Role Assignment Report for Groups (v2)
Generates a Role Assignment report of groups in the environment. The report lists the roles assigned to groups. It identifies the group’s name, description, type and assigned roles. The report can be created for a specific group or a role or a combination of groups and roles.
The report includes:
-
Predefined roles (such as Service Administrator)
-
Application roles (such as Approvals - Assign Ownerships, Approvals - Supervise, Approvals - Administer, and Approvals - Design Process)
The API is synchronous and returns the outcome of the operation in the response. Any non-zero status indicates failure of getting Role Assignment Report for groups.
This API is version v2.
Required Roles
Service Administrator or Access Control Manager
REST Resource
GET
/interop/rest/security/v2/report/roleassignmentreport/group?groupname=<groupname>&rolename=<rolename>
Note:
Before using the REST resources, you must understand how to access the REST resources and other important concepts. See Implementation Best Practices for EPM Cloud REST APIs. Using this REST API requires prerequisites. See Prerequisites.
Table 12-83 Tasks for Role Assignment Report for Groups
Task | Request | REST Resource |
---|---|---|
Role Assignment Report for Groups | GET | /interop/rest/security/v2/report/roleassignmentreport/group?groupname=<groupname>&rolename=<rolename> |
Request
Supported Media Types: application/json
The following table summarizes the request parameters.
Table 12-84 Parameters
Name | Description | Type | Required | Default |
---|---|---|---|---|
groupname |
Generates The group name can be either EPM or IDCS group. |
Query | No | All Groups |
rolename |
Generates The Role name can be either Predefined or Application Role (for example, Power User or Manage – Access Control). |
Query | No | All Roles |
Response
Supported Media Types: application/json
Table 12-85 Parameters
Parameters | Description |
---|---|
links |
Detailed information about the link and HTTP call type |
status |
See Migration Status Codes |
error |
Detailed information about the error |
details |
Lists records matching the request |
Example of Response Body
The following show examples of the response body in JSON format.
Response 1: REST API Issued without groupname
or
rolename
Query Parameters Completes without Errors
{
"links": {
"href": " https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/group",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"groupname": "idcsgroup",
"description": "Sample IDCS Group",
"type": "IDCS",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": ""
},
{
"rolename": "Application - Mass Allocate",
"roletype": "Application",
"grantedthroughgroup": ""
},
{
"rolename": "Ad Hoc - Read Only User",
"roletype": "Application",
"grantedthroughgroup": "Analyst"
}
]
},
{
"groupname": "FinancialAnalyst",
"description": "Sample EPM Group",
"type": "EPM",
"roles": [
{
"rolename": "Application - Mass Allocate",
"roletype": "Application",
"grantedthroughgroup": ""
},
{
"rolename": "DataIntegration-Create",
"roletype": "Application",
"grantedthroughgroup": ""
},
{
"rolename": "DataIntegration-Run",
"roletype": "Application",
"grantedthroughgroup": ""
}
]
},
{
"groupname": "GroupPU",
"description": "Sample IDCS GroupPU",
"type": "IDCS",
"roles": [
{
"rolename": "PowerUser",
"roletype": "Predefined",
"grantedthroughgroup": ""
},
{
"rolename": "Approval-Supervise",
"roletype": "Application",
"grantedthroughgroup": ""
},
{
"rolename": "DataIntegration-Run",
"roletype": "Application",
"grantedthroughgroup": "Analyst->FinancialAnalyst"
}
]
}
]
}
Response 2: REST API Issued with groupname
and
rolename
Query Parameters Completes without Errors
{
"links": {
"href": " https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/group?groupname='idcsgroup'&rolename='Service Administrator'",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"groupname": "idcsgroup",
"description": "Sample IDCS Group",
"type": "IDCS",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": ""
}
]
}
]
}
Response 3: REST API Issued with Only rolename
Query Parameter
Completes without Errors
{
"links": {
"href": " https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/group?rolename='Application - Mass Allocate'",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"groupname": "idcsgroup",
"description": "Sample IDCS Group",
"type": "IDCS",
"roles": [
{
"rolename": "Application - Mass Allocate",
"roletype": "Application",
"grantedthroughgroup": ""
}
]
},
{
"groupname": "FinancialAnalyst",
"description": "Sample EPM Group",
"type": "EPM",
"roles": [
{
"rolename": "Application - Mass Allocate",
"roletype": "Application",
"grantedthroughgroup": ""
}
]
}
]
}
Response 4: REST API Issued with Only groupname
Query Parameter
Completes without Errors
{
"links": {
"href": " https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/group?groupname='idcsgroup'",
"action": "GET"
},
"status": 0,
"error": null,
"details": [
{
"groupname": "idcsgroup",
"description": "Sample IDCS Group",
"type": "IDCS",
"roles": [
{
"rolename": "Service Administrator",
"roletype": "Predefined",
"grantedthroughgroup": ""
},
{
"rolename": "Application - Mass Allocate",
"roletype": "Application",
"grantedthroughgroup": ""
},
{
"rolename": "Ad Hoc - Read Only User",
"roletype": "Application",
"grantedthroughgroup": "Analyst"
}
]
}
]
}
Response 5: Job Completes with Errors
{
"links": {
"href": " https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/group",
"action": "GET"
},
"status": 1,
"error": {
"errorcode": "EPMCSS-21203",
"errormessage": "Failed to generate Role Assignment Report for Groups. Authorization failed. Please provide valid authorized user."
},
"details": null
}
Sample cURL Commands
Sample cURL command using Basic Auth
curl -X GET -s -u '<USERNAME>:<PASSWORD>' -H 'Content-Type: application/json'
'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/group
curl -X GET -s -u '<USERNAME>:<PASSWORD>' -H 'Content-Type: application/json' 'https://<BASE-URL>/interop/rest/security/v2/report/roleassignmentreport/group?groupname=<groupname>&rolename=<rolename>'
Sample cURL command using oAuth
curl --location --request GET 'https://<BASE-URL>/interop/rest/security/v2/report
/roleassignmentreport/group' --header "Authorization: Bearer <OAUTH_TOKEN>"
curl --location --request GET 'https://<BASE-URL>/interop/rest/security/v2/report
/roleassignmentreport/group?groupname=<groupname>&rolename=<rolename>' --header "Authorization: Bearer <OAUTH_TOKEN>"