Grant Access
Endpoint: POST /api/auth/authorization
Grants access to a user, group, or role over a specific resource in Orkes Conductor.
Request body
| Parameter | Description | Type | Required/ Optional |
|---|---|---|---|
| subject.type | The type of subject being granted access. Supported values:
| string | Required. |
| subject.id | The identifier of the subject.
| string | Required. |
| target.type | The resource type to which access is being granted. Supported values:
| string | Required. |
| target.id | The unique identifier of the resource (e.g., the workflow name) to grant access to. | string | Required. |
| access | The set of access types to grant. Supported values:
| array of strings | Required. |
Response
Returns a confirmation message.
Examples
Grant a user READ and EXECUTE access to a workflow definition
Request
curl -X 'POST' \
'https://<YOUR-SERVER-URL>/api/auth/authorization' \
-H 'accept: application/json' \
-H 'X-Authorization: <TOKEN>' \
-H 'Content-Type: application/json' \
-d '{
"subject": {
"type": "user",
"id": "jane.doe@acme.com"
},
"target": {
"type": "WORKFLOW_DEF",
"id": "rate_limit_test"
},
"access": ["READ", "EXECUTE"]
}
'
Response
This grants the user READ and EXECUTE access over the workflow named rate_limit_test.
{
"message": "Granted permission"
}