ZMSClient (athenz-zms-java-client 1.10.39 API)

java.lang.Object
- com.yahoo.athenz.zms.ZMSClient

All Implemented Interfaces:: Closeable, AutoCloseable

public class ZMSClient
extends Object
implements Closeable

Field Summary

Fields
Modifier and Type	Field and Description
`protected ZMSRDLGeneratedClient`	`client`
`static String`	`ZMS_CLIENT_DEFAULT_CLIENT_SSL_PROTOCOL`
`static String`	`ZMS_CLIENT_PKEY_STORE_FACTORY_CLASS`
`static String`	`ZMS_CLIENT_PROP_ATHENZ_CONF`
`static String`	`ZMS_CLIENT_PROP_CERT_ALIAS`
`static String`	`ZMS_CLIENT_PROP_CLIENT_PROTOCOL`
`static String`	`ZMS_CLIENT_PROP_CONNECT_TIMEOUT`
`static String`	`ZMS_CLIENT_PROP_KEY_MANAGER_PASSWORD`
`static String`	`ZMS_CLIENT_PROP_KEY_MANAGER_PWD_APP_NAME`
`static String`	`ZMS_CLIENT_PROP_KEYSTORE_PASSWORD`
`static String`	`ZMS_CLIENT_PROP_KEYSTORE_PATH`
`static String`	`ZMS_CLIENT_PROP_KEYSTORE_PWD_APP_NAME`
`static String`	`ZMS_CLIENT_PROP_KEYSTORE_TYPE`
`static String`	`ZMS_CLIENT_PROP_PRIVATE_KEY_STORE_FACTORY_CLASS`
`static String`	`ZMS_CLIENT_PROP_READ_TIMEOUT`
`static String`	`ZMS_CLIENT_PROP_TRUSTSTORE_PASSWORD`
`static String`	`ZMS_CLIENT_PROP_TRUSTSTORE_PATH`
`static String`	`ZMS_CLIENT_PROP_TRUSTSTORE_PWD_APP_NAME`
`static String`	`ZMS_CLIENT_PROP_TRUSTSTORE_TYPE`

