skip to main content
Hybrid Data Pipeline API reference : Administrators API : Roles API : Create a role
  

Try Now
Create a role

Purpose

Creates a new role

URL

https://<myserver>:<port>/api/admin/roles

Method

POST

URL Parameters

<myserver> is the hostname or IP address of the machine hosting the Hybrid Data Pipeline server for a standalone installation, or the machine hosting the load balancer for a load balancer installation. For a standalone installation, <port> is the port number specified as the Server Access Port during installation. For a load balancer installation, <port> must be either 80 for http or 443 for https. Whenever port 80 or 443 are used, it is not necessary to include the port number in the URL.

Request Payload Definition

The request payload is a JSON object defined as follows:
{
"name": "role_name",
"tenantId": tenant_id,
"description": "role_description",
"permissions": [permission_id,permission_id,...],
"users": [user_id,user_id,...]
}
Property
Description
Usage
Valid Values
"name"
The name of the role.
Required
System Administrator | User | Tenant Administrator | custom_role
custom_role is the name of a role created by an administrator.
"tenantId"
The ID of the tenant to which the role belongs. If not specified, the role is created in the tenant to which the user belongs.
Optional
A valid tenant ID.
"description"
The description of the role.
Optional
System Administrator role has all permissions. This role cannot be deleted, and only the users associated with it via the "users" property can be modified. Other properties, such as "name" and "permissions," cannot be modified.
User role has all permissions associated with a user who might query data sources directly. This role cannot be deleted, and only the users associated with it via the "users" property can be modified. Other properties, such as "name" and "permissions," cannot be modified.
Tenant Administrator role has user permissions and permissions associated with provisioning users. This role cannot be deleted, and only the users associated with it via the "users" property can be modified. Other properties, such as "name" and "permissions," cannot be modified.
Optionally, administrators can provide a description for any roles they create.
"permissions"
A list of permissions associated with the role.
Required
A comma-separated list of permission IDs. See Administrator Permissions API for details.
While this property must be included in the request payload, an empty array can be passed.
"users"
A list of users granted the role.
Required
A comma-separated list of user IDs.
Note: The users property must be included in the payload, but an empty array can be passed.

Sample Request Payload

{
"name": "Reader",
"tenantId": 56,
"description": "This role allows read-only access.",
"permissions": [
2,
5,
6,
7
],
"users": []
}

Sample Server Success Response

A successful server response will include an auto-generated ID for the newly created role.
Status code: 201
Successful response
{
"id": 29,
"name": "Reader",
"tenantId": 56,
"description": "This role allows read-only access.",
"permissions": [
2,
5,
6,
7
],
"users": []
}

Sample Server Failure Response

{
"error":{
"code":222207917,
"message":{
"lang":"en-US",
"value":"Problem creating a Role at this time. Please try again at another time."
}
}
}

Authentication

Basic Authentication using Login ID and Password

Authorization

The user must have the Administrator (12) permission, or the CreateRole (17) permission and administrative access on the tenant.