Creates the given auth session policy. If the upsert query param is set to true then, instead of performing a create, the API will switch to performing an upsert. For an upsert request, the following fields are required:
Required Upsert Fields:
ownerTypeownerId
When performing an upsert, the above 2 fields will be used to determine whether the auth session policy resource already exists. If the auth session policy already exists, a partial update will be performed; otherwise, a new auth session policy entity will be created.
In the response of an upsert request, if a create was performed, then a 201 response code will be returned; otherwise, if an update was performed, then a 200 will be returned.
Required Permissions
Below is the list of required permissions needed to interact with this API. For each permission, the allowed permission boundaries are also specified.
| Permission | Boundary | Description |
|---|---|---|
| auth-session-policy:write | Application | The subject can create an auth session policy under the application that the subject belongs to. |
| Tenant | The subject can create an auth session policy for the tenant the subject belongs to. | |
| Tenant Inclusion List | The subject can create an auth session policy for tenants specified in the tenant inclusion list. | |
| Tenant Exclusion List | The subject can create auth session policies for tenants that belong to the subject's application but are not included in the tenant exclusion list. |