Request Headers (Applies to all methods)
GET
/api/apps/{appID}/users/{userID}/acl/{ACLVerb}/ThingID:{subjectThingID}
Check if the thing has the permission to perform the specified verb on the taget resource.
The administrator can always perform this action.
For other users, actors who can perform this action depends on the target resource:
- User scope: the user.
- Group scope: the group owner.
- Thing scope: the thing or a thing owner.
- Bucket: the scope owner.
- Object: the scope owner and the object owner.
- Topic: the scope owner and the topic creator.
Content-Type application/vnd.kii.ACLSubjectRetrievalResponse+json
Content-Type application/vnd.kii.UserNotFoundException+json
Name | Type | Description |
---|---|---|
errorCode | string | Error code "USER_NOT_FOUND". |
message | string | The error message. |
field | string | The field used for searching the user. This can be the userID or address field. |
value | string | The field value used for searching the user. |
appID | string | The ID of the application. |
Content-Type application/vnd.kii.ThingNotFoundException+json
Name | Type | Description |
---|---|---|
errorCode | string | Error code "THING_NOT_FOUND". |
message | string | The error message. |
field | string | The field used for searching the thing. This can be the "thingID" or "vendorThingID" field. |
value | string | The field value used for searching the thing. |
appID | string | The ID of the application. |
Content-Type application/vnd.kii.UnauthorizedAccessException+json
Name | Type | Description |
---|---|---|
errorCode | string | Error code "UNAUTHORIZED". |
message | string | The error message. |
authenticatedAppID | string | The authenticated appID. |
authenticatedPrincipalID | string | The authenticated principal ID (userID or thingID). |
PUT
/api/apps/{appID}/users/{userID}/acl/{ACLVerb}/ThingID:{subjectThingID}
Grant the permission to perform the specified verb on the target resource to the thing.
The administrator can always perform this action.
For other users, actors who can perform this action depends on the target resource:
- User scope: the user.
- Group scope: the group owner.
- Thing scope: the thing or a thing owner.
- Bucket: the scope owner.
- Object: the scope owner and the object owner.
- Topic: the scope owner and the topic creator.
This request requires empty body.
Content-Type (None)
Content-Type application/vnd.kii.UserNotFoundException+json
Name | Type | Description |
---|---|---|
errorCode | string | Error code "USER_NOT_FOUND". |
message | string | The error message. |
field | string | The field used for searching the user. This can be the userID or address field. |
value | string | The field value used for searching the user. |
appID | string | The ID of the application. |
Content-Type application/vnd.kii.ThingNotFoundException+json
Name | Type | Description |
---|---|---|
errorCode | string | Error code "THING_NOT_FOUND". |
message | string | The error message. |
field | string | The field used for searching the thing. This can be the "thingID" or "vendorThingID" field. |
value | string | The field value used for searching the thing. |
appID | string | The ID of the application. |
Content-Type application/vnd.kii.UnauthorizedAccessException+json
Name | Type | Description |
---|---|---|
errorCode | string | Error code "UNAUTHORIZED". |
message | string | The error message. |
authenticatedAppID | string | The authenticated appID. |
authenticatedPrincipalID | string | The authenticated principal ID (userID or thingID). |
Content-Type application/vnd.kii.ACLAlreadyExistsException+json
Name | Type | Description |
---|---|---|
errorCode | string | Error code "ACL_ALREADY_EXISTS". |
message | string | The error message. |
DELETE
/api/apps/{appID}/users/{userID}/acl/{ACLVerb}/ThingID:{subjectThingID}
Revoke the permission to perform the specified verb on the target resource from the thing.
The administrator can always perform this action.
For other users, actors who can perform this action depends on the target resource:
- User scope: the user.
- Group scope: the group owner.
- Thing scope: the thing or a thing owner.
- Bucket: the scope owner.
- Object: the scope owner and the object owner.
- Topic: the scope owner and the topic creator.
Content-Type (None)
Content-Type application/vnd.kii.UserNotFoundException+json
Name | Type | Description |
---|---|---|
errorCode | string | Error code "USER_NOT_FOUND". |
message | string | The error message. |
field | string | The field used for searching the user. This can be the userID or address field. |
value | string | The field value used for searching the user. |
appID | string | The ID of the application. |
Content-Type application/vnd.kii.ThingNotFoundException+json
Name | Type | Description |
---|---|---|
errorCode | string | Error code "THING_NOT_FOUND". |
message | string | The error message. |
field | string | The field used for searching the thing. This can be the "thingID" or "vendorThingID" field. |
value | string | The field value used for searching the thing. |
appID | string | The ID of the application. |
Content-Type application/vnd.kii.UnauthorizedAccessException+json
Name | Type | Description |
---|---|---|
errorCode | string | Error code "UNAUTHORIZED". |
message | string | The error message. |
authenticatedAppID | string | The authenticated appID. |
authenticatedPrincipalID | string | The authenticated principal ID (userID or thingID). |
Content-Type application/vnd.kii.ACLNotFoundException+json
Name | Type | Description |
---|---|---|
errorCode | string | Error code "ACL_NOT_FOUND". |
message | string | The error message. |
Content-Type application/vnd.kii.OperationNotAllowedException+json
Name | Type | Description |
---|---|---|
errorCode | string | Error code "OPERATION_NOT_ALLOWED". |
message | string | The error message. |