Role Assignment Report for Users (v2)
Generates a Role Assignment Report of users in the environment.
The report lists the roles assigned to users. It identifies the user's login name, first name, last name, email address and assigned roles. The report can be created for a specific user login or a role or any user attribute (first name, last name, user login, email).
The report includes:
-
Predefined roles (such as Service Administrator)
-
Application roles (such as Approvals - Assign Ownerships, Approvals - Supervise, Approvals - Administer, and Approvals - Design Process).
The API is synchronous and returns the outcome of the operation in the response. Any non-zero status indicates failure of getting Role Assignment Report for users.
This API is version v2.
Required Roles
-
Service Administrator
-
Any predefined role and the Access Control - Manage application role
-
Any predefined role and the Access Control - View application role
REST Resource
GET
/interop/rest/security/v2/report/roleassignmentreport/user?userlogin=<userlogin>&rolename=<rolename>&userattribute=<search
user attribute>
Note:
Before using the REST resources, you must understand how to access the REST resources and other important concepts. See Implementation Best Practices for Cloud EPM REST APIs. Using this REST API requires prerequisites. See Prerequisites.
Table 12-89 Tasks for Role Assignment Report for Users
Task | Request | REST Resource |
---|---|---|
Role Assignment Report for Users | GET | /interop/rest/security/v2/report/roleassignmentreport/user?userlogin=<userlogin>&rolename=<rolename>&userattribute=<search
user attribute> |
Request
Supported Media Types: application/json
The following table summarizes the request parameters.
Table 12-90 Request Parameters
Name | Description | Type | Required | Default |
---|---|---|---|---|
userlogin |
Generates |
Query | No | All Users |
rolename |
Generates The Role name can be either Predefined or Application Role (for example, Power User or Access Control - Manage). |
Query | No | All Roles |
userattribute |
Generates
|
Query | No | All Users |
Response
Supported Media Types: application/json
Table 12-91 Response Parameters
Parameters | Description |
---|---|
links |
Detailed information about the link and HTTP call type |
status |
status of the operation
|
error |
Detailed information about the error |
details |
Lists records matching the request |
Example of Respose Body
The following show examples of the response body in JSON format.
Example 1: REST API Issued without Any Query Parameters Completes without Errors
{
"links": {
"href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"userlogin": "Jade",
"firstname": "Jade",
"lastname": "Clark",
"email": "jade.clark@example.com",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": ""
},
{
"rolename": "Ad Hoc - Creater",
"roletype": "Application",
"grantedthroughgroup": ""
}
]
},
{
"userlogin": "Jeff",
"firstname": "Jeff",
"lastname": "Clark",
"email": "jeff.clark@example.com",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": "idcsgroup"
},
{
"rolename": "Ad Hoc - Read Only User",
"roletype": "Application",
"grantedthroughgroup": ""
},
{
"rolename": "Application - Mass Allocate",
"roletype": "Application",
"grantedthroughgroup": "Analyst->idcsgroup"
}
]
}
]
}
Example 2: REST API Issued with userlogin
and
rolename
Query Parameters Completes without Errors
{
"links": {
"href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userlogin='Jade'&rolename='Service Administrator'",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"userlogin": "Jade",
"firstname": "Jade",
"lastname": "Clark",
"email": "jade.clark@example.com",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": ""
}
]
}
]
}
Example 3: REST API Issued with userattribute
and
rolename
Query Parameters and Completes without
Errors
{
"links": {
"href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user? userattribute='Clark'&rolename='Service Administrator'",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"userlogin": "Jade",
"firstname": "Jade",
"lastname": "Clark",
"email": "jade.clark@example.com",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": ""
}
]
},
{
"userlogin": "Jeff",
"firstname": "Jeff",
"lastname": "Clark",
"email": "jeff.clark@example.com",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": "idcsgroup"
}
]
}
]
}
Example 4: REST API Issued with Only rolename
Query Parameter
Completes without Errors
{
"links": {
"href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?rolename='Ad Hoc - Read Only User'",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"userlogin": "Jade",
"firstname": "Jade",
"lastname": "Clark",
"email": "jade.clark@example.com",
"roles": [
{
"rolename": "Ad Hoc - Read Only User",
"roletype": "Application",
"grantedthroughgroup": ""
}
]
},
{
"userlogin": "Jeff",
"firstname": "Jeff",
"lastname": "Clark",
"email": "jeff.clark@example.com",
"roles": [
{
"rolename": "Ad Hoc - Read Only User",
"roletype": "Application",
"grantedthroughgroup": ""
}
]
}
]
}
Example 5: REST API Issued with Only userlogin
Query Parameter
Completes without Errors
{
"links": {
"href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userlogin='Jade'",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"userlogin": "Jade",
"firstname": "Jade",
"lastname": "Clark",
"email": "jade.clark@example.com",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": ""
},
{
"rolename": "Ad Hoc - Creater",
"roletype": "Application",
"grantedthroughgroup": ""
}
]
}
]
}
Example 6: REST API Issued with Only userattribute
Query Parameter
and Completes without Errors
{
"links": {
"href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userattribute='Clark'",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"userlogin": "Jade",
"firstname": "Jade",
"lastname": "Clark",
"email": "jade.clark@example.com",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": ""
},
{
"rolename": "Ad Hoc - Creater",
"roletype": "Application",
"grantedthroughgroup": ""
}
]
},
{
"userlogin": "Jeff",
"firstname": "Jeff",
"lastname": "Clark",
"email": "jeff.clark@example.com",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": "idcsgroup"
},
{
"rolename": "Ad Hoc - Read Only User",
"roletype": "Application",
"grantedthroughgroup": ""
},
{
"rolename": "Application - Mass Allocate",
"roletype": "Application",
"grantedthroughgroup": "Analyst->idcsgroup"
}
]
}
]
}
Example 7: Job Completes with Errors
{
"links": {
"href": "https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user",
"action": "GET"
},
"status": 1,
"error": {
"errorcode": "EPMCSS-21206",
"errormessage": "Failed to generate Role Assignment Report for Users. Authorization failed. Please provide valid authorized user."
},
"details": null
}
Sample cURL Commands Basic Auth
curl -X GET -s -u '<USERNAME>:<PASSWORD>' -H 'Content-Type: application/json' 'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user'
curl -X GET -s -u '<USERNAME>:<PASSWORD>' -H 'Content-Type: application/json' 'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userlogin=yogini@example.com&rolename=Power%20User'
curl -X GET -s -u '<USERNAME>:<PASSWORD>' -H 'Content-Type: application/json' 'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userattribute=yogini&rolename=Power%20User'
Sample cURL Commands OAuth 2.0
curl -X GET --header "Authorization: Bearer <OAUTH_ACCESS_TOKEN>" -H 'Content-Type: application/json' 'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user'
curl -X GET --header "Authorization: Bearer <OAUTH_ACCESS_TOKEN>" -H 'Content-Type: application/json' 'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userlogin=yogini@example.com&rolename=Power%20User'
curl -X GET --header "Authorization: Bearer <OAUTH_ACCESS_TOKEN>" -H 'Content-Type: application/json' 'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/user?userattribute=yogini&rolename=Power%20User'