Update - Infisical

Overview

Endpoints

Identities
Token Auth
Universal Auth
GCP Auth
AWS Auth
Azure Auth
Kubernetes Auth
OIDC Auth
JWT Auth
Groups
Organizations
Projects
Project Users
Project Groups
Project Identities
Project Roles
Project Templates
Environments
Folders
Secret Tags
Secrets
Dynamic Secrets
Secret Imports
Identity Specific Privilege
- POST
  Create Permanent
- POST
  Create Temporary
- PATCH
  Update
- DEL
  Delete
- GET
  Find By Privilege Slug
- GET
  List
App Connections
Secret Syncs
Integrations
Service Tokens
Audit Logs

Infisical PKI

Certificate Authorities
Certificates
Certificate Templates
Certificate Collections
PKI Alerting

Infisical SSH

Certificates
Certificate Authorities
Certificate Templates

Infisical KMS

Keys

PATCH

api

additional-privilege

identity

curl --request PATCH \
  --url https://us.infisical.com/api/v1/additional-privilege/identity \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "privilegeSlug": "<string>",
  "identityId": "<string>",
  "projectSlug": "<string>",
  "privilegeDetails": {
    "slug": "<string>",
    "permissions": [
      {
        "action": "read",
        "subject": "role",
        "conditions": {
          "environment": "<string>",
          "secretPath": {
            "$glob": "<string>"
          }
        }
      }
    ],
    "privilegePermission": {
      "actions": [
        "read"
      ],
      "subject": "secrets",
      "conditions": {
        "environment": "<string>",
        "secretPath": {
          "$glob": "<string>"
        }
      }
    },
    "isTemporary": true,
    "temporaryMode": "relative",
    "temporaryRange": "<string>",
    "temporaryAccessStartTime": "2023-11-07T05:31:56Z"
  }
}'

{
  "privilege": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "slug": "<string>",
    "projectMembershipId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "isTemporary": false,
    "temporaryMode": "<string>",
    "temporaryRange": "<string>",
    "temporaryAccessStartTime": "2023-11-07T05:31:56Z",
    "temporaryAccessEndTime": "2023-11-07T05:31:56Z",
    "permissions": [
      {
        "subject": "<string>",
        "action": "<string>",
        "conditions": "<any>",
        "inverted": true
      }
    ],
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z"
  }
}

Authorizations

Authorization

string

header

required

An access token in Infisical

Body

application/json

privilegeSlug

string

required

The slug of the privilege to update.

Minimum length: 1

identityId

string

required

The ID of the identity to update.

Minimum length: 1

projectSlug

string

required

The slug of the project of the identity in.

Minimum length: 1

privilegeDetails

object

required

privilegeDetails.slug

string

The new slug of the privilege to update.

Required string length: 1 - 60

privilegeDetails.permissions

object[]

@deprecated - use privilegePermission The permission object for the privilege.

Read secrets

{ "permissions": [{"action": "read", "subject": "secrets"]}

Read and Write secrets

{ "permissions": [{"action": "read", "subject": "secrets"], {"action": "write", "subject": "secrets"]}

Read secrets scoped to an environment and secret path

- { "permissions": [{"action": "read", "subject": "secrets", "conditions": { "environment": "dev", "secretPath": { "$glob": "/" } }}] }

privilegeDetails.privilegePermission

object

The permission object for the privilege.

privilegeDetails.isTemporary

boolean

Whether the privilege is temporary.

privilegeDetails.temporaryMode

enum<string>

Type of temporary access given. Types: relative.

Available options:

relative

privilegeDetails.temporaryRange

string

TTL for the temporary time. Eg: 1m, 1h, 1d.

privilegeDetails.temporaryAccessStartTime

string

ISO time for which temporary access should begin.

Response

200

application/json

Default Response

privilege

object

required

Was this page helpful?

Suggest edits Raise issue

Create Temporary Delete

curl --request PATCH \
  --url https://us.infisical.com/api/v1/additional-privilege/identity \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "privilegeSlug": "<string>",
  "identityId": "<string>",
  "projectSlug": "<string>",
  "privilegeDetails": {
    "slug": "<string>",
    "permissions": [
      {
        "action": "read",
        "subject": "role",
        "conditions": {
          "environment": "<string>",
          "secretPath": {
            "$glob": "<string>"
          }
        }
      }
    ],
    "privilegePermission": {
      "actions": [
        "read"
      ],
      "subject": "secrets",
      "conditions": {
        "environment": "<string>",
        "secretPath": {
          "$glob": "<string>"
        }
      }
    },
    "isTemporary": true,
    "temporaryMode": "relative",
    "temporaryRange": "<string>",
    "temporaryAccessStartTime": "2023-11-07T05:31:56Z"
  }
}'

{
  "privilege": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "slug": "<string>",
    "projectMembershipId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "isTemporary": false,
    "temporaryMode": "<string>",
    "temporaryRange": "<string>",
    "temporaryAccessStartTime": "2023-11-07T05:31:56Z",
    "temporaryAccessEndTime": "2023-11-07T05:31:56Z",
    "permissions": [
      {
        "subject": "<string>",
        "action": "<string>",
        "conditions": "<any>",
        "inverted": true
      }
    ],
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z"
  }
}