- Introduction
- Account Secrets [Beta]
- Organization Secrets [Beta]
- Project Secrets [Beta]
- Secrets
- getFetches the list of Secrets corresponding to the request's filter criteria.
- postCreates a Secret at given Scope
- postCreates a Secret File
- postCreates a secret via YAML
- getGet the Secret by ID and Scope
- putUpdates the Secret by ID and Scope
- delDeletes Secret by ID and Scope
- postFetches the list of Secrets corresponding to the request's filter criteria.
- postFetches the list of Secrets corresponding to the request's filter criteria.
- putUpdates the Secret file by ID and Scope
- putUpdates the Secret by ID and Scope via YAML
- postValidates Secret with the provided ID and Scope
- getChecks whether the identifier is unique or not
- Account Connectors [Beta]
- Organization Connectors [Beta]
- Project Connectors [Beta]
- Connectors
- postFetches the list of CMC K8S Connectors corresponding to the request's filter criteria.
- getList all Connectors using filters
- putUpdate a Connector
- postCreate a Connector
- getReturn Connector details
- delDelete a Connector
- getList all the configured field values for the given Connector type.
- postGet the Template URL of connector
- getLists all Connectors for an account
- getGets the connector's statistics by Account Identifier, Project Identifier and Organization Identifier
- postFetches the list of Connectors corresponding to the request's filter criteria.
- postGet list of Connectors by FQN
- postTest Harness Connector connection with third-party tool
- postTest Git Connector sync with repo
- getTest a Harness Connector
- GoogleSecretManagerConnector
- Account Role Assignments [Beta]
- Organization Role Assignments [Beta]
- Project Role Assignments [Beta]
- Role Assignments
- postBulk Delete Role Assignment
- postCreate Role Assignments
- getList Role Assignments
- postCreate Role Assignment
- getGet Role Assignment
- delDelete Role Assignment
- postList Role Assignments by filter
- postList Aggregated Role Assignments by filter
- postList Role Assignments by scope filter
- postValidate Role Assignment
- Accounts
- AccountSetting
- Access Control List
- AuditFilters
- Audit
- EULA [Beta]
- Filter
- getList Filters
- putUpdate a Filter
- postCreate a Filter
- getReturn Filter Details
- delDelete a Filter
- getList Filters
- putUpdate a Filter
- postCreate a Filter
- getReturn Filter Details
- delDelete a Filter
- getList Filters
- putUpdate a Filter
- postCreate a Filter
- getReturn Filter Details
- delDelete a Filter
- getList Filters
- putUpdate a Filter
- postCreate a Filter
- getReturn Filter Details
- delDelete a Filter
- Invite
- IP Allowlist [Beta]
- Oidc-Access-Token
- Oidc-ID-Token
- OIDC
- Canny
- ApiKey
- getFetches the list of API Keys corresponding to the request's filter criteria.
- postCreates an API key
- putUpdates API Key for the provided ID
- delDeletes the API Key corresponding to the provided ID.
- getFetches the API Keys details corresponding to the provided ID and Scope.
- getFetches the list of Aggregated API Keys corresponding to the request's filter criteria.