Constructor Summary

Constructors
Constructor and Description
`ZMSClient()` Constructs a new ZMSClient object with default settings.
`ZMSClient(com.yahoo.athenz.auth.Principal identity)` Constructs a new ZMSClient object with default settings and given principal object for credentials.
`ZMSClient(String url)` Constructs a new ZMSClient object with the given ZMS Server url.
`ZMSClient(String url, com.yahoo.athenz.auth.Principal identity)` Constructs a new ZMSClient object with the given ZMS Server url and given principal.
`ZMSClient(String url, SSLContext sslContext)` Constructs a new ZMSClient object with the given SSLContext object and ZMS Server Url.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`ZMSClient`	`addCredentials(com.yahoo.athenz.auth.Principal identity)` Sets or overrides the current principal identity set in the client.
`void`	`addCredentials(String credHeader, String credToken)` Set the client credentials using the specified header and token.
`ZMSClient`	`clearCredentials()` Clear the principal identity set for the client.
`void`	`close()` Close the ZMSClient object and release any allocated resources.
`void`	`deleteAssertion(String domainName, String policyName, Long assertionId, String auditRef)` Delete specified assertion from the given policy
`void`	`deleteAssertion(String domainName, String policyName, String version, Long assertionId, String auditRef)` Delete specified assertion from the given policy
`void`	`deleteAssertionCondition(String domainName, String policyName, Long assertionId, int conditionId, String auditRef)` Delete a single assertion condition associated with the given assertion id.
`void`	`deleteAssertionConditions(String domainName, String policyName, Long assertionId, String auditRef)` Delete all assertion conditions associated with the given assertion id.
`void`	`deleteDomainRoleMember(String domainName, String memberName, String auditRef)` Delete the specified user from all roles in the given domain
`void`	`deleteDomainTemplate(String domain, String template, String auditRef)` Delete the specified solution template roles and policies from the domain
`void`	`deleteEntity(String domainName, String entityName, String auditRef)` Delete the specified entity from the ZMS Server
`void`	`deleteGroup(String domainName, String groupName, String auditRef)` Delete the specified group from domain
`void`	`deleteGroupMembership(String domainName, String groupName, String memberName, String auditRef)` Remove the specified member from the group
`void`	`deleteMembership(String domainName, String roleName, String memberName, String auditRef)` Remove the specified member from the role
`void`	`deletePendingGroupMembership(String domainName, String groupName, String memberName, String auditRef)` Remove the specified pending member from the group
`void`	`deletePendingMembership(String domainName, String roleName, String memberName, String auditRef)` Remove the specified pending member from the role
`void`	`deletePolicy(String domainName, String policyName, String auditRef)` Delete specified policy from a domain
`void`	`deletePolicyVersion(String domainName, String policyName, String version, String auditRef)` Delete specified policy version from a domain
`void`	`deleteProviderResourceGroupRoles(String tenantDomain, String providerDomain, String providerServiceName, String resourceGroup, String auditRef)` Delete the provider roles for the specified tenant resource group from the tenant domain.
`void`	`deletePublicKeyEntry(String domainName, String serviceName, String keyId, String auditRef)` Delete the specified public key from the service object.
`void`	`deleteQuota(String domainName, String auditRef)` Delete the specified quota details for the specified domain
`void`	`deleteRole(String domainName, String roleName, String auditRef)` Delete the specified role from domain
`void`	`deleteServiceIdentity(String domainName, String serviceName, String auditRef)` Delete the specified service from a domain
`void`	`deleteSubDomain(String parent, String name, String auditRef)` Delete a sub-domain
`void`	`deleteTenancy(String tenantDomain, String providerService, String auditRef)` Delete the specified provider service from a tenant domain
`void`	`deleteTenant(String providerDomain, String providerService, String tenantDomain, String auditRef)` Delete the specified tenant from provider service
`void`	`deleteTenantResourceGroupRoles(String providerDomain, String providerServiceName, String tenantDomain, String resourceGroup, String auditRef)` Delete tenant roles for the specified tenant resource group in a domain
`void`	`deleteTopLevelDomain(String name, String auditRef)` Delete a top level domain
`void`	`deleteUser(String name, String auditRef)` Remove the specified user from Athens system.
`void`	`deleteUserDomain(String name, String auditRef)` Delete a top-level user-domain (user.<userid>)
`String`	`generateEntityName(String domain, String entity)` Generate an entity name as expected by ZMS Server can be used to set the entity object's name field (e.g.
`String`	`generateGroupName(String domain, String group)` Generate a group name as expected by ZMS Server can be used to set the group object's name field (e.g.
`String`	`generatePolicyName(String domain, String policy)` Generate a policy name as expected by ZMS Server can be used to set the policy object's name field (e.g.
`String`	`generateRoleName(String domain, String role)` Generate a role name as expected by ZMS Server can be used to set the role object's name field (e.g.
`String`	`generateServiceIdentityName(String domain, String service)` Generate a service name as expected by ZMS Server can be used to set the service identity object's name field (e.g.
`com.yahoo.athenz.zms.Access`	`getAccess(String action, String resource, String trustDomain)` Requests the ZMS to indicate whether or not the specific request for the specified resource with authentication details will be granted or not.
`com.yahoo.athenz.zms.Access`	`getAccess(String action, String resource, String trustDomain, String principal)` Requests the ZMS to indicate whether or not the specific request for the specified resource with authentication details will be granted or not.
`com.yahoo.athenz.zms.Access`	`getAccessExt(String action, String resource, String trustDomain, String principal)` Requests the ZMS to indicate whether or not the specific request for the specified resource with authentication details will be granted or not.
`com.yahoo.athenz.zms.Assertion`	`getAssertion(String domainName, String policyName, Long assertionId)` Return the specified policy object assertion
`com.yahoo.athenz.zms.Domain`	`getDomain(String domain)` Retrieve the specified domain object
`com.yahoo.athenz.zms.DomainDataCheck`	`getDomainDataCheck(String domain)` Check the data for the specified domain object
`com.yahoo.athenz.zms.DomainList`	`getDomainList()` Retrieve the list of domains provisioned on the ZMS Server
`com.yahoo.athenz.zms.DomainList`	`getDomainList(Integer limit, String skip, String prefix, Integer depth, String awsAccount, Integer productId, Date modifiedSince)` Retrieve the list of domains provisioned on the ZMS Server filters based on the specified arguments
`com.yahoo.athenz.zms.DomainList`	`getDomainList(Integer limit, String skip, String prefix, Integer depth, String awsAccount, Integer productId, String azureSubscription, Date modifiedSince)` Retrieve the list of domains provisioned on the ZMS Server filters based on the specified arguments
`com.yahoo.athenz.zms.DomainList`	`getDomainList(Integer limit, String skip, String prefix, Integer depth, String awsAccount, Integer productId, String azureSubscription, Date modifiedSince, String tagKey, String tagValue)` Retrieve the list of domains provisioned on the ZMS Server filters based on the specified arguments
`com.yahoo.athenz.zms.DomainList`	`getDomainList(Integer limit, String skip, String prefix, Integer depth, String awsAccount, Integer productId, String azureSubscription, Date modifiedSince, String tagKey, String tagValue, String businessService)` Retrieve the list of domains provisioned on the ZMS Server filters based on the specified arguments
`com.yahoo.athenz.zms.DomainList`	`getDomainList(String roleMember, String roleName)` Retrieve the list of domains provisioned on the ZMS Server filters based on the specified arguments
`com.yahoo.athenz.zms.DomainMetaStoreValidValuesList`	`getDomainMetaStoreValidValuesList(String attributeName, String userName)` Retrieve all valid values for the given attribute and user
`com.yahoo.athenz.zms.DomainRoleMembers`	`getDomainRoleMembers(String domainName)` Retrieve the list of all members provisioned for a domain in regular roles
`com.yahoo.athenz.zms.DomainTemplateList`	`getDomainTemplateList(String domain)` Retrieve the list of solution template provisioned for a domain
`com.yahoo.athenz.zms.Entity`	`getEntity(String domainName, String entityName)` Retrieve the specified entity from the ZMS Server
`com.yahoo.athenz.zms.EntityList`	`getEntityList(String domainName)` Retrieve the list of entities defined for the specified domain
`com.yahoo.athenz.zms.Group`	`getGroup(String domainName, String groupName, boolean auditLog, boolean pending)` Retrieve the specified group
`com.yahoo.athenz.zms.GroupMembership`	`getGroupMembership(String domainName, String groupName, String memberName, String expiration)` Get membership details for the specified member in the given group in a specified domain with an optional expiration
`com.yahoo.athenz.zms.Groups`	`getGroups(String domainName, Boolean members)` Retrieve the list of groups defined for the specified domain.
`com.yahoo.athenz.zms.Groups`	`getGroups(String domainName, Boolean members, String tagKey, String tagValue)` Retrieve the list of groups defined for the specified domain.
`com.yahoo.athenz.zms.JWSDomain`	`getJWSDomain(String domain)` Retrieve the specified singed domain object.
`com.yahoo.athenz.zms.JWSDomain`	`getJWSDomain(String domain, Boolean signatureP1363Format, String matchingTag, Map<String,List<String>> responseHeaders)` Retrieve the specified singed domain object.
`com.yahoo.athenz.zms.JWSDomain`	`getJWSDomain(String domain, String matchingTag, Map<String,List<String>> responseHeaders)` Retrieve the specified singed domain object.
`com.yahoo.athenz.zms.Membership`	`getMembership(String domainName, String roleName, String memberName)` Get membership details for the specified member in the given role in a specified domain
`com.yahoo.athenz.zms.Membership`	`getMembership(String domainName, String roleName, String memberName, String expiration)` Get membership details for the specified member in the given role in a specified domain with an optional expiration
`com.yahoo.athenz.zms.DomainRoleMembers`	`getOverdueReview(String domainName)` Get all domain members with overdue review dates
`com.yahoo.athenz.zms.DomainGroupMembership`	`getPendingDomainGroupMembersList(String principal)` Return all the list of pending requests for the given principal.
`com.yahoo.athenz.zms.DomainRoleMembership`	`getPendingDomainRoleMembersList(String principal)` Return all the list of pending requests for the given principal.
`com.yahoo.athenz.zms.Policies`	`getPolicies(String domainName, Boolean assertions)` Retrieve the list of policies defined for the specified domain.
`com.yahoo.athenz.zms.Policies`	`getPolicies(String domainName, Boolean assertions, Boolean includeNonActive)` Retrieve the list of policies defined for the specified domain.
`com.yahoo.athenz.zms.Policy`	`getPolicy(String domainName, String policyName)` Return the specified policy object
`com.yahoo.athenz.zms.PolicyList`	`getPolicyList(String domainName)` Get list of policies defined in the specified domain
`com.yahoo.athenz.zms.PolicyList`	`getPolicyList(String domainName, Integer limit, String skip)` Get list of policies defined in the specified domain filtered based on the specified arguments
`com.yahoo.athenz.zms.Policy`	`getPolicyVersion(String domainName, String policyName, String version)` Return the specified policy version object
`com.yahoo.athenz.zms.PolicyList`	`getPolicyVersionList(String domainName, String policyName)` Get list of policy versions for policy in a domain
`com.yahoo.athenz.auth.Principal`	`getPrincipal(String serviceToken)` The client will validate the given serviceToken against the ZMS Server and if the token is valid, it will return a Principal object.
`com.yahoo.athenz.auth.Principal`	`getPrincipal(String serviceToken, String tokenHeader)` The client will validate the given serviceToken against the ZMS Server and if the token is valid, it will return a Principal object.
`com.yahoo.athenz.zms.DomainGroupMember`	`getPrincipalGroups(String principal, String domainName)` Fetch all the groups across domains by either calling or specified principal
`com.yahoo.athenz.zms.DomainRoleMember`	`getPrincipalRoles(String principal, String domainName)` Fetch all the roles across domains by either calling or specified principal
`com.yahoo.athenz.zms.ProviderResourceGroupRoles`	`getProviderResourceGroupRoles(String tenantDomain, String providerDomain, String providerServiceName, String resourceGroup)` Retrieve the list of provider roles defined for a tenant resource group in a domain
`com.yahoo.athenz.zms.PublicKeyEntry`	`getPublicKeyEntry(String domainName, String serviceName, String keyId)` Retrieve the specified public key from the given service object
`com.yahoo.athenz.zms.Quota`	`getQuota(String domainName)` Retrieve the quota deatails for the specified domain
`com.yahoo.athenz.zms.ResourceAccessList`	`getResourceAccessList(String principal, String action)` Retrieve the list of resources as defined in their respective assertions that the given principal has access to through their role membership
`com.yahoo.athenz.zms.Role`	`getRole(String domainName, String roleName)` Retrieve the specified role
`com.yahoo.athenz.zms.Role`	`getRole(String domainName, String roleName, boolean auditLog)` Retrieve the specified role
`com.yahoo.athenz.zms.Role`	`getRole(String domainName, String roleName, boolean auditLog, boolean expand)` Retrieve the specified role
`com.yahoo.athenz.zms.Role`	`getRole(String domainName, String roleName, boolean auditLog, boolean expand, boolean pending)` Retrieve the specified role
`com.yahoo.athenz.zms.RoleList`	`getRoleList(String domainName)` Retrieve the list of roles defined for the specified domain
`com.yahoo.athenz.zms.RoleList`	`getRoleList(String domainName, Integer limit, String skip)` Retrieve the list of roles defined for the specified domain filtered based on the parameters specified
`com.yahoo.athenz.zms.Roles`	`getRoles(String domainName, Boolean members)` Retrieve the list of roles defined for the specified domain.
`com.yahoo.athenz.zms.Roles`	`getRoles(String domainName, Boolean members, String tagKey, String tagValue)` Retrieve the list of roles defined for the specified domain.
`com.yahoo.athenz.zms.ServerTemplateList`	`getServerTemplateList()` Retrieve the list of solution templates provisioned on the ZMS Server
`com.yahoo.athenz.zms.ServiceIdentities`	`getServiceIdentities(String domainName, Boolean publicKeys, Boolean hosts)` Retrieve the list of services defined for the specified domain.
`com.yahoo.athenz.zms.ServiceIdentity`	`getServiceIdentity(String domainName, String serviceName)` Retrieve the specified service object from a domain
`com.yahoo.athenz.zms.ServiceIdentityList`	`getServiceIdentityList(String domainName)` Retrieve the full list of services defined in a domain
`com.yahoo.athenz.zms.ServiceIdentityList`	`getServiceIdentityList(String domainName, Integer limit, String skip)` Retrieve the list of services defined in a domain filtered based on the specified arguments
`com.yahoo.athenz.zms.SignedDomains`	`getSignedDomains(String domainName, String metaOnly, String metaAttr, boolean masterCopy, boolean conditions, String matchingTag, Map<String,List<String>> responseHeaders)` Retrieve the list of all domain data from the ZMS Server that is signed with ZMS's private key.
`com.yahoo.athenz.zms.SignedDomains`	`getSignedDomains(String domainName, String metaOnly, String metaAttr, boolean masterCopy, String matchingTag, Map<String,List<String>> responseHeaders)` Retrieve the list of all domain data from the ZMS Server that is signed with ZMS's private key.
`com.yahoo.athenz.zms.SignedDomains`	`getSignedDomains(String domainName, String metaOnly, String matchingTag, Map<String,List<String>> responseHeaders)` Retrieve the list of all domain data from the ZMS Server that is signed with ZMS's private key.
`com.yahoo.athenz.zms.SignedDomains`	`getSignedDomains(String domainName, String metaOnly, String metaAttr, String matchingTag, Map<String,List<String>> responseHeaders)` Retrieve the list of all domain data from the ZMS Server that is signed with ZMS's private key.
`com.yahoo.athenz.zms.Template`	`getTemplate(String template)` Retrieve the the specified solution template provisioned on the ZMS Server.
`com.yahoo.athenz.zms.TenantResourceGroupRoles`	`getTenantResourceGroupRoles(String providerDomain, String providerServiceName, String tenantDomain, String resourceGroup)` Retrieve the list of tenant roles defined for a tenant resource group in a domain
`com.yahoo.athenz.zms.UserList`	`getUserList()` Get list of users defined in the system
`com.yahoo.athenz.zms.UserList`	`getUserList(String domainName)` Get list of users defined in the system
`com.yahoo.athenz.zms.UserToken`	`getUserToken(String userName)` For the specified user credentials return the corresponding User Token that can be used for authenticating other ZMS operations.
`com.yahoo.athenz.zms.UserToken`	`getUserToken(String userName, String serviceNames)` For the specified user credentials return the corresponding User Token that can be used for authenticating other ZMS operations by any of the specified authorized services.
`com.yahoo.athenz.zms.UserToken`	`getUserToken(String userName, String serviceNames, Boolean header)` For the specified user credentials return the corresponding User Token that can be used for authenticating other ZMS operations by any of the specified authorized services.
`String`	`getZmsUrl()`
`com.yahoo.athenz.zms.Domain`	`postSubDomain(String parent, String auditRef, com.yahoo.athenz.zms.SubDomain detail)` Create/Update a sub-domain in the specified domain.
`com.yahoo.athenz.zms.Domain`	`postTopLevelDomain(String auditRef, com.yahoo.athenz.zms.TopLevelDomain detail)` Create/Update Top level domain.
`com.yahoo.athenz.zms.Domain`	`postUserDomain(String name, String auditRef, com.yahoo.athenz.zms.UserDomain detail)` Create a top-level user-domain - this is user.<userid> domain.
`com.yahoo.athenz.zms.Assertion`	`putAssertion(String domainName, String policyName, String auditRef, com.yahoo.athenz.zms.Assertion assertion)` Add the specified assertion to the specified policy
`com.yahoo.athenz.zms.Assertion`	`putAssertion(String domainName, String policyName, String version, String auditRef, com.yahoo.athenz.zms.Assertion assertion)` Add the specified assertion to the specified policy
`com.yahoo.athenz.zms.AssertionCondition`	`putAssertionCondition(String domainName, String policyName, Long assertionId, String auditRef, com.yahoo.athenz.zms.AssertionCondition assertionCondition)` Store a single logical assertion condition.
`com.yahoo.athenz.zms.AssertionConditions`	`putAssertionConditions(String domainName, String policyName, Long assertionId, String auditRef, com.yahoo.athenz.zms.AssertionConditions assertionConditions)` Store multiple logical assertion conditions.
`void`	`putDefaultAdmins(String domainName, String auditRef, com.yahoo.athenz.zms.DefaultAdmins defaultAdmins)` For the specified domain in domainName, a list of default administrators can be passed to this method and will be added to the domain's admin role In addition this method will ensure that the admin role and policy exist and are properly set up
`void`	`putDomainMeta(String name, String auditRef, com.yahoo.athenz.zms.DomainMeta detail)` Set the domain meta parameters
`void`	`putDomainSystemMeta(String name, String attribute, String auditRef, com.yahoo.athenz.zms.DomainMeta detail)` Set the domain system meta parameters
`void`	`putDomainTemplate(String domain, String auditRef, com.yahoo.athenz.zms.DomainTemplate templates)` Provision the specified solution template roles and policies in the domain
`void`	`putDomainTemplateExt(String domain, String template, String auditRef, com.yahoo.athenz.zms.DomainTemplate templates)` Provision the specified solution template roles and policies in the domain
`void`	`putEntity(String domainName, String entityName, String auditRef, com.yahoo.athenz.zms.Entity entity)` Create/update an entity object in ZMS
`void`	`putGroup(String domainName, String groupName, String auditRef, com.yahoo.athenz.zms.Group group)` Create/Update a new group in the specified domain.
`void`	`putGroupMembership(String domainName, String groupName, String memberName, String auditRef)` Add a member in the specified group
`void`	`putGroupMembershipDecision(String domainName, String groupName, String memberName, boolean approval, String auditRef)` Approve or reject addition of a member in the specified group
`void`	`putGroupMeta(String domainName, String groupName, String auditRef, com.yahoo.athenz.zms.GroupMeta meta)` Set the group meta parameters
`void`	`putGroupReview(String domainName, String groupName, String auditRef, com.yahoo.athenz.zms.Group group)` Review group membership to extend and/or delete group members
`void`	`putGroupSystemMeta(String domainName, String groupName, String attribute, String auditRef, com.yahoo.athenz.zms.GroupSystemMeta meta)` Set the group system meta parameters
`void`	`putMembership(String domainName, String roleName, String memberName, String auditRef)` Add a new member in the specified role.
`void`	`putMembership(String domainName, String roleName, String memberName, com.yahoo.rdl.Timestamp expiration, String auditRef)` Add a temporary member in the specified role with expiration
`void`	`putMembershipDecision(String domainName, String roleName, String memberName, com.yahoo.rdl.Timestamp expiration, boolean approval, String auditRef)` Approve or reject addition of a member in the specified role optionally with expiration
`void`	`putMembershipWithReview(String domainName, String roleName, String memberName, com.yahoo.rdl.Timestamp expiration, com.yahoo.rdl.Timestamp review, String auditRef)` Add a member in the specified role with optional expiration and optional review
`void`	`putPolicy(String domainName, String policyName, String auditRef, com.yahoo.athenz.zms.Policy policy)` Create/Update a new policy in the specified domain.
`void`	`putPolicyVersion(String domainName, String policyName, String version, String auditRef)` Create a new policy version in the specified domain.
`void`	`putPolicyVersion(String domainName, String policyName, String version, String fromVersion, String auditRef)` Create a new policy version in the specified domain.
`void`	`putProviderResourceGroupRoles(String tenantDomain, String providerDomain, String providerServiceName, String resourceGroup, String auditRef, com.yahoo.athenz.zms.ProviderResourceGroupRoles providerRoles)` Create provider roles for the specified tenant resource group in the tenant domain.
`void`	`putPublicKeyEntry(String domainName, String serviceName, String keyId, String auditRef, com.yahoo.athenz.zms.PublicKeyEntry publicKeyEntry)` Update or add (if doesn't already exist) the specified public key in the service object
`void`	`putQuota(String domainName, String auditRef, com.yahoo.athenz.zms.Quota quota)` Create/Update the quota details for the specified domain
`void`	`putRole(String domainName, String roleName, String auditRef, com.yahoo.athenz.zms.Role role)` Create/Update a new role in the specified domain.
`void`	`putRoleMeta(String domainName, String roleName, String auditRef, com.yahoo.athenz.zms.RoleMeta meta)` Set the role meta parameters
`void`	`putRoleReview(String domainName, String roleName, String auditRef, com.yahoo.athenz.zms.Role role)` Review role membership to extend and/or delete role members
`void`	`putRoleSystemMeta(String domainName, String roleName, String attribute, String auditRef, com.yahoo.athenz.zms.RoleSystemMeta meta)` Set the role system meta parameters
`void`	`putServiceIdentity(String domainName, String serviceName, String auditRef, com.yahoo.athenz.zms.ServiceIdentity service)` Create/Update a new service in the specified domain.
`void`	`putServiceIdentitySystemMeta(String domainName, String serviceName, String attribute, String auditRef, com.yahoo.athenz.zms.ServiceIdentitySystemMeta meta)` Set the service system meta parameters
`void`	`putTenancy(String tenantDomain, String providerService, String auditRef, com.yahoo.athenz.zms.Tenancy tenant)` Register a new provider service for a given tenant domain
`void`	`putTenant(String providerDomain, String providerService, String tenantDomain, String auditRef, com.yahoo.athenz.zms.Tenancy tenant)` Register a new tenant domain for the provider service
`void`	`putTenantResourceGroupRoles(String providerDomain, String providerServiceName, String tenantDomain, String resourceGroup, String auditRef, com.yahoo.athenz.zms.TenantResourceGroupRoles tenantRoles)` Create tenant roles for the specified tenant resource group.
`void`	`setActivePolicyVersion(String domainName, String policyName, String version, String auditRef)` Set a specified policy version active
`void`	`setProperty(String name, Object value)` Set new ZMS Client configuration property.
`void`	`setZMSRDLGeneratedClient(ZMSRDLGeneratedClient client)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - client
```
protected ZMSRDLGeneratedClient client
```
  - ZMS_CLIENT_PROP_ATHENZ_CONF
```
public static final String ZMS_CLIENT_PROP_ATHENZ_CONF
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_READ_TIMEOUT
```
public static final String ZMS_CLIENT_PROP_READ_TIMEOUT
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_CONNECT_TIMEOUT
```
public static final String ZMS_CLIENT_PROP_CONNECT_TIMEOUT
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_CERT_ALIAS
```
public static final String ZMS_CLIENT_PROP_CERT_ALIAS
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_KEYSTORE_PATH
```
public static final String ZMS_CLIENT_PROP_KEYSTORE_PATH
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_KEYSTORE_TYPE
```
public static final String ZMS_CLIENT_PROP_KEYSTORE_TYPE
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_KEYSTORE_PASSWORD
```
public static final String ZMS_CLIENT_PROP_KEYSTORE_PASSWORD
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_KEYSTORE_PWD_APP_NAME
```
public static final String ZMS_CLIENT_PROP_KEYSTORE_PWD_APP_NAME
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_KEY_MANAGER_PASSWORD
```
public static final String ZMS_CLIENT_PROP_KEY_MANAGER_PASSWORD
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_KEY_MANAGER_PWD_APP_NAME
```
public static final String ZMS_CLIENT_PROP_KEY_MANAGER_PWD_APP_NAME
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_TRUSTSTORE_PATH
```
public static final String ZMS_CLIENT_PROP_TRUSTSTORE_PATH
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_TRUSTSTORE_TYPE
```
public static final String ZMS_CLIENT_PROP_TRUSTSTORE_TYPE
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_TRUSTSTORE_PASSWORD
```
public static final String ZMS_CLIENT_PROP_TRUSTSTORE_PASSWORD
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_TRUSTSTORE_PWD_APP_NAME
```
public static final String ZMS_CLIENT_PROP_TRUSTSTORE_PWD_APP_NAME
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_PRIVATE_KEY_STORE_FACTORY_CLASS
```
public static final String ZMS_CLIENT_PROP_PRIVATE_KEY_STORE_FACTORY_CLASS
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PROP_CLIENT_PROTOCOL
```
public static final String ZMS_CLIENT_PROP_CLIENT_PROTOCOL
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_PKEY_STORE_FACTORY_CLASS
```
public static final String ZMS_CLIENT_PKEY_STORE_FACTORY_CLASS
```
    See Also:
    
