Roles

Use this resource to get the details for roles in your organization. You can also use this resource to create and delete custom roles.

GET request

You can request the details for all of your organization's roles or request the details for a particular role.
To get role details, use the following URI:

/public/core/v3/roles

To get the details for a particular role, you can include the following query parameters in the URI

Parameter

Type

Description

q

String

Query filter. You can filter using one of the following fields:

  • roleId. Unique identifier for the role.
  • roleName. Name of the role.

expand

String

Returns the privileges associated with the role specified in the query filter.
Include the following phrase in the query:
expand=privileges

For example, to get details for the Business Manager role including privileges, you might use the following request

/public/core/v3/roles?q=roleName=="Business Manager"&expand=privileges

GET response

If successful, returns the following information for each role:

Field

Type

Description

id

String

Role ID.

orgId

String

ID of the organization the role belongs to.

createdBy

String

User who created the role.

updatedBy

String

User who last updated the role.

createTime

String

Date and time the role was created.

updateTime

String

Date and time the role was last updated.

roleName

String

Name of the role.

description

String

Description of the role.

displayName

String

Role name displayed in the user interface.

displayDescription

String

Description displayed in the user interface.

systemRole

Boolean

Whether the role is a system-defined role. Returns one of the following values:

  • True. Role is a system-defined role.
  • False. Role is a custom role.

status

String

Whether the organization's license to use the role is valid or has expired. Returns one of the following values:

  • Enabled
  • Disabled

privileges

Array

Privileges assigned to the role.
Returned only when the URI includes ?expand=privileges in a query.

id

String

Included in the privileges object.
Privilege ID.

name

String

Included in the privileges object.
Privilege name.

description

String

Included in the privileges object.
Description of the privilege.

service

String

Included in the privileges object.
The Informatica Intelligent Cloud Services service that uses the privilege

status

String

Included in the privileges object.
Whether the organization's license to use the privilege is valid or has expired. Returns one of the following values:

  • Enabled
  • Disabled

GET response example

You might receive a response similar to the following example:

[
    {
        "id": "7EjAMAHsiOTcg8v29z0Gsl",
        "orgId": "52ZSTB0IDK6dXxaEQLUaQu",
        "createdBy": "ops-post-deploy-user",
        "updatedBy": "ops-post-deploy-user",
        "createTime": "2019-03-22T21:26:46.000Z",
        "updateTime": "2019-03-22T21:26:52.000Z",
        "roleName": "Business Manager",
        "description": "Role used for business managers",
        "displayName": "Application Integration Business Manager",
        "displayDescription": "Role used for business managers",
        "systemRole": true,
        "status": "Disabled",
        "privileges": [
            {
                "id": "5Cgp0GcsmRejyxIgV4eXy1",
                "name": "view.ai.console",
                "description": "View application integration console",
                "service": "ApplicationIntegration",
                "status": "Disabled"
            },
            {
                "id": "aReU2uciLYglcq0Ntvc2Ob",
                "name": "view.ai.assets",
                "description": "View  application integration assets",
                "service": "ApplicationIntegration",
                "status": "Disabled"
            },
            {
                "id": "8zDel5v89cKfeMtM2FHFEw",
                "name": "view.ai.designer",
                "description": "View application integration designer",
                "service": "ApplicationIntegration",
                "status": "Disabled"
            }
        ]
    }
]

POST request

To create a custom role, send a POST request using the following URI:

/public/core/v3/roles




Note:
The number of users, user groups, and roles combined cannot exceed 1000 for an organization.

Include the following information:

Field

Type

Required

Description

name

String

Yes

Name of the role.

description

String

Description of the role.

privileges

Array

Yes

IDs of the privileges to assign to the role.

POST response

If successful, returns the roles object with the details you included in the POST request.

POST example

To create a custom role, you might send a request similar to the following example:

POST <baseApiUrl>/public/core/v3/roles
Content-Type: application/json
Accept: application/json
INFA-SESSION-ID: <sessionId>
{
    "name" : "CAIviewer",
    "description": "A role to view Application Integration designer and assets",
    "privileges" : ["aQwUdcM8RcQewA1yWphZ4F", "0nTOXl8dzEwlSFoM0cO8gI"]
}

You might receive a response similar to the following example:

{
    "id": "8j2MPlr8ubZgteIOwleSCk",
    "orgId": "cPYWk02I4aBeuLEvYRtaMS",
    "createdBy": "[email protected]",
    "updatedBy": "[email protected]",
    "createTime": "2019-03-20T18:33:33.361Z",
    "updateTime": "2019-03-20T18:33:33.428Z",
    "roleName": "CAIviewer",
    "description": "A role to view Application Integration designer and assets",
    "displayName": "CAIviewer",
    "displayDescription": "A role to view Application Integration designer and assets",
    "systemRole": false,
    "status": "Enabled",
    "privileges": [
        {
            "id": "0nTOXl8dzEwlSFoM0cO8gI",
            "name": "view.ai.designer",
            "description": "View application integration designer"
        },
        {
            "id": "aQwUdcM8RcQewA1yWphZ4F",
            "name": "view.ai.assets",
            "description": "View  application integration assets"
        }
    ]
}

DELETE request

To delete a role, use the following URI:

/public/core/v3/roles/<roleId>