- Source Code Manager
- Nextgen Ldap
- Harness Resource Type
- Authentication Settings
- getReturn configured Ldap settings for the account
- putUpdates Ldap setting
- postCreate Ldap setting
- delDelete Ldap settings
- delDelete SAML meta data
- delDelete SAML meta data for given SAML sso id
- putUpdate authentication enabled or not for given SAML setting
- getGets authentication settings for the given Account ID
- getGets authentication settings version 2 for the given Account ID
- getGet password strength
- getTest SAML connectivity
- getTest SAML connectivity
- delDelete OAuth Setting
- putEnable/disable public access at account level
- putSet session timeout at account level
- putSet two factor authorization
- putUpdate Auth mechanism
- putUpdate Oauth providers
- putUpdate SAML metadata
- postUpload SAML metadata
- putUpdate SAML metadata for a given SAML SSO Id
- putUpdates the whitelisted domains
- Permissions
- Secret Managers
- Setting
- Service Account
- SMTP
- Token
- User
- putAdd user to user groups
- postAdd user(s) to scope
- putChange user password
- getCheck if user is last admin
- putDisable two factor authentication
- getGet detailed user information
- postGet list of users
- getGets Two Factor Auth Settings
- getGet Current User Info
- postGet users list
- putUpdate User
- delRemove user from scope
- getReset two factor authorization
- putUnlock user
- putEnable two factor authentication
- putUpdate User
- User Group
- getCheck user membership
- putAdd user to User Group
- delRemove user from User Group
- putCopy User Group
- getList the User Groups in an account/org/project
- putUpdate User Group
- postCreate User Group
- getGet User Group
- delDelete a User Group in an account/org/project
- getGet Inheriting Child Scopes
- postList users in User Group
- putLink LDAP Group to the User Group to an account/org/project
- putLink SAML Group to the User Group in an account/org/project
- postList User Groups by filter
- postGet filtered User Groups
- putUnlink SSO Group from the User Group in an account/org/project
- putUpdate User Group
- postCreate User Group
- Variables
- Agent mTLS Endpoint Management
- getGets the agent mTLS endpoint for an account.
- putUpdates the existing agent mTLS endpoint for an account.
- postCreates the agent mTLS endpoint for an account.
- delRemoves the agent mTLS endpoint for an account.
- patchUpdates selected properties of the existing agent mTLS endpoint for an account.
- getChecks whether a given agent mTLS endpoint domain prefix is available.
- Delegate Download Resource
- Delegate Group Tags Resource
- Delegate Setup Resource
- delDeletes a Delegate by its identifier.
- getGenerates delegate terraform example module file from the account
- postGenerates helm values yaml file from the data specified in request body (Delegate setup details).
- postLists all delegates in NG filtered by provided conditions
- getGets the latest supported delegate version. The version has YY.MM.XXXXX format. You can use any version lower than the returned results(upto 3 months old)
- putOverrides delegate image tag for account
- Delegate Token Resource
- Agent mTLS Endpoint Management
- Pipelines [Beta]
- Input Sets [Beta]
- Approvals
- Pipeline Execution [Beta]
- Pipeline Dashboard
- Pipeline Input Set
- getList Input Sets
- postCreate an Input Set
- postCreate an Overlay Input Set for a pipeline
- getFetch an Input Set
- putUpdate an Input Set
- delDelete an Input Set
- getGets an Overlay Input Set by identifier
- putUpdate an Overlay Input Set for a pipeline
- postFetch Runtime Input Template
- putUpdate git-metadata in remote input-set
- Pipeline
- postCreate a Pipeline
- postCreate a Pipeline
- getFetch a Pipeline
- putUpdate a Pipeline
- delDelete a Pipeline
- postList Pipelines
- getFetch Pipeline Summary
- postImport and Create Pipeline from Git Repository
- postImport and Create Pipeline from Git Repository
- putUpdate git-metadata in remote pipeline Entity
- putUpdate a Pipeline
- Pipeline Execution Details
- getFetch Execution Details
- getFetch Execution Details
- getFetch Execution SubGraph for a Given Retried StepGroup NodeExecution ID
- postFetch Execution Url
- getGet the Input Set YAML used for given Plan Execution
- postList Execution Identifier
- postList Executions
- postList Executions Outline
- getGet Notes for a pipelineExecution
- putUpdates Notes for a pipelineExecution
- Pipeline Execute
- getRetry History for a given execution
- putExecute an Interrupt
- putHandles the interrupt for a given stage in a pipeline
- postRetry a executed pipeline with inputSet pipeline yaml
- postExecute a Pipeline with Input Set References
- postExecute a Pipeline with Runtime Input YAML
- postExecute given Stages of a Pipeline
- Pipeline Refresh
- Pipeline data retention
- Triggers [Beta]
- getGets the paginated list of triggers for accountIdentifier, orgIdentifier, projectIdentifier, targetIdentifier.
