Create Gateway Role Assignments
POST {{apiPath}}/environments/{{envID}}/gateways/{{gatewayID}}/roleAssignmentsYou can manage the roles assigned to gateways to provide access to resources in environments other than the gateway’s environment. When you assign a role to a gateway, you provide the attribute values required to identify the role and designate the role assignment scope for this gateway.
The sample shows the POST {{apiPath}}/environments/{{envID}}/gateways/{{gatewayID}}/roleAssignments operation to create the role assignment for the gateway in the specified environment resource.
The request URL identifies the environment ID and gateway ID. The request body specifies the role ID and the scope attribute values. The scope attribute provides the resource ID and resource type to designate the role assignment scope associated with this application. In this sample, the scope type is ENVIRONMENT and the specific environment to which the role assignment scope applies is specified in the id value.
Prerequisites
-
Refer to Gateway Management for important overview information.
-
Use Read All Gateways to retrieve a list of all gateway IDs associated with the environment and select the specific
gatewayIDfor the endpoint. For more information, refer to Gateways. -
Use Read All Built-in Admin Roles to retrieve a list of all role IDs defined in the PingOne Platform and select the desired
roleIDfor the body. For more information, refer to Roles.
Request Model
For property descriptions, refer to Gateway role assignments data model.
| Property | Type | Required? |
|---|---|---|
|
String |
Required |
|
String |
Required |
|
String |
Required |
Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/environments/{{envID}}/gateways/{{gatewayID}}/roleAssignments' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
"role": {
"id": "{{roleID}}"
},
"scope": {
"id": "{{envID}}",
"type": "ENVIRONMENT"
}
}'var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/gateways/{{gatewayID}}/roleAssignments")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@" ""role"": {" + "\n" +
@" ""id"": ""{{roleID}}""" + "\n" +
@" }," + "\n" +
@" ""scope"": {" + "\n" +
@" ""id"": ""{{envID}}""," + "\n" +
@" ""type"": ""ENVIRONMENT""" + "\n" +
@" }" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/environments/{{envID}}/gateways/{{gatewayID}}/roleAssignments"
method := "POST"
payload := strings.NewReader(`{
"role": {
"id": "{{roleID}}"
},
"scope": {
"id": "{{envID}}",
"type": "ENVIRONMENT"
}
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Bearer {{accessToken}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /environments/{{envID}}/gateways/{{gatewayID}}/roleAssignments HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}
{
"role": {
"id": "{{roleID}}"
},
"scope": {
"id": "{{envID}}",
"type": "ENVIRONMENT"
}
}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n \"role\": {\n \"id\": \"{{roleID}}\"\n },\n \"scope\": {\n \"id\": \"{{envID}}\",\n \"type\": \"ENVIRONMENT\"\n }\n}");
Request request = new Request.Builder()
.url("{{apiPath}}/environments/{{envID}}/gateways/{{gatewayID}}/roleAssignments")
.method("POST", body)
.addHeader("Content-Type", "application/json")
.addHeader("Authorization", "Bearer {{accessToken}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/environments/{{envID}}/gateways/{{gatewayID}}/roleAssignments",
"method": "POST",
"timeout": 0,
"headers": {
"Content-Type": "application/json",
"Authorization": "Bearer {{accessToken}}"
},
"data": JSON.stringify({
"role": {
"id": "{{roleID}}"
},
"scope": {
"id": "{{envID}}",
"type": "ENVIRONMENT"
}
}),
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'POST',
'url': '{{apiPath}}/environments/{{envID}}/gateways/{{gatewayID}}/roleAssignments',
'headers': {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
},
body: JSON.stringify({
"role": {
"id": "{{roleID}}"
},
"scope": {
"id": "{{envID}}",
"type": "ENVIRONMENT"
}
})
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
import json
url = "{{apiPath}}/environments/{{envID}}/gateways/{{gatewayID}}/roleAssignments"
payload = json.dumps({
"role": {
"id": "{{roleID}}"
},
"scope": {
"id": "{{envID}}",
"type": "ENVIRONMENT"
}
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/gateways/{{gatewayID}}/roleAssignments');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/json',
'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n "role": {\n "id": "{{roleID}}"\n },\n "scope": {\n "id": "{{envID}}",\n "type": "ENVIRONMENT"\n }\n}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "json"
require "net/http"
url = URI("{{apiPath}}/environments/{{envID}}/gateways/{{gatewayID}}/roleAssignments")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
"role": {
"id": "{{roleID}}"
},
"scope": {
"id": "{{envID}}",
"type": "ENVIRONMENT"
}
})
response = http.request(request)
puts response.read_bodylet parameters = "{\n \"role\": {\n \"id\": \"{{roleID}}\"\n },\n \"scope\": {\n \"id\": \"{{envID}}\",\n \"type\": \"ENVIRONMENT\"\n }\n}"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/gateways/{{gatewayID}}/roleAssignments")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()