From e565a6ecbc3e39e780f0cd6a74dc484147b48dd9 Mon Sep 17 00:00:00 2001 From: Pedro Igor Date: Fri, 2 Jun 2017 19:00:48 -0300 Subject: [PATCH] Metadata only allowed when using POST --- .../entitlement/entitlement-request-metadata.adoc | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/authorization_services/topics/service/entitlement/entitlement-request-metadata.adoc b/authorization_services/topics/service/entitlement/entitlement-request-metadata.adoc index a77f97fcdb..c38d1f98f4 100755 --- a/authorization_services/topics/service/entitlement/entitlement-request-metadata.adoc +++ b/authorization_services/topics/service/entitlement/entitlement-request-metadata.adoc @@ -7,7 +7,7 @@ they expect to obtain the permissions. ```bash curl -X POST -H "Authorization: Bearer ${access_token}" -d '{ "metadata" : { - "includeresourcename" : false + "include_resource_name" : false }, "permissions" : [ ... @@ -15,28 +15,25 @@ curl -X POST -H "Authorization: Bearer ${access_token}" -d '{ }' "http://${host}:${port}/auth/realms/${realm_name}/authz/entitlement/{client_id}" ``` -When using HTTP GET metadata information can be sent using a query parameter ```metadata```. For instance: - -```bash -curl -X GET "http://${host}:${port}/auth/realms/${realm_name}/authz/entitlement/{client_id}?metadata=includeresourcename=false" -``` +[NOTE] +The Entitlement API endpoint only allows passing metadata along an entitlement request when using HTTP POST. The following sections will explain how and when you can use the different information you can include in an entitlement request as a metadata. ==== Decide whether or not resource's name should be included the response -.includeresourcename +.include_resource_name ```bash curl -X POST -H "Authorization: Bearer ${access_token}" -d '{ "metadata" : { - "includeresourcename" : false + "include_resource_name" : false }, "permissions" : [ ... ] }' "http://${host}:${port}/auth/realms/${realm_name}/authz/entitlement/{client_id}" ``` -Clients can use ```includeresourcename``` to decide whether or not resource`s name should be included on each permission granted by the server. This option +Clients can use ```include_resource_name``` to decide whether or not resource`s name should be included on each permission granted by the server. This option can be used to reduce the size of RPTs and optimize client-server communication. By default, permissions in a RPT contain both the id and name of the resource that was granted for every single permission. This option is specially useful