search
ConsoleSupportStatus Page

Org Role Management

Organization management functions.

hashtag
Create a new role within the organization

post

This endpoint allows users to create a new role in the specified organization. It is intended for administrators managing roles and permissions. Ensure that the role definition aligns with organizational policies and requirements.

👤 User Credential: You must login and authenticate a user and use their access token to invoke this service. This will operate the action under the specified user.

🔒 Permission: org.roles.create is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations
OAuth2clientCredentialsRequired

An OIDC service account that was authenticated.

Authorization URL: Token URL:
Path parameters
organizationIdstringRequired
Body
idstringOptional
namestringOptional
namespacestringOptional
descriptionstringOptional
stagestring · enumOptionalPossible values:
Responses
post
/directory/orgs/{organizationId}/roles

hashtag
Delete all roles for the specified organization

delete

This endpoint allows the deletion of all roles associated with a specific organization. It is intended for use by authorized personnel to manage role permissions effectively. Ensure that you have the necessary permissions before executing this action.

👤 User Credential: You must login and authenticate a user and use their access token to invoke this service. This will operate the action under the specified user.

🔒 Permission: org.roles.delete is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations
OAuth2clientCredentialsRequired

An OIDC service account that was authenticated.

Authorization URL: Token URL:
Path parameters
organizationIdstringRequired
Responses
delete
/directory/orgs/{organizationId}/roles
No content

hashtag
Generate roles and permissions for an organization

post

This endpoint generates a default set of roles and permissions for the specified organization. It ensures standard compliance in role management, facilitating easier maintenance and generation of roles based on the provided namespace and noun.

👤 User Credential: You must login and authenticate a user and use their access token to invoke this service. This will operate the action under the specified user.

🔒 Permission: org.roles.create is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations
OAuth2clientCredentialsRequired

An OIDC service account that was authenticated.

Authorization URL: Token URL:
Path parameters
organizationIdstringRequired
Body
Responses
post
/directory/orgs/{organizationId}/roles/generate

hashtag
List all permissions for the organization

get

Retrieve a comprehensive list of permissions configured for the organization. This includes permissions associated with all roles and groups, providing a clear overview of access rights. Useful for understanding and managing organizational permissions effectively.

👤 User Credential: You must login and authenticate a user and use their access token to invoke this service. This will operate the action under the specified user.

Authorizations
OAuth2clientCredentialsRequired

An OIDC service account that was authenticated.

Authorization URL: Token URL:
Path parameters
organizationIdstringRequired
Responses
get
/directory/orgs/{organizationId}/roles/permissions

hashtag
Retrieve a specific role within an organization

get

Fetches details of a role identified by its ID within the specified organization. This endpoint ensures that only existing roles are returned, providing clarity on role permissions and attributes. It is essential for managing user roles effectively within the organization.

👤 User Credential: You must login and authenticate a user and use their access token to invoke this service. This will operate the action under the specified user.

🔒 Permission: org.roles.get is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations
OAuth2clientCredentialsRequired

An OIDC service account that was authenticated.

Authorization URL: Token URL:
Path parameters
organizationIdstringRequired
roleIdstringRequired
Responses
get
/directory/orgs/{organizationId}/roles/{roleId}

hashtag
Update an existing role within an organization

put

This endpoint allows for the modification of a specific role in the organization. It requires the organization ID and role ID to identify the role being updated. Proper authentication is necessary to ensure that only authorized users can make changes to roles.

👤 User Credential: You must login and authenticate a user and use their access token to invoke this service. This will operate the action under the specified user.

🔒 Permission: org.roles.update is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations
OAuth2clientCredentialsRequired

An OIDC service account that was authenticated.

Authorization URL: Token URL:
Path parameters
organizationIdstringRequired
roleIdstringRequired
Body
idstringOptional
namestringOptional
namespacestringOptional
descriptionstringOptional
stagestring · enumOptionalPossible values:
Responses
put
/directory/orgs/{organizationId}/roles/{roleId}

hashtag
Delete a specific role in the organization

delete

This endpoint allows for the removal of a designated role within a specified organization. It is crucial for maintaining accurate role management and permissions. Ensure that the role being deleted is no longer needed, as this action is irreversible.

👤 User Credential: You must login and authenticate a user and use their access token to invoke this service. This will operate the action under the specified user.

