Updating a DKE Authorized Tenant
Use the patch /v1/cckm/microsoft/dke/auth-tenants/{id} API to update the attributes of a Microsoft DKE authorized tenant.
Syntax
curl -k '<CCKM IP address>/api/v1/cckm/microsoft/dke/auth-tenants/{id}' -X PATCH -H 'Authorization: Bearer AUTHTOKEN' -H 'accept: application/json' --compressed
Here, {id} is the ID of the DKE authorized tenant.
Request Parameters
| Parameter | Type | Description |
|---|---|---|
| AUTHTOKEN | string | Authorization token. |
| authorization_type | string | Authorization type for DKE key: email and role. |
| authorized_email_addresses | string | Allowed email addresses. Required field, if authorization_type is email. |
| authorized_roles | string | Allowed roles in active directory. Required field, if authorization_type is set to role. |
| connection | string | ID of the Azure connection. Mandatory for role-based authorization (that is, when role_authz_params is set). Refer to DKE Authorization Parameters. |
| description | string | Description for the authorized tenant. |
| name | string | Unique name for the authorized tenant. |
Note
The use of wildcards '*' and '?' are supported for email addresses. The following are examples of supported wildcard formats:
abc*@gmail.com: supports any email that starts with abc and ends with "@gmail.com".
abc@?.com: supports any email that starts with abc, contains "@" followed by at least one character and ends with ".com".
abc@?.?*: supports any email that starts with abc, contains "@" followed by at least one character, followed by the dot character (.), and ends with at least one character.
?*@gmail.com: supports any email that starts with at least one character and ends with "@gmail.com".
Example Request
curl -k 'https://54.173.227.108/api/v1/cckm/microsoft/dke/auth-tenants/d27d849e-e487-4b0e-a54c-a71e67687d10' -X PATCH -H 'Authorization: Bearer eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI1OGE3OTZlNi0wMjY0LTRjNjgtOWVlOS0xNTEzODFmYWYxZWIiLCJzdWIiOiJsb2NhbHwxYWIwNGY0ZC01MDQ5LTQ0M2ItOWQ0OC02MzVlYjVjNDRmYzciLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJjbGllbnRfaWQiOiI4MzdjODQwZC03NWRkLTRiNGYtYTMxOC03OWNiMTZjYTI0OGQiLCJjbGllbnRfbmFtZSI6ImFwaS1wbGF5Z3JvdW5kIiwiY2xpZW50X3R5cGUiOiJwdWJsaWMiLCJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiODM3Yzg0MGQtNzVkZC00YjRmLWEzMTgtNzljYjE2Y2EyNDhkIiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6IjkwZGE3YmVkLWE0OGItNGNmMi1iYmY2LTNmMmNkOGVhZDhiNiIsImlhdCI6MTcwODUwODQyMiwiZXhwIjoxNzA4NTA4NzIyfQ.Sm8hQ08WafGKc6Hj9_TLrHZ26Wzkuym__9XHnc8nNFe9LnFGIF7v0n1U6Nk5mi0NlJZyx-WIVJupEj_x0rRdow' -H 'accept: application/json' --compressed
This example request shows the attributes of the DKE authorized tenant with the ID of d27d849e-e487-4b0e-a54c-a71e67687d10 is updated.
Example Response
{
"id": "04bb21b8-9f0c-4f48-b873-d668a342ebf0",
"uri": "kylo:kylo:cckm:dke-auth-tenant:e4874b0e-d27d-849e-71e6-a7687da54c10",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2024-01-11T08:39:40.253751Z",
"updatedAt": "2024-01-11T10:43:51.626234Z",
"name": "Authorized tenent 001",
"description": "auth. tenant description",
"tenant_id": "e4874b0e-d27d-849e-71e6-a7687da54c10",
"authorization_type": "role",
"issuer": "https://sts.windows.net/d27d849e-e487-4b0e-a54c-a71e67687d10/",
"authorized_roles": [
{
"templateId": "5c671665-cc95-4382-90bc-b128d0548573",
"displayName": "auth_role_name"
}
],
"connection": "63bdc9f2-6638-405e-a4cd-c232640fb4e1",
"jwks_uri": "https://login.microsoftonline.com/common/discovery/v2.0/keys"
}
This sample output shows the attributes of the DKE endpoint with the ID of f222ffdf-80e1-4fd5-8f17-1b60a26dba5d' is updated.
Response Codes
| Response Code | Description |
|---|---|
| 2xx | Success |
| 4xx | Client errors |
| 5xx | Server errors |
Refer to HTTP status codes for details.
