RBAC Service
Port 11025 · 49 endpoints · micro-services/rbac-service/
RBAC - Approval
| Method | Path | Summary | |
| GET | /admin/approval-requests | List Approval Requests | detail → |
| POST | /admin/approval-requests/{request_id}/approve | Approve Approval Request | detail → |
| POST | /admin/approval-requests/{request_id}/reject | Reject Approval Request | detail → |
| POST | /admin/roles/{role_id}/approval-requests | Request Role Change Approval | detail → |
RBAC - Internal Interfaces
| Method | Path | Summary | |
| POST | /internal/rbac/erase-user | Internal GDPR erasure | detail → |
RBAC - Permission
| Method | Path | Summary | |
| GET | /admin/permissions | List Permissions | detail → |
| POST | /admin/permissions | Create Permission | detail → |
| POST | /admin/permissions/simulate | Permission Simulation / Check | detail → |
| DELETE | /admin/permissions/{permission_id} | Delete Permission | detail → |
| GET | /admin/permissions/{permission_id} | Get Permission Details | detail → |
| PUT | /admin/permissions/{permission_id} | Update Permission | detail → |
| GET | /admin/permissions/{permission_id}/roles | Get Roles with Permission | detail → |
| GET | /admin/permissions/{permission_id}/users | Get Users with Permission | detail → |
RBAC - Permissions
| Method | Path | Summary | |
| POST | /internal/rbac/check-permission | Check user permission (internal service call) | detail → |
RBAC - Role
| Method | Path | Summary | |
| GET | /admin/roles | List Roles | detail → |
| POST | /admin/roles | Create Role | detail → |
| DELETE | /admin/roles/batch/permissions | Batch Revoke Permissions | detail → |
| POST | /admin/roles/batch/permissions | Batch Assign Permissions | detail → |
| GET | /admin/roles/defaults | List Default Roles | detail → |
| POST | /admin/roles/defaults | Add Tenant Default Role | detail → |
| DELETE | /admin/roles/defaults/{role_id} | Remove Default Role | detail → |
| DELETE | /admin/roles/{role_id} | Delete Role | detail → |
| GET | /admin/roles/{role_id} | Get Role Details | detail → |
| PUT | /admin/roles/{role_id} | Update Role | detail → |
| GET | /admin/roles/{role_id}/children | Get Child Roles | detail → |
| POST | /admin/roles/{role_id}/children | Add Child Role | detail → |
| DELETE | /admin/roles/{role_id}/children/{child_id} | Remove Child Role | detail → |
| POST | /admin/roles/{role_id}/clone | Clone Role | detail → |
| GET | /admin/roles/{role_id}/effective-permissions | Get Role Effective Permissions | detail → |
| GET | /admin/roles/{role_id}/parents | Get Ancestor Role Chain | detail → |
| DELETE | /admin/roles/{role_id}/permissions | Revoke Permissions from Role | detail → |
| GET | /admin/roles/{role_id}/permissions | Get Role Direct Permissions | detail → |
| POST | /admin/roles/{role_id}/permissions | Assign Permissions to Role | detail → |
| GET | /admin/roles/{role_id}/users | Get Users with Role | detail → |
RBAC - Roles
| Method | Path | Summary | |
| POST | /internal/rbac/bootstrap-admin | Bootstrap admin role | detail → |
RBAC - SoD
| Method | Path | Summary | |
| GET | /admin/roles/conflict-pairs | List SoD Conflict Pairs | detail → |
| POST | /admin/roles/conflict-pairs | Create SoD Conflict Pair | detail → |
| DELETE | /admin/roles/conflict-pairs/{pair_id} | Delete SoD Conflict Pair | detail → |
| POST | /admin/users/{user_id}/roles/validate | Validate user role conflicts | detail → |
RBAC - User Role
| Method | Path | Summary | |
| DELETE | /admin/users/batch/roles | Batch Remove Roles | detail → |
| POST | /admin/users/batch/roles | Batch Assign Roles | detail → |
| GET | /admin/users/{user_id}/permissions | Get User Effective Permissions | detail → |
| POST | /admin/users/{user_id}/permissions | Assign direct permissions to a user | detail → |
RBAC - User Roles
| Method | Path | Summary | |
| DELETE | /admin/users/{user_id}/permissions | Revoke direct permissions from a user | detail → |
| DELETE | /admin/users/{user_id}/roles | Remove user roles | detail → |
| GET | /admin/users/{user_id}/roles | List user roles | detail → |
| POST | /admin/users/{user_id}/roles | Assign roles to a user | detail → |
| POST | /auth/check-permission | Check user permission (user side) | detail → |
| POST | /auth/check-role | Check user role (user side) | detail → |