Role Assignment Report for Users (v2)
Generates a Role Assignment Report of users in the environment. The report lists the roles assigned to users. It identifies the user's login name, first name, last name, email address and assigned roles. The report can be created for a specific user or a role or a combination of users and roles.
The report includes:
-
Predefined roles (such as Service Administrator)
-
Application roles (such as Approvals - Assign Ownerships, Approvals - Supervise, Approvals - Administer, and Approvals - Design Process).
The API is synchronous and returns the outcome of the operation in the response. Any non-zero status indicates failure of getting Role Assignment Report for users.
This API is version v2.
Required Roles
Service Administrator or Access Control Manager
REST Resource
GET
/interop/rest/security/v2/report/roleassignmentreport/user?userlogin=<userlogin>&rolename=<rolename>
Note:
Before using the REST resources, you must understand how to access the REST resources and other important concepts. See Implementation Best Practices for EPM Cloud REST APIs. Using this REST API requires prerequisites. See Prerequisites.
Table 12-80 Tasks for Role Assignment Report for Users
| Task | Request | REST Resource |
|---|---|---|
| Role Assignment Report for Users | GET | /interop/rest/security/v2/report/roleassignmentreport/user?userlogin=<userlogin>&rolename=<rolename> |
Request
Supported Media Types: application/json
The following table summarizes the request parameters.
Table 12-81 Parameters
| Name | Description | Type | Required | Default |
|---|---|---|---|---|
userlogin |
Generates |
Query | No | All Users |
rolename |
Generates The Role name can be either Predefined or Application Role (for example, Power User or Manage – Access Control). |
Query | No | All Roles |
Response
Supported Media Types: application/json
Table 12-82 Parameters
| Parameters | Description |
|---|---|
links |
Detailed information about the link and HTTP call type |
status |
See Migration Status Codes |
error |
Detailed information about the error |
details |
Lists records matching the request |
Example of Respose Body
The following show examples of the response body in JSON format.
Response 1: REST API Issued without userlogin or
rolename Query Parameters Completes without Errors
{
"links": {
"href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"userlogin": "Jade",
"firstname": "Jade",
"lastname": "Clark",
"email": "jade.clark@example.com",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": ""
},
{
"rolename": "Ad Hoc - Creater",
"roletype": "Application",
"grantedthroughgroup": ""
}
]
},
{
"userlogin": "Jeff",
"firstname": "Jeff",
"lastname": "Clark",
"email": "jeff.clark@example.com",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": "idcsgroup"
},
{
"rolename": "Ad Hoc - Read Only User",
"roletype": "Application",
"grantedthroughgroup": ""
},
{
"rolename": "Application - Mass Allocate",
"roletype": "Application",
"grantedthroughgroup": "Analyst->idcsgroup"
}
]
}
]
}Response 2: REST API Issued with userlogin and
rolename Query Parameters Completes without Errors
{
"links": {
"href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userlogin='Jade'&rolename='Service Administrator'",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"userlogin": "Jade",
"firstname": "Jade",
"lastname": "Clark",
"email": "jade.clark@example.com",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": ""
}
]
}
]
}Response 3: REST API Issued with Only rolename Query Parameter
Completes without Errors
{
"links": {
"href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?rolename='Ad Hoc - Read Only User'",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"userlogin": "Jade",
"firstname": "Jade",
"lastname": "Clark",
"email": "jade.clark@example.com",
"roles": [
{
"rolename": "Ad Hoc - Read Only User",
"roletype": "Application",
"grantedthroughgroup": ""
}
]
},
{
"userlogin": "Jeff",
"firstname": "Jeff",
"lastname": "Clark",
"email": "jeff.clark@example.com",
"roles": [
{
"rolename": "Ad Hoc - Read Only User",
"roletype": "Application",
"grantedthroughgroup": ""
}
]
}
]
}Response 4: REST API Issued with Only userlogin Query
Parameter Completes without Errors
{
"links": {
"href": " https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userlogin='Jade'",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"userlogin": "Jade",
"firstname": "Jade",
"lastname": "Clark",
"email": "jade.clark@example.com",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": ""
},
{
"rolename": "Ad Hoc - Creater",
"roletype": "Application",
"grantedthroughgroup": ""
}
]
}
]
}Response 5: Job Completes with Errors
{
"links": {
"href": " https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user",
"action": "GET"
},
"status": 1,
"error": {
"errorcode": "EPMCSS-21206",
"errormessage": "Failed to generate Role Assignment Report for Users. Authorization failed. Please provide valid authorized user."
},
"details": null
}Sample cURL Commands
Sample cURL command using Basic Auth
curl -X GET -s -u '<USERNAME>:<PASSWORD>' -H 'Content-Type: application/json'
'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user'curl -X GET -s -u '<USERNAME>:<PASSWORD>' -H 'Content-Type: application/json'
'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userlogin=<userlogin>&rolename=<rolename>'Sample cURL command using oAuth
curl --location --request GET 'https://<BASE-URL>/interop/rest/security/v2/report
/roleassignmentreport/user' --header "Authorization: Bearer <OAUTH_TOKEN>"curl --location --request GET 'https://<BASE-URL>/interop/rest/security/v2/report
/roleassignmentreport/user?userlogin=<userlogin>&rolename=<rolename>' --header "Authorization: Bearer <OAUTH_TOKEN>"