Authorization Management API documentation
version v1

https://api.{landscapeHost}/authorization/v1

The authorization management REST API provides functionality to manage roles and their assignments to users. Roles can be provided within the web.xml or web-fragment.xml and will be extracted during the deployment of the application. Roles deployed with the application are visible for all subscriber accounts unless their shared flag is marked to false. Roles can also be created on subscription level. Assignments for those roles can be established only in the same subscription.

Protection

The API is protected with OAuth 2.0.
Token Endpoint: https://api.{landscapeHost}/oauth2/apitoken/v1
Supported grant types: Client Credentials Grant

To use this REST API, you need to get OAuth client credentials (client ID and secret) from SAP BTP using the cockpit. After that, you need to pass the obtained client credentials to the SAP BTP token endpoint to obtain an access token. In the requests to this API, include the access token as a header with name Authorization and value Bearer <token value>. The issued token is valid 25 minutes.

Users

Manage role and group assignments to the specified user.

/accounts/{accountName}/users/roles get put delete

get

Returns the roles assigned to the specified user in the specified account.

put

Assigns roles to the specified user in the specified account.

delete

Unassigns roles from the specified user.

Returns the roles assigned to the specified user in the specified account.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Query Parameters

userId: required (string)
The id of the user whose assignments are retrieved.
Example:
```
user1
```

HTTP status code 200

Returns the roles assigned to the specified user in the specified account.

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Roles list",
  "properties": {
    "roles": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "applicationName",
          "name"
        ],
        "properties": {
          "applicationName": {
            "type": "string"
          },
          "name": {
            "type": "string"
          },
          "providerAccount": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "roles": [
    {
      "applicationName": "demo",                        
      "name": "developer",
      "providerAccount": "securitytest"                        
    }, 
    {
      "applicationName": "appl",                        
      "name": "producer",
      "providerAccount": "test_account"                        
    }
  ]
}

HTTP status code 400

This response is returned in one of the following cases:

User id is not passed in the request.
The specified account is invalid.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "User id is not passed in the request."
}
{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "The specified account is invalid."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Assigns roles to the specified user in the specified account.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Query Parameters

userId: required (string)
The id of the user whose assignments are changed.
Example:
```
user1
```

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Roles list",
  "properties": {
    "roles": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "applicationName",
          "name"
        ],
        "properties": {
          "applicationName": {
            "type": "string"
          },
          "name": {
            "type": "string"
          },
          "providerAccount": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "roles": [
    {
      "applicationName": "demo",                        
      "name": "developer",
      "providerAccount": "securitytest"                        
    }, 
    {
      "applicationName": "appl",                        
      "name": "producer",
      "providerAccount": "test_account"                        
    }
  ]
}

HTTP status code 201

All roles are assigned to the user successfully.

HTTP status code 400

This response is returned in one of the following cases:

User id is not passed in the request.
The specified account is invalid.
Some of the specified roles are invalid.
Empty or invalid json content.

In all of these cases no assignments are created as a result of this request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "User id is not passed in the request."
}
{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Some of the specified roles are invalid"
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Unassigns roles from the specified user.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Query Parameters

userId: required (string)
The id of the user whose assignments are deleted.
Example:
```
user1
```
roles: required (string)
List of roles, separated with semicolon (;). A role is defined by the role name and the application name for which it is defined separated by @ symbol. The application is defined by the provider account name and the application name separated with column (:). Special symbols are semicolon (;), at (@), column (:) and backslash (\). If any of the role names contain these symbols, escape the symbols with a preceding backslash (\): '\;' or '\@' or '\:' or '\'. If the value is (*) ALL assignments are deleted.
Example:
```
roles=admin@account1:app1;developer@account1:app2
```

HTTP status code 200

The specified roles are unassigned from the specified user successfully.

HTTP status code 400

This response is returned in one of the following cases:

User id is not passed in the request.
The roles parameter is not passed in the request.
The specified role is invalid.
The specified account is invalid.

In all of these cases no assignments are deleted as a result of this request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "The specified role is invalid."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

/accounts/{accountName}/users/groups get put delete

get

Returns the groups assigned to the specified user in the specified account.

put

Assigns the groups in the request body to the specified user in the specified account.

delete

Unassigns groups from the specified user.