    Constant Field Values
  - ZMS_CLIENT_DEFAULT_CLIENT_SSL_PROTOCOL
```
public static final String ZMS_CLIENT_DEFAULT_CLIENT_SSL_PROTOCOL
```
    See Also:
    
    Constant Field Values
- Constructor Detail
  - ZMSClient
```
public ZMSClient()
```
    Constructs a new ZMSClient object with default settings. The url for ZMS Server is automatically retrieved from the athenz configuration file (zmsUrl field). The client can only be used to retrieve objects from ZMS that do not require any authentication otherwise addCredentials method must be used to set the principal identity. Default read and connect timeout values are 30000ms (30sec). The application can change these values by using the athenz.zms.client.read_timeout and athenz.zms.client.connect_timeout system properties. The values specified for timeouts must be in milliseconds.
  - ZMSClient
```
public ZMSClient(String url)
```
    Constructs a new ZMSClient object with the given ZMS Server url. The client can only be used to retrieve objects from ZMS that do not require any authentication otherwise addCredentials method must be used to set the principal identity. Default read and connect timeout values are 30000ms (30sec). The application can change these values by using the athenz.zms.client.read_timeout and athenz.zms.client.connect_timeout system properties. The values specified for timeouts must be in milliseconds.
    
    Parameters:
    
    url - ZMS Server url (e.g. https://server1.athenzcompany.com:4443/zms/v1)
  - ZMSClient
```
public ZMSClient(String url,
                 com.yahoo.athenz.auth.Principal identity)
```
    Constructs a new ZMSClient object with the given ZMS Server url and given principal. The credentials from the principal object will be used to set call the addCredentials method for the zms client object. Default read and connect timeout values are 30000ms (30sec). The application can change these values by using the athenz.zms.client.read_timeout and athenz.zms.client.connect_timeout system properties. The values specified for timeouts must be in milliseconds.
    
    Parameters:
    
    url - ZMS Server url (e.g. https://server1.athenzcompany.com:4443/zms/v1)
    
    identity - Principal object that includes credentials
  - ZMSClient
```
public ZMSClient(com.yahoo.athenz.auth.Principal identity)
```
    Constructs a new ZMSClient object with default settings and given principal object for credentials. The url for ZMS Server is automatically retrieved from the athenz configuration file (zmsUrl field). Default read and connect timeout values are 30000ms (30sec). The application can change these values by using the athenz.zms.client.read_timeout and athenz.zms.client.connect_timeout system properties. The values specified for timeouts must be in milliseconds.
    
    Parameters:
    
    identity - Principal object that includes credentials
  - ZMSClient
```
public ZMSClient(String url,
                 SSLContext sslContext)
```
    Constructs a new ZMSClient object with the given SSLContext object and ZMS Server Url. Default read and connect timeout values are 30000ms (30sec). The application can change these values by using the athenz.zms.client.read_timeout and athenz.zms.client.connect_timeout system properties. The values specified for timeouts must be in milliseconds.
    
    Parameters:
    
    url - ZMS Server url (e.g. https://server1.athenzcompany.com:4443/zms/v1)
    
    sslContext - SSLContext that includes service's private key and x.509 certificate for authenticating requests
- Method Detail
  - close
```
public void close()
```
    Close the ZMSClient object and release any allocated resources.
    
    Specified by:
    
    close in interface Closeable
    
    Specified by:
    
    close in interface AutoCloseable
  - setProperty
```
public void setProperty(String name,
                        Object value)
```
    Set new ZMS Client configuration property. This method calls internal javax.ws.rs.client.Client client's property method. If already set, the existing value of the property will be updated. Setting a null value into a property effectively removes the property from the property bag.
    
    Parameters:
    
    name - property name.
    
    value - property value. null value removes the property with the given name.
  - setZMSRDLGeneratedClient
```
public void setZMSRDLGeneratedClient(ZMSRDLGeneratedClient client)
```
  - addCredentials
```
public void addCredentials(String credHeader,
                           String credToken)
```
    Set the client credentials using the specified header and token.
    
    Parameters:
    
    credHeader - authentication header name
    
    credToken - authentication credentials
  - addCredentials
```
public ZMSClient addCredentials(com.yahoo.athenz.auth.Principal identity)
```
    Sets or overrides the current principal identity set in the client.
    
    Parameters:
    
    identity - Principal identity for authenticating requests
    
    Returns:
    
    self ZMSClient object
  - clearCredentials
```
public ZMSClient clearCredentials()
```
    Clear the principal identity set for the client. Unless a new principal is set using the addCredentials method, the client can only be used to requests data from the ZMS Server that doesn't require any authentication.
    
    Returns:
    
    self ZMSClient object
  - getZmsUrl
```
public String getZmsUrl()
```
  - generateRoleName
```
public String generateRoleName(String domain,
                               String role)
```
    Generate a role name as expected by ZMS Server can be used to set the role object's name field (e.g. role.setName(name))
    
    Parameters:
    
    domain - name of the domain
    
    role - name of the role
    
    Returns:
    
    full role name
  - generatePolicyName
```
public String generatePolicyName(String domain,
                                 String policy)
```
    Generate a policy name as expected by ZMS Server can be used to set the policy object's name field (e.g. policy.setName(name))
    
    Parameters:
    
    domain - name of the domain
    
    policy - name of the policy
    
    Returns:
    
    full policy name
  - generateServiceIdentityName
```
public String generateServiceIdentityName(String domain,
                                          String service)
```
    Generate a service name as expected by ZMS Server can be used to set the service identity object's name field (e.g. serviceIdentity.setName(name))
    
    Parameters:
    
    domain - name of the domain
    
    service - name of the service
    
    Returns:
    
    full service identity name
  - generateEntityName
```
public String generateEntityName(String domain,
                                 String entity)
```
    Generate an entity name as expected by ZMS Server can be used to set the entity object's name field (e.g. entity.setName(name))
    
    Parameters:
    
    domain - name of the domain
    
    entity - name of the service
    
    Returns:
    
    full entity name
  - getDomain
```
public com.yahoo.athenz.zms.Domain getDomain(String domain)
```
    Retrieve the specified domain object
    
    Parameters:
    
    domain - name of the domain to be retrieved
    
    Returns:
    
    Domain object
    
    Throws:
    
    ZMSClientException - in case of failure
  - getJWSDomain
```
public com.yahoo.athenz.zms.JWSDomain getJWSDomain(String domain)
```
    Retrieve the specified singed domain object. The domain object includes all roles, policies, services and domain attributes. The domain data is base64url encoded in the payload field based on JWS RFC 7515 https://tools.ietf.org/html/rfc7515#section-7.2.2
    
    Parameters:
    
    domain - name of the domain to be retrieved
    
    Returns:
    
    JWSDomain object
    
    Throws:
    
    ZMSClientException - in case of failure
  - getJWSDomain
```
public com.yahoo.athenz.zms.JWSDomain getJWSDomain(String domain,
                                                   String matchingTag,
                                                   Map<String,List<String>> responseHeaders)
```
    Retrieve the specified singed domain object. The domain object includes all roles, policies, services and domain attributes. The domain data is base64url encoded in the payload field based on JWS RFC 7515 https://tools.ietf.org/html/rfc7515#section-7.2.2
    
    Parameters:
    
    domain - name of the domain to be retrieved
    
    matchingTag - (can be null) contains modified timestamp received with last request. If null, then return all domains.
    
    responseHeaders - contains the "tag" returned for modification time of the domains, map key = "tag", List should contain a single value timestamp String to be used with subsequent call as matchingTag to this API
    
    Returns:
    
    JWSDomain object
    
    Throws:
    
    ZMSClientException - in case of failure
  - getJWSDomain
```
public com.yahoo.athenz.zms.JWSDomain getJWSDomain(String domain,
                                                   Boolean signatureP1363Format,
                                                   String matchingTag,
                                                   Map<String,List<String>> responseHeaders)
```
    Retrieve the specified singed domain object. The domain object includes all roles, policies, services and domain attributes. The domain data is base64url encoded in the payload field based on JWS RFC 7515 https://tools.ietf.org/html/rfc7515#section-7.2.2
    
    Parameters:
    
    domain - name of the domain to be retrieved
    
    signatureP1363Format - return signature in P1363 format instead of ASN.1 DER
    
    matchingTag - (can be null) contains modified timestamp received with last request. If null, then return all domains.
    
    responseHeaders - contains the "tag" returned for modification time of the domains, map key = "tag", List should contain a single value timestamp String to be used with subsequent call as matchingTag to this API
    
    Returns:
    
    JWSDomain object
    
    Throws:
    
