { "id": "F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6" } }
404Not Found - Relationship Not Found
An attempt to read a relationship has failed because the relationship does not exist. Reading a relationship can fail if the relationship no longer exists or the authenticated identity is not authorized to read the relationship details.
Error Code
PAAS-005027
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Relationship Not Found", "status": "404", "detail": "Relationship resource not found. There is a relationship to a resource, but the resource at the end of the relationship does not exist, or the authenticated identity cannot see the resource.", "o:errorCode": "PAAS-005027" }
409Conflict - Template Policy Already Exists
A template can only have one policy association.
Error Code
OCE-SITEMGMT-009006
Resolution - Edit the Policy
If a policy is already associated with the template, use the policies resource patch
method to edit the policy.
Resolution - Unlink the Policy
Unlink the policy using the template relationship resource and then retry the request to create the required policy.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
policy | Policy associated with the template. |
For detailed information about this exception detail type, consult the TemplatePolicyAlreadyExistsExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Template Policy Already Exists", "status": "409", "detail": "A policy has already been associated with this template.", "o:errorCode": "OCE-SITEMGMT-009006", "policy": { "id": "721af08b-32db-4eee-b6af-0c38d3ba4681" } }
409Conflict - Template Deleted
The operation cannot be performed on a soft deleted template. This error can only occur when the includeDeleted
query parameter set to true
Error Code
OCE-SITEMGMT-009061
Resolution - Restore Template
Restore the template and then try the operation again.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
template | Template that is soft deleted. |
For detailed information about this exception detail type, consult the TemplateDeletedExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Template Deleted", "status": "409", "detail": "The operation cannot be performed as the template has been soft deleted.", "o:errorCode": "OCE-SITEMGMT-009061", "template": { "id": "F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6" } }
Introduced in release 19.4.1.
409Conflict - Missing Template Localization Policy
The policy must allow the user to specify a localization policy because the associated enterprise site template does not have a default localization policy.
If the localization policy associated with a template is deleted, then this error can also occur. If a template localization policy is missing it will prevent site requests from completing where the associated policy specifies that the template localization policy should be used.
Error Code
OCE-SITEMGMT-009030
Resolution - Update the Localization Policy
Change the template policy to allow a localization policy to be specified by the requesting user.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
template | Template that has a missing localization policy. |
For detailed information about this exception detail type, consult the MissingTemplateLocalizationPolicyExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Missing Template Localization Policy", "status": "409", "detail": "The template does not have a localization policy, or the localization policy associated with the template has been deleted.", "o:errorCode": "OCE-SITEMGMT-009030", "template": { "id": "F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6" } }
This resource represents the relationship between a Template and Policy resource. If there is no Policy associated with the Template then the response status code will be 204 No Content. If the Policy has been deleted or the authenticated user is not authorized to read the resource then the response status code will be 404 Not Found and a Relationship Not Found error will be returned in the response body.
Request
- application/json
-
id: string
Immutable identifier for the template.
-
includeDeleted(optional): boolean
Resources that have been marked for deletion can be read, modified, and support extended operations as long this query parameter is set to
true
. When theincludeDeleted
query parameter is not sent then the response to read, modification, and extended operations will be identical to that which would be returned if the resource was permanently deleted.
Policy details to associate with the template.
object
-
accessType(optional):
string
Determines whether the policy is applicable to everyone, or to just the users that are part of the access list.
Valid values are:
-
everyone
- Policy, when active, is applicable to everyone -
restricted
- Policy, when active, is applicable to users that are part of the access list
-
-
approvalType:
string
When a request is made that is associated with this policy, the request will require the type of approval defined by the policy. If the type of approval is automatic then the request will not require manual approval.
