apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
57666 Commits
1677 Branches
650 Tags
2.2 GiB
Tag: Branch: Tree: 4bd5f29e05
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4bd5f29e05'
${ noResults }
grafana/docs/sources/developers/http_api/group_attribute_sync.md

209 lines
4.2 KiB
Raw Normal View History Unescape

GAS: Add HTTP API docs for group attribute sync (#96088) add HTTP API docs for GAS
1 year ago
---
description: Grafana Group Attribute Sync HTTP API
keywords:
- grafana
- http
- documentation
- api
- group
- member
- enterprise
labels:
products:
- enterprise
- oss
title: Group Attribute Sync HTTP API
---
# Group attribute sync API
The Group Attribute Sync API allows you to configure [group attribute sync feature](https://grafana.com/docs/grafana/<GRAFANA_VERSION>/setup-grafana/configure-security/configure-group-attribute-sync). This API is useful when you want to manage user roles based on group membership in an external system.
> **Note:** Available in [Grafana Enterprise](https://grafana.com/docs/grafana/<GRAFANA_VERSION>/introduction/grafana-enterprise) and [Grafana Cloud](https://grafana.com/docs/grafana-cloud/)
{{% admonition type="note" %}}
Docs: Group Attribute Sync feature in private preview (#101822) * Docs: Group Attribute Sync feature in private preview * add link & support note * update GAS API docs
10 months ago
This feature is currently in [private preview](https://grafana.com/docs/release-life-cycle/#private-preview) and behind the `groupAttributeSync` feature toggle. Please contact support to have this feature enabled.
GAS: Add HTTP API docs for group attribute sync (#96088) add HTTP API docs for GAS
1 year ago
{{% /admonition %}}
## List group mappings
`GET /api/groupsync/groups`
**Required permissions**
| Action | Scope |
| ----------------------- | ----- |
| groupsync.mappings:read | n/a |
**Example Request**:
```http
GET /api/groupsync/groups HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer glsa_kcVxDhZtu5ISOZIEt
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
[
{
"groups": [
{
"groupID": "group 1",
"mappings": {
"1": {
"roles": [
"fixed_nzVQoNSDSn0fg1MDgO6XnZX2RZI",
"my_custom_role",
]
}
}
},
{
"groupID": "group 2",
"mappings": {
"1": {
"roles": [
"another_role",
]
}
}
}
],
"total": 2
}
]
```
Status Codes:
- **200** - Ok
- **400** - Bad request
- **401** - Unauthorized
- **403** - Permission denied
- **500** - Internal server error
## Create group mappings
`POST /api/groupsync/groups/:groupID`
**Required permissions**
| Action | Scope |
| ------------------------ | ----- |
| groupsync.mappings:write | n/a |
**Example Request**:
```http
POST /api/groupsync/groups/my_group_id HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer glsa_kcVxDhZtu5ISOZIEt
{
"roles": [
"fixed_nzVQoNSDSn0fg1MDgO6XnZX2RZI",
"my_custom_role_uid"
]
}
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
{
"message": "Group mappings created."
}
```
Status Codes:
- **201** - Ok
- **400** - Bad request
- **401** - Unauthorized
- **403** - Permission denied
- **500** - Internal server error
## Update group mappings
`PUT /api/groupsync/groups/:groupID`
This endpoint will replace the existing mappings for the group with the new mappings provided in the request.
**Required permissions**
| Action | Scope |
| ------------------------ | ----- |
| groupsync.mappings:write | n/a |
**Example Request**:
```http
PUT /api/groupsync/groups/my_group_id HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer glsa_kcVxDhZtu5ISOZIEt
{
"roles": [
"fixed_nzVQoNSDSn0fg1MDgO6XnZX2RZI",
"my_custom_role_uid"
]
}
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
{
"message": "Group mappings set."
}
```
Status Codes:
- **201** - Ok
- **400** - Bad request
- **401** - Unauthorized
- **403** - Permission denied
- **500** - Internal server error
## Remove group mappings
`DELETE /api/groupsync/groups/:groupID`
**Required permissions**
| Action | Scope |
| ------------------------ | ----- |
| groupsync.mappings:write | n/a |
**Example Request**:
```http
DELETE /api/groupsync/groups/my_group_id HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer glsa_kcVxDhZtu5ISOZIEt
```
Status Codes:
- **204** - Ok
- **400** - Bad request
- **401** - Unauthorized
- **403** - Permission denied
- **500** - Internal server error