RBAC API specification (14645aa7f5c9d3df1cdb2cdbe7ebd89dc7c6ff22)

Download OpenAPI specification:Download

The RBAC service implements a role based access control infrastructure to GroupAlarm.com

personal-access-token

PersonalAccessTokenList

Lists all personal access tokens created by the current user

Authorizations:
API_TokenPersonal-Access-Token

Responses

Response samples

Content type
application/json
[
  • {
    }
]

PersonalAccessTokenCreate

Creates a new personal access token for the current user

Authorizations:
API_TokenPersonal-Access-Token
Request Body schema: application/json
required
name
required
string

this token's display name

userID
required
integer <int64>

this token's user ID

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "userID": 0
}

Response samples

Content type
application/json
{
  • "id": 0,
  • "name": "string",
  • "token": "string",
  • "userID": 0
}

PersonalAccessTokenRegenerate

Regenerates an existing personal access token for the current user

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
id
required
integer

Responses

Response samples

Content type
application/json
{
  • "id": 0,
  • "name": "string",
  • "token": "string",
  • "userID": 0
}

PersonalAccessTokenDelete

Deletes the given personal access tokens

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
id
required
integer

Responses

roles

RoleList

Returns all roles with passed organization id

Authorizations:
API_TokenPersonal-Access-Token
query Parameters
organization_id
required
integer

Responses

Request samples

curl -XGET -H'Authorization: Bearer TOKEN' 'https://app.groupalarm.com/api/v1/roles'

Response samples

Content type
application/json
[
  • {
    }
]

RoleCreate

Creates a new role in passed organization id

Authorizations:
API_TokenPersonal-Access-Token
Request Body schema: application/json
assignUsersInChildOrganizations
boolean

Assigned users to this role can use this role in child organizations without being a participant

description
string

Optional description for this role

id
integer <int64> >= 1

ID for this role

inheritable
boolean

May this role be used in child-organizations

name
required
string

Name for this role

organizationID
required
integer <int64> >= 1

Connected organization ID

type
string

Definition of default organization roles

Responses

Request samples

Content type
application/json
{
  • "assignUsersInChildOrganizations": true,
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

Response samples

Content type
application/json
{
  • "assignUsersInChildOrganizations": true,
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

RoleGet

Get specific role with passed ID

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
roleID
required
integer

Responses

Response samples

Content type
application/json
{
  • "assignUsersInChildOrganizations": true,
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

RoleDelete

Delete specific role with passed ID

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
roleID
required
integer

Responses

RoleUpdate

Update specific role with passed ID

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
roleID
required
integer
Request Body schema: application/json
assignUsersInChildOrganizations
boolean

Assigned users to this role can use this role in child organizations without being a participant

description
string

Optional description for this role

id
integer <int64> >= 1

ID for this role

inheritable
boolean

May this role be used in child-organizations

name
required
string

Name for this role

organizationID
required
integer <int64> >= 1

Connected organization ID

type
string

Definition of default organization roles

Responses

Request samples

Content type
application/json
{
  • "assignUsersInChildOrganizations": true,
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

Response samples

Content type
application/json
{
  • "assignUsersInChildOrganizations": true,
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

roleaccess

GetROConfiguration

Returns the current configuration of the default read-only role

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
organizationID
required
integer

ID of an organization

Responses

Response samples

Content type
application/json
{
  • "alarmAllowed": true
}

UpdateROConfiguration

Updates the read-only role configuration for a specific organization

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
organizationID
required
integer

ID of an organization

Request Body schema: application/json
required

new configuration for the read-only role of the organization

alarmAllowed
boolean

Responses

Request samples

Content type
application/json
{
  • "alarmAllowed": true
}

RoleAccessList

List all assigned accesses for the passed roleID

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
roleID
required
integer
query Parameters
organization_id
integer

must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used

Responses

Response samples

Content type
application/json
[
  • {
    }
]

RoleAccessCreate

Creates a role access definition

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
roleID
required
integer
query Parameters
organization_id
integer

must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used

Request Body schema: application/json
required
endpoints
required
Array of strings

Concerning endpoints/services

id
integer <int64> >= 1

ID of this role access

methods
required
Array of strings

Allowed HTTP methods

roleID
integer <int64> >= 1

ID of the role

Responses

Request samples

Content type
application/json
{
  • "endpoints": [
    ],
  • "id": 1,
  • "methods": [
    ],
  • "roleID": 1
}