Valid values are:
-
automatic
- A request will automatically be approved without any human approval process involved -
admin
- Any user with the site administrator role can approve the associated request -
named
- Site creation will require approval from one user that is a member of the approvers list associated with the policy
-
-
expiration(optional):
expiration
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1. -
links(optional):
array links
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
-
localizationPolicyAllowed(optional):
boolean
If a localization policy is not allowed, then the requester will not be permitted to specify a localization policy at the time of requesting a site. The localization policy associated with the template will be used. If a localization policy is allowed, then the requester must specify one at the time of requesting a site. This property can be set only when the template associated with the policy is an enterprise templates.
Introduced in release 19.2.3. -
repository(optional):
string
When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.
Introduced in release 19.2.3. -
security(optional):
security
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
sitePrefixAllowed(optional):
boolean
If
Introduced in release 19.2.3.true
, a request for a new site can include an explicit site prefix. Iffalse
, then a site prefix must not be provided and will be generated automatically. This property can be set only when the template associated with the policy is an enterprise templates. -
status:
string
The policy status specifies whether the policy can be used to perform the operation associated with the policy. If the policy status is inactive then the operation cannot be performed. If the policy status is active then the operation can be performed. For example, for a policy associated with a site template, a status of active means that users can create sites from that site template.
Valid values are:
-
inactive
- Policy that is marked as inactive means the associated operation cannot be requested -
active
- Policy that is marked as active means the associated operation can be requested
-
{
"status":"active",
"approvalType":"automatic",
"accessType":"everyone",
"security":{
"level":"everyone",
"appliesTo":"all"
}
}
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1.-
object
SiteExpirationPeriod
Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.
array
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
object
SecurityPolicy
The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
object
Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.-
amount(optional):
integer(int32)
Amount of time used to measure site expiration.
Introduced in release 19.4.1. -
unit(optional):
string
Unit of time used to measure site expiration.
Valid values are:
-
months
- Expiration expressed in the number of months -
years
- Expiration expressed in the number of years
-
object
REST HATEOAS link and related metadata. If responses provide links (for example, a self
link to the resource itself) the links provided will include one or more of the properties defined on this link structure.
-
href(optional):
string
The target resource URI. URI RFC3986 or URI Template RFC6570. If the value is set to URI Template, then the
templated
property must be set totrue
. -
mediaType(optional):
string
Media type, as defined by RFC 2046, describing the link target.
-
method(optional):
string
HTTP method for requesting the target of the link.
Valid values are:
-
OPTIONS
- HTTP OPTIONS -
HEAD
- HTTP HEAD -
GET
- HTTP GET -
POST
- HTTP POST -
PUT
- HTTP PUT -
PATCH
- HTTP PATCH -
DELETE
- HTTP DELETE
-
-
profile(optional):
string(uri)
Link to the metadata of the resource, such as JSON-schema, that describes the resource expected when dereferencing the target resource.
-
rel(optional):
string
Name of the link relation that, in addition to the type property, can be used to retrieve link details.
-
templated(optional):
boolean
Boolean flag that specifies the
href
property is a URI or URI Template. The property can be assumed to befalse
if the property is not present.
object
The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
-
appliesTo(optional):
string
Define which types of users may access a site. Can include all users or be restricted to named users only.
Valid values are:
-
named
- Only named users within a specified level can access -
all
- All users within a specified level can access
-
-
level(optional):
string
Maximum open security level that can be set on a site.
Valid values are:
-
service
- Only service users -
cloud
- Only cloud users who can sign in to your domain -
everyone
- Anyone without signing in
-
Response
- application/json
- application/vnd.oracle.resource+json;type=singular
201 Response
-
Cache-Control: string
Directives for caching mechanisms.
-
Content-Length: string
Size of the response body.
-
Content-Type: string
Content type of the response.
-
Location: string
Location of the resource.
-
allOf
Policy
A policy controls how a request to perform a site-related operation is approved and whether there are any particular restrictions or defaults to apply when that operation is performed.
A policy is associated with a resource, for example a site creation policy can be associated with a site template. A site creation policy, for example, could specify that site administrator approval is required to create a site from a particular site template and that site template has a security level of domain users only.
A policy can be marked as inactive which prevents the operation from being performed or requested.
