The changeUserAndGroupRolesForSearchDomain() GraphQL mutation field is used to change the user and group roles for a search domain.

For more information on roles in LogScale, see the Manage users & permissions documentation page. You may also want to look at Manage users & permissions for related information.

Syntax

Below is the syntax for the changeUserAndGroupRolesForSearchDomain() mutation field:

graphql
changeUserAndGroupRolesForSearchDomain(
      searchDomainId: string!
      groups: [GroupRoleAssignment!]!
      users: [UserRoleAssignment!]!
   ): [UserOrGroup!]!

Below is an example of how this mutation field might be used:

Raw
graphql
mutation {
  changeUserAndGroupRolesForSearchDomain(
      searchDomainId: "aK9GKAsTnMXfRxT8Fpecx3fX",
      groups: [ {groupId: "Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo", 
                 roleId: "8TKAG5afPxvPcqGJ8De8ccMeJSFiBckE"} ],
      users:  [ {userId: "DScDf7IpfDeykSYW1B7AU48p", 
                 roleId: "wZ5KEIUY7kRFYDxlQZCHB72VZnFGsmIB"} ] )
  {... on Group {displayName, userCount}
   ... on User {username} }
}
Mac OS or Linux (curl)
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  changeUserAndGroupRolesForSearchDomain(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\",
      groups: [ {groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\", 
                 roleId: \"8TKAG5afPxvPcqGJ8De8ccMeJSFiBckE\"} ],
      users:  [ {userId: \"DScDf7IpfDeykSYW1B7AU48p\", 
                 roleId: \"wZ5KEIUY7kRFYDxlQZCHB72VZnFGsmIB\"} ] )
  {... on Group {displayName, userCount}
   ... on User {username} }
}"
}
EOF
Mac OS or Linux (curl) One-line
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  changeUserAndGroupRolesForSearchDomain(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\",
      groups: [ {groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\", 
                 roleId: \"8TKAG5afPxvPcqGJ8De8ccMeJSFiBckE\"} ],
      users:  [ {userId: \"DScDf7IpfDeykSYW1B7AU48p\", 
                 roleId: \"wZ5KEIUY7kRFYDxlQZCHB72VZnFGsmIB\"} ] )
  {... on Group {displayName, userCount}
   ... on User {username} }
}"
}
EOF
Windows Cmd and curl
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  changeUserAndGroupRolesForSearchDomain( ^
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\", ^
      groups: [ {groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\",  ^
                 roleId: \"8TKAG5afPxvPcqGJ8De8ccMeJSFiBckE\"} ], ^
      users:  [ {userId: \"DScDf7IpfDeykSYW1B7AU48p\",  ^
                 roleId: \"wZ5KEIUY7kRFYDxlQZCHB72VZnFGsmIB\"} ] ) ^
  {... on Group {displayName, userCount} ^
   ... on User {username} } ^
}" ^
} '
Windows Powershell and curl
powershell
curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  changeUserAndGroupRolesForSearchDomain(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\",
      groups: [ {groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\", 
                 roleId: \"8TKAG5afPxvPcqGJ8De8ccMeJSFiBckE\"} ],
      users:  [ {userId: \"DScDf7IpfDeykSYW1B7AU48p\", 
                 roleId: \"wZ5KEIUY7kRFYDxlQZCHB72VZnFGsmIB\"} ] )
  {... on Group {displayName, userCount}
   ... on User {username} }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"
Perl
perl
#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $INGEST_TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $json = '{"query" : "mutation {
  changeUserAndGroupRolesForSearchDomain(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\",
      groups: [ {groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\", 
                 roleId: \"8TKAG5afPxvPcqGJ8De8ccMeJSFiBckE\"} ],
      users:  [ {userId: \"DScDf7IpfDeykSYW1B7AU48p\", 
                 roleId: \"wZ5KEIUY7kRFYDxlQZCHB72VZnFGsmIB\"} ] )
  {... on Group {displayName, userCount}
   ... on User {username} }
}"
}';
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";
Python
python
#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  changeUserAndGroupRolesForSearchDomain(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\",
      groups: [ {groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\", 
                 roleId: \"8TKAG5afPxvPcqGJ8De8ccMeJSFiBckE\"} ],
      users:  [ {userId: \"DScDf7IpfDeykSYW1B7AU48p\", 
                 roleId: \"wZ5KEIUY7kRFYDxlQZCHB72VZnFGsmIB\"} ] )
  {... on Group {displayName, userCount}
   ... on User {username} }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)
Node.js
javascript
const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  changeUserAndGroupRolesForSearchDomain(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\",
      groups: [ {groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\", 
                 roleId: \"8TKAG5afPxvPcqGJ8De8ccMeJSFiBckE\"} ],
      users:  [ {userId: \"DScDf7IpfDeykSYW1B7AU48p\", 
                 roleId: \"wZ5KEIUY7kRFYDxlQZCHB72VZnFGsmIB\"} ] )
  {... on Group {displayName, userCount}
   ... on User {username} }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL/graphql',
  path: '/graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();

