Vince Live’s user interface does not yet support configuring DENY actions on Roles. Work is in progress for this.

For now it is possible to use APIs to configure DENY action on various resources.

Get an Id Token

Either set up an API Client or Open Devtools (F12) in your browser

Untitled

Copy the Id Token into Postman as Bearer token.

Listing Roles

To list existing roles, use GET <https://api.vince.live/roles>

Getting a Role

With the roleId use GET <https://api.vince.live/roles/{roleId}>

Output will look something like this:

{
    "active": false,
    "modified": "2023-12-08T09:27:51.035Z",
    "roleName": "test role01",
    "permissions": [
        {
            "action": "READ",
            "vrn": "vrn:TENANT-6f2470d3676d4ad1930a50e1107b485b:fnd:environment:Developemnt"
        },
        {
            "action": "*",
            "vrn": "vrn:TENANT-6f2470d3676d4ad1930a50e1107b485b:customtables:meta:demotablekk1"
        },
        {
            "action": "*",
            "vrn": "vrn:TENANT-6f2470d3676d4ad1930a50e1107b485b:fnd:workflow:CodeStep"
        }
    ],
    "roleId": "ROLE-00a15ba3219a47c585c962d21deedb53",
    "entity": "Role",
    "description": "test role01",
    "tenantId": "TENANT-6f2470d3676d4ad1930a50e1107b485b",
    "created": "2023-12-08T09:27:51.035Z",
    "modifiedBy": "USER-790fe3a335074a19bd64dbdea82e91eb"
}

Updating a Role with DENY action

We recommend doing the following steps:

  1. In the UI, set a permission with READ action, such as the above example for resource fnd:environment:Development