A policy controls how a request to perform a site-related operation is approved and whether there are any particular restrictions or defaults to apply when that operation is performed.
A policy is associated with a resource, for example a site creation policy can be associated with a site template. A site creation policy, for example, could specify that site administrator approval is required to create a site from a particular site template and that site template has a security level of domain users only.
A policy can be marked as inactive which prevents the operation from being performed or requested.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Policy-allOf[1]
object
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
links(optional):
array links
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
object
-
access(optional):
object access
List of users and groups who have the ability to perform the operation associated with the policy. For example, the list of users and groups who can create a site from a template. If the access list is empty all users can perform the policy operation. The access list is only used if the
Introduced in release 19.3.1.accessType
of the policy is set torestricted
. -
accessType(optional):
string
Determines whether the policy is applicable to everyone, or to just the users that are part of the access list.
Valid values are:
-
everyone
- Policy, when active, is applicable to everyone -
restricted
- Policy, when active, is applicable to users that are part of the access list
-
-
approvalType(optional):
string
When a request is made that is associated with this policy, the request will require the type of approval defined by the policy. If the type of approval is automatic then the request will not require manual approval.
Valid values are:
-
automatic
- A request will automatically be approved without any human approval process involved -
admin
- Any user with the site administrator role can approve the associated request -
named
- Site creation will require approval from one user that is a member of the approvers list associated with the policy
-
-
approvers(optional):
object approvers
List of users and groups who have the ability to approve any request associated with the policy. For example, the list of users and groups who can approve creating a site from a template. The approval list is only used if the approval type is set to named approvers.
Introduced in release 19.3.3. -
expiration(optional):
expiration
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1. -
id(optional):
string
Globally unique identifier for a policy.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
localizationPolicyAllowed(optional):
boolean
If a localization policy is not allowed, then the requester will not be permitted to specify a localization policy at the time of requesting a site. The localization policy associated with the template will be used. If a localization policy is allowed, then the requester must specify one at the time of requesting a site. This property can be set only when the template associated with the policy is an enterprise templates.
Introduced in release 19.2.3. -
repository(optional):
repository
When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.
Introduced in release 19.2.3. -
revision(optional):
integer(int64)
Every time a policy is edited, the revision number is incremented. Revision numbers start at zero. The revision number can be used to see if a policy has changed since it was last requested as the revision is also used as the strong
ETag
value for this resource. -
security(optional):
security
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
sitePrefixAllowed(optional):
boolean
If
Introduced in release 19.2.3.true
, a request for a new site can include an explicit site prefix. Iffalse
, then a site prefix must not be provided and will be generated automatically. This property can be set only when the template associated with the policy is an enterprise templates. -
status(optional):
string
The policy status specifies whether the policy can be used to perform the operation associated with the policy. If the policy status is inactive then the operation cannot be performed. If the policy status is active then the operation can be performed. For example, for a policy associated with a site template, a status of active means that users can create sites from that site template.
Valid values are:
-
inactive
- Policy that is marked as inactive means the associated operation cannot be requested -
active
- Policy that is marked as active means the associated operation can be requested
-
array
HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.
object
REST HATEOAS link and related metadata. If responses provide links (for example, a self
link to the resource itself) the links provided will include one or more of the properties defined on this link structure.
-
href(optional):
string
The target resource URI. URI RFC3986 or URI Template RFC6570. If the value is set to URI Template, then the
templated
property must be set totrue
. -
mediaType(optional):
string
Media type, as defined by RFC 2046, describing the link target.
-
method(optional):
string
HTTP method for requesting the target of the link.
Valid values are:
-
OPTIONS
- HTTP OPTIONS -
HEAD
- HTTP HEAD -
GET
- HTTP GET -
POST
- HTTP POST -
PUT
- HTTP PUT -
PATCH
- HTTP PATCH -
DELETE
- HTTP DELETE
-
-
profile(optional):
string(uri)
Link to the metadata of the resource, such as JSON-schema, that describes the resource expected when dereferencing the target resource.
