RBAC API specification (c012e3dcbb173c17e93899af5cd2c03d396c0354)

Download OpenAPI specification:Download

The RBAC service implements a role based access control infrastructure to GroupAlarm.com

Authentication

API_Token

To use this API, you need an API-Token from the RBAC settings of your GroupAlarm organization. Place the token inside the HTTP-Header API-Token for every request, otherwise the API will return an "401 Unauthorized" error for your request.

Security Scheme Type API Key
Header parameter name: API-TOKEN

Personal-Access-Token

To use this API, you need a Personal Access Token from your profile settings. Place the token inside the HTTP-Header Personal-Access-Token for every request, otherwise the API will return an "401 Unauthorized" error for your request.

Security Scheme Type API Key
Header parameter name: Personal-Access-Token

personal-access-token

PersonalAccessTokenList

Lists all personal access tokens created by the current user

Responses

Response samples

Content type
application/json
[
  • {
    }
]

PersonalAccessTokenCreate

Creates a new personal access token for the current user

Request Body schema: application/json
name
required
string

this token's display name

userID
required
integer <int64>

this token's user ID

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "userID": 0
}

Response samples

Content type
application/json
{
  • "id": 0,
  • "name": "string",
  • "token": "string",
  • "userID": 0
}

PersonalAccessTokenRegenerate

Regenerates an existing personal access token for the current user

path Parameters
id
required
integer

Responses

Response samples

Content type
application/json
{
  • "id": 0,
  • "name": "string",
  • "token": "string",
  • "userID": 0
}

PersonalAccessTokenDelete

Deletes the given personal access tokens

path Parameters
id
required
integer

Responses

roles

RoleList

Returns all roles with passed organization id

query Parameters
organization_id
required
integer

Responses

Request samples

curl -XGET -H'Authorization: Bearer TOKEN' 'https://app.groupalarm.com/api/v1/roles'

Response samples

Content type
application/json
[
  • {
    }
]

RoleCreate

Creates a new role in passed organization id

Request Body schema: application/json
description
string

Optional description for this role

id
integer <int64> >= 1

ID for this role

inheritable
boolean

May this role be used in child-organizations

name
required
string

Name for this role

organizationID
required
integer <int64> >= 1

Connected organization ID

type
string

Definition of default organization roles

Responses

Request samples

Content type
application/json
{
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

Response samples

Content type
application/json
{
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

RoleGet

Get specific role with passed ID

path Parameters
roleID
required
integer

Responses

Response samples

Content type
application/json
{
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

RoleDelete

Delete specific role with passed ID

path Parameters
roleID
required
integer

Responses

RoleUpdate

Update specific role with passed ID

path Parameters
roleID
required
integer
Request Body schema: application/json
description
string

Optional description for this role

id
integer <int64> >= 1

ID for this role

inheritable
boolean

May this role be used in child-organizations

name
required
string

Name for this role

organizationID
required
integer <int64> >= 1

Connected organization ID

type
string

Definition of default organization roles

Responses

Request samples

Content type
application/json
{
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

Response samples

Content type
application/json
{
  • "description": "string",
  • "id": 1,
  • "inheritable": true,
  • "name": "string",
  • "organizationID": 1,
  • "type": "string"
}

roleaccess

GetROConfiguration

Returns the current configuration of the default read-only role

path Parameters
organizationID
required
integer

ID of an organization

Responses

Response samples

Content type
application/json
{
  • "alarmAllowed": true
}

UpdateROConfiguration

Updates the read-only role configuration for a specific organization

path Parameters
organizationID
required
integer

ID of an organization

Request Body schema: application/json

new configuration for the read-only role of the organization

alarmAllowed
boolean

Responses

Request samples

Content type
application/json
{
  • "alarmAllowed": true
}

RoleAccessList

List all assigned accesses for the passed roleID

path Parameters
roleID
required
integer
query Parameters
organization_id
integer

must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used

Responses

Response samples

Content type
application/json
[
  • {
    }
]

RoleAccessCreate

Creates a role access definition

path Parameters
roleID
required
integer
query Parameters
organization_id
integer

must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used

Request Body schema: application/json
endpoints
required
Array of strings

Concerning endpoints/services

id
integer <int64> >= 1

ID of this role access

methods
required
Array of strings

Allowed HTTP methods

roleID
integer <int64> >= 1

ID of the role

Responses

Request samples

Content type
application/json
{
  • "endpoints": [
    ],
  • "id": 1,
  • "methods": [
    ],
  • "roleID": 1
}

Response samples

Content type
application/json
{
  • "endpoints": [
    ],
  • "id": 1,
  • "methods": [
    ],
  • "roleID": 1
}

RoleAccessDelete

Creates an role access definition

path Parameters
roleID
required
integer
roleAccessID
required
integer
query Parameters
organization_id
integer

must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used

Responses

RoleAccessUpdate

Updates a role access definition

path Parameters
roleID
required
integer
roleAccessID
required
integer
query Parameters
organization_id
integer

must be set in order to use an inherited sub organization for rbac checking; if not set, the role's original organizationID will be used

Request Body schema: application/json
endpoints
required
Array of strings

Concerning endpoints/services

id
integer <int64> >= 1

ID of this role access

methods
required
Array of strings

Allowed HTTP methods

roleID
integer <int64> >= 1

ID of the role

Responses

Request samples

Content type
application/json
{
  • "endpoints": [
    ],
  • "id": 1,
  • "methods": [
    ],
  • "roleID": 1
}

Response samples

Content type
application/json
{
  • "endpoints": [
    ],
  • "id": 1,
  • "methods": [
    ],
  • "roleID": 1
}

userroles

UserRoleList

List all assigned user for passed roleID

path Parameters
roleID
required
integer
query Parameters
organization
integer

Responses

Response samples

Content type
application/json
[
  • {
    }
]

UserRoleCreate

Create a user to role assignment

path Parameters
roleID
required
integer
Request Body schema: application/json
organizationID
integer <int64>

ID of the organization in which the role should be assigned

roleID
required
integer <int64> >= 1

ID of the role

userID
required
integer <int64> >= 1

ID of the user

Responses

Request samples

Content type
application/json
{
  • "organizationID": 0,
  • "roleID": 1,
  • "userID": 1
}

DeleteUserRole

Deletes an user-role assignment for the passed IDs

path Parameters
roleID
required
integer
userID
required
integer
query Parameters
organization
integer

Responses

GetUserRoles

Returns all roles for the current logged in user (JWT-TOKEN)

Request Body schema: application/json
organizationID
integer <int64>

ID of the organization in which the role should be assigned

roleID
required
integer <int64> >= 1

ID of the role

userID
required
integer <int64> >= 1

ID of the user

Responses

Request samples

Content type
application/json
{
  • "organizationID": 0,
  • "roleID": 1,
  • "userID": 1
}

services