A role is a set of rights/permissions assigned to users.
The REST API provides support for working with roles:
Creates a new role or updates an existing one. Requires administrator privileges.
/api/v1/role
POST
Authorization
, Content-Type: application/json
{
"name": "myRole",
"permissions": [...set of permissions...]
}
name
- the role’s name;permissions
- optional, the set of role’s permissions;Success response
Content-Type: application/json
{
"result": "CREATED",
"id": "..."
}
Returns an existing role.
/api/v1/role/${name}
GET
Authorization
Content-Type: application/json
{
"id": "...",
"name": "...",
"permissions": [...set of permissions...]
}
Deletes an existing role.
/api/v1/role/${name}
DELETE
Authorization
Success response
Content-Type: application/json
{
"result": "DELETED",
"ok": true
}
List all existing roles.
/api/v1/role
GET
Authorization
Content-Type: application/json
[
{
"id": "...",
"name": "...",
"permissions": [...set of permissions...]
}
]
Add or Remove LDAP groups to a Role. Requires administrator privileges.
/api/v1/role/${roleName}/ldapGroups?replace=${replace}
replace
: boolean, replace existing ldap groups mapped to a role, default is false;PUT
Authorization
, Content-Type: application/json
["group1", "group2",...]
Success response
Content-Type: application/json
{
"result": "UPDATED",
"ok": true
}
List LDAP groups for a role.
/api/v1/role/${roleName}/ldapGroups
GET
Authorization
Content-Type: application/json
[
"group1", "group2", ...
]