Is there a definitive list of resource paths for setting custom roles?

I have not been able to find one and the docs for creating roles suggests looking at the management API reference to determine the resources that can be used to set permissions. This is a bit tedious to say the least.

So since there is no "official" list of all of the resources, I used the information on the reference page to create a single request that sets the "GET" permission on all resources. This can then be used as a starting point to create your own custom roles.

NOTES:

  • Even tho the document uses "/apis", the resource to set permissions is "/applications". The API can use both "/apis" and "/applications".
  • The following list is for free orgs, paid orgs can also set permission on: "/environments/*/virtualhosts/*/sslinfo".

This list of resource paths was generated from a script and has not been validated and not all work. For example, trying to set a permission on /applications/*/deployments results in a permission for an API proxy named: "deployments".

See the attached curl command curl-free.txt to execute but use at your own risk.

/analytics/groups/ax/*/scopes
/apiproducts
/apiproducts/*
/apiproducts/*/attributes
/apiproducts/*/attributes/*
/applications
/applications/*
/applications/*/deployments
/applications/*/keyvaluemaps
/applications/*/keyvaluemaps/*
/applications/*/keyvaluemaps/*/entries
/applications/*/keyvaluemaps/*/entries/*
/applications/*/keyvaluemaps/*/keys
/applications/*/maskconfigs
/applications/*/maskconfigs/*
/applications/*/revisions
/applications/*/revisions/*
/applications/*/revisions/*/deployments
/applications/*/revisions/*/keyvaluemaps
/applications/*/revisions/*/keyvaluemaps/*/entries
/applications/*/revisions/*/keyvaluemaps/*/entries/*
/applications/*/revisions/*/keyvaluemaps/*/keys
/applications/*/revisions/*/npm
/applications/*/revisions/*/policies
/applications/*/revisions/*/policies/*
/applications/*/revisions/*/resourcefiles
/applications/*/revisions/*/resourcefiles/*/*
/apps
/apps/*
/audits/organizations/*
/audits/organizations/*/apiproducts
/audits/organizations/*/apiproducts/*
/audits/organizations/*/applications
/audits/organizations/*/applications/*
/audits/organizations/*/developers
/audits/organizations/*/developers/*
/audits/organizations/*/developers/*/apps
/audits/organizations/*/developers/*/apps/*
/audits/users/*
/companies
/companies/*
/companies/*/appfamilies
/companies/*/appfamilies/*
/companies/*/appfamilies/*/apps/*
/companies/*/apps
/companies/*/apps/*
/companies/*/apps/*/keys/*
/companies/*/developers
/companies/*/developers/*
/deployments
/developers
/developers/*
/developers/*/appfamilies
/developers/*/appfamilies/*
/developers/*/appfamilies/*/apps/*
/developers/*/apps
/developers/*/apps/*
/developers/*/apps/*/attributes
/developers/*/apps/*/attributes/*
/developers/*/apps/*/keys/*
/developers/*/apps/*/keys/*/apiproducts/*
/developers/*/apps/*/keys/*/oauth1accesstokens
/developers/*/apps/*/keys/*/oauth2accesstokens
/developers/*/apps/*/keys/create
/developers/*/apps/*/oauth1accesstokens
/developers/*/apps/*/oauth2accesstokens
/developers/*/attributes
/developers/*/attributes/*
/environments/*/analytics/admin
/environments/*/applications/*/cachedlogs/categories
/environments/*/applications/*/cachedlogs/categories/nodejs
/environments/*/applications/*/deployments
/environments/*/applications/*/revisions/*/debugsessions
/environments/*/applications/*/revisions/*/debugsessions/*
/environments/*/applications/*/revisions/*/debugsessions/*/data
/environments/*/applications/*/revisions/*/debugsessions/*/data/*
/environments/*/applications/*/revisions/*/deployments
/environments/*/caches
/environments/*/caches/*
/environments/*/caches/*/entries
/environments/*/caches/*/entries/*
/environments/*/deployments
/environments/*/keystores
/environments/*/keystores/*
/environments/*/keystores/*/aliases
/environments/*/keystores/*/aliases/*
/environments/*/keystores/*/aliases/*
/environments/*/keystores/*/aliases/*/certificate
/environments/*/keystores/*/aliases/*/csr
/environments/*/keystores/*/certs
/environments/*/keystores/*/certs/*
/environments/*/keystores/*/certs/*/export
/environments/*/keystores/*/keys
/environments/*/keyvaluemaps
/environments/*/keyvaluemaps/*
/environments/*/keyvaluemaps/*/entries
/environments/*/keyvaluemaps/*/entries/*
/environments/*/keyvaluemaps/*/keys
/environments/*/references
/environments/*/references
/environments/*/references/*
/environments/*/resourcefiles
/environments/*/resourcefiles/*/*
/environments/*/stats/*
/environments/*/targetservers
/environments/*/targetservers/*
/environments/*/vaults
/environments/*/vaults/*
/environments/*/vaults/*/entries
/environments/*/vaults/*/entries/*
/keyvaluemaps
/keyvaluemaps/*
/keyvaluemaps/*/entries
/keyvaluemaps/*/entries/*
/keyvaluemaps/*/keys
/maskconfigs
/maskconfigs/*
/oauth1/accesstokens
/oauth1/accesstokens/*
/oauth1/requesttokens
/oauth1/requesttokens/*
/oauth1/verifiers
/oauth1/verifiers/*
/oauth2/accesstokens/*
/oauth2/authorizationcodes
/oauth2/authorizationcodes/*
/oauth2/refreshtokens/*
/oauth2/revoke
/oauth2/search
/organizations
/organizations/*
/reports
/reports/*
/resourcefiles
/resourcefiles/*/*
/stats/
/stats/preferences/reports/dailysummaryreport
/stats/preferences/reports/dailysummaryreport/users
/userroles
/userroles/*
/userroles/*/permissions
/userroles/*/permissions/*
/userroles/*/resourcepermissions
/userroles/*/users
/userroles/*/users/*
/users
/users/*
/vaults
/vaults/*
/vaults/*/entries
/vaults/*/entries/*

Hope this helps

4 3 1,019
3 REPLIES 3

Thanks, Kurt. We have an open doc ticket to cover this (67179647).

Hello Floyd,

Could you please let us know when this will be published officially on docs ??

Former Community Member
Not applicable

We are currently also defining custom roles with the necessary resource permissions - or at least we try to. Is there any progress on that documentation task? That would really help us.