Supprimer les autorisations des rôles

Vous pouvez supprimer les autorisations attribuées à un rôle en utilisant Dashboard ou Management API. Les autorisations et rôles attribués sont utilisés avec l’ensemble de fonctionnalités de Authorization Core API.

Conditions préalables

Pour que le contrôle d'accès basé sur les rôles (RBAC) fonctionne correctement, vous devez l’activer pour votre API en utilisant soit le Dashboard, soit Management API. La fonctionnalité centrale de l’autorisation est différente de l’extension d’autorisation. Pour une comparaison, consultez Authorization Core par rapport à Authorization Extension.

Dashboard

  1. Allez à Dashboard > Gestion des utilisateurs> Rôles et cliquez sur le nom du rôle à afficher.

  2. Cliquez sur Autorisations, puis cliquez sur l’icône de la corbeille à côté de l’autorisation que vous souhaitez supprimer, puis confirmez.

Management API

Faites un appel DELETE au point de terminaison Supprimer les autorisations utilisateur. Remplacez les valeurs des paramètres fictifs ROLE_ID, MGMT_API_ACCESS_TOKEN, API_ID et PERMISSION_NAME avec votre identifiant d’utilisateur, le jeton d’accès à Management API, les identifiants de l’API et les noms de l’autorisation respectivement.




  


  
  
curl --request DELETE \
  --url 'https://{yourDomain}/api/v2/roles/ROLE_ID/permissions' \
  --header 'authorization: Bearer MGMT_API_ACCESS_TOKEN' \
  --header 'cache-control: no-cache' \
  --header 'content-type: application/json' \
  --data '{ "permissions": [ { "resource_server_identifier": "API_ID", "permission_name": "PERMISSION_NAME" }, { "resource_server_identifier": "API_ID", "permission_name": "PERMISSION_NAME" } ] }'
Was this helpful?
/
var client = new RestClient("https://{yourDomain}/api/v2/roles/ROLE_ID/permissions");
var request = new RestRequest(Method.DELETE);
request.AddHeader("content-type", "application/json");
request.AddHeader("authorization", "Bearer MGMT_API_ACCESS_TOKEN");
request.AddHeader("cache-control", "no-cache");
request.AddParameter("application/json", "{ \"permissions\": [ { \"resource_server_identifier\": \"API_ID\", \"permission_name\": \"PERMISSION_NAME\" }, { \"resource_server_identifier\": \"API_ID\", \"permission_name\": \"PERMISSION_NAME\" } ] }", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Was this helpful?
/
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "https://{yourDomain}/api/v2/roles/ROLE_ID/permissions"

	payload := strings.NewReader("{ \"permissions\": [ { \"resource_server_identifier\": \"API_ID\", \"permission_name\": \"PERMISSION_NAME\" }, { \"resource_server_identifier\": \"API_ID\", \"permission_name\": \"PERMISSION_NAME\" } ] }")

	req, _ := http.NewRequest("DELETE", url, payload)

	req.Header.Add("content-type", "application/json")
	req.Header.Add("authorization", "Bearer MGMT_API_ACCESS_TOKEN")
	req.Header.Add("cache-control", "no-cache")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}
Was this helpful?
/
HttpResponse<String> response = Unirest.delete("https://{yourDomain}/api/v2/roles/ROLE_ID/permissions")
  .header("content-type", "application/json")
  .header("authorization", "Bearer MGMT_API_ACCESS_TOKEN")
  .header("cache-control", "no-cache")
  .body("{ \"permissions\": [ { \"resource_server_identifier\": \"API_ID\", \"permission_name\": \"PERMISSION_NAME\" }, { \"resource_server_identifier\": \"API_ID\", \"permission_name\": \"PERMISSION_NAME\" } ] }")
  .asString();
Was this helpful?
/
var axios = require("axios").default;

var options = {
  method: 'DELETE',
  url: 'https://{yourDomain}/api/v2/roles/ROLE_ID/permissions',
  headers: {
    'content-type': 'application/json',
    authorization: 'Bearer MGMT_API_ACCESS_TOKEN',
    'cache-control': 'no-cache'
  },
  data: {
    permissions: [
      {resource_server_identifier: 'API_ID', permission_name: 'PERMISSION_NAME'},
      {resource_server_identifier: 'API_ID', permission_name: 'PERMISSION_NAME'}
    ]
  }
};

axios.request(options).then(function (response) {
  console.log(response.data);
}).catch(function (error) {
  console.error(error);
});
Was this helpful?
/
#import <Foundation/Foundation.h>