-
rel(optional):
string
Name of the link relation that, in addition to the type property, can be used to retrieve link details.
-
templated(optional):
boolean
Boolean flag that specifies the
href
property is a URI or URI Template. The property can be assumed to befalse
if the property is not present.
object
List of users and groups who have the ability to perform the operation associated with the policy. For example, the list of users and groups who can create a site from a template. If the access list is empty all users can perform the policy operation. The access list is only used if the accessType
of the policy is set to restricted
.
-
items:
array items
Collection of Policy Access Member elements.
Introduced in release 19.3.1.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
object
List of users and groups who have the ability to approve any request associated with the policy. For example, the list of users and groups who can approve creating a site from a template. The approval list is only used if the approval type is set to named approvers.
Introduced in release 19.3.3.-
items:
array items
Collection of Policy Approvers Member elements.
Introduced in release 19.3.3.
-
allOf
CollectionResource
All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
When a site is created an expiration date can be set on the site if the policy associated with the site template has a site expiration period set. When a site has expired the site cannot be activated unless the expiration period is extended.
Introduced in release 19.4.1.-
object
SiteExpirationPeriod
Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.
When a policy is created, or edited, the policy can be associated with an asset repository. When a new site is requested, the site will be associated with the policy-defined asset repository. The user cannot specify a repository when creating a new a site if the repository is set on the policy. If there is no asset repository associated with the policy, then an asset repository can be specified when the user creates a new site. An asset repository can be only associated with a policy if the policy is associated with an enterprise template. Standard sites do not get associated with an asset repository.
Introduced in release 19.2.3.-
allOf
Repository
Repositories are a storage location for files, both text and images. Repository administrators can create a repository with channel policies and localization policies designated for the repository. Multiple repositories can be created to handle different marketing needs.
A repository can be used to manage all the assets you need in one place. For example, perhaps your company sells computer equipment. One repository could be set up to handle the files related to desktop computers. Another repository could be used for tablets. Each repository might contain photos, graphics, and content about the different kinds of computers. The assets in each repository are controlled by the policies you allocate to the repository.
Security policy for site creation policies. The security policy specifies the minimum level of security a site can have.
-
object
SecurityPolicy
The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
array
Collection of Policy Access Member elements.
Introduced in release 19.3.1.All collections returned by REST APIs extend the standard collection definition. The definition provides information about the total number of items, the offset and limit details for the items returned, the number of items and an indicator to whether there are more items available.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
CollectionResource-allOf[1]
object
-
count(optional):
integer(int32)
Total number of resources in the response.
-
hasMore(optional):
boolean
Collection has more elements that match the request. Indicates whether there are more items to be returned when a paged request is made and the page was not big enough to return all elements.
-
limit(optional):
integer(int32)
Actual response size limit used. If the request specifies too large a limit, or does not specify a limit then the response will specify the limit used.
-
offset(optional):
integer(int64)
Actual response offset used. If the request specifies no offset then the actual offset is provided in the response.
-
totalResults(optional):
integer(int64)
Total number of resources that match the request. If provided, this is the total number of available items. If not specified the total is not known, or is not viable to return. Paging limits or offsets are ignored when calculating this value. Only returned if the
totalResults
parameter is supported and is set totrue
by the client.
object
-
displayName(optional):
string
Display name for the user, client application or group.
Introduced in release 19.3.1. -
group(optional):
group
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.1. -
groupType(optional):
string
If the member is a group, then the type of group is specified. If the member is a user this field is not present.
Valid values are:
-
oce
- Content management group -
idp
- identity provider group
-
-
id:
string
Identifier for the user, client application or group member.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.1. -
isExternalUser(optional):
boolean
Will be set to true if the associated user or client application has only the external user role.
Introduced in release 21.10.2. -
name:
string
Unique name for the user, client application or group. If the member is a user the name is the user name. If the member is a group the name is the group name.
Introduced in release 19.3.1. -
type:
string
Indicates the member is a user, client application or group.
