Grant User Role

Audience: Business Users
Skill Prerequisites: Permission Scheme

Typical Use Cases

  • Assign roles to new users on registration
  • Give access to resources for specific users
  • Temporary give access to users

Related Actions

Action NameDescription
Load UsersCan be used to grant roles to a single user or to a list of users.
User RegistrationCan be used to grant roles to a newly created user.

Input Parameter Reference

ParameterDescriptionSupports TokensDefaultRequired
RoleSelect the security role to grant from a list with all the roles in the application. RoleId can also be used as input. If the user already has the role, it will be removed from it and then regranted.YesNot selectedYes
Other Role NamesFreely input the role identifiers you want to grant. Multiple roles are separated by a comma or semicolon. The role identifier can be a role name or a role ID.YesEmpty stringNo
Role ValiditySet a validity period to the granted role. The validity period can be done: for a number of days, date interval with or without tokens. There is also an option to extend a role validity period for users that already has the role. This option will extend the expiration date by the number of extension days set.
When the validity period will expire, the user will not have the permissions of that role anymore.
NoNot selectedNo

Examples

Note

If a role is deleted, it will simply be revoked from any user that has it.

1. Grant a User Role

The action below register a new user and grants it the '[Citizen Developers]' Role. If the user exists and already has the role, nothing will happen. Import it into your application to see it in action.

{
"Title": "Execute Actions",
"ActionType": "ExecuteActions",
"Description": "Grant the Citizen Developers role to testuser",
"Condition": null,
"Parameters": {
"ActionList": [
{
"Id": -1,
"$_uid": "action15918664760486108",
"Parameters": {
"UsernameField": {
"Expression": "testuser",
"Value": "",
"IsExpression": true
},
"RegisterWithEmail": "",
"PasswordField": {
"Expression": "testpassword",
"Value": "",
"IsExpression": true
},
"RandomPass": "",
"EmailField": {
"Expression": "",
"Value": "",
"IsExpression": false
},
"FirstName": {
"Expression": "",
"Value": "",
"IsExpression": false
},
"LastName": {
"Expression": "",
"Value": "",
"IsExpression": false
},
"SendDnnMail": "",
"LoginIfExists": "",
"Authorization": {
"Expression": "",
"Value": "Authorize",
"IsExpression": false,
"Parameters": {}
}
},
"ActionType": "UserManagement_UserRegistration",
"$_isOpen": false,
"$_isLoaded": true,
"$_isFocus": true,
"Definition": {
"IsClientAction": false,
"Settings": {
"Group": "User Management"
}
}
},
{
"Id": -1,
"$_uid": "action15918664760483872",
"Parameters": {
"RoleId": {
"Expression": "",
"Value": "6",
"IsExpression": false,
"Parameters": {}
},
"RoleNames": "",
"DateSelectionMode": {
"Expression": "",
"IsExpression": false,
"Parameters": {}
},
"ExtensionDays": "",
"StartDate": {
"Date": ""
},
"StartDateToken": "",
"ExpireDate": {
"Date": ""
},
"ExpireDateToken": "",
"RoleExpiration": ""
},
"ActionType": "GrantUserRole",
"$_isOpen": false,
"$_isLoaded": true,
"$_isFocus": true,
"Definition": {
"IsClientAction": false,
"Settings": {
"Group": "User"
}
}
}
]
}
}

2. Grant a User Role for a period of time

The action below register a new user and grants it the '[Citizen Developers]' Role just for 30 days. If the user exists already, the old validity period will reset. For example if the user has only 20 days left, it will have again 30 days left after the action is executed. Import it into your application to see it in action.

{
"Title": "Execute Actions",
"ActionType": "ExecuteActions",
"Description": "Grant the Citizen Developers role for 30 days to testuser",
"Condition": null,
"Parameters": {
"ActionList": [
{
"Id": -1,
"$_uid": "action15918671753468384",
"Parameters": {
"UsernameField": {
"Expression": "testuser",
"Value": "",
"IsExpression": true
},
"RegisterWithEmail": "",
"PasswordField": {
"Expression": "testpassword",
"Value": "",
"IsExpression": true
},
"RandomPass": "",
"EmailField": {
"Expression": "",
"Value": "",
"IsExpression": false
},
"FirstName": {
"Expression": "",
"Value": "",
"IsExpression": false
},
"LastName": {
"Expression": "",
"Value": "",
"IsExpression": false
},
"SendDnnMail": "",
"LoginIfExists": "",
"Authorization": {
"Expression": "",
"Value": "Authorize",
"IsExpression": false,
"Parameters": {}
}
},
"ActionType": "UserManagement_UserRegistration",
"$_isOpen": false,
"$_isLoaded": true,
"$_isFocus": true,
"Definition": {
"IsClientAction": false,
"Settings": {
"Group": "User Management"
}
}
},
{
"Id": -1,
"$_uid": "action15918671753464006",
"Parameters": {
"RoleId": {
"Expression": "",
"Value": "6",
"IsExpression": false,
"Parameters": {}
},
"RoleNames": "",
"DateSelectionMode": {
"Expression": "",
"IsExpression": false,
"Parameters": {},
"Value": "DateWithOffset"
},
"ExtensionDays": "",
"StartDate": {
"Date": ""
},
"StartDateToken": "",
"ExpireDate": {
"Date": ""
},
"ExpireDateToken": "",
"RoleExpiration": "30"
},
"ActionType": "GrantUserRole",
"$_isOpen": false,
"$_isLoaded": true,
"$_isFocus": true,
"Definition": {
"IsClientAction": false,
"Settings": {
"Group": "User"
}
}
}
]
}
}
Last updated on by Patrick Anderson