This documentation is for WSO2 Identity Server 5.6.0. View documentation for the latest release.
API Permissions - WSO2 Identity Server 5.6.0 - WSO2 Documentation

All docs This doc
||
Skip to end of metadata
Go to start of metadata

The following table lists out all the available APIs and their operations and specifies the permissions of each operation. 

ServiceOperationPermission Level
IdentityProviderMgtServiceaddIdP/permission/admin/manage

deleteIdP/permission/admin/manage

getAllFederatedAuthenticators/permission/admin/manage

getAllIdPs/permission/admin/login

getAllLocalClaimUris/permission/admin/manage

getAllProvisioningConnectors/permission/admin/manage

getEnabledAllIdPs/permission/admin/manage

getIdPByName/permission/admin/manage

getResidentIdP/permission/admin/manage

updateIdP/permission/admin/manage

updateResidentIdP/permission/admin/manage



IdentityApplicationManagementServicecreateApplication/permission/admin/manage

deleteApplication/permission/admin/manage

getAllApplicationBasicInfo/permission/admin/manage

getAllIdentityProviders/permission/admin/manage

getAllLocalAuthenticators/permission/admin/manage

getAllLocalClaimUris/permission/admin/manage

getAllRequestPathAuthenticators/permission/admin/manage

getApplication/permission/admin/manage

getIdentityProvider/permission/admin/manage

updateApplication/permission/admin/manage



TenantMgtAdminServiceactivateTenant/permission/protected/manage/modify/tenants

addSkeletonTenant/permission/protected/manage/monitor/tenants

addTenant/permission/protected/manage/monitor/tenants

deactivateTenant/permission/protected/manage/modify/tenants

deleteTenant/permission/protected/manage/modify/tenants

getTenant/permission/protected/manage/monitor/tenants

retrievePaginatedPartialSearchTenants/permission/protected/manage/monitor/tenants

retrievePaginatedTenants/permission/protected/manage/monitor/tenants

retrievePartialSearchTenants/permission/protected/manage/monitor/tenants

retrieveTenants/permission/protected/manage/monitor/tenants

updateTenant/permission/protected/manage/modify/tenants



UserStoreConfigAdminServiceaddUserStore/permission/admin/manage/identity/userstore/config/create

changeUserStoreState/permission/admin/manage/identity/userstore/config/update

deleteUserStore/permission/admin/manage/identity/userstore/config/delete

deleteUserStoresSet/permission/admin/manage/identity/userstore/config/delete

editUserStore/permission/admin/manage/identity/userstore/config/update

editUserStoreWithDomainName/permission/admin/manage/identity/userstore/config/update

getAvailableUserStoreClasses/permission/admin/manage/identity/userstore/config/view

getSecondaryRealmConfigurations/permission/admin/manage/identity/userstore/config/view

getUserStoreManagerProperties/permission/admin/manage/identity/userstore/config/view

testRDBMSConnection/permission/admin/manage/identity/userstore/config/view



OAuthAdminServicegetAllOAuthApplicationData/permission/admin/manage/identity/applicationmgt/view

getAllowedGrantTypes/permission/admin/manage/identity/applicationmgt/view

getAppsAuthorizedByUser/permission/admin/login

getOAuthApplicationData/permission/admin/manage/identity/applicationmgt/view

getOAuthApplicationDataByAppName/permission/admin/manage/identity/applicationmgt/view

registerOAuthApplicationData/permission/admin/manage/identity/applicationmgt/create

registerOAuthConsumer/permission/admin/manage/identity/applicationmgt/create

removeOAuthApplicationData/permission/admin/manage/identity/applicationmgt/delete

revokeAuthzForAppsByResoureOwner/permission/admin/login

updateConsumerApplication/permission/admin/manage/identity/applicationmgt/update



OAuth2TokenValidationServicefindOAuthConsumerIfTokenIsValid/permission/admin/manage

