Create a Security Role

{ createRole }

Adds a new security role to the system.

Method

/API3/access/createRole

  • API Section: /API3/access
  • API Version: 3.0
  • From Release: 2023.10
  • Can be used by all user types
  • REST API and Client SDK libraries. REST APIs via POST actions only.
    • Input Parameters

    Name

    roleData

    Object Type

    RoleData

    Description

    An object for defining which user is attached to a role.

    Output Response

    Successful Result Code

    200

    Response Type

    ModifiedItemsResult

    Description of Response Type

    Generic API response object with success or failure flag and related messages.

    Notes

    The added role is simply a shell. Use 'AddUserToRole' method to attach users to the role to make it effective.

    Examples

    ClosedCreate new database user (JavaScript):

    This example demonstrates how to create a new tenant, user and roles in Pyramid, when using database authentication.

    The example uses API authentication driven from JavaScript. See Authentication APIs for alternatives.

    // URL of the Pyramid installation and the path to the API 3.0 REST methods
var pyramidURL = "http://mysite.com/api3/";

// step 1: authenticate admin account and get token
// NOTE: callApi method is a generic REST method shown below.
let token = callApi("authentication/authenticateUser",{
	"userName":"adminUser1",
	"password":"abc123!"
},"",false);
log("got token "+token);

// step 2: create a new tenant to house new users
let createTenantResult = callApi("access/createTenant",{
	"name": "Test Tenant 1", //tenant caption
	"viewerSeats": 1, //number of allocated seats
	"proSeats": 1  //number of allocated seats
},token // admin token generated above
);

// step 3: get auto generated tenant ID from step 2 result.
let tenantId = createTenantResult.data.modifiedList[0].id;

log("created tenant, id= "+tenantId);


// step 4: create new user in new tenant. using DB method, because using local db authentication
let createUser = callApi("access/createUserDb",{
	"userName": "user1",
	"password": "1234",
	"firstName": "first",
	"lastName": "last",
	"email": "email@pyramidanalytics.com",
	"adminType": 0, //admin type enumeration: normal user
	"clientLicenseType": 100, //license type enumeration: viewer
	"tenantId": tenantId //tenant Id from previous step
},token // admin token generated above
);

// step 5: get auto generated user ID from step 4 result.
let userId = createUser.data.modifiedList[0].id;
log("created user "+userId);

//step 6: optional step to update user's first name
let updateUser=callApi("access/updateUsersDb",[{
	"id":userId,
	"firstName":"new first name"
}],token);

//step 7: create new role in tenant
let createRole=callApi("access/createRole",{
	"roleName": "new role",
	"isHidden": false, // hidden roles appear only in the admin - not for end users.
	"tenantId": tenantId
},token);

// step 8: get auto generated role ID from step 7 result.
let roleId = createRole.data.modifiedList[0].id;
log("created role "+roleId);

// step 9: associate user with role
let addUserToRole = callApi("access/addUserToRole",{
	"userId": userId,
	"roleId": roleId
},token);

log("addUserToRole was sucsseful since errorMessage is empty "+addUserToRole.data.errorMessage.length==0);


// ##### optional generic logging method for debugging ##############
function log(msg){
	document.write(msg);
	console.log(msg);
}

// ##### generic REST API calling method ##############
function callApi(path,data,token="",parseResult=true){
	var xhttp = new XMLHttpRequest();
	xhttp.open("POST", pyramidURL+path, false);
	xhttp.setRequestHeader("paToken",token)
	xhttp.send(JSON.stringify(data));
	if(parseResult){
		return JSON.parse(xhttp.responseText);
	}else{
		return xhttp.responseText;
	}
}

    Code Snippets

    JavaScript
    Curl
    Java
    C#
    Python
    PHP
    curl -X POST \
-H "paToken: [[apiKey]]" \
 -H "Accept: application/json" \
 -H "Content-Type: application/json" \
 "http://Your.Server.URL/API3/access/createRole" \
 -d '{
  "roleSettings" : "roleSettings",
  "roleId" : "046b6c7f-0b8a-43b9-b35d-6489e6daee91",
  "roleName" : "roleName",
  "tenantId" : "046b6c7f-0b8a-43b9-b35d-6489e6daee91",
  "isHidden" : true
}'

    import com.pyramidanalytics.*;
import com.pyramidanalytics.auth.*;
import com.pyramidanalytics.model.*;
import com.pyramidanalytics.api.AccessServiceApi;

import java.util.*;

public class AccessServiceApiExample {
    public static void main(String[] args) {
        ApiClient defaultClient = Configuration.getDefaultApiClient();
        defaultClient.setBasePath("http://Your.Server.URL/");
        
