Book Creator
 Add this page to your book
Book Creator
 Remove this page from your book  

 Manage book(0 page(s))
 Help

# Role REST endpoint This is a basic endpoint that allows role management in CzechIdM. The role of identity can assign system authorities, accounts on end systems. On the other hand, the role can be assigned identity based on the inclusion of an identity in the organizational structure (automatic roles).

  • REST endpoint /api/v1/roles
  • Role supported extended attributes (EAV model)

# Supports

  • Basic CRUD operations (Creating, Reading, Updating, Deleting) and searching.
  • Returns authorities (/authorities). Authority roles define what the role is potentially allowed.
  • This endpoint also allows you to manage extended role attributes (EAV).
If you want to use the REST API, you must be logged in. The easiest way is to use Basic authentication directly in request "- u admin: admin".

# API TODO: Swagger

# Examples

## Getting role authorities Authority roles define what the role is potentially allowed. For example, if the role returns to the IDENTITY_READ authority, it means that the user with this role will see tab Users in the GUI. However, the authorities do not guarantee that the user will see other users as such. This is the task of permissions evaluators.

### Request: ``` curl -u admin:admin 'http://localhost:8080/idm-backend/api/v1/roles/userRole/authorities'

```

### Response: 

[  
   {  
      "authority":"IDENTITY_READ"
   },
   {  
      "authority":"IDENTITY_PASSWORDCHANGE"
   },
   {  
      "authority":"ROLE_AUTOCOMPLETE"
   },
   {  
      "authority":"CONTRACTGUARANTEE_ADMIN"
   },
   {  
      "authority":"IDENTITYCONTRACT_ADMIN"
   },
   {  
      "authority":"IDENTITYROLE_ADMIN"
   },
   {  
      "authority":"IDENTITY_AUTOCOMPLETE"
   }
]
  • (external edit)