Permissions | ArcGIS REST APIs

URL:: https://<root>/services/permissions
Methods:: GET
Operations:: Add, Clean, Has child Permissions Conflict
Version Introduced:: 10.1

Access requirements

Required privileges

The Sever Administrator API requires privilege-based access. An administrator must be assigned a specific user privilege, or role, to access any given endpoint. Listed below are the user privileges or roles an administrator can be assigned that provides access to this endpoint. If multiple privileges are listed, only one needs to be assigned to gain access.

Register data stores Feature layer Update Delete Security and infrastructure Servers Organization webhooks Geoprocessing Publisher role

Note that administrators assigned a custom role must also have the administrative View all content privilege assigned to them to access the API directory as an administrator. Additonally, any custom roles that include a webhook-related privilege must also include the general Publish server-based layers content privilege.

Tokens

This API requires token-based authentication. A token is automatically generated for administrators who sign in to the Server Administrator API directory's HTML interface. Tokens generated in this way are stored for the entirety of the session.

Those accessing the API directory outside of the HTML interface will need to acquire a session token from the generateToken operation in the Portal Directory API. For security reasons, all POST requests made to the Server Administrator API must include a token in the request body.

Learn how to generate a token

Description

The permissions resource models the permissions on the given folder or service. Permissions are access privileges that are assigned to roles (principals) by the service administrator to provide a role-based access control.

ArcGIS Server implements the Continuous Inheritance Model, under which a resource (such as a folder or service) inherits the permissions of its parent resource during creation, but these permissions can be changed at a later time.

Permissions are assigned to roles using the Add Permission operation. To purge all the permissions that have been assigned to a role, you can use the Clean Permissions operation. This operation is useful if the role is to be deleted from the role store.

Request parameters

Parameter	Details
`f`	The response format. The default response format is `html`. Values: `html` \| `json` \| `pjson`

Example usage

The following is a sample POST request for the permissions resource:

Use dark colors for code blocksCopy
https://organization.example.com/<context>/admin/services/Maps/Test.MapServer/permissions?f=pjson

JSON Response syntax

Use dark colors for code blocksCopy
{
  "permissions": [<permission1>, <permission2>]
}

JSON Response example

Use dark colors for code blocksCopy
{
  "permissions": [
    {
      "principal": "Analysts",
      "permission": {
        "isAllowed": true
        "constraint": ""
      },
      "childURL": "",
      "operation": ""
    },
    {
      "principal": "Technicians",
      "permission": {
        "isAllowed": false
        "constraint": ""
      },
      "childURL": "",
      "operation": ""
    }
  ]
}