The rolesInOrgForChangingUserAccess() GraphQL query field is used to set defined roles in organization for user.

For more information on roles in LogScale, see the Manage users & permissions documentation page. You may also want to look at the Manage users & permissions page for related information.

Syntax

Below is the syntax for the rolesInOrgForChangingUserAccess() query field:

graphql
rolesInOrgForChangingUserAccess(
     searchDomainId: string!
   ): [Role!]!

To get the unique identifier for searchDomainId, use searchDomains() first. The Role datatype is descrived in the Returned Datatypes section. Below is an example using this query field:

Raw
graphql
query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: "aK9GKAsTnMXfRxT8Fpecx3fX"
   ) 
   { id, displayName, usersCount }
}
Mac OS or Linux (curl)
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\"
   ) 
   { id, displayName, usersCount }
}"
}
EOF
Mac OS or Linux (curl) One-line
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\"
   ) 
   { id, displayName, usersCount }
}"
}
EOF
Windows Cmd and curl
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "query { ^
   rolesInOrgForChangingUserAccess( ^
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\" ^
   )  ^
   { id, displayName, usersCount } ^
}" ^
} '
Windows Powershell and curl
powershell
curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\"
   ) 
   { id, displayName, usersCount }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"
Perl
perl
#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $INGEST_TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $json = '{"query" : "query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\"
   ) 
   { id, displayName, usersCount }
}"
}';
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";
Python
python
#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\"
   ) 
   { id, displayName, usersCount }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)
Node.js
javascript
const https = require('https');

const data = JSON.stringify(
    {"query" : "query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\"
   ) 
   { id, displayName, usersCount }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL/graphql',
  path: '/graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();
Example Responses
Success (HTTP Response Code 200 OK)
json
{
  "data": {
    "rolesInOrgForChangingUserAccess": [
      {
        "id": "XV5NhORkZibGBBl3kcR6owg01x9KMgg7",
        "displayName": "Admin",
        "usersCount": 1
      },
      {
        "id": "pFLOxe7C8zkNbWOSP8VartJ0I6Kz0eK2",
        "displayName": "Member",
        "usersCount": 14
      }
    ]
  }
}

Returned Datatypes

The returned datatype Role has several parameters. Below is a list of them along with a description of each:

Table: Role

ParameterTypeRequiredDefaultDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Oct 3, 2024
colorstring  The color associated with the role.
descriptionstring  A description of the role.
displayNamestringyes The display name of the role.
groupsGroupyes The groups related to the role. See Group.
groupsV2multipleyes The groups related to the role. The multiple datatype consists of (search: string, userId: string, searchInRoles: boolean, onlyIncludeGroupsWithRestrictiveQueryPrefix: boolean, limit: integer, skip: integer): GroupResultSetType. See GroupResultSetType.
idstringyes The unique identifier for the role.
organizationPermissionsOrganizationPermissionyes The organization permissions given to the role. See OrganizationPermission.
groupsCountintegeryes The number of groups related to the role.
systemPermissionsSystemPermissionyes The system permissions given to the role. See SystemPermission.
users[User]yes A list of users assigned the role. See User.
usersCountintegeryes The number of users assigned the role.
viewPermissionsPermissionyes The view permissions given to the role. See Permission.