Permission management API - GET permissions
Lists all permissions assigned to a user group from your Dynatrace account.
The request produces an application/json payload.
GET |
|
Authentication
To execute this request, you need the Allow read access for identity resources (users and groups) (account-idm-read) scope assigned to your token. To learn how to obtain and use it, see Authentication.
Parameters
| Parameter | Type | Description | In | Required |
|---|---|---|---|---|
| accountUuid | string | The ID of the required account. You can find the UUID on the Account > Account management API page, during creation of an OAuth client. | path | required |
| groupUuid | string | The UUID of the required user group. | path | required |
Response
Response codes
| Code | Type | Description |
|---|---|---|
| 200 | PermissionsGroupDto | Success. The response contains permissions of the user group. |
Response body objects
The PermissionsGroupDto object
| Element | Type | Description |
|---|---|---|
| uuid | string | The UUID of the user group. |
| name | string | The name of the user group. |
| description | string | A short description of the user group. |
| federatedAttributeValues | string[] | A list of values associating this group with the corresponding claim from an identity provider. |
| owner | string | The identity provider from which the group originates.
|
| createdAt | string | The date and time of the group creation in |
| updatedAt | string | The date and time of the most recent group modification in |
| permissions | PermissionsDto[] | A list of permissions assigned to the group. |
The PermissionsDto object
| Element | Type | Description |
|---|---|---|
| permissionName | string | The name of the permission.
|
| scope | string | The scope of the permission. Depending on the scope type, it is defined by:
|
| scopeType | string | The type of the permission scope.
|
| createdAt | string | The date and time of the permission creation in |
| updatedAt | string | The date and time of the most recent permission modification in |
Response body JSON model
1{2 "uuid": "string",3 "name": "string",4 "description": "string",5 "federatedAttributeValues": [6 "string"7 ],8 "owner": "LOCAL",9 "createdAt": "string",10 "updatedAt": "string",11 "permissions": [12 {13 "permissionName": "account-company-info",14 "scope": "string",15 "scopeType": "account",16 "createdAt": "string",17 "updatedAt": "string"18 }19 ]20}
Example
In this example, the request lists permissions of the user group with the UUID of 752d4f22-83f9-44dd-8fb2-7f226354fdb5.
Curl
1curl --request GET \2 --url 'https://api.dynatrace.com/iam/v1/accounts/9ad20784-76c6-4167-bfba-9b0d8d72a71d/groups/752d4f22-83f9-44dd-8fb2-7f226354fdb5/permissions' \3 --header 'Authorization: Bearer abcdefjhij1234567890'
Request URL
1https://api.dynatrace.com/iam/v1/accounts/9ad20784-76c6-4167-bfba-9b0d8d72a71d/groups/752d4f22-83f9-44dd-8fb2-7f226354fdb5/permissions
Response body
1{2 "uuid": "752d4f22-83f9-44dd-8fb2-7f226354fdb5",3 "name": "Finance admin",4 "owner": "LOCAL",5 "description": null,6 "hidden": false,7 "createdAt": "2020-03-11T03:01:00Z",8 "updatedAt": "2020-03-11T03:01:00Z",9 "permissions": [10 {11 "permissionName": "account-viewer",12 "scope": "9ad20784-76c6-4167-bfba-9b0d8d72a71d",13 "scopeType": "account",14 "createdAt": "2020-03-11T03:01:00Z",15 "updatedAt": "2020-03-11T03:01:00Z"16 },17 {18 "permissionName": "account-company-info",19 "scope": "9ad20784-76c6-4167-bfba-9b0d8d72a71d",20 "scopeType": "account",21 "createdAt": "2020-03-11T03:01:00Z",22 "updatedAt": "2020-03-11T03:01:00Z"23 }24 ]25}
Response code
200