Unify and manage your data

Get Roles Against Object URIs

Processes specified URIs and returns all available permissions and users that have those permissions for each object.

Request

POST {env_uri}/reltio/permissions/{tenant}/_getAccessRoles

Contains list of URIs to get information about allowed operations and accepted users.

Table 1. Parameters
Name Required Details
Headers Authorization Yes Information about authentication access token in format "Bearer <Access-Token>" (see details in Authentication API).
Content-Type Yes Should be "Content-Type: application/json".
Query accessTypes No List of access types for which we want to obtain roles. Default: all access types.
Body List of object URIs.
Example:
  • entities/029OP2m
  • changeRequests/00010rp
Note: The operation supports only entities and change requests.

Response

For each URI from an input list, response contains information about all privileges for all roles.

If there is an empty accessRoles field in the result, then analyze the values of the allPermitted field-if it is true, then any role has all permissions, otherwise there are no roles which have any permission for that particular object.

Note: If you request accessRoles for applied/rejected change requests, an empty object with allPermitted=false is returned, because no role can apply or reject a change request that is already applied/rejected.

All permissions with roles for a list of URIs

Request

POST {env_uri}/reltio/permissions/{tenant}/_getAccessRoles
Headers: Authorization: Bearer <Access-Token>, Content-Type: application/json 
Body:
[
    "entities/00005KL",
    "entities/0000I77",
    "changeRequests/00010rp"
]

Response

Body:
[
  {
    "objectUri": "entities/0000I77",
    "allPermitted": false,
    "accessRoles": [
      {
        "access": "ACCEPT_CHANGE_REQUEST",
        "roles": [
          "API_USER2",
          "API_USER1"
        ]
      },
      {
        "access": "UNMERGE",
        "roles": [
          "API_USER2",
          "API_USER1"
        ]
      },
      {
        "access": "MERGE",
        "roles": [
          "API_USER2",
          "API_USER1"
        ]
      },
      {
        "access": "READ",
        "roles": [
          "API_USER2",
          "API_USER1"
        ]
      }
    ]
  },
  {
    "objectUri": "entities/00005KL",
    "allPermitted": false,
    "accessRoles": [
      {
        "access": "ACCEPT_CHANGE_REQUEST",
        "roles": [
          "API_USER2",
          "API_USER1"
        ]
      },
      {
        "access": "UNMERGE",
        "roles": [
          "API_USER2"
        ]
      },
      {
        "access": "MERGE",
        "roles": [
          "API_USER2"
        ]
      },
      {
        "access": "READ",
        "roles": [
          "API_USER2",
          "API_USER1"
        ]
      }
    ]
  },
  {
    "objectUri": "changeRequests/00010rp",
    "allPermitted": false,
    "accessRoles": [
      {
        "access": "READ",
        "roles": [
          "API_USER2",
          "API_USER1"
        ]
      }
    ]
  }
]

Get Roles With Specific Permissions

Request

POST {env_uri}/reltio/permissions/{tenant}/_getAccessRoles?accessTypes=READ,MERGE
Headers: Authorization: Bearer <Access-Token>, Content-Type: application/json
Body:
[
 "entities/00005KL"
]

Response

Body:
[
  {
    "objectUri": "entities/00005KL",
    "allPermitted": true,
    "accessRoles": [
      {
        "access": "READ",
        "roles": [
          "API_USER2",
          "API_USER1"
        ]
      },
      {
        "access": "MERGE",
        "roles": [
          "API_USER2",
          "API_USER1"
        ]
      }
    ]
  }
]