Entitlements agent
/
Entitlements Check
/
Is Entitled To Permission

Entitlements Agent (PDP)

The endpoints in this section pertain to the usage of an Entitlements Agent. When your application or service needs to verify entitlements, it can query the Entitlements Agent directly via HTTP.

These endpoints can be integrated into any backend framework, enabling you to leverage entitlements for advanced authorization needs.

Download OpenAPI description
Users, Auth and Security
Single Sign-On
SCIM Provisioning
Entitlements
Entitlements Agent
Accounts (Tenants)
Languages
Servers
http://{host}:{port}/

Entitlements Check

Operations

Is Entitled To Feature

Request

Check whether a given tenant or user is entitled to the requested feature

Bodyapplication/jsonrequired
inputobject
curl -i -X POST \
  http://localhost:8181/v1/data/e10s/features/is_entitled_to_input_feature \
  -H 'Content-Type: application/json' \
  -d '{
    "input": {
      "subjectContext": {
        "userId": "6c2ce177-66cd-4163-a012-b7833255a490",
        "tenantId": "f21ca66c-d23b-496f-b805-121ed37eb46a",
        "permissions": [
          "example.permission.read",
          "example.permission.write"
        ],
        "attributes": {
          "exampleAttribute": "example-value"
        }
      },
      "requestContext": {
        "featureKey": "example-feature-key"
      }
    }
  }'

Responses

Bodyapplication/json
decision_idstringrequired
Example: "df5dae62-be02-4333-bbe1-f7220e13c6c3"
metricsobjectrequired
resultobject(EntitlementsResult)required
result.​justificationstring
Enum"MISSING_FEATURE""MISSING_PERMISSION""PLAN_EXPIRED""MISSING_ROUTE""ROUTE_DENIED"
Example: "MISSING_FEATURE"
result.​monitoringboolean
result.​resultbooleanrequired
Example: false
Response
application/json
{
  "decision_id": "df5dae62-be02-4333-bbe1-f7220e13c6c3",
  "metrics": {},
  "result": {
    "justification": "MISSING_FEATURE",
    "monitoring": true,
    "result": false
  }
}

Is Entitled To Permission

Request

Check whether a given user is entitled to the requested permission

Bodyapplication/jsonrequired
inputobject
curl -i -X POST \
  http://localhost:8181/v1/data/e10s/permissions/is_entitled_to_input_permission \
  -H 'Content-Type: application/json' \
  -d '{
    "input": {
      "subjectContext": {
        "userId": "6c2ce177-66cd-4163-a012-b7833255a490",
        "tenantId": "f21ca66c-d23b-496f-b805-121ed37eb46a",
        "permissions": [
          "example.permission.read",
          "example.permission.write"
        ],
        "attributes": {
          "exampleAttribute": "example-value"
        }
      },
      "requestContext": {
        "permissionKey": "example.permission.read"
      }
    }
  }'

Responses

Bodyapplication/json
decision_idstringrequired
Example: "df5dae62-be02-4333-bbe1-f7220e13c6c3"
metricsobjectrequired
resultobject(EntitlementsResult)required
result.​justificationstring
Enum"MISSING_FEATURE""MISSING_PERMISSION""PLAN_EXPIRED""MISSING_ROUTE""ROUTE_DENIED"
Example: "MISSING_FEATURE"
result.​monitoringboolean
result.​resultbooleanrequired
Example: false
Response
application/json
{
  "decision_id": "df5dae62-be02-4333-bbe1-f7220e13c6c3",
  "metrics": {},
  "result": {
    "justification": "MISSING_FEATURE",
    "monitoring": true,
    "result": false
  }
}

Is Entitled To Route

Request

Check whether a given tenant or user is entitled to the requested route

Bodyapplication/jsonrequired
inputobject
curl -i -X POST \
  http://localhost:8181/v1/data/e10s/routes/is_entitled_to_input_route \
  -H 'Content-Type: application/json' \
  -d '{
    "input": {
      "subjectContext": {
        "userId": "6c2ce177-66cd-4163-a012-b7833255a490",
        "tenantId": "f21ca66c-d23b-496f-b805-121ed37eb46a",
        "permissions": [
          "example.permission.read",
          "example.permission.write"
        ],
        "attributes": {
          "exampleAttribute": "example-value"
        }
      },
      "requestContext": {
        "method": "GET",
        "path": "/example"
      }
    }
  }'

Responses

Bodyapplication/json
decision_idstringrequired
Example: "df5dae62-be02-4333-bbe1-f7220e13c6c3"
metricsobjectrequired
resultobject(EntitlementsResult)required
result.​justificationstring
Enum"MISSING_FEATURE""MISSING_PERMISSION""PLAN_EXPIRED""MISSING_ROUTE""ROUTE_DENIED"
Example: "MISSING_FEATURE"
result.​monitoringboolean
result.​resultbooleanrequired
Example: false
Response
application/json
{
  "decision_id": "df5dae62-be02-4333-bbe1-f7220e13c6c3",
  "metrics": {},
  "result": {
    "justification": "MISSING_FEATURE",
    "monitoring": true,
    "result": false
  }
}