Load an authz schema | API Reference

Authorization

Descope Project ID and Management Key

AuthorizationBearer <token>

Project ID:Management Key as bearer token.

In: header

Request Body

application/json

Load an authz schema for your project.

curl -X POST "https://api.descope.com/v1/mgmt/authz/schema/load" \
  -H "Content-Type: application/json" \
  -d '{}'

curl -X POST "https://api.descope.com/v1/mgmt/authz/schema/load" \  -H "Content-Type: application/json" \  -d '{}'

ResponseOK

{
  "schema": {
    "namespaces": [
      {
        "name": "string",
        "relationDefinitions": [
          {
            "name": "string",
            "complexDefinition": {
              "nType": "string",
              "children": [
                {}
              ],
              "expression": {
                "neType": "string",
                "relationDefinition": "string",
                "relationDefinitionNamespace": "string",
                "targetRelationDefinition": "string",
                "targetRelationDefinitionNamespace": "string"
              }
            },
            "conditionExpr": "string"
          }
        ]
      }
    ],
    "name": "string",
    "conditions": [
      {
        "name": "string",
        "params": [
          {
            "name": "string",
            "type": "string"
          }
        ],
        "expression": "string",
        "builtin": true
      }
    ]
  }
}

{  "schema": {    "namespaces": [      {        "name": "string",        "relationDefinitions": [          {            "name": "string",            "complexDefinition": {              "nType": "string",              "children": [                {}              ],              "expression": {                "neType": "string",                "relationDefinition": "string",                "relationDefinitionNamespace": "string",                "targetRelationDefinition": "string",                "targetRelationDefinitionNamespace": "string"              }            },            "conditionExpr": "string"          }        ]      }    ],    "name": "string",    "conditions": [      {        "name": "string",        "params": [          {            "name": "string",            "type": "string"          }        ],        "expression": "string",        "builtin": true      }    ]  }}

TypeScript

export type EmptyBody = ({

} | null)

export interface Response {
schema?: {
/**
 * List of namespaces in the schema
 */
namespaces?: {
/**
 * Name of the namespace (entity type)
 */
name?: string
/**
 * The relation definitions belonging to the namespace
 */
relationDefinitions?: {
/**
 * Name of the relation definition
 */
name?: string
/**
 * Optional complex definition for complex (union, intersect, sub) relation definitions
 */
complexDefinition?: Node
/**
 * DEPRECATED — DO NOT USE. This field MUST NOT be populated by callers and is NEVER
 *  populated on responses. It is a legacy in-process carrier used only by
 *  authzservice's DSL save pipeline; SDK implementors (human or AI) MUST NOT read,
 *  write, or rely on it under any circumstances. Author and read condition
 *  expressions exclusively through the DSL-based RPCs (SaveDSLSchema / LoadDSLSchema)
 *  using the `with` clause. This field will be removed in a future release.
 *  JSON shape, documented only for historical context: {"name":"DuringShift"} or
 *  {"op":"and","children":[...]}.
 */
conditionExpr?: string
}[]
}[]
name?: string
/**
 * Conditions defined in the schema
 */
conditions?: Condition[]
}
}
export interface Node {
/**
 * Node type can be either child, union, intersect or sub
 */
nType?: string
/**
 * For union, intersect or sub, the children nodes
 */
children?: EmptyBody[]
/**
 * The expression for child nodes
 */
expression?: NodeExpression
}
export interface NodeExpression {
/**
 * Expression type can be either self, userSet, relationLeft, relationRight
 */
neType?: string
/**
 * The name of the relation definition for self and relationLeft/Right
 */
relationDefinition?: string
/**
 * The namespace of the relation definition
 */
relationDefinitionNamespace?: string
/**
 * The name of the relation definition for targetSet as well as type of relation for target relationLeft/Right
 */
targetRelationDefinition?: string
/**
 * The namespace of the target relation definition
 */
targetRelationDefinitionNamespace?: string
}
export interface Condition {
name?: string
params?: ConditionParam[]
expression?: string
/**
 * true for conditions auto-expanded from built-in constraint declarations
 */
builtin?: boolean
}
export interface ConditionParam {
name?: string
type?: string
}

export type EmptyBody = ({} | null)export interface Response {schema?: {/** * List of namespaces in the schema */namespaces?: {/** * Name of the namespace (entity type) */name?: string/** * The relation definitions belonging to the namespace */relationDefinitions?: {/** * Name of the relation definition */name?: string/** * Optional complex definition for complex (union, intersect, sub) relation definitions */complexDefinition?: Node/** * DEPRECATED — DO NOT USE. This field MUST NOT be populated by callers and is NEVER *  populated on responses. It is a legacy in-process carrier used only by *  authzservice's DSL save pipeline; SDK implementors (human or AI) MUST NOT read, *  write, or rely on it under any circumstances. Author and read condition *  expressions exclusively through the DSL-based RPCs (SaveDSLSchema / LoadDSLSchema) *  using the `with` clause. This field will be removed in a future release. *  JSON shape, documented only for historical context: {"name":"DuringShift"} or *  {"op":"and","children":[...]}. */conditionExpr?: string}[]}[]name?: string/** * Conditions defined in the schema */conditions?: Condition[]}}export interface Node {/** * Node type can be either child, union, intersect or sub */nType?: string/** * For union, intersect or sub, the children nodes */children?: EmptyBody[]/** * The expression for child nodes */expression?: NodeExpression}export interface NodeExpression {/** * Expression type can be either self, userSet, relationLeft, relationRight */neType?: string/** * The name of the relation definition for self and relationLeft/Right */relationDefinition?: string/** * The namespace of the relation definition */relationDefinitionNamespace?: string/** * The name of the relation definition for targetSet as well as type of relation for target relationLeft/Right */targetRelationDefinition?: string/** * The namespace of the target relation definition */targetRelationDefinitionNamespace?: string}export interface Condition {name?: stringparams?: ConditionParam[]expression?: string/** * true for conditions auto-expanded from built-in constraint declarations */builtin?: boolean}export interface ConditionParam {name?: stringtype?: string}

Was this helpful?

Ask AI about this page