« Get builtin privileges API Get roles API »
Elastic Docs Elasticsearch Guide [8.15] REST APIs Security APIs

Get role mappings API

edit

Get role mappings API

edit

Retrieves role mappings.

Request

edit

GET /_security/role_mapping

GET /_security/role_mapping/<name>

Prerequisites

edit
  • To use this API, you must have at least the read_security cluster privilege.

Description

edit

Role mappings define which roles are assigned to each user. For more information, see Mapping users and groups to roles.

The role mapping APIs are generally the preferred way to manage role mappings rather than using role mapping files. The get role mappings API cannot retrieve role mappings that are defined in role mapping files.

Path parameters

edit
name
(Optional, string) The distinct name that identifies the role mapping. The name is used solely as an identifier to facilitate interaction via the API; it does not affect the behavior of the mapping in any way. You can specify multiple mapping names as a comma-separated list. If you do not specify this parameter, the API returns information about all role mappings.

Response body

edit

A successful call retrieves an object, where the keys are the names of the request mappings, and the values are the JSON representation of those mappings. For more information, see Role mapping resources.

Response codes

edit

If there is no mapping with the requested name, the response will have status code 404.

Examples

edit

The following example retrieves information about the mapping1 role mapping:

resp = client.security.get_role_mapping(
    name="mapping1",
)
print(resp)
const response = await client.security.getRoleMapping({
  name: "mapping1",
});
console.log(response);
GET /_security/role_mapping/mapping1
{
  "mapping1": {
    "enabled": true,
    "roles": [
      "user"
    ],
    "rules": {
      "field": {
        "username": "*"
      }
    },
    "metadata": {}
  }
}
« Get builtin privileges API Get roles API »