Skip to main content

Get Access Grants for a Resource

Endpoint: GET /api/auth/authorization/{type}/{id}

Returns all subjects that have been granted access to a specific resource.

Path parameters

ParameterDescriptionTypeRequired/ Optional
typeThe resource type for which access grants are being retrieved. Supported values:
  • WORKFLOW
  • WORKFLOW_DEF
  • WORKFLOW_SCHEDULE
  • EVENT_HANDLER
  • TASK_DEF
  • TASK_REF_NAME
  • TASK_ID
  • APPLICATION
  • USER
  • SECRET_NAME
  • ENV_VARIABLE
  • TAG
  • DOMAIN
  • INTEGRATION_PROVIDER
  • INTEGRATION
  • PROMPT
  • USER_FORM_TEMPLATE
  • SCHEMA
  • CLUSTER_CONFIG
  • WEBHOOK
  • API_GATEWAY_SERVICE
  • API_GATEWAY_SERVICE_ROUTE
  • AUTH_CONFIG
  • GROUP
  • ROLE
  • SERVICE_REGISTRY
stringRequired.
idThe unique identifier of the resource (e.g., the workflow name).stringRequired.

Query parameters

ParameterDescriptionTypeRequired/ Optional
groupByResponse grouping. Use access (default) to group by access type, or subject to group by subject.stringOptional.

Response

Returns the access grants for the specified resource, grouped by access type or subject.

Examples

Get grants grouped by access type

Request

curl -X 'GET' \
'https://<YOUR-SERVER-URL>/api/auth/authorization/WORKFLOW_DEF/rate_limit_test?groupBy=access' \
-H 'accept: application/json' \
-H 'X-Authorization: <TOKEN>'

Response

{
"READ": [
{
"type": "USER",
"id": "jane.doe@acme.com"
},
{
"type": "USER",
"id": "john.doe@acme.com"
}
],
"DELETE": [
{
"type": "USER",
"id": "john.doe@acme.com"
}
],
"CREATE": [
{
"type": "USER",
"id": "john.doe@acme.com"
}
],
"EXECUTE": [
{
"type": "USER",
"id": "jane.doe@acme.com"
},
{
"type": "USER",
"id": "john.doe@acme.com"
}
],
"UPDATE": [
{
"type": "USER",
"id": "john.doe@acme.com"
}
]
}
Get grants grouped by subject

Request

curl -X 'GET' \
'https://<YOUR-SERVER-URL>/api/auth/authorization/WORKFLOW_DEF/rate_limit_test?groupBy=subject' \
-H 'accept: application/json' \
-H 'X-Authorization: <TOKEN>'

Response

{
"USER:john.doe@acme.com": [
"EXECUTE",
"CREATE",
"READ",
"UPDATE",
"DELETE"
],
"USER:jane.doe@acme.com": [
"EXECUTE",
"READ"
]
}