{"openapi":"3.0.0","info":{"version":"0.0.1","title":"IDv2: User management"},"x-atlassian-narrative":{"documents":[{"title":"About the user management REST API","anchor":"about","body":"The User management REST API provides resources to administer and edit managed accounts. Use this API to:\n- Get user management permissions\n- Get and update profiles\n- Deactivate and delete accounts\n\nTo manage your organization, use the [Organizations REST API](https://developer.atlassian.com/cloud/admin/organization/rest/intro/).\n\nTo integrate your organization with an identity provider, use the [User provisioning REST API](https://developer.atlassian.com/cloud/admin/user-provisioning/rest/intro)."},{"title":"Authentication and authorization","anchor":"auth","body":"To use the user management REST API you must have a valid API key. The API key protects the API\nand ensures that you have permission to update and deactivate the accounts owned by your organization.\nYou can use the same API key for the organizations REST API and the user management REST API.\nFor more information, see [Create an API key](https://confluence.atlassian.com/x/jPnJOQ).\n\nOnce you have your API key, you can provide it as a bearer token\nin the `Authorization` part of your HTTPS header."},{"title":"Version and URI","anchor":"uri","body":"\nThis documentation is for version 1 of the user management REST API. The URIs for resources\nhave the following structure:\n\n```\nhttps://api.atlassian.com/users/\n```"},{"title":"Experimental features","anchor":"Experimental features","body":"\nMethods marked as experimental may change without an earlier notice. We are looking for your feedback for these methods."},{"title":"Vocabulary","anchor":"Vocabulary","body":"\nThere are several concepts that are common ideas with a unique meaning in Atlassian Administration. Learn more about [terminology](https://developer.atlassian.com/cloud/admin/cloud-admin-vocabulary/) related to the cloud admin experience."}]},"security":[{"bearerAuth":[]}],"servers":[{"url":"https://api.atlassian.com","description":"Atlassian API endpoint"}],"tags":[{"name":"Manage","description":"Manage APIs"},{"name":"Profile","description":"Profile APIs"},{"name":"Email","description":"Email APIs"},{"name":"Api Tokens","description":"Api Token APIs"},{"name":"Lifecycle","description":"Lifecycle APIs"}],"paths":{"/users/{account_id}/manage":{"get":{"summary":"Get user management permissions","description":"Returns the set of permissions you have for managing the specified Atlassian account","tags":["Manage"],"parameters":[{"in":"path","name":"account_id","schema":{"$ref":"#/components/schemas/AccountId"},"description":"The user account to manage","required":true},{"name":"privileges","in":"query","required":false,"schema":{"type":"array","items":{"type":"string","enum":["profile","profile.write","profile.read","email.set","lifecycle.enablement","lifecycle.delete","apiToken.read","apiToken.delete"]}}}],"responses":{"200":{"description":"You have permission to manage at least some aspect of the specified user account. Restrictions around the privileges specified are returned.\n- _profile_: DEPRECATED, replace by profile.write\n- _profile.read_: have permission to read the profile data of the user account (at GET ./profile)\n- _profile.write_: refers to the object mutability of the user's profile (at PATCH ./profile)\n- _email.set_: have permission to set the user's email address (at PUT ./email)\n- _lifecycle.enablement_: have permission to activate and deactivate the user's account (at POST ./lifecycle/enable AND ./lifecycle/disable)\n- _lifecycle.delete_: have permission to delete and cancel the deletion of the user's account (at POST ./lifecycle/delete AND ./lifecycle/cancel-delete)\n- _apiToken.read_: have permission to list the user's API tokens (at GET ./api-tokens)\n- _apiToken.delete_: have permission to delete API tokens from the account (at DELETE ./api-tokens/{tokenId})\n","content":{"application/json":{"schema":{"type":"object","properties":{"profile":{"$ref":"#/components/schemas/Manageability.Rule.ObjectMutability"},"profile.write":{"$ref":"#/components/schemas/Manageability.Rule.ObjectMutability"},"profile.read":{"$ref":"#/components/schemas/Manageability.Rule.Simple"},"email.set":{"$ref":"#/components/schemas/Manageability.Rule.Simple"},"lifecycle.enablement":{"$ref":"#/components/schemas/Manageability.Rule.Simple"},"lifecycle.delete":{"$ref":"#/components/schemas/Manageability.Rule.Simple"},"apiToken.read":{"$ref":"#/components/schemas/Manageability.Rule.Simple"},"apiToken.delete":{"$ref":"#/components/schemas/Manageability.Rule.Simple"}}}}}},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/Forbidden"},"404":{"$ref":"#/components/responses/NotFound.Account"}}}},"/users/{account_id}/manage/profile":{"get":{"summary":"Get profile","description":"Returns information about a single Atlassian account by ID","tags":["Profile"],"parameters":[{"in":"path","name":"account_id","schema":{"$ref":"#/components/schemas/AccountId"},"description":"The ID of the user","required":true}],"responses":{"200":{"description":"You have permission to manage the user. The profile data is returned.\n","content":{"application/json":{"schema":{"type":"object","required":["account"],"properties":{"account":{"$ref":"#/components/schemas/AtlassianAccountUser"}}}}}},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/Forbidden"},"404":{"$ref":"#/components/responses/NotFound.Account"}}},"patch":{"summary":"Update profile","description":"Updates fields in a user account. The `profile.write` privilege details which fields you can change.","tags":["Profile"],"parameters":[{"in":"path","name":"account_id","schema":{"$ref":"#/components/schemas/AccountId"},"description":"The ID of the user to update","required":true}],"requestBody":{"description":"The information to change, a subset of the mutable fields described in the `profile.write` privilege.","required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/AtlassianAccountUser"}}}},"responses":{"200":{"description":"You have permission to manage the user. The profile is updated.\n","content":{"application/json":{"schema":{"type":"object","required":["account"],"properties":{"account":{"$ref":"#/components/schemas/AtlassianAccountUser"}}}}}},"400":{"$ref":"#/components/responses/BadRequest.Body"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/Forbidden.FieldMutation"},"404":{"$ref":"#/components/responses/NotFound.Account"}}}},"/users/{account_id}/manage/email":{"put":{"summary":"Set email\n","description":"Sets the specified user's email address. Before using this endpoint, you must [verify the target domain](https://confluence.atlassian.com/x/gjcWN) as the new email address will be considered verified.\nThe permission to make use of this resource is exposed by the `email.set` privilege.\nThis call invalidates all active sessions.\n","tags":["Email"],"parameters":[{"in":"path","name":"account_id","schema":{"$ref":"#/components/schemas/AccountId"},"description":"The ID of the user\n","required":true}],"requestBody":{"description":"An object containing the email address\n","required":true,"content":{"application/json":{"schema":{"type":"object","required":["email"],"properties":{"email":{"$ref":"#/components/schemas/Email"}}}}}},"responses":{"204":{"$ref":"#/components/responses/NoContent"},"400":{"$ref":"#/components/responses/BadRequest.Body"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/Forbidden.UnclaimedDomain"},"404":{"$ref":"#/components/responses/NotFound.Account"}}}},"/users/{account_id}/manage/api-tokens":{"get":{"summary":"Get API tokens","description":"Gets the API tokens owned by the specified user.","tags":["Api Tokens"],"parameters":[{"in":"path","name":"account_id","schema":{"$ref":"#/components/schemas/AccountId"},"description":"The ID of the user","required":true}],"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/ApiTokenModel"}}}}},"400":{"$ref":"#/components/responses/BadRequest.Body"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/Forbidden.Action"},"404":{"$ref":"#/components/responses/NotFound.Account"},"429":{"description":"Rate limited due to too many requests. For more information, see [Rate limiting](https://developer.atlassian.com/cloud/jira/platform/rate-limiting/)."