NSDictionary *headers = @{ @"content-type": @"application/json",
                           @"authorization": @"Bearer MGMT_API_ACCESS_TOKEN",
                           @"cache-control": @"no-cache" };
NSDictionary *parameters = @{ @"permissions": @[ @{ @"resource_server_identifier": @"API_ID", @"permission_name": @"PERMISSION_NAME" }, @{ @"resource_server_identifier": @"API_ID", @"permission_name": @"PERMISSION_NAME" } ] };

NSData *postData = [NSJSONSerialization dataWithJSONObject:parameters options:0 error:nil];

NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@"https://{yourDomain}/api/v2/roles/ROLE_ID/permissions"]
                                                       cachePolicy:NSURLRequestUseProtocolCachePolicy
                                                   timeoutInterval:10.0];
[request setHTTPMethod:@"DELETE"];
[request setAllHTTPHeaderFields:headers];
[request setHTTPBody:postData];

NSURLSession *session = [NSURLSession sharedSession];
NSURLSessionDataTask *dataTask = [session dataTaskWithRequest:request
                                            completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
                                                if (error) {
                                                    NSLog(@"%@", error);
                                                } else {
                                                    NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse *) response;
                                                    NSLog(@"%@", httpResponse);
                                                }
                                            }];
[dataTask resume];
Was this helpful?
/
$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://{yourDomain}/api/v2/roles/ROLE_ID/permissions",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "DELETE",
  CURLOPT_POSTFIELDS => "{ \"permissions\": [ { \"resource_server_identifier\": \"API_ID\", \"permission_name\": \"PERMISSION_NAME\" }, { \"resource_server_identifier\": \"API_ID\", \"permission_name\": \"PERMISSION_NAME\" } ] }",
  CURLOPT_HTTPHEADER => [
    "authorization: Bearer MGMT_API_ACCESS_TOKEN",
    "cache-control: no-cache",
    "content-type: application/json"
  ],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}
Was this helpful?
/
import http.client

conn = http.client.HTTPSConnection("")

payload = "{ \"permissions\": [ { \"resource_server_identifier\": \"API_ID\", \"permission_name\": \"PERMISSION_NAME\" }, { \"resource_server_identifier\": \"API_ID\", \"permission_name\": \"PERMISSION_NAME\" } ] }"

headers = {
    'content-type': "application/json",
    'authorization': "Bearer MGMT_API_ACCESS_TOKEN",
    'cache-control': "no-cache"
    }

conn.request("DELETE", "/{yourDomain}/api/v2/roles/ROLE_ID/permissions", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
Was this helpful?
/
require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://{yourDomain}/api/v2/roles/ROLE_ID/permissions")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE

request = Net::HTTP::Delete.new(url)
request["content-type"] = 'application/json'
request["authorization"] = 'Bearer MGMT_API_ACCESS_TOKEN'
request["cache-control"] = 'no-cache'
request.body = "{ \"permissions\": [ { \"resource_server_identifier\": \"API_ID\", \"permission_name\": \"PERMISSION_NAME\" }, { \"resource_server_identifier\": \"API_ID\", \"permission_name\": \"PERMISSION_NAME\" } ] }"

response = http.request(request)
puts response.read_body
Was this helpful?
/
import Foundation

let headers = [
  "content-type": "application/json",
  "authorization": "Bearer MGMT_API_ACCESS_TOKEN",
  "cache-control": "no-cache"
]
let parameters = ["permissions": [
    [
      "resource_server_identifier": "API_ID",
      "permission_name": "PERMISSION_NAME"
    ],
    [
      "resource_server_identifier": "API_ID",
      "permission_name": "PERMISSION_NAME"
    ]
  ]] as [String : Any]

let postData = JSONSerialization.data(withJSONObject: parameters, options: [])

let request = NSMutableURLRequest(url: NSURL(string: "https://{yourDomain}/api/v2/roles/ROLE_ID/permissions")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "DELETE"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
    print(error)
  } else {
    let httpResponse = response as? HTTPURLResponse
    print(httpResponse)
  }
})

dataTask.resume()
Was this helpful?
/






Valeur
Description






ROLE_ID
ID du rôle pour lequel vous souhaitez supprimer les permissions.




MGMT_API_ACCESS_TOKEN
Jeton d’accès à Management API avec la permission update:roles.




API_ID
ID(s) de l’(des) API(s) associée(s) à la(aux) permission(s) que vous souhaitez supprimer pour le rôle spécifié.




PERMISSION_NAME
Nom(s) de la (des) permission(s) que vous souhaitez supprimer pour le rôle spécifié.




En savoir plus