Roles

REST API operations for roles

Overview

The /roles REST API operations are in open beta starting with Panther version 1.112, and are available to all customers. Please share any bug reports and feature requests with your Panther support team.

Use these API operations to interact with user roles in Panther.

To call the API, see the How to use the Panther REST API instructions—including directions for how to invoke it directly from this documentation page.

Required permissions

For GET operations, your API token must have the Read User Info permission.
For POST and DELETE operations, your API token must have the Manage Users permission.

Operations

Create a role

post

Authorizations

X-API-KeystringRequired

Body

logTypeAccessstring[]Optional

The log types that the role can or cannot access, according to the logTypeAccessKind field. This field should be omitted if logTypeAccessKind has a value of ALLOW_ALL or DENY_ALL

logTypeAccessKindstring · enumOptional

Defines the role's access to log types. This field is required and has effect only if the datalake RBAC feature is enabled.

Possible values:

namestringRequired

The name of the role

Responses

200

OK response.

application/json

400

bad_request: Bad Request response.

application/json

post

/roles

POST /roles HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 98

{
  "logTypeAccess": [
    "text"
  ],
  "logTypeAccessKind": "ALLOW",
  "name": "text",
  "permissions": [
    "AlertModify"
  ]
}

{
  "createdAt": "text",
  "id": "text",
  "logTypeAccess": [
    "text"
  ],
  "logTypeAccessKind": "ALLOW",
  "name": "text",
  "permissions": [
    "AlertModify"
  ],
  "updatedAt": "text"
}

Get a role

get

Authorizations

X-API-KeystringRequired

Path parameters

idstringRequired

ID of the role

Responses

200

OK response.

application/json

400

bad_request: Bad Request response.

application/json

404

not_found: Not Found response.

application/json

get

/roles/{id}

GET /roles/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*

{
  "createdAt": "text",
  "id": "text",
  "logTypeAccess": [
    "text"
  ],
  "logTypeAccessKind": "ALLOW",
  "name": "text",
  "permissions": [
    "AlertModify"
  ],
  "updatedAt": "text"
}

Update a role

post

Authorizations

X-API-KeystringRequired

Path parameters

idstringRequired

ID of the role

Body

logTypeAccessstring[]Optional

The log types that the role can or cannot access, according to the logTypeAccessKind field. This field should be omitted if logTypeAccessKind has a value of ALLOW_ALL or DENY_ALL

logTypeAccessKindstring · enumOptional

Defines the role's access to log types. This field is required and has effect only if the datalake RBAC feature is enabled.

Possible values:

namestringRequired

The name of the role

Responses

200

OK response.

application/json

400

bad_request: Bad Request response.

application/json

404

not_found: Not Found response.

application/json

post

/roles/{id}

POST /roles/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 98

{
  "logTypeAccess": [
    "text"
  ],
  "logTypeAccessKind": "ALLOW",
  "name": "text",
  "permissions": [
    "AlertModify"
  ]
}

{
  "createdAt": "text",
  "id": "text",
  "logTypeAccess": [
    "text"
  ],
  "logTypeAccessKind": "ALLOW",
  "name": "text",
  "permissions": [
    "AlertModify"
  ],
  "updatedAt": "text"
}

Delete a role

delete

Authorizations

X-API-KeystringRequired

Path parameters

idstringRequired

ID of the role

Responses

200

OK response.

No content

400

bad_request: Bad Request response.

application/json

404

not_found: Not Found response.

application/json

delete

/roles/{id}

DELETE /roles/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*

No content

List roles

get

Authorizations

X-API-KeystringRequired

Query parameters

name-containsstringOptional

A string to search for in the Role name

namestringOptional

An exact match of a role's name to return. If provided all other parameters are ignored

idstring[]Optional

Set of IDS to return

idsstringOptional

A comma delimited list of IDs

sort-dirstring · enumOptional

The sort direction of the results

Default: ascPossible values:

Responses

200

OK response.

application/json

get

/roles

GET /roles HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*

200

OK response.

{
  "next": "text",
  "results": [
    {
      "createdAt": "text",
      "id": "text",
      "logTypeAccess": [
        "text"
      ],
      "logTypeAccessKind": "ALLOW",
      "name": "text",
      "permissions": [
        "AlertModify"
      ],
      "updatedAt": "text"
    }
  ]
}

PreviousQueries NextRules

Last updated 1 month ago

Was this helpful?

hashtagOverview

hashtagRequired permissions

hashtagOperations

hashtagCreate a role

hashtagGet a role

hashtagUpdate a role

hashtagDelete a role

hashtagList roles

Overview

Required permissions

Operations

Create a role

Get a role

Update a role

Delete a role

List roles