FusionAuth developer image
FusionAuth developer logo
  • Back to site
  • Expert Advice
  • Blog
  • Developers
  • Downloads
  • Account
  • Contact sales
Navigate to...
  • Welcome
  • Getting Started
    • Getting Started
    • 5-minute Setup Guide
      • Overview
      • Docker
      • Fast Path
      • Sandbox
    • Setup Wizard & First Login
    • Register a User and Login
    • Self-service Registration
    • Start and Stop FusionAuth
    • Core Concepts
      • Overview
      • Users
      • Roles
      • Groups
      • Registrations
      • Applications
      • Tenants
      • Identity Providers
      • Authentication/Authorization
      • Integration Points
    • Example Apps
      • Overview
      • Dart
      • Go
      • Java
      • JavaScript
      • .NET Core
      • PHP
      • Python
      • Ruby
    • Tutorials
      • Overview
      • Java Spring
      • Python Django
  • Installation Guide
    • Overview
    • System Requirements
    • Server Layout
    • Cloud
    • Cluster
    • Docker
    • Fast Path
    • Kubernetes
      • Overview
      • Deployment Guide
      • Minikube Setup
      • Amazon EKS Setup
      • Google GKE Setup
      • Microsoft AKS Setup
    • Kickstart™
    • Homebrew
    • Marketplaces
    • Packages
    • Database
    • FusionAuth App
    • FusionAuth Search
    • Common Configuration
  • Migration Guide
    • Overview
    • General
    • Auth0
    • Keycloak
    • Amazon Cognito
    • Firebase
    • Microsoft Azure AD B2C
    • Tutorial
  • Admin Guide
    • Overview
    • Account Portal
    • Config Management
    • Editions and Features
    • Key Rotation
    • Licensing
    • Monitoring
    • Prometheus Setup
    • Proxy Setup
    • Reference
      • Overview
      • Configuration
      • CORS
      • Data Types
      • Hosted Login Pages Cookies
      • Known Limitations
      • Password Hashes
    • Releases
    • Roadmap
    • Search And FusionAuth
    • Securing
    • Switch Search Engines
    • Technical Support
    • Troubleshooting
    • Upgrading
    • WebAuthn
  • Login Methods
    • Identity Providers
      • Overview
      • Apple
      • Epic Games
      • External JWT
        • Overview
        • Example
      • Facebook
      • Google
      • HYPR
      • LinkedIn
      • Nintendo
      • OpenID Connect
        • Overview
        • Amazon Cognito
        • Azure AD
        • Discord
        • Github
        • Okta
      • Sony PlayStation Network
      • Steam
      • Twitch
      • Twitter
      • SAML v2
        • Overview
        • ADFS
        • Azure AD
        • Okta
      • SAML v2 IdP Initiated
        • Overview
        • Okta
      • Xbox
    • OIDC & OAuth 2.0
      • Overview
      • Endpoints
      • Tokens
      • OAuth Modes
      • URL Validation
    • Passwordless
      • Overview
      • Magic Links
      • WebAuthn & Passkeys
    • SAML v2 IdP
      • Overview
      • Google
      • PagerDuty
      • Tableau Cloud
      • Zendesk
  • Developer Guide
    • Overview
    • API Gateways
      • Overview
      • Amazon API Gateway
      • Kong Gateway
      • ngrok Cloud Edge
    • Client Libraries & SDKs
      • Overview
      • Dart
      • Go
      • Java
      • JavaScript
      • .NET Core
      • Node
      • OpenAPI
      • PHP
      • Python
      • React
      • Ruby
      • Typescript
    • Events & Webhooks
      • Overview
      • Writing a Webhook
      • Securing Webhooks
      • Events
        • Overview
        • Audit Log Create
        • Event Log Create
        • JWT Public Key Update
        • JWT Refresh
        • JWT Refresh Token Revoke
        • Kickstart Success
        • Group Create
        • Group Create Complete
        • Group Delete
        • Group Delete Complete
        • Group Update
        • Group Update Complete
        • Group Member Add
        • Group Member Add Complete
        • Group Member Remove
        • Group Member Remove Complete
        • Group Member Update
        • Group Member Update Complete
        • User Action
        • User Bulk Create
        • User Create
        • User Create Complete
        • User Deactivate
        • User Delete
        • User Delete Complete
        • User Email Update
        • User Email Verified
        • User IdP Link
        • User IdP Unlink
        • User Login Failed
        • User Login Id Dup. Create
        • User Login Id Dup. Update
        • User Login New Device
        • User Login Success
