Find the authorization subject IDs that are applicable in a policy
I know, there is a documentation on the subject ID pattern at Policy of a thing,
but how can I find out, what exact subject IDs are usable with my current authentication?
Do you provide a functionality like "Who am I" ?
Answer
There is a RESTful resource, which will return the authorization subject IDs, that you can use with your current authentication.
Navigate to apidocs > Bosch IoT Things > Policies > /whoami.
Authenticate there.
Click Try it out.
Click Execute.
It will return JSON with the following example payload:
{
"defaultSubject"
:
"iot-suite:<bosch-id>/service-instance.<id>.iot-things@iot-things"
,
"subjects"
: [
"iot-suite:<bosch-id>/service-instance.<id>.iot-things@iot-things"
,
"iot-suite:/service-instance.<id>>.iot-things@iot-things"
,
"iot-suite:<bosch-id>/service-instance.<id>.iot-things"
,
"iot-suite:/service-instance.<id>.iot-things"
,
"bosch:<bosch-id>@ciamids_3692D578-A9D4-406A-8675-0964925256AA"
]
}
The defaultSubject will be used as default subject ID when creating a new thing or policy, but you will also have access to any resource that allows access for one of the subject IDs in the subjects list.