Identity & Access Management

Table of Contents:

Main Interface

Realms

This module provides a Python interface for operations on Realms. It is part of the Identity & Access Management API of Blue Brain Nexus v1. https://bluebrain.github.io/nexus/docs/api/iam/iam-realms-api.html

nexussdk.realms.create(subpath: str, name: str, openid_config: str, logo: str = None) → Dict

Create a realm.

Parameters

  • subpath – Subpath of the realm.

  • name – Name of the realm.

  • openid_config – URL of the OpenID configuration.

  • logo – (optional) URL of a logo.

Returns

The Nexus metadata of the created realm.

nexussdk.realms.fetch(subpath: str, rev: int = None) → Dict

Fetch a realm.

Parameters

  • subpath – Subpath of the realm.

  • rev – (optional) Revision number of the realm.

Returns

The Nexus payload of the fetched realm.

nexussdk.realms.list() → Dict

List realms.

Returns

A Nexus results list with the Nexus payloads of the realms.

nexussdk.realms.replace(subpath: str, name: str, openid_config: str, rev: int, logo: str = None) → Dict

Replace a realm.

Parameters

  • subpath – Subpath of the realm.

  • name – Name of the realm.

  • openid_config – Updated URL of the OpenID configuration.

  • rev – Last revision of the realm.

  • logo – (optional) Updated URL of a logo.

Returns

The Nexus metadata of the realm.

nexussdk.realms.deprecate(subpath: str, rev: int) → Dict

Deprecate a realm.

Parameters

  • subpath – Subpath of the realm.

  • rev – Last revision of the realm.

Returns

The Nexus metadata of the deprecated realm.

Permissions

This module provides a Python interface for operations on Permissions. It is part of the Identity & Access Management API of Blue Brain Nexus v1. https://bluebrain.github.io/nexus/docs/api/iam/iam-permissions-api.html

nexussdk.permissions.fetch(rev: int = None) → Dict

Fetch the permissions.

Parameters

rev – (optional) Revision number of the permissions.

Returns

A Nexus payload with the permissions.

nexussdk.permissions.replace(permissions: List[str], rev: int) → Dict

Replace the user-defined permissions.

Parameters

  • permissions – List of user-defined permissions.

  • rev – Last revision of the permissions.

Returns

The Nexus metadata of the permissions.

nexussdk.permissions.append(permissions: List[str], rev: int) → Dict

Append user-defined permissions.

Parameters

  • permissions – List of user-defined permissions.

  • rev – Last revision of the permissions.

Returns

The Nexus metadata of the permissions.

nexussdk.permissions.subtract(permissions: List[str], rev: int) → Dict

Subtract user-defined permissions.

Parameters

  • permissions – List of user-defined permissions.

  • rev – Last revision of the permissions.

Returns

The Nexus metadata of the permissions.

nexussdk.permissions.delete(rev: int) → Dict

Delete user-defined permissions.

Parameters

rev – Last revision of the permissions.

Returns

The Nexus metadata of the permissions.

Identities

This module provides a Python interface for operations on Identities. It is part of the Identity & Access Management API of Blue Brain Nexus v1. https://bluebrain.github.io/nexus/docs/api/iam/iam-identities.html

nexussdk.identities.fetch() → Dict

Fetch the identities.

Returns

A list with the Nexus payloads of the identities.

Access Control Lists

This module provides a Python interface for operations on Access Control Lists. It is part of the Identity & Access Management API of Blue Brain Nexus v1. https://bluebrain.github.io/nexus/docs/api/iam/iam-acls-api.html

nexussdk.acls.fetch(subpath: str, rev: int = None, self: bool = True) → Dict

Fetch the ACLs on a subpath.

Parameters

  • subpath – Subpath on which fetching the ACLs.

  • rev – (optional) Revision number of the ACLs.

  • self – (optional) If ‘True’, only the ACLs containing the identities found in the authentication token are returned. If ‘False’, all the ACLs on the current subpath are returned.

Returns

A Nexus results list with the Nexus payloads of the ACLs.

nexussdk.acls.list(subpath: str, ancestors: bool = False, self: bool = True) → Dict

List ACLs on a subpath.