validate/permission/admin/manage



ClaimManagementServiceaddNewClaimDialect/permission/admin/configure/security

addNewClaimMapping/permission/admin/configure/security

getClaimMappingByDialect/permission/admin/configure/security

getClaimMappings/permission/admin/configure/security

removeClaimDialect/permission/admin/configure/security

removeClaimMapping/permission/admin/configure/security

upateClaimMapping/permission/admin/configure/security



RemoteUserStoreManagerServiceaddRole/permission/admin/configure/security

addUser/permission/admin/configure/security

addUserClaimValue/permission/admin/configure/security

addUserClaimValues/permission/admin/configure/security

authenticate/permission/admin/configure/security

deleteRole/permission/admin/configure/security

deleteUser/permission/admin/configure/security

deleteUserClaimValue/permission/admin/configure/security

deleteUserClaimValues/permission/admin/configure/security

getAllProfileNames/permission/admin/configure/security

getHybridRoles/permission/admin/configure/security

getPasswordExpirationTime/permission/admin/configure/security

getProfileNames/permission/admin/configure/security

getProperties/permission/admin/configure/security

getRoleListOfUser/permission/admin/configure/security

getRoleNames/permission/admin/configure/security

getTenantId/permission/admin/configure/security

getTenantIdofUser/permission/admin/configure/security

getUserClaimValue/permission/admin/configure/security

getUserClaimValues/permission/admin/configure/security

getUserClaimValuesForClaims/permission/admin/configure/security

getUserId/permission/admin/configure/security

getUserList/permission/admin/configure/security

getUserListOfRole/permission/admin/configure/security

isExistingRole/permission/admin/configure/security

isExistingUser/permission/admin/configure/security

isReadOnly/permission/admin/configure/security

listUsers/permission/admin/configure/security

setUserClaimValue/permission/admin/configure/security

setUserClaimValues/permission/admin/configure/security

updateCredential/permission/admin/configure/security

updateCredentialByAdmin/permission/admin/configure/security

updateRoleListOfUser/permission/admin/configure/security

updateRoleName/permission/admin/configure/security

updateUserListOfRole/permission/admin/configure/security



RemoteAuthorizationManagerServiceauthorizeRole/permission/admin/configure/security

authorizeUser/permission/admin/configure/security

clearAllRoleAuthorization/permission/admin/configure/security

clearAllUserAuthorization/permission/admin/configure/security

clearResourceAuthorizations/permission/admin/configure/security

clearRoleActionOnAllResources/permission/admin/configure/security

clearRoleAuthorization/permission/admin/configure/security

clearUserAuthorization/permission/admin/configure/security

denyRole/permission/admin/configure/security

denyUser/permission/admin/configure/security

getAllowedRolesForResource/permission/admin/configure/security

getAllowedUIResourcesForUser/permission/admin/configure/security

getDeniedRolesForResource/permission/admin/configure/security

getExplicitlyAllowedUsersForResource/permission/admin/configure/security

getExplicitlyDeniedUsersForResource/permission/admin/configure/security

isRoleAuthorized/permission/admin/configure/security

isUserAuthorized/permission/admin/manage/identity

resetPermissionOnUpdateRole/permission/admin/configure/security



RemoteProfileConfigurationManagerServiceaddProfileConfig/permission/admin/configure/security

