Access Control

Access Control APIs

API specs to map actions to roles.

PreviousCommon Service Specs NextAnalytics

Last updated 4 days ago

Was this helpful?

Get the list of actions based on either roles or features.

Get the list of actions based on the input parameters.

post

/access/v1/actions/_search

Query parameters

rolesstring[]

The list of role codes.

featuresinteger[]

The list of feature id's.

Body

apiIdstringrequired

unique API ID

verstringrequired

API version

tsstringrequired

response timestamp YYYY-MM-DDThh:mm:ss+/-nn:nn (timezone defaulted to +5.30)

actionstring

api action like GET/POST/PUT/DELETE in case of http calls

didstring

device UUID from which API is called

keystring

API key (dynamic)

msgIdstring

unique request message id, UUID, for handling API idempotency

requesterIdstring

UserId of the user calling

authTokenstring

//session/jwt/saml token/oauth token

Responses

*/*

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url '//access/v1/actions/_search' \
  --header 'Content-Type: */*' \
  --data '{"apiId":"text","ver":"text","ts":"text"}'

200

400

{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "actions": [
    {
      "id": 1,
      "name": "text",
      "queryParams": "text",
      "url": "text",
      "parentModule": 1,
      "orderNumber": 1,
      "displayName": "text",
      "enabled": true,
      "createdBy": 1,
      "createdDate": "2025-02-22",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-02-22",
      "tenantId": "text",
      "serviceCode": 1
    }
  ]
}

Successful response

Create a new action.

To create new action(s) in the system. An action entry is required for each and every path to authenticate the access based on the assigned role of an user.

post

/access/v1/actions/_create

Body

requestInfoobjectrequired

RequestInfo should be used to carry meta information about the requests to the server as described in the fields below. All eGov APIs will use requestinfo as a part of the request body to carry this meta information. Some of this information will be returned back from the server as part of the ResponseInfo in the response body to ensure correlation.

actionMasterstring

action master

enabledboolean

if enabled or not

leftIconstring

left icon

navigationURLstring

url for navigating

rightIconstring

right icon

tenantIdstring

Unique Identifier of the tenant, Like AP, AP.Kurnool etc.

actionsobject[]required

featureIdsinteger[]

unique id for feature

roleCodesstring[]

codes specifying role

Responses

*/*

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url '//access/v1/actions/_create' \
  --header 'Content-Type: */*' \
  --data '{"requestInfo":{"apiId":"text","ver":"text","ts":1,"action":"text","msgId":"text","userInfo":{"tenantId":"text","userName":"text","primaryrole":[{"name":"text"}],"additionalroles":[{"tenantId":"text","roles":[{"name":"text"}]}]}},"actions":[{"name":"text","tenantId":"text"}],"featureIds":[null],"roleCodes":[null]}'

200

400

{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "actions": [
    {
      "id": 1,
      "name": "text",
      "queryParams": "text",
      "url": "text",
      "parentModule": 1,
      "orderNumber": 1,
      "displayName": "text",
      "enabled": true,
      "createdBy": 1,
      "createdDate": "2025-02-22",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-02-22",
      "tenantId": "text",
      "serviceCode": 1
    }
  ]
}

Action(s) created sucessfully

Update existing action(s).

To update the existing action(s) in the system.

put

/access/v1/actions/_update

Body

requestInfoobjectrequired

actionMasterstring

action master

enabledboolean

if enabled or not

leftIconstring

left icon

navigationURLstring

url for navigating

rightIconstring

right icon

tenantIdstring

Unique Identifier of the tenant, Like AP, AP.Kurnool etc.

actionsobject[]required

featureIdsinteger[]

unique id for feature

roleCodesstring[]

codes specifying role

Responses

*/*

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url '//access/v1/actions/_update' \
  --header 'Content-Type: */*' \
  --data '{"requestInfo":{"apiId":"text","ver":"text","ts":1,"action":"text","msgId":"text","userInfo":{"tenantId":"text","userName":"text","primaryrole":[{"name":"text"}],"additionalroles":[{"tenantId":"text","roles":[{"name":"text"}]}]}},"actions":[{"name":"text","tenantId":"text"}],"featureIds":[null],"roleCodes":[null]}'

200

400

{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "actions": [
    {
      "id": 1,
      "name": "text",
      "queryParams": "text",
      "url": "text",
      "parentModule": 1,
      "orderNumber": 1,
      "displayName": "text",
      "enabled": true,
      "createdBy": 1,
      "createdDate": "2025-02-22",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-02-22",
      "tenantId": "text",
      "serviceCode": 1
    }
  ]
}

Update action(s) successful

Validate a particular action for a given tenant and roles of the tenant

Validate a particular action for a given tenant and roles of the tenant.

post

/access/v1/actions/_validate

Body

requestInfoobject

validateActionobject

Responses

*/*

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url '//access/v1/actions/_validate' \
  --header 'Content-Type: */*' \
  --data '{"requestInfo":{"apiId":"text","ver":"text","ts":1,"action":"text","msgId":"text","userInfo":{"tenantId":"text","userName":"text","primaryrole":[{"name":"text"}],"additionalroles":[{"tenantId":"text","roles":[{"name":"text"}]}]}},"validateAction":{"tenantRole":{"tenantId":"text","roles":[{"name":"text"}]},"actionUrl":"text"}}'

200

400

{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": "text",
    "resMsgId": "text",
    "msgId": "text",
    "status": "text"
  },
  "actionValidation": {
    "allowed": true
  }
}

Successful response without any content

Create mapping for feature and role.

post

/access/v1/feature-role/_create

Body

RequestInfoobject

roleIdstringrequired

List of Role Id to be provided for mapping it to feature.

featureobjectrequired

tenantIdstringrequired

Unique Identifier of the tenant, Like AP, AP.Kurnool etc.

