Check User Permission over Resources

Endpoint: GET /api/users/{userId}/checkPermissions

For a specific resource, check whether a user has each of the following permissions: READ, EXECUTE, DELETE, CREATE, and UPDATE. The invoking user must be an Admin to the Conductor cluster.

Path parameters

Parameter	Description	Type	Required/ Optional
userId	The email address of the user whose permissions are to be retrieved.	string	Required

Query parameters

Parameter	Description	Type	Required/ Optional
type	The resource type to check permissions against. Supported values: `WORKFLOW` `WORKFLOW_DEF` `WORKFLOW_SCHEDULE` `EVENT_HANDLER` `TASK_DEF` `TASK_REF_NAME` `TASK_ID` `APPLICATION` `USER` `SECRET_NAME` `ENV_VARIABLE` `TAG` `DOMAIN` `INTEGRATION_PROVIDER` `INTEGRATION` `PROMPT` `USER_FORM_TEMPLATE` `SCHEMA` `WEBHOOK` `API_GATEWAY_SERVICE` `API_GATEWAY_SERVICE_ROUTE`	string	Required.
id	The name or identifier of the specific resource to check permissions against.	string	Required.

Response

Returns an object containing the user's granted access permissions over resources.
Returns 403 if a non-admin invokes the API.

Examples

Check a user’s permission over a resource

Request

curl -X 'GET' \
  'https://<YOUR-SERVER-URL>/api/users/john.doe%40acme.com/checkPermissions?type=WORKFLOW_DEF&id=azure' \
  -H 'accept: application/json' \
  -H 'X-Authorization: <TOKEN>'

Response

{
  "READ": true,
  "EXECUTE": true,
  "DELETE": true,
  "CREATE": true,
  "UPDATE": true
}

Path parameters​

Query parameters​

Response​

Examples​

Path parameters

Query parameters

Response

Examples