WebsiteRepoTech blog (JP)Tech blog (EN)

Authorization (RBAC)

New API available on https://alphauslabs.github.io/blueapidocs/#/Iam.

For general information about RBAC, check out this link.

The following endpoint is the base url for the APIs below.

https://service.alphaus.cloud/m/auth/rbac/

List permissions

List all permissions supported by RBAC in all namespaces. For reference, supported permissions can be found here.

Request

GET /permissions HTTP1.1
authorization: Bearer {token}

Response

HTTP/1.1 200 OK

[
  {
    "namespace":"wave",
    "permissions":[
      "Admin",
      "ModifySettings",
      "..."
    ]
  },
  {
    "namespace":"ripple",
    "permissions":[
      "Admin"
    ]
  }
]

Create role

During role creation, if your permissions list contains an Admin entry, all other entries will be discarded except Admin.

Roles are root user-level. That means all roles created by the root user, or any subuser that has permissions to create roles, are available to all subusers.

Request

Role names should have at least 6 characters in length and 32 characters maximum. It should also be alphanumeric. Hyphens and underscores are allowed in between. The regular expression used for validation is below:

Response

List roles

Request

The {namespace} parameter is optional. If not provided, all roles will be returned.

Response

Update role

Update role. If role name is different, rename mapped role name.

Request

Response

Delete role

Delete role. Deleting a role will also remove all mappings.

Request

Map roles to user

You can only map (or attach) up to 5 roles to a user per namespace. There is no limit for filtering rules per user.

Valid values for type for filtering rules:

Namespace

Value

wave

linkAcct, group, tags

ripple

billingGroup

Request

Response

List user role mappings

Request

For this endpoint, the returned role mappings are those attached to the caller.

For listing role mappings of other subusers, use this endpoint.

{subuser} is the subuser name.

Response

List user permissions

Retrieve all permissions to all roles attached to the {subuser}.

Request

Response

Update map roles to user

You can only update map (or attach) up to 5 roles to a user per namespace. There is no limit for filtering rules per user.

Valid values for type for filtering rules:

Namespace

Value

wave

linkAcct, group, tags

ripple

billingGroup

This method replaces subuser's all roles to information in the request body.

Request

{subuser} is the subuser id.

Response

PreviousAPI clientsNextRipple

Last updated

Was this helpful?