Role Assignment Report for Users (v2)

Generates a Role Assignment Report of users in the environment.

The report lists the roles assigned to users. It identifies the user's login name, first name, last name, email address and assigned roles. The report can be created for a specific user login or a role or any user attribute (first name, last name, user login, email).

The report includes:

  • Predefined roles (such as Service Administrator)

  • Granular roles (such as Approvals - Assign Ownerships, Approvals - Supervise, Approvals - Administer, and Approvals - Design Process).

The API is synchronous and returns the outcome of the operation in the response. Any non-zero status indicates failure of getting Role Assignment Report for users.

Required Roles

  • Service Administrator

  • Any predefined role and the Access Control - Manage granular role

  • Any predefined role and the Access Control - View granular role

REST Resource

GET /interop/rest/security/v2/report/roleassignmentreport/user?userlogin=<userlogin>&rolename=<rolename>&userattribute=<search user attribute>

Table 13-97 Tasks for Role Assignment Report for Users

Task Request REST Resource
Role Assignment Report for Users GET /interop/rest/security/v2/report/roleassignmentreport/user?userlogin=<userlogin>&rolename=<rolename>&userattribute=<search user attribute>

Request

Supported Media Types: application/json

Table 13-98 Request Parameters

Name Description Type Required Default
userlogin

Generates roleassignmentreport for the specified user only. If a user login is not specified, the report is generated for all the users.

Query No All Users
rolename

Generates roleassignmentreport for the specified role only. If a role name is not specified, the report is generated for all the roles.

The Role name can be either Predefined or Granular role (for example, Power User or Access Control - Manage).

 Query No All Roles
userattribute

Generates roleassignmentreport for the users matching the specified user attribute (case-insensitive) with any one of these user attributes:

  • userlogin
  • firstname
  • lastname
  • email
 Query No All Users

Response

Supported Media Types: application/json

Table 13-99 Response Parameters

Parameters Description
links Detailed information about the link and HTTP call type
status

status of the operation

  • 0: Operation succeeded

  • 1: Operation failed
error Detailed information about the error
details Lists records matching the request

Example of Respose Body

Example 1: REST API Issued without Any Query Parameters Completes without Errors

{
  "links": {
    "href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user",
    "action": "GET"
  },
  "status": 0,
  "error": null,
  "details": [
    {
      "userlogin": "Jade",
      "firstname": "Jade",
      "lastname": "Clark",
      "email": "jade.clark@example.com",
      "roles": [
        {
          "rolename": "Service Administrator",
          "roletype": "Predefined",
          "grantedthroughgroup": ""
        },
        {
          "rolename": "Ad Hoc - Creater",
          "roletype": "Application",
          "grantedthroughgroup": ""
        }
      ]
    },
    {
      "userlogin": "Jeff",
      "firstname": "Jeff",
      "lastname": "Clark",
      "email": "jeff.clark@example.com",
      "roles": [
        {
          "rolename": "Service Administrator",
          "roletype": "Predefined",
          "grantedthroughgroup": "idcsgroup"
        },
        {
          "rolename": "Ad Hoc - Read Only User",
          "roletype": "Application",
          "grantedthroughgroup": ""
        },
        {
          "rolename": "Application - Mass Allocate",
          "roletype": "Application",
          "grantedthroughgroup": "Analyst->idcsgroup"
        }
      ]
    }
  ]
}

Example 2: REST API Issued with userlogin and rolename Query Parameters Completes without Errors

{
  "links": {
    "href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userlogin='Jade'&rolename='Service Administrator'",
    "action": "GET"
  },
  "status": 0,
  "error": null,
  "details": [
    {
      "userlogin": "Jade",
      "firstname": "Jade",
      "lastname": "Clark",
      "email": "jade.clark@example.com",
      "roles": [
        {
          "rolename": "Service Administrator",
          "roletype": "Predefined",
          "grantedthroughgroup": ""
        }
      ]
    }
  ]
}

Example 3: REST API Issued with userattribute and rolename Query Parameters and Completes without Errors

{
  "links": {
    "href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user? userattribute='Clark'&rolename='Service Administrator'",
    "action": "GET"
  },
  "status": 0,
  "error": null,
  "details": [
    {
      "userlogin": "Jade",
      "firstname": "Jade",
      "lastname": "Clark",
      "email": "jade.clark@example.com",
      "roles": [
        {
          "rolename": "Service Administrator",
          "roletype": "Predefined",
          "grantedthroughgroup": ""
        }
      ]
    },
    {
      "userlogin": "Jeff",
      "firstname": "Jeff",
      "lastname": "Clark",
      "email": "jeff.clark@example.com",
      "roles": [
        {
          "rolename": "Service Administrator",
          "roletype": "Predefined",
          "grantedthroughgroup": "idcsgroup"
        }
      ]
    }
  ]
}

