Overview
Organization
Shared
Identity Auth
Secrets Management
Infisical PKI
Secret Scanning
Infisical SSH
Infisical KMS
Other
curl --request PATCH \
--url https://us.infisical.com/api/v1/additional-privilege/identity \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"privilegeSlug": "<string>",
"identityId": "<string>",
"projectSlug": "<string>",
"privilegeDetails": {
"slug": "<string>",
"permissions": [
{
"action": "read",
"subject": "role",
"conditions": {
"environment": "<string>",
"secretPath": {
"$glob": "<string>"
}
}
}
],
"privilegePermission": {
"actions": [
"read"
],
"subject": "secrets",
"conditions": {
"environment": "<string>",
"secretPath": {
"$glob": "<string>"
}
}
},
"isTemporary": true,
"temporaryMode": "relative",
"temporaryRange": "<string>",
"temporaryAccessStartTime": "2023-11-07T05:31:56Z"
}
}
'{
"privilege": {
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"slug": "<string>",
"projectMembershipId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"permissions": [
{
"action": "<string>",
"subject": "<string>",
"conditions": "<unknown>",
"inverted": true
}
],
"createdAt": "2023-11-07T05:31:56Z",
"updatedAt": "2023-11-07T05:31:56Z",
"isTemporary": false,
"temporaryMode": "<string>",
"temporaryRange": "<string>",
"temporaryAccessStartTime": "2023-11-07T05:31:56Z",
"temporaryAccessEndTime": "2023-11-07T05:31:56Z"
}
}Update
Update a specific privilege of an identity.
curl --request PATCH \
--url https://us.infisical.com/api/v1/additional-privilege/identity \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"privilegeSlug": "<string>",
"identityId": "<string>",
"projectSlug": "<string>",
"privilegeDetails": {
"slug": "<string>",
"permissions": [
{
"action": "read",
"subject": "role",
"conditions": {
"environment": "<string>",
"secretPath": {
"$glob": "<string>"
}
}
}
],
"privilegePermission": {
"actions": [
"read"
],
"subject": "secrets",
"conditions": {
"environment": "<string>",
"secretPath": {
"$glob": "<string>"
}
}
},
"isTemporary": true,
"temporaryMode": "relative",
"temporaryRange": "<string>",
"temporaryAccessStartTime": "2023-11-07T05:31:56Z"
}
}
'{
"privilege": {
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"slug": "<string>",
"projectMembershipId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"permissions": [
{
"action": "<string>",
"subject": "<string>",
"conditions": "<unknown>",
"inverted": true
}
],
"createdAt": "2023-11-07T05:31:56Z",
"updatedAt": "2023-11-07T05:31:56Z",
"isTemporary": false,
"temporaryMode": "<string>",
"temporaryRange": "<string>",
"temporaryAccessStartTime": "2023-11-07T05:31:56Z",
"temporaryAccessEndTime": "2023-11-07T05:31:56Z"
}
}Authorizations
An access token in Infisical
Body
The slug of the privilege to update.
1The ID of the machine identity to update.
1The slug of the project of the identity in.
1Show child attributes
Show child attributes
The new slug of the privilege to update.
1 - 60@deprecated - use privilegePermission The permission object for the privilege.
- Read secrets
{ "permissions": [{"action": "read", "subject": "secrets"]}- Read and Write secrets
{ "permissions": [{"action": "read", "subject": "secrets"], {"action": "write", "subject": "secrets"]}- Read secrets scoped to an environment and secret path
- { "permissions": [{"action": "read", "subject": "secrets", "conditions": { "environment": "dev", "secretPath": { "$glob": "/" } }}] }Show child attributes
Show child attributes
Describe what action an entity can take. Possible actions: create, edit, delete, and read
read, create, edit, delete The entity this permission pertains to. Possible options: secrets, environments
role, member, groups, settings, integrations, webhooks, service-tokens, environments, tags, audit-logs, ip-allowlist, workspace, secrets, secret-folders, secret-imports, dynamic-secrets, secret-rollback, secret-approval, secret-rotation, commits, identity, certificate-authorities, certificates, certificate-templates, ssh-certificate-authorities, ssh-certificates, ssh-certificate-templates, ssh-hosts, ssh-host-groups, pki-subscribers, pki-alerts, pki-collections, kms, cmek, secret-syncs, pki-syncs, kmip, secret-scanning-data-sources, secret-scanning-findings, secret-scanning-configs, secret-events, app-connections, pam-folders, pam-resources, pam-accounts, pam-sessions, certificate-profiles, approval-requests, approval-request-grants When specified, only matching conditions will be allowed to access given resource.
Show child attributes
Show child attributes
The environment slug this permission should allow.
The permission object for the privilege.
Show child attributes
Show child attributes
1Describe what action an entity can take. Possible actions: create, edit, delete, and read
read, create, edit, delete The entity this permission pertains to. Possible options: secrets, environments
secrets When specified, only matching conditions will be allowed to access given resource.
Show child attributes
Show child attributes
The environment slug this permission should allow.
Whether the privilege is temporary.
Type of temporary access given. Types: relative.
relative TTL for the temporary time. Eg: 1m, 1h, 1d.
ISO time for which temporary access should begin.
Response
Default Response
Show child attributes
Show child attributes
Was this page helpful?