Operation | REST API | Body | Response | CLI Command (from Security CLI commands) | |||||
---|---|---|---|---|---|---|---|---|---|
grant | security/authorization/grant |
| 200: Granted the action on the entity for the principal | security grant entity <entity-id> principal-type <principal-type-name> principal-name <principal-name> actions READ | |||||
revoke | security/authorization/revoke |
| 200: Revoked the actions on the entity for the principal | security revoke entity <entity-id> principal-type <principal-type-name> principal-name <principal-name> actions READ | |||||
check authorized | security/authorization/authorized |
| 200: authorized 401403: Unauthorized | security access entity <entity-id> principal-type <principal-type> principal-name <principal-name> action READ | |||||
Role Based Access Control | |||||||||
create role | PUT /security/authorization/roles/<role-name> | N/A | 200: Created the role 409: role already exists | security create role <role-name> | |||||
delete role | DELETE /security/authorization/roles/<role-name> | N/A | 200: Deleted the role 404: role is not found | security drop role <role-name> | |||||
List roles | GET /security/authorization/roles/ | N/A | 200: List of roles
| security list roles | |||||
add role to principal | PUT /security/authorization/<principal-type>/<principal-name>/roles/<role-name> |
| 200: Added role to principal 404: role not found 404: principal not found | security add role <role-name> to group/user <group/user-name> | |||||
remove role from principal | DELETE /security/authorization/<principal-type>/<principal-name>/roles/<role-name> |
| 200: removed role from principal 404: role not found 404: principal not found | security remove role <role-name> from group/user <group/user-name> | |||||
List roles for principal | GET /security/authorization/<principal-type>/<principal-name>/roles | N/A | 200: List of roles
404: Principal not found | security list roles for group/user <group/user-name> | |||||
List privileges for role | GET /security/authorization/roles/<role-name>/privileges | N/A | 200: List of privileges for the role
404: role not found | security list privileges for role <role-name> |