This endpoint retrieves a list of roles and returns their attributes. This API does not list permissions for said roles. To receive that information, please leverage the existing Get Roles API (https://docs-cortex.paloaltonetworks.com/r/Cortex-XSIAM-REST-API/Get-Roles). Note: 'role_id' refers to the immutable role ID, while 'pretty_name' refers to the display name.
curl -X 'GET'
-H
'Accept: application/json'
'https://api-cortex.paloaltonetworks.com/platform/iam/v1/role'
import http.client
conn = http.client.HTTPSConnection("api-")
conn.request("GET", "%7Bfqdn%7D/platform/iam/v1/role")
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-/%7Bfqdn%7D/platform/iam/v1/role")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Get.new(url)
response = http.request(request)
puts response.read_bodyconst data = null;
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("GET", "https://api-/%7Bfqdn%7D/platform/iam/v1/role");
xhr.send(data);HttpResponse<String> response = Unirest.get("https://api-/%7Bfqdn%7D/platform/iam/v1/role")
.asString();import Foundation
let request = NSMutableURLRequest(url: NSURL(string: "https://api-/%7Bfqdn%7D/platform/iam/v1/role")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "GET"
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-/%7Bfqdn%7D/platform/iam/v1/role",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "GET");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-/%7Bfqdn%7D/platform/iam/v1/role");
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-/%7Bfqdn%7D/platform/iam/v1/role");
var request = new RestRequest(Method.GET);
IRestResponse response = client.Execute(request);Successfully retrieved roles
dataarrayrequired
role_idstringrequiredThe unique identifier for the role
The unique identifier for the role
pretty_namestringrequiredThe display name for the role
The display name for the role
descriptionstringrequiredA description of the role's purpose and permissions
A description of the role's purpose and permissions
is_custombooleanrequiredIndicates if the role is a custom role (true) or a predefined system role (false)
Indicates if the role is a custom role (true) or a predefined system role (false)
created_bystringrequiredThe user or system that created the role
The user or system that created the role
created_tsintegerrequiredThe timestamp when the role was created
The timestamp when the role was created
updated_tsintegerrequiredThe timestamp when the role was last updated
The timestamp when the role was last updated
metadataobjectMetadata for the response
Metadata for the response
{
"data": [
{
"role_id": "test_role_01",
"pretty_name": "Test Role Pretty Name 01",
"description": "Complete description",
"is_custom": true,
"created_by": "User 01",
"created_ts": 1661171650679,
"updated_ts": 1661171650679
},
{
"role_id": "test_role_02",
"pretty_name": "Test Role Pretty Name 02",
"description": "Complete description",
"is_custom": true,
"created_by": "User 02",
"created_ts": 1661171650679,
"updated_ts": 1661171650679
}
],
"metadata": {
"total_count": 2
}
}Unauthorized access
{
"reply": {
"err_code": 401,
"err_msg": "Public API request unauthorized",
"err_extra": null
}
}Unauthorized access due to lack of sufficient permissions
replyobject
err_msgstringrequired
err_extrastring
err_codeinteger
metadataobjectrequired
{
"reply": {
"err_code": 403,
"err_msg": "Forbidden. Access was denied to this resource.",
"err_extra": "Insufficient permissions for api key",
"metadata": {}
}
}Internal server error. A unified status for API communication type errors.