Returns the groups assigned to the specified user in the specified account.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Query Parameters

userId: required (string)
The id of the user whose assignments are retrieved.
Example:
```
user1
```

HTTP status code 200

Returns the groups assigned the specified user in the specified account.

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "properties": {
    "groups": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "name"
        ],
        "properties": {
          "name": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "groups": [
    {
      "name": "admins"
    }, 
    {
      "name": "developers"
    }
  ]
}

HTTP status code 400

This response is returned in one of the following cases:

User id is not passed in the request.
The specified account is invalid.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "User id is not passed in the request."
}
{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "The specified account is invalid."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Assigns the groups in the request body to the specified user in the specified account.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Query Parameters

userId: required (string)
The id of the user whose assignments are changed.
Example:
```
user1
```

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "properties": {
    "groups": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "name"
        ],
        "properties": {
          "name": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "groups": [
    {
      "name": "admins"
    }, 
    {
      "name": "developers"
    }
  ]
}

HTTP status code 201

All roles are assigned to the user successfully.

HTTP status code 400

This response is returned in one of the following cases:

User id is not passed in the request.
The specified account is invalid.
Some of the specified groups are invalid.
Empty or invalid json content.

In all of these cases no assignments are created during this call.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "User id is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Unassigns groups from the specified user.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Query Parameters

userId: required (string)
The id of the user whose assignments are deleted.
Example:
```
user1
```
groups: required (string)
List of groups, separated with semicolon (;). If any of the groups' names contains ';' it must be escaped by '\;'. Symbol '\' must be escaped with '\'. If the value is * ALL assignments are deleted.
Example:
```
groups=admins;developers
```

HTTP status code 200

All specified groups are unassigned from the specified user successfully.

HTTP status code 400

This response is returned in one of the following cases:

User id is not passed in the request.
The groups parameter is not passed in the request.
The specified group is invalid.
The specified account is invalid.

In all of these cases no assignments are deleted as a result of this request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "The specified group is invalid."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Groups

Manage groups and their assignments to users and roles witin the specified account.

/accounts/{accountName}/groups get post delete

get

Returns the list of the groups in the specified account.

post

Creates groups in the specified account.

delete

Deletes groups in the specified account.

Returns the list of the groups in the specified account.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "properties": {
    "groups": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "name"
        ],
        "properties": {
          "name": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "groups": [
    {
      "name": "admins"
    }, 
    {
      "name": "developers"
    }
  ]
}

HTTP status code 400

The specified account is invalid.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "The specified account is invalid."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Creates groups in the specified account.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "properties": {
    "groups": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "name"
        ],
        "properties": {
          "name": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "groups": [
    {
      "name": "admins"
    }, 
    {
      "name": "developers"
    }
  ]
}

HTTP status code 201

All groups are created successfully.

HTTP status code 400

This response is returned in one of the following cases:

The specified account is invalid.
Some of the specified groups are invalid.
Empty or invalid json content.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "The specified account is invalid."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Deletes groups in the specified account.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Query Parameters

groups: required (string)
List of groups, separated with semicolon (;). If any of the groups' names contains ';' it must be escaped by '\;'. Symbol '\' must be escaped with '\'.
Example:
```
groups=admins;developers
```

HTTP status code 200

All groups are deleted.

HTTP status code 400

This response is returned in one of the following cases:

Groups parameter is not passed in the request.
The specified account is invalid.
Some of the specified groups are invalid, does not exist or have existing assignments.

In all of these cases no groups are deleted during this call.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Groups parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

/accounts/{accountName}/groups/roles get put delete

get

Returns roles assigned to the specified group in the specified account.

put

Assigns the roles in the request body to the specified group in the specified account.

delete

Unassigns roles from the specified group in the specified account.

Returns roles assigned to the specified group in the specified account.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Query Parameters

groupName: required (string)
The name of the group.
Example:
```
adminsGroup
```

HTTP status code 200

Returns the roles assigned to the specified group.