Valid values are:
-
user
- Member is a user or a client application. No distinction is made between a member that is a user or a
-
group
- Member is a group
-
-
user(optional):
user
User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.1.
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.1.User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.1.A group is a collection of users and groups. A group has a human readable group name.
Introduced in release 19.3.1.-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Group-allOf[1]
object
-
displayName(optional):
string
Human-readable name for the group.
Introduced in release 19.3.1. -
groupName(optional):
string
Group name that is unique within the service instance.
Introduced in release 19.3.1. -
id(optional):
string
Unique identifer for the group.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.1. -
roles(optional):
array roles
Roles.
Valid values are:
-
CECServiceAdministrator
- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator
- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator
- Repository Administrator -
CECDeveloperUser
- Developer User -
CECContentAdministrator
- Content Administrator
- Create new content types and publish items
-
CECStandardUser
- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser
- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser
- External User
-
CECIntegrationUser
- Integration User
-
CECSitesVisitor
- Sites Visitor
-
-
type(optional):
string
Type of the group.
Valid values are:
-
oce
- Content management group -
idp
- identity provider group
-
array
Roles.
Valid values are:
-
CECServiceAdministrator
- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator
- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator
- Repository Administrator -
CECDeveloperUser
- Developer User -
CECContentAdministrator
- Content Administrator
- Create new content types and publish items
-
CECStandardUser
- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser
- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser
- External User
-
CECIntegrationUser
- Integration User
-
CECSitesVisitor
- Sites Visitor
type
Identity representing a user or client application. The identity contains the common information such as the identity identifier, unique name and display name.
Introduced in release 20.3.1.-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Identity-allOf[1]
object
-
displayName(optional):
string
Human-readable display name.
Introduced in release 20.3.1. -
id(optional):
string
An identifier value allocated by CEC for the user or client application. The identifier is unique within the scope of the service.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 20.3.1. -
name(optional):
string
Unique name, such as the user name or client application name.
Introduced in release 20.3.1. -
roles(optional):
array roles
Roles.
Valid values are:
-
CECServiceAdministrator
- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator
- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator
- Repository Administrator -
CECDeveloperUser
- Developer User -
CECContentAdministrator
- Content Administrator
- Create new content types and publish items
-
CECStandardUser
- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser
- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser
- External User
-
CECIntegrationUser
- Integration User
-
CECSitesVisitor
- Sites Visitor
-
-
type(optional):
string
Type of Identity. Valid values are:
Introduced in release 20.3.1.user
,service
,application
,unknown
.
array
Roles.
Valid values are:
-
CECServiceAdministrator
- Service Administrator
- Assign user enumerates
- Change user passwords and challenge questions
- Configure, monitor, and manage service instances
-
CECSitesAdministrator
- Sites Administrator
- Create sites, templates, themes or components
-
CECRepositoryAdministrator
- Repository Administrator -
CECDeveloperUser
- Developer User -
CECContentAdministrator
- Content Administrator
- Create new content types and publish items
-
CECStandardUser
- Standard User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- View and interact with content items in sites
- Manage and view custom properties and edit values
-
CECEnterpriseUser
- Enterprise User
- Manage content (view, upload, and edit documents)
- Share content and sites with others
- Use conversations to collaborate (discuss topics, direct message someone, assign flags to someone, add annotations to documents)
- Follow people
- Digital Assets
- Content Items (editorial content management)
- Create, manage, view, and interact with content items
- Collections
- Create, edit, and publish sites
- Manage and publish site themes
- Create, register, export, and import custom site components
- Create, edit, export, and import site templates
- Manage and view custom properties and edit values
-
CECExternalUser
- External User
-
CECIntegrationUser
- Integration User
-
CECSitesVisitor
- Sites Visitor
array
Collection of Policy Approvers Member elements.
Introduced in release 19.3.3.object
-
displayName(optional):
string
Display name for the user, client application or group.
Introduced in release 19.3.3. -
group(optional):
group
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3. -
groupType(optional):
string
If the member is a group, then the type of group is specified. If the member is a user this field is not present.
