search
Go to website

Role

hashtag
Get roles

get
/v1/{organization}/role/

Return a list of roles in this organization.

Permissions

This endpoint may be impacted by the following permissions:

  • Only roles that the authenticated user has the Role:GetRole permission on will be returned.

Authorizations
AuthorizationstringRequired

Amigo issued JWT token that identifies an user. It's issued either after logging in through the frontend, or manually through the SignInWithAPIKey endpoint.

X-ORG-IDstringRequired

An optional organization identifier that indicates from which organization the token is issued. This is used in rare cases where the user to authenticate is making a request for resources in another organization.

Path parameters
organizationstringRequired
Query parameters
return_permission_grantsbooleanOptional

Whether to return permission grants.

Default: false
idstring[]Optional

The IDs of the roles to retrieve.

Default: []
namestring[]Optional

The names of the roles to retrieve.

Default: []
Header parameters
x-mongo-cluster-nameany ofOptional

The Mongo cluster name to perform this request in. This is usually not needed unless the organization does not exist yet in the Amigo organization infra config database.

stringOptional
or
nullOptional
Sec-WebSocket-Protocolstring[]OptionalDefault: []
Responses
chevron-right
200

Succeeded

application/json
get
/v1/{organization}/role/

hashtag
Create a role

post
/v1/{organization}/role/

Create a new role.

Permissions

This endpoint requires the following permissions:

  • Role:CreateRole for the role.

Authorizations
AuthorizationstringRequired

Amigo issued JWT token that identifies an user. It's issued either after logging in through the frontend, or manually through the SignInWithAPIKey endpoint.

X-ORG-IDstringRequired

An optional organization identifier that indicates from which organization the token is issued. This is used in rare cases where the user to authenticate is making a request for resources in another organization.

Path parameters
organizationstringRequired
Header parameters
x-mongo-cluster-nameany ofOptional

The Mongo cluster name to perform this request in. This is usually not needed unless the organization does not exist yet in the Amigo organization infra config database.

stringOptional
or
nullOptional
Sec-WebSocket-Protocolstring[]OptionalDefault: []
Body
role_namestring · min: 1 · max: 256Required

The name of the role to create. The role must have a max length of 256 characters.

descriptionstring · min: 1Required

A description about the role.

frontend_viewstring · enumRequired

The frontend view for users of this role.

Possible values:
Responses
post
/v1/{organization}/role/

hashtag
Modify a role

post
/v1/{organization}/role/{role_name}

Modify an existing role. The roles are modified in-place unless immutable fields are modified, in which case a new role with the same name is created, and all users/API keys assigned to the previous role are switched to the new role. The old role document will expire after 1 day.

Permissions

This endpoint requires the following permissions:

  • Role:ModifyRole for the role.

This endpoint may require the authenticated user to have great privileges than the new role if a new role document is created as a result of immutable field changes.

Authorizations
AuthorizationstringRequired

Amigo issued JWT token that identifies an user. It's issued either after logging in through the frontend, or manually through the SignInWithAPIKey endpoint.

X-ORG-IDstringRequired

An optional organization identifier that indicates from which organization the token is issued. This is used in rare cases where the user to authenticate is making a request for resources in another organization.

Path parameters
role_namestringRequired

The name of the role.

organizationstringRequired
Header parameters
x-mongo-cluster-nameany ofOptional

The Mongo cluster name to perform this request in. This is usually not needed unless the organization does not exist yet in the Amigo organization infra config database.

stringOptional
or
nullOptional
Sec-WebSocket-Protocolstring[]OptionalDefault: []
Body
descriptionany ofOptional

A description about the role. Only updated if specified. This field is a mutable field.

string · min: 1Optional
or
nullOptional
permission_grantsany ofOptional

A list of permission grants associated with this role. Only updated if specified. This field is an immutable field.

or
nullOptional
frontend_viewany ofOptional

The frontend view for the user of this role. Only updated if specified. This field is an immutable field.

string · enumOptionalPossible values:
or
nullOptional
Responses
chevron-right
200

Succeeded

application/json
post
/v1/{organization}/role/{role_name}

hashtag
Assign a role to user

post
/v1/{organization}/role/{role_name}/assign

Assign a role to a user.

Permissions

This endpoint requires the following permissions:

  • The authenticated user to have greater privileges than the role being assigned.

Authorizations
AuthorizationstringRequired

Amigo issued JWT token that identifies an user. It's issued either after logging in through the frontend, or manually through the SignInWithAPIKey endpoint.

X-ORG-IDstringRequired

An optional organization identifier that indicates from which organization the token is issued. This is used in rare cases where the user to authenticate is making a request for resources in another organization.

Path parameters
organizationstringRequired
role_namestringRequired

The name of the role to assign.

Header parameters
x-mongo-cluster-nameany ofOptional

The Mongo cluster name to perform this request in. This is usually not needed unless the organization does not exist yet in the Amigo organization infra config database.

stringOptional
or
nullOptional
Sec-WebSocket-Protocolstring[]OptionalDefault: []
Body
user_idstringRequired

The identifier of the user to assign the role to.

Responses
chevron-right
200

Succeeded

application/json
post
/v1/{organization}/role/{role_name}/assign
PreviousUserNextAdmin

Last updated

Was this helpful?