Jump to

• Request
• Response
• Examples

Gets all rules in a policy

get

/oaa-policy/policy/v1/{policygid}/rule

Request

Path Parameters

• policygid(required): string
  Identifier of the policy

There's no request body for this operation.

Back to Top

Response

Supported Media Types

• application/xml
• application/json

201 Response

Policy rule is created

Body ()

Root Schema : AllRuleResponse

Type: object

Show Source

• message: string
  Message related to the status of the request.
• policygid: string
  Global id of policy for which the request is sent.
• rules: array rules
  All rules that belongs to the given policy.
• status: string
  Status of the request

{
    "type":"object",
    "properties":{
        "status":{
            "type":"string",
            "description":"Status of the request"
        },
        "message":{
            "type":"string",
            "description":"Message related to the status of the request."
        },
        "policygid":{
            "type":"string",
            "description":"Global id of policy for which the request is sent."
        },
        "rules":{
            "type":"array",
            "items":{
                "$ref":"#/components/schemas/Rule"
            },
            "description":"All rules that belongs to the given policy."
        }
    }
}

Nested Schema : rules

Type: array

All rules that belongs to the given policy.

Show Source

• Array of: object schema
  Defines policy rule in the system

{
    "type":"array",
    "items":{
        "$ref":"#/components/schemas/Rule"
    },
    "description":"All rules that belongs to the given policy."
}

Nested Schema : schema

Type: object

Defines policy rule in the system

Show Source

• conditionMap: array conditionMap
  Map of key value pair for reconstruction of UI rule. Required elements for the OAA rules are entityRefId, operation, values (Array of String), expression, mode, isgroup.
• conditions: array conditions
  Array of conditions to be evaluated when the rule will be executed. All the condition must be true to return the action associated with the rule.
• name(required): string
  Name of the rule.
• note: string
  Note (if any) for the rule
• policygid(required): string
  Global id of the policy. Policy id may not be required when rule definition is part of policy definition result
• results(required): object RuleAction
  Action to be returned when the rule is evaluated true.
• rulegid: string
  Global unique identifier of the rule.
• status: string
  Active or Disabled
• transactiongid: string
  Unique id of the transaction to be used for the rule evaluation which is then checked using filter conditions

{
    "type":"object",
    "description":"Defines policy rule in the system",
    "required":[
        "name",
        "policygid",
        "results"
    ],
    "properties":{
        "name":{
            "type":"string",
            "description":"Name of the rule."
        },
        "rulegid":{
            "type":"string",
            "description":"Global unique identifier of the rule."
        },
        "policygid":{
            "type":"string",
            "description":"Global id of the policy. Policy id may not be required when rule definition is part of policy definition result"
        },
        "status":{
            "type":"string",
            "description":"Active or Disabled"
        },
        "note":{
            "type":"string",
            "description":"Note (if any)  for the rule"
        },
        "transactiongid":{
            "type":"string",
            "description":"Unique id of the transaction to be used for the rule evaluation which is then checked using filter conditions"
        },
        "conditions":{
            "type":"array",
            "description":"Array of conditions to be evaluated when the rule will be executed. All the condition must be true to return the action associated with the rule.",
            "items":{
                "$ref":"#/components/schemas/Condition"
            }
        },
        "conditionMap":{
            "type":"array",
            "description":"Map of key value pair for reconstruction of UI rule. Required elements for the OAA rules are entityRefId, operation, values (Array of String), expression, mode, isgroup.",
            "items":{
                "$ref":"#/components/schemas/ConditionMap"
            }
        },
        "results":{
            "$ref":"#/components/schemas/RuleAction",
            "description":"Rule result is returned when rule is evaluated true. Must be present while defining the rule."
        }
    }
}

Nested Schema : conditionMap

Type: array

Map of key value pair for reconstruction of UI rule. Required elements for the OAA rules are entityRefId, operation, values (Array of String), expression, mode, isgroup.

Show Source

• Array of: object ConditionMap
  Map of key-value pair which is used to reconstruct the rule or any additional parameters that are required by the rule can be passed in the map

{
    "type":"array",
    "description":"Map of key value pair for reconstruction of UI rule. Required elements for the OAA rules are entityRefId, operation, values (Array of String), expression, mode, isgroup.",
    "items":{
        "$ref":"#/components/schemas/ConditionMap"
    }
}

Nested Schema : conditions

Type: array

Array of conditions to be evaluated when the rule will be executed. All the condition must be true to return the action associated with the rule.

