Send Docs Feedback

Note: Most user interface tasks can be performed in Edge Classic or the New Edge experience. For an overview, getting started topics, and release notes specific to the New Edge experience, see the docs.

User roles


API Platform Base Path: https://api.enterprise.apigee.com/v1/o/{org_name}

API Resource Path: /userroles
Roles for users in an organization on Apigee Edge.

User roles form the basis of role-based access in Apigee Edge.

Users are associated with one or more userroles. Each userrole defines a set of permissions (GET, PUT, DELETE) on RBAC resources (defined by URI paths).

A userrole is scoped to an organization.

To get a list of roles in an organization:

$ curl https://api.enterprise.apigee.com/v1/o/{org_name}/userroles -u myname:mypass

To view permissions for default orgadmin role:

$ curl https://api.enterprise.apigee.com/v1/o/{org_name}/userroles/orgadmin/permissions -u myname:mypass

To view permissions for default user role:

$ curl https://api.enterprise.apigee.com/v1/o/{org_name}/userroles/user/permissions -u myname:mypass

To view permissions for default businessuser role:

$ curl https://api.enterprise.apigee.com/v1/o/{org_name}/userroles/businessuser/permissions -u myname:mypass

To view permissions for default opsadmin role:

$ curl https://api.enterprise.apigee.com/v1/o/{org_name}/userroles/opsadmin/permissions -u myname:mypass
Add a user to a role Detail
/userroles/{role_name}/users?id={user_email}
Verb: POST
Description: Adds a user to a role
Media types:
application/octet-stream
Auth: Basic Auth
Add permissions for a resource to a user role Detail
/userroles/{role_name}/permissions
Verb: POST
Description: Associates permissions for a resource with a user role
Media types:
application/json
text/xml
Auth: Basic Auth
Add permissions for multiple resources to a user role Detail
/userroles/{role_name}/resourcepermissions
Verb: POST
Description: Adds multiple permissions to multiple resources simultaneously.
Media types:
application/json
text/xml
Auth: Basic Auth
Create a user role in an organization Detail
/userroles
Verb: POST
Description: Creates a role in an organization
Media types:
application/json
text/xml
Auth: Basic Auth
Delete a permission for a resource Detail
/userroles/{role_name}/permissions/{permission_name}?path={resource_path}
Verb: DELETE
Description: Removes a permission from a resource for the role specified
Auth: Basic Auth
Delete a user role Detail
/userroles/{role_name}
Verb: DELETE
Description: Deletes a role from an organization
Auth: Basic Auth
Get a role Detail
/userroles/{role_name}
Verb: GET
Description: Gets a role
Media types:
application/json
text/xml
Auth: Basic Auth
Get resource permissions for a specific role Detail
/userroles/{role_name}/permissions?path={resource_path}
Verb: GET
Description: Gets a list of permissions associated with the specified resource for a single resource
Media types:
application/json
text/xml
Auth: Basic Auth
Get users for a role Detail
/userroles/{role_name}/users
Verb: GET
Description: Returns a list of all system users associated with a role
Media types:
application/json
text/xml
Auth: Basic Auth
List permissions for a resource Detail
/userroles/{role_name}/permissions
Verb: GET
Description: Gets permissions for all resources associated with a user role
Media types:
application/json
text/xml
Auth: Basic Auth
List user roles Detail
/userroles
Verb: GET
Description: Gets a list of roles available to users in an organization
Media types:
application/json
text/xml
Auth: Basic Auth
Remove user membership in role Detail
/userroles/{role_name}/users/{user_email}
Verb: DELETE
Description: Removes a user from membership in a role
Auth: Basic Auth
Verify a user role's permission on a specific RBAC resource Detail
/userroles/{role_name}/permissions/{permission_name}?path={resource_path}
Verb: GET
Description: Verifies that a user role's permission on a specific resource exists
Media types:
application/json
text/xml
Auth: Basic Auth
Verify user role membership Detail
/userroles/{role_rame}/users/{user_email}
Verb: GET
Description: Verifies that a user is a member of a specific role
Media types:
application/json
text/xml
Auth: Basic Auth

 

Help or comments?