Modules§
- api_key
- api_
key_ not_ found - api_
key_ rid - authorization_
request - authorization_
service - claim
- create_
api_ key_ request - create_
api_ key_ response - get_
access_ token_ from_ api_ key_ request - get_
access_ token_ request - get_
access_ token_ response - get_
user_ orgs_ request - get_
user_ orgs_ response - internal_
api_ key_ service - invalid_
jwt_ audience - invalid_
jwt_ expired - invalid_
jwt_ format - invalid_
jwt_ issuer - is_
email_ allowed_ request - is_
email_ allowed_ response - list_
api_ key_ request - list_
api_ key_ response - missing_
claims - no_
membership - not_
authorized - not_
authorized_ admin - okta_
registration_ event_ data - okta_
registration_ request - okta_
registration_ response - okta_
registration_ status - okta_
registration_ user_ profile - okta_
update_ action_ command - okta_
update_ action_ value - refresh_
access_ token_ request - refresh_
access_ token_ response - register_
in_ workspace_ request - register_
resource_ conflict - workspace_
not_ found
Structs§
- ApiKey
- ApiKey
NotFound - ApiKey
Rid - Async
Authorization Service Endpoints - Async
Internal ApiKey Service Endpoints - Authorization
Request - Authorization
Service Async Client - Authorization service manages the permissions for a user to access resources.
- Authorization
Service Client - Authorization service manages the permissions for a user to access resources.
- Authorization
Service Endpoints - Create
ApiKey Request - Create
ApiKey Response - GetAccess
Token From ApiKey Request - GetAccess
Token Request - We accept an OIDC ID token issued by a trusted identity provider as proof of authentication. The ID token is validated and exchanged for a Nominal access token. This ID token should generally be short lived since it is fungible with a Nominal access token via this endpoint. An access token, if provider, is used to get user information from the OIDC userinfo endpoint. An org rid should be provided if the user is a member of multiple orgs.
- GetAccess
Token Response - GetUser
Orgs Request - We use the claims in the id token to determine which orgs the user belongs to.
- GetUser
Orgs Response - Internal
ApiKey Service Async Client - This internal-only service manages long lived api keys.e
- Internal
ApiKey Service Client - This internal-only service manages long lived api keys.e
- Internal
ApiKey Service Endpoints - Invalid
JwtAudience - Invalid
JwtExpired - Invalid
JwtFormat - Invalid
JwtIssuer - IsEmail
Allowed Request - IsEmail
Allowed Response - List
ApiKey Request - List
ApiKey Response - Missing
Claims - NoMembership
- NotAuthorized
- NotAuthorized
Admin - Okta
Registration Event Data - Okta
Registration Request - Okta
Registration Response - Okta
Registration User Profile - Okta
Update Action Command - Okta
Update Action Value - Refresh
Access Token Request - We accept an OIDC access token issued by a trusted identity provider to refresh a Nominal access token. The access token is validated and exchanged for a Nominal access token. To be used in this endpoint, the OIDC access token must contain an email claim. The org rid from the expiring session should be provided to deconflict if the user is a member of multiple orgs.
- Refresh
Access Token Response - Register
InWorkspace Request - Register
Resource Conflict - The resource has already been registered with a different workspace.
- Workspace
NotFound
Enums§
Traits§
- Async
Authorization Service - Authorization service manages the permissions for a user to access resources.
- Async
Internal ApiKey Service - This internal-only service manages long lived api keys.e
- Authorization
Service - Authorization service manages the permissions for a user to access resources.
- Internal
ApiKey Service - This internal-only service manages long lived api keys.e