V1/role
Return a list of roles in this organization.
Permissions
This endpoint may be impacted by the following permissions:
Only roles that the authenticated user has the
Role:GetRolepermission on will be returned.
Whether to return permission grants.
falseThe ID of the role to get.
[]The name of the role to get.
[]The Mongo cluster name to perform this request in. This is usually not needed unless the organization does not exist yet in the Amigo organization infra config database.
[]Succeeded
Invalid authorization credentials.
Missing required permissions.
Specified organization is not found.
Invalid request path parameter or request query parameter failed validation.
The user has exceeded the rate limit of 20 requests per minute for this endpoint.
The service is going through temporary maintenance.
GET /v1/{organization}/role/ HTTP/1.1
Host: api.amigo.ai
Authorization: Bearer JWT
Accept: */*
{
"roles": [
{
"id": "text",
"name": "text",
"description": "text",
"frontend_view": "client",
"permission_grants": [
{
"action": "Allow",
"permission_name": "text",
"conditions": {
"ANY_ADDITIONAL_PROPERTY": {
"type": "Equals",
"value": null
}
},
"description": "text"
}
],
"inherited_from": "text",
"is_base_role": true
}
]
}Create a new role.
Permissions
This endpoint requires the following permissions:
Role:CreateRolefor the role.
The Mongo cluster name to perform this request in. This is usually not needed unless the organization does not exist yet in the Amigo organization infra config database.
[]The name of the role to create. The role must have a max length of 256 characters.
A description about the role.
The frontend view for users of this role.
Whether this role is a base role. Base roles cannot inherit from other roles. One can only inherit from base roles.
The ID of the role that this role inherits from.
^[a-f0-9]{24}$Succeeded
Invalid authorization credentials.
Missing required permissions.
Specified organization or inherited role is not found.
Role with the same name already exists in this organization.
Invalid request path parameter or request body failed validation.
The user has exceeded the rate limit of 20 requests per minute for this endpoint.
The service is going through temporary maintenance.
POST /v1/{organization}/role/ HTTP/1.1
Host: api.amigo.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 269
{
"role_name": "text",
"description": "text",
"permission_grants": [
{
"action": "Allow",
"permission_name": "text",
"conditions": {
"ANY_ADDITIONAL_PROPERTY": {
"type": "Equals",
"value": null
}
},
"description": "text"
}
],
"frontend_view": "client",
"is_base_role": true,
"inherited_from": "text"
}{
"role_id": "text"
}Modify an existing role. The roles are modified in-place unless immutable fields are modified, in which case a new role with the same name is created, and all users/API keys assigned to the previous role are switched to the new role. The old role document will expire after 1 day.
If a base role is updated, all of its dependent roles will also be updated (by creating a new version of it), and all users/API keys assigned to the role will be switched to the new role.
Permissions
This endpoint requires the following permissions:
Role:ModifyRolefor the role and, if it's a base role, all of its dependent roles.
This endpoint may require the authenticated user to have great privileges than the new role if a new role document is created as a result of immutable field changes.
The name of the role.
The Mongo cluster name to perform this request in. This is usually not needed unless the organization does not exist yet in the Amigo organization infra config database.
[]A description about the role. Only updated if specified. This field is a mutable field.
A list of permission grants associated with this role. Only updated if specified. This field is an immutable field.
The frontend view for the user of this role. Only updated if specified. This field is an immutable field.
The ID of the role that this role inherits from. Only updated if specified. This field is an immutable field.
{}^[a-f0-9]{24}$A specific type to indicate that a field is not set in the request.
Succeeded
Base roles cannot inherit from other roles.
Invalid authorization credentials.
Missing required permissions.
Specified organization, role, or inherited role is not found.
Invalid request path parameter or request body failed validation.
The user has exceeded the rate limit of 10 requests per minute for this endpoint.
The service is going through temporary maintenance.
POST /v1/{organization}/role/{role_name} HTTP/1.1
Host: api.amigo.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 230
{
"description": "text",
"permission_grants": [
{
"action": "Allow",
"permission_name": "text",
"conditions": {
"ANY_ADDITIONAL_PROPERTY": {
"type": "Equals",
"value": null
}
},
"description": "text"
}
],
"frontend_view": "client",
"inherited_from": "text"
}{
"role_id": "text"
}Assign a role to a user.
Permissions
This endpoint requires the following permissions:
The authenticated user to have greater privileges than the role being assigned.
The name of the role to assign.
The Mongo cluster name to perform this request in. This is usually not needed unless the organization does not exist yet in the Amigo organization infra config database.
[]The identifier of the user to assign the role to.
Succeeded
Invalid authorization credentials.
Missing required permissions.
Specified organization, role, or user is not found.
Invalid request path parameter or request body failed validation.
The user has exceeded the rate limit of 1000 requests per minute for this endpoint.
The service is going through temporary maintenance.
POST /v1/{organization}/role/{role_name}/assign HTTP/1.1
Host: api.amigo.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 18
{
"user_id": "text"
}{
"role_id": "text"
}Was this helpful?