Manage User Account Roles
When managing
user accounts for the workers in your organization, you also need
to manage the roles assigned to the user accounts based on the level
of access required for the workers. You can use the userAccounts
API to manage role assignments
for user accounts and perform actions such as viewing the roles, assigning
new roles, and revoking existing roles.
Let's discuss these scenarios:
- View all the roles assigned to a user account
- Assign a new role to a user account
- Revoke an assigned role
View All Assigned Roles
Let's sat that Jason is an administrator who manages user accounts for the workers in his organization. He wants to view all the roles that are currently assigned to a specified user account.
To view all the assigned roles:
- Query the user account by using query parameter such as person number and obtain the GUID of the user account.
- Perform a GET operation on the
userAccountRoles
child resource by using the GUID. - Verify the details returned in the response.
Example URL
Use this resource URL format.
GET
/hcmRestApi/resources/11.13.18.05/userAccounts/8091FA12603D206DE050F50AE3921F70/child/userAccountRoles
Example Response
Here's an example of the response body in JSON format.
{
"items": [
{
"UserRoleId": 300100176944754,
"RoleId": 5046,
"RoleCode": "ORA_PER_EMPLOYEE_ABSTRACT",
"CreatedBy": "useraccountsuper",
"CreationDate": "2019-02-14T21:01:35.185+00:00",
"LastUpdatedBy": "useraccountsuper",
"LastUpdateDate": "2019-02-14T21:01:35.311+00:00",
"links": [
{
...}
]
}
Assign a New Role
Let's say that Jason wants to assign a new role to an existing user account.
To assign a a new role:
- Query the user account by using a query parameter such as person number and obtain the GUID of the user account.
- Obtain the role identifier by performing
a GET operation on the
userRolesLOV
resource. - Set the
Content-Type
toapplication/vnd.oracle.adf.resourceitem+json
. - Perform a POST operation on the
userAccountRoles
child resource by using the GUID. - Verify the details returned in the response.
Example URL
Use this resource URL format.
POST
/hcmRestApi/resources/11.13.18.05/userAccounts/8091FA12603D206DE050F50AE3921F70/child/userAccountRoles
Example Request
Here's an example of the request body in JSON format.
{
"RoleId": "5071"
}
Example Response
Here's an example of the response body in JSON format.
{
"UserRoleId": 300100176944799,
"RoleId": 5071,
"RoleCode": "ORA_PER_LINE_MANAGER_ABSTRACT",
"CreatedBy": "useraccountsuper",
"CreationDate": "2019-02-14T21:01:35.185+00:00",
"LastUpdatedBy": "useraccountsuper",
"LastUpdateDate": "2019-02-14T21:01:35.311+00:00",
"links": [
{
..}
]
}
Revoke an Assigned Role
Jason now wants to revoke a role that's currently assigned to this user account.
To revoke an assigned role:
- Query the user account by using a query parameter such as person number and obtain the GUID of the user account.
- Perform a GET operation on the
userAccountRoles
child resource by using the GUID, and obtain the role identifier of the currently assigned role. - Set the
Content-Type
toapplication/vnd.oracle.adf.resourceitem+json
. - Perform a DELETE operation on the
userAccountRoles
child resource using the role identifier. - Verify the status in the response.
Example URL
Use this resource URL format.
DELETE
/hcmRestApi/resources/11.13.18.05/userAccounts/8091FA12603D206DE050F50AE3921F70/child/userAccountRoles/300100176944799
Example Response
Here's an example of the response body in JSON format.
Status: 204 - No content