Given Datatypes

For the input (i.e., GroupRoleAssignment), there are several parameters that may be given. Below is a list of them along with their datatypes and a description of each:

Table: GroupRoleAssignment

ParameterTypeRequiredDefaultDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Sep 18, 2024
groupIdstringyes The unique identifier for the group related to the role.
roleIdstringyes The unique identifier of the role.

Another special given parameter is the UserRoleAssignment data type. Below is a list of parameters for it, along with their datatypes and a description of each:

Table: UserRoleAssignment

ParameterTypeRequiredDefaultDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Sep 23, 2024
userIdstringyes The unique identifier of the user for which to assign the role.
roleIdstringyes The unique identifier for the role to assign.

Returned Datatypes

The returned results are sets of users and groups. This is a union between two other datatypes: group() and user(). The parameters for those are listed in the tables below:

Table: Group

ParameterTypeRequiredDefaultDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Nov 12, 2024
assetPermissionsmultipleyes Get asset permissions assigned to the group for the specific asset. The datatype consists of (assetId: string!, assetType: AssetPermissionsAssetType!, searchDomainId: string): AssetPermissionsForGroup!. See AssetPermissionsAssetType and AssetPermissionsForGroup.
defaultQueryPrefixstring  The default prefix for queries.
defaultRoleRole  The default role associated with the group. See Role.
defaultSearchDomainCountintegeryes The default search domain count.
displayNamestringyes The display name of the group.
idstringyes The identifier of the group.
lookupNamestring  The look-up name for the group.
organizationRoles[GroupOrganizationRole]yes The roles of the organization associated with the group. See GroupOrganizationRole.
permissionTypePermissionType  Indicates which level of permissions the group contains. See PermissionType.
queryPrefixes[QueryPrefixes]yes The query prefixes for the group. queryPrefixes(onlyIncludeRestrictiveQueryPrefixes: boolean, onlyForRoleWithId: string): [QueryPrefixes!]! See QueryPrefixes.
roles[SearchDomainRole]yes The roles for the group See SearchDomainRole.
searchAssetPermissionsmultipleyes Search for asset permissions for the group. This is a preview and subject to change. The datatype consists of (searchFilter: string, skip: integer, limit: integer, orderBy: OrderBy, sortBy: SortBy, assetTypes: [AssetPermissionsAssetType!], searchDomainIds: [string!], permissions: [AssetPermissionInputEnum!], includeUnassignedAssets: boolean): AssetPermissionSearchResultSet!. See AssetPermissionsAssetType AssetPermissionInputEnum, and AssetPermissionSearchResultSet.
searchDomainCountintegeryes The number of search domains for the group.
searchDomainRolesmultipleyes The search domain roles assigned to the group. The multiple datatype consists of (searchDomainId: string): [SearchDomainRole]. (seeSearchDomainRole).
searchDomainRolesByNamemultipleyes The search domain roles assigned to the group, by name. The multiple datatype consists of (searchDomainName: string): SearchDomainRole. See SearchDomainRole.
searchDomainRolesBySearchDomainNamestringyes The domain roles by search domain name. The datatype consists of (searchDomainName: string!): [SearchDomainRole!]. See SearchDomainRole.
searchUsersmultipleyes Used to search the list of users in the group. The datatype consists of (searchFilter: string, skip: integer, limit: integer, sortBy: OrderByUserField, orderBy: OrderBy): UserResultSetType!. See OrderByUserField, OrderBy, UserResultSetType.
systemRoles[GroupSystemRole]yes The system roles of the group (see GroupSystemRole Table).
userCountintegeryes The number of users that are part of the group.
users[User]yes The list of users in the group. See User.

