Tenancy Information

The tenancies service provides information about your Archivist tenancy.

The tenancy information includes the list of user principals who have root or super-user access rights.

Create the bearer_token and store in a file in a secure local directory with 0600 permissions.

See API Request Authorization and Authentication.

Note

The following example shows use of the API over curl in a bash terminal. The concepts are fully portable to any other REST client (eg PostMan or python requests)

Set the URL (for example):

$ export URL=https://synsation.1234-5678.nodes.archivist.jitsuin.io

Note

Only tenant root users are allowed to call the tenancies endpoint. Other users will recieve a 403 response.

Fetch the current list of tenant root principals

To fetch the list of root principals, simply GET the tenancies/root_principals resource:

$ curl -v -X GET \
     -H "@$BEARER_TOKEN_FILE" \
     $URL/archivist/v1/tenancies/root_principals

Update the list of tenant root principals

Define the update parameters and store in /path/to/jsonfile:

{
   "root_principals": [
       {
           "issuer": "https://login.microsoftonline.com/5c129635-5858-4fe3-9bef-444f6c7ee1cf/v2.0",
           "subject": "58589bef-4fe3-9a3b-23df-8527bc45e1cf",
           "display_name": "Jane Smith",
           "email":  "jane.smith@synsation.org"
       },
       {
           "issuer": "https://login.microsoftonline.com/5c129635-5858-4fe3-9bef-444f6c7ee1cf/v2.0",
           "subject": "27bc5b4f-9a3b-4fe3-23df-e1c7bc45e1cf",
           "display_name": "Nate Rogers",
           "email":  "nate.rogers@synsation.org"
       }
    }
}

Note

issuer

required The principal’s issuer string for your Identity Provider. This must match the Identity Provider for all existing root principals.

subject

required The principal’s subject string as provided by your Identity Provider.

display_name

optional Friendly name for the user principal. Displayed in the Archivist GUI.

email

optional Email address for the principal.

Update the root principals by PATCHing the tenancies/root_principals resource:

$ curl -v -X PATCH \
    -H "@$BEARER_TOKEN_FILE" \
    -H "Content-type: application/json" \
    -d "@/path/to/jsonfile" \
    $URL/archivist/v1/tenancies/root_principals

Note

For safety reasons you are not allowed to remove yourself from the list of root principals.