Show Source

• Array of: object Condition
  Conditions to be evaluated. If no parameter is provided then all the conditions will be evaluated with the default values.

{
    "type":"array",
    "description":"Array of conditions to be evaluated when the rule will be executed. All the condition must be true to return the action associated with the rule.",
    "items":{
        "$ref":"#/components/schemas/Condition"
    }
}

Nested Schema : RuleAction

Type: object

Action to be returned when the rule is evaluated true.

Show Source

• action: string
  Action group name
• alert: string
  Alert group name
• score: integer
  Score returned by the rule
• weight: integer
  Weight if the score if there are multiple rules in the context.

{
    "type":"object",
    "description":"Action to be returned when the rule is evaluated true.",
    "properties":{
        "action":{
            "type":"string",
            "description":"Action group name"
        },
        "alert":{
            "type":"string",
            "description":"Alert group name"
        },
        "score":{
            "type":"integer",
            "description":"Score returned by the rule"
        },
        "weight":{
            "type":"integer",
            "description":"Weight if the score if there are multiple rules in the context."
        }
    }
}

Nested Schema : ConditionMap

Type: object

Map of key-value pair which is used to reconstruct the rule or any additional parameters that are required by the rule can be passed in the map

Show Source

• key: string
• value: object value
  The value can be a json object or a simple string.

{
    "type":"object",
    "description":"Map of key-value pair which is used to reconstruct the rule or any additional parameters that are required by the rule can be passed in the map",
    "properties":{
        "key":{
            "type":"string"
        },
        "value":{
            "type":"object",
            "description":"The value can be a json object or a simple string."
        }
    }
}

Nested Schema : value

Type: object

The value can be a json object or a simple string.

Nested Schema : Condition

Type: object

Conditions to be evaluated. If no parameter is provided then all the conditions will be evaluated with the default values.

Show Source

• conditionId: string
  The global identifier of the condition which can be used to update the condition inside a rule.
• conditionKey(required): string
  Unique key of the condition. May be repeated for multiple conditions of same type.
• parameters: array parameters
  List of all the overriding parameters.
• remove: boolean
  Remove the condition from the rule. It is optional.

{
    "type":"object",
    "description":"Conditions to be evaluated. If no parameter is provided then all the conditions will be evaluated with the default values.",
    "required":[
        "conditionKey"
    ],
    "properties":{
        "conditionKey":{
            "type":"string",
            "description":"Unique key of the condition. May be repeated for multiple conditions of same type."
        },
        "conditionId":{
            "type":"string",
            "description":"The global identifier of the condition which can be used to update the condition inside a rule."
        },
        "parameters":{
            "type":"array",
            "items":{
                "$ref":"#/components/schemas/ConditionParameter"
            },
            "description":"List of all the overriding parameters."
        },
        "remove":{
            "type":"boolean",
            "description":"Remove the condition from the rule. It is optional."
        }
    }
}

Nested Schema : parameters

Type: array

List of all the overriding parameters.

Show Source

• Array of: object ConditionParameter
  Parameter of a condition that is required when the condition is evaluated.

{
    "type":"array",
    "items":{
        "$ref":"#/components/schemas/ConditionParameter"
    },
    "description":"List of all the overriding parameters."
}

Nested Schema : ConditionParameter

Type: object

Parameter of a condition that is required when the condition is evaluated.

Show Source

• operations: string
  Operation performed on the key. The operation may not be required
• paramname: string
  Key to be used for the operation
• scope: string
  Filter condition. One of Value or Current. The scope is not required.
• value: string
  Value to be matched based on the scope.

