This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
API Permissions
The following table lists out all the available APIs and their operations and specifies the permissions of each operation.
Service | Operation | Permission Level |
|---|---|---|
IdentityProviderMgtService | addIdP | /permission/admin/manage |
| deleteIdP | /permission/admin/manage |
| getAllFederatedAuthenticators | /permission/admin/manage |
| getAllIdPs | /permission/admin/login |
| getAllLocalClaimUris | /permission/admin/manage |
| getAllProvisioningConnectors | /permission/admin/manage |
| getEnabledAllIdPs | /permission/admin/manage |
| getIdPByName | /permission/admin/manage |
| getResidentIdP | /permission/admin/manage |
| updateIdP | /permission/admin/manage |
| updateResidentIdP | /permission/admin/manage |
|
|
|
IdentityApplicationManagementService | createApplication | /permission/admin/manage |
| deleteApplication | /permission/admin/manage |
| getAllApplicationBasicInfo | /permission/admin/manage |
| getAllIdentityProviders | /permission/admin/manage |
| getAllLocalAuthenticators | /permission/admin/manage |
| getAllLocalClaimUris | /permission/admin/manage |
| getAllRequestPathAuthenticators | /permission/admin/manage |
| getApplication | /permission/admin/manage |
| getIdentityProvider | /permission/admin/manage |
| updateApplication | /permission/admin/manage |
|
|
|
TenantMgtAdminService | activateTenant | /permission/protected/manage/modify/tenants |
| addSkeletonTenant | /permission/protected/manage/monitor/tenants |
| addTenant | /permission/protected/manage/monitor/tenants |
| deactivateTenant | /permission/protected/manage/modify/tenants |
| deleteTenant | /permission/protected/manage/modify/tenants |
| getTenant | /permission/protected/manage/monitor/tenants |
| retrievePaginatedPartialSearchTenants | /permission/protected/manage/monitor/tenants |
| retrievePaginatedTenants | /permission/protected/manage/monitor/tenants |
| retrievePartialSearchTenants | /permission/protected/manage/monitor/tenants |
| retrieveTenants | /permission/protected/manage/monitor/tenants |
| updateTenant | /permission/protected/manage/modify/tenants |
|
|
|
UserStoreConfigAdminService | addUserStore | /permission/admin/manage/identity/userstore/config/create |
| changeUserStoreState | /permission/admin/manage/identity/userstore/config/update |
| deleteUserStore | /permission/admin/manage/identity/userstore/config/delete |
| deleteUserStoresSet | /permission/admin/manage/identity/userstore/config/delete |
| editUserStore | /permission/admin/manage/identity/userstore/config/update |
| editUserStoreWithDomainName | /permission/admin/manage/identity/userstore/config/update |
| getAvailableUserStoreClasses | /permission/admin/manage/identity/userstore/config/view |
| getSecondaryRealmConfigurations | /permission/admin/manage/identity/userstore/config/view |
| getUserStoreManagerProperties | /permission/admin/manage/identity/userstore/config/view |
| testRDBMSConnection | /permission/admin/manage/identity/userstore/config/view |
|
|
|
OAuthAdminService | getAllOAuthApplicationData | /permission/admin/manage/identity/applicationmgt/view |
| getAllowedGrantTypes | /permission/admin/manage/identity/applicationmgt/view |
| getAppsAuthorizedByUser | /permission/admin/login |
| getOAuthApplicationData | /permission/admin/manage/identity/applicationmgt/view |
| getOAuthApplicationDataByAppName | /permission/admin/manage/identity/applicationmgt/view |
| registerOAuthApplicationData | /permission/admin/manage/identity/applicationmgt/create |
| registerOAuthConsumer | /permission/admin/manage/identity/applicationmgt/create |
| removeOAuthApplicationData | /permission/admin/manage/identity/applicationmgt/delete |
| revokeAuthzForAppsByResoureOwner | /permission/admin/login |
| updateConsumerApplication | /permission/admin/manage/identity/applicationmgt/update |
|
|
|
OAuth2TokenValidationService | findOAuthConsumerIfTokenIsValid | /permission/admin/manage |
| validate | /permission/admin/manage |
|
|
|
ClaimManagementService | addNewClaimDialect | /permission/admin/configure/security |
| addNewClaimMapping | /permission/admin/configure/security |
| getClaimMappingByDialect | /permission/admin/configure/security |
| getClaimMappings | /permission/admin/configure/security |
| removeClaimDialect | /permission/admin/configure/security |
| removeClaimMapping | /permission/admin/configure/security |
| upateClaimMapping | /permission/admin/configure/security |
|
|
|
RemoteUserStoreManagerService | addRole | /permission/admin/configure/security |
| addUser | /permission/admin/configure/security |
| addUserClaimValue | /permission/admin/configure/security |
| addUserClaimValues | /permission/admin/configure/security |
| authenticate | /permission/admin/configure/security |
| deleteRole | /permission/admin/configure/security |
| deleteUser | /permission/admin/configure/security |
| deleteUserClaimValue | /permission/admin/configure/security |
| deleteUserClaimValues | /permission/admin/configure/security |
| getAllProfileNames | /permission/admin/configure/security |
| getHybridRoles | /permission/admin/configure/security |
| getPasswordExpirationTime | /permission/admin/configure/security |
| getProfileNames | /permission/admin/configure/security |
| getProperties | /permission/admin/configure/security |
| getRoleListOfUser | /permission/admin/configure/security |
| getRoleNames | /permission/admin/configure/security |
| getTenantId | /permission/admin/configure/security |
| getTenantIdofUser | /permission/admin/configure/security |
| getUserClaimValue | /permission/admin/configure/security |
| getUserClaimValues | /permission/admin/configure/security |
| getUserClaimValuesForClaims | /permission/admin/configure/security |
| getUserId | /permission/admin/configure/security |
| getUserList | /permission/admin/configure/security |
| getUserListOfRole | /permission/admin/configure/security |
| isExistingRole | /permission/admin/configure/security |
| isExistingUser | /permission/admin/configure/security |
| isReadOnly | /permission/admin/configure/security |
| listUsers | /permission/admin/configure/security |
| setUserClaimValue | /permission/admin/configure/security |
| setUserClaimValues | /permission/admin/configure/security |
| updateCredential | /permission/admin/configure/security |
| updateCredentialByAdmin | /permission/admin/configure/security |
| updateRoleListOfUser | /permission/admin/configure/security |
| updateRoleName | /permission/admin/configure/security |
| updateUserListOfRole | /permission/admin/configure/security |
|
|
|
RemoteAuthorizationManagerService | authorizeRole | /permission/admin/configure/security |
| authorizeUser | /permission/admin/configure/security |
| clearAllRoleAuthorization | /permission/admin/configure/security |
| clearAllUserAuthorization | /permission/admin/configure/security |
| clearResourceAuthorizations | /permission/admin/configure/security |
| clearRoleActionOnAllResources | /permission/admin/configure/security |
|