Verify User Roles
To use the API, a
VMware Aria Automation
user must be an organization
member with at least a user service role. You use the access token to verify user roles. Verify that you have an access token. See
Get Your Access Token for the VMware Aria Automation API.
- Assign values to the variables for the hostname of yourVMware Aria Automationinstance, your user name, and your password.url='http://<FQDN>' username='<your_username>' password='<your_password>'
- Get your organization ID.curl -X GET \ "$url/csp/gateway/am/api/loggedin/user/orgs" \ -H "csp-auth-token: $access_token"
- Examine the response and assign the organization ID variable.org_id='<your_org_id>'
- Get your organization role.curl -X GET \ $url/csp/gateway/am/api/loggedin/user/orgs/$org_id/roles \ -H "csp-auth-token: $access_token" | jq "."The name field displays the organization role and must be eitherorg_ownerororg_member.
- Get your service role.curl -X GET \ $url/csp/gateway/am/api/loggedin/user/orgs/$org_id/service-roles \ -H "csp-auth-token: $access_token" | jq "."The serviceRolesNames field displays the service role for each service and must be at leastuser.
Verify User Roles
Using the access token previously
obtained and assigned, verify user roles. See Get Your Access Token for the VMware Aria Automation API.
Assign variables.
# url='https://appliance.company.com' # username='user@example.local' # password='example_password'
Get your organization ID.
# curl -X GET \ "$url/csp/gateway/am/api/loggedin/user/orgs" \ -H "csp-auth-token: $access_token"
The response shows the organization
ID.
{ "refLinks": [ "/csp/gateway/am/api/orgs/7f8c518a-65f5-494b-b714-f7e349957a30" ], "items": [ { "name": "DEFAULT-ORG", "displayName": "DEFAULT-ORG", "refLink": "/csp/gateway/am/api/orgs/7f8c518a-65f5-494b-b714-f7e349957a30", "id": "7f8c518a-65f5-494b-b714-f7e349957a30", "metadata": null, "parentRefLink": null } ] }
Assign the organization ID
variable.
# org_id='7f8c518a-65f5-494b-b714-f7e349957a30'
Verify the organization
role.
# curl -X GET \ $url/csp/gateway/am/api/loggedin/user/orgs/$org_id/roles \ -H "csp-auth-token: $access_token" | jq "."
The response shows that the organization
role is
org_owner
.{ "refLink": "/csp/gateway/am/api/orgs/7f8c518a-65f5-494b-b714-f7e349957a30/roles/52a6a411-2339-4bc3-91bc-62418977df11", "name": "org_owner", "displayName": "Organization Owner", "organizationLink": "/csp/gateway/am/api/orgs/7f8c518a-65f5-494b-b714-f7e349957a30" }
Verify the service
role.
# curl -X GET \ $url/csp/gateway/am/api/loggedin/user/orgs/$org_id/service-roles \ -H "csp-auth-token: $access_token" | jq "."
A snippet of the response shows the
Service Role Names for the
Automation Assembler
service. cloud_admin
satisfies the
minimum service role.
... { "serviceDefinitionLink": "/csp/gateway/slc/api/definitions/external/<service_id>", "serviceRoleNames": [ "automationservice:cloud_admin" ] } ...