    ZMSClientException - in case of failure
  - getDomainList
```
public com.yahoo.athenz.zms.DomainList getDomainList()
```
    Retrieve the list of domains provisioned on the ZMS Server
    
    Returns:
    
    list of Domains
    
    Throws:
    
    ZMSClientException - in case of failure
  - getDomainList
```
public com.yahoo.athenz.zms.DomainList getDomainList(Integer limit,
                                                     String skip,
                                                     String prefix,
                                                     Integer depth,
                                                     String awsAccount,
                                                     Integer productId,
                                                     Date modifiedSince)
```
    Retrieve the list of domains provisioned on the ZMS Server filters based on the specified arguments
    
    Parameters:
    
    limit - number of domain objects to return
    
    skip - exclude all the domains including the specified one from the return set
    
    prefix - return domains starting with this value
    
    depth - maximum depth of the domain (0 - top level domains only)
    
    awsAccount - return domain that has the specified aws account name. If account name is specified all other optional attributes are ignored since there must be only one domain matching the specified account name.
    
    productId - return domain that has the specified product id. If product id is specified all other optional attributes are ignored since there must be only one domain matching the specified product id.
    
    modifiedSince - return domains only modified since this date
    
    Returns:
    
    list of domain names
    
    Throws:
    
    ZMSClientException - in case of failure
  - getDomainList
```
public com.yahoo.athenz.zms.DomainList getDomainList(Integer limit,
                                                     String skip,
                                                     String prefix,
                                                     Integer depth,
                                                     String awsAccount,
                                                     Integer productId,
                                                     String azureSubscription,
                                                     Date modifiedSince)
```
    Retrieve the list of domains provisioned on the ZMS Server filters based on the specified arguments
    
    Parameters:
    
    limit - number of domain objects to return
    
    skip - exclude all the domains including the specified one from the return set
    
    prefix - return domains starting with this value
    
    depth - maximum depth of the domain (0 - top level domains only)
    
    awsAccount - return domain that has the specified aws account name. If account name is specified all other optional attributes are ignored since there must be only one domain matching the specified account name.
    
    productId - return domain that has the specified product id. If product id is specified all other optional attributes are ignored since there must be only one domain matching the specified product id.
    
    azureSubscription - return domain that has the specified azure subscription id. If subscription id is specified all other optional attributes are ignored since there must be only one domain matching the specified subscription id.
    
    modifiedSince - return domains only modified since this date
    
    Returns:
    
    list of domain names
    
    Throws:
    
    ZMSClientException - in case of failure
  - getDomainList
```
public com.yahoo.athenz.zms.DomainList getDomainList(Integer limit,
                                                     String skip,
                                                     String prefix,
                                                     Integer depth,
                                                     String awsAccount,
                                                     Integer productId,
                                                     String azureSubscription,
                                                     Date modifiedSince,
                                                     String tagKey,
                                                     String tagValue)
```
    Retrieve the list of domains provisioned on the ZMS Server filters based on the specified arguments
    
    Parameters:
    
    limit - number of domain objects to return
    
    skip - exclude all the domains including the specified one from the return set
    
    prefix - return domains starting with this value
    
    depth - maximum depth of the domain (0 - top level domains only)
    
    awsAccount - return domain that has the specified aws account name. If account name is specified all other optional attributes are ignored since there must be only one domain matching the specified account name.
    
    productId - return domain that has the specified product id. If product id is specified all other optional attributes are ignored since there must be only one domain matching the specified product id.
    
    azureSubscription - return domain that has the specified azure subscription id. If subscription id is specified all other optional attributes are ignored since there must be only one domain matching the specified subscription id.
    
    modifiedSince - return domains only modified since this date
    
    tagKey - query all domains with given tag name
    
    tagValue - query all domains with given tag key and value
    
    Returns:
    
    list of domain names
    
    Throws:
    
    ZMSClientException - in case of failure
  - getDomainList
```
public com.yahoo.athenz.zms.DomainList getDomainList(Integer limit,
                                                     String skip,
                                                     String prefix,
                                                     Integer depth,
                                                     String awsAccount,
                                                     Integer productId,
                                                     String azureSubscription,
                                                     Date modifiedSince,
                                                     String tagKey,
                                                     String tagValue,
                                                     String businessService)
```
    Retrieve the list of domains provisioned on the ZMS Server filters based on the specified arguments
    
    Parameters:
    
    limit - number of domain objects to return
    
    skip - exclude all the domains including the specified one from the return set
    
    prefix - return domains starting with this value
    
    depth - maximum depth of the domain (0 - top level domains only)
    
    awsAccount - return domain that has the specified aws account name. If account name is specified all other optional attributes are ignored since there must be only one domain matching the specified account name.
    
    productId - return domain that has the specified product id. If product id is specified all other optional attributes are ignored since there must be only one domain matching the specified product id.
    
    azureSubscription - return domain that has the specified azure subscription id. If subscription id is specified all other optional attributes are ignored since there must be only one domain matching the specified subscription id.
    
    modifiedSince - return domains only modified since this date
    
    tagKey - query all domains with given tag name
    
    tagValue - query all domains with given tag key and value
    
    businessService - returns domains that have the specified business service.
    
    Returns:
    
    list of domain names
    
    Throws:
    
    ZMSClientException - in case of failure
  - getDomainList
```
public com.yahoo.athenz.zms.DomainList getDomainList(String roleMember,
                                                     String roleName)
```
    Retrieve the list of domains provisioned on the ZMS Server filters based on the specified arguments
    
    Parameters:
    
    roleMember - name of the principal
    
    roleName - name of the role where the principal is a member of
    
    Returns:
    
    list of domain names
    
    Throws:
    
    ZMSClientException - in case of failure
  - postTopLevelDomain
```
public com.yahoo.athenz.zms.Domain postTopLevelDomain(String auditRef,
                                                      com.yahoo.athenz.zms.TopLevelDomain detail)
```
    Create/Update Top level domain. If updating a domain the provided object must contain all attributes as it will replace the full domain object configured on the server (not just some of the attributes).
    
    Parameters:
    
    auditRef - string containing audit specification or ticket number
    
    detail - TopLevelDomain object to be created in ZMS
    
    Returns:
    
    created Domain object
    
    Throws:
    
    ZMSClientException - in case of failure
  - postSubDomain
```
public com.yahoo.athenz.zms.Domain postSubDomain(String parent,
                                                 String auditRef,
                                                 com.yahoo.athenz.zms.SubDomain detail)
```
    Create/Update a sub-domain in the specified domain. If updating a subdomain the provided object must contain all attributes as it will replace the full domain object configured on the server (not just some of the attributes).
    
    Parameters:
    
    parent - name of the parent domain
    
    auditRef - string containing audit specification or ticket number
    
    detail - SubDomain object to be created in ZMS
    
    Returns:
    
    created Domain object
    
    Throws:
    
    ZMSClientException - in case of failure
  - postUserDomain
```
public com.yahoo.athenz.zms.Domain postUserDomain(String name,
                                                  String auditRef,
                                                  com.yahoo.athenz.zms.UserDomain detail)
```
    Create a top-level user-domain - this is user.<userid> domain.
    
    Parameters:
    
    name - domain to be created, this is the <userid>
    
    auditRef - string containing audit specification or ticket number
    
    detail - UserDomain object to be created in ZMS
    
    Returns:
    
    created Domain object
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteTopLevelDomain
```
public void deleteTopLevelDomain(String name,
                                 String auditRef)
```
    Delete a top level domain
    
    Parameters:
    
    name - domain name to be deleted from ZMS
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteSubDomain
```
public void deleteSubDomain(String parent,
                            String name,
                            String auditRef)
```
    Delete a sub-domain
    
    Parameters:
    
    parent - name of the parent domain
    
    name - sub-domain to be deleted
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteUserDomain
```
public void deleteUserDomain(String name,
                             String auditRef)
```
    Delete a top-level user-domain (user.<userid>)
    
    Parameters:
    
    name - domain to be deleted, this is the <userid>
    
    auditRef - string containing audit specification or ticket number
  - putDomainMeta
```
public void putDomainMeta(String name,
                          String auditRef,
                          com.yahoo.athenz.zms.DomainMeta detail)
```
    Set the domain meta parameters
    
    Parameters:
    
    name - domain name to be modified
    
    auditRef - string containing audit specification or ticket number
    
    detail - meta parameters to be set on the domain
  - putDomainSystemMeta
```
public void putDomainSystemMeta(String name,
                                String attribute,
                                String auditRef,
                                com.yahoo.athenz.zms.DomainMeta detail)
```
    Set the domain system meta parameters
    
    Parameters:
    
    name - domain name to be modified
    
    attribute - system attribute being modified in this request
    
    auditRef - string containing audit specification or ticket number
    
    detail - meta parameters to be set on the domain
  - getRoleList
```
public com.yahoo.athenz.zms.RoleList getRoleList(String domainName)
```
    Retrieve the list of roles defined for the specified domain
    
    Parameters:
    
    domainName - name of the domain
    
    Returns:
    
    list of role names
    
    Throws:
    
    ZMSClientException - in case of failure
  - getRoleList
```
public com.yahoo.athenz.zms.RoleList getRoleList(String domainName,
                                                 Integer limit,
                                                 String skip)
```
    Retrieve the list of roles defined for the specified domain filtered based on the parameters specified
    
    Parameters:
    
    domainName - name of the domain
    
    limit - number of roles to return
    
    skip - exclude all the roles including the specified one from the return set
    
    Returns:
    
    list of role names
    
    Throws:
    
    ZMSClientException - in case of failure
  - getRoles
```
public com.yahoo.athenz.zms.Roles getRoles(String domainName,
                                           Boolean members,
                                           String tagKey,
                                           String tagValue)
```
    Retrieve the list of roles defined for the specified domain. The roles will contain their attributes and, if specified, the list of members.
    
    Parameters:
    
    domainName - name of the domain
    
    members - include all members for group roles as well
    
    tagKey - query all roles with given tag name
    
    tagValue - query all roles with given tag key and value
    
    Returns:
    
    list of roles
    
    Throws:
    
    ZMSClientException - in case of failure
  - getRoles
```
public com.yahoo.athenz.zms.Roles getRoles(String domainName,
                                           Boolean members)
```
    Retrieve the list of roles defined for the specified domain. The roles will contain their attributes and, if specified, the list of members.
    
    Parameters:
    
    domainName - name of the domain
    
    members - include all members for group roles as well
    
    Returns:
    
    list of roles
    
    Throws:
    
    ZMSClientException - in case of failure
  - getRole
```
public com.yahoo.athenz.zms.Role getRole(String domainName,
                                         String roleName)
```
    Retrieve the specified role
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    Returns:
    
    role object
    
    Throws:
    
    ZMSClientException - in case of failure
  - getRole
```
public com.yahoo.athenz.zms.Role getRole(String domainName,
                                         String roleName,
                                         boolean auditLog)
```
    Retrieve the specified role
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    auditLog - include audit log for the role changes in the response
    
    Returns:
    
    role object
    
    Throws:
    
    ZMSClientException - in case of failure
  - getRole
```
public com.yahoo.athenz.zms.Role getRole(String domainName,
                                         String roleName,
                                         boolean auditLog,
                                         boolean expand)
```
    Retrieve the specified role
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    auditLog - include audit log for the role changes in the response
    
    expand - if the requested role is a delegated/trust role, this flag will instruct the ZMS server to automatically retrieve the members of the role from the delegated domain and return as part of the role object
    
    Returns:
    
    role object
    
    Throws:
    
    ZMSClientException - in case of failure
  - getRole
```
public com.yahoo.athenz.zms.Role getRole(String domainName,
                                         String roleName,
                                         boolean auditLog,
                                         boolean expand,
                                         boolean pending)
```
    Retrieve the specified role
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    auditLog - include audit log for the role changes in the response
    
    expand - if the requested role is a delegated/trust role, this flag will instruct the ZMS server to automatically retrieve the members of the role from the delegated domain and return as part of the role object
    
    pending - if this flag is set, then all members for that role will be retrieved including pending members
    
    Returns:
    
    role object
    
    Throws:
    
