Group Assignments
Assigns a user to a specified group. The user will gain all access controls (scopes) specified for this group.
Groups assigned to employee users must share the same vendor identifier.
iam.assignment_create_own scope allows customer to assign a user to a specified group only if the user is assigned to the same company.
Required scopes
iam.assignment_manageiam.assignment_create_own
Your Emporix tenant's name.
Note: The tenant name should always be written in lowercase.
^[a-z][a-z0-9]+$Unique identifier of a group, generated when the group is created.
User unique identifier generated when the user is created. Might be customer ID or Management Dashboard user ID.
Assignment type, possible values: CUSTOMER, EMPLOYEE
EMPLOYEEExample: CUSTOMERPossible values: The request was successful. The user has been added to the group.
Request was syntactically incorrect.
Given request is unauthorized - the authorization token is invalid or has expired. It usually means that tenant from the token does not match tenant from path.
Scope validation failed, details will be provided in response message
Given resources cannot be found.
POST /iam/{tenant}/groups/{groupId}/users HTTP/1.1
Host: api.emporix.io
Authorization: Bearer YOUR_OAUTH2_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 71
{
"userId": "f543dc9e-a3f6-4573-bb01-a8ae21d2d4ae",
"userType": "CUSTOMER"
}{
"id": "e243dc9e-a3f6-4573-bb01-a8ae21d2d4ae"
}Your Emporix tenant's name.
Note: The tenant name should always be written in lowercase.
^[a-z][a-z0-9]+$Unique identifier of a group, generated when the group is created.
The request was successful. All users have been deleted from the group.
Given request is unauthorized - the authorization token is invalid or has expired. It usually means that tenant from the token does not match tenant from path.
Scope validation failed, details will be provided in response message
DELETE /iam/{tenant}/groups/{groupId}/users HTTP/1.1
Host: api.emporix.io
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*
No content
Creates user's assignment to a specified group. The user gains all access controls (scopes) specified for this group. In case the assignment already exists, nothing happens as the type of assignment cannot be changed.
Groups assigned to employee users must share the same vendor identifier
Required scopes
iam.assignment_manage
Your Emporix tenant's name.
Note: The tenant name should always be written in lowercase.
^[a-z][a-z0-9]+$Unique identifier of a group, generated when the group is created.
User type that may be one of: 'CUSTOMER', 'EMPLOYEE'
User's unique identifier, generated when the user is created.
The request was successful. The user has been added to the group.
The request was successful. The user assignment already exists and has not been changed.
Request was syntactically incorrect.
Given request is unauthorized - the authorization token is invalid or has expired. It usually means that tenant from the token does not match tenant from path.
Scope validation failed, details will be provided in response message
Given resources cannot be found.
PUT /iam/{tenant}/groups/{groupId}/users/{userType}/{userId} HTTP/1.1
Host: api.emporix.io
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*
{
"id": "text"
}Your Emporix tenant's name.
Note: The tenant name should always be written in lowercase.
^[a-z][a-z0-9]+$Unique identifier of a group, generated when the group is created.
User's unique identifier, generated when the user is created.
The request was successful. The user has been removed from the group.
Given request is unauthorized - the authorization token is invalid or has expired. It usually means that tenant from the token does not match tenant from path.
Scope validation failed, details will be provided in response message
DELETE /iam/{tenant}/groups/{groupId}/users/{userId} HTTP/1.1
Host: api.emporix.io
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*
No content
Your Emporix tenant's name.
Note: The tenant name should always be written in lowercase.
^[a-z][a-z0-9]+$User's unique identifier, generated when the user is created.
The request was successful. The user has been removed from all groups.
Given request is unauthorized - the authorization token is invalid or has expired. It usually means that tenant from the token does not match tenant from path.
Permission denied due to insufficient rights. This may happen when request does not contain sufficient scopes for given query values.
DELETE /iam/{tenant}/users/{userId}/groups HTTP/1.1
Host: api.emporix.io
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*
No content
Was this helpful?