Object Types
Schema
The ObjectType type represent directory object types.
Listing Object Types
Use the objectTypes query to search for object types.
List All
The following query is used to paginate over all object types:
{
objectTypes(first: 3) {
nodes {
name
isSubject
displayName
ordinal
status
lifecycle {
createdAt
}
}
pageInfo {
hasNextPage
endCursor
}
}
}
Results
{
"data": {
"objectTypes": {
"nodes": [
{
"name": "user",
"isSubject": true,
"displayName": "User",
"ordinal": 100,
"status": [],
"lifecycle": {
"createdAt": "2022-08-16T01:02:39.336401Z"
}
},
{
"name": "group",
"isSubject": true,
"displayName": "Group",
"ordinal": 200,
"status": [],
"lifecycle": {
"createdAt": "2022-08-16T01:02:39.336401Z"
}
},
{
"name": "identity",
"isSubject": false,
"displayName": "Identity",
"ordinal": 300,
"status": [
"READONLY"
],
"lifecycle": {
"createdAt": "2022-08-16T01:02:39.336401Z"
}
}
],
"pageInfo": {
"hasNextPage": true,
"endCursor": "K/+3AwEBBkN1cnNvcgH/uAABAgEIT3B0c0hhc2gBBgABBEtleXMB/7oAAAAW/7kCAQEIW11zdHJpbmcB/7oAAQwAABn/uAH4an7my8dlas8BAgM0MDAFMTAwMDQA"
}
}
}
}
Filtering
The objectTypes query can also be used to filter object types by
providing where criteria. The following query selects object types that are subjects and their name contains the
substring "user":
{
objectTypes(
first: 3,
where: {isSubject: true, name: {contains: "user"}}
) {
nodes {
name
isSubject
displayName
ordinal
status
}
}
}
Results
{
"data": {
"objectTypes": {
"nodes": [
{
"name": "user",
"isSubject": true,
"displayName": "User",
"ordinal": 100,
"status": []
},
{
"name": "user-v1",
"isSubject": true,
"displayName": "UserV1",
"ordinal": 1000,
"status": [
"HIDDEN",
"READONLY"
]
}
]
}
}
}
Creating and Modifying Object Types
The setObjetType mutations is used to create new object types or modify existing ones.
Create
The query below creates an "Organization" object type with the aim of defining various organizations and grant users different levels of access to them. The query returns all fields of the resulting object type:
mutation CreateOrganizationObjectType {
setObjectType(type: {
name: "org"
displayName: "Organization"
isSubject: false
ordinal: 350
status: []
}) {
objectType {
name
displayName
isSubject
ordinal
status
}
}
}
The name of the new type is "org". It must be unique among all object types and is used to refer to the type in other queries and mutations.
The display name, "Organization", is how the type appears in the Aserto Console.
Organization objects do not represent subjects—they are resources that subjects may access with various
permissions. Therefore, the isSubject field is set to false.
Ordinal determines where the object type appears in the list relative to other types, and no additional flags are
set in the status field.
Results
{
"data": {
"setObjectType": {
"objectType": {
"name": "org",
"displayName": "Organization",
"isSubject": false,
"ordinal": 350,
"status": []
}
}
}
}
Modify
All object type fields except name can be modified after creation. The same setObjetType
mutation used above to create a new object type is also used to modify existing ones.
The mutation below modifies the display name of the new type to "Org" and its ordinal to 400.
mutation CreateOrganizationObjectType {
setObjectType(type: {
name: "org"
displayName: "Org"
isSubject: false
ordinal: 400
status: []
}) {
objectType {
name
displayName
isSubject
ordinal
status
}
}
}
Results
{
"data": {
"setObjectType": {
"objectType": {
"name": "org",
"displayName": "Org",
"isSubject": false,
"ordinal": 400,
"status": []
}
}
}
}