GET /api/users/{UserID}/auzstatus

Returns information about the authorization status of the specified user in relation to the specified resource or resource type.

Authorization Roles/Permissions: Must have Read permission for the resource. Self only.

This topic includes the following sections:

HTTP Method

GET

Back to top

URL

https://{hostname}/api/users/{UserID}/auzstatus?[ResourceID={ResourceID}]&[ResourceKey={ResourceKey}]
&ScopeID={ScopeID}]&[ResourceType={ResourceType}]&[Action={Action}]&[Role={Role}]&[AuthorizeAll={Boolean}]

Back to top

Sample Request

The example below queries whether the specified user is authorized to add an API.

Request URL

https://{hostname}/api/users/03de5a70-c54e-4924-9abd-29da117230cf.acmepaymentscorp/auzstatus?ResourceType=api&Action=Add

Sample request headers

GET /api/users/03de5a70-c54e-4924-9abd-29da117230cf.acmepaymentscorp/auzstatus?ResourceType=api&Action=Add HTTP/1.1
Host: {hostname}
Accept: application/json, text/javascript, */*; q=0.01
X-Csrf-Token_{tenant}: {TokenID}

Sample request body

Not applicable.

Back to top

Request Headers

For general information on request header values, refer to HTTP Request Headers.

Header Description
Accept

application/json, application/xml

application/vnd.soa.v71+json, application/vnd.soa.v71+xml

application/vnd.soa.v72+json, application/vnd.soa.v72+xml

application/vnd.soa.v80+json, application/vnd.soa.v80+xml

application/vnd.soa.v81+json, application/vnd.soa.v81+xml

Back to top

Request Parameters

Parameter Parm Type Data Type Required Description
UserID Path string Required The unique ID for a specific user.
ResourceID Query string Optional The unique ID for a specific resource; for example, the ScopeID or the APIVersionID.
ResourceKey Query string Optional The AssetID; could be the UDDI key of a service.
ScopeID Query string Optional A unique ID indicating the scope of a user's permissions.
ResourceType Query string Optional The type of resource that the permission applies to; for example, api. For a list of values, see Resource Types.
Action Query string[ ] Optional The action the specified user is authorized to perform on the specified resource; for example, Add. For a list of valid values, refer to User Actions on a Resource.
Role Query string[ ] Optional

Information about one or more roles assigned to the user. Valid values depend on the ScopeID and ResourceType. For information on which roles apply to which resources, see Authorization Roles on the Platform.

  • User
  • Admin
  • InvitedUser
  • PrivateGroupLeader
  • Developer
  • Self
  • SiteAdmin
  • SystemAdmin
  • BusinessAdmin
  • FedMember
  • Follower
  • AppAdmin
  • ApiAdmin
  • ApiInvitedUser. VALID ROLE FOR API VERSION, WHETHER THE USER IS VALID FOR THE APIVERSION OR NOT.
  • Member
  • Leader
AuthorizeAll Query boolean Optional Used in combination with the previous parameter, Role. If multiple roles are specified, AuthorizeAll determines whether the operation returns results matching any specified role or only results matching all specified roles. For results matching all roles, specify true. For results matching any role, specify false or leave blank. Defaults to false.

Back to top

Response

If successful, this operation returns HTTP status code 200, with information about the user's status.

Back to top

Sample Response

The sample response below shows successful completion of this operation; the user is authorized to add an API.

Sample response headers: application/json

HTTP/1.1 200 OK
Content-Type: application/json
Date: Fri, 11 Nov 2016 20:38:44 GMT

Sample response body: application/json

{
  "UserID" : "03de5a70-c54e-4924-9abd-29da117230cf.acmepaymentscorp",
  "ResourceType" : "api",
  "Result" : "Authorized"
}

Back to top

Sample response headers: application/xml

Accept: application/xml

Sample response body: application/xml

<?xml version="1.0" encoding="UTF-8"?>
<AuthorizationResult xmlns="http://soa.com/xsd/user/1.0">
  <UserID>03de5a70-c54e-4924-9abd-29da117230cf.acmepaymentscorp</UserID>
  <ResourceType>api</ResourceType>
  <Result>Authorized</Result>
</AuthorizationResult>

Back to top

Response Headers

For general information on response header values, refer to HTTP Response Headers.

Header Description
Content-Type

application/json, application/xml

application/vnd.soa.v71+json, application/vnd.soa.v71+xml

application/vnd.soa.v72+json, application/vnd.soa.v72+xml

application/vnd.soa.v80+json, application/vnd.soa.v80+xml

application/vnd.soa.v81+json, application/vnd.soa.v81+xml

Back to top

Response Body

Name Type Description
AuthorizationResult AuthorizationResult Indicates the authorization status of a specified user in relation to a specified resource type.

Back to top

Error Codes/Messages

If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.

Item Value
401 Unauthorized. For example, you would get this response if you didn't include the custom X-Csrf-Token_{fedmemberID} header in the request, when it was required by the platform settings; or if you included an invalid or expired value for this header.
500 An error occurred processing the call.

More information about Akana API Platform API error messages.

Back to top

Related Topics