}}}},"/users/{account_id}/manage/api-tokens/{tokenId}":{"delete":{"summary":"Delete API token","description":"Deletes a specifid API token by ID.","tags":["Api Tokens"],"parameters":[{"in":"path","name":"account_id","schema":{"$ref":"#/components/schemas/AccountId"},"description":"The ID of the user","required":true},{"name":"tokenId","description":"The ID of the API token","example":"fake-tokenId","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"The API token was deleted"},"400":{"$ref":"#/components/responses/BadRequest.Body"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/Forbidden.Action"},"404":{"$ref":"#/components/responses/NotFound.Account"}}}},"/users/{account_id}/manage/lifecycle/disable":{"post":{"summary":"Deactivate a user","description":"\nDeactivate the specified user account. The permission to make use of this resource is exposed by the `lifecycle.enablement` privilege.\nYou can optionally set a message associated with the block. If none is supplied, a default message will be used.\n","tags":["Lifecycle"],"parameters":[{"in":"path","name":"account_id","schema":{"$ref":"#/components/schemas/AccountId"},"description":"The ID of the user\n","required":true}],"requestBody":{"description":"An object containing a message\n","required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string","example":"On 6-month suspension"}}}}}},"responses":{"204":{"$ref":"#/components/responses/NoContent"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/Forbidden.Action"},"404":{"$ref":"#/components/responses/NotFound.Account"}}}},"/users/{account_id}/manage/lifecycle/enable":{"post":{"summary":"Activate a user","description":"Activates the specified user account. The permission to make use of this resource is exposed by the\n`lifecycle.enablement` privilege.\n\nUser accounts that were deactivated due to US export controls cannot be reactivated using this API. If you believe\nthe account was incorrectly blocked, please contact [Atlassian Support](https://support.atlassian.com/contact).\n\nUser accounts that have been deleted need the deletion to be canceled before reactivating.\n","tags":["Lifecycle"],"parameters":[{"in":"path","name":"account_id","schema":{"$ref":"#/components/schemas/AccountId"},"description":"The unique identifier of the user to activate.\n","required":true}],"responses":{"204":{"$ref":"#/components/responses/NoContent"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/Forbidden.Action"},"404":{"$ref":"#/components/responses/NotFound.Account"},"409":{"$ref":"#/components/responses/Conflict.LifecycleError"}}}},"/users/{account_id}/manage/lifecycle/delete":{"post":{"summary":"Delete account","description":"This API will:\n- Delete a managed account from Atlassian Administration.\n- Withdraw complete access to all products and services listed in Atlassian Administration.\n- Remove reference to the account from all lists under Directory in Atlassian Administration.\n\nSpecifications:\n- Deleting an account is permanent. If you think you’ll need the account again, we recommend you [deactivate](https://support.atlassian.com/user-management/docs/deactivate-a-managed-account/) it instead.\n- Before you permanently delete the account, you’ll have a 14-day grace period, during which the account will appear as temporarily deactivated.\n\nLearn more about [deleting a managed account](https://support.atlassian.com/user-management/docs/delete-a-managed-account/).\n\nLearn the fastest way to get the paramaters and delete account with a detailed [tutorial](https://developer.atlassian.com/cloud/admin/user-management/delete-managed-account/#delete-account). \n\nThe permission to make use of this resource is exposed by the `lifecycle.delete` privilege. Learn more about [Get user management permissions API](https://developer.atlassian.com/cloud/admin/user-management/rest/api-group-manage/#api-users-account-id-manage-get) to manage the specified user.\n","tags":["Lifecycle"],"parameters":[{"in":"path","name":"account_id","schema":{"$ref":"#/components/schemas/AccountId"},"description":"Unique ID of the user's account that you are deleting. Use the [Get users in an organization API](https://developer.atlassian.com/cloud/admin/organization/rest/api-group-users/#api-orgs-orgid-users-get) to get the accountId.