POST OAuth/GetRole

Returns the caller's OAuth role.

Authorization

  • Roles: Any
  • Token scope:  Admin

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

None

Returns

Response description

Name

Description

HTTP 200

See OAuth result codes and OAuth roles.

A Role object is returned with the following:

  • Role (integer): A value showing the caller's OAuth role.

  • PermittedApplications (array of strings): Applications where the caller has either the Application Maintainer or Application Owner role. This won't be returned if the caller has a global role (Admin, Grant Admin, or Auditor).

  • OwnedApplications (array of objects): Returned for callers that have the Application Maintainer or Application Owner role for any application. This won't be returned if the caller has a global role (Admin, Grant Admin, or Auditor).

    Each returned object contains the following:

    • ApplicationId (string): The ID of the application for which the caller has a role

    • Role (integer): Role that the caller is assigned for the application.

HTTP 400

For invalid requests, this call returns HTTP 400 Bad Request and the following data in the message body:

  • Error

    • invalid_request: The request is missing a required parameter or is otherwise malformed.

  • Error_description: If available, additional information about how to retry the request.

HTTP 401

For authentication errors, this call returns HTTP 401 Unauthorized and the following data in the message body:

  • Error

    • invalid_token: The access token is missing, or the provided token is expired, revoked, malformed, or invalid for other reasons.

    • insufficient_rights: The underlying user account does not have sufficient permissions for this request.

  • error_description: If available, additional information about how to retry the request.

HTTP 403

If the response is HTTP 403 Forbidden, the requester's token does not include the admin scope. Call POST Authorize/OAuth with the correct scope and restriction. Update the header with the new token and retry.

  • Error

    • insufficient_scope: The request requires a greater scope than provided by the access token.

  • error_description: If available, additional information about how to retry the request.

Example

Request

POST /vedsdk/oauth/getrole HTTP/1.1
Host: tpp-server-url
Content-Type: application/json
Accept: application/json
Authorization: Bearer 4MyGeneratedBearerTknz==

{

}			

Owner/Maintainer response

In this example, role 4 is shown because the caller has role 2 for one application and role 3 for another. As a result, the caller's role is role 4--Mixed Owner/Maintainer.

{
  "Result": 0,
  "Role": {
    "OwnedApplications": [
      {
        "ApplicationId": "Application-1",
        "Role": 2
      },
      {
        "ApplicationId": "Application-2",
        "Role": 3
      }
    ],
    "PermittedApplications": [
      "Application-1",
      "Application-2"
    ],
    "Role": 4
  },
  "Success": true
}

Global role response

{
  "Result": 0,
  "Role": {
    "Role": 6
  },
  "Success": true
}