Pure Storage · Schema
ApiClient
ApiClient schema from FlashArray REST API
StorageData StorageFlash StorageEnterprise StorageCloud StorageObject StorageFile StorageBlock StorageKubernetes StorageInfrastructure
Properties
| Name | Type | Description |
|---|---|---|
| access_policies | array | The access policies allowed for ID Tokens issued by this API client. The bearer of an access token will be authorized to perform actions within the intersection of these policies and those of the arra |
| access_token_ttl_in_ms | integer | The requested TTL (Time To Live) length of time for the exchanged access token, measured in milliseconds. |
| enabled | boolean | If `true`, the API client is permitted to exchange ID Tokens for access tokens. API clients are disabled by default. |
| id | string | The unique identifier for the associated API client. The ID represents the JWT `aud` (audience) claim in ID Tokens issued for this API client. |
| issuer | string | The name of the identity provider that will be issuing ID Tokens for this API client. This string represents the JWT `iss` (issuer) claim in ID Tokens issued for this API client. |
| key_id | string | The unique identifier for the associated public key of this API client. This string must match the JWT `kid` (key ID) claim in ID Tokens issued for this API client. |
| max_role | string | This field has been deprecated. The maximum Admin Access Policy (previously 'role') allowed for ID Tokens issued by this API client. The bearer of an access token will be authorized to perform actions |
| name | string | The API client name. |
| public_key | string | The API client's PEM formatted (Base64 encoded) RSA public key. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"title": "ApiClient",
"description": "ApiClient schema from FlashArray REST API",
"$id": "https://raw.githubusercontent.com/api-evangelist/pure-storage/refs/heads/main/json-schema/flasharray-rest-api-api-client-schema.json",
"type": "object",
"properties": {
"access_policies": {
"description": "The access policies allowed for ID Tokens issued by this API client.\nThe bearer of an access token will be authorized to perform actions\nwithin the intersection of these policies and those of the array\nuser specified as the JWT `sub` (subject) claim.\n",
"type": "array",
"readOnly": true,
"items": {
"allOf": [
{
"$ref": "#/components/schemas/_fixedReference"
},
{
"type": "object",
"properties": {
"resource_type": {
"description": "Type of the object (full name of the endpoint).\nValid values are the unique part of the resource's REST endpoint.\nFor example, a reference to a file system would have a\n`resource_type` of `file-systems`.\n",
"type": "string",
"readOnly": true
}
}
}
],
"x-aliases": [
"_fixedReference"
]
}
},
"access_token_ttl_in_ms": {
"description": "The requested TTL (Time To Live) length of time for the exchanged access token,\nmeasured in milliseconds.\n",
"type": "integer",
"format": "int64",
"readOnly": true,
"example": 15000,
"x-minimum": 1000,
"x-maximum": 86400000
},
"enabled": {
"description": "If `true`, the API client is permitted to exchange ID Tokens for access tokens.\nAPI clients are disabled by default.\n",
"type": "boolean",
"readOnly": true,
"example": true
},
"id": {
"description": "The unique identifier for the associated API client.\nThe ID represents the JWT `aud` (audience) claim in ID Tokens issued for this API client.\n",
"type": "string",
"readOnly": true,
"example": "6207d123-d123-0b5c-5fa1-95fabc5c7123"
},
"issuer": {
"description": "The name of the identity provider that will be issuing ID Tokens for this API client.\nThis string represents the JWT `iss` (issuer) claim in ID Tokens issued for this API client.\n",
"type": "string",
"readOnly": true,
"example": "https://purestorage.idp.okta.com"
},
"key_id": {
"description": "The unique identifier for the associated public key of this API client.\nThis string must match the JWT `kid` (key ID) claim in ID Tokens issued for this API client.\n",
"type": "string",
"readOnly": true,
"example": "6207d123-d123-0b5c-5fa1-95fabc5c7123"
},
"max_role": {
"description": "This field has been deprecated.\nThe maximum Admin Access Policy (previously 'role') allowed for ID\nTokens issued by this API client. The bearer of an access token will be\nauthorized to perform actions within the intersection of this policy and\nthat of the array user specified as the JWT `sub` (subject) claim.\n`max_role` is deprecated in favor of `access_policies`, but remains for backwards\ncompatibility. If a client has exactly one access policy which corresponds to a\nvalid legacy role of the same name, `max_role` will be the name of that policy.\nOtherwise, it will be null.\n",
"type": "string",
"readOnly": true,
"example": "storage_admin"
},
"name": {
"description": "The API client name.\n",
"type": "string",
"readOnly": true,
"example": "NightlyStatsAggregationScript"
},
"public_key": {
"description": "The API client's PEM formatted (Base64 encoded) RSA public key.\n",
"type": "string",
"readOnly": true,
"example": "-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArSe6chh1JzME9svOKjU0\neKTm8S23Ok3Vr2bWuPri/YHfLrlnRwWoCt+st0/BebKSJ+fQUWOaLlqpZQKpI8oR\ngJ9sWmwGibVG8cTuz7XMkskx9bsm/bjIenuB4W+s3g0BCsi9930mfdKgJgFzY69O\nnLh7d7hAFcmhSJa945PryQZpvJ/U4Ue5F4d+WXgEJ0SoSRaZ6bbeMPhcbMHTzTum\n2ZrPBkK5cqPYitaso6BXeAlqNQPw4Kbu4Ugm0CTogrtImkwoonWDDP34XMOq+u7q\nsNTbJSvDKMTM1RPPrTWCaLiuZkdLVEVesZ9/8+XUMIgBTElwQJDCAQer03MJzqRr\n1eCZGgLfDuYqwMG2MFaAX7kgqBwwyqRTd6MxaQxt2nkdfwiXSY71llzEQ23g3T+1\n64zjwAL5f+dtu8PkGF7IdU2T8P2Qk9bG9pckwZHWYkBK77BAk5jbmSzsKGZgRb2R\n1E+TWDKIaveFhQp251j/C5wkZwMXgjOzN+BOPo+OiLBGUl+jRybWA9f7Vq1MEdf6\nSEdLiqYrXcZERkYBMieLXAfdtaztAIb96cUu+OKMSLDk+D0GHkUfm7lEbDK3ew1+\nD6z+BnxDyH6oqZzz4lS2kPLBLsc+6pdTGuKLf0S9YuLiqJe659AdwU8+X/3KtwNd\nFVJSaxdFbWx0nj3hJqFkIO8CAwEAAQ==\n-----END PUBLIC KEY-----\n"
}
}
}