You can use the REST API identity service to display all of the roles assigned to a user.
Input
Use the supported input parameters to control the command output.
Parameter |
Description |
---|---|
URL |
https://$host/identity/api/authorization/tenants/$tenantId/principals/$principalId/roles |
$token |
Specifies a valid HTTP bearer token with necessary credentials. |
$host |
Specifies the host name and fully qualified domain name or IP address of the vRealize Automation identity server. |
$tenantId |
Specifies the ID of the tenant. |
principalId |
Specifies the ID of the user in the form name@domain. |
Output
The command output contains property names and values based on the command input parameters.
Property |
Description |
---|---|
id |
Specifies the role ID. |
name |
Specifies the role name. |
description |
Specifies the role description. |
status |
Specifies the status of this role. |
assignedPermissions |
Specifies the set of permissions that are implied by this role assignment. |
curl Command
The following example command lists all the roles that are assigned to tony@example.mycompany.com.
curl --insecure -H "Content-Type: application/json" -H "Authorization: Bearer $token" https://$host/identity/api/authorization/tenants/development/principals/ tony@example.mycompany.com/roles
JSON Output
The following JSON output is returned based on the command input.
{ "links" : [ ], "content" : [ { "@type" : "SystemRole", "id" : "ABX_TENANT_ADMIN", "name" : "Tenant Administrator", "description" : "ABX Tenant Administrator", "assignedPermissions" : [ { "id" : "CATALOG_CONSUME_TENANT_MGMT", "name" : "Catalog Consume Tenant Management", "description" : "Consume services, resources and manage requests on behalf of any user within a Tenant", "prereqAdminPermissions" : null }, { "id" : "MY_TENANT_MANAGEMENT", "name" : "My Tenant Management", "description" : "Manage my tenant.", "prereqAdminPermissions" : null }, { "id" : "CATALOG_AUTHOR_TENANT", "name" : "Catalog Tenant-level Author", "description" : "Create, update and publish services, catalog items and actions shared across a Tenant.", "prereqAdminPermissions" : null }, { "id" : "GUI_MY_TENANT_MANAGEMENT", "name" : "My Tenant Administration User Interface", "description" : "Access my tenant administration GUI.", "prereqAdminPermissions" : null }, { "id" : "CATALOG_ENTITLE_TENANT", "name" : "Catalog Tenant-level Entitlement Management", "description" : "Entitle services, catalog items and actions to all users within a tenant.", "prereqAdminPermissions" : null }, { "id" : "FILE_EDIT_TENANT", "name" : "Manage Tenant Files", "description" : "Upload and delete files belonging to this tenant.", "prereqAdminPermissions" : null }, { "id" : "TENANT_USER_DATA_MANAGEMENT", "name" : "Manage user data (requests, items, tasks etc) within a tenant.", "description" : "Manage user created objects belonging to the tenant.", "prereqAdminPermissions" : null }, { "id" : "TENANT_ADMIN_ROLE_ASSIGNMENT", "name" : "Tenant Administrator Role Assignment", "description" : "Assign the tenant administrator role to other users.", "prereqAdminPermissions" : null }, { "id" : "GUI_MY_TENANT_TUG_MANAGEMENT", "name" : "My Tenant Identity Stores, Groups and Users Administration User Interfaces", "description" : "Access my tenant identity stores, groups and users administration GUIs.", "prereqAdminPermissions" : null } ] } ], "metadata" : { "size" : 20, "totalElements" : 1, "totalPages" : 1, "number" : 1, "offset" : 0