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Roles list",
  "properties": {
    "roles": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "applicationName",
          "name"
        ],
        "properties": {
          "applicationName": {
            "type": "string"
          },
          "name": {
            "type": "string"
          },
          "providerAccount": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "roles": [
    {
      "applicationName": "demo",                        
      "name": "developer",
      "providerAccount": "securitytest"                        
    }, 
    {
      "applicationName": "appl",                        
      "name": "producer",
      "providerAccount": "test_account"                        
    }
  ]
}

HTTP status code 400

This response is returned in one of the following cases:

GroupName parameter is not passed in the request or the group does not exist.
The specified account is invalid.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "GroupName parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Assigns the roles in the request body to the specified group in the specified account.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Query Parameters

groupName: required (string)
The name of the group.
Example:
```
adminsGroup
```

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Roles list",
  "properties": {
    "roles": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "applicationName",
          "name"
        ],
        "properties": {
          "applicationName": {
            "type": "string"
          },
          "name": {
            "type": "string"
          },
          "providerAccount": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "roles": [
    {
      "applicationName": "demo",                        
      "name": "developer",
      "providerAccount": "securitytest"                        
    }, 
    {
      "applicationName": "appl",                        
      "name": "producer",
      "providerAccount": "test_account"                        
    }
  ]
}

HTTP status code 201

All roles are assigned to the specifieds group successfully.

HTTP status code 400

This response is returned in one of the following cases:

GroupName parameter is not passed in the request.
The specified account is invalid.
Some of the specified roles are invalid.
Empty or invalid json content.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "GroupName parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Unassigns roles from the specified group in the specified account.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Query Parameters

groupName: required (string)
The name of the group.
Example:
```
adminsGroup
```
roles: required (string)
List of roles, separated with semicolon (;). A role is defined by the role name and the application name for which it is defined separated by @ symbol. The application is defined by the provider account name and the application name separated with column (:). Special symbols are semicolon (;), at (@), column (:) and backslash (\). If any of the role names contain these symbols, escape the symbols with a preceding backslash (\): '\;' or '\@' or '\:' or '\'. If the value is (*) ALL assignments are deleted.
Example:
```
roles=admin@account1:app1;developer@account1:app2
```

HTTP status code 200

All roles are unassigned from the specified group successfully.

HTTP status code 400

This response is returned in one of the following cases:

GroupName parameter is not passed in the request.
Roles parameter is not passed in the request.
The specified account is invalid.
The specified role is invalid.

In all of these cases no assignments are deleted as a result of this request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "GroupName parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

/accounts/{accountName}/groups/users get put delete

get

Returns users assigned to the specified group in the specified account.

put

Assigns the users in the request body to the specified group in the specified account.

delete

Unassigns users from the specified group in the specified account.

Returns users assigned to the specified group in the specified account.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Query Parameters

groupName: required (string)
The name of the group.
Example:
```
adminsGroup
```

HTTP status code 200

Returns the users assigned to the requested group. If such a group cannot be found, the roles array in the response body is empty.

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "required": [ "users" ],
  "properties": {
    "users": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "name"
        ],
        "properties": {
          "name": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "users": [
    {
      "name" : "p124174"
    },
    {
      "name" : "p1160370"
    }
  ]
}

HTTP status code 400

This response is returned in one of the following cases:

GroupName parameter is not passed in the request or the group does not exist.
The specified account is invalid.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "GroupName parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Assigns the users in the request body to the specified group in the specified account.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Query Parameters

groupName: required (string)
The name of the group.
Example:
```
adminsGroup
```

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "required": [ "users" ],
  "properties": {
    "users": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "name"
        ],
        "properties": {
          "name": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "users": [
    {
      "name" : "p124174"
    },
    {
      "name" : "p1160370"
    }
  ]
}

HTTP status code 201

All users are assigned to the specified group successfully.

HTTP status code 400

This response is returned in one of the following cases:

GroupName parameter is not passed in the request or the group does not exist.
The specified account is invalid.
Some of the specified users are invalid.
Empty or invalid json content.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "GroupName parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Unassigns users from the specified group in the specified account.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)

Query Parameters

groupName: required (string)
The name of the group.
Example:
```
adminsGroup
```
users: (string)
List of users, separated with semicolon(;).If any of the roles' names contains ';' it must be escaped by '\;'. Symbol '\' must be escaped with '\'. If the value is * ALL assignments are deleted.
Example:
```
users=p124174;p1160370
```

HTTP status code 200

All users are unassigned from the specified group successfully.