🔒 Permission: org.roles.delete is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations
OAuth2clientCredentialsRequired

An OIDC service account that was authenticated.

Authorization URL: Token URL:
Path parameters
organizationIdstringRequired
roleIdstringRequired
Responses
delete
/directory/orgs/{organizationId}/roles/{roleId}
No content

hashtag
Retrieve role assignments for the specified organization role.

get

This endpoint returns all role assignments associated with a specific role in the organization. It provides visibility into the users assigned to the role, helping manage permissions effectively. Use this to ensure appropriate access levels within your organization.

👤 User Credential: You must login and authenticate a user and use their access token to invoke this service. This will operate the action under the specified user.

🔒 Permission: org.roles.list is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations
OAuth2clientCredentialsRequired

An OIDC service account that was authenticated.

Authorization URL: Token URL:
Path parameters
organizationIdstringRequired
roleIdstringRequired
Query parameters
limitinteger · int32OptionalDefault: 100
startinteger · int32OptionalDefault: 0
Responses
get
/directory/orgs/{organizationId}/roles/{roleId}/assignments

hashtag
Retrieve roles for a specified user in the organization

get

This endpoint returns all roles associated with the specified user within the organization. It is intended for use by authorized personnel to manage user permissions effectively. Ensure that you have the necessary security credentials to access this information.

👤 User Credential: You must login and authenticate a user and use their access token to invoke this service. This will operate the action under the specified user.

Authorizations
OAuth2clientCredentialsRequired

An OIDC service account that was authenticated.

Authorization URL: Token URL:
Path parameters
organizationIdstringRequired
Responses
get
/directory/orgs/{organizationId}/user/roles

hashtag
Retrieve roles for a specific user in the organization.

get

This endpoint returns all roles associated with the specified user within the given organization. It provides insights into the user's permissions and access levels. This information is crucial for managing user entitlements effectively.

👤 User Credential: You must login and authenticate a user and use their access token to invoke this service. This will operate the action under the specified user.

🔒 Permission: org.user.permissions.list is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations
OAuth2clientCredentialsRequired

An OIDC service account that was authenticated.

Authorization URL: Token URL:
Path parameters
organizationIdstringRequired
userIdstringRequired
Responses
get
/directory/orgs/{organizationId}/users/{userId}/roles

hashtag
Assign roles to a user in the organization

post

This endpoint allows the addition of specified roles to a user within a particular organization. It ensures that role management is handled securely and effectively. Use this operation to enhance user permissions and access based on organizational needs.

👤 User Credential: You must login and authenticate a user and use their access token to invoke this service. This will operate the action under the specified user.

🔒 Permission: org.user.roles.update is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations
OAuth2clientCredentialsRequired

An OIDC service account that was authenticated.

Authorization URL: Token URL:
Path parameters
organizationIdstringRequired
userIdstringRequired
Bodystring[]
string[]Optional
Responses
post
/directory/orgs/{organizationId}/users/{userId}/roles

hashtag
Assign a role to a user in the organization

post

This endpoint allows you to add a specified role to a user within the organization. It is essential for managing user permissions effectively. Ensure that you have the necessary authorization to perform this action.

👤 User Credential: You must login and authenticate a user and use their access token to invoke this service. This will operate the action under the specified user.

Authorizations
OAuth2clientCredentialsRequired

An OIDC service account that was authenticated.

Authorization URL: Token URL:
Path parameters
organizationIdstringRequired
roleIdstringRequired
userIdstringRequired
Responses
post
/directory/orgs/{organizationId}/users/{userId}/roles/{roleId}

hashtag
Remove a role from a user in the organization

get

This endpoint allows the removal of a specified role from a user within the organization. It ensures that the role is only removed if it currently exists for the user. This operation is crucial for maintaining accurate role assignments and permissions.

👤 User Credential: You must login and authenticate a user and use their access token to invoke this service. This will operate the action under the specified user.

Authorizations
OAuth2clientCredentialsRequired

An OIDC service account that was authenticated.

Authorization URL: Token URL:
Path parameters
organizationIdstringRequired
roleIdstringRequired
userIdstringRequired
Responses
get
/directory/orgs/{organizationId}/users/{userId}/roles/{roleId}/delete
No content
PreviousOrg Permission ManagementNextOrg Unit Management

Last updated