deleteProfileConfig/permission/admin/configure/security

getAllProfiles/permission/admin/configure/security

getProfileConfig/permission/admin/configure/security

updateProfileConfig/permission/admin/configure/security



RemoteClaimManagerServiceaddNewClaimMapping/permission/admin/configure/security

deleteClaimMapping/permission/admin/configure/security

getAllClaimMappings/permission/admin/configure/security

getAllClaimUris/permission/admin/configure/security

getAllRequiredClaimMappings/permission/admin/configure/security

getAllSupportClaimMappingsByDefault/permission/admin/configure/security

getAttributeName/permission/admin/configure/security

getAttributeNameFromDomain/permission/admin/configure/security

getClaim/permission/admin/configure/security

getClaimMapping/permission/admin/configure/security

updateClaimMapping/permission/admin/configure/security



RemoteUserRealmServicegetRealmConfiguration/permission/protected/tenant-admin



RemoteTenantManagerServiceactivateTenant/permission/protected/tenant-admin

addTenant/permission/protected/tenant-admin

deactivateTenant/permission/protected/tenant-admin

deleteTenant/permission/protected/tenant-admin

getAllTenants/permission/protected/tenant-admin

getDomain/permission/protected/tenant-admin

getSuperTenantDomain/permission/protected/tenant-admin

getTenant/permission/protected/tenant-admin

getTenantId/permission/protected/tenant-admin

isTenantActive/permission/protected/tenant-admin

updateTenant/permission/protected/tenant-admin



UserIdentityManagementAdminServicechangeUserPassword/permission/admin/login

deleteUser/permission/admin/login

getAllChallengeQuestions/permission/admin/login

getAllPromotedUserChallenge/permission/admin/login

getAllUserIdentityClaims/permission/admin/login

getChallengeQuestionsOfUser/permission/admin/login

isReadOnlyUserStore/permission/admin/login

lockUserAccount/permission/admin/login

resetUserPassword/permission/admin/login

setChallengeQuestions/permission/admin/login

setChallengeQuestionsOfUser/permission/admin/login

unlockUserAccount/permission/admin/login

updateUserIdentityClaims/permission/admin/login



AccountCredentialMgtConfigServicegetEmailConfig/permission/admin/login

saveEmailConfig/permission/admin/login



UserInformationRecoveryServiceconfirmUserSelfRegistration/permission/admin/login

getAllChallengeQuestions/permission/admin/login

getCaptcha/permission/admin/login

getUserChallengeQuestion/permission/admin/login

getUserChallengeQuestionIds/permission/admin/login

getUserIdentitySupportedClaims/permission/admin/login

registerUser/permission/admin/login

sendRecoveryNotification/permission/admin/login

updatePassword/permission/admin/login

verifyAccount/permission/admin/login

verifyConfirmationCode/permission/admin/login

verifyUser/permission/admin/login

verifyUserChallengeAnswer/permission/admin/login



EntitlementAdminServiceclearAllAttributeCaches/permission/admin/configure

clearAllResourceCaches/permission/admin/configure

clearAttributeFinderCache/permission/admin/configure

clearAttributeFinderCacheByAttributes/permission/admin/configure

clearCarbonAttributeCache/permission/admin/configure

clearCarbonResourceCache/permission/admin/configure

clearDecisionCache/permission/admin/configure

clearPolicyCache/permission/admin/configure

clearResourceFinderCache/permission/admin/configure

doTestRequest/permission/admin/configure

doTestRequestForGivenPolicies/permission/admin/configure

getGlobalPolicyAlgorithm/permission/admin/configure

getPDPData/permission/admin/configure

getPIPAttributeFinderData/permission/admin/configure

getPIPResourceFinderData/permission/admin/configure

getPolicyFinderData/permission/admin/configure

refreshAttributeFinder/permission/admin/configure

refreshPolicyFinders/permission/admin/configure

refreshResourceFinder/permission/admin/configure

setGlobalPolicyAlgorithm/permission/admin/configure



EntitlementPolicyAdminServiceaddPolicies/permission/admin/configure