\n","required":true}],"responses":{"200":{"$ref":"#/components/responses/SuccessfulWithMessage"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/Forbidden.Action"},"404":{"$ref":"#/components/responses/NotFound.Account"},"409":{"$ref":"#/components/responses/Conflict.LifecycleError"}}}},"/users/{account_id}/manage/lifecycle/cancel-delete":{"post":{"summary":"Cancel delete account","description":"This API will:\n - Cancel the scheduled deletion of the specified managed account.\n - Restore and activate the user’s account.\n \n Specifications:\n - You can cancel the deletion within the 14-day grace period of deleting a managed account. After that the account is permanently deleted.\n \n The permission to make use of this resource is exposed by the `lifecycle.delete` privilege. Learn more about [Get user management permissions API](https://developer.atlassian.com/cloud/admin/user-management/rest/api-group-manage/#api-users-account-id-manage-get) to manage the specified user.\n","tags":["Lifecycle"],"parameters":[{"in":"path","name":"account_id","schema":{"$ref":"#/components/schemas/AccountId"},"description":"Unique ID of the user's account that you are deleting. Use the [Get users in an organization API](https://developer.atlassian.com/cloud/admin/organization/rest/api-group-users/#api-orgs-orgid-users-get) to get the accountId.\n","required":true}],"responses":{"200":{"$ref":"#/components/responses/SuccessfulWithMessage"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/Forbidden.Action"},"404":{"$ref":"#/components/responses/NotFound.Account"}}}}},"components":{"securitySchemes":{"bearerAuth":{"type":"http","scheme":"bearer"}},"schemas":{"AtlassianAccountUser":{"allOf":[{"$ref":"#/components/schemas/User"},{"type":"object","required":["nickname"],"properties":{"nickname":{"$ref":"#/components/schemas/Nickname"},"zoneinfo":{"$ref":"#/components/schemas/ZoneInfo"},"locale":{"$ref":"#/components/schemas/Locale"},"extended_profile":{"$ref":"#/components/schemas/ExtendedProfile"}}}]},"ExtendedProfile":{"type":"object","properties":{"job_title":{"$ref":"#/components/schemas/JobTitle"},"organization":{"$ref":"#/components/schemas/Organization"},"department":{"$ref":"#/components/schemas/Department"},"location":{"$ref":"#/components/schemas/Location"}}},"AccountId":{"type":"string","pattern":"[a-zA-Z0-9_|:-]{1,128}\n","description":"A unique account identifier","example":"557057:4f9acfd2-6155-419b-8de5-5b5cf27a59a0","readOnly":true},"Nickname":{"type":"string","pattern":".{1,30}","description":"A nickname for the user in content references to the user.\n\n_Constraints_\n- `maxLength`: The maximum nickname length is 30 characters\n- `validCharacters`: Control and null characters are not allowed\n","example":"marshmallow"},"Name":{"type":"string","example":"Lila User","description":"The display name of the user. Should be used for contextual rendering of\ncontent authorship.\n\n_Constraints_\n- `maxLength`: The maximum display name length is 100 characters\n- `validCharacters`: Control and null characters are not allowed\n"},"Locale":{"type":"string","description":"An IETF BCP 47 locale string","example":"en-US"},"ZoneInfo":{"type":"string","description":"A unix zoneinfo string describing the local timezone of the user\n","example":"America/Los_Angeles"},"Email":{"type":"string","description":"The email address of the user.\n\n_Constraints_\n- `partMaxLength`: The maximum length of the user part and of any\n subdomain is 255 characters.\n- `validCharacters`: Control and null characters are not allowed\n","example":"vmars@marsinvestigations.com"},"JobTitle":{"type":"string","description":"The job title of the user\n","example":"Lead Investigator"},"Organization":{"type":"string","description":"The organisation to which the user belongs\n","example":"Amalgamated Investigations"},"Department":{"type":"string","description":"The department in which the user works\n","example":"Investigations"},"Location":{"type":"string","description":"The physical location of the user\n","example":"Lompoc, CA"},"Password":{"type":"string","description":"A secret for use by the user in basic authentication flows\n","example":"hunter2","writeOnly":true},"AccountCharacteristics":{"type":"object","properties":{"not_mentionable":{"type":"boolean","example":false}},"readOnly":true},"Avatar":{"type":"string","example":"https://www.example.com/avatars/userl","description":"The absolute URI (RFC3986) to the avatar name of the user.