        • User Login Suspicious
        • User Password Breach
        • User Password Reset Send
        • User Password Reset Start
        • User Password Reset Success
        • User Password Update
        • User Reactivate
        • User Reg. Create
        • User Reg. Create Complete
        • User Reg. Delete
        • User Reg. Delete Complete
        • User Registration Update
        • User Reg. Update Complete
        • User Reg. Verified
        • User 2FA Method Add
        • User 2FA Method Remove
        • User Update
        • User Update Complete
    • Guides
      • Overview
      • Application Specific Email Templates
      • Authentication Tokens
      • Exposing A Local Instance
      • JSON Web Tokens
      • Key Master
      • Localization and Internationalization
      • Multi-Factor Authentication
      • Multi-Tenant
      • Passwordless
      • Registration-based Email Verification
      • Searching With Elasticsearch
      • Securing Your APIs
      • Silent Mode
      • Single Sign-on
      • Two Factor (pre 1.26)
    • Integrations
      • Overview
      • CleanSpeak
      • Kafka
      • Twilio
    • Plugins
      • Overview
      • Writing a Plugin
      • Custom Password Hashing
    • User Control & Gating
      • Overview
      • Gate Unverified Users
      • Gate Unverified Registrations
      • User Account Lockout
  • Customization
    • Email & Templates
      • Overview
      • Configure Email
      • Email Templates
      • Email Variables
      • Message Templates
    • Lambdas
      • Overview
      • Apple Reconcile
      • Client Cred. JWT Populate
      • Epic Games Reconcile
      • External JWT Reconcile
      • Facebook Reconcile
      • Google Reconcile
      • HYPR Reconcile
      • JWT Populate
      • LDAP Connector Reconcile
      • LinkedIn Reconcile
      • Nintendo Reconcile
      • OpenID Connect Reconcile
      • SAML v2 Populate
      • SAML v2 Reconcile
      • SCIM Group Req. Converter
      • SCIM Group Resp. Convtr.
      • SCIM User Req. Converter
      • SCIM User Resp. Converter
      • Self-Service Registration
      • Sony PSN Reconcile
      • Steam Reconcile
      • Twitch Reconcile
      • Twitter Reconcile
      • Xbox Reconcile
    • Messengers
      • Overview
      • Generic Messenger
      • Twilio Messenger
    • Themes
      • Overview
      • Examples
      • Helpers
      • Localization
      • Template Variables
      • Kickstart Custom Theme
  • Premium Features
    • Overview
    • Advanced Registration Forms
    • Advanced Threat Detection
    • Application Specific Themes
    • Breached Password Detection
    • Connectors
      • Overview
      • Generic Connector
      • LDAP Connector
      • FusionAuth Connector
    • Entity Management
    • SCIM
      • Overview
      • Azure AD Client
      • Okta Client
      • SCIM-SDK
    • Self Service Account Mgmt
      • Overview
      • Updating User Data & Password
      • Add Two-Factor Authenticator
      • Add Two-Factor Email
      • Add Two-Factor SMS
      • Add WebAuthn Passkey
      • Customizing
      • Troubleshooting
    • WebAuthn
  • APIs
    • Overview
    • Authentication
    • Errors
    • API Explorer
    • Actioning Users
    • API Keys
    • Applications
    • Audit Logs
    • Connectors
      • Overview
      • Generic
      • LDAP
    • Consents
    • Emails
    • Entity Management
      • Overview
      • Entities
      • Entity Types
      • Grants
    • Event Logs
    • Families
    • Forms
    • Form Fields
    • Groups
    • Identity Providers
      • Overview
      • Links
      • Apple
      • External JWT
      • Epic Games
      • Facebook
      • Google
      • HYPR
      • LinkedIn
      • Nintendo
      • OpenID Connect
      • SAML v2
      • SAML v2 IdP Initiated
      • Sony PlayStation Network
      • Steam
      • Twitch
      • Twitter
      • Xbox
    • Integrations
    • IP Access Control Lists
    • JWT
    • Keys
    • Lambdas
    • Login
    • Message Templates
    • Messengers
      • Overview
      • Generic
      • Twilio
    • Multi-Factor/Two Factor
    • Passwordless
    • Reactor
    • Registrations
    • Reports
    • SCIM
      • Overview
      • SCIM User
      • SCIM Group
      • SCIM EnterpriseUser
      • SCIM Service Provider Config.
    • System
    • Tenants
    • Themes
    • Users
    • User Actions
    • User Action Reasons
    • User Comments
    • WebAuthn
    • Webhooks
  • Release Notes

