Granting full access to a user on a workspace - Cloud

Talend Cloud APIs User Guide
Version
Cloud
Language
English
Product
Talend Cloud
Module
Talend API Designer
Talend API Tester
Talend Data Preparation
Talend Data Stewardship
Talend Management Console
Content
Design and Development > Designing APIs
Design and Development > Testing APIs
Last publication date
2023-11-13

Before you begin

  • You must have Environment Administrator role in Talend Cloud Management Console.
  • You must know the IDs of the workspace and user for which your are setting the permissions.

About this task

You can access the Management Console API via this link. You'll find a list of the URLs corresponding to each data center in Talend Cloud regions and URLs.

Procedure

  1. Use the GET orchestration/workspaces endpoint to retrieve the ID of the workspace you are setting the permissions for.
    You can narrow the search to a single environment by using the query=environment.name=={environmentName} query parameter.

    Example

    GET https://api.us.cloud.talend.com/orchestration/workspaces?query=environment.name==default
  2. Use the GET /v1/management/users endpoint to retrieve the ID of the user you want to set the permissions for.

    Example

    GET https://api.us.cloud.talend.com/account/users?page=1&size=50
  3. If the user already has a permission on workspace, use the PUT security/workspaces/{workspaceId}/users/{userId}/permissions endpoint and add the permissions (["AUTHOR", "EXECUTE", "MANAGE", "PUBLISH", "VIEW"]) in the body of the request.

    Example

    PUT https://api.us.cloud.talend.com/security/workspaces/7a35e78eaea645620e47f826/users/d13404b5-e9nc-4g5f-9904-a5f0dc287fb0/permissions
["AUTHOR", "EXECUTE", "MANAGE", "PUBLISH", "VIEW"]
    Note: When a user account has the TMC_ENGINE_USE user permission, this account can be granted the EXECUTE and the VIEW workspace permissions only. This combination allows users that do not have the Operator role to use Remote Engines to run tasks without having to consume a seat.
  4. If the user does not have any permissions on the workspace, use the POST /security/workspaces/{workspaceId}/users/{userId}/permissions endpoint and add the permissions (["AUTHOR", "EXECUTE", "MANAGE", "PUBLISH", "VIEW"] in body of the request.

    Example

    POST https://api.us.cloud.talend.com/security/workspaces/7a35e78eaea645620e47f826/users/d13404b5-e9nc-4g5f-9904-a5f0dc287fb0/permissions
["AUTHOR", "EXECUTE", "MANAGE", "PUBLISH", "VIEW"]
    Note: When a user account has the TMC_ENGINE_USE user permission, this account can be granted the EXECUTE and the VIEW workspace permissions only. This combination allows users that do not have the Operator role to use Remote Engines to run tasks without having to consume a seat.
  5. Use the GET /security/workspaces/{workspaceId}/users/{userId}/permissions endpoint to validate the update.

    Example

    GET https://api.us.cloud.talend.com/security/workspaces/7a35e78eaea645620e47f826/users/d13404b5-e9nc-4g5f-9904-a5f0dc287fb0/permissions
    The response body should contain the workspace ID, and all assigned permissions.
    "workspaceId": "7a35e78eaea645620e47f826",
"userId": "d13404b5-e9nc-4g5f-9904-a5f0dc287fb0",
"permissions":["AUTHOR", "EXECUTE", "MANAGE", "PUBLISH", "VIEW"]