Problem
Issue with the first approach is that if a user is assigned lots of permissions (e.g from more than one API), then we might need to send multiple requests.
Issue with the second approach is that I need to send at least two request, which means first to get role assigned to this user and then retrieve permissions associated with that role. Also this might miss permissions assigned to the users but not associated with any roles.
Question
Is there a way to get all permission assigned to a user for a specific API in one request?
Good morning @bo.liu, RBAC seems to be what you would want to leverage here. We have this doc below that calls the management api to check a users permissions which it sounds like you are interested in. When you get a chance please give this a look and let us know if you have any questions. Thanks!
This is very helpful! Do you if this endpoint /api/v2/users/{id}/permissions put any restrictions on number of permissions it returns or it returns all of them (e.g if the user has 1,000 permission)?
I’m not aware of the exact amount of allowed permissions allowed but it should be high enough to support the usecase. In the event a user has over 1,000 individual permissions, the situation may need to be further reviewed.