- postCreates Trigger for triggering target pipeline identifier.
- getGets the trigger by accountIdentifier, orgIdentifier, projectIdentifier, targetIdentifier and triggerIdentifier.
- putUpdates trigger for pipeline with target pipeline identifier.
- delDeletes Trigger by identifier.
- getLists all Triggers
- getFetches Trigger details for a specific accountIdentifier, orgIdentifier, projectIdentifier, targetIdentifier, triggerIdentifier.
- getGet event history for a trigger
- TriggersEvents
- Webhook Triggers
- getGets webhook event processing details for input eventId.
- getGets webhook event processing details for input eventId.
- postHandles event payload for webhook triggers.
- postHandles event payload for custom webhook triggers.
- postHandles event payload for custom webhook triggers.
- postHandles event payload for custom webhook triggers.
- Webhook Event Handler
- K8s Release Service Mapping [Beta]
- CustomDeployment
- Environments
- getGets Environment list for a project
- putUpdate an Environment by identifier
- postCreate an Environment
- getGets an Environment by identifier
- delDelete an Environment by identifier
- getGets Service Overrides list
- postupsert a Service Override for an Environment
- delDelete a ServiceOverride entity
- postImport and Create Environment from Git Repository
- getGets Environment Access list
- postMove environment YAML from inline to remote
- putUpdate git-metadata in remote environment Entity
- putUpsert an Environment by identifier
- EnvironmentGroup
- Infrastructures
- getGets Infrastructure list
- putUpdate an Infrastructure by identifier
- postCreate an Infrastructure in an Environment
- getGets an Infrastructure by identifier
- delDelete an Infrastructure by identifier
- postImport and Create Infrastructure from Git Repository
- postMove infra YAML from inline to remote
- putUpdate git-metadata in remote infrastructure Entity
- Usage
- getDownload CD Usage CSV report
- getDownload CSV Active Services report
- getGets License Usage By Module, Timestamp, and Account Identifier
- getGets License Usage By Module, Timestamp, and Account Identifier
- getGets License Usage By Module, Timestamp, and Account Identifier
- getDownload CSV Active Services report
- getGets License Usage By Module, Timestamp, and Account Identifier
- getGets License Usage By Module, Timestamp, and Account Identifier
- getGets License Usage By Module, Timestamp, and Account Identifier
- getDownload CSV Active Monitored Services report
- getDownload CSV Active Services Monitored report
- getCvgetLicenseUsage
- getgetSRMLicenseUsage
- postReturns a List of active monitored services along with identifier,Active Monitored Services Count and other details
- File Store
- getList Files and Folders metadata
- postCreate Folder or File including content
- postCreates File or Folder metadata via YAML
- getGet the Folder or File metadata
- putUpdate Folder or File including content
- delDelete File or Folder by identifier
- getDownload File
- getGet list of created by user details
- getGet file content of scopedFilePath
- postGet file content of scopedFilePathV2
- getGet list of entities where file is referenced by queried entity type
- getGet the list of supported entity types for files
- postGet filtered list of Files or Folders
- postGet folder nodes at first level, not including sub-nodes
- putUpdate File or Folder metadata via YAML
- Service Dashboard
- ServiceOverrides
- Rollback
- tas
- Account Services [Beta]
- Organization Services [Beta]
- Project Services [Beta]
- Services
- getGets Service list
- putUpdate a Service by identifier
- postCreate a Service
- postCreate Services
- getGets a Service by identifier
- delDelete a Service by identifier
- getRetrieving the list of Kubernetes Command Options
- getRetrieving the list of Kustomize Command Flags
- getRetrieving the list of actions available for service hooks
- postGet Service YAML from Git Repository
- getGets Service Access list
- putUpdate git-metadata in remote service Entity
- putUpsert a Service by identifier
- Account Templates [Beta]
- Organization Templates [Beta]
- Project Templates [Beta]
- Templates
- postGet YAML with updated Template Inputs
- getValidate Template Inputs in a YAML
