Interface UserManagementServiceGrpc.AsyncService

  • All Known Implementing Classes:
    UserManagementServiceGrpc.UserManagementServiceImplBase
    Enclosing class:
    UserManagementServiceGrpc

    public static interface UserManagementServiceGrpc.AsyncService
     Service to manage users and their rights for interacting with the Ledger API
     served by a participant node.
     The authorization rules for its RPCs are specified on the ``<RpcName>Request``
     messages as boolean expressions over these facts:
     (1) ``HasRight(r)`` denoting whether the authenticated user has right ``r`` and
     (2) ``IsAuthenticatedUser(uid)`` denoting whether ``uid`` is the empty string or equal to the id of the authenticated user.
     (3) ``IsAuthenticatedIdentityProviderAdmin(idp)`` denoting whether ``idp`` is equal to the ``identity_provider_id``
     of the authenticated user and the user has an IdentityProviderAdmin right.
     If `user_id` is set to the empty string (the default), then the data for the authenticated user will be retrieved.
     If `identity_provider_id` is set to an empty string, then it's effectively set to the value of access token's 'iss' field if that is provided.
     If `identity_provider_id` remains an empty string, the default identity provider will be assumed.
     The fields of request messages (and sub-messages) are marked either as ``Optional`` or ``Required``:
     (1) ``Optional`` denoting the client may leave the field unset when sending a request.
     (2) ``Required`` denoting the client must set the field to a non-default value when sending a request.
     A user resource consists of:
     (1) a set of properties represented by the ``User`` message,
     (2) a set of user rights, where each right is represented by the ``Right`` message.
     A user resource, once it has been created, can be modified.
     In order to update the properties represented by the ``User`` message use the ``UpdateUser`` RPC. The only fields that can be modified are those marked as ``Modifiable``.
     In order to grant or revoke user rights use ``GrantRights' and ``RevokeRights`` RPCs.