RBAC API
Use the RBAC API to manage users, user groups, roles, permissions, tokens, password, and LDAP or SAML connections.
| Endpoint | Use |
|---|---|
users
|
Manage local users as well as those from a directory service, get lists of users, and create new local users. This endpoint has a v1 and v2. The v2 GET /users endpoint has more filtering options. |
groups
|
Get lists of groups and add a new remote user group. This endpoint has a v1 and v2. The v2 POST /groups (deprecated) endpoint has the option to validate the group against LDAP before creating it. |
roles
|
Get lists of user roles and create new roles. |
permissions
|
Get information about available objects and the permissions that can be constructed for those objects. |
ds (directory service) |
Get information about the directory service, test your directory service connection, and replace directory service connection settings. This endpoint has a v1 and v2. Use the v2 GET /ds (deprecated) endpoint to get information about your directory service. |
saml
|
Configure SAML, get SAML configuration details, and get the public certificate and URLs for configuration. |
password
|
Generate password reset tokens and update user passwords. |
tokens
|
Generate authentication tokens to access PE. Use the v1 token endpoints to create tokens, and use the v2 token endpoints to revoke and validate tokens. |
rbac-service
|
Use the Status API to check the status of the RBAC service. |
-
The role-based access control (RBAC) API accepts well-formed HTTPS requests. Token-based authentication is required for most endpoints. You can use either user authentication tokens or allowed certificates to authenticate requests.
-
RBAC API error responses can be formatted as ctext/html or JSON objects.
-
Use the role-based access control (RBAC) API v1 endpoints to manage users, directory service groups, roles, permissions, tokens, passwords, and LDAP and SAML connection settings.
-
The role-based access control (RBAC) API v2 service enables you to fetch information about users, create groups, revoke tokens, validate tokens, and get information about your LDAP directory service.
