Syntax for Displaying all Roles Assigned to a User
GET /api/authorization/tenants/{tenantId}/principals/{principalId}/roles displays all of the roles assigned to a user.
Input
Use the supported input parameters to control the command output.
| Parameter | Description |
|---|---|
| URL | https://$vRA/identity/api/authorization/tenants/$tenantId/principals/$principalId/roles |
| $vRA |
Specifies the appliance name and fully qualified domain name, or IP address of the vRealize Automation server. |
| $token |
Specifies a valid HTTP bearer token with necessary credentials. |
| $tenantId |
Specifies the ID of the tenant. |
| principalId | Specifies the ID of the user in the form name@domain. |
Output
The command output contains property names and values based on the command input parameters.
| Parameter | Description |
|---|---|
| id | Specifies the role ID. |
| name | Specifies the role name. |
| description | Specifies the role description. |
| status | Specifies the status of this role. |
| assignedPermissions | Specifies the set of permissions that are implied by this role assignment. |
curl Command to Display all Roles Assigned to a User
The following example command
lists all the roles that are assigned to
tony@example.mycompany.com.
curl --insecure -H "Content-Type: application/json" -H "Authorization: Bearer $token" https://$vRA/identity/api/authorization/tenants/development/principals/[email protected]/roles
The following JSON output is returned based on the command input.
{
"links" : [ ],
"content" : [
{
"@type" : "SystemRole",
"id" : "ABX_TENANT_ADMIN",
"name" : "Tenant Administrator",
"description" : "ABX Tenant Administrator",
"assignedPermissions" : [ {
"id" : "CATALOG_CONSUME_TENANT_MGMT",
"name" : "Catalog Consume Tenant Management",
"description" : "Consume services, resources and manage requests ... within a Tenant",
"prereqAdminPermissions" : null
},
{
"id" : "MY_TENANT_MANAGEMENT",
"name" : "My Tenant Management",
"description" : "Manage my tenant.",
"prereqAdminPermissions" : null
},
{
"id" : "CATALOG_AUTHOR_TENANT",
"name" : "Catalog Tenant-level Author",
"description" : "Create, update and publish services, catalog ... across a Tenant.",
"prereqAdminPermissions" : null
},
{
"id" : "GUI_MY_TENANT_MANAGEMENT",
"name" : "My Tenant Administration User Interface",
"description" : "Access my tenant administration GUI.",
"prereqAdminPermissions" : null
},
{
"id" : "CATALOG_ENTITLE_TENANT",
"name" : "Catalog Tenant-level Entitlement Management",
"description" : "Entitle services, catalog items and actions ... users within a tenant.",
"prereqAdminPermissions" : null
},
{
"id" : "FILE_EDIT_TENANT",
"name" : "Manage Tenant Files",
"description" : "Upload and delete files belonging to this tenant.",
"prereqAdminPermissions" : null
},
{
"id" : "TENANT_USER_DATA_MANAGEMENT",
"name" : "Manage user data (requests, items, tasks etc) within a tenant.",
"description" : "Manage user created objects belonging to the tenant.",
"prereqAdminPermissions" : null
},
{
"id" : "TENANT_ADMIN_ROLE_ASSIGNMENT",
"name" : "Tenant Administrator Role Assignment",
"description" : "Assign the tenant administrator role to other users.",
"prereqAdminPermissions" : null
},
{
"id" : "GUI_MY_TENANT_TUG_MANAGEMENT",
"name" : "My Tenant Identity Stores, Groups and Users Administration User Interfaces",
"description" : "Access my tenant identity stores, groups ... users administration GUIs.",
"prereqAdminPermissions" : null
}
],
"metadata" : {
"size" : 20,
"totalElements" : 1,
"totalPages" : 1,
"number" : 1,
"offset" : 0
}
}