Skip to main content
logoTetrate Service BridgeVersion: 1.11.x

Teams Service

Service to manage Users and Teams in TSB

Teams

The Teams service provides methods to manage the Users and Teams that exist in an Organization.

Users and Teams are periodically synchronized from the Identity Provider (IdP) configured for the Organization, but TSB allows creating local teams to provide extended flexibility in how Users and Teams are grouped, and to provide a comprehensive way of creating more fine-grained access control policies.

CreateUser

GetUser

UpdateUser

ListUsers

DeleteUser

GenerateTokens

CreateTeam

GetTeam

UpdateTeam

ListTeams

DeleteTeam

CreateServiceAccount

GetServiceAccount

GetServiceAccountJWKS

UpdateServiceAccount

ListServiceAccounts

DeleteServiceAccount

GenerateServiceAccountKey

DeleteServiceAccountKey

CreateServiceAccountRequest

Request to create a ServiceAccount.

FieldDescriptionValidation Rule

parent

string
REQUIRED
Parent resource where the User will be created.

string = {
  min_len: 1
}

name

string
REQUIRED
The short name for the resource to be created.

string = {
  min_len: 1
  max_len: 63
  pattern: ^[a-z0-9]([a-z0-9-]*[a-z0-9])?$
}

serviceAccount

tetrateio.api.tsb.v2.ServiceAccount
REQUIRED
Details of the Service Account to be created.

message = {
  required: true
}

keyEncoding

tetrateio.api.tsb.v2.ServiceAccount.KeyPair.Encoding
The format in which the generated key pairs will be returned. If not set keys are returned in PEM format.

CreateTeamRequest

Request to create a Team.

FieldDescriptionValidation Rule

parent

string
REQUIRED
Parent resource where the Team will be created.

string = {
  min_len: 1
}

name

string
REQUIRED
The short name for the resource to be created.

string = {
  min_len: 1
}

team

tetrateio.api.tsb.v2.Team
REQUIRED
Details of the Team to be created.

message = {
  required: true
}

CreateUserRequest

Request to create a User.

FieldDescriptionValidation Rule

parent

string
REQUIRED
Parent resource where the User will be created.

string = {
  min_len: 1
}

name

string
REQUIRED
The short name for the resource to be created.

string = {
  min_len: 1
}

user

tetrateio.api.tsb.v2.User
REQUIRED
Details of the User to be created.

message = {
  required: true
}

DeleteServiceAccountKeyRequest

Delete a key-pair associated with the Service Account.

FieldDescriptionValidation Rule

fqn

string
REQUIRED
Fully-qualified name of the Service Account.

string = {
  min_len: 1
}

id

string
REQUIRED
ID of the key-pair to delete.

string = {
  min_len: 1
}

DeleteServiceAccountRequest

Request to delete a ServiceAccount.

FieldDescriptionValidation Rule

fqn

string
REQUIRED
Fully-qualified name of the Service Account.

string = {
  min_len: 1
}

DeleteTeamRequest

Request to delete a Team.

FieldDescriptionValidation Rule

fqn

string
REQUIRED
Fully-qualified name of the Team.

string = {
  min_len: 1
}

DeleteUserRequest

Request to delete a User.

FieldDescriptionValidation Rule

fqn

string
REQUIRED
Fully-qualified name of the User.

string = {
  min_len: 1
}

GenerateServiceAccountKeyRequest

Request to generate a new key-pair for the Service Account.

FieldDescriptionValidation Rule

fqn

string
REQUIRED
Fully-qualified name of the Service Account.

string = {
  min_len: 1
}

keyEncoding

tetrateio.api.tsb.v2.ServiceAccount.KeyPair.Encoding
The format in which the key pairs will be returned. If not set keys are returned in PEM format.

GetServiceAccountJWKSRequest

Request to retrieve all the public keys under a service account.

FieldDescriptionValidation Rule

fqn

string
REQUIRED
Fully-qualified name of the service account.

string = {
  min_len: 1
}

GetServiceAccountRequest

Request to retrieve a Service Account.

FieldDescriptionValidation Rule

fqn

string
REQUIRED
Fully-qualified name of the Service Account.

string = {
  min_len: 1
}

keyEncoding

tetrateio.api.tsb.v2.ServiceAccount.KeyPair.Encoding
The format in which the key pairs will be returned. If not set keys are returned in PEM format.

GetTeamRequest

Request to retrieve a Team.

FieldDescriptionValidation Rule

fqn

string
REQUIRED
Fully-qualified name of the Team.

string = {
  min_len: 1
}

GetUserRequest

Request to retrieve a User.

FieldDescriptionValidation Rule

fqn

string
REQUIRED
Fully-qualified name of the User.

string = {
  min_len: 1
}

JWKS

JSON Web Key Set. Refer to https://datatracker.ietf.org/doc/html/rfc7517

FieldDescriptionValidation Rule

keys

List of tetrateio.api.tsb.v2.JWKS.JWK
List of public JWKs

JWK

JSON Web Key. Refer to https://datatracker.ietf.org/doc/html/rfc7517

FieldDescriptionValidation Rule

alg

string
The specific cryptographic algorithm used with the key.

kty

string
The family of cryptographic algorithms used with the key.

use

string
How the key was meant to be used; sig represents the signature.

n

string
The modulus for the RSA public key.

e

string
The exponent for the RSA public key.

kid

string
The unique identifier for the key.

ListServiceAccountsRequest

Request to list Service Accounts.

FieldDescriptionValidation Rule

parent

string
REQUIRED
Parent resource to list Users from.

string = {
  min_len: 1
}

keyEncoding

tetrateio.api.tsb.v2.ServiceAccount.KeyPair.Encoding
The format in which the key pairs for each key will be returned. If not set keys are returned in PEM format.

ListServiceAccountsResponse

List of existing Service Accounts.

FieldDescriptionValidation Rule

serviceAccounts

List of tetrateio.api.tsb.v2.ServiceAccount

ListTeamsRequest

Request to list Teams.

FieldDescriptionValidation Rule

parent

string
REQUIRED
Parent resource to list Teams from.

string = {
  min_len: 1
}

ListTeamsResponse

List of existing teams.

FieldDescriptionValidation Rule

teams

List of tetrateio.api.tsb.v2.Team

ListUsersRequest

Request to list Users.

FieldDescriptionValidation Rule

parent

string
REQUIRED
Parent resource to list Users from.

string = {
  min_len: 1
}

ListUsersResponse

List of existing Users.

FieldDescriptionValidation Rule

users

List of tetrateio.api.tsb.v2.User

TokenResponse

Contains a pair of tokens for a user that can be used to authenticate against TSB.

FieldDescriptionValidation Rule

accessToken

string
Bearer access token that can be used to access TSB. This token is usually short-lived. The refresh token, when present, can be used to obtain a new access token when it expires.

refreshToken

string
Refresh token that can be used to obtain a new Bearer access token. This token is usually long-lived and should be stored securely.