POST OAuth/GrantRole
Grant an OAuth role to a user.
Authorization
- Roles: Admin, Application Owner, or Application Maintainer. See OAuth roles for more information.
- Token scope: Admin
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
Name |
Description |
---|---|
GranteePrefixedUniversal string |
(Required) The prefixed universal ID of the user who is being granted the role. The prefixed universal ID can be found from the identity value returned from POST Authorize/OAuth or the PrefixedUniversal value returned from POST Identity/Browse. |
Role integer |
(Required) An integer that specifies the role being granted. See OAuth roles. |
ApplicationId string |
The ID of the application to grant access to. This parameter is required when granting the Application Maintainer and Application Owner roles. For other roles, it doesn't apply since those roles are system-wide. |
Returns
Name |
Description |
---|---|
HTTP 200 |
See OAuth result codes. |
HTTP 400 |
For invalid requests, this call returns HTTP 400 Bad Request and the following data in the message body:
|
HTTP 401 |
For authentication errors, this call returns HTTP 401 Unauthorized and the following data in the message body:
|
HTTP 403 |
If the response is HTTP 403 Forbidden, the requester's token does not include the admin scope. Call POST Authorize/OAuth with the correct scope and restriction. Update the header with the new token and retry.
|
Example
Request
POST /vedsdk/oauth/GrantRole HTTP/1.1 Host: tpp-server-url Content-Type: application/json Accept: application/json Authorization: Bearer 4MyGeneratedBearerTknz== { "GranteePrefixedUniversal": "local:{5be5a591-c842-4520-9142-b455f4ad2286}", "ApplicationId": "MyIntegration", "Role": 2 }
Response
{ "Result": 0, "Success": true }