    ZMSClientException - in case of failure
  - putRole
```
public void putRole(String domainName,
                    String roleName,
                    String auditRef,
                    com.yahoo.athenz.zms.Role role)
```
    Create/Update a new role in the specified domain. If updating a role the provided object must contain all attributes as it will replace the full role object configured on the server (not just some of the attributes).
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    auditRef - string containing audit specification or ticket number
    
    role - role object to be added to the domain
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteRole
```
public void deleteRole(String domainName,
                       String roleName,
                       String auditRef)
```
    Delete the specified role from domain
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - getMembership
```
public com.yahoo.athenz.zms.Membership getMembership(String domainName,
                                                     String roleName,
                                                     String memberName)
```
    Get membership details for the specified member in the given role in a specified domain
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    memberName - name of the member
    
    Returns:
    
    Membership object
    
    Throws:
    
    ZMSClientException - in case of failure
  - getMembership
```
public com.yahoo.athenz.zms.Membership getMembership(String domainName,
                                                     String roleName,
                                                     String memberName,
                                                     String expiration)
```
    Get membership details for the specified member in the given role in a specified domain with an optional expiration
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    memberName - name of the member
    
    expiration - member expiration
    
    Returns:
    
    Membership object
    
    Throws:
    
    ZMSClientException - in case of failure
  - getOverdueReview
```
public com.yahoo.athenz.zms.DomainRoleMembers getOverdueReview(String domainName)
```
    Get all domain members with overdue review dates
    
    Parameters:
    
    domainName - name of the domain
    
    Returns:
    
    Domain members with overdue review dates
  - putMembership
```
public void putMembership(String domainName,
                          String roleName,
                          String memberName,
                          String auditRef)
```
    Add a new member in the specified role.
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    memberName - name of the member to be added
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - putMembership
```
public void putMembership(String domainName,
                          String roleName,
                          String memberName,
                          com.yahoo.rdl.Timestamp expiration,
                          String auditRef)
```
    Add a temporary member in the specified role with expiration
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    memberName - name of the member to be added
    
    expiration - timestamp when this membership will expire (optional)
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - putMembershipWithReview
```
public void putMembershipWithReview(String domainName,
                                    String roleName,
                                    String memberName,
                                    com.yahoo.rdl.Timestamp expiration,
                                    com.yahoo.rdl.Timestamp review,
                                    String auditRef)
```
    Add a member in the specified role with optional expiration and optional review
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    memberName - name of the member to be added
    
    expiration - timestamp when this membership will expire (optional)
    
    review - timestamp when this membership will require review (optional)
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteMembership
```
public void deleteMembership(String domainName,
                             String roleName,
                             String memberName,
                             String auditRef)
```
    Remove the specified member from the role
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    memberName - name of the member to be removed
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - deletePendingMembership
```
public void deletePendingMembership(String domainName,
                                    String roleName,
                                    String memberName,
                                    String auditRef)
```
    Remove the specified pending member from the role
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    memberName - name of the pending member to be removed
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - getUserList
```
public com.yahoo.athenz.zms.UserList getUserList(String domainName)
```
    Get list of users defined in the system
    
    Parameters:
    
    domainName - optional name of the user domain and/or alias domain
    
    Returns:
    
    list of user names
    
    Throws:
    
    ZMSClientException - in case of failure
  - getUserList
```
public com.yahoo.athenz.zms.UserList getUserList()
```
    Get list of users defined in the system
    
    Returns:
    
    list of user names
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteUser
```
public void deleteUser(String name,
                       String auditRef)
```
    Remove the specified user from Athens system. This will delete any user.{name} domain plus all of its subdomains (if exist) and remove the user from any role in the system. This command requires authorization from the Athens sys.auth domain (delete action on resource user).
    
    Parameters:
    
    name - name of the user
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPolicies
```
public com.yahoo.athenz.zms.Policies getPolicies(String domainName,
                                                 Boolean assertions)
```
    Retrieve the list of policies defined for the specified domain. The policies will contain their attributes and, if specified, the list of assertions.
    
    Parameters:
    
    domainName - name of the domain
    
    assertions - include all assertion for policies as well
    
    Returns:
    
    list of policies
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPolicies
```
public com.yahoo.athenz.zms.Policies getPolicies(String domainName,
                                                 Boolean assertions,
                                                 Boolean includeNonActive)
```
    Retrieve the list of policies defined for the specified domain. The policies will contain their attributes and, if specified, the list of assertions.
    
    Parameters:
    
    domainName - name of the domain
    
    assertions - include all assertion for policies as well
    
    includeNonActive - include non-active policy versions
    
    Returns:
    
    list of policies
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPolicyList
```
public com.yahoo.athenz.zms.PolicyList getPolicyList(String domainName)
```
    Get list of policies defined in the specified domain
    
    Parameters:
    
    domainName - name of the domain
    
    Returns:
    
    list of policy names
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPolicyList
```
public com.yahoo.athenz.zms.PolicyList getPolicyList(String domainName,
                                                     Integer limit,
                                                     String skip)
```
    Get list of policies defined in the specified domain filtered based on the specified arguments
    
    Parameters:
    
    domainName - name of the domain
    
    limit - number of policies to return
    
    skip - exclude all the policies including the specified one from the return set
    
    Returns:
    
    list of policy names
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPolicyVersionList
```
public com.yahoo.athenz.zms.PolicyList getPolicyVersionList(String domainName,
                                                            String policyName)
```
    Get list of policy versions for policy in a domain
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    Returns:
    
    list of policy versions
    
    Throws:
    
    ZMSClientException - in case of failure
  - getAssertion
```
public com.yahoo.athenz.zms.Assertion getAssertion(String domainName,
                                                   String policyName,
                                                   Long assertionId)
```
    Return the specified policy object assertion
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    assertionId - the id of the assertion to be retrieved
    
    Returns:
    
    Assertion object
    
    Throws:
    
    ZMSClientException - in case of failure
  - putAssertion
```
public com.yahoo.athenz.zms.Assertion putAssertion(String domainName,
                                                   String policyName,
                                                   String auditRef,
                                                   com.yahoo.athenz.zms.Assertion assertion)
```
    Add the specified assertion to the specified policy
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    auditRef - string containing audit specification or ticket number
    
    assertion - Assertion object to be added to the policy
    
    Returns:
    
    updated assertion object that includes the server assigned id
    
    Throws:
    
    ZMSClientException - in case of failure
  - putAssertion
```
public com.yahoo.athenz.zms.Assertion putAssertion(String domainName,
                                                   String policyName,
                                                   String version,
                                                   String auditRef,
                                                   com.yahoo.athenz.zms.Assertion assertion)
```
    Add the specified assertion to the specified policy
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    version - name of the policy
    
    auditRef - string containing audit specification or ticket number
    
    assertion - Assertion object to be added to the policy
    
    Returns:
    
    updated assertion object that includes the server assigned id
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteAssertion
```
public void deleteAssertion(String domainName,
                            String policyName,
                            Long assertionId,
                            String auditRef)
```
    Delete specified assertion from the given policy
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    assertionId - the id of the assertion to be deleted
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteAssertion
```
public void deleteAssertion(String domainName,
                            String policyName,
                            String version,
                            Long assertionId,
                            String auditRef)
```
    Delete specified assertion from the given policy
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    version - name of the version
    
    assertionId - the id of the assertion to be deleted
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPolicy
```
public com.yahoo.athenz.zms.Policy getPolicy(String domainName,
                                             String policyName)
```
    Return the specified policy object
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy to be retrieved
    
    Returns:
    
    Policy object
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPolicyVersion
```
public com.yahoo.athenz.zms.Policy getPolicyVersion(String domainName,
                                                    String policyName,
                                                    String version)
```
    Return the specified policy version object
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy to be retrieved
    
    version - name of the policy version to be retrieved
    
    Returns:
    
    Policy object
    
    Throws:
    
    ZMSClientException - in case of failure
  - putPolicy
```
public void putPolicy(String domainName,
                      String policyName,
                      String auditRef,
                      com.yahoo.athenz.zms.Policy policy)
```
    Create/Update a new policy in the specified domain. If updating a policy the provided object must contain all attributes as it will replace the full policy object configured on the server (not just some of the attributes).
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    auditRef - string containing audit specification or ticket number
    
    policy - Policy object with details
    
    Throws:
    
    ZMSClientException - in case of failure
  - putPolicyVersion
```
public void putPolicyVersion(String domainName,
                             String policyName,
                             String version,
                             String auditRef)
```
    Create a new policy version in the specified domain.
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    version - name of the policy version
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - putPolicyVersion
```
public void putPolicyVersion(String domainName,
                             String policyName,
                             String version,
                             String fromVersion,
                             String auditRef)
```
    Create a new policy version in the specified domain.
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    version - name of the policy version
    
    fromVersion - name of the policy version to copy assertions from
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - deletePolicy
```
public void deletePolicy(String domainName,
                         String policyName,
                         String auditRef)
```
    Delete specified policy from a domain
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy to be deleted
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - deletePolicyVersion
```
public void deletePolicyVersion(String domainName,
                                String policyName,
                                String version,
                                String auditRef)
```
    Delete specified policy version from a domain
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    version - name of the version to be deleted
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - setActivePolicyVersion
```
public void setActivePolicyVersion(String domainName,
                                   String policyName,
                                   String version,
                                   String auditRef)
```
    Set a specified policy version active
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    version - name of the version to be activated
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - putServiceIdentity
```
public void putServiceIdentity(String domainName,
                               String serviceName,
                               String auditRef,
                               com.yahoo.athenz.zms.ServiceIdentity service)
```
    Create/Update a new service in the specified domain. If updating a service the provided object must contain all attributes as it will replace the full service object configured on the server (not just some of the attributes).
    
    Parameters:
    
    domainName - name of the domain
    
    serviceName - name of the service
    
    auditRef - string containing audit specification or ticket number
    
    service - ServiceIdentity object with all service details
    
    Throws:
    
    ZMSClientException - in case of failure
  - putServiceIdentitySystemMeta
```
public void putServiceIdentitySystemMeta(String domainName,
                                         String serviceName,
                                         String attribute,
                                         String auditRef,
                                         com.yahoo.athenz.zms.ServiceIdentitySystemMeta meta)
```
    Set the service system meta parameters
    
    Parameters:
    
    domainName - name of the domain
    
    serviceName - name of the service
    
    attribute - service meta attribute being modified in this request
    
    auditRef - string containing audit specification or ticket number
    
    meta - meta parameters to be set on the service
    
    Throws:
    
    ZMSClientException - in case of failure
  - getServiceIdentity
```
public com.yahoo.athenz.zms.ServiceIdentity getServiceIdentity(String domainName,
                                                               String serviceName)
```
    Retrieve the specified service object from a domain
    
    Parameters:
    
    domainName - name of the domain
    
    serviceName - name of the service to be retrieved
    
    Returns:
    
    ServiceIdentity object
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteServiceIdentity
```
public void deleteServiceIdentity(String domainName,
                                  String serviceName,
                                  String auditRef)
```
    Delete the specified service from a domain
    
    Parameters:
    
    domainName - name of the domain
    
    serviceName - name of the service to be deleted
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - getServiceIdentities
```
public com.yahoo.athenz.zms.ServiceIdentities getServiceIdentities(String domainName,
                                                                   Boolean publicKeys,
                                                                   Boolean hosts)
```
    Retrieve the list of services defined for the specified domain. The services will contain their attributes and, if specified, the list of publickeys and hosts.
    
    Parameters:
    
    domainName - name of the domain
    
    publicKeys - include all public keys for services as well
    
    hosts - include all configured hosts for services as well
    
    Returns:
    
    list of services
    
    Throws:
    
    ZMSClientException - in case of failure
  - getServiceIdentityList
```
public com.yahoo.athenz.zms.ServiceIdentityList getServiceIdentityList(String domainName)
```
    Retrieve the full list of services defined in a domain
    
    Parameters:
    
    domainName - name of the domain
    
    Returns:
    
    list of all service names
    
    Throws:
    
    ZMSClientException - in case of failure
  - getServiceIdentityList
```
public com.yahoo.athenz.zms.ServiceIdentityList getServiceIdentityList(String domainName,
                                                                       Integer limit,
                                                                       String skip)
```
    Retrieve the list of services defined in a domain filtered based on the specified arguments
    
    Parameters:
    
    domainName - name of the domain
    
    limit - number of services to return
    
    skip - exclude all the services including the specified one from the return set
    
    Returns:
    
    list of service names
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPublicKeyEntry
```
public com.yahoo.athenz.zms.PublicKeyEntry getPublicKeyEntry(String domainName,
                                                             String serviceName,
                                                             String keyId)
```
    Retrieve the specified public key from the given service object
    
    Parameters:
    
    domainName - name of the domain
    
    serviceName - name of the service
    
    keyId - the identifier of the public key to be retrieved
    
    Returns:
    
    PublicKeyEntry object
    
    Throws:
    
    ZMSClientException - in case of failure
  - putPublicKeyEntry
```
public void putPublicKeyEntry(String domainName,
                              String serviceName,
                              String keyId,
                              String auditRef,
                              com.yahoo.athenz.zms.PublicKeyEntry publicKeyEntry)
```
    Update or add (if doesn't already exist) the specified public key in the service object
    
    Parameters:
    
    domainName - name of the domain
    
    serviceName - name of the service
    
    keyId - the identifier of the public key to be updated
    
    auditRef - string containing audit specification or ticket number
    
    publicKeyEntry - that contains the public key details
    
    Throws:
    
    ZMSClientException - in case of failure
  - deletePublicKeyEntry
```
public void deletePublicKeyEntry(String domainName,
                                 String serviceName,
                                 String keyId,
                                 String auditRef)
```
    Delete the specified public key from the service object. If the key doesn't exist then it is treated as a successful operation and no exception will be thrown.
    