- postCreate a Template
- delDelete Template Version
- getGet Template
- getGets Template Input Set YAML
- postGets all metadata of template list
- postMove Template YAML from inline to remote
- putUpdate Template Version
- postUpdate git metadata details for a remote template
- putUpdate Stable Template Version
- Global Templates
- Agents
- getAgentServiceForServer_List
- postAgentServiceForServer_Create
- postAgentServiceForServer_Search
- putAgentServiceForServer_Update
- getAgentServiceForServer_GetDeployYaml
- postAgentServiceForServer_PostDeployHelmChart
- postAgentServiceForServer_PostDeployYaml
- getAgentServiceForServer_GetDeployHelmChart
- patchAgentServiceForServer_SetPrimaryNode
- getAgentServiceForServer_Get
- delAgentServiceForServer_Delete
- postAgentServiceForServer_RegenerateCredentials
- getAgentServiceForServer_Unique
- Application
- Applications
- getList returns list of applications for a specific agent
- postCreate creates an application
- getGet returns an application by name
- getManagedResources returns list of managed resources
- getGet returns an application by name
- getListResourceEvents returns a list of event resources
- getPodLogs returns stream of log entries for the specified pod(s).
- getGetManifests returns application manifests
- getPodLogs returns stream of log entries for the specified pod(s).
- getResourceTree returns resource tree
- getGet the meta-data (author, date, tags, message) for a specific revision of the application
- getGet returns sync windows of the application
- putUpdate updates an application
- delDelete deletes an application
- patchPatch patch an application
- delTerminateOperation terminates the currently running operation
- getGetResource returns single application resource
- delDeleteResource deletes a single application resource
- postPatchResource patch single application resource
- getListResourceActions returns list of resource actions
- postRunResourceAction run resource action
- postRollback syncs an application to its target state Harness Event type (rollback)
- putUpdateSpec updates an application spec
- postSync syncs an application to its target state Harness Event type (deploy)
- getWatch returns stream of application change events
- getWatchResourceTree returns stream of application resource tree
- getApplicationService_ListAttributes
- postListNs returns list of namespaces for a query.
- postList returns list of application sync status
- getChecks whether an app with the given name exists
- Certificates
- Clusters
- getGets a Cluster by identifier
- delDelete a Cluster by identifier
- getGets cluster list
- postlink a Cluster
- postLink Clusters
- postUnlink Clusters
- getList returns list of clusters
- postCreate creates a cluster
- getGet returns a cluster by identifier
- delDelete deletes a cluster
- putUpdate updates a cluster
- getList all available repository certificates
- postList returns list of Clusters
- getChecks for whether the cluster exists
- Dashboard Aggregates
- Dashboards
- GnuPGP Keys
- GPG Keys
- Hosts
- Project mappings
- getAppProjectMappingService_GetAppProjectMappingListByAgent
- postCreateAppProjectMapping creates a new mapping between Harness Project and argo project
- delDelete an argo project to harness project mapping
- getAppProjectMappingService_GetAppProjectMappingList
- postCreateAppProjectMapping creates a new mapping between Harness Project and argo project
- getAppProjectMappingService_GetAppProjectMappingV2
- delDelete an argo project to harness project mapping
- putCreateAppProjectMapping creates a new mapping between Harness Project and argo project
- getV2
- Projects
- Reconciler
- postReturns number of entities that exist in the cluster on the agent. Filter can be used to count only global entities (with empty project) and those specified by the filter.
- postImports data from cluster via agent. There must be at least one project mapping in the database. Returns number of entities imported.
- Repositories
- getListRepositories gets a list of all configured repositories
- postCreateRepository creates a new repository configuration
- getChecks whether External Secrets Operator is installed
- getReturns a list of ESO generators installed in agent namespace.