    Entity Types APIs

    FusionAuth Reactor logo

    This feature is only available in paid plans. Please visit our pricing page to learn more.

    Overview

    This API has been available since 1.26.0

    This page contains the APIs for managing Entity Types. Here are the APIs:

    • Create an Entity Type

    • Retrieve an Entity Type

    • Update an Entity Type

    • Delete an Entity Type

    • Search for an Entity Type

    • Create an Entity Type Permission

    • Update an Entity Type Permission

    • Delete an Entity Type Permission

    Create an Entity Type

    This API is used to create an Entity Type. Specifying an Id on the URI will instruct FusionAuth to use that Id when creating the Entity Type. Otherwise, FusionAuth will generate an Id for the Entity Type.

    Request

    Create an Entity Type without providing an Id. An Id will be automatically generated.

    URI

    POST /api/entity/type

    Create an Entity Type with the provided Id

    URI

    POST /api/entity/type/{entityTypeId}

    Request Parameters

    entityTypeId [UUID] Optional defaults to secure random UUID

    The Id to use for the new Entity Type. If not specified a secure random UUID will be generated.

    Request Body

    entityType.data [Object] Optional

    An object that can hold any information about the Entity Type that should be persisted.

    entityType.jwtConfiguration.accessTokenKeyId [UUID] Optional

    The unique id of the signing key used to sign the access token.

    Required when enabled is set to true.

    entityType.jwtConfiguration.enabled [Boolean] Optional defaults to false

    Indicates if this application is using the JWT configuration defined here or the global JWT configuration defined by the Tenant. If this is false the signing algorithm configured in the Tenant will be used. If true the signing algorithm defined in this application will be used.

    entityType.jwtConfiguration.timeToLiveInSeconds [Integer] Optional

    The length of time in seconds the JWT will live before it is expired and no longer valid.

    Required when enabled is set to true.

    entityType.name [String] Required

    A descriptive name for the entity type (i.e. "Customer" or "Email_Service").

    Example Request JSON
    
    {
      "entityType": {
        "name": "Customer",
        "data": {
          "createdBy": "jared@fusionauth.io"
        },
        "jwtConfiguration": {
          "accessTokenKeyId": "a7516c7c-6234-4021-b0b4-8870c807aeb2",
          "enabled": true,
          "timeToLiveInSeconds": 3600
        }
      }
    }

    Response

    The response for this API contains the information for the Entity Type that was created.

    Table 1. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    503

    The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

    Response Body

    entityType.data [Object]

    An object that can hold any information about the Entity Type that should be persisted.

    entityType.id [UUID]

    The Entity Type’s unique Id.

    entityType.insertInstant [Long]

    The instant that the Entity Type was added to the FusionAuth database.

    entityType.jwtConfiguration.accessTokenKeyId [UUID]

    The unique id of the signing key used to sign the access token.

    entityType.jwtConfiguration.enabled [Boolean]

    Indicates if this application is using the JWT configuration defined here.

    entityType.jwtConfiguration.timeToLiveInSeconds [Integer]

    The length of time in seconds the JWT will live before it is expired and no longer valid.

    entityType.lastUpdateInstant [Long]

    The instant that the Entity Type was last updated in the FusionAuth database.

    entityType.name [String]

    The name of the entity type (i.e. "Customer" or "Email_Service").

    entityType.permissions [Array]

    An array of Permission objects.

    entityType.permissions[x].data [Object]

    An object that can hold any information about the Permission that should be persisted.

    entityType.permissions[x].description [String]

    A description of the Permission.

    entityType.permissions[x].id [UUID]

    The Id of the Permission.

    entityType.permissions[x].insertInstant [Long]

    The instant that the Permission was added to the FusionAuth database.

    entityType.permissions[x].isDefault [Boolean]

    Whether or not the Permission is default. A default Permission is automatically assigned to an Entity if no permissions are provided.

    entityType.permissions[x].lastUpdateInstant [Long]

    The instant that the Permission was last updated in the FusionAuth database.

    entityType.permissions[x].name [String]

    The name of the Permission.

    Example Response JSON for a Single Entity Type
    
    {
      "entityType": {
        "data": {
          "createdBy": "jared@fusionauth.io"
        },
        "id": "8174f72f-5ecd-4eae-8de8-7fef597b3473",
        "insertInstant": 1595361142909,
        "jwtConfiguration": {
          "accessTokenKeyId": "a7516c7c-6234-4021-b0b4-8870c807aeb2",
          "enabled": true,
          "timeToLiveInSeconds": 3600
        },
        "lastUpdateInstant": 1595361143101,
        "name": "Customer",
        "permissions": [
          {
            "data": {
              "foo": "bar"
            },
            "id": "ce485a91-906f-4615-af75-81d37dc71e90",
            "insertInstant": 1595361142909,
            "isDefault": false,
            "lastUpdateInstant": 1595361143101,
            "name": "admin"
          },
          {
            "id": "ce485a91-906f-4615-af75-81d37dc71e91",
            "isDefault": true,
            "insertInstant": 1595361142911,
            "lastUpdateInstant": 1595361143111,
            "name": "user"
          }
        ]
      }
    }

    Retrieve an Entity Type

    This API is used to retrieve one or all of the configured Entity Types. Specifying an Id on the URI will retrieve a single Entity Type. Leaving off the Id will retrieve all of the Entity Types.