HTTP status code 400

This response is returned in one of the following cases:

GroupName parameter is not passed in the request.
Users parameter is not passed in the request.
The specified account is invalid.

In all of these cases no assignments are deleted as a result of this request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "GroupName parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 400

This response is returned in one of the following cases:

GroupName parameter is not passed in the request or the group does not exist.
The specified account is invalid.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "GroupName parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Roles

Manage roles and their assignments to users and groups in the specified account and application. Roles can either be deployed with the application or created via the API. Roles deployed with the application are visible for all subscriber accounts unless their shared flag is marked to false. Roles created via the API are visible only within the account for which they are created.

/accounts/{accountName}/apps/{appName}/roles get post put delete

get

Returns the list of the roles in the specified account and application.

post

Creates custom roles in the specified account and application.

put

Modifies an application role in the specified account and application. Application roles are marked as shared by default. If the shared flag is marked as false assignment to this role can be created only in the provider account.

delete

Deletes custom roles in the specified account and application.

Returns the list of the roles in the specified account and application.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)
appName: required (string)

Query Parameters

providerAccount: (string)
Provider account; if it is specified - URI parameter accountName is the consumer account; if it is not specified - the provider and consumer account are the same and are specified as the URI parameter accountName.
Example:
```
securitytest
```

HTTP status code 200

Returns the list of the roles in the specified account and application.

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "required": [
    "roles"
  ],
  "properties": {
    "roles": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "applicationRole",
          "name"
        ],
        "properties": {
          "name": {
            "type": "string"
          },
          "applicationRole": {
            "type": "boolean"
          },
          "shared": {
            "type": "boolean"
          }
        }
      }
    }
  }
}

Example:

{
  "roles" : [
    {
      "name" : "developer",
      "shared" : true,
      "applicationRole" : true
    },
    {
      "name" : "admin",
      "shared" : false,
      "applicationRole" : true
    },
    {
      "name" : "supporter",
      "shared" : false,
      "applicationRole" : false
    }                  
  ]
}

HTTP status code 400

The specified account is invalid.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "The specified account is invalid."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Creates custom roles in the specified account and application.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)
appName: required (string)

Query Parameters

providerAccount: (string)
Provider account; if it is specified - URI parameter accountName is the consumer account; if it is not specified - the provider and consumer account are the same and are specified as the URI parameter accountName.
Example:
```
securitytest
```

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "required": ["roles"],
  "properties": {
    "roles": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "name"
        ],
        "properties": {
          "name": {
              "type": "string"
          }
        }
      }    
    }
  }
}

Example:

{
  "roles": [
    {
      "name" : "managerRole"
    }, 
    {
      "name" : "adminRole"
    }
  ]
}

HTTP status code 201

All roles are created successfully.

HTTP status code 400

This response is returned in one of the following cases:

Some of the specified roles are invalid.
Empty or invalid json content.
The specified account is invalid.

In all of these cases no roles are created as a result of this request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "The specified account is invalid."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)
appName: required (string)

Query Parameters

providerAccount: (string)
Provider account; if it is specified - URI parameter accountName is the consumer account; if it is not specified - the provider and consumer account are the same and are specified as the URI parameter accountName.
Example:
```
securitytest
```
roleName: required (string)
Role name
Example:
```
roleName=adminRole
```

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "required": ["shared"],
  "properties": {
    "shared": {
      "type": "boolean"    
    }
  }
}

Example:

{
  "shared" : "false"
}

HTTP status code 200

The specified application role is updated successfully.

HTTP status code 400

This response is returned in one of the following cases:

Shared value in the json content is different than boolean.
Empty or invalid json content.
The specified account is invalid.

In all of these cases no updated is done as a result of this request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "The specified account is invalid."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Deletes custom roles in the specified account and application.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)
appName: required (string)

Query Parameters

providerAccount: (string)
Provider account; if it is specified - URI parameter accountName is the consumer account; if it is not specified - the provider and consumer account are the same and are specified as the URI parameter accountName.
Example:
```
securitytest
```
roles: required (string)
List of roles, separated with semicolon (;). If any of the roles' names contains ';' it must be escaped by '\;'. Symbol '\' must be escaped with '\'.
Example:
```
roles=admin;developer
```

HTTP status code 200

All roles are successfully deleted.

