Moab provides role-based access control (RBAC) to increase the level of security and privacy in the platform. Roles define the level of rights a user has to manage Moab within the scope of the organization they belong to. Moab comes with three predefined roles including:

  • Creator: Can create and manage every resource within a specific scope
  • Contributor: Can manage existing resources within a specific scope
  • Reader: Can view every resource within a specific scope

Read All

To retrieve a list of all Roles, a User from an Organization with Reader Role permissions makes an API GET request with no parameters. The API JSON response contains repeating Role identities, names, and descriptions.

RequestResponse
GET https://<moab url>/api/v1/roleSuccess
[
    {
        “id”: <role id>,
        “name”: “<Creator, Contributor, or Reader>”,
        “description”: “<role description>”
    },
    {
        “id”: <role id>,
        “name”: “<Creator, Contributor, or Reader>”,
        “description”: “<role description>”
    },
    {
        “id”: <role id>,
        “name”: “<Creator, Contributor, or Reader>”,
        “description”: “<role description>”
    }
]
Failure
{
“type”: “https://tools.ietf.org/html/rfc…”,
“title”: “Unauthorized”,
“status”: 401,
“traceId”: “|…”
}
Curl
curl -L -X GET ‘https://<moab url>/api/v1/role’ \
-H ‘Content-Type: application/json’ \
-H ‘Authorization: Bearer <identity>.<security token>’

Read One

To retrieve a Role, a User from an Organization with Reader Role permissions makes an API GET request with no parameters. The API JSON response contains the Role identity, name, and description.

RequestResponse
GET https://<moab url>/api/v1/role/<id>Success
{
    “id”: <role id>,
    “name”: “<Creator, Contributor, or Reader>”,
    “description”: “<role description>”
}
Failure
{
“type”: “https://tools.ietf.org/html/rfc…”,
“title”: “Not Found”,
“status”: 404,
“traceId”: “|…”
}
{
“type”: “https://tools.ietf.org/html/rfc…”,
“title”: “One or more validation errors occurred.”,
“status”: 400,
“traceId”: “|…”,
“errors”: { [ … ] }
}
{
“type”: “https://tools.ietf.org/html/rfc…”,
“title”: “Unauthorized”,
“status”: 401,
“traceId”: “|…”
}
Curl
curl -L -X GET ‘https://<moab url>/api/v1/role/<id>’ \
-H ‘Content-Type: application/json’ \
-H ‘Authorization: Bearer <identity>.<security token>’