You are right with mySubOrganization = "Org:Sub" that's principal, por principalType you should write "OrganizationalUnit"
Documented? I don't remember where I found it or I may did just try/fail.
- This document resumes it all the resources: https://support.ptc.com/appserver/cs/view/solution.jsp?n=CS232833&art_lang=en&posno=1&q=documentation%20thingworx&source…
You can see what options exist for the parameters expected in a given service through the service definitions of that thing.
In your case this is the link where you would find the possible values for the AddVisibilityPermission service parameters
This is an example of an Visibility Permission with the help of REST:
instanceURL+"/Thingworx/DataShapes/DataShape1/Services/AddVisibilityPermission?principal="+Organization_Name +"&principalType=Organization&method=post" /* STRING */,
where instanceURL is an input into your service where you can set your hostname(for ex: http://localhost)
and Organization_Name is another input where you can set the organization for which you want to add the Visibility Permission on this entity(in this case the DataShape1 Data Shape), you can either put an input or you have just one organization and don't want to use this for any other visibility permissions you can just type the name of the organization(for ex, if you want to to grant Visibility Permissions on local instance for DataShape1 for an Test_Org organization the request will be: "http://localhost/Thingworx/DataShapes/DataShape1/Services/AddVisibilityPermission?principal=Test_Org&principalType=Organization&method=post" /* STRING */,
Hope this helped,