Valid values are:
-
oce
- Content management group -
idp
- identity provider group
-
-
id:
string
Identifier for the user, client application or group member.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
Introduced in release 19.3.3. -
isExternalUser(optional):
boolean
Will be set to true if the associated user or client application has only the external user role.
Introduced in release 21.10.2. -
name:
string
Unique name for the user, client application or group. If the member is a user the name is the user name. If the member is a group the name is the group name.
Introduced in release 19.3.3. -
type:
string
Indicates the member is a user, client application or group.
Valid values are:
-
user
- Member is a user or a client application. No distinction is made between a member that is a user or a
-
group
- Member is a group
-
-
user(optional):
user
User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.
Group details of the member. Only available if the member has a type of group.
Introduced in release 19.3.3.User or client application details of the member. Only available if the member has a type of user. A member can be a user, client application or group. The details of both users and client applications can be read.
Introduced in release 19.3.3.object
Site expiration is expressed as a unit of time and and an amount. For example, expire a site two months after the site is created.
Introduced in release 19.4.1.-
amount(optional):
integer(int32)
Amount of time used to measure site expiration.
Introduced in release 19.4.1. -
unit(optional):
string
Unit of time used to measure site expiration.
Valid values are:
-
months
- Expiration expressed in the number of months -
years
- Expiration expressed in the number of years
-
Repositories are a storage location for files, both text and images. Repository administrators can create a repository with channel policies and localization policies designated for the repository. Multiple repositories can be created to handle different marketing needs.
A repository can be used to manage all the assets you need in one place. For example, perhaps your company sells computer equipment. One repository could be set up to handle the files related to desktop computers. Another repository could be used for tablets. Each repository might contain photos, graphics, and content about the different kinds of computers. The assets in each repository are controlled by the policies you allocate to the repository.
-
object
SingularResource
All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.
-
object
Repository-allOf[1]
object
-
autoTagEnabled(optional):
boolean
Whether auto tagging is enabled for the repository.
-
channels(optional):
array channels
Channels associated with the repository.
-
contentTypes(optional):
array contentTypes
Content types associated with the repository.
-
createdBy(optional):
string
User that created the repository.
-
createdDate(optional):
createdDate
Date and time the repository was created.
-
defaultLanguage(optional):
string
Default language of the repository.
-
description(optional):
string
Human-readable description of the repository to give consumers an idea of what content this repository contains.
-
id(optional):
string
Unique identifier for the repository.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
languageOptions(optional):
array languageOptions
Language options for the repository.
-
name(optional):
string
Short human-readable name to identify the repository.
-
roleName(optional):
string
The role the authenticated user has within the repository.
Valid values are:
-
owner
- Owner of the resource -
custom
- Custom role -
manager
- Manager role -
contributor
- Contributor role -
downloader
- Downloader role -
viewer
- Viewer role
-
-
updatedBy(optional):
string
User that last updated the repository. If the repository has not been updated the updated by will be the user that created the repository.
-
updatedDate(optional):
updatedDate
Date and time the repository was last updated.
Date and time the repository was created.
-
object
DateTimeZone
Date, time and time zone.
Date and time the repository was last updated.
-
object
DateTimeZone
Date, time and time zone.
object
Channel identifier.
-
id(optional):
string
Unique identifier for the repository.
No assumptions should be made about the content of the field; the field should be treated as an opaque value.
-
name(optional):
string
Short unique human-readable name to identify the channel.
object
Content type identifier.
-
name(optional):
string
Content type name.
object
Date, time and time zone.
-
description(optional):
string
Description of the date, time and time zone information.
-
timezone(optional):
string
Timezone in Olson database format.
-
value(optional):
string(date-time)
Date in ISO 8601 format. Date and time values are in ISO 8601
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
format using a UTC timezone.
object
The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.
-
appliesTo(optional):
string
Define which types of users may access a site. Can include all users or be restricted to named users only.
