Checking current user account roles

To check current user account roles

1. Authenticate to the cloud platform via the Python shell.

   The following variables should be available now:

   >>> base_url  # the base URL of the API
   '<the data center URL>/api/2'
   >>> auth  # the 'Authorization' header value with the access token
   {'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImMwMD...'}
   >>> tenant_id  # the UUID of the tenant to which the token provides access
   'ede9f834-70b3-476c-83d9-736f9f8c7dae'
   

2. Assign the user_id variable the UUID of a user account created via the API or a user account found via search:

   >>> user_id = created_user_id
   >>> user_id
   '1c234e69-5469-424a-a6d1-ff5658b387a6'
   

3. Send a GET request to the /users/{user_id}/access_policies endpoint:

   >>> response = requests.get(f'{base_url}/users/{user_id}/access_policies', headers=auth)
   

4. Check the status code of the response:

   >>> response.status_code
   200
   

   Status code 200 means that the request was successful.

   Note

   A different status code means that an error has occurred. For details of the error, see HTTP status response codes and API error codes.

   Also, the response body contains the items array of current access policy objects, formatted as a JSON text. When converted to an object, it will look like this:

   >>> pprint.pprint(response.json())
   {'items': [{'id': '00000000-0000-0000-0000-000000000000',
               'issuer_id': '00000000-0000-0000-0000-000000000000',
               'role_id': 'partner_admin',
               'tenant_id': 'ede9f834-70b3-476c-83d9-736f9f8c7dae',
               'trustee_id': '1c234e69-5469-424a-a6d1-ff5658b387a6',
               'trustee_type': 'user',
               'version': 0}]}
   

   The role_id attribute contains current role of the user account.