Home Explore Help
Sign In
lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 065158e222
Branches Tags
elasticsearch
/
docs
/
reference
/
rest-api
/
security
/
get-role-mappings.asciidoc

get-role-mappings.asciidoc 2.4 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586 
  1. [role="xpack"]
    2. 

  2. [[security-api-get-role-mapping]]
    3. 

  3. === Get role mappings API
    4. 

  4. ++++
    5. 

  5. <titleabbrev>Get role mappings</titleabbrev>
    6. 

  6. ++++
    7. 

  7. 

  8. Retrieves role mappings.
    9. 

  9. 

  10. [[security-api-get-role-mapping-request]]
    11. 

  11. ==== {api-request-title}
    12. 

  12. 

  13. `GET /_security/role_mapping` +
    14. 

  14. 

  15. `GET /_security/role_mapping/<name>`
    16. 

  16. 

  17. [[security-api-get-role-mapping-prereqs]]
    18. 

  18. ==== {api-prereq-title}
    19. 

  19. 

  20. * To use this API, you must have at least the `read_security` cluster privilege.
    21. 

  21. 

  22. [[security-api-get-role-mapping-desc]]
    23. 

  23. ==== {api-description-title}
    24. 

  24. 

  25. Role mappings define which roles are assigned to each user. For more information,
    26. 

  26. see <<mapping-roles>>.
    27. 

  27. 

  28. The role mapping APIs are generally the preferred way to manage role mappings
    29. 

  29. rather than using <<mapping-roles-file,role mapping files>>.
    30. 

  30. The get role mappings API cannot retrieve role mappings that are defined
    31. 

  31. in role mapping files.
    32. 

  32. 

  33. [[security-api-get-role-mapping-path-params]]
    34. 

  34. ==== {api-path-parms-title}
    35. 

  35. 

  36. `name`::
    37. 

  37.   (Optional, string) The distinct name that identifies the role mapping. The name
    38. 

  38.   is used solely as an identifier to facilitate interaction via the API; it does
    39. 

  39.   not affect the behavior of the mapping in any way. You can specify multiple
    40. 

  40.   mapping names as a comma-separated list. If you do not specify this
    41. 

  41.   parameter, the API returns information about all role mappings.
    42. 

  42. 

  43. [[security-api-get-role-mapping-response-body]]
    44. 

  44. ==== {api-response-body-title}
    45. 

  45. 

  46. A successful call retrieves an object, where the keys are the
    47. 

  47. names of the request mappings, and the values are the JSON representation of
    48. 

  48. those mappings. For more information, see
    49. 

  49. <<role-mapping-resources>>.
    50. 

  50. 

  51. [[security-api-get-role-mapping-response-codes]]
    52. 

  52. ==== {api-response-codes-title}
    53. 

  53. 

  54. If there is no mapping with the requested name, the
    55. 

  55. response will have status code `404`.
    56. 

  56. 

  57. 

  58. [[security-api-get-role-mapping-example]]
    59. 

  59. ==== {api-examples-title}
    60. 

  60. 

  61. The following example retrieves information about the `mapping1` role mapping:
    62. 

  62. 

  63. [source,console]
    64. 

  64. --------------------------------------------------
    65. 

  65. GET /_security/role_mapping/mapping1
    66. 

  66. --------------------------------------------------
    67. 

  67. // TEST[setup:role_mapping]
    68. 

  68. 

  69. 

  70. [source,console-result]
    71. 

  71. --------------------------------------------------
    72. 

  72. {
    73. 

  73.   "mapping1": {
    74. 

  74.     "enabled": true,
    75. 

  75.     "roles": [
    76. 

  76.       "user"
    77. 

  77.     ],
    78. 

  78.     "rules": {
    79. 

  79.       "field": {
    80. 

  80.         "username": "*"
    81. 

  81.       }
    82. 

  82.     },
    83. 

  83.     "metadata": {}
    84. 

  84.   }
    85. 

  85. }
    86. 

  86. --------------------------------------------------
    87.