Update a claim mapping

Updated on Nov 5, 2024
Published on Aug 17, 2023

3 minute(s) read

Patch

/v1alpha/sso/claim_mappings/{id}

Modifies an existing claim mapping. You can modify the claim name, value, the Torq role ID the claim is mapped to, and the claim mapping rank.

Security

HTTP

Type bearer

Path parameters

string (uuid) Required

The ID of the claim mapping to update.

Body parameters

object

claim_name

string

The new name for the claim.

Exampleemail

claim_value

string

The new value for the claim.

Exampleuser@company.io

role_id

string (uuid)

The new role ID for the claim mapping.

Exampleb7a6c3f0-5d6a-4b3b-8f9a-103c4d5e6f7a

rank

integer (int64)

The new rank of the claim mapping.

Example2

Responses

200

A successful response.

object

string (uuid)

The unique identifier of the claim mapping.

Exampleb7a6c3f0-5d6a-4b3b-8f9a-103c4d5e6f7a

claim_name

string

The name of the claim.

Exampleemail

claim_value

string

The value of the claim.

Exampleuser@company.io

role_id

string (uuid)

The ID of the role in Torq the claim is mapped to.

Exampleb7a6c3f0-5d6a-4b3b-8f9a-103c4d5e6f7a

rank

integer (int64)

The rank of a claim mapping determines its position in the ordered list of mappings, ranging from 1 to n. For instance, given the claim mappings list [a, b, c, d, e], updating the rank of claim c to 2 would result in the updated list: [a, c, b, d, e]. Claims are applied in order. A user is assigned a role according to the first match found and subsequent mappings are ignored.

Example2

401

Invalid bearer token. If you receive this message more than once try creating a new Client ID/Client Secret or generating a new bearer token.

object

403

You don't have permission to access this resource.

object

default

An unexpected error response.

Expand All

object

code

integer (int32)

message

string

details

Array of object (protobufAny)

object

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(&foo))

Example 2: Pack and unpack a message in Java.

Foo foo = ...; Any any = Any.pack(foo); ... if (any.is(Foo.class)) // or ... if (any.isSameTypeAs(Foo.getDefaultInstance()))

Example 3: Pack and unpack a message in Python.

foo = Foo(...) any = Any() any.Pack(foo) ... if any.Is(Foo.DESCRIPTOR): any.Unpack(foo) ...

Example 4: Pack and unpack a message in Go

foo := &pb.Foo any, err := anypb.New(foo) if err != nil ... foo := &pb.Foo if err := any.UnmarshalTo(foo); err != nil

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

JSON

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile; message Person

{ "@type": "type.googleapis.com/google.profile.Person", "firstName": , "lastName": }

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{ "@type": "type.googleapis.com/google.protobuf.Duration", "value": "1.212s" }

@type

string

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one "/" character. The last segment of the URL's path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading "." is not accepted).

In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows:

If no scheme is provided, https is assumed.
An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error.
Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.)

Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one.

Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

property*

object additionalProperties

Was this article helpful?