Get Org IAM Policy

deprecated

This endpoint has been deprecated and may be removed in future versions of the API.

Use GetDomain Settings for Organization instead

Path Parameters

orgId string required

Responses

200
403
404
default

A successful response.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

policy object
details object
sequence uint64
on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-time
on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection

on manipulation: the
resourceOwner resource_owner is the organization an object belongs to
userLoginMustBeDomain boolean
the username has to end with the domain of its organization
isDefault boolean
defines if the organization's admin changed the policy
isDefault deprecated: is_default is also defined in zitadel.policy.v1.OrgIAMPolicy

{
  "policy": {
    "details": {
      "sequence": "2",
      "creationDate": "2023-05-12",
      "changeDate": "2023-05-12",
      "resourceOwner": "69629023906488334"
    },
    "userLoginMustBeDomain": true,
    "isDefault": true
  },
  "isDefault": true
}

Schema
Example (from schema)

Schema

policy object
details object
sequence uint64
on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-time
on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection

on manipulation: the
resourceOwner resource_owner is the organization an object belongs to
userLoginMustBeDomain boolean
the username has to end with the domain of its organization
isDefault boolean
defines if the organization's admin changed the policy
isDefault deprecated: is_default is also defined in zitadel.policy.v1.OrgIAMPolicy

{
  "policy": {
    "details": {
      "sequence": "2",
      "creationDate": "2023-05-12",
      "changeDate": "2023-05-12",
      "resourceOwner": "69629023906488334"
    },
    "userLoginMustBeDomain": true,
    "isDefault": true
  },
  "isDefault": true
}

Schema
Example (from schema)

Schema

policy object
details object
sequence uint64
on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-time
on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection

on manipulation: the
resourceOwner resource_owner is the organization an object belongs to
userLoginMustBeDomain boolean
the username has to end with the domain of its organization
isDefault boolean
defines if the organization's admin changed the policy
isDefault deprecated: is_default is also defined in zitadel.policy.v1.OrgIAMPolicy

{
  "policy": {
    "details": {
      "sequence": "2",
      "creationDate": "2023-05-12",
      "changeDate": "2023-05-12",
      "resourceOwner": "69629023906488334"
    },
    "userLoginMustBeDomain": true,
    "isDefault": true
  },
  "isDefault": true
}

Returned when the user does not have permission to access the resource.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Returned when the resource does not exist.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

An unexpected error response.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

GET /orgs/:orgId/policies/orgiam

Authorization

type: oauth2flow: authorizationCodescopes: openid,urn:zitadel:iam:org:project:id:zitadel:aud

Request

Base URL

https://$ZITADEL_DOMAIN/admin/v1

Bearer Token

orgId — path required

Accept

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/orgs/:orgId/policies/orgiam' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/orgs/:orgId/policies/orgiam' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/orgs/:orgId/policies/orgiam' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/orgs/:orgId/policies/orgiam' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/orgs/:orgId/policies/orgiam' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/orgs/:orgId/policies/orgiam' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/admin/v1/orgs/:orgId/policies/orgiam' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'