AuthZ | Node.js SDK

Check Authorization (Beta)

check(request: CheckRequest): Promise<PangeaResponse<CheckResult>>

Check if a subject is authorized to perform an action on a resource in the AuthZ Service.

required parameters

requestCheckRequest

An object representing the request to check authorization.

• {AuthZ.Resource} request.resource - The resource to check authorization on.
• {string} request.action - The action to check authorization for.
• {AuthZ.Subject} request.subject - The subject attempting the action.
• {boolean} [request.debug] - Setting this value to true will provide detailed debug information.
• {AuthZ.Dictionary} [request.attributes] - Additional attributes for the authorization check.

Response Object

CheckResult

Promise<PangeaResponse<CheckResult>>

escript
const response = await authz.check({
  resource: { namespace: 'folder', id: 'resource1' },
  action: 'read',
  subject: { namespace: 'user', id: 'user1' },
  debug: true,
});

List Resources (Beta)

listResources(request: ListResourcesRequest): Promise<PangeaResponse<ListResourcesResult>>

List resources that a subject is authorized to perform a specified action on in the AuthZ Service.

required parameters

requestListResourcesRequest

An object representing the request to list resources.

• {string} request.namespace - The namespace of the resources.
• {string} request.action - The action to list resources for.
• {AuthZ.Subject} request.subject - The subject attempting the action.

Response Object

ListResourcesResult

Promise<PangeaResponse<ListResourcesResult>>

escript
const response = await authz.listResources({
  namespace: 'folder',
  action: 'read',
  subject: { namespace: 'user', id: 'user1' },
});

List Subjects (Beta)

listSubjects(request: ListSubjectsRequest): Promise<PangeaResponse<ListSubjectsResult>>

List subjects that are authorized to perform a specified action on a resource in the AuthZ Service.

required parameters

requestListSubjectsRequest

An object representing the request to list subjects.

• {AuthZ.Resource} request.resource - The resource to list subjects for.
• {string} request.action - The action to list subjects for.

Response Object

ListSubjectsResult

Promise<PangeaResponse<ListSubjectsResult>>

escript
const response = await authz.listSubjects({
  resource: { namespace: 'folder', id: 'resource1' },
  action: 'read',
});

post(endpoint: string, data: object, options: PostOptions): Promise<PangeaResponse<R>>

POST request.

required parameters

endpoint

string

Endpoint path.

data

object

Request body.

optionsPostOptions

Additional options.

Response Object

R

Promise<PangeaResponse<R>>

Tuple Create (Beta)

tupleCreate(request: TupleCreateRequest): Promise<PangeaResponse<TupleCreateResult>>

Create tuples in the AuthZ Service. The request will fail if there is no schema or the tuples do not validate against the schema.

required parameters

requestTupleCreateRequest

An object representing the request to create tuples.

• {AuthZ.Tuple[]} request.tuples - List of tuples to be created.

Response Object

TupleCreateResult

Promise<PangeaResponse<TupleCreateResult>>

escript
const response = await authz.tupleCreate({
  tuples: [
    {
      resource: { namespace: 'folder', id: 'resource1' },
      relation: 'editor',
      subject: { namespace: 'user', id: 'user1' },
    },
    // Add more tuples as needed
  ],
});

Tuple Delete (Beta)

tupleDelete(request: TupleDeleteRequest): Promise<PangeaResponse<TupleDeleteResult>>

Delete tuples in the AuthZ Service based on the provided criteria.

required parameters

requestTupleDeleteRequest

An object representing the request to delete tuples.

• {AuthZ.Tuple[]} request.tuples - List of tuples to be deleted.

Response Object

TupleDeleteResult

Promise<PangeaResponse<TupleDeleteResult>>

escript
const response = await authz.tupleDelete({
  tuples: [
    {
      resource: { namespace: 'folder', id: 'resource1' },
      relation: 'owner',
      subject: { namespace: 'user', id: 'user1' },
    },
    // Add more tuples to be deleted as needed
  ],
});

Tuple List (Beta)

tupleList(request: TupleListRequest): Promise<PangeaResponse<TupleListResult>>

List tuples in the AuthZ Service based on provided filters.

required parameters

requestTupleListRequest

An object representing the request to list tuples.

• {AuthZ.TupleListFilter} request.filter - Filter object to narrow down the list of tuples.
• {number} [request.size] - Maximum results to include in the response. Minimum is 1.
• {string} [request.last] - Reflected value from a previous response to obtain the next page of results.
• {AuthZ.ItemOrder} [request.order] - Order results asc(ending) or desc(ending).
• {AuthZ.TupleOrderBy} [request.order_by] - Which field to order results by.

Response Object

TupleListResult

Promise<PangeaResponse<TupleListResult>>

escript
const response = await authz.tupleList({
  filter: {
    resource: { namespace: 'folder', id: 'resource1' },
  },
  size: 10,
});

Enum ItemOrder

ItemOrder

ASC = "asc"

DESC = "desc"

Enum TupleOrderBy

TupleOrderBy

RELATION = "relation"

RESOURCE_ID = "resource_id"

RESOURCE_NAMESPACE = "resource_namespace"

SUBJECT_ACTION = "subject_action"

SUBJECT_ID = "subject_id"

SUBJECT_NAMESPACE = "subject_namespace"

Interface CheckRequest

CheckRequest

required parameters

action

string

resourceResource

subjectSubject

optional parameters

attributesDictionary

debug

boolean

Interface CheckResult

CheckResult

required parameters

allowed

boolean

depth

number

schema_id

string

schema_version

number

optional parameters

debugDebug

Interface Debug

Debug

required parameters

pathArray<DebugPath>

Interface DebugPath

DebugPath

required parameters

action

string

id

string

namespace

string

Interface ListResourcesRequest

ListResourcesRequest

required parameters

action

string

namespace

string

subjectSubject

Interface ListResourcesResult

ListResourcesResult

required parameters

ids

string

Interface ListSubjectsRequest

ListSubjectsRequest

required parameters

action

string

resourceResource

Interface ListSubjectsResult

ListSubjectsResult

required parameters

subjectsArray<Subject>

Interface Resource

Resource

required parameters

namespace

string

optional parameters

id

string

Interface Subject

Subject

required parameters

id

string

namespace

string

optional parameters

action

string

Interface Tuple

Tuple

required parameters

relation

string

resourceResource

subjectSubject

Interface TupleCreateRequest

TupleCreateRequest

required parameters

tuplesArray<Tuple>

Interface TupleCreateResult

TupleCreateResult

Interface TupleDeleteRequest

TupleDeleteRequest

required parameters

tuplesArray<Tuple>

Interface TupleDeleteResult

TupleDeleteResult

Interface TupleListFilter

TupleListFilter

optional parameters

relation

string

relation__contains

Array<string>

relation__in

Array<string>

resource_id

string

resource_id__contains

Array<string>

resource_id__in

Array<string>

resource_namespace

string

resource_namespace__contains

Array<string>

resource_namespace__in

Array<string>

subject_action

string

subject_action__contains

Array<string>

subject_action__in

Array<string>

subject_id

string

subject_id__contains

Array<string>

subject_id__in

Array<string>

subject_namespace

string

subject_namespace__contains

Array<string>

subject_namespace__in

Array<string>

Interface TupleListRequest

TupleListRequest

required parameters

filterTupleListFilter

optional parameters

last

string

orderItemOrder

order_byTupleOrderBy

size

number

Interface TupleListResult

TupleListResult

required parameters

count

number

last

string

tuplesArray<Tuple>