From 8e87ddd4eaf7a3dd6e8ebfc6b46d1b6b9f842c64 Mon Sep 17 00:00:00 2001
From: Ho Ngoc Hai <hongochai10@icloud.com>
Date: Wed, 14 Jan 2026 19:29:27 +0700
Subject: [PATCH] docs: Expand IAM Service documentation to include new API
 endpoints for Organizations, Groups, Access Requests, Access Reviews,
 Privileged Access, Audit, and Compliance

- Added detailed sections for new API endpoints in both English and Vietnamese, covering functionalities for managing organizations, groups, access requests, access reviews, privileged access, audit logs, and compliance reports.
- Enhanced documentation clarity and accessibility, reflecting the latest features introduced in the IAM Service.
---
 services/iam-service-net/docs/en/README.md | 71 ++++++++++++++++++++++
 services/iam-service-net/docs/vi/README.md | 71 ++++++++++++++++++++++
 2 files changed, 142 insertions(+)

diff --git a/services/iam-service-net/docs/en/README.md b/services/iam-service-net/docs/en/README.md
index 4da9773b..d880da74 100644
--- a/services/iam-service-net/docs/en/README.md
+++ b/services/iam-service-net/docs/en/README.md
@@ -142,6 +142,77 @@ dotnet ef database update \
 | `/health/live` | Liveness probe |
 | `/health/ready` | Readiness probe |
 
+### Organizations (`/api/v1/organizations`) - Phase 2
+
+| Method | Endpoint | Description | Auth |
+|--------|----------|-------------|------|
+| `GET` | `/api/v1/organizations/{id}` | Get organization by ID | ✅ |
+| `GET` | `/api/v1/organizations/slug/{slug}` | Get organization by slug | ✅ |
+| `POST` | `/api/v1/organizations` | Create organization | ✅ |
+| `PUT` | `/api/v1/organizations/{id}` | Update organization | ✅ |
+| `DELETE` | `/api/v1/organizations/{id}` | Archive organization | ✅ |
+| `GET` | `/api/v1/organizations/{id}/hierarchy` | Get hierarchy | ✅ |
+| `GET` | `/api/v1/organizations/{id}/children` | Get child orgs | ✅ |
+
+### Groups (`/api/v1/groups`) - Phase 2
+
+| Method | Endpoint | Description | Auth |
+|--------|----------|-------------|------|
+| `GET` | `/api/v1/groups` | List groups | ✅ |
+| `GET` | `/api/v1/groups/{id}` | Get group by ID | ✅ |
+| `POST` | `/api/v1/groups` | Create group | ✅ |
+| `DELETE` | `/api/v1/groups/{id}` | Delete group | ✅ |
+| `POST` | `/api/v1/groups/{id}/members` | Add member | ✅ |
+| `DELETE` | `/api/v1/groups/{id}/members/{userId}` | Remove member | ✅ |
+
+### Access Requests (`/api/v1/access-requests`) - Phase 3A
+
+| Method | Endpoint | Description | Auth |
+|--------|----------|-------------|------|
+| `POST` | `/api/v1/access-requests` | Create access request | ✅ |
+| `GET` | `/api/v1/access-requests` | List requests | ✅ |
+| `GET` | `/api/v1/access-requests/{id}` | Get request by ID | ✅ |
+| `POST` | `/api/v1/access-requests/{id}/submit` | Submit request | ✅ |
+| `POST` | `/api/v1/access-requests/{id}/approve` | Approve | ✅ |
+| `POST` | `/api/v1/access-requests/{id}/reject` | Reject | ✅ |
+| `DELETE` | `/api/v1/access-requests/{id}` | Cancel request | ✅ |
+| `GET` | `/api/v1/access-requests/pending` | Pending requests | ✅ |
+
+### Access Reviews (`/api/v1/access-reviews`) - Phase 3B
+
+| Method | Endpoint | Description | Auth |
+|--------|----------|-------------|------|
+| `POST` | `/api/v1/access-reviews` | Create access review | ✅ |
+| `GET` | `/api/v1/access-reviews/{id}` | Get review by ID | ✅ |
+| `POST` | `/api/v1/access-reviews/{id}/items` | Add item | ✅ |
+| `POST` | `/api/v1/access-reviews/{id}/start` | Start review | ✅ |
+| `POST` | `/api/v1/access-reviews/{id}/items/{itemId}/review` | Certify/Revoke | ✅ |
+| `POST` | `/api/v1/access-reviews/{id}/complete` | Complete | ✅ |
+
+### Privileged Access (`/api/v1/privileged-access`) - Phase 3B PAM
+
+| Method | Endpoint | Description | Auth |
+|--------|----------|-------------|------|
+| `POST` | `/api/v1/privileged-access/request` | Request JIT access | ✅ |
+| `GET` | `/api/v1/privileged-access/active` | Active grants | ✅ |
+| `POST` | `/api/v1/privileged-access/{id}/revoke` | Revoke access | ✅ |
+
+### Audit (`/api/v1/audit`) - Phase 4A
+
+| Method | Endpoint | Description | Auth |
+|--------|----------|-------------|------|
+| `GET` | `/api/v1/audit/logs` | Get audit logs (filtered) | ✅ |
+
+### Compliance (`/api/v1/compliance`) - Phase 4A
+
+| Method | Endpoint | Description | Auth |
+|--------|----------|-------------|------|
+| `POST` | `/api/v1/compliance/reports` | Generate report | ✅ |
+| `GET` | `/api/v1/compliance/reports` | List reports | ✅ |
+| `GET` | `/api/v1/compliance/reports/{id}` | Report detail | ✅ |
+| `POST` | `/api/v1/compliance/reports/{id}/complete` | Complete report | ✅ |
+| `GET` | `/api/v1/compliance/violations` | Unresolved violations | ✅ |
+
 ## Authentication Flow
 
