Get grants that can be issued to role members
/apiplatform/administration/v1/roles/{roleId}/grants
Returns all grants that can be issued to members of the {roleId}
role. By default, the grantType for each grant is returned. Additional fields can be returned by sending any of these field names, separated by commas, in the fields
query parameter: grantDescription
, grantResource
, and permissions
. If returning permissions, you can also return descriptions for each permission by sending description
.
The response also contains HATEOAS links to related operations.
Users accessing this resource must be assigned the Administrator role.
Request
- application/json
-
roleId: string
A unique ID referencing a specific role.
-
fields(optional): array
Collection Format:
csv
Pass optional fields, separated by commas, in this parameter to return them in the response. See the operation's description for a list of field values. - links(optional): array
Response
- application/json
200 Response
object
-
items(optional):
array items
A collection of grants that can be issued to members of a role.
object
-
count(optional):
integer(int32)
The number of items in this collection.
object
-
links(optional):
array links
Includes 'canonical'.
array
object
-
grantDescription(optional):
string
A description of the grant.
-
grantResource(optional):
string
The resource type of the grant (like API or gateway).
-
grantType:
string
The grant type.
-
permissions(optional):
array permissions
object
-
description(optional):
string
A description of the actions the permission enables.
-
name:
string
The name of the permission.
object
-
href(optional):
string
Link href.
-
method(optional):
string
HTTP Operation GET, POST, PUT
-
rel(optional):
string
Link relation.
400 Response
object
-
detail(optional):
string
Detailed error message
-
errorCode(optional):
string
Application specific error code
-
errorDetails(optional):
array errorDetails
additional errors
-
errorPath(optional):
string
-
instance(optional):
string
URI to the link that provides more detail about the error
-
status(optional):
string
HTTP status code
-
title:
string
Summary error message
-
type:
string
Error type
403 Response
object
-
detail(optional):
string
Detailed error message
-
errorCode(optional):
string
Application specific error code
-
errorDetails(optional):
array errorDetails
additional errors
-
errorPath(optional):
string
-
instance(optional):
string
URI to the link that provides more detail about the error
-
status(optional):
string
HTTP status code
-
title:
string
Summary error message
-
type:
string
Error type
500 Response
object
-
detail(optional):
string
Detailed error message
-
errorCode(optional):
string
Application specific error code
-
errorDetails(optional):
array errorDetails
additional errors
-
errorPath(optional):
string
-
instance(optional):
string
URI to the link that provides more detail about the error
-
status(optional):
string
HTTP status code
-
title:
string
Summary error message
-
type:
string
Error type
Examples
The following example shows how to retrieve all grants that can be issued to users or groups assigned a specific role in Oracle API Platform Cloud Service by submitting a GET request on the REST resource using cURL. For more information about cURL, see Use cURL.
curl -i -X GET -u apicsadmin:password https://example.com/apiplatform/administration/v1/roles/APIManager/grants
You can pass the following optional field values in the fields
query parameter, separated by commas, to include them in the response:
-
grantDescription
: a description of the grant. -
grantResource
: the resource type of the grant (like API or gateway). -
permissions
: the name of the permission. -
description
: a description of the actions the permission enables.
The following example shows you how to include some of these fields in the response:
curl -i -X GET -u apicsadmin:password https://example.com/apiplatform/administration/v1/roles/APIManager/grants?fields=permisions,description
Example of Response Headers
The following shows an example of the response headers.
HTTP/1.1 200 OK Server: Oracle-Traffic-Director/12.2.1.0.0 Date: Mon, 02 Jan 2017 13:57:28 GMT Content-length: 749 Content-type: application/json X-oracle-dms-ecid: iTxCY0P1S00000000 X-oracle-dms-rid: 0:1 Via: 1.1 otd_opc Proxy-agent: Oracle-Traffic-Director/12.2.1.0.0
Example of Response Body
The following example shows the contents of the response body for a request without additional properties passed in the fields
query parameter in JSON format, including information about all grants that can be issued to users or groups assigned this role and HATEOAS links to related operations.