\n","readOnly":true},"AccountType":{"type":"string","description":"The type of account","enum":["atlassian","customer","app"],"readOnly":true},"AccountStatus":{"type":"string","description":"The lifecycle status of the account","enum":["active","inactive","closed"],"readOnly":true},"User":{"type":"object","required":["account_id","account_status","account_type","name","email","picture"],"properties":{"account_id":{"$ref":"#/components/schemas/AccountId"},"account_type":{"$ref":"#/components/schemas/AccountType"},"account_status":{"$ref":"#/components/schemas/AccountStatus"},"name":{"$ref":"#/components/schemas/Name"},"picture":{"$ref":"#/components/schemas/Avatar"},"email":{"allOf":[{"$ref":"#/components/schemas/Email"}],"readOnly":true},"characteristics":{"$ref":"#/components/schemas/AccountCharacteristics"}}},"Manageability.RestrictionReason":{"type":"object","required":["key"],"properties":{"key":{"description":"The property or action is restricted because:\n\n- _administrative_: The property or action is restricted\n because it is intended exclusively for administrative use\n- _administrative.notMyself_: The property or action\n is restricted because it is intended for administrative use and\n is forbidden for self-use.\n- _authPolicy.saml_: The property is restricted as it is set on login by SAML\n- _blocked.exportControl_: The property/action is restricted because\n the user is blocked by US export control\n- _externalDirectory.scim_: The property/action is restricted because\n the user is managed by an external SCIM directory\n- _externalDirectory.google_: The property/action is restricted because\n the user is managed by an external Google directory\n- _myselfOnly_: The property or action is restricted because it is\n available only to the user which the account belongs to\n- _managedAccount_: The property or action is restricted because it is\n available only to the user's organisation administrator\n","enum":["administrative","administrative.notMyself","authPolicy.saml","blocked.exportControl","externalDirectory.scim","externalDirectory.google","myselfOnly","managedAccount"],"example":"managedAccount"}}},"Manageability.Allowed":{"type":"object","description":"You are allowed to take or write the action/property\n","required":["allowed"],"properties":{"allowed":{"type":"boolean","enum":[true],"example":true}}},"Manageability.Unallowed":{"type":"object","description":"You are not allowed to take or write the action/property\n","required":["allowed","reason"],"properties":{"allowed":{"type":"boolean","enum":[false],"example":false},"reason":{"$ref":"#/components/schemas/Manageability.RestrictionReason"}}},"Manageability.Rule.Simple":{"type":"object","oneOf":[{"$ref":"#/components/schemas/Manageability.Allowed"},{"$ref":"#/components/schemas/Manageability.Unallowed"}],"discriminator":{"propertyName":"allowed","mapping":{"true":"#/components/schemas/Manageability.Allowed","false":"#/components/schemas/Manageability.Unallowed"}},"example":{"allowed":true}},"Manageability.Rule.ObjectMutability":{"type":"object","description":"Describes your permissions to change the object. Each key should be a valid JSON path of the target object.\n","additionalProperties":{"$ref":"#/components/schemas/Manageability.Rule.Simple"},"minProperties":1,"example":{"name":{"allowed":true},"nickname":{"allowed":true},"zoneinfo":{"allowed":true},"locale":{"allowed":true},"extended_profile.job_title":{"allowed":true},"extended_profile.organization":{"allowed":true},"extended_profile.department":{"allowed":true},"extended_profile.location":{"allowed":true}}},"ApiTokenModel":{"type":"object","description":"API Token information","required":["createdAt","id","label"],"properties":{"label":{"type":"string","example":"My Addon","description":"Human readable description for the token."