mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-02-05 20:48:22 +00:00
2b1372adfd
Make clear in the docs that the role mapping APIs is the preferred way to manage role mappings and that the role mappings that are defined in files cannot be viewed or managed with the APIs
87 lines
2.4 KiB
Plaintext
87 lines
2.4 KiB
Plaintext
[role="xpack"]
|
|
[[security-api-get-role-mapping]]
|
|
=== Get role mappings API
|
|
++++
|
|
<titleabbrev>Get role mappings</titleabbrev>
|
|
++++
|
|
|
|
Retrieves role mappings.
|
|
|
|
[[security-api-get-role-mapping-request]]
|
|
==== {api-request-title}
|
|
|
|
`GET /_security/role_mapping` +
|
|
|
|
`GET /_security/role_mapping/<name>`
|
|
|
|
[[security-api-get-role-mapping-prereqs]]
|
|
==== {api-prereq-title}
|
|
|
|
* To use this API, you must have at least the `manage_security` cluster privilege.
|
|
|
|
[[security-api-get-role-mapping-desc]]
|
|
==== {api-description-title}
|
|
|
|
Role mappings define which roles are assigned to each user. For more information,
|
|
see <<mapping-roles>>.
|
|
|
|
The role mapping APIs are generally the preferred way to manage role mappings
|
|
rather than using <<mapping-roles-file,role mapping files>>.
|
|
The get role mappings API cannot retrieve role mappings that are defined
|
|
in role mapping files.
|
|
|
|
[[security-api-get-role-mapping-path-params]]
|
|
==== {api-path-parms-title}
|
|
|
|
`name`::
|
|
(Optional, string) The distinct name that identifies the role mapping. The name
|
|
is used solely as an identifier to facilitate interaction via the API; it does
|
|
not affect the behavior of the mapping in any way. You can specify multiple
|
|
mapping names as a comma-separated list. If you do not specify this
|
|
parameter, the API returns information about all role mappings.
|
|
|
|
[[security-api-get-role-mapping-response-body]]
|
|
==== {api-response-body-title}
|
|
|
|
A successful call retrieves an object, where the keys are the
|
|
names of the request mappings, and the values are the JSON representation of
|
|
those mappings. For more information, see
|
|
<<role-mapping-resources>>.
|
|
|
|
[[security-api-get-role-mapping-response-codes]]
|
|
==== {api-response-codes-title}
|
|
|
|
If there is no mapping with the requested name, the
|
|
response will have status code `404`.
|
|
|
|
|
|
[[security-api-get-role-mapping-example]]
|
|
==== {api-examples-title}
|
|
|
|
The following example retrieves information about the `mapping1` role mapping:
|
|
|
|
[source,console]
|
|
--------------------------------------------------
|
|
GET /_security/role_mapping/mapping1
|
|
--------------------------------------------------
|
|
// TEST[setup:role_mapping]
|
|
|
|
|
|
[source,console-result]
|
|
--------------------------------------------------
|
|
{
|
|
"mapping1": {
|
|
"enabled": true,
|
|
"roles": [
|
|
"user"
|
|
],
|
|
"rules": {
|
|
"field": {
|
|
"username": "*"
|
|
}
|
|
},
|
|
"metadata": {}
|
|
}
|
|
}
|
|
--------------------------------------------------
|