Skip to main content

AuthZ | Java SDK

Create tuple

tupleCreate(TupleCreateRequest request)

Create tuples in the AuthZ Service. The request will fail if there is no schema or the tuples do not validate against the schema.

required parameters

TupleCreateRequest

TupleCreateRequest containing the list of tuples to be created.

Response Object

TupleCreateResponse

A TupleCreateResponse with an empty result.

 client.tupleCreate(
     new TupleCreateRequest.Builder(
         new Tuple[] {
             new Tuple(
                 new Resource.Builder("folder").setId("folder_1").build(),
                 "owner",
                 new Subject.Builder("user").setId("user_1").build()
             ),
         }
     ).build()
 );

List tuples

tupleList(TupleListRequest request)

Return a paginated list of filtered tuples. The filter is given in terms of a tuple. Fill out the fields that you want to filter. If the filter is empty it will return all the tuples.

required parameters

TupleListRequest

The TupleListRequest containing the filter criteria.

Response Object

TupleListResponse

A TupleListResponse with the list of tuples and additional information.

 var filter = new FilterTupleList();
 filter.resourceType().set("user");
 filter.resourceID().set("user_1");
 var response = client.tupleList(new TupleListRequest.Builder().setFilter(filter).build());

Delete tuples

tupleDelete(TupleDeleteRequest request)

Delete tuples in the AuthZ Service.

required parameters

TupleDeleteRequest

The TupleDeleteRequest containing the tuples to be deleted.

Response Object

TupleDeleteResponse

A TupleDeleteResponse with information about the deleted tuples.

 client.tupleDelete(
     new TupleDeleteRequest.Builder(
         new Tuple[] {
             new Tuple(
                 new Resource.Builder("folder").setId("folder_1").build(),
                 "owner",
                 new Subject.Builder("user").setId("user_1").build()
             ),
         }
     ).build()
 );

Check authorization

check(CheckRequest request)

Check if a subject has permission to perform an action on the resource.

required parameters

CheckRequest

The CheckRequest containing details for the authorization check.

Response Object

CheckResponse

A CheckResponse indicating whether the action is allowed or not.

 var response = client.check(
     new CheckRequest.Builder()
         .setResource(new Resource.Builder("folder").setId("folder_1").build())
         .setSubject(new Subject.Builder("user").setId("user_1").build())
         .setAction("update")
         .build()
 );

List resources

listResources(ListResourcesRequest request)

Given a type, action, and subject, list all the resources of the type that the subject has access to the action with.

required parameters

ListResourcesRequest

The ListResourcesRequest containing criteria for listing resources.

Response Object

ListResourcesResponse

A ListResourcesResponse with the IDs of resources that match the criteria.

 var response = client.listResources(
     new ListResourcesRequest.Builder(
         "folder",
         "edit",
         new Subject.Builder("user").setId("user_1").build()
     ).build()
 );

List subjects

listSubjects(ListSubjectsRequest request)

Given a resource and an action, return the list of subjects who have access to the action for the given resource.

required parameters

ListSubjectsRequest

The ListSubjectsRequest containing criteria for listing subjects.

Response Object

ListSubjectsResponse

A ListSubjectsResponse with the subjects that match the criteria.

 var response = client.listSubjects(
     new ListSubjectsRequest.Builder(
         new Resource.Builder("folder").setId("folder_1").build(),
         "update"
     ).build()
 );