    Request

    Retrieve all of the Entity Types

    URI

    GET /api/entity/type

    Retrieve a single Entity Type by Id

    URI

    GET /api/entity/type/{entityTypeId}

    Request Parameters

    entityTypeId [UUID] Optional

    The Id of the Entity Type to retrieve.

    Response

    The response for this API contains either a single Entity Type or all of the Entity Types. When you call this API with an Id the response will contain just that Entity Type. When you call this API without an Id the response will contain all of the Entity Types. Both response types are defined below along with an example JSON response.

    Table 2. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    404

    The object you requested doesn’t exist. The response will be empty.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    503

    The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

    Response Body

    entityType.data [Object]

    An object that can hold any information about the Entity Type that should be persisted.

    entityType.id [UUID]

    The Entity Type’s unique Id.

    entityType.insertInstant [Long]

    The instant that the Entity Type was added to the FusionAuth database.

    entityType.jwtConfiguration.accessTokenKeyId [UUID]

    The unique id of the signing key used to sign the access token.

    entityType.jwtConfiguration.enabled [Boolean]

    Indicates if this application is using the JWT configuration defined here.

    entityType.jwtConfiguration.timeToLiveInSeconds [Integer]

    The length of time in seconds the JWT will live before it is expired and no longer valid.

    entityType.lastUpdateInstant [Long]

    The instant that the Entity Type was last updated in the FusionAuth database.

    entityType.name [String]

    The name of the entity type (i.e. "Customer" or "Email_Service").

    entityType.permissions [Array]

    An array of Permission objects.

    entityType.permissions[x].data [Object]

    An object that can hold any information about the Permission that should be persisted.

    entityType.permissions[x].description [String]

    A description of the Permission.

    entityType.permissions[x].id [UUID]

    The Id of the Permission.

    entityType.permissions[x].insertInstant [Long]

    The instant that the Permission was added to the FusionAuth database.

    entityType.permissions[x].isDefault [Boolean]

    Whether or not the Permission is default. A default Permission is automatically assigned to an Entity if no permissions are provided.

    entityType.permissions[x].lastUpdateInstant [Long]

    The instant that the Permission was last updated in the FusionAuth database.

    entityType.permissions[x].name [String]

    The name of the Permission.

    Example Response JSON for a Single Entity Type
    
    {
      "entityType": {
        "data": {
          "createdBy": "jared@fusionauth.io"
        },
        "id": "8174f72f-5ecd-4eae-8de8-7fef597b3473",
        "insertInstant": 1595361142909,
        "jwtConfiguration": {
          "accessTokenKeyId": "a7516c7c-6234-4021-b0b4-8870c807aeb2",
          "enabled": true,
          "timeToLiveInSeconds": 3600
        },
        "lastUpdateInstant": 1595361143101,
        "name": "Customer",
        "permissions": [
          {
            "data": {
              "foo": "bar"
            },
            "id": "ce485a91-906f-4615-af75-81d37dc71e90",
            "insertInstant": 1595361142909,
            "isDefault": false,
            "lastUpdateInstant": 1595361143101,
            "name": "admin"
          },
          {
            "id": "ce485a91-906f-4615-af75-81d37dc71e91",
            "isDefault": true,
            "insertInstant": 1595361142911,
            "lastUpdateInstant": 1595361143111,
            "name": "user"
          }
        ]
      }
    }

    Response Body

    entityTypes[x] [Array]

    The list of EntityType objects.

    entityTypes[x].data [Object]

    An object that can hold any information about the Entity Type that should be persisted.

    entityTypes[x].id [UUID]

    The Entity Type’s unique Id.

    entityTypes[x].insertInstant [Long]

    The instant that the Entity Type was added to the FusionAuth database.

    entityTypes[x].jwtConfiguration.accessTokenKeyId [UUID]

    The unique id of the signing key used to sign the access token.

    entityTypes[x].jwtConfiguration.enabled [Boolean]

    Indicates if this application is using the JWT configuration defined here.

    entityTypes[x].jwtConfiguration.timeToLiveInSeconds [Integer]

    The length of time in seconds the JWT will live before it is expired and no longer valid.

    entityTypes[x].lastUpdateInstant [Long]