},"lastAccess":{"type":"string","example":"2015-05-12T20:20:50.521Z","description":"Timestamp last time the token was used to Authenticate as a UTC-ISO8601 string\n"},"createdAt":{"type":"string","example":"2015-04-12T23:20:50.522Z","description":"Timestamp of when the token was generated as a UTC-ISO8601 string"},"id":{"type":"string","description":"Container token id. This is the identifier of the system user associated with the container token."}}},"Response.BadRequest.BodyParseFailure":{"description":"The body was not parsed successfully.\n","type":"object","required":["key"],"properties":{"key":{"type":"string","example":"bodyParseFailure"}}},"Response.BadRequest.FieldConstraintsViolated":{"description":"The submitted JSON entity had one or more invalid properties.\nFor each invalid field, a set of violated constraint keys are returned.\n","type":"object","required":["key","context"],"properties":{"key":{"type":"string","example":"fieldConstraintsViolated"},"context":{"type":"object","required":["fieldViolations"],"properties":{"fieldViolations":{"type":"array","minItems":1,"items":{"type":"object","required":["field","violations"],"properties":{"field":{"type":"string","description":"The JSON path to the field with an invalid value","example":"nickname"},"violations":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","required":["key"],"properties":{"key":{"type":"string","description":"The key for a constraint that the submitted value has violated.\nSee documentation for any submittable model for a set of constraint keys and definitions.\n","example":"maxLength"}}}}}}}}}}},"Response.Forbidden.Basic":{"description":"You are not authorized to access this resource\n","type":"object","required":["key"],"properties":{"key":{"type":"string","enum":["forbidden"],"example":"forbidden"}}},"Response.Forbidden.Action":{"type":"object","required":["key","context"],"properties":{"key":{"type":"string","enum":["forbidden.action"],"example":"forbidden.action"},"context":{"$ref":"#/components/schemas/Manageability.Unallowed"}}},"Response.Forbidden.UnclaimedDomain":{"type":"object","required":["key"],"properties":{"key":{"type":"string","enum":["forbidden.unclaimedDomain"],"example":"forbidden.unclaimedDomain"},"context":{"type":"object","required":["domain"],"properties":{"domain":{"type":"string","example":"vanlowe-pi.net"}}}}},"Response.Forbidden.ObjectMutability":{"type":"object","required":["key","context"],"properties":{"key":{"type":"string","enum":["forbidden.fieldMutation"],"example":"forbidden.fieldMutation"},"context":{"$ref":"#/components/schemas/Manageability.Rule.ObjectMutability"}}},"Response.Forbidden.TargetUnverified":{"description":"Cannot manage an unverified target account\n","type":"object","required":["key"],"properties":{"key":{"type":"string","enum":["forbidden.targetUnverified"],"example":"forbidden.targetUnverified"}}},"LifecycleErrors":{"type":"array","minItems":1,"items":{"title":"LifecycleError","type":"object","required":["code"],"properties":{"code":{"type":"string"},"message":{"type":"string"},"link":{"type":"string"}}}}},"responses":{"NoContent":{"description":"Everything went fine, nothing to return."},"SuccessfulWithMessage":{"description":"Success","content":{"application/json":{"schema":{"title":"ResultMessage","type":"object","properties":{"message":{"type":"string"}},"example":{"message":"Success"}}}}},"BadRequest.Body":{"description":"The request body was malformed or a field violated its constraints.\n","content":{"application/json":{"schema":{"type":"object","oneOf":[{"$ref":"#/components/schemas/Response.BadRequest.BodyParseFailure"},{"$ref":"#/components/schemas/Response.BadRequest.FieldConstraintsViolated"}],"discriminator":{"propertyName":"key","mapping":{"bodyParseFailure":"#/components/schemas/Response.BadRequest.BodyParseFailure","fieldConstraintsViolated":"#/components/schemas/Response.BadRequest.FieldConstraintsViolated"}},"example":{"key":"bodyParseFailure"}}}}},"Unauthorized":{"description":"You are unauthenticated.","content":{"application/json":{"schema":{"title":"Unauthorized","type":"object","required":["key"],"properties":{"key":{"type":"string","enum":["unauthorized"]}},"example":{"key":"unauthorized"}}}}},"Forbidden":{"description":"You are authenticated but have no permission to manage the target user.