Response samples

Content type
application/json
{
  • "endpoints": [
    ],
  • "id": 1,
  • "methods": [
    ],
  • "roleID": 1
}

RoleAccessDelete

Creates an role access definition

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
roleID
required
integer
roleAccessID
required
integer
query Parameters
organization_id
integer

must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used

Responses

RoleAccessUpdate

Updates a role access definition

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
roleID
required
integer
roleAccessID
required
integer
query Parameters
organization_id
integer

must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used

Request Body schema: application/json
required
endpoints
required
Array of strings

Concerning endpoints/services

id
integer <int64> >= 1

ID of this role access

methods
required
Array of strings

Allowed HTTP methods

roleID
integer <int64> >= 1

ID of the role

Responses

Request samples

Content type
application/json
{
  • "endpoints": [
    ],
  • "id": 1,
  • "methods": [
    ],
  • "roleID": 1
}

Response samples

Content type
application/json
{
  • "endpoints": [
    ],
  • "id": 1,
  • "methods": [
    ],
  • "roleID": 1
}

userroles

UserRoleList

List all assigned user for passed roleID

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
roleID
required
integer
query Parameters
organization
integer

Responses

Response samples

Content type
application/json
[
  • {
    }
]

UserRoleCreate

Create a user to role assignment

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
roleID
required
integer
Request Body schema: application/json
required
organizationID
integer <int64>

ID of the organization in which the role should be assigned

roleID
required
integer <int64> >= 1

ID of the role

userID
required
integer <int64> >= 1

ID of the user

Responses

Request samples

Content type
application/json
{
  • "organizationID": 0,
  • "roleID": 1,
  • "userID": 1
}

DeleteUserRole

Deletes an user-role assignment for the passed IDs

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
roleID
required
integer
userID
required
integer
query Parameters
organization
integer

Responses

GetUserRoles

Returns all roles for the current logged in user (JWT-TOKEN)

Authorizations:
API_TokenPersonal-Access-Token
Request Body schema: application/json
required
organizationID
integer <int64>

ID of the organization in which the role should be assigned

roleID
required
integer <int64> >= 1

ID of the role

userID
required
integer <int64> >= 1

ID of the user

Responses

Request samples

Content type
application/json
{
  • "organizationID": 0,
  • "roleID": 1,
  • "userID": 1
}

services

ServicesList

List all up and running services from GroupAlarm.com

Authorizations:
API_TokenPersonal-Access-Token

Responses

Response samples

Content type
application/json
[
  • {
    }
]

settings

GetRBACSettings

Returns the current organization settings for the rbac service

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
organizationID
required
integer

Responses

Response samples

Content type
application/json
{
  • "restrictedRoleAssignment": true
}

UpsertRBACSettings

Updates the organization settings for the rbac service

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
organizationID
required
integer
Request Body schema: application/json
required
restrictedRoleAssignment
boolean

Responses

Request samples

Content type
application/json
{
  • "restrictedRoleAssignment": true
}

organization-token

OrganizationTokenList

Lists all organization tokens created for the given organization

Authorizations:
API_TokenPersonal-Access-Token
query Parameters
organization
required
integer

Responses

Response samples

Content type
application/json
[
  • {
    }
]

OrganizationTokenCreate

Creates a new organization token with the given data

Authorizations:
API_TokenPersonal-Access-Token
Request Body schema: application/json
required
isSuperToken
boolean

true to mark the token as SuperToken that can also be used for child organizations; false otherwise

name
required
string

this token's display name

organizationID
required
integer <int64>

this token's organization ID

Responses

Request samples

Content type
application/json
{
  • "isSuperToken": true,
  • "name": "string",
  • "organizationID": 0
}

Response samples

Content type
application/json
{
  • "id": 0,
  • "isSuperToken": true,
  • "name": "string",
  • "organizationID": 0,
  • "token": "string"
}

OrganizationTokenRegenerate

Regenerates an existing organization token

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
id
required
integer

Responses

Response samples

Content type
application/json
{
  • "id": 0,
  • "isSuperToken": true,
  • "name": "string",
  • "organizationID": 0,
  • "token": "string"
}

OrganizationTokenDelete

Deletes the given organization token

Authorizations:
API_TokenPersonal-Access-Token
path Parameters
id
required
integer

Responses