Morpheus API - Delete a Role for a Tenant not available?

kai.nunnemann · April 25, 2024, 8:25am

We are using a Python Script to create Sub-Tenants automatically and can already create anything we need with calls through the Morpheus API. So we call “Create role”, “Create a Tenant”, “Create a User for a Tenant” and “Create a Group for a Subtenant” and that results in a perfect new Tenant setup.

While using “Create role” we need to set “Multitenant Role” to one of two roles we create (that is, we create a specific Tenant Admin Role and a Tenant Admin User Role for this specific Tenant, and the later role needs to be set to “Multitenant Role” in our eyes to get the Role into the newly created Tenant).

Unfortunately, with this setting the Multitenant Role will be populated in every Tenant and not only the newly created. Okay, this works as designed … since this is a Multitenant Role. But we would like to have only the specific Roles at the specific Tenants, hence we need to delete the newly created Role in all Tenants but the newly created.

Since we would like to automate that in the same Python Script we use, we are missing the Morpheus API call “Delete a Role for a Tenant”. Is this intentional - is there any reason not to be able to delete specific roles within a Sub-Tenant from the Master Tenant automatically through the Morpheus API? Or is there a way to do that and we only do not see it? Any help would be appreciated.

vsenthilkarasu · April 25, 2024, 10:05am

Hi Kai,

To determine the user role available for a specific subtenant and subsequently delete a selected role, you can utilize the Morpheus API endpoints outlined below:

**Fetch Available User Roles:**To retrieve a list of roles that can be assigned to a user within the subtenant, you can use the following API endpoint:List Available User Roles EndpointThis endpoint requires the subtenant ID to query the roles inherited from the master tenant’s multi-tenant configuration.
**Delete a Role:**Once you have queried the available roles and identified the role you wish to delete, you can proceed with the deletion using the following API endpoint:Delete Role EndpointEnsure that you provide the appropriate parameters, including the role ID or other identifiers required to specify the role you intend to delete.

Thanks
Velan

kai.nunnemann · April 26, 2024, 10:07am

Hi Velan,

Thank you for your answer and the concrete information about API Endpoints. That helps me making progress, although I am still not done completely yet. Perhaps I need to think over some general concepts and the results of them. A good start beside your information is this:

https://support.morpheusdata.com/s/article/Multi-tenant-User-Roles-Explained

The explanation gives me some more insides and how to move on. You gave the first impulse …

Thanks,
Kai

Topic		Replies	Views
Feature to prevent multitenant roles from being deleted Ideas roles , open	0	13	August 28, 2024
Enable / Disabling of Roles from Master Tenant Ideas roles , open	2	254	June 1, 2023
Allow force deletion of roles in-spite of user-assignment Ideas roles , open	2	21	August 21, 2024
How to disable all the resources in a sub-tenant by Disabled a sub-tenant Administration instances , tenants	2	21	December 11, 2024
Role permissions to only allow user impersonation on the subtenants users Ideas roles , open , impersonation	7	415	March 13, 2024

Morpheus API - Delete a Role for a Tenant not available?

Related topics