Permission administration#
These endpoints are used for working with permissions. Viewing permission is part of the basic functionality, but granting and revoking is limited to MSS and those with full administrative access.
Searching for permissions#
Searching for permissions can be done using the simple search GET
endpoint or
the advanced search POST
endpoint.
Tip
Please read the general integration guide to learn about general concepts for search endpoints.
Simple search#
For simple search, the valid filtering parameters can be added as query parameters, which will ANDed together for each parameter.
If any parameter name is repeated, all the values for that parameter name will be combined according to the Swagger API documentation
Providing no parameters will return all permissions
# search for permissions granted on customer mnemonic
curl -H "Argus-API-Key: my/api/key" https://api.mnemonic.no/useradmin/v2/permission?customer=mnemonic
This query will return a list of permission models:
{
"data": [
{
"id": 1,
"function": {
"id": 2,
"name": "CUSTOMER-ROLES"
},
"subject": {
"id": 3,
"shortName": "Gnhst",
"name": "Gnhst",
"type": "group",
...,
},
"customer": {
"name": "Mnemonic",
},
...
}
]
}
The endpoints searching, granting, and revoking permissions return the same permission datamodel.
Tip
See the Swagger API documentation for details on the returned data model.
Advanced search#
Advanced searches allow combining multiple queries to get more fine-grained searches.
Detailed information on how to build advanced searches using sub-criteria are found in the general integration guide.
All parameters available for user search are detailed in the Swagger API documentation.
# search for permissions that are given for "developers" but not the "CUSTOMER-ROLES" permissions
curl -X POST -H "Argus-API-Key: my/api/key" -H "Content-Type: application/json" \
https://api.mnemonic.no/useradmin/v2/permission/search -d '
{
"customer": "mnemonic"
"subCriteria": [{
"excluded": true,
"function": ["CUSTOMER-ROLES"]
}]
}'
Granting a permission#
To grant a permission you need to provide customer(shortName
or ID) to
provide the permission for, the role you want to grant, and the short
name or ID of the group or user you want to grant the permission to:
curl -X POST -H "Argus-API-Key: my/api/key" -H "Content-Type: application/json" \
https://api.mnemonic.no/useradmin/v2/permission -d '
{
"customer": "mnemonic",
"subject": "dennis",
"function": "CUSTOMER-ROLES"
}'
The newly created permission is returned
Revoking a permission#
To revoke a permission you need to know the ID of the permission you want to revoke:
curl -X DELETE -H "Argus-API-Key: my/api/key" https://api.mnemonic.no/useradmin/v2/permission/1
The revoked permission is returned