ReBAC Admin Backend¶

The ReBAC Admin API is a REST API that provides various endpoints to query or manipulate relationships in JAAS ReBAC authorisation model.

Hint

For an explanation on Relationship-Based Access Control (ReBAC) check out this explanation topic.

Hint

As a reference on JAAS authorisation model, check out this reference topic.

OpenAPI specification¶

The OpenAPI spec can be found at this https://<jimm-deployment>/rebac/v1/swagger.json

Authentication¶

These endpoints are meant to be called from a web browser, therefore the authentication is handled via Cookies.

JAAS Implementation¶

JAAS implements a subset of the operations described in the OpenAPI spec.

Status

Entities

Notes

✅

entitlements

✅

capabilities

✅

groups

✅

resources

🟡

identities

no support for creation, update and deletion.

❌

roles

no support for roles.

❌

authentication

no support for identity provider management.

Status	Entities	Notes
✅	`entitlements`
✅	`capabilities`
✅	`groups`
✅	`resources`
🟡	`identities`	no support for creation, update and deletion.
❌	`roles`	no support for roles.
❌	`authentication`	no support for identity provider management.