{
    "type":"object",
    "description":"Parameter of a condition that is required when the condition is evaluated.",
    "properties":{
        "paramname":{
            "type":"string",
            "description":"Key to be used for the operation"
        },
        "operations":{
            "type":"string",
            "description":"Operation performed on the key. The operation may not be required"
        },
        "scope":{
            "type":"string",
            "description":"Filter condition. One of Value or Current. The scope is not required."
        },
        "value":{
            "type":"string",
            "description":"Value to be matched based on the scope."
        }
    }
}

401 Response

Unauthorized

405 Response

Invalid input

Body ()

Root Schema : AllRuleResponse

Type: object

Show Source

• message: string
  Message related to the status of the request.
• policygid: string
  Global id of policy for which the request is sent.
• rules: array rules
  All rules that belongs to the given policy.
• status: string
  Status of the request

{
    "type":"object",
    "properties":{
        "status":{
            "type":"string",
            "description":"Status of the request"
        },
        "message":{
            "type":"string",
            "description":"Message related to the status of the request."
        },
        "policygid":{
            "type":"string",
            "description":"Global id of policy for which the request is sent."
        },
        "rules":{
            "type":"array",
            "items":{
                "$ref":"#/components/schemas/Rule"
            },
            "description":"All rules that belongs to the given policy."
        }
    }
}

Nested Schema : rules

Type: array

All rules that belongs to the given policy.

Show Source

• Array of: object schema
  Defines policy rule in the system

{
    "type":"array",
    "items":{
        "$ref":"#/components/schemas/Rule"
    },
    "description":"All rules that belongs to the given policy."
}

Nested Schema : schema

Type: object

Defines policy rule in the system

Show Source

• conditionMap: array conditionMap
  Map of key value pair for reconstruction of UI rule. Required elements for the OAA rules are entityRefId, operation, values (Array of String), expression, mode, isgroup.
• conditions: array conditions
  Array of conditions to be evaluated when the rule will be executed. All the condition must be true to return the action associated with the rule.
• name(required): string
  Name of the rule.
• note: string
  Note (if any) for the rule
• policygid(required): string
  Global id of the policy. Policy id may not be required when rule definition is part of policy definition result
• results(required): object RuleAction
  Action to be returned when the rule is evaluated true.
• rulegid: string
  Global unique identifier of the rule.
• status: string
  Active or Disabled
• transactiongid: string
  Unique id of the transaction to be used for the rule evaluation which is then checked using filter conditions

{
    "type":"object",
    "description":"Defines policy rule in the system",
    "required":[
        "name",
        "policygid",
        "results"
    ],
    "properties":{
        "name":{
            "type":"string",
            "description":"Name of the rule."
        },
        "rulegid":{
            "type":"string",
            "description":"Global unique identifier of the rule."
        },
        "policygid":{
            "type":"string",
            "description":"Global id of the policy. Policy id may not be required when rule definition is part of policy definition result"
        },
        "status":{
            "type":"string",
            "description":"Active or Disabled"
        },
        "note":{
            "type":"string",
            "description":"Note (if any)  for the rule"
        },
        "transactiongid":{
            "type":"string",
            "description":"Unique id of the transaction to be used for the rule evaluation which is then checked using filter conditions"
        },
        "conditions":{
            "type":"array",
            "description":"Array of conditions to be evaluated when the rule will be executed. All the condition must be true to return the action associated with the rule.",
            "items":{
                "$ref":"#/components/schemas/Condition"
            }
        },
        "conditionMap":{
            "type":"array",
            "description":"Map of key value pair for reconstruction of UI rule. Required elements for the OAA rules are entityRefId, operation, values (Array of String), expression, mode, isgroup.",
            "items":{
                "$ref":"#/components/schemas/ConditionMap"
            }
        },
        "results":{
            "$ref":"#/components/schemas/RuleAction",
            "description":"Rule result is returned when rule is evaluated true. Must be present while defining the rule."
        }
    }
}

Nested Schema : conditionMap

Type: array

Map of key value pair for reconstruction of UI rule. Required elements for the OAA rules are entityRefId, operation, values (Array of String), expression, mode, isgroup.

Show Source

• Array of: object ConditionMap
  Map of key-value pair which is used to reconstruct the rule or any additional parameters that are required by the rule can be passed in the map

{
    "type":"array",
    "description":"Map of key value pair for reconstruction of UI rule. Required elements for the OAA rules are entityRefId, operation, values (Array of String), expression, mode, isgroup.",
    "items":{
        "$ref":"#/components/schemas/ConditionMap"
    }
}

Nested Schema : conditions

Type: array

Array of conditions to be evaluated when the rule will be executed. All the condition must be true to return the action associated with the rule.