addPolicy/permission/admin/configure

addSubscriber/permission/admin/configure

deleteSubscriber/permission/admin/configure

dePromotePolicy/permission/admin/configure

enableDisablePolicy/permission/admin/configure

getAllPolicies/permission/admin/configure

getAllPolicyIds/permission/admin/configure

getEntitlementData/permission/admin/configure

getEntitlementDataModules/permission/admin/configure

getLightPolicy/permission/admin/configure

getPolicy/permission/admin/configure

getPolicyByVersion/permission/admin/configure

getPolicyVersions/permission/admin/configure

getPublisherModuleData/permission/admin/configure

getStatusData/permission/admin/configure

getSubscriber/permission/admin/configure

getSubscriberIds/permission/admin/configure

importPolicyFromRegistry/permission/admin/configure

orderPolicy/permission/admin/configure

publish/permission/admin/configure

publishPolicies/permission/admin/configure

publishToPDP/permission/admin/configure

removePolicies/permission/admin/configure

removePolicy/permission/admin/configure

rollBackPolicy/permission/admin/configure

updatePolicy/permission/admin/configure

updateSubscriber/permission/admin/configure



EntitlementServicegetAllEntitlements/permission/admin/login

getBooleanDecision/permission/admin/login

getDecision/permission/admin/login

getDecisionByAttributes/permission/admin/login

getEntitledAttributes/permission/admin/login

XACMLAuthzDecisionQuery/permission/admin/login



ws-xacmlXACMLAuthzDecisionQuery/permission/admin/manage



UserProfileMgtServiceassociateID/permission/admin/login

deleteUserProfile/permission/admin/login

getAssociatedIDs/permission/admin/login

getInstance/permission/admin/login

getNameAssociatedWith/permission/admin/login

getProfileFieldsForInternalStore/permission/admin/login

getUserProfile/permission/admin/login

getUserProfiles/permission/admin/login

isAddProfileEnabled/permission/admin/login

isAddProfileEnabledForDomain/permission/admin/login

isReadOnlyUserStore/permission/admin/login

removeAssociateID/permission/admin/login

setUserProfile/permission/admin/login



UserAdminaddInternalRole/permission/admin/configure/security

addRemoveRolesOfUser/permission/admin/configure/security

addRemoveUsersOfRole/permission/admin/configure/security

addRole/permission/admin/configure/security

addUser/permission/admin/configure/security/usermgt/users

bulkImportUsers/permission/admin/configure/security

changePassword/permission/admin/configure/security/usermgt/passwords

changePasswordByUser/permission/admin/login

deleteRole/permission/admin/configure/security

deleteUser/permission/admin/configure/security/usermgt/users

getAllRolesNames/permission/admin/configure/security/rolemgt,/permission/admin/manage/modify/service

getAllSharedRoleNames/permission/admin/configure/security

getAllUIPermissions/permission/admin/configure/security

getRolePermissions/permission/admin/configure/security

getRolesOfCurrentUser/permission/admin/login

getRolesOfUser/permission/admin/configure/security

getUserRealmInfo/permission/admin/login

getUsersOfRole/permission/admin/configure/security/rolemgt

hasMultipleUserStores/permission/admin/login

isSharedRolesEnabled/permission/admin/configure/security

listAllUsers/permission/admin/configure/security/usermgt/users,/permission/admin/configure/security/usermgt/passwords,/permission/admin/configure/security/usermgt/profiles

listUserByClaim/permission/admin/configure/security

listUsers/permission/admin/configure/security/usermgt/users,/permission/admin/configure/security/usermgt/passwords,/permission/admin/configure/security/usermgt/profiles

setRoleUIPermission/permission/admin/configure/security

updateRoleName/permission/admin/configure/security

updateRolesOfUser/permission/admin/configure/security

updateUsersOfRole/permission/admin/configure/security



MultipleCredentialsUserAdminaddCredential/permission/admin/configure/security/usermgt/passwords