HTTP status code 400

This response is returned in one of the following cases:

Roles parameter is not passed in the request.
Some of the specified roles have existing assignments.
The specified account is invalid.

In all of these cases no assignments are deleted as a result of this call.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Roles parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

/accounts/{accountName}/apps/{appName}/roles/users get put delete

get

Returns users assigned to the specified role in the specified account and application.

put

Assigns the users in the request body to the specified role.

delete

Unassigns users from the specified role in the specified account and application.

Returns users assigned to the specified role in the specified account and application.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)
appName: required (string)

Query Parameters

providerAccount: (string)
Provider account; if it is specified - URI parameter accountName is the consumer account; if it is not specified - the provider and consumer account are the same and are specified as the URI parameter accountName.
Example:
```
securitytest
```
roleName: required (string)
Role name
Example:
```
managersRoles
```

HTTP status code 200

Returns the users assigned to the specified role.

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "required": [ "users" ],
  "properties": {
    "users": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "name"
        ],
        "properties": {
          "name": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "users": [
    {
      "name" : "p124174"
    },
    {
      "name" : "p1160370"
    }
  ]
}

HTTP status code 400

This response is returned in one of the following cases:

RoleName parameter is not passed in the request or the role does not exist.
The specified account is invalid.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "RoleName parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Assigns the users in the request body to the specified role.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)
appName: required (string)

Query Parameters

providerAccount: (string)
Provider account; if it is specified - URI parameter accountName is the consumer account; if it is not specified - the provider and consumer account are the same and are specified as the URI parameter accountName.
Example:
```
securitytest
```
roleName: required (string)
Role name
Example:
```
managersRoles
```

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "required": [ "users" ],
  "properties": {
    "users": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "name"
        ],
        "properties": {
          "name": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "users": [
    {
      "name" : "p124174"
    },
    {
      "name" : "p1160370"
    }
  ]
}

HTTP status code 201

All users are assigned to the specified role successfully.

HTTP status code 400

This response is returned in one of the following cases:

RoleName parameter is not passed in the request or the role does not exist.
Empty or invalid json content.
The specified account is invalid.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "RoleName parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Unassigns users from the specified role in the specified account and application.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)
appName: required (string)

Query Parameters

providerAccount: (string)
Provider account; if it is specified - URI parameter accountName is the consumer account; if it is not specified - the provider and consumer account are the same and are specified as the URI parameter accountName.
Example:
```
securitytest
```
roleName: required (string)
Role name
Example:
```
managersRoles
```
users: (string)
List of users, separated with semicolon(;).If any of the roles' names contains ';' it must be escaped by '\;'. Symbol '\' must be escaped with '\'. If the value is * ALL assignments are deleted.
Example:
```
users=p124174;p1160370
```

HTTP status code 200

All users are unassigned from the specified role successfully.

HTTP status code 400

This response is returned in one of the following cases:

RoleName parameter is not passed in the request.
Users parameter is not passed in the request.
The specified account is invalid.

In all of these cases no assignments are deleted as a result of this request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "RoleName parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

/accounts/{accountName}/apps/{appName}/roles/groups get put delete

get

Returns groups assigned to the specified role in the specified account and application.

put

Assigns the groups in the request body to the specified role in the specified account and application.

delete

Unassigns groups from the specified role in the specified account and application.

Returns groups assigned to the specified role in the specified account and application.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)
appName: required (string)

Query Parameters

providerAccount: (string)
Provider account; if it is specified - URI parameter accountName is the consumer account; if it is not specified - the provider and consumer account are the same and are specified as the URI parameter accountName.
Example:
```
securitytest
```
roleName: required (string)
Role name
Example:
```
managersRoles
```

HTTP status code 200

Returns all groups assigned to the specified role.