- postReturns the Repository type of OCI repo
- postValidateAccess gets connection state for a repository
- getGet returns a repository or its credentials
- delDeleteRepository deletes a repository from the configuration
- putUpdateRepository updates a repository configuration
- getGetAppDetails returns application details by given path
- getListApps returns list of apps in the repo
- getGetHelmCharts returns list of helm charts in the specified repository
- getReturns a list of refs (e.g. branches and tags) in the repo
- getList returns list of Repositories by repository credential template
- postList returns list of Repositories
- getChecks whether a repository with the given name exists
- Repository Certificates
- Repository credentials
- ValidateHost
- Agents
- Cloud Cost Anomalies
- Cloud Cost BI Dashboards
- Cloud Cost Budget Groups
- Cloud Cost Budgets
- Cloud Cost K8S Connectors Metadata
- Cloud Cost Details
- Cloud Cost Overview
- Cloud Cost Cost Categories
- RuleEnforcement
- Rule
- Rule Executions
- Rule Sets
- Governance Overview
- postReturn day wise total evaluations.
- getReturn rule execution Cost Details
- postReturn rule execution Details
- postReturn monthly realised Savings
- postReturn top resource type executions
- getReturn total number of active enforcements.
- getReturn total number of evaluations.
- getReturn total realised Savings.
- postReturn total realised Savings.
- getReturn total realised Savings grouped by cloud provider/resource type.
- getReturn total number of rules & enforcements
- Cloud Cost Perspectives Folders
- Cloud Cost Perspective Reports
- Cloud Cost Perspectives
- Cloud Cost Recommendations Details
- Cloud Cost Recommendations
- Cloud Cost Recommendation Jira
- Cloud Cost Recommendation Servicenow
- Cloud Cost Recommendation Ignore List
- Cloud Cost AutoStopping Rules
- getList AutoStopping Rules
- postCreate an AutoStopping Rule
- getReturn AutoStopping Rule details
- delDelete an AutoStopping Rule
- getReturn health status of an AutoStopping Rule
- getReturn savings details for an AutoStopping Rule
- getList all the resources for an AutoStopping Rule
- getReturn diagnostics result of an AutoStopping Rule
- postWarm up an AutoStopping Rule
- postCool down an AutoStopping Rule
- getReturn metadata of cool down of an AutoStopping Rule
- getReturn cumulative savings for all the AutoStopping Rules
- putDisable/Enable an Autostopping Rule
- Cloud Cost AutoStopping Rules V2
- Cloud Cost AutoStopping Load Balancers
- Cloud Cost AutoStopping Fixed Schedules
- Commitment Orchestrator Events APIs
- Monitored Services
- postcreateDefaultMonitoredService
- getGet monitored service data
- putUpdates monitored service data
- delDelete monitored service data
- putdelete template reference from monitored service
- getgetAllMonitoredServicesWithHealthSources
- getCvgetAnomaliesSummary
- getgetCountOfServices
- getgetEnvironments
- getgetHealthSources
- getgetHealthSourcesForMonitoredServiceIdentifier
- getgetList
- getgetListV2
- getgetMSSecondaryEvents
- getgetMSSecondaryEventsDetails
- getgetMonitoredServiceChangeDetails
- getgetMonitoredServiceDetails
- getgetMonitoredServiceDetails_1
- getgetMonitoredServiceFromServiceAndEnvironment
- getgetMonitoredServiceLogs
- getfetch reconciliation status for template referenced monitored services
- getget monitored service resolved template inputs
- getgetMonitoredServiceScore
- getGet notification rules for MonitoredService
- getgetOverAllHealthScore
- getgetServices
- getgetSloMetrics
- getcheck if a template referenced monitored service(s) require reconciliation
- getlist
- postSaves monitored service data
- postSaves monitored service from template input
- postsaveMonitoredServiceFromYaml
- putsetHealthMonitoringFlag
- putUpdate monitored service from yaml or template
- putupdateMonitoredServiceFromYaml
- getyamlTemplate
- SLOs dashboard
- NG SLOs
- SLOs
- Downtime
