Thing ID

Location /api/apps/{appID}/things/{thingID}/topics/{topicID}/acl/{ACLVerb}/ThingID:{subjectThingID}

This resource represents a thing that acts as a subject.

GET
PUT
DELETE

Request Headers (Applies to all methods)

Authorization

header

Required: Yes

GET

/api/apps/{appID}/things/{thingID}/topics/{topicID}/acl/{ACLVerb}/ThingID:{subjectThingID}

Description

Check if the thing has the permission to perform the specified verb on the taget resource.

Security

The administrator can always perform this action.
For other users, actors who can perform this action depends on the target resource:

User scope: the user.
Group scope: the group owner.
Thing scope: the thing or a thing owner.
Bucket: the scope owner.
Object: the scope owner and the object owner.
Topic: the scope owner and the topic creator.

Headers

Name Required? type Description

Authorization Yes string Authorization header. OAuth2 Bearer token

URL Params

Name Required? type Description

subjectThingID Yes string The thingID

Responses

200

Content-Type application/vnd.kii.ACLSubjectRetrievalResponse+json

The thing has the permission granted. The response is a JSON object containing the thingID of this subject.

404

Content-Type application/vnd.kii.ThingNotFoundException+json

The thing was not found.

Contents

Name	Type	Description
errorCode	string	Error code "THING_NOT_FOUND".
message	string	The error message.
field	string	The field used for searching the thing. This can be the "thingID" or "vendorThingID" field.
value	string	The field value used for searching the thing.
appID	string	The ID of the application.

404

Content-Type application/vnd.kii.TopicNotFoundException+json

The topic was not found.

Contents

Name	Type	Description
errorCode	string	Error code "TOPIC_NOT_FOUND".
message	string	The error message.
topicID	string	The ID of the topic that is not found
objectScope	ObjectScope	The scope of the topic

appID	string	The ID of the application.
userID	string	The ID of the user. Only provided for a user-scope bucket.
groupID	string	The ID of the group. Only provided for a group-scope bucket.
thingID	string	The ID of the thing. Only provided for a thing-scope bucket.
type	string	One of "APP", "APP_AND_USER", "APP_AND_GROUP", or "APP_AND_THING".

401

Content-Type application/vnd.kii.UnauthorizedAccessException+json

Not authorized to read the ACL of the target resource.

Contents

Name	Type	Description
errorCode	string	Error code "UNAUTHORIZED".
message	string	The error message.
authenticatedAppID	string	The authenticated appID.
authenticatedPrincipalID	string	The authenticated principal ID (userID or thingID).

PUT

/api/apps/{appID}/things/{thingID}/topics/{topicID}/acl/{ACLVerb}/ThingID:{subjectThingID}

Description

Grant the permission to perform the specified verb on the target resource to the thing.

Security

The administrator can always perform this action.
For other users, actors who can perform this action depends on the target resource:

User scope: the user.
Group scope: the group owner.
Thing scope: the thing or a thing owner.
Bucket: the scope owner.
Object: the scope owner and the object owner.
Topic: the scope owner and the topic creator.

Note

This request requires empty body.

Headers

Name Required? type Description

Authorization Yes string Authorization header. OAuth2 Bearer token

URL Params

Name Required? type Description

subjectThingID Yes string The thingID

Responses

204

Content-Type (None)

The permission has been granted successfully to the thing.

Note This response has no contents.

404

Content-Type application/vnd.kii.ThingNotFoundException+json

The thing was not found.

Contents

Name	Type	Description
errorCode	string	Error code "THING_NOT_FOUND".
message	string	The error message.
field	string	The field used for searching the thing. This can be the "thingID" or "vendorThingID" field.
value	string	The field value used for searching the thing.
appID	string	The ID of the application.

404

Content-Type application/vnd.kii.TopicNotFoundException+json

The topic was not found.

Contents

Name	Type	Description
errorCode	string	Error code "TOPIC_NOT_FOUND".
message	string	The error message.
topicID	string	The ID of the topic that is not found
objectScope	ObjectScope	The scope of the topic

appID	string	The ID of the application.
userID	string	The ID of the user. Only provided for a user-scope bucket.
groupID	string	The ID of the group. Only provided for a group-scope bucket.
thingID	string	The ID of the thing. Only provided for a thing-scope bucket.
type	string	One of "APP", "APP_AND_USER", "APP_AND_GROUP", or "APP_AND_THING".

401

Content-Type application/vnd.kii.UnauthorizedAccessException+json

Not authorized to modify the ACL of the target resource.

Contents

Name	Type	Description
errorCode	string	Error code "UNAUTHORIZED".
message	string	The error message.
authenticatedAppID	string	The authenticated appID.
authenticatedPrincipalID	string	The authenticated principal ID (userID or thingID).

409

Content-Type application/vnd.kii.ACLAlreadyExistsException+json

The thing already has the permission granted.

Contents

Name	Type	Description
errorCode	string	Error code "ACL_ALREADY_EXISTS".
message	string	The error message.

DELETE

/api/apps/{appID}/things/{thingID}/topics/{topicID}/acl/{ACLVerb}/ThingID:{subjectThingID}

Description

Revoke the permission to perform the specified verb on the target resource from the thing.

Security

The administrator can always perform this action.
For other users, actors who can perform this action depends on the target resource:

User scope: the user.
Group scope: the group owner.
Thing scope: the thing or a thing owner.
Bucket: the scope owner.
Object: the scope owner and the object owner.
Topic: the scope owner and the topic creator.

Headers

Name Required? type Description

Authorization Yes string Authorization header. OAuth2 Bearer token

URL Params

Name Required? type Description

subjectThingID Yes string The thingID

Responses

204

Content-Type (None)

The permission has been revoked successfully from the thing.

Note This response has no contents.

404

Content-Type application/vnd.kii.ThingNotFoundException+json

The thing was not found.

Contents

Name	Type	Description
errorCode	string	Error code "THING_NOT_FOUND".
message	string	The error message.
field	string	The field used for searching the thing. This can be the "thingID" or "vendorThingID" field.
value	string	The field value used for searching the thing.
appID	string	The ID of the application.

404

Content-Type application/vnd.kii.TopicNotFoundException+json

The topic was not found.

Contents

Name	Type	Description
errorCode	string	Error code "TOPIC_NOT_FOUND".
message	string	The error message.
topicID	string	The ID of the topic that is not found
objectScope	ObjectScope	The scope of the topic

appID	string	The ID of the application.
userID	string	The ID of the user. Only provided for a user-scope bucket.
groupID	string	The ID of the group. Only provided for a group-scope bucket.
thingID	string	The ID of the thing. Only provided for a thing-scope bucket.
type	string	One of "APP", "APP_AND_USER", "APP_AND_GROUP", or "APP_AND_THING".

401

Content-Type application/vnd.kii.UnauthorizedAccessException+json

Not authorized to modify the ACL of the target resource.

Contents

Name	Type	Description
errorCode	string	Error code "UNAUTHORIZED".
message	string	The error message.
authenticatedAppID	string	The authenticated appID.
authenticatedPrincipalID	string	The authenticated principal ID (userID or thingID).

404

Content-Type application/vnd.kii.ACLNotFoundException+json

Failed to revoke because the thing did not have the permission granted.

Contents

Name	Type	Description
errorCode	string	Error code "ACL_NOT_FOUND".
message	string	The error message.

409

Content-Type application/vnd.kii.OperationNotAllowedException+json

Cannot revoke an implicit ACL entry.

Contents

Name	Type	Description
errorCode	string	Error code "OPERATION_NOT_ALLOWED".
message	string	The error message.