Assign Users to a Predefined Role or Application Role
This API assigns users included in an ANSI or UTF-8 encoded CSV file to a pre-defined or application role. Use this API to assign users to a pre-defined role or to assign a user with roles belonging to a planning, consolidation, tax reporting, or data management application.
Only Service Administrators who are also assigned to the Identity Domain Administrator role in the identity domain where users are to be assigned roles can run this command to assign users to pre-defined roles. Only a Service Administrator can run this command to assign users to application roles. To assign a user to an application role, that user should already have a pre-defined role assigned to them.
Use double quotation marks to enclose role names that contain space characters in the CSV file. The CSV file should not include the account of the user who executes this command. Before using this API, use the Upload REST API to upload files to the environment. The file should be deleted after the API executes.
The file format is as follows:
User Login
jane.doe@example.com
jdoe
The API is asynchronous and returns the Job ID. The presence of status -1 in the response indicates that assigning users is in progress. Use the job status URI to determine whether the assignment of roles is complete. Any non-zero status except -1 indicates failure of assigning users.
This API is version v1.
Table 8-8 Tasks for Assign Users to Predefined Roles
Task | Request | REST Resource |
---|---|---|
Assign role | PUT | /interop/rest/security/<api_version>/users |
Assign role status | GET | /interop/rest/security/<api_version>/jobs/<jobid> |
REST Resource
PUT /interop/rest/security/<api_version>/users
Supported Media Types: application/json
Parameters:
The following table summarizes the PUT request parameters.
Table 8-9 Parameters
Name | Description | Type | Required | Default |
---|---|---|---|---|
api_version |
Specific API version | Path | Yes | None |
jobtype |
ASSIGN_ROLE | Path | Yes | None |
filename |
The name of the ANSI or UTF-8 encoded CSV file containing the login IDs of the users whose role assignment is to be modified, such as |
Form | Yes | None |
rolename |
The name of a pre-defined role applicable to the service. An incorrect role name will result in an error. ROLE identifies one of the following:
For a description of these roles, see Managing Role Assignments at the Application Level in Administering Access Control for Oracle Enterprise Performance Management Cloud. |
Form | Yes | None |
Response
Supported Media Types: application/json
Parameters:
Table 8-10 Parameters
Name | Description |
---|---|
details |
In the case of errors, details are published with the error string |
status |
See Migration Status Codes |
links |
Detailed information about the link |
href |
Links to API call or status API |
action |
The HTTP call type |
rel |
Possible values: self or Job Status . If the value is set to Job Status , you can use the href to get the status of the recreate service
|
data |
Parameters as key value pairs passed in the request |
items |
Details about the resource |
links |
Details of the first URL to be requested to get the job details; rel is "Job Details" |
Example of Response Body in JSON format
Example 1, when the job is in progress:
{
"links": [
{
"rel": "self",
"href": "https://<SERVICE_NAME>-<TENANT_NAME>.<SERVICE_TYPE>.<dcX>.oraclecloud.com/interop/rest/security/<api_version>/users”,
"data": {
"jobType": "ASSIGN_ROLE",
"filename": "<filename>",
"rolename": "<rolename>"
},
"action": "PUT"
},
{
"rel": "Job Status",
"href": "https://<SERVICE_NAME>-<TENANT_NAME>.<SERVICE_TYPE>.<dcX>.oraclecloud.com/interop/rest/security/<api_version>/jobs/<jobid>",
"data": null,
"action": "GET"
}
],
"details": null,
"status": -1,
"items": null
}
Example 2, when the job completes with errors
{
"links": [
{
"rel": "self",
"href": "https://<SERVICE_NAME>-<TENANT_NAME>.<SERVICE_TYPE>.<dcX>.oraclecloud.com/interop/rest/security/<api_version>/jobs/<jobid>",
"data": null,
"action": "GET"
}
],
"details": " Failed to assign role for users. File <filename> is not found. Please provide a valid file name.",
"status": 1,
"items": null
}
Example 3, when the job completes without errors
{
"links": [
{
"rel": "self",
"href": "https://<SERVICE_NAME>-<TENANT_NAME>.<SERVICE_TYPE>.<dcX>.oraclecloud.com/interop/rest/security/<api_version>/jobs/<jobid>",
"data": null,
"action": "GET"
}
],
"details": "Processed - 3, Succeeded - 2, Failed - 1.",
"status": 0,
"items": null
}
Example 8-3 Java Sample Code
Prerequisites: json.jar
Common Functions: See CSS Common Helper Functions for Java.
public void assignRole(String fileName, String roleName) {
try {
String url = this.serverUrl + "/interop/rest/security/" + apiVersion + "/users";
Map<String, String> reqHeaders = new HashMap<String, String>();
reqHeaders.put("Authorization", "Basic " + DatatypeConverter
.printBase64Binary((this.userName + ":" + this.password).getBytes(Charset.defaultCharset())));
Map<String, String> reqParams = new HashMap<String, String>();
reqParams.put("filename", fileName);
reqParams.put("jobtype", "ASSIGN_ROLE");
reqParams.put("rolename", roleName);
Map<String, String> restResult = CSSRESTHelper.callRestApi(new HashMap(), url, reqHeaders, reqParams,
"PUT");
String jobStatus = CSSRESTHelper.getCSSRESTJobCompletionStatus(restResult, reqHeaders);
System.out.println(jobStatus);
} catch (Exception e) {
e.printStackTrace();
}
}
Example 8-4 Shell Script Sample Code
Prerequisites: jq (http://stedolan.github.io/jq/download/linux64/jq)
Common Functions: See CSS Common Helper Functions for cURL.
funcAssignRole() {
url="$SERVER_URL/interop/rest/security/$API_VERSION/users"
params="filename=$1&jobtype=ASSIGN_ROLE&rolename=$2"
header="Content-Type: application/x-www-form-urlencoded;charset=UTF-8"
cssRESTAPI="AssignRole"
statusMessage=$(funcCSSRESTHelper "PUT" "$url" "$header" "$USERNAME" "$PASSWORD" "$params" "$cssRESTAPI")
echo $statusMessage
}
Groovy Sample Code
Common Functions: See CSS Common Helper Functions for Groovy.
def assignUsersRoles(fileName, roleName) {
String scenario = "Assigning users in " + fileName + " with role " + roleName;
String params = "jobtype=ASSIGN_ROLE&filename="+ fileName +"&rolename="+ roleName;
def url = null;
def response = null;
try {
url = new URL(serverUrl + "/interop/rest/security/" + apiVersion + "/users");
} catch (MalformedURLException e) {
println "Please enter a valid URL"
System.exit(0);
}
response = executeRequest(url, "PUT", params, "application/x-www-form-urlencoded");
if (response != null) {
getJobStatus(getUrlFromResponse(scenario, response, "Job Status"), "GET");
}
}