/entityType.getAccessSchema

Retrieves the access schema for the specified API client. An access schema defines the subset of attributes to which a client has read or write access. Note that access schemas only apply to API-based implementations of the Identity Cloud. If you are using a JavaScript SDK-based implementation then access to forms ands fields is managed by the flow.

Refer to the Registration Error Codes section for details on error codes.

This endpoint includes the following methods:

POST

POST

Authentication

This endpoint supports both Basic authentication (recommended) and janrain-signed authentication.

How to Create an Authentication String

Base URL

The base URL for this endpoint is your Capture domain; for example:

https://educationcenter.us-dev.janraincapture.com

Your Capture domains (also known as Registration domains) can be found in the Console on the Manage Application page:

Examples

Example Request

This command returns the write access schema associated with the API client 0987fghi0987fghi.


curl -X POST \
  -H "Authorization: Basic c2dueXZ1czZwYzRqbTdraHIybmVxNWdzODlnYnIyZXE6d3Q0YzN1bjl3a2tjZnZ5a25xeDQ0eW5jNDc2YWZzNjg" \
  --data-urlencode type_name=user \
  --data-urlencode for_client_id=0987fghi0987fghi \
  --data-urlencode access_type=write \
  https://my-app.janraincapture.com/entityType.getAccessSchema

Running this command in Postman

Example Response


{
  "schema": {
    "attr_defs": [
      {
        "name": "id",
        "description": "simple identifier for this entity",
        "type": "id"
      },
      {
        "name": "uuid",
        "description": "globally unique idetifier for this entity",
        "type": "uuid"
      },
      {
        "name": "created",
        "description": "when this entity was created",
        "type": "dateTime"
      },
      {
        "name": "lastUpdated",
        "description": "when this entity was last updated",
        "type": "dateTime"
      },
      {
        "case-sensitive": false,
        "name": "Description",
        "length": 1000,
        "type": "string"
      },
      {
        "case-sensitive": false,
        "name": "Name",
        "constraints": [
          "alphanumeric"
        ],
        "length": null,
        "type": "string"
      }
    ],
    "name": "user"
  },
  "stat": "ok"
}

Authorized Clients

owner
login_client
direct_read_access
direct_access
access_issuer

Query Parameters

Parameter	Type	Required	Description
type_name	string	Yes	Name of the entityType.
for_client_id	string	Yes	Client ID of the client whose access schema is being returned.
access_type	string	Yes	Type of access schema. Allowed values are: read write read_with_token write_with_token

How to Create an Authentication String

To create an authentication string, combine your API client ID, a colon (:), and your client secret into a single value. For example, if your client ID is abcdefg and your client secret is hijklmnop, that value would look like this:

abcdefg:hijklmnop

Next, take the string and base64 encode it. For example, on a Mac, you can base encode the string using this command:

echo -n "abcdefg:hijklmnop" | base64

If you’re running Microsoft Windows, you can encode the string by using a Windows PowerShell command similar to this:

[Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("abcdefg:hijklmn"))

The resulting value (e.g., YWJjZGVmZzpoaWprbG1ub3A=) should be used in your authentication header.

If you are making API calls using Postman, select Basic Auth as your identification type, then use the client ID as the username and the client secret as the password.

Before you actually try your authentication string, make sure that your API client has the all the permissions (for example, the right to read user profile information) needed to complete the API call.

POST

Running this Command in Postman

How to Create an Authentication String