{ "count": 13, "links": [ { "templated": "true", "method": "GET", "rel": "canonical", "href": "https://example.com:443/apiplatform/administration/v1/roles/APIManager/grants" }, { "templated": "true", "method": "GET", "rel": "self", "href": "https://example.com:443/apiplatform/administration/v1/roles/APIManager/grants" } ], "items": [ { "grantType": "Manage API" }, { "grantType": "View all details" }, { "grantType": "Deploy API" }, { "grantType": "View public details" }, { "grantType": "View all details" }, { "grantType": "Deploy to Gateway" }, { "grantType": "Request Deployment to Gateway" }, { "grantType": "Manage Application" }, { "grantType": "Manage the plan" }, { "grantType": "View all details" }, { "grantType": "View public details" }, { "grantType": "Register" }, { "grantType": "Request registration" } ] }
Example of Response Body
The following example shows the contents of the response body for a request when passing the permissions
and description
properties in the fields
query parameter in JSON format, including information about all grants that can be issued to users or groups assigned this role and HATEOAS links to related operations.
{ "count": 13, "links": [ { "templated": "true", "method": "GET", "rel": "canonical", "href": "https://example.com:443/apiplatform/administration/v1/roles/APIManager/grants" }, { "templated": "true", "method": "GET", "rel": "self", "href": "https://example.com:443/apiplatform/administration/v1/roles/APIManager/grants" } ], "items": [ { "permissions": [ { "name": "Modify Lifecycle State", "description": "Changes the lifecycle state of the API" }, { "name": "Edit Public Properties", "description": "Modify the Public details of an API (e.g. a doc person)" }, { "name": "View history", "description": "View the history of updates made to the API." }, { "name": "Suspend", "description": "Suspend a deployed API on a gateway" }, { "name": "Modify Publish State", "description": "Publish the API to the developer portal or remove it from the portal" }, { "name": "Grant Deploy API", "description": "Give a gateway manager permission to deploy this API (issue the DeployAPIGrant grant)" }, { "name": "Grant Manage API", "description": "Give another APIManager the permission to manage this API (issue the ManageAPI grant)" }, { "name": "Undeploy", "description": "Undeploy this API to a gateway. The user also needs the appropriate permission on the Gateway resource" }, { "name": "Grant View All Details", "description": "Give another user permission to view the API's (full) details. (issue the ViewAllDetailsAPIGrant grant)" }, { "name": "Grant View Public Details", "description": "Give another user permission to view the API's public details in the Developer Portal (issue the ViewPublicDetailsAPIGrant grant)" }, { "name": "Resume", "description": "Resume a deployed API on a gateway" }, { "name": "Delete", "description": "Delete an API" }, { "name": "View Public Details", "description": "View data meant for external consumption (primarily for Developer Portal use)" }, { "name": "Deploy", "description": "Deploy or request deployment for this API to a gateway. The user also needs the appropriate permission on the Gateway resource" }, { "name": "View All Details", "description": "View all data about the API" }, { "name": "Edit", "description": "Modify the API" } ], "grantType": "Manage API" }, { "permissions": [ { "name": "View Public Details", "description": "View data meant for external consumption (primarily for Developer Portal use)" }, { "name": "View All Details", "description": "View all data about the API" }, { "name": "View history", "description": "View the history of updates made to the API." } ], "grantType": "View all details" }, { "permissions": [ { "name": "Deploy", "description": "Deploy or request deployment for this API to a gateway. The user also needs the appropriate permission on the Gateway resource" }, { "name": "Suspend", "description": "Suspend a deployed API on a gateway" }, { "name": "Undeploy", "description": "Undeploy this API to a gateway. The user also needs the appropriate permission on the Gateway resource" }, { "name": "Resume", "description": "Resume a deployed API on a gateway" } ], "grantType": "Deploy API" }, { "permissions": [ { "name": "View Public Details", "description": "View data meant for external consumption (primarily for Developer Portal use)" } ], "grantType": "View public details" }, { "permissions": [ { "name": "View History", "description": "View the history of updates made to the Gateeway" }, { "name": "View All Details", "description": "View all data