-
Notifications
You must be signed in to change notification settings - Fork 5.1k
/
geolocation.json
137 lines (137 loc) · 6.96 KB
/
geolocation.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
{
"swagger": "2.0",
"info": {
"title": "Azure Maps Geolocation Service",
"version": "1.0",
"description": "Azure Maps Geolocation REST APIs"
},
"host": "atlas.microsoft.com",
"schemes": [
"https"
],
"consumes": [],
"produces": [
"application/json"
],
"securityDefinitions": {
"AADToken": {
"type": "oauth2",
"authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
"flow": "implicit",
"description": "These are the [Microsoft Entra OAuth 2.0](https://docs.microsoft.com/azure/active-directory/develop/v1-overview) Flows. When paired with [Azure role-based access](https://docs.microsoft.com/azure/role-based-access-control/overview) control it can be used to control access to Azure Maps REST APIs. Azure role-based access controls are used to designate access to one or more Azure Maps resource account or sub-resources. Any user, group, or service principal can be granted access via a built-in role or a custom role composed of one or more permissions to Azure Maps REST APIs.\n\nTo implement scenarios, we recommend viewing [authentication concepts](https://aka.ms/amauth). In summary, this security definition provides a solution for modeling application(s) via objects capable of access control on specific APIs and scopes.\n\n#### Notes\n* This security definition **requires** the use of the `x-ms-client-id` header to indicate which Azure Maps resource the application is requesting access to. This can be acquired from the [Maps management API](https://aka.ms/amauthdetails).\n* \nThe `Authorization URL` is specific to the Azure public cloud instance. Sovereign clouds have unique Authorization URLs and Azure Active directory configurations. \n* \nThe Azure role-based access control is configured from the [Azure management plane](https://aka.ms/amrbac) via Azure portal, PowerShell, CLI, Azure SDKs, or REST APIs.\n* \nUsage of the [Azure Maps Web SDK](https://aka.ms/amaadmc) allows for configuration based setup of an application for multiple use cases.\n* For more information on Microsoft identity platform, see [Microsoft identity platform overview](https://learn.microsoft.com/entra/identity-platform/v2-overview).",
"scopes": {
"https://atlas.microsoft.com/.default": "https://atlas.microsoft.com/.default"
}
},
"SharedKey": {
"type": "apiKey",
"description": "This is a shared key that is provisioned when you [Create an Azure Maps account](https://docs.microsoft.com/azure/azure-maps/quick-demo-map-app#create-an-azure-maps-account) in the Azure portal or using PowerShell, CLI, Azure SDKs, or REST API.\n\n With this key, any application can access all REST API. In other words, this key can be used as a master key in the account that they are issued in.\n\n For publicly exposed applications, our recommendation is to use the [confidential client applications](https://docs.microsoft.com/azure/azure-maps/authentication-best-practices#confidential-client-applications) approach to access Azure Maps REST APIs so your key can be securely stored.",
"name": "subscription-key",
"in": "query"
},
"SasToken": {
"type": "apiKey",
"description": "This is a shared access signature token is created from the List SAS operation on the [Azure Maps resource](https://aka.ms/amauth) through the Azure management plane via Azure portal, PowerShell, CLI, Azure SDKs, or REST APIs.\n\n With this token, any application is authorized to access with Azure role-based access controls and fine-grain control to the expiration, rate, and region(s) of use for the particular token. In other words, the SAS Token can be used to allow applications to control access in a more secured way than the shared key.\n\n For publicly exposed applications, our recommendation is to configure a specific list of allowed origins on the [Map account resource](https://aka.ms/amauth) to limit rendering abuse and regularly renew the SAS Token.",
"name": "SAS Token",
"in": "header"
}
},
"security": [
{
"AADToken": [
"https://atlas.microsoft.com/.default"
]
},
{
"SharedKey": []
},
{
"SasToken": []
}
],
"responses": {},
"parameters": {
"ApiVersion": {
"name": "api-version",
"description": "Version number of Azure Maps API.",
"type": "string",
"in": "query",
"required": true,
"default": "1.0",
"x-ms-parameter-location": "client"
}
},
"paths": {
"/geolocation/ip/{format}": {
"get": {
"description": "\n**Applies to:** see pricing [tiers](https://aka.ms/AzureMapsPricingTier).\n\n\nThis service will return the ISO country code for the provided IP address. Developers can use this information to block or alter certain content based on geographical locations where the application is being viewed from.",
"operationId": "Geolocation_GetIPToLocation",
"x-ms-client-name": "GetLocation",
"x-ms-examples": {
"Successfully retrieve country code from IP address": {
"$ref": "./examples/SuccessfulGetCountryCodeFromIP.json"
}
},
"parameters": [
{
"$ref": "../../../Common/preview/1.0/common.json#/parameters/ClientId"
},
{
"$ref": "#/parameters/ApiVersion"
},
{
"$ref": "../../../Common/preview/1.0/common.json#/parameters/JsonFormat"
},
{
"name": "ip",
"x-ms-client-name": "ipAddress",
"in": "query",
"description": "The IP address. Both IPv4 and IPv6 are allowed.",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/IpAddressToLocationResult"
}
},
"default": {
"$ref": "../../../Common/preview/1.0/common.json#/responses/default"
}
}
}
}
},
"definitions": {
"IpAddressToLocationResult": {
"description": "This object is returned from a successful call to IP Address to country/region API",
"type": "object",
"readOnly": true,
"properties": {
"countryRegion": {
"$ref": "#/definitions/CountryRegion"
},
"ipAddress": {
"description": "The IP Address of the request.",
"type": "string",
"readOnly": true
}
}
},
"CountryRegion": {
"description": "The object containing the country/region information.",
"type": "object",
"readOnly": true,
"properties": {
"isoCode": {
"description": "The IP Address's 2-character code [(ISO 3166-1)](https://www.iso.org/iso-3166-country-codes.html) of the country or region. Please note, IP address in ranges reserved for special purpose will return Null for country/region.",
"type": "string",
"readOnly": true
}
}
}
}
}