Create Role

Creates a partner- or client-level role.

A role defines permission sets to user and -user groups on devices and device groups. A user (or user group) can be assigned to one or more roles

Create a Role with Scope: MSP and Provide Visibility of Specific Clients

  • Create a role that is applicable only for partners.
  • Users in this role can view only specific clients:

Create a Role with Scope: MSP and Provide Visibility of All Clients, Devices, and Credentials

  • Create a role that applies only for a partner.
  • Users in this role can view all clients (under the partner)

Create a Role with Scope: Client and Provide Visibility of All Devices and Credentials

Create a role that is applicable only for a partner:

  • Users in the role can view all clients under the partner.
  • Users in the role can view all client devices and credentials.

Create a Role with Scope: Client and Provide Visibility of Specific Devices, and Credentials

Create a role that is applicable for client:

  • Users in the role can view all client devices.
  • Users in the role can view all client credential sets.

Path Parameters

  • tenantIdstringrequired

    Describes the clientId or mspId of the tenant

Request Body

application/json

  • uniqueIdstring

    Role unique Identifier uuid.

  • namestring

    Role name.

  • descriptionstring

    Short summary describing a role.

  • scopestring

    Define the applicability of a role. - Provide scope: MSP to create a partner-level role. Note: MSP indicates a Partner. - Provide scope: CLIENT to create a client-level role.

    Enum:
    MSPCLIENT
  • usersarray

    Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.

  • userGroupsarray

    Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.

  • clientsarray

    Configure the visibility of clients for users in a role: - For partner-level users: To allow users of a role to view specific clients, provide the respective client IDs. Note: You can also create a role without visibility of any clients. - For client-level users: To assign a role to specific clients, provide the respective client IDs.

  • devicesarray

    Configure the visibility of devices for users in a role: A partner and client specific roles can be created with visibility to all devices, specific devices and without any devices.

  • allDevicesboolean

    (Optional) - For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. - For client specific role: To allow users to view all client devices, provide allDevices: true.

  • deviceGroupsarray

    (Optional) For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. For client specific role: To allow users to view all client devices, provide allDevices: true.

  • credentialSetsarray

    Configure visibility of credentials sets for users in a role: A partner or client specific role can be created to allow users in a role to view all credentials, specific credentials, or no credentials.

  • allCredentialsboolean

    (Optional) - For partner specific role: To allow users in a role to view all credentials sets of all clients for a partner, provide allCredentials: true. - For client specific role: To allow users in a role to view all credential sets of all clients, provide allCredentials: true. Credential sets are client-specific. To allow users in a role to view only specific credential sets, provide only the credential set IDs of the client provided in clients.

  • permissionsarray

    Assign permission sets to a role. All users in a role would be assigned these permissions. Search Permissions Sets API is used to get the list of permissions for a partner or client.

  • defaultRoleboolean

Loading Examples...

Responses

  • uniqueIdstring

    Role unique Identifier uuid.

  • namestring

    Role name.

  • descriptionstring

    Short summary describing a role.

  • scopestring

    Define the applicability of a role. - Provide scope: MSP to create a partner-level role. Note: MSP indicates a Partner. - Provide scope: CLIENT to create a client-level role.

    Enum:
    MSPCLIENT
  • usersarray

    Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.

  • userGroupsarray

    Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.

  • clientsarray

    Configure the visibility of clients for users in a role: - For partner-level users: To allow users of a role to view specific clients, provide the respective client IDs. Note: You can also create a role without visibility of any clients. - For client-level users: To assign a role to specific clients, provide the respective client IDs.

  • devicesarray

    Configure the visibility of devices for users in a role: A partner and client specific roles can be created with visibility to all devices, specific devices and without any devices.

  • allDevicesboolean

    (Optional) - For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. - For client specific role: To allow users to view all client devices, provide allDevices: true.

  • deviceGroupsarray

    (Optional) For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. For client specific role: To allow users to view all client devices, provide allDevices: true.

  • credentialSetsarray

    Configure visibility of credentials sets for users in a role: A partner or client specific role can be created to allow users in a role to view all credentials, specific credentials, or no credentials.

  • allCredentialsboolean

    (Optional) - For partner specific role: To allow users in a role to view all credentials sets of all clients for a partner, provide allCredentials: true. - For client specific role: To allow users in a role to view all credential sets of all clients, provide allCredentials: true. Credential sets are client-specific. To allow users in a role to view only specific credential sets, provide only the credential set IDs of the client provided in clients.

  • permissionsarray

    Assign permission sets to a role. All users in a role would be assigned these permissions. Search Permissions Sets API is used to get the list of permissions for a partner or client.

  • defaultRoleboolean

Loading Examples...