Table: User

ParameterTypeRequiredDefaultDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
allowedOrganizationActions[OrganizationAction]yes Returns the actions the user is allowed to perform in the organization. See OrganizationAction.
allowedSystemActions[SystemAction]yes Returns the actions the user is allowed to perform in the system. See SystemAction Table.
assetPermissionsmultipleyes 

Get asset permissions assigned to the user for the specific asset. This is a preview and subject to change.

The multiple datatype consists of (assetId: string, assetType: AssetPermissionsAssetType, searchDomainId: string): AssetPermissionsForUser.

See AssetPermissionsAssetType and AssetPermissionsForUser.

companystring  The name of the company for the user account.
countryCodestring  The two-letter ISO 3166-1 Alpha-2 code for the country of residence (e.g., us).
createdAtdatetimeyes The data and time the account was created.
displayNamestringyes The value of the fullName if used, otherwise the username.
emailstring  The user account's email address for communications from LogScale.
firstNamestring  The user's actual first name (e.g., Bob). Don't use with fullName.
fullNamestring  The user's full name (e.g., Bob Smith). Don't use if using other name parameters.
group[Group]yes The groups of which the user is a member. See Group.
groupSearchDomainRoles[GroupSearchDomainRole]yes The group search domain roles. See GroupSearchDomainRole.
groupsV2multiple  

The groups of which the user is a member. This is a preview and subject to change.

The multiple datatype consists of (search: string, typeFilter: [PermissionType], limit: integer, skip: integer, searchInRoles: boolean): GroupResultSetType.

See PermissionType, and GroupResultSetType.

idstringyes The identifier or token for the user.
isOrgRootbooleanyes Whether the organization is granted root access.
isRootbooleanyes Whether the user account is granted root access.
lastNamestring  The user's actual last name or family name (e.g., Smith). Don't use with fullName.
phoneNumberstring  The telephone number for LogScale to use for telephone text messages.
picturestring  File name of an image file for the account.
searchAssetPermissionsmultiple  

Search for asset permissions for the user. This is a preview and subject to change.

The multiple datatype consists of (searchFilter: string, skip: integer, limit: integer, orderBy: OrderBy, sortBy: SortBy, assetTypes: [AssetPermissionsAssetType], searchDomainIds: [string], permissions: [AssetPermissionInputEnum] = [UpdateAsset], includeUnassignedAssets: boolean): AssetPermissionSearchResultSet.

See AssetPermissionsAssetType, AssetPermissionInputEnum, and AssetPermissionSearchResultSet.

searchDomainRolesmultiple  The search domain roles assigned to the user. The multiple datatype consists of (searchDomainId: string): [SearchDomainRole]. See SearchDomainRole.
searchDomainRolesByNamemultipleyes 

The search domain roles for the user, by name. The multiple datatype consists of (searchDomainName: string): SearchDomainRole. See SearchDomainRole.

This is deprecated because when multiple roles per view is enabled, this field will return only the first of possibly multiple roles matching the name for the view. Therefore, use instead searchDomainRoles or searchDomainRolesBySearchDomainName.

searchDomainRolesBySearchDomainNamemultiple  The search domain roles assigned to the user by search domain name. The multiple datatype consists of (searchDomainName: string): [SearchDomainRole]. See SearchDomainRole.
stateCodestring  The two-letter, ISO 3166-2 country sub-division code for the state of residence (e.g., ny).
permissionsmultipleyes Permissions of the user. The multiple datatype consists of (viewName: string): [UserPermissions]. See UserPermissions.
permissionsPagemultipleyes A page of user permissions. The multiple datatype consists of (search: string, pageNumber: integer, pageSize: integer): UserPermissionsPage. See UserPermissionsPage.
rolesV2multiple  

The roles assigned to the user through a group. This is a preview and subject to change.

The multiple datatype consists of (search: string, typeFilter: [PermissionType], limit: integer, skip: integer, searchInGroups: boolean): RolesResultSetType.

See PermissionType, and RolesResultSetType.

usernamestringyes The user name for the account.
userOrGroupSearchDomainRolesmultipleyes The user or group search domain roles. The multiple datatype consists of (search: string, skip: integer, limit: integer): UserOrGroupSearchDomainRoleResultSet. See UserOrGroupSearchDomainRoleResultSet.