Assign Users to a Predefined Role or Application Role (v2)
The Assign Users to a Predefined Role or Application Role (v2) REST API assigns a pre-defined or an application role to users provided in the REST API payload. To assign a user to an application role, that user should already have a pre-defined role assigned to them.
This topic describes the simplified v2 version of this REST API. This version contains all parameters in the payload and does not require URL encoding while calling the REST APIs. This makes the v2 API easier to use.
The API is synchronous and returns the outcome of the operation in the response. Any non-zero status indicates that assigning users to roles failed. With this API, you can see which records failed and the reason why they failed, in addition to how many records passed and failed.
This API is version v2.
Required Roles
For predefined roles:
Classic environments: Identity Domain Administrator and any predefined role (Service Administrator, Power User, User, or Viewer)
OCI environments: Service Administrator, or Identity Domain Administrator and any predefined role (Power User, User, or Viewer)
For application roles:
Service Administrator or Access Control – Manage
REST Resource
PUT /interop/rest/security/v2/role/assign/user
Note:
Before using the REST resources, you must understand how to access the REST resources and other important concepts. See Implementation Best Practices for EPM Cloud REST APIs. Using this REST API requires prerequisites. See Prerequisites.
Table 12-17 Tasks for Assign Users to Roles
Task | Request | REST Resource |
---|---|---|
Assign role | PUT | /interop/rest/security/v2/role/assign/user |
Request
Supported Media Types: application/json
The following table summarizes the PUT request parameters.
Table 12-18 Parameters
Name | Description | Type | Required | Default |
---|---|---|---|---|
rolename |
The name of a pre-defined or application role applicable to the service. An incorrect role name will result in an error. It identifies one of the following:
For a description of these roles, see "Managing Role Assignments at the Application Level" in Administering Access Control for Oracle Enterprise Performance Management Cloud . |
Payload | Yes | None |
users |
List of user login IDs of the users whose role assignment is to be modified. | Payload | Yes | None |
Example URL and Payload
https://<BASE-URL>/interop/rest/security/v2/role/assign/user
{
"rolename": "Service Administrator",
"users": [
{
"userlogin": "jdoe"
},
{
"userlogin": "chris"
}
]
}
Response
Supported Media Types: application/json
Table 12-19 Parameters
Name | Description |
---|---|
links |
Detailed information about the link and HTTP call type |
status |
Identifies the status of the operation
|
error |
Detailed information about the error |
details |
Detailed status of the operation performed. Total number of records processed, succeeded, and failed and reason for why it failed. |
Examples of Response Body
The following examples show the contents of the response body in JSON format:
Example 1: Job Completes without Errors
{
"links": {
"href": "https://<BASE-URL>/interop/rest/security/v2/role/assign/user",
"action": "PUT"
},
"status": 0,
"error": null,
"details": {
"processed": 3,
"succeeded": 3,
"failed": 0,
"faileditems": null
}
}
Example 2: Job Completes with Errors
{
"links": {
"href": "https://<BASE-URL>/interop/rest/security/v2/role/assign/user",
"action": "PUT"
},
"status": 1,
"error": {
"errorcode": "EPMCSS-21000",
"errormessage": "Failed to assign role. Invalid role name <rolename>. Please provide a valid role name."
},
"details": null
}
Example 3: Job Completes with Partial Errors
{
"links": {
"href": "https://<BASE-URL>/interop/rest/security/v2/role/assign/user",
"action": "PUT"
},
"status": 0,
"error": null,
"details": {
"processed": 5,
"succeeded": 3,
"failed": 2,
"faileditems":
[
{
"userlogin": "jdoe",
"errorcode": "EPMCSS-21002",
"errormessage": "Failed to assign role. User jdoe does not exist. Provide a valid userlogin."
},
{
"userlogin": "chris",
"errorcode": "EPMCSS-21002",
"errormessage": "Failed to assign role. User chris does not exist. Provide a valid userlogin."
}
]
}
}
Sample cURL Command Basic Auth
curl -X PUT -s -u '<USERNAME>:<PASSWORD>' -H
'Content-Type: application/json' -d '{"rolename":"<ROLENAME>","users":
[{"userlogin":"<USERLOGIN>"},{"userlogin":"<USERLOGIN>"}]}'
'https://<BASE-URL>/interop/rest/security/v2/role/assign/user'
Sample cURL Command OAuth 2.0
curl -X PUT --header "Authorization: Bearer <OAUTH_ACCESS_TOKEN>" -H
'Content-Type: application/json' -d '{"rolename":"<ROLENAME>","users":
[{"userlogin":"<USERLOGIN>"},{"userlogin":"<USERLOGIN>"}]}'
'https://<BASE-URL>/interop/rest/security/v2/role/assign/user'