Morpheus API - Delete a Role for a Tenant not available?

kai.nunnemann · April 25, 2024, 8:25am

We are using a Python Script to create Sub-Tenants automatically and can already create anything we need with calls through the Morpheus API. So we call “Create role”, “Create a Tenant”, “Create a User for a Tenant” and “Create a Group for a Subtenant” and that results in a perfect new Tenant setup.

While using “Create role” we need to set “Multitenant Role” to one of two roles we create (that is, we create a specific Tenant Admin Role and a Tenant Admin User Role for this specific Tenant, and the later role needs to be set to “Multitenant Role” in our eyes to get the Role into the newly created Tenant).

Unfortunately, with this setting the Multitenant Role will be populated in every Tenant and not only the newly created. Okay, this works as designed … since this is a Multitenant Role. But we would like to have only the specific Roles at the specific Tenants, hence we need to delete the newly created Role in all Tenants but the newly created.

Since we would like to automate that in the same Python Script we use, we are missing the Morpheus API call “Delete a Role for a Tenant”. Is this intentional - is there any reason not to be able to delete specific roles within a Sub-Tenant from the Master Tenant automatically through the Morpheus API? Or is there a way to do that and we only do not see it? Any help would be appreciated.

vsenthilkarasu · April 25, 2024, 10:05am

Hi Kai,

To determine the user role available for a specific subtenant and subsequently delete a selected role, you can utilize the Morpheus API endpoints outlined below:

**Fetch Available User Roles:**To retrieve a list of roles that can be assigned to a user within the subtenant, you can use the following API endpoint:List Available User Roles EndpointThis endpoint requires the subtenant ID to query the roles inherited from the master tenant’s multi-tenant configuration.
**Delete a Role:**Once you have queried the available roles and identified the role you wish to delete, you can proceed with the deletion using the following API endpoint:Delete Role EndpointEnsure that you provide the appropriate parameters, including the role ID or other identifiers required to specify the role you intend to delete.

Thanks
Velan

kai.nunnemann · April 26, 2024, 10:07am

Hi Velan,

Thank you for your answer and the concrete information about API Endpoints. That helps me making progress, although I am still not done completely yet. Perhaps I need to think over some general concepts and the results of them. A good start beside your information is this:

https://support.morpheusdata.com/s/article/Multi-tenant-User-Roles-Explained

The explanation gives me some more insides and how to move on. You gave the first impulse …

Thanks,
Kai

Topic		Replies	Views
Enable / Disabling of Roles from Master Tenant Ideas roles , open	2	252	June 1, 2023
Role permissions to only allow user impersonation on the subtenants users Ideas roles , open	7	402	March 13, 2024
Exception: Tenant base role not found Administration roles , database	2	290	February 22, 2023
Library -> Templates option is not vissible Automation/IaC ui	5	262	July 20, 2022
Minimum permission for a user to call API endpoint gettenant? API/CLI tenants , api	2	52	June 10, 2024

Morpheus API - Delete a Role for a Tenant not available?

Related Topics