RBAC API specification (35d0dee47227f4f43bd26a403000ab94c5d128b3)
Download OpenAPI specification:Download
The RBAC service implements a role based access control infrastructure to GroupAlarm.com
PersonalAccessTokenCreate
Creates a new personal access token for the current user
Authorizations:
Request Body schema: application/jsonrequired
| name required | string this token's display name |
| userID required | integer <int64> this token's user ID |
Responses
Request samples
- Payload
{- "name": "string",
- "userID": 0
}Response samples
- 201
{- "id": 0,
- "name": "string",
- "token": "string",
- "userID": 0
}RoleList
Returns all roles with passed organization id
Authorizations:
query Parameters
| organization_id required | integer |
Responses
Request samples
- curl
curl -XGET -H'Authorization: Bearer TOKEN' 'https://app.groupalarm.com/api/v1/roles'
Response samples
- 200
[- {
- "assignUsersInChildOrganizations": true,
- "description": "string",
- "id": 1,
- "inheritable": true,
- "name": "string",
- "organizationID": 1,
- "type": "string"
}
]RoleCreate
Creates a new role in passed organization id
Authorizations:
Request Body schema: application/json
| assignUsersInChildOrganizations | boolean Assigned users to this role can use this role in child organizations without being a participant |
| description | string Optional description for this role |
| id | integer <int64> >= 1 ID for this role |
| inheritable | boolean May this role be used in child-organizations |
| name required | string Name for this role |
| organizationID required | integer <int64> >= 1 Connected organization ID |
| type | string Definition of default organization roles |
Responses
Request samples
- Payload
{- "assignUsersInChildOrganizations": true,
- "description": "string",
- "id": 1,
- "inheritable": true,
- "name": "string",
- "organizationID": 1,
- "type": "string"
}Response samples
- 201
{- "assignUsersInChildOrganizations": true,
- "description": "string",
- "id": 1,
- "inheritable": true,
- "name": "string",
- "organizationID": 1,
- "type": "string"
}RoleGet
Get specific role with passed ID
Authorizations:
path Parameters
| roleID required | integer |
Responses
Response samples
- 200
{- "assignUsersInChildOrganizations": true,
- "description": "string",
- "id": 1,
- "inheritable": true,
- "name": "string",
- "organizationID": 1,
- "type": "string"
}RoleUpdate
Update specific role with passed ID
Authorizations:
path Parameters
| roleID required | integer |
Request Body schema: application/json
| assignUsersInChildOrganizations | boolean Assigned users to this role can use this role in child organizations without being a participant |
| description | string Optional description for this role |
| id | integer <int64> >= 1 ID for this role |
| inheritable | boolean May this role be used in child-organizations |
| name required | string Name for this role |
| organizationID required | integer <int64> >= 1 Connected organization ID |
| type | string Definition of default organization roles |
Responses
Request samples
- Payload
{- "assignUsersInChildOrganizations": true,
- "description": "string",
- "id": 1,
- "inheritable": true,
- "name": "string",
- "organizationID": 1,
- "type": "string"
}Response samples
- 200
{- "assignUsersInChildOrganizations": true,
- "description": "string",
- "id": 1,
- "inheritable": true,
- "name": "string",
- "organizationID": 1,
- "type": "string"
}UpdateROConfiguration
Updates the read-only role configuration for a specific organization
Authorizations:
path Parameters
| organizationID required | integer ID of an organization |
Request Body schema: application/jsonrequired
new configuration for the read-only role of the organization
| alarmAllowed | boolean |
Responses
Request samples
- Payload
{- "alarmAllowed": true
}RoleAccessList
List all assigned accesses for the passed roleID
Authorizations:
path Parameters
| roleID required | integer |
query Parameters
| organization_id | integer must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used |
Responses
Response samples
- 200
[- {
- "endpoints": [
- "string"
], - "id": 1,
- "methods": [
- "string"
], - "roleID": 1
}
]RoleAccessCreate
Creates a role access definition
Authorizations:
path Parameters
| roleID required | integer |
query Parameters
| organization_id | integer must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used |
Request Body schema: application/jsonrequired
| endpoints required | Array of strings Concerning endpoints/services |
| id | integer <int64> >= 1 ID of this role access |
| methods required | Array of strings Allowed HTTP methods |
| roleID | integer <int64> >= 1 ID of the role |
Responses
Request samples
- Payload
{- "endpoints": [
- "string"
], - "id": 1,
- "methods": [
- "string"
], - "roleID": 1
}Response samples
- 201
{- "endpoints": [
- "string"
], - "id": 1,
- "methods": [
- "string"
], - "roleID": 1
}RoleAccessDelete
Creates an role access definition
Authorizations:
path Parameters
| roleID required | integer |
| roleAccessID required | integer |
query Parameters
| organization_id | integer must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used |
Responses
RoleAccessUpdate
Updates a role access definition
Authorizations:
path Parameters
| roleID required | integer |
| roleAccessID required | integer |
query Parameters
| organization_id | integer must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used |
Request Body schema: application/jsonrequired
| endpoints required | Array of strings Concerning endpoints/services |
| id | integer <int64> >= 1 ID of this role access |
| methods required | Array of strings Allowed HTTP methods |
| roleID | integer <int64> >= 1 ID of the role |
Responses
Request samples
- Payload
{- "endpoints": [
- "string"
], - "id": 1,
- "methods": [
- "string"
], - "roleID": 1
}Response samples
- 200
{- "endpoints": [
- "string"
], - "id": 1,
- "methods": [
- "string"
], - "roleID": 1
}UserRoleCreate
Create a user to role assignment
Authorizations:
path Parameters
| roleID required | integer |
Request Body schema: application/jsonrequired
| organizationID | integer <int64> ID of the organization in which the role should be assigned |
| roleID required | integer <int64> >= 1 ID of the role |
| userID required | integer <int64> >= 1 ID of the user |
Responses
Request samples
- Payload
{- "organizationID": 0,
- "roleID": 1,
- "userID": 1
}GetUserRoles
Returns all roles for the current logged in user (JWT-TOKEN)
Authorizations:
Request Body schema: application/jsonrequired
| organizationID | integer <int64> ID of the organization in which the role should be assigned |
| roleID required | integer <int64> >= 1 ID of the role |
| userID required | integer <int64> >= 1 ID of the user |
Responses
Request samples
- Payload
{- "organizationID": 0,
- "roleID": 1,
- "userID": 1
}UpsertRBACSettings
Updates the organization settings for the rbac service
Authorizations:
path Parameters
| organizationID required | integer |
Request Body schema: application/jsonrequired
| restrictedRoleAssignment | boolean |
Responses
Request samples
- Payload
{- "restrictedRoleAssignment": true
}OrganizationTokenList
Lists all organization tokens created for the given organization
Authorizations:
query Parameters
| organization required | integer |
Responses
Response samples
- 200
[- {
- "id": 0,
- "isSuperToken": true,
- "name": "string",
- "organizationID": 0,
- "token": "string"
}
]OrganizationTokenCreate
Creates a new organization token with the given data
Authorizations:
Request Body schema: application/jsonrequired
| isSuperToken | boolean true to mark the token as SuperToken that can also be used for child organizations; false otherwise |
| name required | string this token's display name |
| organizationID required | integer <int64> this token's organization ID |
Responses
Request samples
- Payload
{- "isSuperToken": true,
- "name": "string",
- "organizationID": 0
}Response samples
- 201
{- "id": 0,
- "isSuperToken": true,
- "name": "string",
- "organizationID": 0,
- "token": "string"
}