Responses

*/*

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url '//access/v1/feature-role/_create' \
  --header 'Content-Type: */*' \
  --data '{"RequestInfo":{"apiId":"text","ver":"text","ts":"text"},"roleId":"text","feature":{"code":1,"name":"text","tenantId":"text"},"tenantId":"text"}'

200

400

{
  "RequestInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": "text",
    "resMsgId": "text",
    "msgId": "text",
    "status": "text"
  },
  "role": {
    "id": 1,
    "name": "text"
  },
  "feature": {
    "id": 1,
    "code": 1,
    "name": "text",
    "description": "text",
    "serviceCode": 1,
    "tenantId": "text"
  }
}

Successful response

Get the list of roles based on role codes.

Get the list of roles based on role codes in the input parameters.

post

/access/v1/roles/_search

Query parameters

codestring[]

The list of comma separated codes to filter Roles against. No providing any would end up in all Roles as there is nothing to filter against

Body

RequestInfoobject

Responses

*/*

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url '//access/v1/roles/_search' \
  --header 'Content-Type: */*' \
  --data '{"RequestInfo":{"apiId":"text","ver":"text","ts":1,"action":"text","msgId":"text","userInfo":{"tenantId":"text","userName":"text","primaryrole":[{"name":"text"}],"additionalroles":[{"tenantId":"text","roles":[{"name":"text"}]}]}}}'

200

400

{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "roles": [
    {
      "name": "text",
      "description": "text",
      "id": 1,
      "code": "text",
      "createdBy": 1,
      "createdDate": "2025-02-22",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-02-22"
    }
  ]
}

Successful response

Create a new role.

To create new Role(s) in the system.

post

/access/v1/roles/_create

Body

requestInfoobjectrequired

rolesobject[]required

Responses

*/*

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url '//access/v1/roles/_create' \
  --header 'Content-Type: */*' \
  --data '{"requestInfo":{"apiId":"text","ver":"text","ts":1,"action":"text","msgId":"text","userInfo":{"tenantId":"text","userName":"text","primaryrole":[{"name":"text"}],"additionalroles":[{"tenantId":"text","roles":[{"name":"text"}]}]}},"roles":[{"name":"text"}]}'

200

400

{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "roles": [
    {
      "name": "text",
      "description": "text",
      "id": 1,
      "code": "text",
      "createdBy": 1,
      "createdDate": "2025-02-22",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-02-22"
    }
  ]
}

Role(s) created sucessfully

Update existing role(s).

To update the existing role(s) in the system.

put

/access/v1/roles/_update

Body

requestInfoobjectrequired

rolesobject[]required

Responses

*/*

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url '//access/v1/roles/_update' \
  --header 'Content-Type: */*' \
  --data '{"requestInfo":{"apiId":"text","ver":"text","ts":1,"action":"text","msgId":"text","userInfo":{"tenantId":"text","userName":"text","primaryrole":[{"name":"text"}],"additionalroles":[{"tenantId":"text","roles":[{"name":"text"}]}]}},"roles":[{"name":"text"}]}'

200

400

{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "roles": [
    {
      "name": "text",
      "description": "text",
      "id": 1,
      "code": "text",
      "createdBy": 1,
      "createdDate": "2025-02-22",
      "lastModifiedBy": 1,
      "lastModifiedDate": "2025-02-22"
    }
  ]
}

Update role(s) successful

Create mapping for role and action(s).

post

/access/v1/role-actions/_create

Body

requestInfoobject

roleobjectrequired

minimal representation of the Roles in the system to be carried along in UserInfo with RequestInfo meta data. Actual authorization service to extend this to have more role related attributes

tenantIdstringrequired

Unique Identifier of the tenant, Like AP, AP.Kurnool etc.

actionsobject[]required

Responses

*/*

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url '//access/v1/role-actions/_create' \
  --header 'Content-Type: */*' \
  --data '{"requestInfo":{"apiId":"text","ver":"text","ts":1,"action":"text","msgId":"text","userInfo":{"tenantId":"text","userName":"text","primaryrole":[{"name":"text"}],"additionalroles":[{"tenantId":"text","roles":[{"name":"text"}]}]}},"role":{"name":"text"},"tenantId":"text","actions":[{"name":"text","tenantId":"text"}]}'

200

400

{
  "responseInfo": {
    "apiId": "text",
    "ver": "text",
    "ts": 1,
    "resMsgId": "text",
    "msgId": "text",
    "status": "SUCCESSFUL"
  },
  "roleActions": [
    {
      "roleCode": "text",
      "actionId": 1,
      "tenantId": "text"
    }
  ]
}

Role - Action(s) mapping created sucessfully