Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dded optional parameter "role assignments" to create user #409

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

dded optional parameter "role assignments" to create user #409

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b796ea2
add about role assignment
maya-barak Aug 27, 2024
92de731
fix
maya-barak Aug 27, 2024
aa3ef6c
fix for cr
maya-barak Aug 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 22 additions & 5 deletions docs/how-to/sync-users.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -174,8 +174,18 @@ The rest of the schema for the call consists of the following parameters:

- **`attributes`** (Optional) object (Attributes)
Default: {}
User attributes are used to enforce attribute-based access control policies. You can read more about
[how to define these attributes here](/how-to/build-policies/abac/defining-attributes).
User attributes are used to enforce attribute-based access control policies. You can read more about
[how to define these attributes here](/how-to/build-policies/abac/defining-attributes).

- **`role_assignments`** (Optional) array (Role Assignments),
Default: None,
An array of role assignments to assign to the user. Each role assignment is an object with the following properties:
- **`role`** string (Role) The role key or ID.
- **`tenant`** (Optional) string (Tenant) The tenant key or ID.
- **`resource_instance`** (Optional) string (Resource Instance) The resource instance key or ID.

You need to provide either the tenant or the resource_instance, as the role will be either a tenant role or a resource instance role.


Here's a sample request for using the Create User API call:

Expand All @@ -192,12 +202,19 @@ Here's a sample request for using the Create User API call:
"tier": "pro",
"expired": false
}
}
},
"role_assignments": [
{
"role": "admin",
"tenant": "default"
},
]
}
```

:::note
The API `Create User` function will not assign the user with a role. This needs to be done
separately via the [`Assign Role To User`](https://api.permit.io/v2/redoc#tag/Users/operation/assign_role_to_user) function.
The `role_assignments` parameter is optional. If you do not provide any role assignments, the user will be created without any roles assigned.
For assigning roles to the user after creation, you can use the [`Assign Role To User`](https://api.permit.io/v2/redoc#tag/Users/operation/assign_role_to_user) function.

A full list of all API functions, their uses, and purpose [is available here](https://api.permit.io/v2/redoc#tag/Users).
:::