\n","content":{"application/json":{"schema":{"type":"object","oneOf":[{"$ref":"#/components/schemas/Response.Forbidden.Basic"},{"$ref":"#/components/schemas/Response.Forbidden.TargetUnverified"}],"discriminator":{"propertyName":"key","mapping":{"forbidden":"#/components/schemas/Response.Forbidden.Basic","forbidden.targetUnverified":"#/components/schemas/Response.Forbidden.TargetUnverified"}},"example":{"key":"forbidden"}}}}},"Forbidden.Action":{"description":"You are authenticated but do not have the authority to take this action.\n","content":{"application/json":{"schema":{"type":"object","oneOf":[{"$ref":"#/components/schemas/Response.Forbidden.Basic"},{"$ref":"#/components/schemas/Response.Forbidden.Action"},{"$ref":"#/components/schemas/Response.Forbidden.TargetUnverified"}],"discriminator":{"propertyName":"key","mapping":{"forbidden":"#/components/schemas/Response.Forbidden.Basic","forbidden.action":"#/components/schemas/Response.Forbidden.Action","forbidden.targetUnverified":"#/components/schemas/Response.Forbidden.TargetUnverified"}},"example":{"key":"forbidden"}}}}},"Forbidden.UnclaimedDomain":{"description":"You are authenticated but one of the following is true:\n\n- You do not have the authority to manage the user\n- You do not have the authority to take the action\n- You do not have authority over a specified domain\n","content":{"application/json":{"schema":{"type":"object","oneOf":[{"$ref":"#/components/schemas/Response.Forbidden.Basic"},{"$ref":"#/components/schemas/Response.Forbidden.Action"},{"$ref":"#/components/schemas/Response.Forbidden.UnclaimedDomain"},{"$ref":"#/components/schemas/Response.Forbidden.TargetUnverified"}],"discriminator":{"propertyName":"key","mapping":{"forbidden":"#/components/schemas/Response.Forbidden.Basic","forbidden.action":"#/components/schemas/Response.Forbidden.Action","forbidden.unclaimedDomain":"#/components/schemas/Response.Forbidden.UnclaimedDomain","forbidden.targetUnverified":"#/components/schemas/Response.Forbidden.TargetUnverified"}},"example":{"key":"forbidden"}}}}},"Forbidden.FieldMutation":{"description":"You are authenticated but one of the following is true:\n\n- You have no right to manage the target user\n- You do not have the authority to change one or more requested properties\n","content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/Response.Forbidden.Basic"},{"$ref":"#/components/schemas/Response.Forbidden.ObjectMutability"},{"$ref":"#/components/schemas/Response.Forbidden.TargetUnverified"}],"discriminator":{"propertyName":"key","mapping":{"forbidden":"#/components/schemas/Response.Forbidden.Basic","forbidden.fieldMutation":"#/components/schemas/Response.Forbidden.ObjectMutability","forbidden.targetUnverified":"#/components/schemas/Response.Forbidden.TargetUnverified"}},"example":{"key":"forbidden"}}}}},"NotFound.Account":{"description":"The requested resource does not exist.","content":{"application/json":{"schema":{"title":"NotFound.Account","type":"object","properties":{"key":{"description":"- _accountNotFound_: Requested accountId not found\n- _notFound_: Requested resource not found\n","type":"string","enum":["accountNotFound","notFound"]}},"required":["key"],"example":{"key":"accountNotFound"}}}}},"Conflict.LifecycleError":{"description":"This account isn't eligible for the requested action\n\nSee: https://confluence.atlassian.com/x/pTgoPQ for details\n","content":{"application/json":{"schema":{"title":"Conflict.LifecycleErrors","type":"object","required":["key","context"],"properties":{"key":{"type":"string","enum":["conflict.lifecycleErrors"]},"context":{"title":"LifecycleErrors.Context","type":"object","required":["message","accountId","errorCodes"],"properties":{"message":{"type":"string"},"accountId":{"$ref":"#/components/schemas/AccountId"},"errorCodes":{"$ref":"#/components/schemas/LifecycleErrors"}}}}}}}}}}}