Permissions endpoints

You add permissions to roles to control what users can access and do in PE. Use the permissions endpoints to get information about objects you can create permissions for, what types of permissions you can create, and whether specific users can perform certain actions.

Before using these endpoints, you'll want to be familiar with User permissions and user roles, particularly Best practices for assigning permissions.

A permission consists of three components:

Type (object_type)
Permission (action)
Object (instance, not to be confused with a JSON object)

These three components are described in Structure of user permissions, as well as the crucial All object ("*").

RBAC API requests and responses use the system names (not the display names) described in Reference: User permissions and names. This reference also provides helpful information about some permissions, such as some permissions that require the All ("*") object.