Create Role
Creates a partner- or client-level role.
A role defines permission sets to user and -user groups on devices and device groups. A user (or user group) can be assigned to one or more roles
Create a Role with Scope: MSP and Provide Visibility of Specific Clients
- Create a role that is applicable only for partners.
- Users in this role can view only specific clients:
Create a Role with Scope: MSP and Provide Visibility of All Clients, Devices, and Credentials
- Create a role that applies only for a partner.
- Users in this role can view all clients (under the partner)
Create a Role with Scope: Client and Provide Visibility of All Devices and Credentials
Create a role that is applicable only for a partner:
- Users in the role can view all clients under the partner.
- Users in the role can view all client devices and credentials.
Create a Role with Scope: Client and Provide Visibility of Specific Devices, and Credentials
Create a role that is applicable for client:
- Users in the role can view all client devices.
- Users in the role can view all client credential sets.
Path Parameters
- tenantId
Describes the clientId or mspId of the tenant
Request Body
application/json
- uniqueId
Role unique Identifier uuid.
- name
Role name.
- description
Short summary describing a role.
- scope
Define the applicability of a role. - Provide scope: MSP to create a partner-level role. Note: MSP indicates a Partner. - Provide scope: CLIENT to create a client-level role.
- Enum:
- MSPCLIENT
- users
Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.
- userGroups
Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.
- clients
Configure the visibility of clients for users in a role: - For partner-level users: To allow users of a role to view specific clients, provide the respective client IDs. Note: You can also create a role without visibility of any clients. - For client-level users: To assign a role to specific clients, provide the respective client IDs.
- devices
Configure the visibility of devices for users in a role: A partner and client specific roles can be created with visibility to all devices, specific devices and without any devices.
- allDevices
(Optional) - For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. - For client specific role: To allow users to view all client devices, provide allDevices: true.
- deviceGroups
(Optional) For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. For client specific role: To allow users to view all client devices, provide allDevices: true.
- credentialSets
Configure visibility of credentials sets for users in a role: A partner or client specific role can be created to allow users in a role to view all credentials, specific credentials, or no credentials.
- allCredentials
(Optional) - For partner specific role: To allow users in a role to view all credentials sets of all clients for a partner, provide allCredentials: true. - For client specific role: To allow users in a role to view all credential sets of all clients, provide allCredentials: true. Credential sets are client-specific. To allow users in a role to view only specific credential sets, provide only the credential set IDs of the client provided in clients.
- permissions
Assign permission sets to a role. All users in a role would be assigned these permissions. Search Permissions Sets API is used to get the list of permissions for a partner or client.
- defaultRole
Responses
- uniqueId
Role unique Identifier uuid.
- name
Role name.
- description
Short summary describing a role.
- scope
Define the applicability of a role. - Provide scope: MSP to create a partner-level role. Note: MSP indicates a Partner. - Provide scope: CLIENT to create a client-level role.
- Enum:
- MSPCLIENT
- users
Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.
- userGroups
Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.
- clients
Configure the visibility of clients for users in a role: - For partner-level users: To allow users of a role to view specific clients, provide the respective client IDs. Note: You can also create a role without visibility of any clients. - For client-level users: To assign a role to specific clients, provide the respective client IDs.
- devices
Configure the visibility of devices for users in a role: A partner and client specific roles can be created with visibility to all devices, specific devices and without any devices.
- allDevices
(Optional) - For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. - For client specific role: To allow users to view all client devices, provide allDevices: true.
- deviceGroups
(Optional) For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. For client specific role: To allow users to view all client devices, provide allDevices: true.
- credentialSets
Configure visibility of credentials sets for users in a role: A partner or client specific role can be created to allow users in a role to view all credentials, specific credentials, or no credentials.
- allCredentials
(Optional) - For partner specific role: To allow users in a role to view all credentials sets of all clients for a partner, provide allCredentials: true. - For client specific role: To allow users in a role to view all credential sets of all clients, provide allCredentials: true. Credential sets are client-specific. To allow users in a role to view only specific credential sets, provide only the credential set IDs of the client provided in clients.
- permissions
Assign permission sets to a role. All users in a role would be assigned these permissions. Search Permissions Sets API is used to get the list of permissions for a partner or client.
- defaultRole