CSS-9400/add doc for rebac (#61)

* add doc for rebac admin

.custom_wordlist.txt

@@ -4,6 +4,7 @@ API
 APIs
 auditability
 aws
+Backend
 balancer
 certbot
 Charmhub
@@ -71,6 +72,7 @@ observability
 OEM
 OIDC
 OLM
+OpenAPI
 OpenFGA
 OpenID
 OpenLDAP

reference/index.rst

@@ -10,3 +10,4 @@ Reference
    Supported Juju Versions <juju_required_version>
    Authorisation Model <authorisation_model>
    Authorisation Data <authorisation_data>
+   ReBAC Admin Backend <rebac_admin_backend>

reference/rebac_admin_backend.rst

@@ -0,0 +1,35 @@
+ReBAC Admin Backend
+=======================
+
+The ReBAC Admin API is a REST API that provides various endpoints to query or 
+manipulate relationships in JAAS ReBAC authorisation model.
+
+.. hint::
+    For an explanation on Relationship-Based Access Control (ReBAC) check out :doc:`this <../explanation/authorisation>` explanation topic.
+
+.. hint::
+    As a reference on JAAS authorisation model, check out :doc:`this <../reference/authorisation_model>` reference topic.
+
+OpenAPI specification
+---------------------
+The OpenAPI spec can be found at this ``https://<jimm-deployment>/rebac/v1/swagger.json``
+
+Authentication
+--------------
+These endpoints are meant to be called from a web browser, therefore the authentication is handled via Cookies.
+
+JAAS Implementation
+-------------------
+
+JAAS implements a subset of the operations described in the OpenAPI spec. 
+
+ ====== ================ =========================================================================
+ Status Entities         Notes
+ ====== ================ =========================================================================
+   ✅   ``entitlements``     
+   ✅   ``capabilities`` 
+   ✅   ``groups``     
+   ✅   ``resources``     
+   🟡   ``identities``    no support for creation, update and deletion.
+   ❌   ``roles``         no support for roles.
+ ====== ================ =========================================================================