Skip to main content
POST
/
v1
/
tenants
/
{tenant_id}
/
permissions
/
lookup-subject
go
cr, err := client.Permission.LookupSubject(context.Background(), &v1.PermissionLookupSubjectRequest{
    TenantId: "t1",
    Metadata: &v1.PermissionLookupSubjectRequestMetadata{
        SnapToken: "",
        SchemaVersion: "",
        Depth: 20,
    },
    Entity: &v1.Entity{
        Type: "document",
        Id: "1",
    },
    Permission: "edit",
    SubjectReference: &v1.RelationReference{
        Type: "user",
        Relation: "",
    },
    PageSize: 20,
    ContinuousToken: "",
})
client.permission.lookupSubject({
tenantId: "t1",
metadata: {
snapToken: "",
schemaVersion: "",
depth: 20,
},
entity: {
type: "document",
id: "1",
},
permission: "edit",
subject_reference: {
type: "user",
relation: ""
},
page_size: 10,
continuous_token: ""
}).then((response) => {
console.log(response.subject_ids)
})
curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/permissions/lookup-subject' \
--header 'Content-Type: application/json' \
--data-raw '{
"metadata":{
"snap_token": "",
"schema_version": "",
"depth": 20,
},
"entity": {
"type": "document",
"id": "1"
},
"permission": "edit",
"subject_reference": {
"type": "user",
"relation": ""
},
page_size: 20,
continuous_token: ""
}'
{
  "subject_ids": [
    "<string>"
  ],
  "continuous_token": "<string>"
}
{
"code": 123,
"message": "<string>",
"details": [
{
"@type": "<string>"
}
]
}
Lookup Subject endpoint lets you ask questions in form of “Which subjects can do action Y on entity:X?”. As a response of this you’ll get a subject results in a format of string array. In this endpoint you’ll get directly the IDs’ of the subjects that are authorized in an array.

Path Parameters

tenant_id
string
required

Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant t1 for this field. Required, and must match the pattern \“[a-zA-Z0-9-,]+\“, max 64 bytes.

Body

application/json

PermissionLookupSubjectRequest is the request message for the LookupSubject method in the Permission service.

metadata
object

PermissionLookupSubjectRequestMetadata metadata for the PermissionLookupSubjectRequest.

entity
object

Entity represents an entity with a type and an identifier.

permission
string

Permission to be checked, can be a permission or relation. Required, and must match the pattern "^([a-zA-Z][a-zA-Z0-9_]{1,62}[a-zA-Z0-9])$", max 64 bytes.

subject_reference
object

The RelationReference message provides a reference to a specific relation.

context
object

Context encapsulates the information related to a single operation, including the tuples involved and the associated attributes.

arguments
object[]

Additional arguments associated with this request.

page_size
integer<int64>

page_size is the number of subjects to be returned in the response. The value should be between 1 and 100.

continuous_token
string

continuous_token is an optional parameter used for pagination. It should be the value received in the previous response.

Response

A successful response.

PermissionLookupSubjectResponse is the response message for the LookupSubject method in the Permission service.

subject_ids
string[]

List of identifiers for subjects that match the lookup.

continuous_token
string

continuous_token is a string that can be used to paginate and retrieve the next set of results.