RBAC API specification (887cf3d4f37487346e33ee5d2c4aee5e8f74aa6e)

Download OpenAPI specification:Download

The RBAC service implements a role based access control infrastructure to GroupAlarm.com

Authentication

API_Token

You can generate an API-Token in the permissions-settings of your organization. All requests will be performed in the scope of this organization. Requests regarding users will fail.

Security Scheme Type API Key
Header parameter name: API-TOKEN

Personal-Access-Token

You can generate a Personal Access Token in your profile settings. All requests will be performed as the user who created the token, with permissions as configured in each organization.

Security Scheme Type API Key
Header parameter name: Personal-Access-Token

personal-access-token

PersonalAccessTokenList

Lists all personal access tokens created by the current user

Responses

Response samples

Content type
application/json
[
  • {
    }
]

PersonalAccessTokenCreate

Creates a new personal access token for the current user

Request Body schema: application/json
name
required
string

this token's display name

userID
required
integer <int64>

this token's user ID

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "userID": 0
}

Response samples

Content type
application/json
{
  • "id": 0,
  • "name": "string",
  • "token": "string",
  • "userID": 0
}

PersonalAccessTokenRegenerate

Regenerates an existing personal access token for the current user

path Parameters
id
required
integer

Responses

Response samples

Content type
application/json
{
  • "id": 0,
  • "name": "string",
  • "token": "string",
  • "userID": 0
}

PersonalAccessTokenDelete

Deletes the given personal access tokens

path Parameters
id
required
integer

Responses

roles

RoleList

Returns all roles with passed organization id

query Parameters
organization_id
required
integer

Responses

Request samples

curl -XGET -H'Authorization: Bearer TOKEN' 'https://app.groupalarm.com/api/v1/roles'

Response samples

Content type
application/json
[
  • {
    }
]

RoleCreate

Creates a new role in passed organization id

Request Body schema: application/json
assignUsersInChildOrganizations
boolean

Assigned users to this role can use this role in child organizations without being a participant

description
string

Optional description for this role

id
integer <int64> >= 1

ID for this role

inheritable
boolean

May this role be used in child-organizations

name
required
string

Name for this role

organizationID
required
integer <int64> >= 1

Connected organization ID

type
string

Definition of default organization roles

Responses

Request samples

Content type
application/json
{
  • "assignUsersInChildOrganizations": true,
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

Response samples

Content type
application/json
{
  • "assignUsersInChildOrganizations": true,
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

RoleGet

Get specific role with passed ID

path Parameters
roleID
required
integer

Responses

Response samples

Content type
application/json
{
  • "assignUsersInChildOrganizations": true,
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

RoleDelete

Delete specific role with passed ID

path Parameters
roleID
required
integer

Responses

RoleUpdate

Update specific role with passed ID

path Parameters
roleID
required
integer
Request Body schema: application/json
assignUsersInChildOrganizations
boolean

Assigned users to this role can use this role in child organizations without being a participant

description
string

Optional description for this role

id
integer <int64> >= 1

ID for this role

inheritable
boolean

May this role be used in child-organizations

name
required
string

Name for this role

organizationID
required
integer <int64> >= 1

Connected organization ID

type
string

Definition of default organization roles

Responses

Request samples

Content type
application/json
{
  • "assignUsersInChildOrganizations": true,
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

Response samples

Content type
application/json
{
  • "assignUsersInChildOrganizations": true,
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

roleaccess

GetROConfiguration

Returns the current configuration of the default read-only role

path Parameters
organizationID
required
integer

ID of an organization

Responses

Response samples

Content type
application/json
{
  • "alarmAllowed": true
}

UpdateROConfiguration

Updates the read-only role configuration for a specific organization

path Parameters
organizationID
required
integer

ID of an organization

Request Body schema: application/json

new configuration for the read-only role of the organization

alarmAllowed
boolean

Responses

Request samples

Content type
application/json
{
  • "alarmAllowed": true
}

RoleAccessList

List all assigned accesses for the passed roleID

path Parameters
roleID
required
integer
query Parameters
organization_id
integer

must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used

Responses

Response samples

Content type
application/json
[
  • {
    }
]

RoleAccessCreate

Creates a role access definition

path Parameters
roleID
required
integer
query Parameters
organization_id
integer

must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used

Request Body schema: application/json
endpoints
required
Array of strings

Concerning endpoints/services

id
integer <int64> >= 1

ID of this role access

methods
required
Array of strings

Allowed HTTP methods

roleID
integer <int64> >= 1

ID of the role

Responses

Request samples

Content type
application/json
{
  • "endpoints": [
    ],
  • "id": 1,
  • "methods": [
    ],
  • "roleID": 1
}

Response samples

Content type
application/json
{
  • "endpoints": [
    ],
  • "id": 1,
  • "methods": [
    ],
  • "roleID": 1
}

RoleAccessDelete

Creates an role access definition

path Parameters
roleID
required
integer
roleAccessID
required
integer
query Parameters
organization_id
integer

must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used

Responses

RoleAccessUpdate

Updates a role access definition

path Parameters
roleID
required
integer
roleAccessID
required
integer
query Parameters
organization_id
integer

must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used

Request Body schema: application/json
endpoints
required
Array of strings

Concerning endpoints/services

id
integer <int64> >= 1

ID of this role access

methods
required
Array of strings

Allowed HTTP methods

roleID
integer <int64> >= 1

ID of the role

Responses

Request samples

Content type
application/json
{
  • "endpoints": [
    ],
  • "id": 1,
  • "methods": [
    ],
  • "roleID": 1
}

Response samples

Content type
application/json
{
  • "endpoints": [
    ],
  • "id": 1,
  • "methods": [
    ],
  • "roleID": 1
}

userroles

UserRoleList

List all assigned user for passed roleID

path Parameters
roleID
required
integer
query Parameters
organization
integer

Responses

Response samples

Content type
application/json
[
  • {
    }
]

UserRoleCreate

Create a user to role assignment

path Parameters
roleID
required
integer
Request Body schema: application/json
organizationID
integer <int64>

ID of the organization in which the role should be assigned

roleID
required
integer <int64> >= 1

ID of the role

userID
required
integer <int64> >= 1

ID of the user

Responses

Request samples

Content type
application/json
{
  • "organizationID": 0,
  • "roleID": 1,
  • "userID": 1
}

DeleteUserRole

Deletes an user-role assignment for the passed IDs

path Parameters
roleID
required
integer
userID
required
integer
query Parameters
organization
integer

Responses

GetUserRoles

Returns all roles for the current logged in user (JWT-TOKEN)

Request Body schema: application/json
organizationID
integer <int64>

ID of the organization in which the role should be assigned

roleID
required
integer <int64> >= 1

ID of the role

userID
required
integer <int64> >= 1

ID of the user

Responses