POST OAuth/ListRoles
List all users with OAuth roles. If the caller has the Admin or Auditor role, all roles are returned. If the caller has the Application Owner role, only those roles applicable to the caller are returned.
Authorization
- Roles: Admin, Auditor, or Application Owner. See OAuth roles for more information.
- Token scope: Admin
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
None
Returns
Name |
Description |
||||
---|---|---|---|---|---|
HTTP 200 |
See OAuth result codes. ListRoles returns the Roles object:
|
||||
HTTP 400 |
For invalid requests, this call returns HTTP 400 Bad Request and the following data in the message body:
|
||||
HTTP 401 |
For authentication errors, this call returns HTTP 401 Unauthorized and the following data in the message body:
|
||||
HTTP 403 |
If the response is HTTP 403 Forbidden, the requester's token does not include the admin scope. Call POST Authorize/Oauth with the correct scope and restriction. Update the header with the new token and retry.
|
Example
Request
POST /vedsdk/oauth/ListRoles HTTP/1.1 Host: tpp-server-url Content-Type: application/json Accept: application/json Authorization: Bearer 4MyGeneratedBearerTknz== { }
Response
{ "Result": 0, "Roles": [ { "ApplicationId": "MyIntegration", "Grantee": "local:{5be5a591-c842-4520-9142-b455f4ad2286}", "Role": 2 }, { "ApplicationId": "VenafiMMCRecycleBin", "Grantee": "local:{5be5a591-c842-4520-9142-b455f4ad2286}", "Role": 2 }, { "ApplicationId": "VenafiMMCRecycleBin", "Grantee": "local:{5371f67c-c194-49e2-9c1a-e25c8b0e2e32}", "Role": 1 } ], "Success": true }