GET Permissions/Object/{guid}/local/{uuid}/Effective

Retrieves effective permissions for folders or other objects in Trust Protection Platform.

The basic syntax is:

GET https://test.example/vedsdk/permissions/object/{guid}/local/{Universal ID}/Effective


  • Permissions: The caller must have Manage permission to the specified object. The caller must also be logged in to the same identity provider as the principal's provider.
  • Token scope:  Security


  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.


Input parameters




In the request URL, specify the GUID of the object. Depending on your environment, the GUID may be expressed with or without curly braces {}. For example, {3d6b61d-1c71-4603-883f-25b8c2ceecdd}. If you want effective permissions for a policy, either call POST Config/DnToGuid or get the GUID from the UI Support Attributes tab.


In the request, specify word local as the provider type.


In the request URL, specify the Universal Unique Identifier (UUID) of the principal identity. To get the correct formatting, call POST Identity/Browse.


In the request URL, specify the word Effective.


Response description



HTTP 200

For valid requests, Permissions/Object/guid/local/Effective returns a HTTP 200 message and the following data:

HTTP 400

For invalid requests, one of the following errors may be present:

  • Unable to verify principal. Either correct the principal Guid or assign the principal identity to the appropriate object Guid in Trust Protection Platform. For the Principal parameter, try adding or omitting the curly braces. See the Principal parameter for details.
  • Failed to lookup DN: Unable to read object details of GUID {object Guid}; ObjectDoesNotExist. Obtain the correct object Guid value, from Trust Protection Platform.

Example: Get the effective permissions for a local user on a policy folder


GET https://test.venafi.example/vedsdk/permissions/object/{44721e18-b8fa-4a1b-bcea-63bd46c6f523}/local/{c18d6102-1915-43c6-b373-a25caea40506}/Effective
Authorization:Bearer 4MyGeneratedBearerTknz==


HTTP/1.1 200 OK