IndyKite Developer Hub logo
Back to all resources
ContX IQ ContX IQ Json

ContX IQ: With _Application as a service, get all direct nodes related to a User node.

When a new application with new credentials is created, nodes are created in the IKG. This use case explains how to use the Application node to retrieve data: all nodes with a direct relationship with a User node.

ContX IQ: With _Application as a service, get all direct nodes related to a User node.

Use the _Application node created with a new Application and new AppAgent configurations to retrieve all nodes directly related to a User node.

Use case

When a new Application with new credentials is created, _Application and _AppAgent nodes are created in the IKG.

In order to get all nodes with a relationship with a User node, a CIQ read knowledge query can be used.

You will use the _Application as an authenticated subject.

In this case, Users nodes are created and linked to other nodes. We want to retrieve all nodes directly linked to a specified node.

ikg

Requirements

- ServiceAccount credentials created in the IndyKite Hub for your organization.

- AppAgent credentials created in the IndyKite Hub, using the REST endpoints or using Terraform for your Project / Application.

Steps

1. Using the AppAgent credential as API Key (name: X-IK-ClientKey), ingest data in your IKG (IndyKite Knowledge Graph) using the script provided.

2. Using the ServiceAccount credential as Bearer token, create a CIQ Policy.

3. Using the ServiceAccount credential as Bearer token, create a CIQ Query.

4. Using the AppAgent credential as API Key (name: X-IK-ClientKey), run a CIQ Execution.

5. Delete your configuration.

Step 1

Ingest the nodes needed for this use case.

POST https://eu.api.indykite.com/capture/v1/nodes/Json
{
  "nodes": [
    {
      "external_id": "nico",
      "type": "User",
      "is_identity": true,
      "properties": [
        {
          "type": "email",
          "value": "nico@email.com"
        }
      ]
    },
    {
      "external_id": "fred",
      "type": "User",
      "is_identity": true,
      "properties": [
        {
          "type": "email",
          "value": "fred@email.com"
        }
      ]
    },
    {
      "external_id": "customer",
      "type": "Role",
      "properties": [
        {
          "type": "source",
          "value": "Head"
        }
      ]
    },
    {
      "external_id": "norway",
      "type": "Country",
      "properties": [
        {
          "type": "name",
          "value": "Norway"
        }
      ]
    },
    {
      "external_id": "sweden",
      "type": "Country",
      "properties": [
        {
          "type": "name",
          "value": "Sweden"
        }
      ]
    },
    {
      "external_id": "123456",
      "type": "Account",
      "properties": [
        {
          "type": "location",
          "value": "CityHub"
        }
      ]
    },
    {
      "external_id": "234567",
      "type": "Account",
      "properties": [
        {
          "type": "location",
          "value": "Palace"
        }
      ]
    },
    {
      "external_id": "tyrest",
      "type": "Company",
      "properties": [
        {
          "type": "name",
          "value": "Tyrest"
        }
      ]
    },
    {
      "external_id": "blue",
      "type": "Company",
      "properties": [
        {
          "type": "name",
          "value": "Blue"
        }
      ]
    }
  ]
}

Ingest the relationships needed for this use case.

POST https://eu.api.indykite.com/capture/v1/relationships/Json
{
  "relationships": [
    {
      "source": {
        "external_id": "nico",
        "type": "User"
      },
      "target": {
        "external_id": "tyrest",
        "type": "Company"
      },
      "type": "PART_OF",
      "properties": [
        {
          "type": "weight",
          "value": 1
        }
      ]
    },
    {
      "source": {
        "external_id": "nico",
        "type": "User"
      },
      "target": {
        "external_id": "norway",
        "type": "Country"
      },
      "type": "WORKS_IN"
    },
    {
      "source": {
        "external_id": "customer",
        "type": "Role"
      },
      "target": {
        "external_id": "nico",
        "type": "User"
      },
      "type": "ASSIGNED_TO"
    },
    {
      "source": {
        "external_id": "123456",
        "type": "Account"
      },
      "target": {
        "external_id": "nico",
        "type": "User"
      },
      "type": "BELONGS_TO"
    },
    {
      "source": {
        "external_id": "fred",
        "type": "User"
      },
      "target": {
        "external_id": "sweden",
        "type": "Country"
      },
      "type": "WORKS_IN"
    },
    {
      "source": {
        "external_id": "customer",
        "type": "Role"
      },
      "target": {
        "external_id": "fred",
        "type": "User"
      },
      "type": "ASSIGNED_TO"
    },
    {
      "source": {
        "external_id": "234567",
        "type": "Account"
      },
      "target": {
        "external_id": "fred",
        "type": "User"
      },
      "type": "BELONGS_TO"
    }
  ]
}

Step 2

Policy which designates the derived query can retrieve all nodes directly related to a User node.

policy.jsonJson
{
  "meta": {
    "policy_version": "1.0-ciq"
  },
  "subject": {
    "type": "_Application"
  },
  "condition": {
    "cypher": "MATCH (subject:_Application) MATCH (u:User)-[]-(n:Resource)",
    "filter": [
      {
        "app": "app1",
        "operator": "AND",
        "operands": [
          {
            "attribute": "subject.external_id",
            "operator": "=",
            "value": "$_appId"
          },
          {
            "attribute": "u.external_id",
            "operator": "=",
            "value": "$user_external_id"
          }
        ]
      }
    ]
  },
  "allowed_reads": {
    "nodes": [
      "u",
      "u.*",
      "n",
      "n.*"
    ]
  }
}

Request to create a CIQ Policy configuration using REST.