 ### Step 1: Register a New User
diff --git a/services/iam-service-net/docs/vi/README.md b/services/iam-service-net/docs/vi/README.md
index 1decc2c5..264089a1 100644
--- a/services/iam-service-net/docs/vi/README.md
+++ b/services/iam-service-net/docs/vi/README.md
@@ -155,6 +155,77 @@ dotnet ef migrations list \
 | `/health/live` | Kiểm tra sống |
 | `/health/ready` | Kiểm tra sẵn sàng |
 
+### Organizations (`/api/v1/organizations`) - Phase 2
+
+| Method | Endpoint | Mô Tả | Auth |
+|--------|----------|-------|------|
+| `GET` | `/api/v1/organizations/{id}` | Lấy tổ chức theo ID | ✅ |
+| `GET` | `/api/v1/organizations/slug/{slug}` | Lấy tổ chức theo slug | ✅ |
+| `POST` | `/api/v1/organizations` | Tạo tổ chức mới | ✅ |
+| `PUT` | `/api/v1/organizations/{id}` | Cập nhật tổ chức | ✅ |
+| `DELETE` | `/api/v1/organizations/{id}` | Lưu trữ tổ chức | ✅ |
+| `GET` | `/api/v1/organizations/{id}/hierarchy` | Lấy phân cấp | ✅ |
+| `GET` | `/api/v1/organizations/{id}/children` | Lấy tổ chức con | ✅ |
+
+### Groups (`/api/v1/groups`) - Phase 2
+
+| Method | Endpoint | Mô Tả | Auth |
+|--------|----------|-------|------|
+| `GET` | `/api/v1/groups` | Danh sách groups | ✅ |
+| `GET` | `/api/v1/groups/{id}` | Lấy group theo ID | ✅ |
+| `POST` | `/api/v1/groups` | Tạo group mới | ✅ |
+| `DELETE` | `/api/v1/groups/{id}` | Xóa group | ✅ |
+| `POST` | `/api/v1/groups/{id}/members` | Thêm thành viên | ✅ |
+| `DELETE` | `/api/v1/groups/{id}/members/{userId}` | Xóa thành viên | ✅ |
+
+### Access Requests (`/api/v1/access-requests`) - Phase 3A
+
+| Method | Endpoint | Mô Tả | Auth |
+|--------|----------|-------|------|
+| `POST` | `/api/v1/access-requests` | Tạo yêu cầu truy cập | ✅ |
+| `GET` | `/api/v1/access-requests` | Danh sách requests | ✅ |
+| `GET` | `/api/v1/access-requests/{id}` | Lấy request theo ID | ✅ |
+| `POST` | `/api/v1/access-requests/{id}/submit` | Submit request | ✅ |
+| `POST` | `/api/v1/access-requests/{id}/approve` | Phê duyệt | ✅ |
+| `POST` | `/api/v1/access-requests/{id}/reject` | Từ chối | ✅ |
+| `DELETE` | `/api/v1/access-requests/{id}` | Hủy request | ✅ |
+| `GET` | `/api/v1/access-requests/pending` | Requests đang chờ | ✅ |
+
+### Access Reviews (`/api/v1/access-reviews`) - Phase 3B
+
+| Method | Endpoint | Mô Tả | Auth |
+|--------|----------|-------|------|
+| `POST` | `/api/v1/access-reviews` | Tạo access review | ✅ |
+| `GET` | `/api/v1/access-reviews/{id}` | Lấy review theo ID | ✅ |
+| `POST` | `/api/v1/access-reviews/{id}/items` | Thêm item | ✅ |
+| `POST` | `/api/v1/access-reviews/{id}/start` | Bắt đầu review | ✅ |
+| `POST` | `/api/v1/access-reviews/{id}/items/{itemId}/review` | Certify/Revoke | ✅ |
+| `POST` | `/api/v1/access-reviews/{id}/complete` | Hoàn thành | ✅ |
+
+### Privileged Access (`/api/v1/privileged-access`) - Phase 3B PAM
+
+| Method | Endpoint | Mô Tả | Auth |
+|--------|----------|-------|------|
+| `POST` | `/api/v1/privileged-access/request` | Yêu cầu JIT access | ✅ |
+| `GET` | `/api/v1/privileged-access/active` | Grants đang active | ✅ |
+| `POST` | `/api/v1/privileged-access/{id}/revoke` | Thu hồi access | ✅ |
+
+### Audit (`/api/v1/audit`) - Phase 4A
+
+| Method | Endpoint | Mô Tả | Auth |
+|--------|----------|-------|------|
+| `GET` | `/api/v1/audit/logs` | Lấy audit logs (filtered) | ✅ |
+
+### Compliance (`/api/v1/compliance`) - Phase 4A
+
+| Method | Endpoint | Mô Tả | Auth |
+|--------|----------|-------|------|
+| `POST` | `/api/v1/compliance/reports` | Generate report | ✅ |
+| `GET` | `/api/v1/compliance/reports` | Danh sách reports | ✅ |
+| `GET` | `/api/v1/compliance/reports/{id}` | Report chi tiết | ✅ |
+| `POST` | `/api/v1/compliance/reports/{id}/complete` | Hoàn thành report | ✅ |
+| `GET` | `/api/v1/compliance/violations` | Violations chưa giải quyết | ✅ |
+
 ## Quy Trình Xác Thực
 
 ### Bước 1: Đăng Ký User Mới