Authorization (RBAC)
New API available on https://alphauslabs.github.io/blueapidocs/#/Iam.
For general information about RBAC, check out this link.
The following endpoint is the base url for the APIs below.
List permissions
List all permissions supported by RBAC in all namespaces. For reference, supported permissions can be found here.
Request
Response
Create role
During role creation, if your permissions
list contains an Admin
entry, all other entries will be discarded except Admin
.
Roles are root user-level. That means all roles created by the root user, or any subuser that has permissions to create roles, are available to all subusers.
Request
Role names should have at least 6 characters in length and 32 characters maximum. It should also be alphanumeric. Hyphens and underscores are allowed in between. The regular expression used for validation is below:
Response
List roles
Request
The {namespace}
parameter is optional. If not provided, all roles will be returned.
Response
Update role
Update role. If role name is different, rename mapped role name.
Request
Response
Delete role
Delete role. Deleting a role will also remove all mappings.
Request
Map roles to user
You can only map (or attach) up to 5 roles to a user per namespace. There is no limit for filtering rules per user.
Valid values for type
for filtering rules:
Namespace
Value
wave
linkAcct
, group
, tags
ripple
billingGroup
Request
Response
List user role mappings
Request
For this endpoint, the returned role mappings are those attached to the caller.
For listing role mappings of other subusers, use this endpoint.
{subuser}
is the subuser name.
Response
List user permissions
Retrieve all permissions to all roles attached to the {subuser}
.
Request
Response
Update map roles to user
You can only update map (or attach) up to 5 roles to a user per namespace. There is no limit for filtering rules per user.
Valid values for type
for filtering rules:
Namespace
Value
wave
linkAcct
, group
, tags
ripple
billingGroup
This method replaces subuser's all roles to information in the request body.
Request
{subuser}
is the subuser id.
Response
Last updated