---
title: Privileges
description: Privileges are a part of internal roles, and can be created or modified using the REST calls specified in Internal objects. Additionally, openidm/privilege can be used for getting information about privileges on a resource as they apply to the authenticated user.
component: pingoneaic-api
page_id: pingoneaic-api:idm-rest-api:endpoints/rest-privileges
canonical_url: https://developer.pingidentity.com/pingoneaic-api/idm-rest-api/endpoints/rest-privileges.html
---

# Privileges

Privileges are a part of internal roles, and can be created or modified using the REST calls specified in [Internal objects](rest-internal.html). Additionally, `openidm/privilege` can be used for getting information about privileges on a resource as they apply to the authenticated user.

The following table outlines the REST endpoints used to access privileges.

| URI                                        | HTTP Operation | Description                                                                                                               |
| ------------------------------------------ | -------------- | ------------------------------------------------------------------------------------------------------------------------- |
| /openidm/privilege?\_action=listPrivileges | POST           | Returns an array of privilege paths for the authenticated user, with additional detail required by the IDM admin console. |
| /openidm/privilege/resource                | GET            | Returns the privileges for the logged in user associated with the given resource path.                                    |
| /openidm/privilege/resource/guid           | GET            | Returns the privileges for the logged in user associated with the specified object.                                       |