    The instant that the Entity Type was last updated in the FusionAuth database.

    entityTypes[x].name [String]

    The name of the entity type (i.e. "Customer" or "Email_Service").

    entityTypes[x].permissions [Array]

    An array of Permission objects.

    entityTypes[x].permissions[x].data [Object]

    An object that can hold any information about the Permission that should be persisted.

    entityTypes[x].permissions[x].description [String]

    A description of the Permission.

    entityTypes[x].permissions[x].id [UUID]

    The Id of the Permission.

    entityTypes[x].permissions[x].insertInstant [Long]

    The instant that the Permission was added to the FusionAuth database.

    entityTypes[x].permissions[x].isDefault [Boolean]

    Whether or not the Permission is default. A default Permission is automatically assigned to an Entity if no permissions are provided.

    entityTypes[x].permissions[x].lastUpdateInstant [Long]

    The instant that the Permission was last updated in the FusionAuth database.

    entityTypes[x].permissions[x].name [String]

    The name of the Permission.

    Example Response JSON for all Entity Types
    
    {
      "entityTypes": [
        {
          "entityType": {
            "data": {
              "createdBy": "jared@fusionauth.io"
            },
            "id": "8174f72f-5ecd-4eae-8de8-7fef597b3473",
            "insertInstant": 1595361142909,
            "jwtConfiguration": {
              "accessTokenKeyId": "a7516c7c-6234-4021-b0b4-8870c807aeb2",
              "enabled": true,
              "timeToLiveInSeconds": 3600
            },
            "lastUpdateInstant": 1595361143101,
            "name": "Customer",
            "permissions": [
              {
                "data": {
                  "foo": "bar"
                },
                "id": "ce485a91-906f-4615-af75-81d37dc71e90",
                "insertInstant": 1595361142909,
                "isDefault": false,
                "lastUpdateInstant": 1595361143101,
                "name": "admin"
              },
              {
                "id": "ce485a91-906f-4615-af75-81d37dc71e91",
                "isDefault": true,
                "insertInstant": 1595361142911,
                "lastUpdateInstant": 1595361143111,
                "name": "user"
              }
            ]
          }
        }
      ]
    }

    Update an Entity Type

    This API is used to update an existing Entity Type.

    You must specify the Id of the Entity Type you are updating on the URI.

    You must specify all of the properties of the Entity Type when calling this API with the PUT HTTP method. When used with PUT, this API doesn’t merge the existing Entity Type and your new data. It replaces the existing Entity Type with your new data.

    Utilize the PATCH HTTP method to send specific changes to merge into an existing Entity Type.

    Request

    Update an Entity Type by Id

    URI

    PUT /api/entity/type/{entityTypeId}

    PATCH /api/entity/type/{entityTypeId}

    Available since 1.39.0

    When using the PATCH method, you can either use the same request body documentation that is provided for the PUT request for backward compatibility. Or you may use either JSON Patch/RFC 6902 or JSON Merge Patch/RFC 7396. See the PATCH documentation for more information.

    Available since 1.12.0

    When using the PATCH method, use the same request body documentation that is provided for the PUT request. The PATCH method will merge the provided request parameters into the existing object, this means all parameters are optional when using the PATCH method and you only provide the values you want changed. A null value can be used to remove a value. Patching an Array will result in all values from the new list being appended to the existing list, this is a known limitation to the current implementation of PATCH.

     

    Request Parameters

    entityTypeId [UUID] Required

    The Id of the Entity Type to update.

    Request Body

    entityType.data [Object] Optional

    An object that can hold any information about the Entity Type that should be persisted.

    entityType.jwtConfiguration.accessTokenKeyId [UUID] Optional

    The unique id of the signing key used to sign the access token.

    Required when enabled is set to true.

    entityType.jwtConfiguration.enabled [Boolean] Optional defaults to false

    Indicates if this application is using the JWT configuration defined here or the global JWT configuration defined by the Tenant. If this is false the signing algorithm configured in the Tenant will be used. If true the signing algorithm defined in this application will be used.

    entityType.jwtConfiguration.timeToLiveInSeconds [Integer] Optional

    The length of time in seconds the JWT will live before it is expired and no longer valid.

    Required when enabled is set to true.

    entityType.name [String] Required

    A descriptive name for the entity type (i.e. "Customer" or "Email_Service").

    Example Request JSON
    
    {
      "entityType": {
        "name": "Customer",
        "data": {
          "createdBy": "jared@fusionauth.io"
        },
        "jwtConfiguration": {
          "accessTokenKeyId": "a7516c7c-6234-4021-b0b4-8870c807aeb2",
          "enabled": true,
          "timeToLiveInSeconds": 3600
        }
      }
    }

    Response

    The response for this API contains the new information for the Entity Type that was updated.

