Assign Users to a Predefined Role or Granular Role (v2)

The Assign Users to a Predefined Role or Granular Role (v2) REST API assigns a pre-defined or a granular role to users provided in the REST API payload. To assign a user to a granular role, that user should already have a pre-defined role assigned to them.

This topic describes the simplified v2 version of this REST API. This version contains all parameters in the payload and does not require URL encoding while calling the REST APIs. This makes the v2 API easier to use.

The API is synchronous and returns the outcome of the operation in the response. Any non-zero status indicates that assigning users to roles failed. With this API, you can see which records failed and the reason why they failed, in addition to how many records passed and failed.

Required Roles

For predefined roles:

Service Administrator, or Identity Domain Administrator and any predefined role (Power User, User, or Viewer)

For granular roles:

Service Administrator or any predefined role and the Access Control - Manage granular role

REST Resource

PUT /interop/rest/security/v2/role/assign/user

Table 13-17 Tasks for Assign Users to Roles

Task	Request	REST Resource
Assign role	PUT	`/interop/rest/security/v2/role/assign/user`

Request

Supported Media Types: application/json

Table 13-18 Parameters

Name Description Type Required Default

Name	Description	Type	Required	Default
`rolename`	The name of a pre-defined or granular role applicable to the service. An incorrect role name will result in an error. To assign users to a pre-defined role, roleName should identify a pre-defined role applicable to the service. For a list of pre-defined roles for each business process, see Understanding Predefined Roles in Getting Started Guide for Administrators. To assign users to a granular role, roleName should identify a granular role listed in the Assign Roles tab of Access Control. For a description of these roles, see Granular Role Assignment Overview in Administering Access Control.	Payload	Yes	None
`users`	List of user login IDs of the users whose role assignment is to be modified.	Payload	Yes	None

rolename

The name of a pre-defined or granular role applicable to the service. An incorrect role name will result in an error.

To assign users to a pre-defined role, roleName should identify a pre-defined role applicable to the service.
For a list of pre-defined roles for each business process, see Understanding Predefined Roles in Getting Started Guide for Administrators.
To assign users to a granular role, roleName should identify a granular role listed in the Assign Roles tab of Access Control.
For a description of these roles, see Granular Role Assignment Overview in Administering Access Control.

Payload

Yes

None

users List of user login IDs of the users whose role assignment is to be modified. Payload Yes None

Example URL and Payload

https://<BASE-URL>/interop/rest/security/v2/role/assign/user

{
  	"rolename": "Service Administrator",
	"users": [
		{
			"userlogin": "jdoe"
        		},
        		{
      "userlogin": "chris"
        		}
    	]
}

Response

Supported Media Types: application/json

Table 13-19 Parameters

Name	Description
`links`	Detailed information about the link and HTTP call type
`status`	Identifies the status of the operation 0: Operation Success 1: Operation Failed
`error`	Detailed information about the error
`details`	Detailed status of the operation performed. Total number of records processed, succeeded, and failed and reason for why it failed.

Examples of Response Body

Example 1: Job Completes without Errors

{
	"links": {
    		"href": "https://<BASE-URL>/interop/rest/security/v2/role/assign/user",
    		"action": "PUT"
	},
	"status": 0,
	"error": null,
	"details": {
		"processed": 3,
		"succeeded": 3,
		"failed": 0,
		"faileditems": null
	}
}

Example 2: Job Completes with Errors

{
	"links": {
    		"href": "https://<BASE-URL>/interop/rest/security/v2/role/assign/user",
    		"action": "PUT"
	},
	"status": 1,
	"error": {
		"errorcode": "EPMCSS-21000",
		"errormessage": "Failed to assign role. Invalid role name <rolename>. Please provide a valid role name."
	},
	"details": null
}

Example 3: Job Completes with Partial Errors

{
	"links": {
    		"href": "https://<BASE-URL>/interop/rest/security/v2/role/assign/user",
    		"action": "PUT"
	},
	"status": 0,
	"error": null,
	"details": {
		"processed": 5,
		"succeeded": 3,
		"failed": 2,
		"faileditems": 
		[
			{
				"userlogin": "jdoe",
				"errorcode": "EPMCSS-21002",
				"errormessage": "Failed to assign role. User jdoe does not exist. Provide a valid userlogin."
			},
			{
				"userlogin": "chris",
				"errorcode": "EPMCSS-21002",
				"errormessage": "Failed to assign role. User chris does not exist. Provide a valid userlogin."
			}
		]
	}
}

Sample cURL Command Basic Auth Pre-Defined Role

curl -X PUT -s -u '<USERNAME>:<PASSWORD>' -H 'Content-Type: application/json' -d  '{"rolename":"Viewer","users":[{"userlogin":"jdoe1"},{"userlogin":"chris1"}]}' 'https://<BASE-URL>/interop/rest/security/v2/role/assign/user'

Sample cURL Command Basic Auth Granular Role

curl -X PUT -s -u '<USERNAME>:<PASSWORD>' -H 'Content-Type: application/json' -d  '{"rolename":"Ad Hoc - Create","users":[{"userlogin":"jdoe1"},{"userlogin":"chris1"}]}' 'https://<BASE-URL>/interop/rest/security/v2/role/assign/user'

Sample cURL Command OAuth 2.0 Pre-Defined Role

curl -X PUT --header "Authorization: Bearer <OAUTH_ACCESS_TOKEN>" -H 'Content-Type: application/json' -d  '{"rolename":"Viewer","users":[{"userlogin":"jdoe1"},{"userlogin":"chris1"}]}' 'https://<BASE-URL>/interop/rest/security/v2/role/assign/user'

Sample cURL Command OAuth 2.0 Granular Role

curl -X PUT --header "Authorization: Bearer <OAUTH_ACCESS_TOKEN>" -H 'Content-Type: application/json' -d  '{"rolename":"Ad Hoc - Create","users":[{"userlogin":"jdoe1"},{"userlogin":"chris1"}]}' 'https://<BASE-URL>/interop/rest/security/v2/role/assign/user'