GET Permissions/Object/{guid}/local/{uuid}/Effective
Retrieves effective permissions for folders or other objects in Trust Protection Platform.
The basic syntax is:
GET https://test.example/vedsdk/permissions/object/{guid}/local/{Universal ID}/Effective
Requirements
- Permissions: The caller must have Manage permission to the specified object. The caller must also be logged in to the same identity provider as the principal's provider.
- Token scope: Security
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
Name |
Description |
---|---|
{guid} |
In the request URL, specify the GUID of the object. Depending on your environment, the GUID may be expressed with or without curly braces {}. For example, {3d6b61d-1c71-4603-883f-25b8c2ceecdd}. If you want effective permissions for a policy, either call POST Config/DnToGuid or get the GUID from the UI Support Attributes tab. |
local |
In the request, specify word local as the provider type. |
{uuid} |
In the request URL, specify the Universal Unique Identifier (UUID) of the principal identity. To get the correct formatting, call POST Identity/Browse. |
Effective |
In the request URL, specify the word Effective. |
Returns
Name |
Description |
---|---|
HTTP 200 |
For valid requests, Permissions/Object/guid/local/Effective returns a HTTP 200 message and the following data:
|
HTTP 400 |
For invalid requests, one of the following errors may be present:
|
Example: Get the effective permissions for a local user on a policy folder
Request
GET https://test.venafi.example/vedsdk/permissions/object/{44721e18-b8fa-4a1b-bcea-63bd46c6f523}/local/{c18d6102-1915-43c6-b373-a25caea40506}/Effective Authorization:Bearer 4MyGeneratedBearerTknz==
Response
HTTP/1.1 200 OK { "EffectivePermissions":{ "IsAssociateAllowed":true, "IsCreateAllowed":true, "IsReadAllowed":true, "IsRenameAllowed":true, "IsRevokeAllowed":true, "IsViewAllowed":true, "IsWriteAllowed":true } }