    Table 3. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    404

    The object you are trying to update doesn’t exist. The response will be empty.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    503

    The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

    Response Body

    entityType.data [Object]

    An object that can hold any information about the Entity Type that should be persisted.

    entityType.id [UUID]

    The Entity Type’s unique Id.

    entityType.insertInstant [Long]

    The instant that the Entity Type was added to the FusionAuth database.

    entityType.jwtConfiguration.accessTokenKeyId [UUID]

    The unique id of the signing key used to sign the access token.

    entityType.jwtConfiguration.enabled [Boolean]

    Indicates if this application is using the JWT configuration defined here.

    entityType.jwtConfiguration.timeToLiveInSeconds [Integer]

    The length of time in seconds the JWT will live before it is expired and no longer valid.

    entityType.lastUpdateInstant [Long]

    The instant that the Entity Type was last updated in the FusionAuth database.

    entityType.name [String]

    The name of the entity type (i.e. "Customer" or "Email_Service").

    entityType.permissions [Array]

    An array of Permission objects.

    entityType.permissions[x].data [Object]

    An object that can hold any information about the Permission that should be persisted.

    entityType.permissions[x].description [String]

    A description of the Permission.

    entityType.permissions[x].id [UUID]

    The Id of the Permission.

    entityType.permissions[x].insertInstant [Long]

    The instant that the Permission was added to the FusionAuth database.

    entityType.permissions[x].isDefault [Boolean]

    Whether or not the Permission is default. A default Permission is automatically assigned to an Entity if no permissions are provided.

    entityType.permissions[x].lastUpdateInstant [Long]

    The instant that the Permission was last updated in the FusionAuth database.

    entityType.permissions[x].name [String]

    The name of the Permission.

    Example Response JSON for a Single Entity Type
    
    {
      "entityType": {
        "data": {
          "createdBy": "jared@fusionauth.io"
        },
        "id": "8174f72f-5ecd-4eae-8de8-7fef597b3473",
        "insertInstant": 1595361142909,
        "jwtConfiguration": {
          "accessTokenKeyId": "a7516c7c-6234-4021-b0b4-8870c807aeb2",
          "enabled": true,
          "timeToLiveInSeconds": 3600
        },
        "lastUpdateInstant": 1595361143101,
        "name": "Customer",
        "permissions": [
          {
            "data": {
              "foo": "bar"
            },
            "id": "ce485a91-906f-4615-af75-81d37dc71e90",
            "insertInstant": 1595361142909,
            "isDefault": false,
            "lastUpdateInstant": 1595361143101,
            "name": "admin"
          },
          {
            "id": "ce485a91-906f-4615-af75-81d37dc71e91",
            "isDefault": true,
            "insertInstant": 1595361142911,
            "lastUpdateInstant": 1595361143111,
            "name": "user"
          }
        ]
      }
    }

    Delete an Entity Type

    This API is used to delete an Entity Type. You must specify the Id of the Entity Type on the URI.

    Request

    Delete an Entity Type By Id

    URI

    DELETE /api/entity/type/{entityTypeId}

    Request Parameters

    entityTypeId [UUID] Required

    The Id of the Entity Type to delete.

    Response

    This API does not return a JSON response body.

    Table 4. Response Codes
    Code Description

    200

    The request was successful. The response will be empty.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    404

    The object you are trying to delete doesn’t exist. The response will be empty.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    503

    The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

    Search for an Entity Type

    This API is used to search for matching Entity Types.

    Request

    Search Entity Types

    URI

    GET /api/entity/type/search?name={name}

    Request Parameters

    name [String] Required

    The name of the Entity Type for which to search.

    The search matches against the name field and any entity type matching. The match is case-insensitive, and you may not search by prefix or suffix. Whitespace is not allowed in the search. Regular expressions may not be used. A value of * will match all records.

    numberOfResults [Integer] Optional defaults to 25

    The number of results to return from the search.

    orderBy [String] Optional defaults to name ASC

    The database column to order the search results on plus the order direction.

    The columns you can use for this are:

    • insertInstant - the instant when the Entity Type was created

    • lastUpdateInstant - the instant when the Entity Type was last updated

    • name - the name of the Entity Type

      For example, to order the results by the insert instant in a descending order, the value would be provided as insertInstant DESC. The final string is optional can be set to ASC or DESC.

    startRow [Integer] Optional defaults to 0

    The offset into the total results. In order to paginate the results, increment this value by the numberOfResults for subsequent requests.

    Response

    The response for this API contains the Entity Type matching the search criteria in paginated format.

