Assign roles to a user
- Last Updated: September 5, 2025
- 2 minute read
- OpenEdge Command Center
- Version 2.0
- Documentation
You can assign roles to users for granting them the required permission to access a system and perform specific tasks.
To assign roles to a user:
- Log in to the Authorization server as a user with necessary privileges. For more information, see Log in to Authorization server.
- Locate the
Assign or remove rolesAPI with endpoint PUT-/authz/api/users and expand it. - To enable the text area, click Try it out.
- In the Parameters section, select
assignRolesfor the action parameter. - In Request body, provide user details and roles in JSON format, as follows:
{ "userName": "string", "rolesToAssign": [{ "roleURN": "string", "system": "string" }] }The following table describes the attributes in the request body:Attribute name Description userNameSpecifies the user to whom the roles need to be assigned. roleURNIdentifies the roles within the Authorization server. It indicates what a specific role can access and where it is used. Its format includes the resource name it represents, role name, and, partition IDs (only when assigning roles to a user for an agent). The following are the possible values:role:oecc/oecc_adminrole:authz/authz_adminrole:agent/<partitionid>/agent_adminrole:agent/<partitionid>/agent_resource_user
For more information about roleURN, see Roles in Authorization server.
If you enter
role:agent/<partitionid>/agent_adminorrole:agent/<partitionid>/agent_resource_useras a roleURN value, you can get the agent partition ID using theRetrieve specific agent detailsAPI on the OpenEdge Command Center server. For more information, see "Retrieve specific agent details" in OpenEdge Command Center REST API Reference.systemSpecifies the system on which the user with a specific role can access and perform tasks. The possible values are:oecc- Indicates the OpenEdge Command Center server.-
authz- Indicates the Authorization server. <partitionid>- Indicates the partition ID of the OpenEdge Command Center agent.
- Click Execute.If the roles assignment is successful, you see the response body in this format:
{ "message": "Request successful. Roles are assigned to "userName"." }
Example: Assign OECC_ADMIN and AUTHZ_ADMIN roles
This example demonstrates the request and response bodies for assigning the
OECC_ADMIN and AUTHZ_ADMIN roles to the user
named, James.Smith. This action grants the user access to the
oecc (OpenEdge Command Center server) and
authz (Authorization server) systems to do the following
tasks:| System | Tasks |
|---|---|
oecc |
Manage the OpenEdge Command Center server, including viewing the details of server and database settings. |
authz |
Log in to the Authorization server and
perform these tasks:
|
Request body
Following are the contents of the request body in JSON format:
|
Response body
Following are the contents of the response body in JSON format:
|
Example: Assign AGENT_ADMIN and AGENT_RESOURCE_USER roles
This example demonstrates the request and response bodies for assigning the
AGENT_ADMIN and AGENT_RESOURCE_USER roles to
the user named, Sarah.Jones to access the
oeccagent1 OpenEdge Command Center agent that has partition ID
as
db7253b679d9abc133904d4bf59d75f110c7023e57184d351be187f631d58ab8.
This role assignment grants access of OpenEdge Command Center agent to the user, to
do the following tasks:- Perform actions on OpenEdge resources, including PAS for OpenEdge instances and OpenEdge databases that the agent manages.
- Log in to the Authorization server, create users, and assign the
AGENT_ADMINandAGENT_RESOURCE_USERroles to the user namedSarah.Jones.
Request body
Following are the contents of the request body in JSON format:
|
Response body
Following are the contents of the response body in JSON format:
|