Skip to main content Skip to complementary content

Security rule audit: Get audit rules

Information noteLOCKED.

This API is extremely reliable and will not be broken unless absolutely necessary.

Method

POST

Path

/qrs/systemrule/security/audit

Description

Perform an audit of the access control system. The results of the audit include:

  • Information on all security rules
  • Descriptions of the access provided by each security rule
  • If there are any errors when evaluating the rules based on resource type, a selection of users, and a selection of resources

Body

AuditParameters:

{ "resourceType": "type [string]", "resourceFilter": "resource filter [string]", "userFilter": "user filter [string]", "environmentAttributes": "type1=value1;type2=value2 [string]" "userSkip": "count [integer]", "userTake": "count [integer]", "resourceSkip": "count [integer]", "resourceTake": "count [integer]" "includeNonGrantingRules": "type [bool]", }

The environmentAttributes type is one (or several, separated by “;”) of the following:

  • OS
  • Device
  • Browser
  • RequestType
  • IP

Return value

Information noteThe audit results for all objects are returned, not just for the objects that the auditor has access to. For each object, the name and GUID are returned.

AuditResult:

{ "users": { "[GUID]": { // A user object "userId": "…", "userDirectory": "…", "name": "…", … }, "[GUID]": { … } }, "resources": { "[GUID]": { // An object of arbitrary type "…", }, "[GUID]": { … } }, "rules": { "[GUID]": { // Security rule object "type": "…", "name": "…", "rule": "…", "resourceFilter": "…", … }, "[GUID]": { … } }, "ruleApplication": [ { "userID": "[GUID]", "resourceID": "[GUID]", "ruleID": "[GUID]", "allowed": boolean, "errorAt": integer, "errorMessage": "…", "evaluationState": "evaluated/parsefailure/evaluationfailure" }, { … } ] }

Optional parameters

-

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!