Overview
Suggest changes
The BlueXP identity and access management (IAM) service provides a centralized point for managing customer and partner information. BlueXP IAM endpoints enable you to manage and control access to BlueXP resources.
If you're using BlueXP in standard mode, you no longer have a BlueXP account. Instead, you have a BlueXP organization that you manage using BlueXP IAM.
The following five components are defined within the BlueXP IAM service.
-
hierarchy
-
permission
-
resource and resourcegroup
-
role
-
user and usergroup
BlueXP IAM uses predefined roles that include sets of permissions which are required to manage and view data. You can have multiple roles within the same organization or set of resources. You should verify that you have the appropriate permissions when using the BlueXP IAM API endpoints. With the appropriate permissions, you can manage an organization hierarchy modeled as folders (subdivisions of an organization using criteria such as department or region) and projects (a workspace in BlueXP). After organizing your resources into folders and projects, you can grant granular access to resources by providing organization members with permissions to specific folders and projects.
The actions available through the BlueXP IAM REST API are a superset of what's available through the web UI.
Note: Before using the API reference documentation, review the Get started section for the BlueXP APIs. For more information about the security tokens and identifiers you'll need when using the API, review the Common workflows and tasks section.
REST implementation
HTTP methods
| Method | Description |
|---|---|
|
Create an object instance |
|
Retrieve an object instance or collection |
|
Update specific fields of an existing resource instance based on the supplied input values |
|
Update an existing resource instance based on the supplied input values |
|
Remove an existing object |
Request headers
| Request Header | Description |
|---|---|
|
Required. Contains a JWT access token |
Query parameters
You can use query parameters with endpoints in the following components:
| Component | Query Parameter |
|---|---|
Hierarchy |
filter, skip, include, orderBy, limit, count, continue, metadata, links |
Permission |
filter, skip, include, orderBy, limit, count, continue, metadata, links |
Resource and resourcegroup |
filter, skip, include, orderBy, limit, count, continue, metadata, links |
Role |
filter, skip, include, orderBy, limit, count, continue, metadata, links |
User and usergroup |
filter, skip, include, orderBy, limit, count, continue, metadata, links |
Response headers
This API uses the standard HTTP response headers common with all BlueXP APIs. See REST implementation for more information.
HTTP status codes
| HTTP Status Code | Description |
|---|---|
|
OK: Returned for successful operation completion |
|
The resource was successfully created. |
|
The operation was completed successfully and the server did not send a response message. |
|
Bad Request: Returned if the input is malformed and could not be parsed |
|
Unauthorized: Returned if user authentication failed or the token has expired |
|
Forbidden: Returned for authorization errors depending on the resource and token |
Error handling
The following processes are involved with error handling and processing.
-
The error is logged for supportability
-
The error is also returned to the caller for any specific handling