GET Permissions/Object/{guid}

Retrieves a list of principals that have been assigned permissions to the specified object.

Requirements

  • Permissions: The caller must have Manage permission to the specified object.
  • Token scope:  Security

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Input parameters

Name

Description

Object

In the request URL, specify the word Object.

{guid}

In the request URL, specify GUID of the object for which to list principals assigned permissions.

Depending on your environment, the GUID may be expressed with or without curly braces {}. For example, {3d6b61d-1c71-4603-883f-25b8c2ceecdd}.

Returns

Response description

Name

Description

Array of Principals

An array of Prefixed Universal identifiers, which are users or groups who have permissions to the object. If principals from multiple identity providers (e.g., Local and Active Directory) have been assigned, they will all be listed, irrespective of the identity provider used by the caller.

Example 1: List all assigned principals

In this example, principals from the local and Active Directory identity providers that have been assigned permissions to the object are returned.

Request for Example 1

GET https://test.venafi.example/vedsdk/Permissions/object/
  {3415e47d-835c-4949-af5b-c226817f7d40}
Authorization:Bearer 4MyGeneratedBearerTknz==

Response for Example 1

HTTP/1.1 200 OK
[
   "local:{64f08c4c-b5b5-4715-bfcf-bdecee5e15d0}",
   "local:{aab5cb53-aac7-42e0-b78a-134636baff93}",
   "AD+AD1:09345ac819b6e840b808e288c5901bc7",
   "local:{a58437d1-e6d4-46f8-b790-bc1bedb943f1}"
]

Example 2: Get principals that have no assigned permissions

Request for Example 2

GET https://test.example/vedsdk/Permissions/object/
{ba0d0cd9-e6e9-4208-a6b2-32271d4f67a4}
Authorization:Bearer 4MyGeneratedBearerTknz==

Response for Example 2

HTTP/1.1 200 OK
[]