You can use the REST API identity service to display all of the roles assigned to a user.

Input

Use the supported input parameters to control the command output.

Parameter

Description

URL

https://$host/identity/api/authorization/tenants/$tenantId/principals/$principalId/roles

$token

Specifies a valid HTTP bearer token with necessary credentials.

$host

Specifies the host name and fully qualified domain name or IP address of the vRealize Automation identity server.

$tenantId

Specifies the ID of the tenant.

principalId

Specifies the ID of the user in the form name@domain.

Output

The command output contains property names and values based on the command input parameters.

Property

Description

id

Specifies the role ID.

name

Specifies the role name.

description

Specifies the role description.

status

Specifies the status of this role.

assignedPermissions

Specifies the set of permissions that are implied by this role assignment.

curl Command

The following example command lists all the roles that are assigned to tony@example.mycompany.com.

curl --insecure -H "Content-Type: application/json" 
-H "Authorization: Bearer $token" 
https://$host/identity/api/authorization/tenants/development/principals/
tony@example.mycompany.com/roles

JSON Output

The following JSON output is returned based on the command input.

{
"links" : [ ],
"content" : [ {
"@type" : "SystemRole",
"id" : "ABX_TENANT_ADMIN",
"name" : "Tenant Administrator",
"description" : "ABX Tenant Administrator",
"assignedPermissions" : [ {
"id" : "CATALOG_CONSUME_TENANT_MGMT",
"name" : "Catalog Consume Tenant Management",
"description" : "Consume services, resources and manage requests on 
behalf of any user within a Tenant",
"prereqAdminPermissions" : null
}, {
"id" : "MY_TENANT_MANAGEMENT",
"name" : "My Tenant Management",
"description" : "Manage my tenant.",
"prereqAdminPermissions" : null
}, {
"id" : "CATALOG_AUTHOR_TENANT",
"name" : "Catalog Tenant-level Author",
"description" : "Create, update and publish services, catalog items and actions shared across a Tenant.",
"prereqAdminPermissions" : null
}, {
"id" : "GUI_MY_TENANT_MANAGEMENT",
"name" : "My Tenant Administration User Interface",
"description" : "Access my tenant administration GUI.",
"prereqAdminPermissions" : null
}, {
"id" : "CATALOG_ENTITLE_TENANT",
"name" : "Catalog Tenant-level Entitlement Management",
"description" : "Entitle services, catalog items and actions to all users within a tenant.",
"prereqAdminPermissions" : null
}, {
"id" : "FILE_EDIT_TENANT",
"name" : "Manage Tenant Files",
"description" : "Upload and delete files belonging to this tenant.",
"prereqAdminPermissions" : null
}, {
"id" : "TENANT_USER_DATA_MANAGEMENT",
"name" : "Manage user data (requests, items, tasks etc) within a tenant.",
"description" : "Manage user created objects belonging to the tenant.",
"prereqAdminPermissions" : null
}, {
"id" : "TENANT_ADMIN_ROLE_ASSIGNMENT",
"name" : "Tenant Administrator Role Assignment",
"description" : "Assign the tenant administrator role to other users.",
"prereqAdminPermissions" : null
}, {
"id" : "GUI_MY_TENANT_TUG_MANAGEMENT",
"name" : "My Tenant Identity Stores, Groups and Users Administration User Interfaces",
"description" : "Access my tenant identity stores, groups and users administration GUIs.",
"prereqAdminPermissions" : null
} ]
} ],
"metadata" : {
"size" : 20,
"totalElements" : 1,
"totalPages" : 1,
"number" : 1,
"offset" : 0