Syntax for Displaying all Roles Assigned to a User

You can use the REST API identity service to display all of the roles assigned to a user.

Input

Use the supported input parameters to control the command output.


Parameter	Description
URL	https://`$host`/identity/api/authorization/tenants/`$tenantId`/principals/`$principalId`/roles
`$token`	Specifies a valid HTTP bearer token with necessary credentials.
`$host`	Specifies the host name and fully qualified domain name or IP address of the vRealize Automation identity server.
`$tenantId`	Specifies the ID of the tenant.
`principalId`	Specifies the ID of the user in the form name@domain.

Output

The command output contains property names and values based on the command input parameters.


Property	Description
id	Specifies the role ID.
name	Specifies the role name.
description	Specifies the role description.
status	Specifies the status of this role.
assignedPermissions	Specifies the set of permissions that are implied by this role assignment.

curl Command

The following example command lists all the roles that are assigned to tony@example.mycompany.com.

curl --insecure -H "Content-Type: application/json" 
-H "Authorization: Bearer $token" 
https://$host/identity/api/authorization/tenants/development/principals/
tony@example.mycompany.com/roles

JSON Output

The following JSON output is returned based on the command input.

{
"links" : [ ],
"content" : [ {
"@type" : "SystemRole",
"id" : "ABX_TENANT_ADMIN",
"name" : "Tenant Administrator",
"description" : "ABX Tenant Administrator",
"assignedPermissions" : [ {
"id" : "CATALOG_CONSUME_TENANT_MGMT",
"name" : "Catalog Consume Tenant Management",
"description" : "Consume services, resources and manage requests on 
behalf of any user within a Tenant",
"prereqAdminPermissions" : null
}, {
"id" : "MY_TENANT_MANAGEMENT",
"name" : "My Tenant Management",
"description" : "Manage my tenant.",
"prereqAdminPermissions" : null
}, {
"id" : "CATALOG_AUTHOR_TENANT",
"name" : "Catalog Tenant-level Author",
"description" : "Create, update and publish services, catalog items and actions shared across a Tenant.",
"prereqAdminPermissions" : null
}, {
"id" : "GUI_MY_TENANT_MANAGEMENT",
"name" : "My Tenant Administration User Interface",
"description" : "Access my tenant administration GUI.",
"prereqAdminPermissions" : null
}, {
"id" : "CATALOG_ENTITLE_TENANT",
"name" : "Catalog Tenant-level Entitlement Management",
"description" : "Entitle services, catalog items and actions to all users within a tenant.",
"prereqAdminPermissions" : null
}, {
"id" : "FILE_EDIT_TENANT",
"name" : "Manage Tenant Files",
"description" : "Upload and delete files belonging to this tenant.",
"prereqAdminPermissions" : null
}, {
"id" : "TENANT_USER_DATA_MANAGEMENT",
"name" : "Manage user data (requests, items, tasks etc) within a tenant.",
"description" : "Manage user created objects belonging to the tenant.",
"prereqAdminPermissions" : null
}, {
"id" : "TENANT_ADMIN_ROLE_ASSIGNMENT",
"name" : "Tenant Administrator Role Assignment",
"description" : "Assign the tenant administrator role to other users.",
"prereqAdminPermissions" : null
}, {
"id" : "GUI_MY_TENANT_TUG_MANAGEMENT",
"name" : "My Tenant Identity Stores, Groups and Users Administration User Interfaces",
"description" : "Access my tenant identity stores, groups and users administration GUIs.",
"prereqAdminPermissions" : null
} ]
} ],
"metadata" : {
"size" : 20,
"totalElements" : 1,
"totalPages" : 1,
"number" : 1,
"offset" : 0