This the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Resources

1 - Resources MAP

identity

URN Description
urn:identity::120b5cb7-41d3-4713-9abb-fc6f72074fde sub ref

identity traits (future proof)

URN Description
urn:identity::120b5cb7-41d3-4713-9abb-fc6f72074fde:traits:d3f8249 rfc
urn:identity:traits::120b5cb7-41d3-4713-9abb-fc6f72074fde:d3f8249 rfc
urn:identity::120b5cb7-41d3-4713-9abb-fc6f72074fde?=traits=d3f8249 rfc

identity event registry cloudevents spec

URN Description
urn:event:source:type:id cloudevent spec
urn:event:identity:registry:f87d10c5-382a-43a2-a8ca-a36ae77c2fc4 identity registry event ref

identity credential(s)

URN Description
urn:identity:credential
urn:identity:credential::chl:srcei:rut:1-9 sub ref

identity credential(s) rfc8141 q-component

URN Description
urn:identity:credential?=country=chl&iss=srcei&typ=rut&sub=1-9 combinables
urn:identity:credential?=country=chl&iss=srceisub=1-9 combinables
urn:identity:credential?=iss=google&typ=email&sub=foobar combinables
urn:identity:credential?=iss=whatsapp&typ=phone&sub=+56955500123 combinables
urn:identity:credential?=country=chl&iss=srcei&typ=rut&sub=1-9 combinables

identity document(s)

URN Description
urn:identity:document
urn:identity:document::chl:srcei:rut:1-9 sub ref

identity document(s) rfc8141 q-component

URN Description
urn:identity:document?=country=chl&iss=srcei&typ=rut&sub=1-9 required

identity verifiable channels (otp / totp / password recovery)

URN Description
urn:identity:channel
urn:identity:channel:phone
urn:identity:channel:email
urn:identity:channel:device
urn:identity:channel:phone:+56955500123 ref
urn:identity:channel:email:foobar@example.com ref
urn:identity:channel:device:9d23dbc87d9de583fbceacd410d5ee47 ref

2 - RBAC

role

{
    "id": "urn:role::tenent-id:role-name",
    "description": "string",
    "members": [
        "urn:identity::120b5cb7-41d3-4713-9abb-fc6f72074fde",
        "urn:identity:credential::chl:srcei:rut:1-9",
        "urn:identity:document::chl:srcei:rut:1-9"
    ]
}
Name Type Required Restrictions Description
id string false none ID is the role’s unique id.
description string false none Description is the description of the role.
members [string] false none Members is who belongs to the role.

scp (service control policy)

{
    "id": "urn:policy:tenant-id:policy-name",
    "actions": [
        "read",
        "write",
    ],
    "description": "string",
    "effect": "(allow|deny)",
    "subjects": [
        "urn:role::tenent-id:role-name",
        "urn:identity::66bb201b-e368-40cd-81b7-37f01ec73ed8"
    ],
    "resources": [
        "string"
    ]
}
Name Type Required Restrictions Description
id string false none ID is the unique identifier of the SCP. It is used to query, update, and remove the SCP.
actions [string] false none Actions is an array representing all the actions this SCP applies to.
description string false none Description is an optional, human-readable description.
effect string false none Effect is the effect of this SCP. It can be “allow” or “deny”.
subjects [string] false none Subjects is an array representing all the subjects this SCP applies to.
resources [string] false none Resources is an array representing all the resources this SCP applies to.

check request

{
    "action": "string",
    "context": {},
    "resource": "string",
    "subject": "string"
}