ProductsDownload Community Edition

Roles

delete

Deletes a role.

Authorizations
AuthorizationstringRequired

The bearer token can be obtained by creating a ServiceAccount.

Path parameters
namestringRequired
Responses
delete
/v1/roles/{name}
DELETE /api/v1/roles/{name} HTTP/1.1
Host: https:/.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

No content
patch

Updates a role.

Authorizations
AuthorizationstringRequired

The bearer token can be obtained by creating a ServiceAccount.

Path parameters
namestringRequired
Body

Updates a role. Absent fields are left untouched.

display_namestring · min: 1 · max: 150Optional

Updates the display name of the role.

Responses
patch
/v1/roles/{name}
PATCH /api/v1/roles/{name} HTTP/1.1
Host: https:/.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 145

{
  "display_name": "text",
  "policy": [
    {
      "action": "kafka:ListTopics",
      "resource": "text",
      "effect": "allow"
    }
  ],
  "metadata": {
    "ANY_ADDITIONAL_PROPERTY": "text"
  }
}
{
  "name": "text",
  "display_name": "text",
  "lrn": "text",
  "id": "text",
  "created_at": "2025-12-05T02:22:00.959Z",
  "policy": [
    {
      "action": "kafka:ListTopics",
      "resource": "text",
      "effect": "allow"
    }
  ],
  "metadata": {
    "ANY_ADDITIONAL_PROPERTY": "text"
  }
}
get

Returns a specific role.

Authorizations
AuthorizationstringRequired

The bearer token can be obtained by creating a ServiceAccount.

Path parameters
namestringRequired
Responses
get
/v1/roles/{name}
GET /api/v1/roles/{name} HTTP/1.1
Host: https:/.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "name": "text",
  "display_name": "text",
  "lrn": "text",
  "id": "text",
  "created_at": "2025-12-05T02:22:00.959Z",
  "policy": [
    {
      "action": "kafka:ListTopics",
      "resource": "text",
      "effect": "allow"
    }
  ],
  "metadata": {
    "ANY_ADDITIONAL_PROPERTY": "text"
  }
}
post

Creates a new role.

Authorizations
AuthorizationstringRequired

The bearer token can be obtained by creating a ServiceAccount.

Body

Contains the fields needed to create a role.

namestring · hq-resource-name · min: 1 · max: 63Required

Sets the unique name of the new role. It must be a valid HQ resource name: it can only contain lowercase alphanumeric characters or hyphens; hyphens cannot appear at the end or start; the length is 63 characters at most.

display_namestring · min: 1 · max: 150Optional

Sets the display name of the new role. If not provided, the value of "name" will be used.

Responses
post
/v1/roles
POST /api/v1/roles HTTP/1.1
Host: https:/.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 159

{
  "name": "text",
  "display_name": "text",
  "policy": [
    {
      "action": "kafka:ListTopics",
      "resource": "text",
      "effect": "allow"
    }
  ],
  "metadata": {
    "ANY_ADDITIONAL_PROPERTY": "text"
  }
}
{
  "name": "text",
  "display_name": "text",
  "lrn": "text",
  "id": "text",
  "created_at": "2025-12-05T02:22:00.959Z",
  "policy": [
    {
      "action": "kafka:ListTopics",
      "resource": "text",
      "effect": "allow"
    }
  ],
  "metadata": {
    "ANY_ADDITIONAL_PROPERTY": "text"
  }
}
get

Returns all roles.

Authorizations
AuthorizationstringRequired

The bearer token can be obtained by creating a ServiceAccount.

Responses
get
/v1/roles
GET /api/v1/roles HTTP/1.1
Host: https:/.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "items": [
    {
      "name": "text",
      "display_name": "text",
      "lrn": "text",
      "id": "text",
      "created_at": "2025-12-05T02:22:00.959Z",
      "policy_length": 1,
      "metadata": {
        "ANY_ADDITIONAL_PROPERTY": "text"
      }
    }
  ]
}
PreviousGroupsNextService Accounts

Last updated

Was this helpful?