about the gateway" } ], "grantType": "View all details" }, { "permissions": [ { "name": "Deploy", "description": "Deploy an API to this Gateway" }, { "name": "Request Deploy", "description": "Request an API be deployed to this Gateway. Someone with GatewayDeploy needs to do the actual Deploy" } ], "grantType": "Deploy to Gateway" }, { "permissions": [ { "name": "Request Deploy", "description": "Request an API be deployed to this Gateway. Someone with GatewayDeploy needs to do the actual Deploy" } ], "grantType": "Request Deployment to Gateway" }, { "permissions": [ { "name": "View History", "description": "View the history of updates made to the Application" }, { "name": "Resume", "description": "Resume an application" }, { "name": "Grant View All Details", "description": "Give someone the ViewAllDetailsApplicationGrant" }, { "name": "Suspend", "description": "Suspend an application" }, { "name": "Unregister", "description": "Unregister an application from an API" }, { "name": "Issue an Application Key", "description": "Issues a new application key" }, { "name": "Grant Manage Application", "description": "Give someone else the ManageApplicationGrant so they can modify this application (issue the ManageApplicationGrant grant)" }, { "name": "Delete", "description": "Delete this Application" }, { "name": "Edit", "description": "Modify the properties of an application" }, { "name": "View All Details", "description": "View the properties of an Application and analytics" }, { "name": "Register", "description": "Register or request an application registration to an API" } ], "grantType": "Manage Application" }, { "permissions": [ { "name": "Grant Register", "description": "Give an Application Developer the ability to register and application for this plan (issue the RegisterApplicationForPlanGrant grant)" }, { "name": "View All Details", "description": "View all details of the plan" }, { "name": "Edit", "description": "Edit all properties of the plan" }, { "name": "Grant Request Registration", "description": "Give an Application Developer the ability to request an application be registered for this plan (issue the RequestRegisterApplicationForPlanGrant)" }, { "name": "Modify Publish State", "description": "Modify the publish state of the plan" }, { "name": "Request Register Application", "description": "Request an application be registered for use" }, { "name": "Grant View All Details", "description": "Give another user the ability to view all properties of the plan" }, { "name": "Delete", "description": "Delete the plan" }, { "name": "Edit Public Details", "description": "Edit the public properties of the plan. " }, { "name": "Grant Manage Plan", "description": "Give another API Manager the ability to manage this plan (issue the ManagePlanGrant)" }, { "name": "View Public Details", "description": "View information available to ApplicationDevelopers in the Development portal" }, { "name": "Register Application", "description": "Register an Application to have access to an API. No approval needed." }, { "name": "View History", "description": "View the history of updates made to the Plan" }, { "name": "Grant Public Details", "description": "Give another user the ability to view the plan in the developer portal (issue the ViewPublicDetailsforPlanGrant grant)" }, { "name": "Approve Registration", "description": "Approve a request to register and application to use a Plan" } ], "grantType": "Manage the plan" }, { "permissions": [ { "name": "View All Details", "description": "View all details of the plan" }, { "name": "View Public Details", "description": "View information available to ApplicationDevelopers in the Development portal" }, { "name": "View History", "description": "View the history of updates made to the Plan" } ], "grantType": "View all details" }, { "permissions": [ { "name": "View Public Details", "description": "View information available to ApplicationDevelopers in the Development portal" } ], "grantType": "View public details" }, { "permissions": [ { "name": "View Public Details", "description": "View information available to ApplicationDevelopers in the Development portal" }, { "name": "Register Application", "description": "Register an Application to have access to an API. No approval needed." } ], "grantType": "Register" }, { "permissions": [ { "name": "Request Register Application", "description": "Request an application be registered for use" }, { "name": "View Public Details", "description": "View information available to ApplicationDevelopers in the Development portal" } ], "grantType": "Request registration" } ] }