Roles

Roles are grants of permissions within OpenTransact which can be attached to specific users, sessions, API keys, or applications in order to manage their access to resources and processes within OpenTransact.

Data Types

RoleResponse

Key	Value
type	roles
id	UUID
Attributes
name	String
permissions	Array of Permission objects
metadata	Metadata
created-at	Timestamp
updated-at	Timestamp
Relationships
owner	ApplicationRelationship
subject	ProfileRelationship

RoleResponse Example

{
  "data": {
    "id": "4c72784e-fb2a-4858-8067-95b6e36d54c0",
    "type": "roles",
    "attributes": {
      "name": "ProfileSelfAdmin",
      "permissions": [{
        "Resource": "profiles:self",
        "Action": [ "*:*" ]
      }],
      "metadata": {},
      "created-at": "2024-05-01T12:00:00Z",
      "updated-at": "2024-05-01T12:00:00Z"
    },
    "relationships": {
      "owner": {
        "data": {
          "type": "applications",
          "id": "4c72784e-fb2a-4858-8067-95b6e36d54c0"
        }
      }
    }
  }
}

RoleRequest

Key	Value
type	roles
Attributes
name	String
permissions	Array of Permission objects
metadata	Metadata
Relationships
subject	ProfileRelationship

RoleRequest Example

{
  "data": {
    "type": "roles",
    "attributes": {
      "name": "ProfileSelfAdmin",
      "permissions": [{
        "Resource": "profiles:self",
        "Action": [ "*:*" ]
      }],
      "metadata": {}
    },
    "relationships": {
      "subject": {
        "data": {
          "type": "profiles",
          "id": "4c72784e-fb2a-4858-8067-95b6e36d54c0"
        }
      }
    } 
  }
}

POST/v1/roles

Create a Role

This endpoint currently only accepts permissions indicated in the example code for profile self administration which is the most common use case for Client Tokens. When the functionality is expanded we will provide detailed documentation for the formatting and validity of permission statements.

This endpoint creates a new Role in OpenTransact.

This endpoint accepts a RoleRequest object and returns a RoleResponse object.

Request

POST

/v1/roles

curl --request POST \
      --url https://api.opentransact.com/v1/roles \
      --header 'authorization: Bearer $API_KEY' \
      --header 'content-type: application/vnd.api+json' \
      --data '{
      "data":{
        "type": "roles",
        "attributes": {
          "name": "ProfileSelfAdmin",
          "permissions": [{
            "Resource": "profiles:self",
            "Action": [ "*:*" ]
          }],
          "metadata": {}
        },
        "relationships": {
          "owner": {
            "data": {
              "type": "applications",
              "id": $APPLICATION_ID
            }
            
          }
        }
      }
    }'

Response

{
  "data": {
    "id": "4c72784e-fb2a-4858-8067-95b6e36d54c0",
    "type": "roles",
    "attributes": {
      "name": "ProfileSelfAdmin",
      "permissions": [{
        "Resource": "profiles:self",
        "Action": [ "*:*" ] 
      }],
      "metadata": {},
      "created-at": "2024-05-01T12:00:00Z",
      "updated-at": "2024-05-01T12:00:00Z"
    },
    "relationships": {
      "owner": {
        "data": {
          "type": "applications",
          "id": "4c72784e-fb2a-4858-8067-95b6e36d54c0"
        }
      }
    }
  }
}