Parameters

  • subpath – Subpath on which listing the ACLs.

  • ancestors – (optional) If ‘True’, the ACLs on the parent path of the subpath are returned. If ‘False’, only the ACLs on the current subpath are returned.

  • self – (optional) If ‘True’, only the ACLs containing the identities found in the authentication token are returned. If ‘False’, all the ACLs on the current subpath are returned.

Returns

A Nexus results list with the Nexus payloads of the ACLs.

nexussdk.acls.replace(subpath: str, permissions: List[List[str]], identities: List[Dict], rev: int) → Dict

Replace ACLs on a subpath.

permissions and identities have the same order.

Parameters

  • subpath – Subpath on which replacing the ACLs.

  • permissions – List of list of permissions.

  • identities – List of identities for which to replace permissions.

  • rev – Last revision of the ACLs.

Returns

The Nexus metadata of the ACLs.

nexussdk.acls.append(subpath: str, permissions: List[List[str]], identities: List[Dict], rev: int) → Dict

Append ACLs on a subpath.

permissions and identities have the same order.

Parameters

  • subpath – Subpath on which appending ACLs.

  • permissions – List of list of permissions.

  • identities – List of identities for which to append the permissions.

  • rev – Last revision of the ACLs.

Returns

The Nexus metadata of the ACLs.

nexussdk.acls.subtract(subpath: str, permissions: List[List[str]], identities: List[Dict], rev: int) → Dict

Subtract ACLs on a subpath.

permissions` and identities have the same order.

Parameters

  • subpath – Subpath on which subtracting ACLs.

  • permissions – List of list of permissions.

  • identities – List of identities for which to remove the permissions.

  • rev – Last revision of the ACLs.

Returns

The Nexus metadata of the ACLs.

nexussdk.acls.delete(subpath: str, rev: int) → Dict

Delete ACLs on a subpath.

Parameters

  • subpath – Subpath on which deleting ACLs.

  • rev – Last revision of the ACLs.

Returns

The Nexus metadata of the ACLs.

Lower-Level Interface

Realms

This module provides a Python interface for operations on Realms. It is part of the Identity & Access Management API of Blue Brain Nexus v1. https://bluebrain.github.io/nexus/docs/api/iam/iam-realms-api.html

nexussdk.realms.create_(path: str, payload: Dict) → Dict

Create a realm (full path version).

Parameters

  • path – Full path of the realm.

  • payload – Payload of the realm.

Returns

The Nexus metadata of the created realm.

nexussdk.realms.fetch_(path: str, rev: int = None) → Dict

Fetch a realm (full path version).

Parameters

  • path – Full path of the realm.

  • rev – (optional) Revision number of the realm.

Returns

The Nexus payload of the fetched realm.

nexussdk.realms.list_(endpoint: str) → Dict

List realms (full path version).

Parameters

endpoint – Endpoint for realms.

Returns

A Nexus results list with the Nexus payloads of the realms.

nexussdk.realms.replace_(path: str, payload: Dict, rev: int) → Dict

Replace a realm (full path version).

Parameters

  • path – Full path of the realm.

  • payload – Updated payload of the realm.

  • rev – Last revision of the realm.

Returns

The Nexus metadata of the realm.

nexussdk.realms.deprecate_(path: str, rev: int) → Dict

Deprecate a realm (full path version).

Parameters

  • path – Full path of the realm.

  • rev – Last revision of the realm.

Returns

The Nexus metadata of the deprecated realm.

Permissions

This module provides a Python interface for operations on Permissions. It is part of the Identity & Access Management API of Blue Brain Nexus v1. https://bluebrain.github.io/nexus/docs/api/iam/iam-permissions-api.html

nexussdk.permissions.fetch_(endpoint: str, rev: int = None) → Dict

Fetch the permissions (full path version).

Parameters

  • endpoint – Endpoint for permissions.

  • rev – (optional) Revision number of the permissions.

