Querying Permissions of a User Group Under a Domain¶

Function¶

This API is used to query the permissions of a user group under a domain. A role is a set of permissions and represents a group of actions.

URI¶

URI format
GET /v3/domains/{domain_id}/groups/{group_id}/roles
URI parameters
Parameter
Mandatory
Type
Description
domain_id
Yes
String
Domain ID.
group_id
Yes
String
User group ID.

Parameter	Mandatory	Type	Description
domain_id	Yes	String	Domain ID.
group_id	Yes	String	User group ID.

Request Parameters¶

Parameters in the request header
Parameter
Mandatory
Type
Description
X-Auth-Token
Yes
String
Authenticated token with the Security Administrator permission.

Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Authenticated token with the Security Administrator permission.

Example request

curl -i -k -H "X-Auth-Token:$token" -H 'Content-Type:application/json;charset=utf8' -X GET https://sample.domain.com/v3/domains/d54061ebcb5145dd814f8eb3fe9b7ac0/groups/47d79cabc2cf4c35b13493d919a5bb3d/roles

Response Parameters¶

Parameters in the response body
Parameter
Mandatory
Type
Description
links
Yes
Dict
Role resource link of a specified user group under a domain.
roles
Yes
Array
Role of a specified user group under a domain.

Parameter	Mandatory	Type	Description
links	Yes	Dict	Role resource link of a specified user group under a domain.
roles	Yes	Array	Role of a specified user group under a domain.

Role parameter description

Parameter	Mandatory	Type	Description
id	Yes	String	ID of a role of a specified user group under a domain.
links	Yes	Dict	Role resource link.
name	Yes	String	Name of a role.
domain_id	Yes	String	ID of the domain to which a role belongs.
type	Yes	String	Display mode of a role. AX: A role is displayed at the domain layer. XA: A role is displayed at the project layer. AA: A role is displayed at both the domain and project layers. XX: A role is not displayed at the domain or project layer.
display_name	No	String	Displayed name of a role.
catalog	No	String	Directory where a role locates.
policy	No	Dict	Policy of a role.
description	No	String	Description of a role.

Example response

{
  "links": {
    "self": "https://sample.domain.com/v3/domains/d54061ebcb5145dd814f8eb3fe9b7ac0/groups/47d79cabc2cf4c35b13493d919a5bb3d/roles",
    "previous": null,
    "next": null
  },
  "roles": [
    {
      "display_name": "Security Administrator",
      "description": "Security Administrator",
      "links": {
        "self": "https://sample.domain.com/v3/roles/005cf92cfd364105afaa5df2eec25012"
      },
      "domain_id": null,
      "name": "secu_admin",
      "type": "AX",
      "catalog": "BASE",
      "policy": {
        "Version": "1.0",
        "Statement": [
          {
            "Action": [
              "identity:*"
            ],
            "Effect": "Allow"
          }
        ]
      },
      "id": "005cf92cfd364105afaa5df2eec25012"
    },
    {
      "display_name": "Agent Operator",
      "description": "Agent Operator",
      "links": {
        "self": "https://sample.domain.com/v3/roles/d160d30477c642a486ad10e3b4d9820f"
      },
      "domain_id": null,
      "name": "te_agency",
      "type": "AX",
      "catalog": "IAM",
      "policy": {
        "Version": "1.0",
        "Statement": [
          {
            "Action": [
              "identity:assume role"
            ],
            "Effect": "Allow"
          }
        ]
      },
      "id": "d160d30477c642a486ad10e3b4d9820f"
    }
  ]
}

Status Codes¶

Status Code	Description
200	The request is successful.
400	The server failed to process the request.
401	Authentication failed.
403	Access denied.
404	The requested resource cannot be found.

last updated: 2024-11-08 14:24 UTC - commit: 2d5e2c1f97c685df3090da66769505f099a4c992