POST /role/new

Creates a new role.

Resource Name: /settings/permissions/role/new

Permissions Required:
  • administrator
Request Body Parameters:

Parameter

Type

Description

nameMandatory

String

Role name.

description

String

Role description.

enabled

Boolean

Whether role is enabled. Default is true.

ldapGroupDN

String

LDAP group DN. Supported only if LDAP role association is configured.

users

Array of String

List of users to associate. Supported only if LDAP role association is not configured.

authorizedApplications

Array of authorizedApplications (see authorizedApplications )

List of application permissions (ID, permission).

authorizedViewsAndAction

Array of String

List of permitted views and actions.

Return:

Parameter

Type

Description

name

String

Role name.

authorizedViewsAndActions

Array of NameAllowedPair (see NameAllowedPair )

View and action permissions.

authorizedApplications

Array of authorizedApplications (see authorizedApplications )

Permissions on applications.

roleUsers

Array of String

Associated usernames according to last login.

enabled

Boolean

Whether role is enabled: true or false.

Request example:

{
  "authorizedApplications": [
    {
      "applicationID": 1,
      "permission": "view"
    },
    {
      "applicationID": 2,
      "permission": "edit"
    }
  ],
  "authorizedViewsAndActions": [
    "applyDrafts","viewActivityLog"
  ],
  "description": "PCI role",
  "enabled": true,
  "name": "pci",
  "users": [
    "Eric","Steve"
  ]
}

Return Example:

{
  "name": "pci",
  "authorizedViewsAndActions": [
    {
      "name": "viewActivityLog",
      "allowed": true
    },
    {
      "name": "applyDrafts",
      "allowed": true
    },
...
  ],
  "authorizedApplications": [
    {
      "applicationID": 1,
      "name": "DNS",
      "permission": "view"
    },
    {
      "applicationID": 2,
      "name": "Backup",
      "permission": "edit"
    }
  ],
  "roleUsers": [
    "Eric","Steve"
  ],
  "enabled": true
}

 

â See also: