Get a list of Roles
get
/access-governance/access-controls/20250331/roles
Returns details of all available roles with support for pagination.
Request
Query Parameters
-
approvalWorkflowId: string
Minimum Length:
1Maximum Length:255A filter to return only resources that match the given approval workflow id. -
keywordContains: string
Keyword to filter on. Only one keyword may be provided. Default is empty string.
-
limit: integer
Minimum Value:
1Maximum Value:1000The maximum number of items to return.Default Value:10 -
organizationId: string
Minimum Length:
1Maximum Length:255A filter to return only resources that match the given organization id. -
page: string
Minimum Length:
1A token representing the position at which to start retrieving results. This must come from the `opc-next-page` header field of a previous response. -
requestableBy: string
Minimum Length:
1Maximum Length:255A filter to return only resources that match the given identityType.Allowed Values:[ "ANY", "NONE", "MEMBERS_OF_AN_ORG" ] -
sortBy: string
The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending.Default Value:
timeCreatedAllowed Values:[ "timeCreated", "displayName" ] -
sortOrder: string
The sort order to use, either 'ASC' or 'DESC'.Allowed Values:
[ "ASC", "DESC" ] -
status: string
A filter to be used for finding entities with the given status.Default Value:
ALLAllowed Values:[ "ALL", "ACTIVE", "DRAFT", "INACTIVE" ] -
userId: string
Minimum Length:
1Maximum Length:255Identifier of the user who is performing the operation
Header Parameters
-
opc-request-id: string
The client request ID for tracing. The only valid characters for request IDs are letters, numbers, underscore, and dash.
Response
Supported Media Types
- application/json
200 Response
A list of Role Summaries
Headers
-
opc-next-page: string
For pagination of a list of items. When paging through a list, if this header appears in the response, then a partial list might have been returned. Include this value as the `page` parameter for the subsequent GET request to get the next batch of items.
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : RoleCollection
Type:
objectResults of a Role search. Contains both Role items and other data.
Show Source
-
items(required):
array items
List of Roles summary.
Nested Schema : items
Type:
arrayList of Roles summary.
Show Source
-
Array of:
object RoleSummary
Role object summary.
Nested Schema : RoleSummary
Type:
objectRole object summary.
Show Source
-
approvalWorkflowId:
string
ApprovalWorkflowId that is applicable to the Role
-
createdBy:
object IdInfo
Generic identifying information object.
-
customAttributes:
object customAttributes
Metadata associated with the access bundle
-
description:
string
Role description
-
id(required):
string
Unique identifier that is immutable on creation
-
isOwner:
boolean
Boolean value checking if logged-in user is owner of this resource or not.
-
name:
string
Role name
-
organizations:
array organizations
List containing organizations information attached to the Role.
-
owners:
array owners
List of owner entities
-
primaryOwner:
object PrimaryOwner
Details of a primary Owner.
-
requestableBy:
string
Allowed Values:
[ "ANY", "NONE", "MEMBERS_OF_AN_ORG" ]The identity type that may request the Access Bundle. -
status:
string
Allowed Values:
[ "ACTIVE", "DRAFT", "INACTIVE", "PENDING", "FAILED", "IN_PROGRESS", "SAVED", "SUCCESS", "TIMEOUT" ]Status of the Role -
tags:
array tags
List of tags attached to the Role
-
timeCreated:
string(date-time)
Time when the Role was created. An RFC3339 formatted datetime string
-
timeUpdated:
string(date-time)
Time when the Role was last updated. An RFC3339 formatted datetime string
Nested Schema : IdInfo
Type:
objectGeneric identifying information object.
Show Source
-
displayName:
string
Display Name of the entity.
-
id:
string
Id of the entity.
-
name:
string
Name of the entity.
Nested Schema : customAttributes
Type:
objectMetadata associated with the access bundle
Show Source
Nested Schema : organizations
Type:
arrayList containing organizations information attached to the Role.
Show Source
-
Array of:
object IdInfo
Generic identifying information object.
Nested Schema : owners
Type:
arrayList of owner entities
Show Source
-
Array of:
object OwnerSummary
Owner entity object
Nested Schema : PrimaryOwner
Type:
objectDetails of a primary Owner.
Show Source
-
displayName:
string
Display name of the primary Owner.
-
value:
string
Id of the primary Owner.
Nested Schema : OwnerSummary
Type:
objectOwner entity object
Show Source
-
id(required):
string
Unique identifier that is immutable on creation
-
isPrimary(required):
boolean
Is this entity the primary owner?
-
name(required):
string
Name of the owner
400 Response
Bad Request
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
401 Response
Unauthorized
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
404 Response
Not Found
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
429 Response
Too Many Requests
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
500 Response
Internal Server Error
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
Default Response
Unknown Error
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
Examples
The following example shows how to retrieve a list of roles by submitting a GET request.
cURL Example - Without Query Parameters
curl -i -X GET \
-H "Authorization:Bearer <your access token>" \
'https://${service-instance-url}/access-governance/access-controls/20250331/roles'Example of the Response Body
The following example shows the contents of the response body in JSON format, including a list of all available roles:
{
"items": [
{
"id": "7642ff7d-xxxx-45c4-88d4-db7d2e79e85f",
"name": "UA External API Access Manager",
"description": "Manages permissions for identities.",
"status": "ACTIVE",
"approvalWorkflowId": "NO_APPROVAL_REQUIRED",
"createdBy": {
"id": "globalId.125123c3-xxxx-4d6a-b6d4-6c0f6537bad2.18.02e36bbb4b201421b4xxx046b3ceb16a",
"name": "Amel Maclead",
"displayName": "Amel Maclead"
},
"requestableBy": "ANY",
"timeCreated": "2025-04-24T06:55:26.546Z",
"timeUpdated": "2025-04-24T06:55:26.546Z",
"tags": ["UA Role"],
"customAttributes": null,
"primaryOwner": {
"value": "globalId.125123c3-xxxx-4d6a-b6d4-6c0f6537bad2.18.02e36bbb4b201421b44aa046b3ceb16a",
"displayName": "Amel Maclead"
},
"isOwner": true,
"owners": null
},
{
"id": "a5ee5a10-xxxx-4882-8ff9-c5277e94f9ce",
"name": "UA External API Role - Account Manager",
"description": "Responsible for updating and managing accounts.",
"status": "ACTIVE",
"approvalWorkflowId": "NO_APPROVAL_REQUIRED",
"createdBy": {
"id": "globalId.125123c3-xxxx-4d6a-b6d4-6c0f6537bad2.18.02e36bbb4b201421b44aa046b3ceb16a",
"name": "Amel Maclead",
"displayName": "Amel Maclead"
},
"requestableBy": "ANY",
"timeCreated": "2025-04-24T06:27:26.011Z",
"timeUpdated": "2025-04-24T06:39:11.143Z",
"tags": ["UA Role"],
"customAttributes": null,
"primaryOwner": {
"value": "globalId.125123c3-xxxx-4d6a-b6d4-6c0f6537bad2.18.02e36bbb4b201421b44aa046b3ceb16a",
"displayName": "Amel Maclead"
},
"isOwner": true,
"owners": null
}
]
}