Skip to main content

AuthZ | Java SDK

Create tuple

tupleCreate(TupleCreateRequest request)

Create tuples in the AuthZ Service. The request will fail if there is no schema or the tuples do not validate against the schema.

TupleCreateRequest

TupleCreateRequest containing the list of tuples to be created.

TupleCreateResponse

A TupleCreateResponse with an empty result.

 client.tupleCreate(
     new TupleCreateRequest.Builder(
         new Tuple[] {
             new Tuple(
                 new Resource.Builder("folder").setId("folder_1").build(),
                 "owner",
                 new Subject.Builder("user").setId("user_1").build()
             ),
         }
     ).build()
 );

List tuples

tupleList(TupleListRequest request)

Return a paginated list of filtered tuples. The filter is given in terms of a tuple. Fill out the fields that you want to filter. If the filter is empty it will return all the tuples.

TupleListRequest

The TupleListRequest containing the filter criteria.

TupleListResponse

A TupleListResponse with the list of tuples and additional information.

 var filter = new FilterTupleList();
 filter.resourceType().set("user");
 filter.resourceID().set("user_1");
 var response = client.tupleList(new TupleListRequest.Builder().setFilter(filter).build());

Delete tuples

tupleDelete(TupleDeleteRequest request)

Delete tuples in the AuthZ Service.

TupleDeleteRequest

The TupleDeleteRequest containing the tuples to be deleted.

TupleDeleteResponse

A TupleDeleteResponse with information about the deleted tuples.

 client.tupleDelete(
     new TupleDeleteRequest.Builder(
         new Tuple[] {
             new Tuple(
                 new Resource.Builder("folder").setId("folder_1").build(),
                 "owner",
                 new Subject.Builder("user").setId("user_1").build()
             ),
         }
     ).build()
 );

Check authorization

check(CheckRequest request)

Check if a subject has permission to perform an action on the resource.

CheckRequest

The CheckRequest containing details for the authorization check.

CheckResponse

A CheckResponse indicating whether the action is allowed or not.

 var response = client.check(
     new CheckRequest.Builder()
         .setResource(new Resource.Builder("folder").setId("folder_1").build())
         .setSubject(new Subject.Builder("user").setId("user_1").build())
         .setAction("update")
         .build()
 );

List resources

listResources(ListResourcesRequest request)

Given a type, action, and subject, list all the resources of the type that the subject has access to the action with.

ListResourcesRequest

The ListResourcesRequest containing criteria for listing resources.

ListResourcesResponse

A ListResourcesResponse with the IDs of resources that match the criteria.

 var response = client.listResources(
     new ListResourcesRequest.Builder(
         "folder",
         "edit",
         new Subject.Builder("user").setId("user_1").build()
     ).build()
 );

List subjects

listSubjects(ListSubjectsRequest request)

Given a resource and an action, return the list of subjects who have access to the action for the given resource.

ListSubjectsRequest

The ListSubjectsRequest containing criteria for listing subjects.

ListSubjectsResponse

A ListSubjectsResponse with the subjects that match the criteria.

 var response = client.listSubjects(
     new ListSubjectsRequest.Builder(
         new Resource.Builder("folder").setId("folder_1").build(),
         "update"
     ).build()
 );