Managing Users and Roles heading-link-icon

RBAC users are created and managed using the REST API. This section describes the following:

You can create a new user using the POST method of the /api/v5_2/user endpoint. You must include a login name, full name, and password and also specify if the account is enabled. For example:

curl -k -u $REST_API_USER:$REST_API_PASSWORD -d '{"request": {"enabled": true, "fullName:" "Joe Bloggs", "loginName:" "jbloggs", "password:" "wx%ty23Q"}}' $REST_API_URL/user
Invoke-RestMethod -SkipCertificateCheck  -Headers @{Authorization=("Basic {0}" -f $AUTH_INFO)} -Uri "$REST_API_URL/user" -Method Post -Body (ConvertTo-Json @{
    request = @{
       enabled = true
       fullName = "Joe Bloggs"
       loginName = "jbloggs"
       password = "wx%ty23Q"
    }
})

You can change your own password using the POST method of the /api/v5_2/user/selfpassword endpoint. For example:

curl -k -u $REST_API_USER:$REST_API_PASSWORD -d '{"request": {"password": "<new_password>"}}' $REST_API_URL/user/selfpassword
Invoke-RestMethod -SkipCertificateCheck  -Headers @{Authorization=("Basic {0}" -f $AUTH_INFO)} -Uri "$REST_API_URL/user/selfpassword" -Method Post -Body (ConvertTo-Json @{
    request = @{
       password = <new_password>
    }
})

Users with the UserAdminRole role can change the password of other users using the POST method of the /api/v5_2/user/otheruserpassword endpoint. For example:

curl -k -u $REST_API_USER:$REST_API_PASSWORD -d '{"request": {"password": "<new_password>", "username": "<user_loginname>"}}' $REST_API_URL/user/otheruserpassword
Invoke-RestMethod -SkipCertificateCheck  -Headers @{Authorization=("Basic {0}" -f $AUTH_INFO)} -Uri "$REST_API_URL/user/otheruserpassword" -Method Post -Body (ConvertTo-Json @{
    request = @{
       password = <new_password>
       username = <user_loginname>
    }
})

You can retrieve all roles in the system using the /api/v5_2/role endpoint. For example:

curl -k -u $REST_API_USER:$REST_API_PASSWORD $REST_API_URL/role
Invoke-RestMethod -SkipCertificateCheck  -Headers @{Authorization=("Basic {0}" -f $AUTH_INFO)} -Uri "$REST_API_URL/role"

This request returns the following for each role:

  • id — the unique identifier of the role.
  • version — the version number of the role.
  • updateTimestamp — the date and time when the role was last updated.
  • roleName — the name of the role.
  • permissions — a list of the permissions associated with the role.

You can assign a role to a user using the /api/v5_2/<login-name>/role/<role-id> endpoint. This endpoint requires the login name of the user and the ID of the role. To retrieve a list of the roles in the system, including their IDs, see Retrieving Roles.

For example, to assign a role with the ID bbcc4621-d88f-4a94-ae2f-b38072bf5087 to Joe Bloggs:

curl -k -u $REST_API_USER:$REST_API_PASSWORD -X PUT $REST_API_URL/user/jbloggs/rolebbcc4621-d88f-4a94-ae2f-b38072bf5087
Invoke-RestMethod -SkipCertificateCheck  -Headers @{Authorization=("Basic {0}" -f $AUTH_INFO)} -Uri "$REST_API_URL/user/jbloggs/rolebbcc4621-d88f-4a94-ae2f-b38072bf5087 -Method Put

You can retrieve the permissions in the system that match certain criteria, using the /api/v5_2/permission endpoint. For example, to return 100 permissions that deny access:

curl -k -u $REST_API_USER:$REST_API_PASSWORD  $REST_API_URL/permission?limit=0&permissiontype=DENY
Invoke-RestMethod -SkipCertificateCheck -Headers @{Authorization=("Basic {0}" -f $AUTH_INFO)}` 
   -Method Get -Uri "$REST_API_URL/permission`?limit=100&permissiontype=DENY"

Was this page helpful?

Thanks for your feedback!

Chat with us

Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.

Propose documentation improvements directly

Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.

We're sorry this page wasn't helpful. Let us know how we can make it better!

Chat with us

Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.

Create an issue

Create a new GitHub issue in this repository - submit technical feedback, draw attention to a potential documentation bug, or share ideas for improvement and general feedback.

Propose documentation improvements directly

Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.