Example 4: REST API Issued with Only rolename Query Parameter Completes without Errors

{
  "links": {
    "href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?rolename='Ad Hoc - Read Only User'",
    "action": "GET"
  },
  "status": 0,
  "error": null,
  "details": [
    {
      "userlogin": "Jade",
      "firstname": "Jade",
      "lastname": "Clark",
      "email": "jade.clark@example.com",
      "roles": [
        {
          "rolename": "Ad Hoc - Read Only User",
          "roletype": "Application",
          "grantedthroughgroup": ""
        }
      ]
    },
    {
      "userlogin": "Jeff",
      "firstname": "Jeff",
      "lastname": "Clark",
      "email": "jeff.clark@example.com",
      "roles": [
        {
          "rolename": "Ad Hoc - Read Only User",
          "roletype": "Application",
          "grantedthroughgroup": ""
        }
      ]
    }
  ]
}

Example 5: REST API Issued with Only userlogin Query Parameter Completes without Errors

{
  "links": {
    "href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userlogin='Jade'",
    "action": "GET"
  },
  "status": 0,
  "error": null,
  "details": [
    {
      "userlogin": "Jade",
      "firstname": "Jade",
      "lastname": "Clark",
      "email": "jade.clark@example.com",
      "roles": [
        {
          "rolename": "Service Administrator",
          "roletype": "Predefined",
          "grantedthroughgroup": ""
        },
        {
          "rolename": "Ad Hoc - Creater",
          "roletype": "Application",
          "grantedthroughgroup": ""
        }
      ]
    }
  ]
}

Example 6: REST API Issued with Only userattribute Query Parameter and Completes without Errors

{
  "links": {
    "href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userattribute='Clark'",
    "action": "GET"
  },
  "status": 0,
  "error": null,
  "details": [
    {
      "userlogin": "Jade",
      "firstname": "Jade",
      "lastname": "Clark",
      "email": "jade.clark@example.com",
      "roles": [
        {
          "rolename": "Service Administrator",
          "roletype": "Predefined",
          "grantedthroughgroup": ""
        },
        {
          "rolename": "Ad Hoc - Creater",
          "roletype": "Application",
          "grantedthroughgroup": ""
        }
      ]
    },
    {
      "userlogin": "Jeff",
      "firstname": "Jeff",
      "lastname": "Clark",
      "email": "jeff.clark@example.com",
      "roles": [
        {
          "rolename": "Service Administrator",
          "roletype": "Predefined",
          "grantedthroughgroup": "idcsgroup"
        },
        {
          "rolename": "Ad Hoc - Read Only User",
          "roletype": "Application",
          "grantedthroughgroup": ""
        },
        {
          "rolename": "Application - Mass Allocate",
          "roletype": "Application",
          "grantedthroughgroup": "Analyst->idcsgroup"
        }
      ]
    }
  ]
}

Example 7: Job Completes with Errors

{
  "links": {
    "href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user",
    "action": "GET"
  },
  "status": 1,
  "error": {
    "errorcode": "EPMCSS-21206",
    "errormessage": "Failed to generate Role Assignment Report for Users. Authorization failed. Please provide valid authorized user."
  },
  "details": null
}

Sample cURL Commands Basic Auth

curl -X GET -s -u '<USERNAME>:<PASSWORD>' -H 'Content-Type: application/json' 'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user'
curl -X GET -s -u '<USERNAME>:<PASSWORD>' -H 'Content-Type: application/json' 'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userlogin=yogini@example.com&rolename=Power%20User'
curl -X GET -s -u '<USERNAME>:<PASSWORD>' -H 'Content-Type: application/json' 'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userattribute=yogini&rolename=Power%20User'

Sample cURL Commands OAuth 2.0

curl -X GET --header "Authorization: Bearer <OAUTH_ACCESS_TOKEN>" -H 'Content-Type: application/json' 'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user'
curl -X GET --header "Authorization: Bearer <OAUTH_ACCESS_TOKEN>" -H 'Content-Type: application/json' 'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userlogin=yogini@example.com&rolename=Power%20User'
curl -X GET --header "Authorization: Bearer <OAUTH_ACCESS_TOKEN>" -H 'Content-Type: application/json' 'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userattribute=yogini&rolename=Power%20User'