User Role¶
Overview¶
An administrator of a BIG-IQ can use the User Role API to add or remove a user from a role on the BIG-IQ. You must specify the UUID which identifies the role to add a user to that role. In the following, the UUID of the role is represented by the placeholder:<id>. An administrator can create a new user on the BIG-IQ using the User API.
Requests¶
Examples¶
GET to list all users in role¶
To list all the users in a role, send a GET to the endpoint and specify the UUID of the role, <id>. In the following the example value for <id> is d13bc5b6-8b2b-39e1-8f29-777db17cc563 which identifies the Common role.
GET https://<BIG-IQ>/mgmt/shared/authorization/roles/d13bc5b6-8b2b-39e1-8f29-777db17cc563?$select=principalReferences,selfLink,name
Response¶
The JSON in the response can look similar to the following example, with admin, user1 and user2 in the role.
HTTP/1.1 200 OK
{
"name": "Common",
"selfLink": "https://localhost/mgmt/shared/authorization/roles/d13bc5b6-8b2b-39e1-8f29-777db17cc563",
"principalReferences": [
{
"link": "https://localhost/mgmt/shared/authz/users/user1"
},
{
"link": "https://localhost/mgmt/shared/authz/users/user2"
},
{
"link": "https://localhost/mgmt/shared/authz/users/admin"
}
]
}
PATCH to add a new user to role¶
To add a new user3, to the Common role, send a PATCH to the collection endpoint, and specify the UUID of the role, <id>.
POST https://<BIG-IQ>/mgmt/shared/authorization/roles/d13bc5b6-8b2b-39e1-8f29-777db17cc563
The JSON in the body of the PATCH contains link references for every new and existing users you want in this role.
{
"principalReferences": [
{
"link": "https://localhost/mgmt/shared/authz/users/user1"
},
{
"link": "https://localhost/mgmt/shared/authz/users/user2"
},
{
"link": "https://localhost/mgmt/shared/authz/users/user3"
},
{
"link": "https://localhost/mgmt/shared/authz/users/admin"
}
]
}
Response¶
The JSON in the response can look similar to the following example.
HTTP/1.1 200 OK
{
"name": "Common",
"selfLink": "https://localhost/mgmt/shared/authorization/roles/d13bc5b6-8b2b-39e1-8f29-777db17cc563",
"principalReferences": [
{
"link": "https://localhost/mgmt/shared/authz/users/user1"
},
{
"link": "https://localhost/mgmt/shared/authz/users/user2"
},
{
"link": "https://localhost/mgmt/shared/authz/users/user3"
},
{
"link": "https://localhost/mgmt/shared/authz/users/admin"
}
]
}
PATCH to remove a user from a role¶
To remove only the user3 from the role, send a PATCH to the collection endpoint, and specify the UUID of the role, <id>.
PATCH https://<BIG-IQ>/mgmt/shared/authorization/roles/d13bc5b6-8b2b-39e1-8f29-777db17cc563
The JSON in the body of the PATCH contains link references for only the users you want in this role.
{
"principalReferences": [
{
"link": "https://localhost/mgmt/shared/authz/users/user1"
},
{
"link": "https://localhost/mgmt/shared/authz/users/user2"
},
{
"link": "https://localhost/mgmt/shared/authz/users/admin"
}
]
}
Response¶
The JSON in the response can look similar to the following example.
HTTP/1.1 200 OK
{
"name": "Common",
"selfLink": "https://localhost/mgmt/shared/authorization/roles/d13bc5b6-8b2b-39e1-8f29-777db17cc563",
"principalReferences": [
{
"link": "https://localhost/mgmt/shared/authz/users/user1"
},
{
"link": "https://localhost/mgmt/shared/authz/users/user2"
},
{
"link": "https://localhost/mgmt/shared/authz/users/admin"
}
]
}