Skip to main content

Create a custom role

POST 
/iam/v1/custom_roles

Create a new custom role. When you create a custom role, you must specify a name. This name must be unique within the tenant service group's (TSG) immediate hierarchy. That is, it cannot be duplicated by custom role names defined for ancestor or descendent TSGs, but it can be duplicated across sibling TSGs. For best results, ensure that this name is unique within your entire hierarchy by specifying the TSG's ID as a part of the role name.

The custom role name must be URL-safe. It is used as a path parameter for some custom role APIs.

Request

Body

required

A new custom_role to be created.

    description stringrequired
    name stringrequired

    Custom role's name. This name must be URL-safe and must be unique within the TSG's ancestor and descendent hierarchy.

    permission_sets object[]
  • Array [
    • access_types string[]

    The type of access (read and/or write) granted for this permission set.

    id string

    The ID of a permission set included in this custom role.

  • ]
    • permissions string[]

    A permission that you want to assign to this custom role. Use permissions if you are granting access to a program or script.

Responses

Successful response.

Schema
    aggregated_permissions string[]

    Identifies all permissions available to this TSG. This is a union of the permissions available to the TSG, as well as the permissions available to all its child TSGs.

    description string
    label string
    name string

    The custom role's name. It is used as a path parameter for some custom role APIs.

    permission_sets object[]
  • Array [
    • access_types string[]

    The type of access (read and/or write) granted for this permission set.

    id string

    The ID of a permission set included in this custom role.

  • ]
    • permissions string[]

    The permissions granted to this custom role.

    tsg_id string

    The tenant service group for which this role was created.

Loading...