Roles REST API

The Roles endpoint allows creating and managing roles that can be mapped to a permission set.

For the attributes of the base resource type, see section urn:hid:scim:api:idp:2.0:Role.

Method Details

HTTPS Method Entity Action Request URI Description

GET

Read

/scim/{tenant}/v2/Roles

Get the list of all roles

GET

Read

/scim/{tenant}/v2/Roles/{uid}

Get a role

POST

Create

/scim/{tenant}/v2/Roles

Create a role

DELETE

Delete

/scim/{tenant}/v2/Roles/{uid}

Delete a role

Required Permissions

Function Required Permissions

GET

  • Read role

GET ALL

  • Read reference data

CREATE

  • Create role

DELETE

  • Delete role

Get a List of Roles

[GET] /Roles

This endpoint will return all existing roles within the tenant.

Copy

Sample Request URI

[GET] /scim/{tenant}/v2/Roles/RL_AUDITV
Copy

Sample Response

{
   "schemas": ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
   "totalResults": 13,
   "resources": [
{
   "schemas": ["urn:hid:scim:api:idp:2.0:Role"],
   "id": "RL_AUDITV",
   "meta": {
      "resourceType": "Role",
      "location": "https://[base-server-url]/scim/tenant/v2/Policy/Roles/RL_AUDITV",
      "version": "1"
   },
   "name": "Audit Viewer"
},
 
< truncated output >
 
 
{
   "schemas": ["urn:hid:scim:api:idp:2.0:Role"],
   "id": "RL_CFGMGR",
   "meta": {
      "resourceType": "Role",
      "location": "https://[base-server-url]/scim/tenant/v2/Policy/Roles/RL_CFGMGR",
      "version": "1"
   },
   "name": "Configuration Manager"
   }
 
}

Create a Role

[POST] /Roles

Accept: application/scim+json

Copy

Sample Request URI

[POST] /scim/{tenant}/v2/Roles
Copy

Sample Request

{
    "id": "RL_1",
    "name": "role 1",
    "description": "my new role"
}
Copy

Sample Response

{
    "schemas": ["urn:hid:scim:api:idp:2.0:Role"],
    "id": "RL_1",
    "meta": {
    "resourceType": "Role",
    "location": "https://[base-server-url]/scim/tenant/v2/Roles/RL_1",
    "version": "1"
    },
    "name": "role 1",
    "description": "my new role"
}

Get a Role

[GET] /Roles/{uid}

Where {uid} is the Role Code.

Copy

Sample Request URI

[GET] /scim/{tenant}/v2/Roles/RL_CONFIG
Copy

Sample Response

{
    "schemas": ["urn:hid:scim:api:idp:2.0:Role"],
    "id": "RL_CONFIG",
    "meta": {
    "resourceType": "Role",
    "location": "https://[base-server-url]/scim/tenant/v2/Roles/RL_CONFIG",
    "version": "1"
    },
    "name": "Configuration",
    "description": "Allows configuring User Repositories, OOB Delivery Gateways, Channels, and Authorization Profiles."
}

Delete a Role

All the delete endpoints follow the same standard pattern and can be reached through the following URL pattern:

Copy

Delete entity

DELETE https://[base-server-url]/scim/{tenant}/v2/ENTITY_TYPE/{id}

Accept: application/scim+json

Copy

Sample Response

HTTP/1.1 204 No content