Identity & Access Management API

The IAM API provides operations on four types of resources, realms, permissions, acls and identities.


A realm provides with the necessary information to perform authentication against a certain OIDC provider .

Operations on realms


A permission is the basic unit to provide a way to limit applications’ access to sensitive information.

Operations on permisions


In order to restrict applications’ access to data by placing restrictions on them, three parameters are important:

  • permission: the value used to limit a client (user, group) access to resources.
  • identity: a client identity reference, e.g. a certain user, a group, an anonymous user or someone who is authenticated to a certain realm.
  • path: the location where to apply the restrictions

An ACL defines the set of permissions that certain identities have on a concrete path.

Operations on ACLs


Identities endpoint can be used to fetch user identities.

Operations on identities