    Table 5. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    404

    The object you requested doesn’t exist. The response will be empty.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    Response Body

    entityTypes[x] [Array]

    The list of EntityType objects.

    entityTypes[x].data [Object]

    An object that can hold any information about the Entity Type that should be persisted.

    entityTypes[x].id [UUID]

    The Entity Type’s unique Id.

    entityTypes[x].insertInstant [Long]

    The instant that the Entity Type was added to the FusionAuth database.

    entityTypes[x].jwtConfiguration.accessTokenKeyId [UUID]

    The unique id of the signing key used to sign the access token.

    entityTypes[x].jwtConfiguration.enabled [Boolean]

    Indicates if this application is using the JWT configuration defined here.

    entityTypes[x].jwtConfiguration.timeToLiveInSeconds [Integer]

    The length of time in seconds the JWT will live before it is expired and no longer valid.

    entityTypes[x].lastUpdateInstant [Long]

    The instant that the Entity Type was last updated in the FusionAuth database.

    entityTypes[x].name [String]

    The name of the entity type (i.e. "Customer" or "Email_Service").

    entityTypes[x].permissions [Array]

    An array of Permission objects.

    entityTypes[x].permissions[x].data [Object]

    An object that can hold any information about the Permission that should be persisted.

    entityTypes[x].permissions[x].description [String]

    A description of the Permission.

    entityTypes[x].permissions[x].id [UUID]

    The Id of the Permission.

    entityTypes[x].permissions[x].insertInstant [Long]

    The instant that the Permission was added to the FusionAuth database.

    entityTypes[x].permissions[x].isDefault [Boolean]

    Whether or not the Permission is default. A default Permission is automatically assigned to an Entity if no permissions are provided.

    entityTypes[x].permissions[x].lastUpdateInstant [Long]

    The instant that the Permission was last updated in the FusionAuth database.

    entityTypes[x].permissions[x].name [String]

    The name of the Permission.

    Example Response JSON for all Entity Types
    
    {
      "entityTypes": [
        {
          "entityType": {
            "data": {
              "createdBy": "jared@fusionauth.io"
            },
            "id": "8174f72f-5ecd-4eae-8de8-7fef597b3473",
            "insertInstant": 1595361142909,
            "jwtConfiguration": {
              "accessTokenKeyId": "a7516c7c-6234-4021-b0b4-8870c807aeb2",
              "enabled": true,
              "timeToLiveInSeconds": 3600
            },
            "lastUpdateInstant": 1595361143101,
            "name": "Customer",
            "permissions": [
              {
                "data": {
                  "foo": "bar"
                },
                "id": "ce485a91-906f-4615-af75-81d37dc71e90",
                "insertInstant": 1595361142909,
                "isDefault": false,
                "lastUpdateInstant": 1595361143101,
                "name": "admin"
              },
              {
                "id": "ce485a91-906f-4615-af75-81d37dc71e91",
                "isDefault": true,
                "insertInstant": 1595361142911,
                "lastUpdateInstant": 1595361143111,
                "name": "user"
              }
            ]
          }
        }
      ]
    }

    Create an Entity Type Permission

    This API is used to create a permission for an Entity Type. Specifying an Id on the URI will instruct FusionAuth to use that Id when creating the permission. Otherwise, FusionAuth will generate an Id for the permission.

    Request

    Create a Permission with a generated Id

    URI

    POST /api/entityType/{entityTypeId}/permission

    Create a Permission with a given Id

    URI

    POST /api/entityType/{entityTypeId}/permission/{permissionId}

    Request Parameters

    entityTypeId [UUID] Required

    The Id of the Entity Type.

    permissionId [UUID] Optional defaults to secure random UUID

    The Id to use for the new permission. If not specified a secure random UUID will be generated.

    Request Body

    permission.data [Object] Optional

    An object that can hold any information about the Permission that should be persisted.

    permission.description [String] Optional

    The description of the Permission.

    permission.isDefault [Boolean] Optional defaults to false

    Whether or not the Permission is a default permission. A default permission is automatically granted to an entity of this type if no permissions are provided in a grant request.

    permission.name [String] Required

    The name of the Permission. Once created, this field cannot be changed.

    Example Request JSON
    
    {
      "permission": {
        "data": {
          "foo": "bar"
        },
        "description": "The permission description",
        "isDefault": true,
        "name": "read"
      }
    }

    Response

    The response for this API contains the information for the permission that was created.