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "properties": {
    "groups": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "name"
        ],
        "properties": {
          "name": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "groups": [
    {
      "name": "admins"
    }, 
    {
      "name": "developers"
    }
  ]
}

HTTP status code 400

This response is returned in one of the following cases:

RoleName parameter is not passed in the request or the role does not exist.
The specified account is invalid.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "RoleName parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Assigns the groups in the request body to the specified role in the specified account and application.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)
appName: required (string)

Query Parameters

providerAccount: (string)
Provider account; if it is specified - URI parameter accountName is the consumer account; if it is not specified - the provider and consumer account are the same and are specified as the URI parameter accountName.
Example:
```
securitytest
```
roleName: required (string)
Role name
Example:
```
managersRoles
```

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "properties": {
    "groups": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "name"
        ],
        "properties": {
          "name": {
            "type": "string"
          }
        }
      }
    }
  }
}

Example:

{
  "groups": [
    {
      "name": "admins"
    }, 
    {
      "name": "developers"
    }
  ]
}

HTTP status code 201

All roles are assigned to the user successfully.

HTTP status code 400

This response is returned in one of the following cases:

RoleName parameter is not passed in the request or the role does not exist.
Empty or invalid json content.
The specified account is invalid.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "RoleName parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Unassigns groups from the specified role in the specified account and application.

Secured by OAuth 2.0

OAuth Authentication Description

Request
Response

URI Parameters

accountName: required (string)
appName: required (string)

Query Parameters

providerAccount: (string)
Provider account; if it is specified - URI parameter accountName is the consumer account; if it is not specified - the provider and consumer account are the same and are specified as the URI parameter accountName.
Example:
```
securitytest
```
roleName: required (string)
Role name
Example:
```
managersRoles
```
groups: required (string)
List of groups, separated with semicolon (;). If any of the groups' names contains ';' it must be escaped by '\;'. Symbol '\' must be escaped with '\'. If the value is * ALL assignments are deleted.
Example:
```
groups=admins;developers
```

HTTP status code 200

All groups are unassigned from the specified role successfully.

HTTP status code 400

This response is returned in one of the following cases:

RoleName parameter is not passed in the request or the role does not exist.
Groups parameter is not passed in the request.
The specified account is invalid.

In all of these cases no assignments are deleted as a result of this request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "RoleName parameter is not passed in the request."
}

HTTP status code 401

This response is returned in one of the following cases:

The provided token is not valid. It might have expired. If so, request a new token.
The specified account does not exist.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 403

The provided token has insufficient privileges. The token may have been issued for another account. Check the account specified in the request.

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Invalid credentials."
}

HTTP status code 500

Internal server error

Body

Type: application/json

Schema:

{  
  "$schema": "http://json-schema.org/draft-03/schema",
  "type": "object",
  "description": "Error response",
  "properties": {
    "code":  { 
      "type": "string" },
      "description":  { "type": "string" }         
    },
    "required": [ "code", "description" ]
}

Example:

{
  "code": "2e5d1d0f-810f-407e-a1d0-ceb5a92e1e1d",
  "description": "Internal server error."
}

HTTP status code 503

Service is currently unavailable

Authorization Management API documentationversion v1

Protection

Users

/accounts/{accountName}/users/roles get put delete

get /accounts/{accountName}/users/roles

URI Parameters

Query Parameters

HTTP status code 200

Body

HTTP status code 400

Body

HTTP status code 401

Body

HTTP status code 403

Body

HTTP status code 500

Body

HTTP status code 503

put /accounts/{accountName}/users/roles

URI Parameters

Query Parameters

Body

HTTP status code 201

HTTP status code 400

Body

HTTP status code 401

Body

HTTP status code 403

Body

HTTP status code 500

Body

HTTP status code 503

delete /accounts/{accountName}/users/roles

URI Parameters

Query Parameters

HTTP status code 200

HTTP status code 400

Body

HTTP status code 401

Body

HTTP status code 403

Body

HTTP status code 500

Body

HTTP status code 503

/accounts/{accountName}/users/groups get put delete

get /accounts/{accountName}/users/groups

URI Parameters

Query Parameters

HTTP status code 200

Body

HTTP status code 400

Body

HTTP status code 401

Body

HTTP status code 403

Body

HTTP status code 500

Body

HTTP status code 503

put /accounts/{accountName}/users/groups

URI Parameters

Query Parameters

Body

HTTP status code 201

HTTP status code 400

Body

HTTP status code 401

Body

HTTP status code 403

Body

HTTP status code 500

Body

HTTP status code 503

delete /accounts/{accountName}/users/groups

URI Parameters

Query Parameters

HTTP status code 200

HTTP status code 400

Body

Authorization Management API documentation
version v1