Roles

User Roles Authorization is a critical feature, where endpoints access is governed by API key authorizations. These authorizations are linked to roles assigned to the user who owns a specific API key.

In the 'User Roles' section, the API categorizes users into four primary roles:

Administrator: Has the highest level of access, capable of managing all aspects of the system.
LicenseManager: Focuses on licensing aspects, with permissions to manage and oversee licensing operations.
Sales: Handles sales-related functionalities and accesses customer and sales data.
Customer: Primarily interacts with customer-facing features and has limited access compared to other roles.

This role-based access control ensures that users can only interact with parts of the API that are relevant to their roles, enhancing security and operational efficiency. For instance, an API key assigned to a 'Sales' user will have different access permissions compared to one assigned to an 'Administrator'.

Where not explicitly stated, only users in the 'Administrator' role are granted access to the endpoints. To provide clear guidance, the roles permitted to access a specific endpoint will be distinctly outlined at the beginning of each endpoint definition. This ensures transparency in access control and allows users to quickly identify which endpoints are accessible based on their assigned roles.

Example of Roles Allowed to Access an Endpoint

Roles: Administrator, LicenseManager, Sales

Get

Retrieves a list of roles for a specific user.

GET/v1/users/{userId}/roles

Path parameters

userId*string

user_id is the ID of the user.

Query parameters

Response

Success

Body

successboolean

success indicates whether the operation was successful.

codeinteger (int32)

code is the status code of the operation.

messagestring

message is a human-readable message indicating the result of the operation.

rolesarray of Role (object)

roles is the list of roles of the user.

totalRolesCountinteger (int32)

total_roles_count is the total number of roles of the user.

Request

const response = await fetch('/v1/users/{userId}/roles', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "success": false,
  "message": "text",
  "roles": [
    {
      "id": "text",
      "name": "text",
      "description": "text"
    }
  ]
}

Post

Adds a user to a role.

POST/v1/users/{userId}/roles

Path parameters

userId*string

user_id is the ID of the user.

Body

userIdstring

user_id is the ID of the user.

rolesstring

roles is the role to add the user to.

Response

Success

Body

successboolean

success indicates whether the operation was successful.

codeinteger (int32)

code is the status code of the operation.

messagestring

message is a human-readable message indicating the result of the operation.

Request

const response = await fetch('/v1/users/{userId}/roles', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({}),
});
const data = await response.json();

Response

{
  "success": false,
  "message": "text"
}

Delete

Removes a user from a role.

DELETE/v1/users/{userId}/roles

Path parameters

userId*string

user_id is the ID of the user.

Body

userIdstring

user_id is the ID of the user.

rolesstring

roles is the role to remove the user from.

Response

Success

Body

successboolean

success indicates whether the operation was successful.

codeinteger (int32)

code is the status code of the operation.

messagestring

message is a human-readable message indicating the result of the operation.

Request

const response = await fetch('/v1/users/{userId}/roles', {
    method: 'DELETE',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({}),
});
const data = await response.json();

Response

{
  "success": false,
  "message": "text"
}

PreviousUsers NextRoles

Last updated 4 months ago