GET Permissions/Object/{guid}
Retrieves a list of principals that have been assigned permissions to the specified object.
Requirements
- Permissions: The caller must have Manage permission to the specified object.
- Token scope: Security
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
Name |
Description |
---|---|
Object |
In the request URL, specify the word Object. |
{guid} |
In the request URL, specify GUID of the object for which to list principals assigned permissions. Depending on your environment, the GUID may be expressed with or without curly braces {}. For example, {3d6b61d-1c71-4603-883f-25b8c2ceecdd}. |
Returns
Name |
Description |
---|---|
Array of Principals |
An array of Prefixed Universal identifiers, which are users or groups who have permissions to the object. If principals from multiple identity providers (e.g., Local and Active Directory) have been assigned, they will all be listed, irrespective of the identity provider used by the caller. |
Example 1: List all assigned principals
In this example, principals from the local and Active Directory identity providers that have been assigned permissions to the object are returned.
Request for Example 1
GET https://test.venafi.example/vedsdk/Permissions/object/ {3415e47d-835c-4949-af5b-c226817f7d40} Authorization:Bearer 4MyGeneratedBearerTknz==
Response for Example 1
HTTP/1.1 200 OK [ "local:{64f08c4c-b5b5-4715-bfcf-bdecee5e15d0}", "local:{aab5cb53-aac7-42e0-b78a-134636baff93}", "AD+AD1:09345ac819b6e840b808e288c5901bc7", "local:{a58437d1-e6d4-46f8-b790-bc1bedb943f1}" ]
Example 2: Get principals that have no assigned permissions
Request for Example 2
GET https://test.example/vedsdk/Permissions/object/ {ba0d0cd9-e6e9-4208-a6b2-32271d4f67a4} Authorization:Bearer 4MyGeneratedBearerTknz==
Response for Example 2
HTTP/1.1 200 OK []