Valid values are:
-
named
- Only named users within a specified level can access -
all
- All users within a specified level can access
-
-
level(optional):
string
Maximum open security level that can be set on a site.
Valid values are:
-
service
- Only service users -
cloud
- Only cloud users who can sign in to your domain -
everyone
- Anyone without signing in
-
{
"id":"721af08b-32db-4eee-b6af-0c38d3ba4681",
"status":"inactive",
"approvalType":"automatic",
"accessType":"everyone",
"security":{
"level":"service",
"appliesTo":"named"
},
"localizationPolicyAllowed":false,
"sitePrefixAllowed":false,
"expiration":{
"amount":"2",
"unit":"months"
},
"revision":"0"
}
400 Response
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
UnsupportedPolicyFieldExceptionDetail-allOf[1]
object
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
title
ordetail
. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCode
for this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object
-
field(optional):
string
Field name that is incompatible with the type of site.
array
Multiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Unsupported Policy Field",
"status":"400",
"detail":"Field '{field}' should not be provided for this policy.",
"o:errorCode":"OCE-SITEMGMT-009036",
"field":"repository"
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Security Scope",
"status":"400",
"detail":"Site security scope '{specifiedScope}' is not valid with a site security level of '{level}'. Use a security scope of '{requiredScope}'.",
"o:errorCode":"OCE-SITEMGMT-009018",
"level":"service",
"specifiedScope":"named",
"requiredScope":"all"
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Repository",
"status":"400",
"detail":"Repository does not exist or has been deleted, or the authenticated user or client application does not have access to the repository.",
"o:errorCode":"OCE-CAAS-001006",
"repository":{
"id":"F81629473A3DB8B2A28669F19E68209BBAD3340745B0"
}
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Site Expiration",
"status":"400",
"detail":"Site expiration must be set to between '{minimum.amount} {minimum.unit}' and '{maximum.amount} {maximum.unit}'.",
"o:errorCode":"OCE-SITEMGMT-009067",
"minimum":{
"amount":"2",
"unit":"months"
},
"maximum":{
"amount":"2",
"unit":"months"
}
}
401 Response
403 Response
404 Response
-
Cache-Control: string
Directives for caching mechanisms.
-
Content-Length: string
Size of the response body.
-
Content-Type: string
Content type of the response.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
TemplateNotFoundExceptionDetail-allOf[1]
object
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
title
ordetail
. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCode
for this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object
-
template(optional):
string
Template that does not exist or is not visible to the authenticated user.
array
Multiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Template Not Found",
"status":"404",
"detail":"Template does not exist or has been deleted, or the authenticated user or client application does not have access to the template.",
"o:errorCode":"OCE-SITEMGMT-009000",
"template":{
"id":"F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6"
}
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Relationship Not Found",
"status":"404",
"detail":"Relationship resource not found. There is a relationship to a resource, but the resource at the end of the relationship does not exist, or the authenticated identity cannot see the resource.",
"o:errorCode":"PAAS-005027"
}
406 Response
409 Response
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
TemplatePolicyAlreadyExistsExceptionDetail-allOf[1]
object
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
title
ordetail
. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCode
for this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object
-
policy(optional):
string
Policy associated with the template.
array
Multiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Template Policy Already Exists",
"status":"409",
"detail":"A policy has already been associated with this template.",
"o:errorCode":"OCE-SITEMGMT-009006",
"policy":{
"id":"721af08b-32db-4eee-b6af-0c38d3ba4681"
}
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Template Deleted",
"status":"409",
"detail":"The operation cannot be performed as the template has been soft deleted.",
"o:errorCode":"OCE-SITEMGMT-009061",
"template":{
"id":"F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6"
}
}
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Missing Template Localization Policy",
"status":"409",
"detail":"The template does not have a localization policy, or the localization policy associated with the template has been deleted.",
"o:errorCode":"OCE-SITEMGMT-009030",
"template":{
"id":"F30F08EB205D44AD20B5A48D1B1B3DD7D74F45978AB6"
}
}