User Role Inheritance API

Watch

Save as PDF

Share this page

Feedback

API implementation and reference

HomeYokohama API ReferenceAPI implementation and referenceAPI referenceREST API referenceUser Role Inheritance API

Table of Contents

User Role Inheritance API

Release version:
Yokohama
Xanadu
Washington DC
Vancouver
UpdatedJan 30, 2025
2 minutes to read

Yokohama
API reference

The User Role Inheritance API provides endpoints that allow you to see the roles that a specific user inherited.

This API requires the Contextual Security: Role Management V2 REST API (com.glide.role_management.inh_count.rest_api) plugin, automatically activated on new instances starting with the Jakarta release, or the Contextual Security: Role Management Enhancements REST API plugin, automatically activated starting with the Geneva release. The Contextual Security: Role Management V2 REST API is dependent on the Contextual Security: Role Management V2 (com.glide.role_management.inh_count) plugin.

A user’s role can be directly granted, inherited from other roles, or inherited from groups. You must have the user_admin role to access this API.

User Role Inheritance - GET /global/user_role_inheritance

Returns a specified user's granted and inherited roles.

URL format

Versioned URL: /api/global/{api_version}/user_role_inheritance

Default URL: /api/global/user_role_inheritance

Note: Available versions are specified in the REST API Explorer. For scripted REST APIs there is additional version information on the Scripted REST Service form.

Supported request parameters

Table 1. Path parameters
Name	Description
api_version	Optional. Version of the endpoint to access. For example, `v1` or `v2`. Only specify this value to use an endpoint version other than the latest. Data type: String

Table 2. Query parameters
Name	Description
user_sysid	Required. Sys_id of the user for which to return role information.

Table 3. Request body parameters (XML or JSON)
Name	Description
None

Headers

The following request and response headers apply to this HTTP action only, or apply to this action in a distinct way. For a list of general headers used in the REST API, see Supported REST API headers.

Table 4. Request headers
Header	Description
Accept	Data format of the response body. Supported types: application/json or application/xml. Default: application/json

Table 5. Response headers
Header	Description
None

Status codes

The following status codes apply to this HTTP action. For a list of possible status codes used in the REST API, see REST API HTTP response codes.

Search:

Table 6. Status codes
Status code	Description
200	Successful. The request was successfully processed.
400	Bad Request. A bad request type or malformed request was detected.
401	Unauthorized. The user credentials are incorrect or have not been passed.
404	Not found. The requested item wasn't found.
500	Internal server error. An unexpected error occurred while processing the request. The response contains additional information about the error.

Response body parameters (JSON or XML)


Name	Description
from_group	List of roles that are inherited from groups that have roles. Data type: Array
from_role	List of roles that are either granted directly or inherited from other roles. Data type: Array
user_name	Full name of user. Data type: String

Example: Sample cURL request

curl "https://instance.service-now.com/api/global/user_role_inheritance?user_sysid=62826bf03710200044e0bfc8bcbe5df1" \
--request GET \
--header "Accept:application/json" \
--user "username":"password"

{
  "result": {
    "user_name": "abel.tuter",
    "from_group": [
      "[Azure Operators]/sn_azure.operator",
      "[Azure Operators]/sn_azure.operator/sn_azure.user"
    ],
    "from_role": [
      "/snc_internal",
      "/cloud_user",
      "/cloud_user/pa_viewer",
      "/cloud_user/sn_azure.user",
      "/cloud_user/aws_user"
    ]
  }
}

Yokohama API Reference

Filters

Versions

Products