To use the API, a vRealize Automation user must be an organization member with at least a user service role. You use the access token to verify user roles.
Prerequisites
Verify that you have an access token. See Get Your Access Token for the vRealize Automation API.
Procedure
Example: Verify User Roles
Using the access token previously obtained and assigned, verify user roles. See Get Your Access Token for the vRealize Automation API.
Assign variables.
identity_service_url='https://vra-hostname.company.com' username='[email protected]' password='example_password'
Get your organization ID.
curl -X GET \ "$identity_service_url/csp/gateway/am/api/loggedin/user/orgs" \ -H "csp-auth-token: $access_token"
The response shows the organization ID.
{ "refLinks": [ "/csp/gateway/am/api/orgs/7f8c518a-65f5-494b-b714-f7e349957a30" ], "items": [ { "name": "DEFAULT-ORG", "displayName": "DEFAULT-ORG", "refLink": "/csp/gateway/am/api/orgs/7f8c518a-65f5-494b-b714-f7e349957a30", "id": "7f8c518a-65f5-494b-b714-f7e349957a30", "metadata": null, "parentRefLink": null } ] }
Assign the organization ID variable.
org_id='7f8c518a-65f5-494b-b714-f7e349957a30'
Verify the organization role.
curl -X GET \ $identity_service_url/csp/gateway/am/api/loggedin/user/orgs/$org_id/roles \ -H "csp-auth-token: $access_token" | jq "."
The response shows that the organization role is
org_owner.
{ "refLink": "/csp/gateway/am/api/orgs/7f8c518a-65f5-494b-b714-f7e349957a30/roles/52a6a411-2339-4bc3-91bc-62418977df11", "name": "org_owner", "displayName": "Organization Owner", "organizationLink": "/csp/gateway/am/api/orgs/7f8c518a-65f5-494b-b714-f7e349957a30" }
Verify the service role.
curl -X GET \ $identity_service_url/csp/gateway/am/api/loggedin/user/orgs/$org_id/service-roles \ -H "csp-auth-token: $access_token" | jq "."
A snippet of the response shows the Service Role Names for the cloud assembly service.
cloud_admin satisfies the minimum service role.
... { "serviceDefinitionLink": "/csp/gateway/slc/api/definitions/external/<service_id>", "serviceRoleNames": [ "automationservice:cloud_admin" ] } ...