rules
Creates, updates, deletes, gets or lists a rules resource.
Overview
| Name | rules |
| Type | Resource |
| Id | okta.authorizationservers.rules |
Fields
The following fields are returned by SELECT queries:
- list_authorization_server_policy_rules
- get_authorization_server_policy_rule
| Name | Datatype | Description |
|---|---|---|
id | string | Identifier of the rule |
name | string | Name of the rule |
_links | object | Specifies link relations (see Web Linking) available using the JSON Hypertext Application Language specification. This object is used for dynamic discovery of related resources and lifecycle operations. |
actions | object | |
conditions | object | |
created | string (date-time) | Timestamp when the rule was created |
lastUpdated | string (date-time) | Timestamp when the rule was last modified |
priority | integer | Priority of the rule |
status | string | Status of the rule |
system | boolean | Set to true for system rules. You can't delete system rules. |
type | string | Rule type |
| Name | Datatype | Description |
|---|---|---|
id | string | Identifier of the rule |
name | string | Name of the rule |
_links | object | Specifies link relations (see Web Linking) available using the JSON Hypertext Application Language specification. This object is used for dynamic discovery of related resources and lifecycle operations. |
actions | object | |
conditions | object | |
created | string (date-time) | Timestamp when the rule was created |
lastUpdated | string (date-time) | Timestamp when the rule was last modified |
priority | integer | Priority of the rule |
status | string | Status of the rule |
system | boolean | Set to true for system rules. You can't delete system rules. |
type | string | Rule type |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
list_authorization_server_policy_rules | select | subdomain | Lists all policy rules for the specified Custom Authorization Server and Policy | |
get_authorization_server_policy_rule | select | subdomain | Retrieves a policy rule by ruleId | |
create_authorization_server_policy_rule | insert | subdomain, data__name, data__conditions, data__type | Creates a policy rule for the specified Custom Authorization Server and Policy | |
replace_authorization_server_policy_rule | replace | subdomain, data__name, data__conditions, data__type | Replaces the configuration of the Policy Rule defined in the specified Custom Authorization Server and Policy | |
delete_authorization_server_policy_rule | delete | subdomain | Deletes a Policy Rule defined in the specified Custom Authorization Server and Policy | |
activate_authorization_server_policy_rule | exec | subdomain | Activates an authorization server policy rule | |
deactivate_authorization_server_policy_rule | exec | subdomain | Deactivates an authorization server policy rule |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
subdomain | string | The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org) |
SELECT examples
- list_authorization_server_policy_rules
- get_authorization_server_policy_rule
Lists all policy rules for the specified Custom Authorization Server and Policy
SELECT
id,
name,
_links,
actions,
conditions,
created,
lastUpdated,
priority,
status,
system,
type
FROM okta.authorizationservers.rules
WHERE subdomain = '{{ subdomain }}' -- required;
Retrieves a policy rule by ruleId
SELECT
id,
name,
_links,
actions,
conditions,
created,
lastUpdated,
priority,
status,
system,
type
FROM okta.authorizationservers.rules
WHERE subdomain = '{{ subdomain }}' -- required;
INSERT examples
- create_authorization_server_policy_rule
- Manifest
Creates a policy rule for the specified Custom Authorization Server and Policy
INSERT INTO okta.authorizationservers.rules (
data__actions,
data__conditions,
data__name,
data__priority,
data__status,
data__system,
data__type,
subdomain
)
SELECT
'{{ actions }}',
'{{ conditions }}' --required,
'{{ name }}' --required,
{{ priority }},
'{{ status }}',
{{ system }},
'{{ type }}' --required,
'{{ subdomain }}'
RETURNING
id,
name,
_links,
actions,
conditions,
created,
lastUpdated,
priority,
status,
system,
type
;
# Description fields are for documentation purposes
- name: rules
props:
- name: subdomain
value: string
description: Required parameter for the rules resource.
- name: actions
value: object
- name: conditions
value: object
- name: name
value: string
description: >
Name of the rule
- name: priority
value: integer
description: >
Priority of the rule
- name: status
value: string
description: >
Status of the rule
valid_values: ['ACTIVE', 'INACTIVE']
- name: system
value: boolean
description: >
Set to `true` for system rules. You can't delete system rules.
- name: type
value: string
description: >
Rule type
valid_values: ['RESOURCE_ACCESS']
REPLACE examples
- replace_authorization_server_policy_rule
Replaces the configuration of the Policy Rule defined in the specified Custom Authorization Server and Policy
REPLACE okta.authorizationservers.rules
SET
data__actions = '{{ actions }}',
data__conditions = '{{ conditions }}',
data__name = '{{ name }}',
data__priority = {{ priority }},
data__status = '{{ status }}',
data__system = {{ system }},
data__type = '{{ type }}'
WHERE
subdomain = '{{ subdomain }}' --required
AND data__name = '{{ name }}' --required
AND data__conditions = '{{ conditions }}' --required
AND data__type = '{{ type }}' --required
RETURNING
id,
name,
_links,
actions,
conditions,
created,
lastUpdated,
priority,
status,
system,
type;
DELETE examples
- delete_authorization_server_policy_rule
Deletes a Policy Rule defined in the specified Custom Authorization Server and Policy
DELETE FROM okta.authorizationservers.rules
WHERE subdomain = '{{ subdomain }}' --required;
Lifecycle Methods
- activate_authorization_server_policy_rule
- deactivate_authorization_server_policy_rule
Activates an authorization server policy rule
EXEC okta.authorizationservers.rules.activate_authorization_server_policy_rule
@subdomain='{{ subdomain }}' --required;
Deactivates an authorization server policy rule
EXEC okta.authorizationservers.rules.deactivate_authorization_server_policy_rule
@subdomain='{{ subdomain }}' --required;