    Parameters:
    
    domainName - name of the domain
    
    serviceName - name of the service
    
    keyId - the identifier of the public key to be deleted
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - putEntity
```
public void putEntity(String domainName,
                      String entityName,
                      String auditRef,
                      com.yahoo.athenz.zms.Entity entity)
```
    Create/update an entity object in ZMS
    
    Parameters:
    
    domainName - name of the domain
    
    entityName - name of the entity
    
    auditRef - string containing audit specification or ticket number
    
    entity - entity object with details
    
    Throws:
    
    ZMSClientException - in case of failure
  - getEntity
```
public com.yahoo.athenz.zms.Entity getEntity(String domainName,
                                             String entityName)
```
    Retrieve the specified entity from the ZMS Server
    
    Parameters:
    
    domainName - name of the domain
    
    entityName - name of the entity
    
    Returns:
    
    Entity object with details
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteEntity
```
public void deleteEntity(String domainName,
                         String entityName,
                         String auditRef)
```
    Delete the specified entity from the ZMS Server
    
    Parameters:
    
    domainName - name of the domain
    
    entityName - name of the entity
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - getEntityList
```
public com.yahoo.athenz.zms.EntityList getEntityList(String domainName)
```
    Retrieve the list of entities defined for the specified domain
    
    Parameters:
    
    domainName - name of the domain
    
    Returns:
    
    list of entity names
    
    Throws:
    
    ZMSClientException - in case of failure
  - putTenancy
```
public void putTenancy(String tenantDomain,
                       String providerService,
                       String auditRef,
                       com.yahoo.athenz.zms.Tenancy tenant)
```
    Register a new provider service for a given tenant domain
    
    Parameters:
    
    tenantDomain - name of the tenant domain
    
    providerService - name of the provider service format: provider-domain-name.provider-service-name, ex: "sports.storage"
    
    auditRef - string containing audit specification or ticket number
    
    tenant - Tenancy object with tenant details
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteTenancy
```
public void deleteTenancy(String tenantDomain,
                          String providerService,
                          String auditRef)
```
    Delete the specified provider service from a tenant domain
    
    Parameters:
    
    tenantDomain - name of the tenant domain
    
    providerService - name of the provider service, format: provider-domain-name.provider-service-name, ex: "sports.storage"
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - putTenant
```
public void putTenant(String providerDomain,
                      String providerService,
                      String tenantDomain,
                      String auditRef,
                      com.yahoo.athenz.zms.Tenancy tenant)
```
    Register a new tenant domain for the provider service
    
    Parameters:
    
    providerDomain - provider domain name
    
    providerService - provider service name
    
    tenantDomain - name of the tenant domain
    
    auditRef - string containing audit specification or ticket number
    
    tenant - Tenancy object with tenant details
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteTenant
```
public void deleteTenant(String providerDomain,
                         String providerService,
                         String tenantDomain,
                         String auditRef)
```
    Delete the specified tenant from provider service
    
    Parameters:
    
    providerDomain - provider domain name
    
    providerService - provider service name
    
    tenantDomain - name of the tenant domain
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - putTenantResourceGroupRoles
```
public void putTenantResourceGroupRoles(String providerDomain,
                                        String providerServiceName,
                                        String tenantDomain,
                                        String resourceGroup,
                                        String auditRef,
                                        com.yahoo.athenz.zms.TenantResourceGroupRoles tenantRoles)
```
    Create tenant roles for the specified tenant resource group.
    
    Parameters:
    
    providerDomain - name of the provider domain
    
    providerServiceName - name of the provider service
    
    tenantDomain - name of the tenant's domain
    
    resourceGroup - name of the resource group
    
    auditRef - string containing audit specification or ticket number
    
    tenantRoles - Tenant roles
    
    Throws:
    
    ZMSClientException - in case of failure
  - getTenantResourceGroupRoles
```
public com.yahoo.athenz.zms.TenantResourceGroupRoles getTenantResourceGroupRoles(String providerDomain,
                                                                                 String providerServiceName,
                                                                                 String tenantDomain,
                                                                                 String resourceGroup)
```
    Retrieve the list of tenant roles defined for a tenant resource group in a domain
    
    Parameters:
    
    providerDomain - name of the provider domain
    
    providerServiceName - name of the provider service
    
    tenantDomain - name of the tenant's domain
    
    resourceGroup - name of the resource group
    
    Returns:
    
    list of tenant roles
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteTenantResourceGroupRoles
```
public void deleteTenantResourceGroupRoles(String providerDomain,
                                           String providerServiceName,
                                           String tenantDomain,
                                           String resourceGroup,
                                           String auditRef)
```
    Delete tenant roles for the specified tenant resource group in a domain
    
    Parameters:
    
    providerDomain - name of the provider domain
    
    providerServiceName - name of the provider service
    
    tenantDomain - name of tenant's domain
    
    resourceGroup - name of the resource group
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - getAccess
```
public com.yahoo.athenz.zms.Access getAccess(String action,
                                             String resource,
                                             String trustDomain)
```
    Requests the ZMS to indicate whether or not the specific request for the specified resource with authentication details will be granted or not.
    
    Parameters:
    
    action - value of the action to be carried out (e.g. "UPDATE", "DELETE")
    
    resource - resource name. Resource is defined as {DomainName}:{Entity}"
    
    trustDomain - (optional) if the access checks involves cross domain check only check the specified trusted domain and ignore all others
    
    Returns:
    
    Access object indicating whether or not the request will be granted or not
    
    Throws:
    
    ZMSClientException - in case of failure
  - getAccess
```
public com.yahoo.athenz.zms.Access getAccess(String action,
                                             String resource,
                                             String trustDomain,
                                             String principal)
```
    Requests the ZMS to indicate whether or not the specific request for the specified resource with authentication details will be granted or not.
    
    Parameters:
    
    action - value of the action to be carried out (e.g. "UPDATE", "DELETE")
    
    resource - resource name. Resource is defined as {DomainName}:{Entity}"
    
    trustDomain - (optional) if the access checks involves cross domain check only check the specified trusted domain and ignore all others
    
    principal - (optional) carry out the access check for specified principal
    
    Returns:
    
    Access object indicating whether or not the request will be granted or not
    
    Throws:
    
    ZMSClientException - in case of failure
  - getAccessExt
```
public com.yahoo.athenz.zms.Access getAccessExt(String action,
                                                String resource,
                                                String trustDomain,
                                                String principal)
```
    Requests the ZMS to indicate whether or not the specific request for the specified resource with authentication details will be granted or not.
    
    Parameters:
    
    action - value of the action to be carried out (e.g. "UPDATE", "DELETE")
    
    resource - resource string.
    
    trustDomain - (optional) if the access checks involves cross domain check only check the specified trusted domain and ignore all others
    
    principal - (optional) carry out the access check for specified principal
    
    Returns:
    
    Access object indicating whether or not the request will be granted or not
    
    Throws:
    
    ZMSClientException - in case of failure
  - getSignedDomains
```
public com.yahoo.athenz.zms.SignedDomains getSignedDomains(String domainName,
                                                           String metaOnly,
                                                           String matchingTag,
                                                           Map<String,List<String>> responseHeaders)
```
    Retrieve the list of all domain data from the ZMS Server that is signed with ZMS's private key. It will pass an optional matchingTag so that ZMS can skip returning domains if no changes have taken place since that tag was issued.
    
    Parameters:
    
    domainName - name of the domain. if specified, the server will only return this domain in the result set
    
    metaOnly - (can be null) must have value of true or false (default). if set to true, zms server will only return meta information about each domain (description, last modified timestamp, etc) and no role/policy/service details will be returned.
    
    matchingTag - (can be null) contains modified timestamp received with last request. If null, then return all domains.
    
    responseHeaders - contains the "tag" returned for modification time of the domains, map key = "tag", List should contain a single value timestamp String to be used with subsequent call as matchingTag to this API
    
    Returns:
    
    list of domains signed by ZMS Server
    
    Throws:
    
    ZMSClientException - in case of failure
  - getSignedDomains
```
public com.yahoo.athenz.zms.SignedDomains getSignedDomains(String domainName,
                                                           String metaOnly,
                                                           String metaAttr,
                                                           String matchingTag,
                                                           Map<String,List<String>> responseHeaders)
```
    Retrieve the list of all domain data from the ZMS Server that is signed with ZMS's private key. It will pass an optional matchingTag so that ZMS can skip returning domains if no changes have taken place since that tag was issued.
    
    Parameters:
    
    domainName - name of the domain. if specified, the server will only return this domain in the result set
    
    metaOnly - (can be null) must have value of true or false (default). if set to true, zms server will only return meta information about each domain (description, last modified timestamp, etc) and no role/policy/service details will be returned.
    
    metaAttr - (can be null) if metaOnly option is set to true, this parameter can filter the results based on the presence of the requested attribute. Allowed values are: account, ypmid, and all. account - only return domains that have the account value set ypmid - only return domains that have the ypmid value set all - return all domains (no filtering).
    
    matchingTag - (can be null) contains modified timestamp received with last request. If null, then return all domains.
    
    responseHeaders - contains the "tag" returned for modification time of the domains, map key = "tag", List should contain a single value timestamp String to be used with subsequent call as matchingTag to this API
    
    Returns:
    
    list of domains signed by ZMS Server
    
    Throws:
    
    ZMSClientException - in case of failure
  - getSignedDomains
```
public com.yahoo.athenz.zms.SignedDomains getSignedDomains(String domainName,
                                                           String metaOnly,
                                                           String metaAttr,
                                                           boolean masterCopy,
                                                           String matchingTag,
                                                           Map<String,List<String>> responseHeaders)
```
    Retrieve the list of all domain data from the ZMS Server that is signed with ZMS's private key. It will pass an optional matchingTag so that ZMS can skip returning domains if no changes have taken place since that tag was issued.
    
    Parameters:
    
    domainName - name of the domain. if specified, the server will only return this domain in the result set
    
    metaOnly - (can be null) must have value of true or false (default). if set to true, zms server will only return meta information about each domain (description, last modified timestamp, etc) and no role/policy/service details will be returned.
    
    metaAttr - (can be null) if metaOnly option is set to true, this parameter can filter the results based on the presence of the requested attribute. Allowed values are: account, ypmid, and all. account - only return domains that have the account value set ypmid - only return domains that have the ypmid value set all - return all domains (no filtering).
    
    masterCopy - system principals can request the request to be processed from the master data source instead of read replicas in case there are any configured
    
    matchingTag - (can be null) contains modified timestamp received with last request. If null, then return all domains.
    
    responseHeaders - contains the "tag" returned for modification time of the domains, map key = "tag", List should contain a single value timestamp String to be used with subsequent call as matchingTag to this API
    
    Returns:
    
    list of domains signed by ZMS Server
    
    Throws:
    
    ZMSClientException - in case of failure
  - getSignedDomains
```
public com.yahoo.athenz.zms.SignedDomains getSignedDomains(String domainName,
                                                           String metaOnly,
                                                           String metaAttr,
                                                           boolean masterCopy,
                                                           boolean conditions,
                                                           String matchingTag,
                                                           Map<String,List<String>> responseHeaders)
```
    Retrieve the list of all domain data from the ZMS Server that is signed with ZMS's private key. It will pass an optional matchingTag so that ZMS can skip returning domains if no changes have taken place since that tag was issued.
    
