Get role mappings | Elasticsearch API (v8)

Get role mappings Added in 5.5.0

GET /_security/role_mapping

Role mappings define which roles are assigned to each user. The role mapping APIs are generally the preferred way to manage role mappings rather than using role mapping files. The get role mappings API cannot retrieve role mappings that are defined in role mapping files.

External documentation

Responses

200 application/json
Hide response attribute Show response attribute object
- * object Additional properties
  
  Additional properties are allowed.
  
  Hide * attributes Show * attributes object
  
  enabled boolean Required
  
  metadata object Required
  
  Hide metadata attribute Show metadata attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  roles array[string]
  
  role_templates array[object]
  
  Hide role_templates attributes Show role_templates attributes object
  
  format string
  
  Values are string or json.
  
  template object Required
  
  Additional properties are allowed.
  
  Hide template attributes Show template attributes object
  
  source string
  
  The script source.
  
  id string
  
  params object
  
  Specifies any named parameters that are passed into the script as variables. Use parameters instead of hard-coded values to decrease compile time.
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  lang string
  
  Any of:
  _types:ScriptLanguage string _types:ScriptLanguage string
  
  Values are painless, expression, mustache, or java.
  
  options object
  
  Hide options attribute Show options attribute object
  
  * string Additional properties
  
  rules object Required
  
  Additional properties are allowed.
  
  Hide rules attributes Show rules attributes object
  
  any array[object]
  
  Additional properties are allowed.
  
  all array[object]
  
  Additional properties are allowed.
  
  field object
  
  Additional properties are allowed.
  
  Hide field attributes Show field attributes object
  
  username string | array[string]
  
  dn string | array[string]
  
  groups string | array[string]
  
  except object
  
  Additional properties are allowed.

GET /_security/role_mapping

curl \
 -X GET http://api.example.com/_security/role_mapping

Response examples (200)

{
  "additionalProperty1": {
    "enabled": true,
    "metadata": {
      "additionalProperty1": {},
      "additionalProperty2": {}
    },
    "roles": [
      "string"
    ],
    "role_templates": [
      {
        "format": "string",
        "template": {
          "source": "string",
          "id": "string",
          "params": {
            "additionalProperty1": {},
            "additionalProperty2": {}
          },
          "": "painless",
          "options": {
            "additionalProperty1": "string",
            "additionalProperty2": "string"
          }
        }
      }
    ],
    "rules": {
      "any": [
        {}
      ],
      "all": [
        {}
      ],
      "field": {
        "username": "string",
        "dn": "string",
        "groups": "string"
      },
      "except": {}
    }
  },
  "additionalProperty2": {
    "enabled": true,
    "metadata": {
      "additionalProperty1": {},
      "additionalProperty2": {}
    },
    "roles": [
      "string"
    ],
    "role_templates": [
      {
        "format": "string",
        "template": {
          "source": "string",
          "id": "string",
          "params": {
            "additionalProperty1": {},
            "additionalProperty2": {}
          },
          "": "painless",
          "options": {
            "additionalProperty1": "string",
            "additionalProperty2": "string"
          }
        }
      }
    ],
    "rules": {
      "any": [
        {}
      ],
      "all": [
        {}
      ],
      "field": {
        "username": "string",
        "dn": "string",
        "groups": "string"
      },
      "except": {}
    }
  }
}

Get role mappings Added in 5.5.0

Responses

lang string