addUser/permission/admin/configure/security/usermgt/users

addUsers/permission/admin/configure/security/usermgt/users

addUserWithUserId/permission/admin/configure/security/usermgt

authenticate/permission/admin/configure/security/usermgt

deleteCredential/permission/admin/configure/security/usermgt/passwords

deleteUser/permission/admin/configure/security/usermgt/users

deleteUserClaimValue/permission/admin/configure/security/usermgt

deleteUserClaimValues/permission/admin/configure/security/usermgt

getAllUserClaimValues/permission/admin/login

getCredentials/permission/admin/configure/security/usermgt/passwords

getUserClaimValue/permission/admin/configure/security/usermgt

getUserClaimValues/permission/admin/configure/security/usermgt

getUserId/permission/admin/configure/security/usermgt

setUserClaimValue/permission/admin/configure/security/usermgt

setUserClaimValues/permission/admin/configure/security/usermgt

updateCredential/permission/admin/configure/security/usermgt/passwords



IdentityProviderAdminServiceaddOpenID/permission/admin/login

extractPrimaryUserName/permission/admin/login

getAllOpenIDs/permission/admin/login

getPrimaryOpenID/permission/admin/login

removeOpenID/permission/admin/login



XMPPConfigurationServiceaddUserXmppSettings/permission/admin/login

editXmppSettings/permission/admin/login

getUserIM/permission/admin/login

getXmppSettings/permission/admin/login

hasXMPPSettings/permission/admin/login

isXMPPSettingsEnabled/permission/admin/login



IdentitySAMLSSOConfigServiceaddRPServiceProvider/permission/admin/manage

getCertAliasOfPrimaryKeyStore/permission/admin/manage

getClaimURIs/permission/admin/manage

getServiceProviders/permission/admin/manage

removeServiceProvider/permission/admin/manage



IdentitySTSAdminServicereadCardIssuerConfiguration/permission/admin/manage

updateCardIssueConfiguration/permission/admin/manage



IWAAuthenticatorcanHandle/permission/admin/login

login/permission/admin/login



ProvisioningAdminServicegetAllInstalledFeatures/permission/protected/configure/components

getInstalledFeatureInfo/permission/protected/configure/components

getInstalledFeaturesWithProperty/permission/protected/configure/components

getLicensingInformation/permission/protected/configure/components

getProfileHistory/permission/protected/configure/components

performProvisioningAction/permission/protected/configure/components

removeAllConsoleFeatures/permission/protected/configure/components

removeAllServerFeatures/permission/protected/configure/components

reviewProvisioningAction/permission/protected/configure/components



ProfilesAdminServicegetUserProfile/permission/admin/manage/modify/user-profile

putUserProfile/permission/admin/manage/modify/user-profile



SecurityAdminServiceactivateUsernameTokenAuthentication/permission/admin/manage/modify/service

applyKerberosSecurityPolicy/permission/admin/manage/modify/service

applySecurity/permission/admin/manage/modify/service

disableSecurityOnService/permission/admin/manage/modify/service

getScenarios/permission/admin/manage/modify/service

getSecurityConfigData/permission/admin/manage/modify/service

getSecurityScenario/permission/admin/manage/modify/service



STSAdminServiceaddTrustedService/permission/admin/configure/security

getCertAliasOfPrimaryKeyStore/permission/admin/configure/security

getProofKeyType/permission/admin/configure/security

getTrustedServices/permission/admin/configure/security

removeTrustedService/permission/admin/configure/security

setProofKeyType/permission/admin/configure/security



KeyStoreAdminServiceaddKeyStore/permission/admin/configure/security

addTrustStore/permission/admin/configure/security

deleteStore/permission/admin/configure/security

getKeystoreInfo/permission/admin/configure/security

getKeyStores/permission/admin/configure/security,/permission/admin/manage/modify/service