POST https://eu.api.indykite.com/configs/v1/authorization-policiesJson
{
  "project_id": "your_project_gid",
  "description": "description of policy",
  "display_name": "policy name",
  "name": "policy-name",
  "policy": "{\"meta\":{\"policy_version\":\"1.0-ciq\"},\"subject\":{\"type\":\"_Application\"},\"condition\":{\"cypher\":\"MATCH (subject:_Application) MATCH (u:User)-[]-(n:Resource)\",\"filter\":[{\"app\":\"app1\",\"operator\":\"AND\",\"operands\":[{\"attribute\":\"subject.external_id\",\"operator\":\"=\",\"value\":\"$_appId\"},{\"attribute\":\"u.external_id\",\"operator\":\"=\",\"value\":\"$user_external_id\"}]}]},\"allowed_reads\":{\"nodes\":[\"u\",\"u.*\",\"n\",\"n.*\"]}}",
  "status": "ACTIVE",
  "tags": []
}

Request to read the CIQ Policy configuration using REST.

policy_request.jsonJson
{
  "id": "your_policy_configuration_gid"
}

Step 3

The CIQ Knowledge Query designates the information you want to retrieve.

knowledge_query.jsonJson
{
  "nodes": [
    "n.external_id",
    "n.type",
    "n.property.*"
  ]
}

Request to create a CIQ Knowledge Query configuration using REST.

POST https://eu.api.indykite.com/configs/v1/knowledge-queriesJson
{
  "project_id": "your_project_gid",
  "description": "description of knowledge query",
  "display_name": "knowledge query name",
  "name": "knowledge-query-name",
  "policy_id": "your_policy_gid",
  "query": "{\"nodes\":[\"n.external_id\",\"n.type\",\"n.property.*\"]}",
  "status": "ACTIVE"
}

Read the CIQ Query Configuration.

GET https://eu.api.indykite.com/configs/v1/knowledge-queries/{id}Json
{
  "id": "your_knowledge_query_configuration_gid"
}

Step 4

CIQ Execution request in json format.

POST https://eu.api.indykite.com/contx-iq/v1/executeJson
{
  "id": "knowledge_query_gid",
  "input_params": {
    "user_external_id": "nico"
  },
  "page_token": 1
}

CIQ Execution response in json format.

response.jsonJson
{
  "data": [
    {
      "nodes": {
        "n.external_id": "123456",
        "n.property.*": [
          {
            "type": "location",
            "value": "CityHub"
          }
        ],
        "n.type": "Account"
      }
    },
    {
      "nodes": {
        "n.external_id": "customer",
        "n.property.*": [
          {
            "type": "source",
            "value": "Head"
          }
        ],
        "n.type": "Role"
      }
    },
    {
      "nodes": {
        "n.external_id": "norway",
        "n.property.*": [
          {
            "type": "name",
            "value": "Norway"
          }
        ],
        "n.type": "Country"
      }
    },
    {
      "nodes": {
        "n.external_id": "tyrest",
        "n.property.*": [
          {
            "type": "name",
            "value": "Tyrest"
          }
        ],
        "n.type": "Company"
      }
    }
  ]
}

Step 5

Delete the CIQ Query.

DELETE https://eu.api.indykite.com/configs/v1/knowledge-queries/{id}Json
{
  "id": "your_knowledge_query_configuration_gid"
}

Delete the CIQ Policy.

DELETE https://eu.api.indykite.com/configs/v1/authorization-policies/{id}Json
{
  "id": "your_policy_configuration_gid"
}

Tags

CIQ Policy CIQ Query CIQ Execution Security

Related Resources

ContX IQ basic example

ContX IQ Python

ContX IQ: list authorized resources.

ContX IQ Python

ContX IQ: allow READ action

ContX IQ Json

ContX IQ: allow creation nodes and relationships.

ContX IQ Json

ContX IQ: upsert relationships

ContX IQ Json

ContX IQ: delete nodes and relationships.

ContX IQ Json

ContX IQ: loyalty program.

ContX IQ Json

ContX IQ: link the _Application node to other data in the IKG.

ContX IQ Json

ContX IQ: With _Application node as a subject, read resources and upsert relationships and nodes.

ContX IQ Json

ContX IQ: With User node as a subject, read resources and upsert relationships and nodes.

ContX IQ Json