Version: 6.x-21
This is an older version of Search Guard. Switch to Latest version
This is an older version of Search Guard. Switch to Latest version
Enterprise
Roles mapping API
Used to receive, create, update and delete the mapping of users, backendroles and hosts to Search Guard roles.
Endpoint
/_searchguard/api/rolesmapping/{rolename}
Where rolename
is the name of the role.
GET
Get a single role mapping
GET /_searchguard/api/rolesmapping/{rolename}
Retrieve a role mapping, specified by rolename, in JSON format.
GET /_searchguard/api/rolesmapping/sg_role_starfleet
{
"sg_role_starfleet" : {
"backendroles" : [ "starfleet", "captains", "defectors", "cn=ldaprole,ou=groups,dc=example,dc=com" ],
"hosts" : [ "*.starfleetintranet.com" ],
"users" : [ "worf" ]
}
}
Get all role mappings
GET /_searchguard/api/rolesmapping
Returns all role mappings in JSON format.
DELETE
DELETE /_searchguard/api/rolesmapping/{rolename}
Deletes the rolemapping specified by rolename
. If successful, the call returns with status code 200 and a JSON success message.
DELETE /_searchguard/api/rolesmapping/sg_role_starfleet
{
"status":"OK",
"message":"rolesmapping sg_role_starfleet deleted."
}
PUT
PUT /_searchguard/api/rolesmapping/{rolename}
Replaces or creates the role mapping specified by rolename
.
PUT /_searchguard/api/rolesmapping/sg_role_starfleet
{
"backendroles" : [ "starfleet", "captains", "defectors", "cn=ldaprole,ou=groups,dc=example,dc=com" ],
"hosts" : [ "*.starfleetintranet.com" ],
"users" : [ "worf" ]
}
You need to specify at least one of backendroles
, hosts
or users
.
If the call is succesful, a JSON structure is returned, indicating whether the roles mapping was created or updated.
{
"status":"OK",
"message":"rolesmapping sg_role_starfleet created."
}