Protection

The API is protected with OAuth 2.0.
Token Endpoint: https://api.{landscapeHost}/oauth2/apitoken/v1
Supported grant types: Client Credentials Grant

To use this REST API, you need to get OAuth client credentials (client ID and secret) from SAP HANA Cloud Platform using the cockpit. After that, you need to pass the obtained client credentials to the SAP HANA Cloud Platform token endpoint to obtain an access token. In the requests to this API, include the access token as a header with name Authorization and value Bearer <token value>. The issued token is valid 25 minutes.

Users

Manage role and group assignments to the specified user.

get

Returns the roles assigned to the specified user in the specified account.

put

Assigns roles to the specified user in the specified account.

delete

Unassigns roles from the specified user.

get

Returns the groups assigned to the specified user in the specified account.

put

Assigns the groups in the request body to the specified user in the specified account.

delete

Unassigns groups from the specified user.

Groups

Manage groups and their assignments to users and roles witin the specified account.

get

Returns the list of the groups in the specified account.

post

Creates groups in the specified account.

delete

Deletes groups in the specified account.

get

Returns roles assigned to the specified group in the specified account.

put

Assigns the roles in the request body to the specified group in the specified account.

delete

Unassigns roles from the specified group in the specified account.

get

Returns users assigned to the specified group in the specified account.

put

Assigns the users in the request body to the specified group in the specified account.

delete

Unassigns users from the specified group in the specified account.

Roles

Manage roles and their assignments to users and groups in the specified account and application. Roles can either be deployed with the application or created via the API. Roles deployed with the application are visible for all subscriber accounts unless their shared flag is marked to false. Roles created via the API are visible only within the account for which they are created.

get

Returns the list of the roles in the specified account and application.

post

Creates custom roles in the specified account and application.

put

Modifies an application role in the specified account and application. Application roles are marked as shared by default. If the shared flag is marked as false assignment to this role can be created only in the provider account.

delete

Deletes custom roles in the specified account and application.

get

Returns users assigned to the specified role in the specified account and application.

put

Assigns the users in the request body to the specified role.

delete

Unassigns users from the specified role in the specified account and application.

get

Returns groups assigned to the specified role in the specified account and application.

put

Assigns the groups in the request body to the specified role in the specified account and application.

delete

Unassigns groups from the specified role in the specified account and application.