Manage custom roles. When you create a custom role, you can use permissions or permission sets. To retrieve a list of all permissions currently available to you, use GET /iam/v1/permissions. To retrieve a list of all available permission sets, use GET /iam/v1/permission_sets.
You should use permission sets if you are managing access for a user who is using the UI. Permission sets are maintained by Palo Alto Networks, and they are updated as pages are added to and removed from the UI. By using a permission set, you can avoid the overhead of maintaining permissions for users as the UI evolves.
Use permissions if you are granting access to an application or a script that needs specific access to a service.
- HTTP: Bearer Auth
|Security Scheme Type:||http|
|HTTP Authorization Scheme:||bearer|
📄️ List custom roles
Retrieve all custom roles currently available to the tenant service group identified by the
📄️ Create a custom role
Create a new custom role. When you create a custom role, you must specify a name. This
📄️ Delete a custom role
Delete a custom role. It is an error to delete a custom role if that role is currently
📄️ Get a Custom Role
Gets the details of a single instance of a `custom_role`.
📄️ Update a Custom Role
Updates an existing `custom_role`.