Get a list of resources authorized by a subject
This document is automatically generated based on https://github.com/authing/authing-docs-factory based on https://api-explorer.genauth.ai V3 API, and is consistent with API parameters and return results. If the description of this document is incorrect, please refer to V3 API.
Get a list of resources authorized by a subject based on the filtering conditions.
Method name
ManagementClient.getAuthorizedResources
Request parameters
| Name | Type | Is it required? | Default value | Description | Sample value |
|---|---|---|---|---|---|
| targetType | string | yes | - | Target object type: - USER: User- ROLE: Role- GROUP: Group- DEPARTMENT: Department | USER |
| targetIdentifier | string | yes | - | Target object unique identifier: - If it is a user, it is the user's ID, such as 6343b98b7cfxxx9366e9b7c- If it is a role, it is the role code, such as admin- If it is a group, it is the group code, such as developer- If it is a department, it is the department ID, such as 6343bafc019xxxx889206c4c | userId1 |
| namespace | string | No | - | The code of the permission group (permission space). Do not pass to obtain the default permission group. | default |
| resourceType | string | No | - | Limit resource types, such as data, API, button, menu | DATA |
| resourceList | string[] | No | - | Limit the query resource list. If specified, only the specified resource list will be returned. The resourceList parameter supports prefix matching, for example: - If a resource is authorized as books:123, it can be matched by books:*;- If a resource is authorized as books:fictions_123, it can be matched by books:fictions_;Array length limit: 50. | |
| withDenied | boolean | No | - | Whether to obtain denied resources |
Sample code
ts
import { ManagementClient, Models } from "authing-node-sdk";
// Initialize ManagementClient
const managementClient = new ManagementClient({
// Need to be replaced with your GenAuth Access Key ID
accessKeyId: "GEN_AUTH_ACCESS_KEY_ID",
// Need to be replaced with your GenAuth Access Key Secret
accessKeySecret: "GEN_AUTH_ACCESS_KEY_SECRET",
// If it is a privately deployed customer, you need to set the GenAuth service domain name
// host: 'https://api.your-authing-service.com'
});
(async () => {
const result = await managementClient.getAuthorizedResources({
targetType: "USER",
targetIdentifier: "userId1",
namespace: "default",
resourceType: "DATA",
withDenied: false,
});
console.log(JSON.stringify(result, null, 2));
})();Request response
Type: AuthorizedResourcePaginatedRespDto
| Name | Type | Description |
|---|---|---|
| statusCode | number | Business status code, which can be used to determine whether the operation is successful. 200 means success. |
| message | string | Description |
| apiCode | number | Segmented error code, which can be used to get the specific error type (successful requests are not returned). For a detailed list of error codes, see: API Code List |
| requestId | string | Request ID. Returned when the request fails. |
| data | <a AuthorizedResourcePagingDto | Response data |
Sample result:
json
{
"statusCode": 200,
"message": "Operation successful",
"requestId": "934108e5-9fbf-4d24-8da1-c330328abd6c",
"data": {
"list": {
"resourceCode": "ecs:1",
"description": "Server",
"condition": {
"param": "AppId",
"operator": "StringEquals",
"value": "1"
},
"resourceType": "API",
"apiIdentifier": "/api/v1/example",
"actions": "[\"ecs:Start\",\"ecs:Stop\"]",
"effect": "ALLOW"
}
}
}Data structure
AuthorizedResourcePagingDto
| Name | Type | Is it required? | Description | Sample value |
|---|---|---|---|---|
| totalCount | number | Yes | Total number of records | |
| list | array | Yes | Response data Nested type: <a AuthorizedResourceDto. |
AuthorizedResourceDto
| Name | Type | Required | Description | Sample value |
|---|---|---|---|---|
| resourceCode | string | Yes | Resource descriptor | ecs:1 |
| description | string | No | Resource description information | Server |
| condition | array | No | Policy Condition Nested type: <a PolicyCondition. | |
| resourceType | string | yes | Resource type | DATA |
| apiIdentifier | string | yes | API URL | /api/v1/example |
| actions | array | yes | List of authorized actions | ["ecs:Start","ecs:Stop"] |
| effect | string | yes | Allow or deny | ALLOW |
PolicyCondition
| Name | Type | Is it required | Description | Example value |
|---|---|---|---|---|
| param | string | yes | Condition Param | UserPoolId |
| operator | string | yes | Condition Operator | Bool |
| value | string | yes | Condition Value | 1 |