Role management
- Juan Tomás Alonso Nieto (Deactivated)
The Provisioning API can be used to create, update, and delete custom roles. There are always 2 default roles in each domain that cannot be deleted neither modified (Admin and No Privileges). We call custom roles to the roles that can be created and fully managed. A role is an entity that can be assigned to users in order to provide them with permissions or access to resources.
Those resources are:
Policies: Allow the user to perform specific operations on the platform.
Custom finder: The set of accessible tables for a specific role.
User resources: Activeboards, Panels and Dashboards.
Applications
Alert permissions: Specific permissions for allowing a role access or management control to an alert category, subcategory, or the alert itself.
Vaulting values: Maximum and default vault values for establishing the priority when the role users perform a query.
User resources are those assets that are created by a user; that’s why applications are not user resources. Applications have a different ownership lifecycle. For example, if a user is deleted, the resources he created will be reassigned to the domain’s owner. That does not happen with an application.
Domain custom roles
POST /domain/{domainName}/roles
Creates a new custom role. See the required parameters and more information here.
GETÂ /domain/{domainName}/roles
Retrieves all the roles belonging to the specified domain.
GETÂ /domain/{domainName}/roles/{roleName}
Retrieves information about the specified role.
DELETE /domain/{domainName}/roles/{roleName}
Deletes the specified role. Note that roles cannot be deleted if they are assigned to one or several users.
PUT /domain/{domainName}/roles/{roleName}
Updates a specified role.