API Reference

Version 2.0

Create Marking

POST/api/v2/admin/markings

Warning

This endpoint is in preview and may be modified or removed at any time. To use this endpoint, add preview=true to the request query parameters.

Creates a new Marking.

Third-party applications using this endpoint via OAuth2 must request the following operation scope: api:admin-write.

Query parameters

preview

boolean

optional

Enables the use of preview functionality.

Request body

CreateMarkingRequest

object

Hide child attributes

initialRoleAssignments

list<MarkingRoleUpdate>

optional

The initial roles that will be assigned when the Marking is created. At least one ADMIN role must be provided. This can be changed later through the MarkingRoleAssignment operations.

WARNING: If you do not include your own principal ID or the ID of a Group that you are a member of, you will create a Marking that you cannot administer.

Show child attributes

initialMembers

list<PrincipalId>

optional

Users and Groups that will be able to view resources protected by this Marking. This can be changed later through the MarkingMember operations.

Show child attributes

name

string

description

string

optional

categoryId

string

The ID of a marking category. For user-created categories, this will be a UUID. Markings associated with Organizations are placed in a category with ID "Organization".

Response body

Marking

object

The created Marking

Hide child attributes

string

The ID of a security marking.

categoryId

string

The ID of a marking category. For user-created categories, this will be a UUID. Markings associated with Organizations are placed in a category with ID "Organization".

name

string

description

string

optional

organization

string

optional

If this marking is associated with an Organization, its RID will be populated here.

createdTime

string

The time at which the resource was created.

createdBy

string

optional

The Foundry user who created this resource

Examples

Request

Copied!

curl -X POST \
	-H "Content-type: application/json" \
	-H "Authorization: Bearer $TOKEN" \
	"https://$HOSTNAME/api/v2/admin/markings?preview=true" \
	-d '{"initialMembers":["f05f8da4-b84c-4fca-9c77-8af0b13d11de"],"name":"PII","description":"Contains personally identifiable information about our customers","categoryId":"0950264e-01c8-4e83-81a9-1a6b7f77621a","initialRoleAssignments":[{"role":"ADMINISTER","principalId":"f05f8da4-b84c-4fca-9c77-8af0b13d11de"}]}'

Response

Copied!

{
  "createdBy": "f05f8da4-b84c-4fca-9c77-8af0b13d11de",
  "organization": "ri.multipass..organization.c30ee6ad-b5e4-4afe-a74f-fe4a289f2faa",
  "name": "PII",
  "description": "Contains personally identifiable information about our customers",
  "createdTime": "2003-05-06T12:34:56.789Z",
  "id": "18212f9a-0e63-4b79-96a0-aae04df23336",
  "categoryId": "0950264e-01c8-4e83-81a9-1a6b7f77621a"
}

Error responses

Error Name
`PrincipalNotFound`	Error Code	`NOT_FOUND`
	Status Code	404
	Description	A principal (User or Group) with the given PrincipalId could not be found
	Parameters	`principalId`
`CreateMarkingMissingInitialAdminRole`	Error Code	`INVALID_ARGUMENT`
	Status Code	400
	Description	At least one ADMIN role assignment must be provided when creating a marking.
	Parameters
`CreateMarkingNameInCategoryAlreadyExists`	Error Code	`INVALID_ARGUMENT`
	Status Code	400
	Description	A marking with the same name already exists in the category.
	Parameters	`displayName, categoryId`
`CreateMarkingPermissionDenied`	Error Code	`PERMISSION_DENIED`
	Status Code	403
	Description	Could not create the Marking.
	Parameters

See Errors for a general overview of errors in the platform.