    Parameters:
    
    domainName - name of the domain. if specified, the server will only return this domain in the result set
    
    metaOnly - (can be null) must have value of true or false (default). if set to true, zms server will only return meta information about each domain (description, last modified timestamp, etc) and no role/policy/service details will be returned.
    
    metaAttr - (can be null) if metaOnly option is set to true, this parameter can filter the results based on the presence of the requested attribute. Allowed values are: account, ypmid, and all. account - only return domains that have the account value set ypmid - only return domains that have the ypmid value set all - return all domains (no filtering).
    
    masterCopy - system principals can request the request to be processed from the master data source instead of read replicas in case there are any configured
    
    conditions - an optional parameter to request assertion conditions to be included in the response assertions in case there are any configured
    
    matchingTag - (can be null) contains modified timestamp received with last request. If null, then return all domains.
    
    responseHeaders - contains the "tag" returned for modification time of the domains, map key = "tag", List should contain a single value timestamp String to be used with subsequent call as matchingTag to this API
    
    Returns:
    
    list of domains signed by ZMS Server
    
    Throws:
    
    ZMSClientException - in case of failure
  - getDomainMetaStoreValidValuesList
```
public com.yahoo.athenz.zms.DomainMetaStoreValidValuesList getDomainMetaStoreValidValuesList(String attributeName,
                                                                                             String userName)
```
    Retrieve all valid values for the given attribute and user
    
    Parameters:
    
    attributeName - name of attribute
    
    userName - restrict to values associated with the given user
    
    Returns:
    
    all valid values for the given attribute and user
  - getUserToken
```
public com.yahoo.athenz.zms.UserToken getUserToken(String userName)
```
    For the specified user credentials return the corresponding User Token that can be used for authenticating other ZMS operations. The client internally automatically calls this method and uses the UserToken if the ZMSClient object was initialized with a user principal.
    
    Parameters:
    
    userName - name of the user. This is only used to verify that it matches the user name from the credentials and is optional. The caller can just pass the string "_self_" as the userName to bypass this optional check.
    
    Returns:
    
    ZMS generated User Token
    
    Throws:
    
    ZMSClientException - in case of failure
  - getUserToken
```
public com.yahoo.athenz.zms.UserToken getUserToken(String userName,
                                                   String serviceNames,
                                                   Boolean header)
```
    For the specified user credentials return the corresponding User Token that can be used for authenticating other ZMS operations by any of the specified authorized services.
    
    Parameters:
    
    userName - name of the user
    
    serviceNames - comma separated list of authorized service names
    
    header - boolean flag whether or not return authority header name
    
    Returns:
    
    ZMS generated User Token
    
    Throws:
    
    ZMSClientException - in case of failure
  - getUserToken
```
public com.yahoo.athenz.zms.UserToken getUserToken(String userName,
                                                   String serviceNames)
```
    For the specified user credentials return the corresponding User Token that can be used for authenticating other ZMS operations by any of the specified authorized services.
    
    Parameters:
    
    userName - name of the user
    
    serviceNames - comma separated list of authorized service names
    
    Returns:
    
    ZMS generated User Token
    
    Throws:
    
    ZMSClientException - in case of failure
  - putDefaultAdmins
```
public void putDefaultAdmins(String domainName,
                             String auditRef,
                             com.yahoo.athenz.zms.DefaultAdmins defaultAdmins)
```
    For the specified domain in domainName, a list of default administrators can be passed to this method and will be added to the domain's admin role In addition this method will ensure that the admin role and policy exist and are properly set up
    
    Parameters:
    
    domainName - - name of the domain to add default administrators to
    
    auditRef - - string containing audit specification or ticket number
    
    defaultAdmins - - list of names to be added as default administrators
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPrincipal
```
public com.yahoo.athenz.auth.Principal getPrincipal(String serviceToken)
```
    The client will validate the given serviceToken against the ZMS Server and if the token is valid, it will return a Principal object.
    
    Parameters:
    
    serviceToken - token to be validated.
    
    Returns:
    
    Principal object if the token is successfully validated or
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPrincipal
```
public com.yahoo.athenz.auth.Principal getPrincipal(String serviceToken,
                                                    String tokenHeader)
```
    The client will validate the given serviceToken against the ZMS Server and if the token is valid, it will return a Principal object.
    
    Parameters:
    
    serviceToken - token to be validated.
    
    tokenHeader - name of the authorization header for the token
    
    Returns:
    
    Principal object if the token is successfully validated or
    
    Throws:
    
    ZMSClientException - in case of failure
  - putProviderResourceGroupRoles
```
public void putProviderResourceGroupRoles(String tenantDomain,
                                          String providerDomain,
                                          String providerServiceName,
                                          String resourceGroup,
                                          String auditRef,
                                          com.yahoo.athenz.zms.ProviderResourceGroupRoles providerRoles)
```
    Create provider roles for the specified tenant resource group in the tenant domain. If the principal requesting this operation has been authorized by the provider service itself, then the corresponding tenant roles will be created in the provider domain as well thus completing the tenancy on-boarding process in one call.
    
    Parameters:
    
    tenantDomain - name of the tenant's domain
    
    providerDomain - name of the provider domain
    
    providerServiceName - name of the provider service
    
    resourceGroup - name of the resource group
    
    auditRef - string containing audit specification or ticket number
    
    providerRoles - Provider roles
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteProviderResourceGroupRoles
```
public void deleteProviderResourceGroupRoles(String tenantDomain,
                                             String providerDomain,
                                             String providerServiceName,
                                             String resourceGroup,
                                             String auditRef)
```
    Delete the provider roles for the specified tenant resource group from the tenant domain. If the principal requesting this operation has been authorized by the provider service itself, then the corresponding tenant roles will be deleted from the provider domain as well thus completing the process in one call.
    
    Parameters:
    
    tenantDomain - name of tenant's domain
    
    providerDomain - name of the provider domain
    
    providerServiceName - name of the provider service
    
    resourceGroup - name of the resource group
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - getProviderResourceGroupRoles
```
public com.yahoo.athenz.zms.ProviderResourceGroupRoles getProviderResourceGroupRoles(String tenantDomain,
                                                                                     String providerDomain,
                                                                                     String providerServiceName,
                                                                                     String resourceGroup)
```
    Retrieve the list of provider roles defined for a tenant resource group in a domain
    
    Parameters:
    
    tenantDomain - name of the tenant's domain
    
    providerDomain - name of the provider domain
    
    providerServiceName - name of the provider service
    
    resourceGroup - name of the resource group
    
    Returns:
    
    list of provider roles
    
    Throws:
    
    ZMSClientException - in case of failure
  - getDomainDataCheck
```
public com.yahoo.athenz.zms.DomainDataCheck getDomainDataCheck(String domain)
```
    Check the data for the specified domain object
    
    Parameters:
    
    domain - name of the domain to be checked
    
    Returns:
    
    DomainDataCheck object
    
    Throws:
    
    ZMSClientException - in case of failure
  - getTemplate
```
public com.yahoo.athenz.zms.Template getTemplate(String template)
```
    Retrieve the the specified solution template provisioned on the ZMS Server. The template object will include the list of roles and policies that will be provisioned in the domain when the template is applied.
    
    Parameters:
    
    template - name of the solution template to be retrieved
    
    Returns:
    
    template object
    
    Throws:
    
    ZMSClientException - in case of failure
  - getServerTemplateList
```
public com.yahoo.athenz.zms.ServerTemplateList getServerTemplateList()
```
    Retrieve the list of solution templates provisioned on the ZMS Server
    
    Returns:
    
    list of template names
    
    Throws:
    
    ZMSClientException - in case of failure
  - putDomainTemplate
```
public void putDomainTemplate(String domain,
                              String auditRef,
                              com.yahoo.athenz.zms.DomainTemplate templates)
```
    Provision the specified solution template roles and policies in the domain
    
    Parameters:
    
    domain - name of the domain to be updated
    
    auditRef - string containing audit specification or ticket number
    
    templates - contains list of template names to be provisioned in the domain
    
    Throws:
    
    ZMSClientException - in case of failure
  - putDomainTemplateExt
```
public void putDomainTemplateExt(String domain,
                                 String template,
                                 String auditRef,
                                 com.yahoo.athenz.zms.DomainTemplate templates)
```
    Provision the specified solution template roles and policies in the domain
    
    Parameters:
    
    domain - name of the domain to be updated
    
    template - name of the template to be applied
    
    auditRef - string containing audit specification or ticket number
    
    templates - containing the single template (must match the template parameter) to be provisioned in the domain
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteDomainTemplate
```
public void deleteDomainTemplate(String domain,
                                 String template,
                                 String auditRef)
```
    Delete the specified solution template roles and policies from the domain
    
    Parameters:
    
    domain - name of the domain to be updated
    
    template - is the name of the provisioned template to be deleted
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - getDomainTemplateList
```
public com.yahoo.athenz.zms.DomainTemplateList getDomainTemplateList(String domain)
```
    Retrieve the list of solution template provisioned for a domain
    
    Parameters:
    
    domain - name of the domain
    
    Returns:
    
    TemplateList object that includes the list of provisioned solution template names
    
    Throws:
    
    ZMSClientException - in case of failure
  - getResourceAccessList
```
public com.yahoo.athenz.zms.ResourceAccessList getResourceAccessList(String principal,
                                                                     String action)
```
    Retrieve the list of resources as defined in their respective assertions that the given principal has access to through their role membership
    
    Parameters:
    
    principal - the principal name (e.g. user.joe). Must have special privileges to execute this query without specifying the principal. Check with Athenz Service Administrators if you have a use case to request all principals from Athenz Service
    
    action - optional field specifying what action to filter assertions on
    
    Returns:
    
    ResourceAccessList object that lists the set of assertions per principal
    
    Throws:
    
    ZMSClientException - in case of failure
  - getQuota
```
public com.yahoo.athenz.zms.Quota getQuota(String domainName)
```
    Retrieve the quota deatails for the specified domain
    
    Parameters:
    
    domainName - name of the domain
    
    Returns:
    
    quota object
    
    Throws:
    
    ZMSClientException - in case of failure
  - putQuota
```
public void putQuota(String domainName,
                     String auditRef,
                     com.yahoo.athenz.zms.Quota quota)
```
    Create/Update the quota details for the specified domain
    
    Parameters:
    
    domainName - name of the domain
    
    auditRef - string containing audit specification or ticket number
    
    quota - object to be set for the domain
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteQuota
```
public void deleteQuota(String domainName,
                        String auditRef)
```
    Delete the specified quota details for the specified domain
    
    Parameters:
    
    domainName - name of the domain
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteDomainRoleMember
```
public void deleteDomainRoleMember(String domainName,
                                   String memberName,
                                   String auditRef)
```
    Delete the specified user from all roles in the given domain
    
    Parameters:
    
    domainName - name of the domain
    
    memberName - name of the member to be removed from all roles
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - getDomainRoleMembers
```
public com.yahoo.athenz.zms.DomainRoleMembers getDomainRoleMembers(String domainName)
```
    Retrieve the list of all members provisioned for a domain in regular roles
    
    Parameters:
    
    domainName - name of the domain
    
    Returns:
    
    DomainRoleMembers object that includes the list of members with their roles
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPrincipalRoles
```
public com.yahoo.athenz.zms.DomainRoleMember getPrincipalRoles(String principal,
                                                               String domainName)
```
    Fetch all the roles across domains by either calling or specified principal
    
    Parameters:
    
    principal - - Requested principal. If null will return roles for the user making the call
    
    domainName - - Requested domain. If null will return roles from all domains
    
    Returns:
    
    Member with roles in all requested domains
  - putRoleSystemMeta
```
public void putRoleSystemMeta(String domainName,
                              String roleName,
                              String attribute,
                              String auditRef,
                              com.yahoo.athenz.zms.RoleSystemMeta meta)
```
    Set the role system meta parameters
    
    Parameters:
    
    domainName - domain name containing the role to be modified
    
    roleName - role name to be modified
    
    attribute - role meta attribute being modified in this request
    
    auditRef - string containing audit specification or ticket number
    
    meta - meta parameters to be set on the role
  - putRoleMeta
```
public void putRoleMeta(String domainName,
                        String roleName,
                        String auditRef,
                        com.yahoo.athenz.zms.RoleMeta meta)
```
    Set the role meta parameters
    