Returns

A Nexus payload with the permissions.

nexussdk.permissions.replace_(endpoint: str, payload: Dict, rev: int) → Dict

Replace the user-defined permissions (full path version).

Parameters

  • endpoint – Endpoint for permissions.

  • payload – Payload of user-defined permissions.

  • rev – Last revision of the permissions.

Returns

The Nexus metadata of the permissions.

nexussdk.permissions.append_(endpoint: str, payload: Dict, rev: int) → Dict

Append user-defined permissions (full path version).

Parameters

  • endpoint – Endpoint for permissions.

  • payload – Payload of user-defined permissions to append.

  • rev – Last revision of the permissions.

Returns

The Nexus metadata of the permissions.

nexussdk.permissions.subtract_(endpoint: str, payload: Dict, rev: int) → Dict

Subtract user-defined permissions (full path version).

Parameters

  • endpoint – Endpoint for permissions.

  • payload – Payload of user-defined permissions to subtract.

  • rev – Last revision of the permissions.

Returns

The Nexus metadata of the permissions.

nexussdk.permissions.delete_(endpoint: str, rev: int) → Dict

Delete user-defined permissions (full path version).

Parameters

  • endpoint – Endpoint for permissions.

  • rev – Last revision of the permissions.

Returns

The Nexus metadata of the permissions.

Identities

This module provides a Python interface for operations on Identities. It is part of the Identity & Access Management API of Blue Brain Nexus v1. https://bluebrain.github.io/nexus/docs/api/iam/iam-identities.html

nexussdk.identities.fetch_(endpoint: str) → Dict

Fetch the identities (full path version).

Returns

A list with the Nexus payloads of the identities.

Access Control Lists

This module provides a Python interface for operations on Access Control Lists. It is part of the Identity & Access Management API of Blue Brain Nexus v1. https://bluebrain.github.io/nexus/docs/api/iam/iam-acls-api.html

nexussdk.acls.fetch_(path: str, rev: int = None, self: bool = True) → Dict

Fetch the ACLs on a full path.

Parameters

  • path – Full path on which fetching the ACLs.

  • rev – (optional) Revision number of the ACLs.

  • self – (optional) If ‘True’, only the ACLs containing the identities found in the authentication token are returned. If ‘False’, all the ACLs on the current subpath are returned.

Returns

A Nexus results list with the Nexus payloads of the ACLs.

nexussdk.acls.list_(path: str, ancestors: bool = False, self: bool = True) → Dict

List ACLs on a full path.

Parameters

  • path – Full path on which listing the ACLs.

  • ancestors – (optional) If ‘True’, the ACLs on the parent path of the subpath are returned. If ‘False’, only the ACLs on the current subpath are returned.

  • self – (optional) If ‘True’, only the ACLs containing the identities found in the authentication token are returned. If ‘False’, all the ACLs on the current subpath are returned.

Returns

A Nexus results list with the Nexus payloads of the ACLs.

nexussdk.acls.replace_(path: str, payload: Dict, rev: int) → Dict

Replace ACLs on a full path.

Parameters

  • path – Full path on which replacing the ACLs.

  • payload – Payload of the ACLs.

  • rev – Last revision of the ACLs.

Returns

The Nexus metadata of the ACLs.

nexussdk.acls.append_(path: str, payload: Dict, rev: int) → Dict

Append ACLs on a full path.

Parameters

  • path – Full path on which appending ACLs.

  • payload – Payload of the ACLs to append.

  • rev – Last revision of the ACLs.

Returns

The Nexus metadata of the ACLs.

nexussdk.acls.subtract_(path: str, payload: Dict, rev: int) → Dict

Subtract ACLs on a full path.

Parameters

  • path – Full path on which subtracting ACLs.

  • payload – Payload of the ACLs to subtract.

  • rev – Last revision of the ACLs.

Returns

The Nexus metadata of the ACLs.

nexussdk.acls.delete_(path: str, rev: int) → Dict

Delete ACLs on a full path.

Parameters

  • path – Full path on which deleting ACLs.

  • rev – Last revision of the ACLs.

Returns

The Nexus metadata of the ACLs.