Get role mappings API

edit

Retrieves role mappings.

Request

edit

GET /_security/role_mapping

GET /_security/role_mapping/<name>

Description

edit

Role mappings define which roles are assigned to each user. For more information, see Mapping users and groups to roles.

Path Parameters

edit
name
(string) The distinct name that identifies the role mapping. The name is used solely as an identifier to facilitate interaction via the API; it does not affect the behavior of the mapping in any way. You can specify multiple mapping names as a comma-separated list. If you do not specify this parameter, the API returns information about all role mappings.

Results

edit

A successful call retrieves an object, where the keys are the names of the request mappings, and the values are the JSON representation of those mappings. For more information, see Role mapping resources.

If there is no mapping with the requested name, the response will have status code 404.

Authorization

edit

To use this API, you must have at least the manage_security cluster privilege.

Examples

edit

The following example retrieves information about the mapping1 role mapping:

GET /_security/role_mapping/mapping1
{
  "mapping1": {
    "enabled": true,
    "roles": [
      "user"
    ],
    "rules": {
      "field": {
        "username": "*"
      }
    },
    "metadata": {}
  }
}