Show Source

• Array of: object Condition
  Conditions to be evaluated. If no parameter is provided then all the conditions will be evaluated with the default values.

{
    "type":"array",
    "description":"Array of conditions to be evaluated when the rule will be executed. All the condition must be true to return the action associated with the rule.",
    "items":{
        "$ref":"#/components/schemas/Condition"
    }
}

Nested Schema : RuleAction

Type: object

Action to be returned when the rule is evaluated true.

Show Source

• action: string
  Action group name
• alert: string
  Alert group name
• score: integer
  Score returned by the rule
• weight: integer
  Weight if the score if there are multiple rules in the context.

{
    "type":"object",
    "description":"Action to be returned when the rule is evaluated true.",
    "properties":{
        "action":{
            "type":"string",
            "description":"Action group name"
        },
        "alert":{
            "type":"string",
            "description":"Alert group name"
        },
        "score":{
            "type":"integer",
            "description":"Score returned by the rule"
        },
        "weight":{
            "type":"integer",
            "description":"Weight if the score if there are multiple rules in the context."
        }
    }
}

Nested Schema : ConditionMap

Type: object

Map of key-value pair which is used to reconstruct the rule or any additional parameters that are required by the rule can be passed in the map

Show Source

• key: string
• value: object value
  The value can be a json object or a simple string.

{
    "type":"object",
    "description":"Map of key-value pair which is used to reconstruct the rule or any additional parameters that are required by the rule can be passed in the map",
    "properties":{
        "key":{
            "type":"string"
        },
        "value":{
            "type":"object",
            "description":"The value can be a json object or a simple string."
        }
    }
}

Nested Schema : value

Type: object

The value can be a json object or a simple string.

Nested Schema : Condition

Type: object

Conditions to be evaluated. If no parameter is provided then all the conditions will be evaluated with the default values.

Show Source

• conditionId: string
  The global identifier of the condition which can be used to update the condition inside a rule.
• conditionKey(required): string
  Unique key of the condition. May be repeated for multiple conditions of same type.
• parameters: array parameters
  List of all the overriding parameters.
• remove: boolean
  Remove the condition from the rule. It is optional.

{
    "type":"object",
    "description":"Conditions to be evaluated. If no parameter is provided then all the conditions will be evaluated with the default values.",
    "required":[
        "conditionKey"
    ],
    "properties":{
        "conditionKey":{
            "type":"string",
            "description":"Unique key of the condition. May be repeated for multiple conditions of same type."
        },
        "conditionId":{
            "type":"string",
            "description":"The global identifier of the condition which can be used to update the condition inside a rule."
        },
        "parameters":{
            "type":"array",
            "items":{
                "$ref":"#/components/schemas/ConditionParameter"
            },
            "description":"List of all the overriding parameters."
        },
        "remove":{
            "type":"boolean",
            "description":"Remove the condition from the rule. It is optional."
        }
    }
}

Nested Schema : parameters

Type: array

List of all the overriding parameters.

Show Source

• Array of: object ConditionParameter
  Parameter of a condition that is required when the condition is evaluated.

{
    "type":"array",
    "items":{
        "$ref":"#/components/schemas/ConditionParameter"
    },
    "description":"List of all the overriding parameters."
}

Nested Schema : ConditionParameter

Type: object

Parameter of a condition that is required when the condition is evaluated.

Show Source

• operations: string
  Operation performed on the key. The operation may not be required
• paramname: string
  Key to be used for the operation
• scope: string
  Filter condition. One of Value or Current. The scope is not required.
• value: string
  Value to be matched based on the scope.