        // Configure API key authorization: paToken
        ApiKeyAuth paToken = (ApiKeyAuth) defaultClient.getAuthentication("paToken");
        paToken.setApiKey("YOUR API KEY");
        // Uncomment the following line to set a prefix for the API key, e.g. "Token" (defaults to null)
        //paToken.setApiKeyPrefix("Token");

        // Create an instance of the API class
        AccessServiceApi apiInstance = new AccessServiceApi();
        // Initialize the roleData parameter object for the call
        RoleData roleData = ; // RoleData | 

        try {
            ModifiedItemsResult result = apiInstance.createRole(roleData);
            System.out.println(result);
        } catch (ApiException e) {
            System.err.println("Exception when calling AccessServiceApi#createRole");
            e.printStackTrace();
        }
    }
}

    const PyramidAnalyticsWebApi = require('pyramid_analytics_web_api');
const defaultClient = PyramidAnalyticsWebApi.ApiClient.instance;

// Configure API key authorization: paToken
const paToken = defaultClient.authentications['paToken'];
paToken.apiKey = "YOUR API KEY";
// Uncomment the following line to set a prefix for the API key, e.g. "Token" (defaults to null)
//paToken.apiKeyPrefix['paToken'] = "Token";

// Create an instance of the API class
const api = new PyramidAnalyticsWebApi.AccessServiceApi("http://Your.Server.URL")
const roleData = ; // {RoleData} 

const callback = function(error, data, response) {
  if (error) {
    console.error(error);
  } else {
    console.log('API called successfully. Returned data: ' + data);
  }
};
api.createRole(roleData, callback);

    using System;
using System.Diagnostics;
using PyramidAnalytics.Sdk.Api;
using PyramidAnalytics.Sdk.Client;
using PyramidAnalytics.Sdk.Model;

public class createRoleExample
{
    public static void Main()
    {
        Configuration conf = new Configuration();
        conf.BasePath = "http://Your.Server.URL/";
        
        // Configure API key authorization: paToken
        conf.ApiKey.Add("paToken", "YOUR_API_KEY");
        // Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
        // conf.ApiKeyPrefix.Add("paToken", "Bearer");

        GlobalConfiguration.Instance = conf;
        
        // Create an instance of the API class
        var apiInstance = new AccessServiceApi();
        // Initialize the roleData parameter object for the call
        var roleData = new RoleData(); // RoleData | 

        try {
            // Adds a new security role to the system.
            ModifiedItemsResult result = apiInstance.createRole(roleData);
            Debug.WriteLine(result);
        } catch (Exception e) {
            Debug.Print("Exception when calling AccessServiceApi.createRole: " + e.Message );
        }
    }
}


    import com.pyramidanalytics
from com.pyramidanalytics import ApiException
from pprint import pprint


# Configure API key authorization: paToken
api_config = com.pyramidanalytics.Configuration(host = 'http://Your.Server.URL/', api_key={ paToken:'YOUR_ACCESS_TOKEN' })
# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
# api_config.api_key_prefix['paToken'] = 'Bearer'

with com.pyramidanalytics.ApiClient(api_config) as api_client:
    # Create an instance of the API class
    api_instance = com.pyramidanalytics.AccessServiceApi(api_client)
    # Initialize the roleData parameter object for the call
    roleData =  # RoleData | 

    try:
        # Adds a new security role to the system.
        api_response = api_instance.create_role(roleData)
        pprint(api_response)
    except ApiException as e:
        print("Exception when calling AccessServiceApi->createRole: %s\n" % e)
    <?php
require_once(__DIR__ . '/vendor/autoload.php');

OpenAPITools\Client\Configuration::getDefaultConfiguration()->setHost('http://Your.Server.URL');

// Configure API key authorization: paToken
OpenAPITools\Client\Configuration::getDefaultConfiguration()->setApiKey('paToken', 'YOUR_API_KEY');
// Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
// OpenAPITools\Client\Configuration::getDefaultConfiguration()->setApiKeyPrefix('paToken', 'Bearer');

// Create an instance of the API class
$api_instance = new OpenAPITools\Client\Api\AccessServiceApi();
$roleData = ; // RoleData | 

try {
    $result = $api_instance->createRole($roleData);
    print_r($result);
} catch (Exception $e) {
    echo 'Exception when calling AccessServiceApi->createRole: ', $e->getMessage(), PHP_EOL;
}
?>

    Note: Use the 'Authentication' API methods to generate an access 'key' or 'token'.