Alphaus | Documentation
WebsiteRepoTech blog (JP)Tech blog (EN)
Search…
API Reference
Overview
Endpoint limits
Authentication
Users
API clients
Authorization (RBAC)
Ripple
Wave
Status
Ocean
ALM (v3)
Powered By GitBook
Authorization (RBAC)
For general information about RBAC, check out this link.
The following endpoint is the base url for the APIs below.
1
https://service.mobingi.com/m/auth/rbac/
Copied!

List permissions

List all permissions supported by RBAC in all namespaces. For reference, supported permissions can be found here.
Request
1
GET /permissions HTTP1.1
2
authorization: Bearer {token}
Copied!
Response
1
HTTP/1.1 200 OK
2
3
[
4
{
5
"namespace":"wave",
6
"permissions":[
7
"Admin",
8
"ModifySettings",
9
"..."
10
]
11
},
12
{
13
"namespace":"ripple",
14
"permissions":[
15
"Admin"
16
]
17
}
18
]
Copied!

Create role

During role creation, if your permissions list contains an Admin entry, all other entries will be discarded except Admin.
Roles are root user-level. That means all roles created by the root user, or any subuser that has permissions to create roles, are available to all subusers.
Request
1
POST /roles HTTP1.1
2
authorization: Bearer {token}
3
content-type: application/json
4
5
{
6
"name":"testrole",
7
"namespace":"wave",
8
"permissions":[
9
"ModifySettings",
10
"ViewSettings",
11
...
12
]
13
}
Copied!
Role names should have at least 6 characters in length and 32 characters maximum. It should also be alphanumeric. Hyphens and underscores are allowed in between. The regular expression used for validation is below:
1
^[A-Za-z0-9][A-Za-z0-9_-]*[A-Za-z0-9]$
Copied!
Response
1
HTTP/1.1 200 OK
2
3
{
4
"name":"testrole",
5
"namespace":"wave",
6
"permissions":[
7
"ModifySettings",
8
"ViewSettings",
9
...
10
]
11
}
Copied!

List roles

Request
1
GET /roles?namespace={namespace} HTTP1.1
2
authorization: Bearer {token}
Copied!
The {namespace} parameter is optional. If not provided, all roles will be returned.
Response
1
HTTP/1.1 200 OK
2
3
[
4
{
5
"name": "testrole",
6
"namespace": "wave",
7
"permissions": [
8
"ModifySettings",
9
"ViewSettings",
10
"ModifyAccountSettings"
11
]
12
},
13
{
14
"name": "waveAdmin",
15
"namespace": "wave",
16
"permissions": [
17
"Admin"
18
]
19
},
20
...
21
]
Copied!

Update role

Update role. If role name is different, rename mapped role name.
Request
1
PATCH /roles/{namespace}/{rolename} HTTP1.1
2
authorization: Bearer {token}
3
content-type: application/json
4
5
{
6
"namespace":"wave",
7
"permissions":[
8
"ModifySettings",
9
"ViewSettings",
10
...
11
]
12
}
Copied!
Response
1
HTTP/1.1 200 OK
2
3
{
4
"name": "testrole",
5
"namespace":"wave",
6
"permissions":[
7
"ModifySettings",
8
"ViewSettings",
9
...
10
]
11
}
Copied!

Delete role

Delete role. Deleting a role will also remove all mappings.
Request
1
DELETE /roles/{namespace}/{rolename} HTTP1.1
2
authorization: Bearer {token}
Copied!

Map roles to user

You can only map (or attach) up to 5 roles to a user per namespace. There is no limit for filtering rules per user.
Valid values for type for filtering rules:
Namespace
Value
wave
linkAcct, group, tags
ripple
billingGroup
Request
1
POST /userroles HTTP1.1
2
authorization: Bearer {token}
3
content-type: application/json
4
5
{
6
"user_id":"subuser1",
7
"roles":[
8
{
9
"namespace":"wave",
10
"role": "somerole",
11
},
12
...
13
]
14
}
Copied!
Response
1
HTTP/1.1 200 OK
2
3
{
4
"success":[
5
"somerole"
6
],
7
"failed":[],
8
"filters":[]
9
}
Copied!

List user role mappings

Request
For this endpoint, the returned role mappings are those attached to the caller.
1
GET /userroles HTTP1.1
2
authorization: Bearer {token}
Copied!
For listing role mappings of other subusers, use this endpoint.
1
GET /{subuser}/userroles HTTP1.1
2
Authorization: Bearer {token}
Copied!
{subuser} is the subuser name.
Response
1
HTTP/1.1 200 OK
2
3
[
4
{
5
"root_user":"58c2297d25645",
6
"sub_user":"subuser01",
7
"namespace":"wave",
8
"role":"testrole1"
9
},
10
{
11
"root_user":"58c2297d25645",
12
"sub_user":"subuser02",
13
"namespace":"wave",
14
"filter":"billingGroup:2222"
15
},
16
...
17
]
Copied!

List user permissions

Retrieve all permissions to all roles attached to the {subuser}.
Request
1
GET /{subuser}/permissions HTTP1.1
2
authorization: Bearer {token}
Copied!
Response
1
HTTP/1.1 200 OK
2
3
[
4
{
5
"namespace":"wave",
6
"permissions":[
7
"Admin",
8
"ModifySettings",
9
"..."
10
]
11
},
12
{
13
"namespace":"ripple",
14
"permissions":[
15
"Admin"
16
]
17
}
18
]
Copied!

Update map roles to user

You can only update map (or attach) up to 5 roles to a user per namespace. There is no limit for filtering rules per user.
Valid values for type for filtering rules:
Namespace
Value
wave
linkAcct, group, tags
ripple
billingGroup
This method replaces subuser's all roles to information in the request body.
Request
1
PATCH /userroles HTTP1.1
2
authorization: Bearer {token}
3
content-type: application/json
4
5
{
6
"roles":[
7
{
8
"namespace":"wave",
9
"role": "somerole",
10
},
11
...
12
]
13
}
Copied!
1
PATCH /{subuser}/userroles HTTP1.1
2
authorization: Bearer {token}
3
content-type: application/json
4
5
{
6
"roles":[
7
{
8
"namespace":"wave",
9
"role": "somerole",
10
},
11
...
12
]
13
}
Copied!
{subuser} is the subuser id.
Response
1
HTTP/1.1 200 OK
2
3
{
4
"success":[
5
"somerole"
6
],
7
"failed":[],
8
"filters":[]
9
}
Copied!
Previous
API clients
Next
Ripple
Last modified 5mo ago
Copy link
Contents
List permissions
Create role
List roles
Update role
Delete role
Map roles to user
List user role mappings
List user permissions
Update map roles to user