Permission Sets REST API
This function allows modifying permission sets with the SCIM API when creating and modifying roles.
The API version supported by HID Authentication Service is
Previous versions of the API are also supported with the corresponding functionality.
Method Details
HTTPS Method | Entity Action | Request URI | Description |
---|---|---|---|
Read |
/scim/{tenant}/v2/PermissionSets |
Get all permissions sets |
|
Read |
/scim/{tenant}/v2/PermissionSets/{uid} |
Get a permission set |
|
Replace |
/scim/{tenant}/v2/PermissionSets/{uid} |
Replace the permission set |
Get a Permission Set
[GET] /PermissionSets/{uid}
Where {uid} is the Permission Set Code.
Sample Response
{
"schemas": ["urn:hid:scim:api:idp:2.0:PermissionSet"],
"id": "FS_RLASG",
"meta": {
"resourceType": "PermissionSet",
"location": "https://[base-server-url]/scim/tenant/v2/PermissionSets/FS_RLASG",
"version": "1"
},
"permissionSetItems": [
{
"schemas": ["urn:hid:scim:api:idp:2.0:PermissionSetItem"],
"id": "M_U_ROLES",
"parameter": "RL_DEVADM|RL_SYSTEM|RL_RFE|RL_USERADM|RL_AUDITV|RL_CONFIG|RL_HELPDSK|RL_SUSRADM|RL_SADMIN|RL_STPADM|RL_SSPADM|RL_RGWADM|RL_CFGMGR"
},
{
"schemas": ["urn:hid:scim:api:idp:2.0:PermissionSetItem"],
"id": "R_ROLE",
"parameter": "RL_DEVADM|RL_SYSTEM|RL_RFE|RL_USERADM|RL_AUDITV|RL_CONFIG|RL_HELPDSK|RL_SUSRADM|RL_SADMIN|RL_STPADM|RL_SSPADM|RL_RGWADM|RL_CFGMGR"
}
],
"name": "Roles Assignment Functions",
"resourceType": "GROUP"
}
Replace a Permission Set
[PUT] /PermissionSets/{uid}
Where {uid} is the Permission Set Code.
Accept: application/scim+json
Sample Request
{
"schemas": ["urn:hid:scim:api:idp:2.0:PermissionSet"],
"permissionSetItems": [
{
"id": "M_U_ROLES",
"parameter": "RL_DEVADM|RL_SYSTEM|RL_RFE|RL_USERADM|RL_AUDITV|RL_CONFIG|RL_HELPDSK|RL_SUSRADM|RL_SADMIN|RL_STPADM|RL_SSPADM|RL_RGWADM|RL_CFGMGR|NEWROLE"
},
{
"id": "R_ROLE",
"parameter": "RL_DEVADM|RL_SYSTEM|RL_RFE|RL_USERADM|RL_AUDITV|RL_CONFIG|RL_HELPDSK|RL_SUSRADM|RL_SADMIN|RL_STPADM|RL_SSPADM|RL_RGWADM|RL_CFGMGR|NEWROLE"
}
]
}
In this example, the Modify User Roles and Read Role permissions are assigned to the NEWROLE role.
Sample Response
{
"schemas": ["urn:hid:scim:api:idp:2.0:PermissionSet"],
"id": "FS_RLASG",
"meta": {
"resourceType": "PermissionSet",
"location": "https://[base-server-url]/scim/tenant/v2/PermissionSets/FS_RLASG",
"version": "1"
},
"permissionSetItems": [
{
"schemas": ["urn:hid:scim:api:idp:2.0:PermissionSetItem"],
"id": "M_U_ROLES",
"parameter": "RL_DEVADM|RL_SYSTEM|RL_RFE|RL_USERADM|RL_AUDITV|RL_CONFIG|RL_HELPDSK|RL_SUSRADM|RL_SADMIN|RL_STPADM|RL_SSPADM|RL_RGWADM|RL_CFGMGR|NEWROLE"
},
{
"schemas": ["urn:hid:scim:api:idp:2.0:PermissionSetItem"],
"id": "R_ROLE",
"parameter": "RL_DEVADM|RL_SYSTEM|RL_RFE|RL_USERADM|RL_AUDITV|RL_CONFIG|RL_HELPDSK|RL_SUSRADM|RL_SADMIN|RL_STPADM|RL_SSPADM|RL_RGWADM|RL_CFGMGR|NEWROLE"
}
],
"name": "Roles Assignment Functions",
"resourceType": "GROUP"
}