    Table 6. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    Response Body

    permission.data [Object]

    An object that can hold any information about the Permission that should be persisted.

    permission.description [String]

    The description of the Permission.

    permission.id [UUID]

    The Id of the Permission.

    permission.isDefault [Boolean]

    Whether or not the Permission is a default permission. A default permission is automatically granted to an entity of this type if no permissions are provided in a grant request.

    permission.insertInstant [Long]

    The instant that the Permission was added to the FusionAuth database.

    permission.lastUpdateInstant [Long]

    The instant that the Permission was updated in the FusionAuth database.

    permission.name [String]

    The name of the Permission. Once created, this field cannot be changed.

    Example Response JSON
    
    {
      "permission": {
        "data": {
          "foo": "bar"
        },
        "description": "The permission description",
        "id": "ce485a91-906f-4615-af75-81d37dc71e90",
        "insertInstant": 1595361142909,
        "isDefault": true,
        "lastUpdateInstant": 1595361143101,
        "name": "read"
      }
    }

    Update an Entity Type Permission

    This API is used to update an existing Entity Type permission. You must specify the Entity Type Id and the permission Id on the URI to identify the permission that is being updated.

    Request

    Update an Entity Type Permission by Id

    URI

    PUT /api/entityType/{entityTypeId}/permission/{permissionId}

    PATCH /api/entityType/{entityTypeId}/permission/{permissionId}

    Available since 1.39.0

    When using the PATCH method, you can either use the same request body documentation that is provided for the PUT request for backward compatibility. Or you may use either JSON Patch/RFC 6902 or JSON Merge Patch/RFC 7396. See the PATCH documentation for more information.

    Available since 1.12.0

    When using the PATCH method, use the same request body documentation that is provided for the PUT request. The PATCH method will merge the provided request parameters into the existing object, this means all parameters are optional when using the PATCH method and you only provide the values you want changed. A null value can be used to remove a value. Patching an Array will result in all values from the new list being appended to the existing list, this is a known limitation to the current implementation of PATCH.

     

    Request Parameters

    entityTypeId [UUID] Required

    The Id of the Entity Type.

    permissionId [UUID] Required

    The Id of the permission that is being updated.

    Request Body

    permission.data [Object] Optional

    An object that can hold any information about the Permission that should be persisted.

    permission.description [String] Optional

    The description of the Permission.

    permission.isDefault [Boolean] Optional defaults to false

    Whether or not the Permission is a default permission. A default permission is automatically granted to an entity of this type if no permissions are provided in a grant request.

    Example Request JSON
    
    {
      "permission": {
        "data": {
          "foo": "bar"
        },
        "description": "The permission description",
        "isDefault": true
      }
    }

    Response

    The response for this API contains the new information for the permission that was updated.

    Table 7. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    Response Body

    permission.data [Object]

    An object that can hold any information about the Permission that should be persisted.

    permission.description [String]

    The description of the Permission.

    permission.id [UUID]

    The Id of the Permission.

    permission.isDefault [Boolean]

    Whether or not the Permission is a default permission. A default permission is automatically granted to an entity of this type if no permissions are provided in a grant request.

    permission.insertInstant [Long]

    The instant that the Permission was added to the FusionAuth database.

    permission.lastUpdateInstant [Long]

    The instant that the Permission was updated in the FusionAuth database.

    permission.name [String]

    The name of the Permission. Once created, this field cannot be changed.

    Example Response JSON
    
    {
      "permission": {
        "data": {
          "foo": "bar"
        },
        "description": "The permission description",
        "id": "ce485a91-906f-4615-af75-81d37dc71e90",
        "insertInstant": 1595361142909,
        "isDefault": true,
        "lastUpdateInstant": 1595361143101,
        "name": "read"
      }
    }

    Delete an Entity Type Permission

    This API is used to delete a permission from an Entity Type.

    Request

    Delete an Entity Type Permission by Id

    URI

    DELETE /api/entityType/{entityTypeId}/permission/{permissionId}

    Request Parameters

    entityTypeId [UUID] Required

    The Id of the Entity Type the permission belongs.

    permissionId [UUID] Required

    The Id of the permission to delete.

    Delete an Entity Type Permission by name

    URI

    DELETE /api/entityType/{entityTypeId}/permission?name={name}

    Request Parameters

    entityTypeId [UUID] Required

    The Id of the Entity Type the permission belongs.

    name [String] Required

    The name of the permission to delete.

    Response

    This API does not return a JSON response body.

    Table 8. Response Codes
    Code Description

    200

    The request was successful. The response will be empty.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    404

    The object you are trying to delete doesn’t exist. The response will be empty.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    503

    The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

    Feedback

    How helpful was this page?

    See a problem?

    File an issue in our docs repo

    Have a question or comment to share?

    Visit the FusionAuth community forum.

    © 2023 FusionAuth
    How-to
    Subscribe for developer updates