- Srm Notification
- Monitored Services
- repository
- getList repositories
- postCreate repository
- delSoft delete repository
- getGet repository
- patchUpdate repository
- getDownload repo in archived format
- getGet git blame
- getList branches
- postCreate branch
- delDelete branch
- getGet branch
- getValidate code owners file
- getList commits
- postCommit files
- getGet commit
- getGet raw git diff of a commit
- postGet commit divergence
- getGet content of a file
- getGet diff stats
- getGet raw diff
- postGet raw diff
- postCheck mergeability
- postMove repository
- postGet commit details
- getList all paths
- postPurge repository
- getGet raw file content
- postRestore repository
- getList protection rules
- postAdd protection rule
- delDelete protection rule
- getGet protection rule
- patchUpdate protection rule
- getGet general settings
- patchUpdate general settings
- getGet security settings
- patchUpdate security settings
- getGet repository summary
- getList tags
- postCreate tag
- delDelete tag
- postImport repository
- status_checks
- pullreq
- getList pull requests
- postCreate pull request
- getGet pull request
- patchUpdate pull request
- getList activities
- getGet status checks
- getGet code owners
- postCreate new pull request comment
- delDelete pull request comment
- patchUpdate pull request comment
- putUpdate status of pull request comment
- postApply pull request code comment suggestions
- getList commits
- getGet file changes
- postGet file changes
- getList viewed files
- putMark file as viewed
- delRemove file view
- postMerge
- getGet metadata
- getList reviewers
- putAdd reviewer
- delRemove reviewer
- postSubmit review
- postUpdate state of pull request
- upload
- webhook
- resource
- repository
- usage
- approvals
- costs
- executions
- module-registry
- getlist_modules-by-account module-registry
- postcreate-module module-registry
- deldelete-module module-registry
- getlist-modules-by-id module-registry
- putupdate-module module-registry
- postsync-module-metadata module-registry
- getlist-metadata-by-module module-registry
- getlist-readme-by-id module-registry
- postmodule-parsed-data module-registry
- postpost-module-readme module-registry
- postpost-module-tags module-registry
- getdownload module-registry
- getlist-versions module-registry
- workspaces
- getlist-workspaces workspaces
- postcreate-workspace workspaces
- deldestroy-workspace workspaces
- getshow-workspace workspaces
- putupdate-workspace workspaces
- postforce-unlock-workspace workspaces
- getlist-resources workspaces
- getlist-data workspaces
- postcreate-data workspaces
- getshow-data workspaces
- getevaluate-data workspaces
- postsend-event workspaces
- getlist-pipelines workspaces
- settings
- tf-standard-backend
- variables
- Chaos Engineering
Check Permission
Check for permission on resource(s) for a principal
Securityx-api-key
Request
Request Body schema: required
These are the checks to perform for Access Control.
required | Array of objects (PermissionCheck) [ 0 .. 10000 ] items List of permission checks to perform |
object (AuthzPrincipal) |
Responses
400
Bad Request
500
Internal server error
default
Result of the access check request
post/authz/api/acl
Request samples
- Payload
- curl
- Java
- Go
{- "permissions": [
- {
- "resourceScope": {
- "accountIdentifier": "string",
- "orgIdentifier": "string",
- "projectIdentifier": "string"
}, - "resourceType": "string",
- "resourceAttributes": {
- "property1": "string",
- "property2": "string"
}, - "resourceIdentifier": "string",
- "permission": "string"
}
], - "principal": {
- "scopeLevel": "string",
- "identifier": "string",
- "type": "USER",
- "uniqueId": "string"
}
}Response samples
- 400
- 500
- default
{- "status": "SUCCESS",
- "code": "DEFAULT_ERROR_CODE",
- "message": "string",
- "correlationId": "string",
- "errors": [
- {
- "fieldId": "string",
- "error": "string"
}
]
}