getPaginatedKeystoreInfo/permission/admin/configure/security

getStoreEntries/permission/admin/configure/security

importCertToStore/permission/admin/configure/security

removeCertFromStore/permission/admin/configure/security



SCIMConfigAdminServiceaddGlobalProvider/permission/admin/configure/security

addUserProvider/permission/admin/configure/security/usermgt/provisioning

deleteGlobalProvider/permission/admin/configure/security

deleteUserProvider/permission/admin/configure/security/usermgt/provisioning

getAllGlobalProviders/permission/admin/configure/security

getAllUserProviders/permission/admin/configure/security/usermgt/provisioning

getGlobalProvider/permission/admin/configure/security

getUserProvider/permission/admin/configure/security/usermgt/provisioning

updateGlobalProvider/permission/admin/configure/security

updateUserProvider/permission/admin/configure/security/usermgt/provisioning



DirectoryServerManageraddServer/permission/admin/configure/security,/permission/admin/manage/modify/service

changePassword/permission/admin/configure/security,/permission/admin/manage/modify/service

getPasswordConformanceRegularExpression/permission/admin/configure/security,/permission/admin/manage/modify/service

getServiceNameConformanceRegularExpression/permission/admin/configure/security,/permission/admin/manage/modify/service

isExistingServicePrinciple/permission/admin/configure/security,/permission/admin/manage/modify/service

isKDCEnabled/permission/admin/configure/security,/permission/admin/manage/modify/service

listServicePrinciples/permission/admin/configure/security,/permission/admin/manage/modify/service

removeServer/permission/admin/configure/security,/permission/admin/manage/modify/service



LoggedUserInfoAdmingetUserInfo/permission/admin/login



LoggingAdmingetAllLoggerData/permission/protected/configure/logging

getAppenderData/permission/protected/configure/logging

getLoggerData/permission/protected/configure/logging

getSyslogData/permission/protected/configure/logging

getSystemLog/permission/protected/configure/logging

isStratosService/permission/protected/configure/logging

removeSyslogPattern/permission/protected/configure/logging

restoreDefaults/permission/protected/configure/logging

updateAllAppenderData/permission/protected/configure/logging

updateLoggerData/permission/protected/configure/logging

updateSyslogConfig/permission/protected/configure/logging

updateSystemLog/permission/protected/configure/logging



LoginStatisticsAdmingetLoginAttemptsNot available

getUserBasedLoginAttemptsNot available



WorkflowAdminServicegetWorkflow/permission/admin/manage/identity/workflow/definition/view

listWorkflowEvents/permission/admin/manage/identity/workflow/association/view

listTemplates/permission/admin/manage/identity/workflow/definition/view

getTemplate/permission/admin/manage/identity/workflow/definition/view

getWorkflowImpl/permission/admin/manage/identity/workflow/definition/view

listWorkflowImpls/permission/admin/manage/identity/workflow/definition/view

addWorkflow/permission/admin/manage/identity/workflow/definition/create

addAssociation/permission/admin/manage/identity/workflow/association/create

changeAssociationState/permission/admin/manage/identity/workflow/association/update

listWorkflows/permission/admin/manage/identity/workflow/definition/view

removeWorkflow/permission/admin/manage/identity/workflow/definition/delete

removeAssociation/permission/admin/manage/identity/workflow/association/delete

listAssociations/permission/admin/manage/identity/workflow/association/view

listAllAssociations/permission/admin/manage/identity/workflow/association/view

getEvent/permission/admin/manage/identity/workflow/association/view

getRequestsCreatedByUser/permission/admin/manage/identity/workflow/monitor/view

getRequestsInFilter/permission/admin/manage/identity/workflow/monitor/view

deleteWorkflowRequest/permission/admin/manage/identity/workflow/monitor/delete

getWorkflowsOfRequest/permission/admin/manage/identity/workflow/monitor/view



WorkflowImplAdminServiceaddBPSProfile/permission/admin/manage/identity/workflow/profile/create

listBPSProfiles/permission/admin/manage/identity/workflow/profile/view

getBPSProfile/permission/admin/manage/identity/workflow/profile/view

updateBPSProfile/permission/admin/manage/identity/workflow/profile/update

removeBPSProfile/permission/admin/manage/identity/workflow/profile/delete

removeBPSPackage/permission/admin/manage/identity/workflow/profile/delete
  • No labels