{
    "type":"object",
    "description":"Parameter of a condition that is required when the condition is evaluated.",
    "properties":{
        "paramname":{
            "type":"string",
            "description":"Key to be used for the operation"
        },
        "operations":{
            "type":"string",
            "description":"Operation performed on the key. The operation may not be required"
        },
        "scope":{
            "type":"string",
            "description":"Filter condition. One of Value or Current. The scope is not required."
        },
        "value":{
            "type":"string",
            "description":"Value to be matched based on the scope."
        }
    }
}

500 Response

Internal server error

503 Response

Service Unavailable

Back to Top

Examples

The following example shows a sample request and response for retrieving all policy rules that are associated with a given policy name.

cURL Command to Retrieve all Policy Rules for a Policy Name in JSON Format

curl --location --request GET '<PolicyUrl>/oaa-policy/policy/v1/141_73875f1eda644e4196248e5ecc824364c5a6c1954350a9927942c6d50c4ed171/rule' \
--header 'Authorization: Basic <Base64Encoded(<username>:<password>)>'

Sample Response in JSON Format

{
    "status": "200",
    "message": "Rules information.",
    "rules": [
        {
            "name": "Factor and IP Rule",
            "rulegid": "146_faef323e5ee26bac62d48a9bf9ded1da3f9655731566b0e3628ce86e21c9e46a",
            "policygid": "141_73875f1eda644e4196248e5ecc824364c5a6c1954350a9927942c6d50c4ed171",
            "status": "ACTIVE",
            "note": "Factor and IP Rule",
            "conditions": [
                {
                    "conditionKey": "always_on_user.condition0",
                    "conditionId": "145_5f7d4a93ac1ad362c70a43a9b64351cf6789b3a0c55b425145c374aca7628bc1",
                    "parameters": [
                        {
                            "paramname": "isTrue",
                            "value": "true"
                        }
                    ]
                }
            ],
            "conditionMap": [
                {
                    "key": "IpGroupCondition",
                    "value": {
                        "mode": "BASIC",
                        "expression": "context.ip.inGroup(113_91d0cc32aecf15d094e3953b17a7dd904a3fb71d2f4152934efb56caa898796b)",
                        "values": [
                            "113_91d0cc32aecf15d094e3953b17a7dd904a3fb71d2f4152934efb56caa898796b"
                        ],
                        "isgroup": true,
                        "attribute": "Context.IPAddress",
                        "operator": "In Group"
                    }
                }
            ],
            "results": {
                "action": "111_4141dd92a40fa2ff8d09153e62c658c67f3c7ac014ce89c0c103896230457718",
                "score": 300,
                "weight": 100
            }
        }
    ]
}

cURL Command to Retrieve all Policy Rules for a Policy Name in XML Format

curl --location --request GET '<PolicyUrl>/oaa-policy/policy/v1/141_73875f1eda644e4196248e5ecc824364c5a6c1954350a9927942c6d50c4ed171/rule' \
--header 'Content-Type: application/xml' \
--header 'Accept: application/xml' \
--header 'Authorization: Basic <Base64Encoded(<username>:<password>)>'

Sample Response in XML Format

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <AllRuleResponse>
     <status>200</status>
     <message>Rules information.</message>
     <rules>
         <name>Factor and IP Rule</name>
         <rulegid>146_faef323e5ee26bac62d48a9bf9ded1da3f9655731566b0e3628ce86e21c9e46a</rulegid>
         <policygid>141_73875f1eda644e4196248e5ecc824364c5a6c1954350a9927942c6d50c4ed171</policygid>
         <status>ACTIVE</status>
         <note>Factor and IP Rule</note>
         <conditions>
             <conditionKey>always_on_user.condition0</conditionKey>
             <conditionId>145_5f7d4a93ac1ad362c70a43a9b64351cf6789b3a0c55b425145c374aca7628bc1</conditionId>
             <parameters>
                 <paramname>isTrue</paramname>
                 <value>true</value>
             </parameters>
         </conditions>
         <conditionMap>
             <key>IpGroupCondition</key>
             <value>
                 <mode>BASIC</mode>
                 <expression>context.ip.inGroup(113_91d0cc32aecf15d094e3953b17a7dd904a3fb71d2f4152934efb56caa898796b)</expression>
                 <values>113_91d0cc32aecf15d094e3953b17a7dd904a3fb71d2f4152934efb56caa898796b</values>
                 <isgroup>true</isgroup>
                 <attribute>Context.IPAddress</attribute>
                 <operator>In Group</operator>
             </value>
         </conditionMap>
         <results>
             <action>111_4141dd92a40fa2ff8d09153e62c658c67f3c7ac014ce89c0c103896230457718</action>
             <score>300</score>
             <weight>100</weight>
         </results>
     </rules>
 </AllRuleResponse>

Back to Top