    Parameters:
    
    domainName - domain name containing the role to be modified
    
    roleName - role name to be modified
    
    auditRef - string containing audit specification or ticket number
    
    meta - meta parameters to be set on the role
  - putMembershipDecision
```
public void putMembershipDecision(String domainName,
                                  String roleName,
                                  String memberName,
                                  com.yahoo.rdl.Timestamp expiration,
                                  boolean approval,
                                  String auditRef)
```
    Approve or reject addition of a member in the specified role optionally with expiration
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    memberName - name of the member to be added
    
    expiration - timestamp when this membership will expire (optional)
    
    approval - flag indicating whether this membership is approved or rejected
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPendingDomainRoleMembersList
```
public com.yahoo.athenz.zms.DomainRoleMembership getPendingDomainRoleMembersList(String principal)
```
    Return all the list of pending requests for the given principal. If the principal is null, the server will return the list for the authenticated principal making the call
    
    Parameters:
    
    principal - name of the approver principal (optional)
    
    Returns:
    
    DomainRoleMembership object listing all pending users
    
    Throws:
    
    ZMSClientException - in case of failure
  - putRoleReview
```
public void putRoleReview(String domainName,
                          String roleName,
                          String auditRef,
                          com.yahoo.athenz.zms.Role role)
```
    Review role membership to extend and/or delete role members
    
    Parameters:
    
    domainName - name of the domain
    
    roleName - name of the role
    
    auditRef - string containing audit specification or ticket number
    
    role - Role object containing updated and/or deleted members
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteGroup
```
public void deleteGroup(String domainName,
                        String groupName,
                        String auditRef)
```
    Delete the specified group from domain
    
    Parameters:
    
    domainName - name of the domain
    
    groupName - name of the group
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteGroupMembership
```
public void deleteGroupMembership(String domainName,
                                  String groupName,
                                  String memberName,
                                  String auditRef)
```
    Remove the specified member from the group
    
    Parameters:
    
    domainName - name of the domain
    
    groupName - name of the group
    
    memberName - name of the member to be removed
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - deletePendingGroupMembership
```
public void deletePendingGroupMembership(String domainName,
                                         String groupName,
                                         String memberName,
                                         String auditRef)
```
    Remove the specified pending member from the group
    
    Parameters:
    
    domainName - name of the domain
    
    groupName - name of the group
    
    memberName - name of the pending member to be removed
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - generateGroupName
```
public String generateGroupName(String domain,
                                String group)
```
    Generate a group name as expected by ZMS Server can be used to set the group object's name field (e.g. group.setName(name))
    
    Parameters:
    
    domain - name of the domain
    
    group - name of the group
    
    Returns:
    
    full group name
  - getGroupMembership
```
public com.yahoo.athenz.zms.GroupMembership getGroupMembership(String domainName,
                                                               String groupName,
                                                               String memberName,
                                                               String expiration)
```
    Get membership details for the specified member in the given group in a specified domain with an optional expiration
    
    Parameters:
    
    domainName - name of the domain
    
    groupName - name of the group
    
    memberName - name of the member
    
    expiration - member expiration
    
    Returns:
    
    GroupMembership object
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPrincipalGroups
```
public com.yahoo.athenz.zms.DomainGroupMember getPrincipalGroups(String principal,
                                                                 String domainName)
```
    Fetch all the groups across domains by either calling or specified principal
    
    Parameters:
    
    principal - - Requested principal. If null will return groups for the user making the call
    
    domainName - - Requested domain. If null will return groups from all domains
    
    Returns:
    
    Member with groups in all requested domains
  - putGroupSystemMeta
```
public void putGroupSystemMeta(String domainName,
                               String groupName,
                               String attribute,
                               String auditRef,
                               com.yahoo.athenz.zms.GroupSystemMeta meta)
```
    Set the group system meta parameters
    
    Parameters:
    
    domainName - domain name containing the group to be modified
    
    groupName - group name to be modified
    
    attribute - group meta attribute being modified in this request
    
    auditRef - string containing audit specification or ticket number
    
    meta - meta parameters to be set on the group
  - putGroupMeta
```
public void putGroupMeta(String domainName,
                         String groupName,
                         String auditRef,
                         com.yahoo.athenz.zms.GroupMeta meta)
```
    Set the group meta parameters
    
    Parameters:
    
    domainName - domain name containing the group to be modified
    
    groupName - group name to be modified
    
    auditRef - string containing audit specification or ticket number
    
    meta - meta parameters to be set on the group
  - putGroupMembershipDecision
```
public void putGroupMembershipDecision(String domainName,
                                       String groupName,
                                       String memberName,
                                       boolean approval,
                                       String auditRef)
```
    Approve or reject addition of a member in the specified group
    
    Parameters:
    
    domainName - name of the domain
    
    groupName - name of the group
    
    memberName - name of the member to be added
    
    approval - flag indicating whether this membership is approved or rejected
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - getPendingDomainGroupMembersList
```
public com.yahoo.athenz.zms.DomainGroupMembership getPendingDomainGroupMembersList(String principal)
```
    Return all the list of pending requests for the given principal. If the principal is null, the server will return the list for the authenticated principal making the call
    
    Parameters:
    
    principal - name of the approver principal (optional)
    
    Returns:
    
    DomainGroupMembership object listing all pending users
    
    Throws:
    
    ZMSClientException - in case of failure
  - putGroupReview
```
public void putGroupReview(String domainName,
                           String groupName,
                           String auditRef,
                           com.yahoo.athenz.zms.Group group)
```
    Review group membership to extend and/or delete group members
    
    Parameters:
    
    domainName - name of the domain
    
    groupName - name of the group
    
    auditRef - string containing audit specification or ticket number
    
    group - Group object containing updated and/or deleted members
    
    Throws:
    
    ZMSClientException - in case of failure
  - getGroup
```
public com.yahoo.athenz.zms.Group getGroup(String domainName,
                                           String groupName,
                                           boolean auditLog,
                                           boolean pending)
```
    Retrieve the specified group
    
    Parameters:
    
    domainName - name of the domain
    
    groupName - name of the group
    
    auditLog - include audit log for the group changes in the response
    
    pending - if this flag is set, then all members for that group will be retrieved including pending members
    
    Returns:
    
    group object
    
    Throws:
    
    ZMSClientException - in case of failure
  - putGroup
```
public void putGroup(String domainName,
                     String groupName,
                     String auditRef,
                     com.yahoo.athenz.zms.Group group)
```
    Create/Update a new group in the specified domain. If updating a group the provided object must contain all attributes as it will replace the full group object configured on the server (not just some of the attributes).
    
    Parameters:
    
    domainName - name of the domain
    
    groupName - name of the group
    
    auditRef - string containing audit specification or ticket number
    
    group - group object to be added to the domain
    
    Throws:
    
    ZMSClientException - in case of failure
  - getGroups
```
public com.yahoo.athenz.zms.Groups getGroups(String domainName,
                                             Boolean members,
                                             String tagKey,
                                             String tagValue)
```
    Retrieve the list of groups defined for the specified domain. The groups will contain their attributes and, if specified, the list of members.
    
    Parameters:
    
    domainName - name of the domain
    
    members - include all members for group as well
    
    tagKey - query all groups with given tag name
    
    tagValue - query all groups with given tag key and value
    
    Returns:
    
    list of groups
    
    Throws:
    
    ZMSClientException - in case of failure
  - getGroups
```
public com.yahoo.athenz.zms.Groups getGroups(String domainName,
                                             Boolean members)
```
    Retrieve the list of groups defined for the specified domain. The groups will contain their attributes and, if specified, the list of members.
    
    Parameters:
    
    domainName - name of the domain
    
    members - include all members for group groups as well
    
    Returns:
    
    list of groups
    
    Throws:
    
    ZMSClientException - in case of failure
  - putGroupMembership
```
public void putGroupMembership(String domainName,
                               String groupName,
                               String memberName,
                               String auditRef)
```
    Add a member in the specified group
    
    Parameters:
    
    domainName - name of the domain
    
    groupName - name of the group
    
    memberName - name of the member to be added
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - putAssertionConditions
```
public com.yahoo.athenz.zms.AssertionConditions putAssertionConditions(String domainName,
                                                                       String policyName,
                                                                       Long assertionId,
                                                                       String auditRef,
                                                                       com.yahoo.athenz.zms.AssertionConditions assertionConditions)
```
    Store multiple logical assertion conditions. It contains a list of AssertionCondition objects Each AssertionCondition object forms a single logical condition where multiple key, operator, value will be ANDed.
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    assertionId - id of the assertion associated with the conditions
    
    auditRef - string containing audit specification or ticket number
    
    assertionConditions - object containing conditions associated with the given assertion id
    
    Returns:
    
    AssertionConditions object
    
    Throws:
    
    ZMSClientException - in case of failure
  - putAssertionCondition
```
public com.yahoo.athenz.zms.AssertionCondition putAssertionCondition(String domainName,
                                                                     String policyName,
                                                                     Long assertionId,
                                                                     String auditRef,
                                                                     com.yahoo.athenz.zms.AssertionCondition assertionCondition)
```
    Store a single logical assertion condition. AssertionCondition object forms a single logical condition where multiple key, operator, value will be ANDed.
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    assertionId - id of the assertion associated with the condition
    
    auditRef - string containing audit specification or ticket number
    
    assertionCondition - object containing a single logical condition associated with the given assertion id
    
    Returns:
    
    AssertionConditions object
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteAssertionConditions
```
public void deleteAssertionConditions(String domainName,
                                      String policyName,
                                      Long assertionId,
                                      String auditRef)
```
    Delete all assertion conditions associated with the given assertion id.
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    assertionId - id of the assertion associated with the conditions
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure
  - deleteAssertionCondition
```
public void deleteAssertionCondition(String domainName,
                                     String policyName,
                                     Long assertionId,
                                     int conditionId,
                                     String auditRef)
```
    Delete a single assertion condition associated with the given assertion id.
    
    Parameters:
    
    domainName - name of the domain
    
    policyName - name of the policy
    
    assertionId - id of the assertion associated with the conditions
    
    conditionId - id of the condition to be deleted
    
    auditRef - string containing audit specification or ticket number
    
    Throws:
    
    ZMSClientException - in case of failure

Class ZMSClient

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

client

ZMS_CLIENT_PROP_ATHENZ_CONF

ZMS_CLIENT_PROP_READ_TIMEOUT

ZMS_CLIENT_PROP_CONNECT_TIMEOUT

ZMS_CLIENT_PROP_CERT_ALIAS

ZMS_CLIENT_PROP_KEYSTORE_PATH

ZMS_CLIENT_PROP_KEYSTORE_TYPE

ZMS_CLIENT_PROP_KEYSTORE_PASSWORD

ZMS_CLIENT_PROP_KEYSTORE_PWD_APP_NAME

ZMS_CLIENT_PROP_KEY_MANAGER_PASSWORD

ZMS_CLIENT_PROP_KEY_MANAGER_PWD_APP_NAME

ZMS_CLIENT_PROP_TRUSTSTORE_PATH

ZMS_CLIENT_PROP_TRUSTSTORE_TYPE

ZMS_CLIENT_PROP_TRUSTSTORE_PASSWORD

ZMS_CLIENT_PROP_TRUSTSTORE_PWD_APP_NAME

ZMS_CLIENT_PROP_PRIVATE_KEY_STORE_FACTORY_CLASS

ZMS_CLIENT_PROP_CLIENT_PROTOCOL

ZMS_CLIENT_PKEY_STORE_FACTORY_CLASS

ZMS_CLIENT_DEFAULT_CLIENT_SSL_PROTOCOL

Constructor Detail

ZMSClient

ZMSClient

ZMSClient

ZMSClient

ZMSClient

Method Detail

close

setProperty

setZMSRDLGeneratedClient

addCredentials

addCredentials

clearCredentials

getZmsUrl

generateRoleName

generatePolicyName

generateServiceIdentityName

generateEntityName

getDomain

getJWSDomain

getJWSDomain

getJWSDomain

getDomainList

getDomainList

getDomainList

getDomainList

getDomainList

getDomainList

postTopLevelDomain

postSubDomain

postUserDomain

deleteTopLevelDomain

deleteSubDomain

deleteUserDomain

putDomainMeta

putDomainSystemMeta

getRoleList

getRoleList

getRoles

getRoles

getRole

getRole

getRole

getRole

putRole

deleteRole

getMembership

getMembership

getOverdueReview

putMembership

putMembership

putMembershipWithReview

deleteMembership

deletePendingMembership

getUserList