POST Security Roles ID Copy

Documentation Suite v10.3

The POST /Security/Roles{id}/Copy method is used to copy an existing security role in Keyfactor Command to create a new security role. This method returns HTTP 200 OK on a success with the details of the new security role.

Tip: The following permissions (see Security Overview) are required to use this feature:

SecuritySettings: Modify

Table 481: POST Security Roles {id} Copy Input Parameters

Name

Description

Path

Required. The Keyfactor Command reference ID of the security role from which to copy role information.

Use the GET /Security/Roles method (see GET Security Roles) to retrieve a list of all the security roles to determine the role's ID.

role

Body

An array containing information about the new security role to create. Show role details.

Name	Description
Name	Required. A string containing the short reference name for the security role.
Description	Required. A string containing the description for the security role.

Table 482: POST Security Roles {id} Copy Response Data

Name

Description

An integer containing the Keyfactor Command identifier for the security role.

Name

A string containing the short reference name for the security role.

Description

A string containing the description for the security role.

Enabled

A Boolean that indicates whether the security role is enabled (true) or not (false). Security roles that have been disabled cannot be assigned to security identities. The default is true.

This is considered deprecated and may be removed in a future release.

Immutable

A Boolean that indicates whether the security role has been marked as editable (true) or not (false). Internal Keyfactor Command roles are not editable. This setting is reserved for Keyfactor Command internal use.

Valid

A Boolean that indicates whether the security role's audit XML is valid (true) or not (false). A security role may become invalid if Keyfactor Command determines that it appears to have been tampered with. This setting is not end-user configurable.

Private

A Boolean that indicates whether the security role has been marked private (true) or not (false). The default is false.

This is considered deprecated and may be removed in a future release.

Identities

An array containing information about the security identities assigned to the security role. Show identity details.

Name	Description
Id	An integer containing the Keyfactor Command identifier for the security identity.
AccountName	A string containing the account name for the security identity. For Active Directory users and groups, this will be in the form DOMAIN\\user or group name. For example: KEYEXAMPLE\\PKI Administrators
IdentityType	A string indicating the type of identity—User or Group.
SID	A string containing the security identifier from the source identity store (e.g. Active Directory) for the security identity.

Permissions

An object containing the permissions assigned to the role in a comma-separated list of Name:Value pairs.

For example:

"Permissions": [
   "AdminPortal:Read",
   "Dashboard:Read"
],

Tip: For code examples, see the Keyfactor API Endpoint Utility. To find the embedded web copy of this utility, click the help icon (

) at the top of the Keyfactor Command Management Portal page next to the Log Out button.

POST Security Roles ID Copy

Products

Solutions

Resources

Company