Get Access Grants for a Resource
Endpoint: GET /api/auth/authorization/{type}/{id}
Returns all subjects that have been granted access to a specific resource.
Path parameters
| Parameter | Description | Type | Required/ Optional |
|---|---|---|---|
| type | The resource type for which access grants are being retrieved. Supported values:
| string | Required. |
| id | The unique identifier of the resource (e.g., the workflow name). | string | Required. |
Query parameters
| Parameter | Description | Type | Required/ Optional |
|---|---|---|---|
| groupBy | Response grouping. Use access (default) to group by access type, or subject to group by subject. | string | Optional. |
Response
Returns the access grants for the specified resource, grouped by access type or subject.
Examples
Get grants grouped by access type
Request
curl -X 'GET' \
'https://<YOUR-SERVER-URL>/api/auth/authorization/WORKFLOW_DEF/rate_limit_test?groupBy=access' \
-H 'accept: application/json' \
-H 'X-Authorization: <TOKEN>'
Response
{
"READ": [
{
"type": "USER",
"id": "jane.doe@acme.com"
},
{
"type": "USER",
"id": "john.doe@acme.com"
}
],
"DELETE": [
{
"type": "USER",
"id": "john.doe@acme.com"
}
],
"CREATE": [
{
"type": "USER",
"id": "john.doe@acme.com"
}
],
"EXECUTE": [
{
"type": "USER",
"id": "jane.doe@acme.com"
},
{
"type": "USER",
"id": "john.doe@acme.com"
}
],
"UPDATE": [
{
"type": "USER",
"id": "john.doe@acme.com"
}
]
}
Get grants grouped by subject
Request
curl -X 'GET' \
'https://<YOUR-SERVER-URL>/api/auth/authorization/WORKFLOW_DEF/rate_limit_test?groupBy=subject' \
-H 'accept: application/json' \
-H 'X-Authorization: <TOKEN>'
Response
{
"USER:john.doe@acme.com": [
"EXECUTE",
"CREATE",
"READ",
"UPDATE",
"DELETE"
],
"USER:jane.doe@acme.com": [
"EXECUTE",
"READ"
]
}