rolesInOrgForChangingUserAccess()

API Stability Long-Term

The rolesInOrgForChangingUserAccess() GraphQL query field is used to set defined roles in organization for user.

For more information on roles in LogScale, see the Manage users & permissions documentation page. You may also want to look at the Manage users & permissions page for related information.

Syntax

Below is the syntax for the rolesInOrgForChangingUserAccess() query field:

graphql

rolesInOrgForChangingUserAccess(
     searchDomainId: string!
   ): [Role]!

To get the unique identifier for searchDomainId, use searchDomains() first. The role datatype is described in the Returned Datatypes section. Below is an example using this query field:

Raw

graphql

query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: "aK9GKAsTnMXfRxT8Fpecx3fX"
   ) 
   { id, displayName, usersCount }
}

Mac OS or Linux (curl)

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\"
   ) 
   { id, displayName, usersCount }
}"
}
EOF

Mac OS or Linux (curl) One-line

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\"
   ) 
   { id, displayName, usersCount }
}"
}
EOF

Windows Cmd and curl

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "query { ^
   rolesInOrgForChangingUserAccess( ^
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\" ^
   )  ^
   { id, displayName, usersCount } ^
}" ^
} '

Windows Powershell and curl

powershell

curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\"
   ) 
   { id, displayName, usersCount }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"

Perl

perl

#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $INGEST_TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $json = '{"query" : "query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\"
   ) 
   { id, displayName, usersCount }
}"
}';
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";

Python

python

#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\"
   ) 
   { id, displayName, usersCount }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)

Node.js

javascript

const https = require('https');

const data = JSON.stringify(
    {"query" : "query {
   rolesInOrgForChangingUserAccess(
      searchDomainId: \"aK9GKAsTnMXfRxT8Fpecx3fX\"
   ) 
   { id, displayName, usersCount }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL/graphql',
  path: '/graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();

Example Responses

Success (HTTP Response Code 200 OK)

json

{
  "data": {
    "rolesInOrgForChangingUserAccess": [
      {
        "id": "XV5NhORkZibGBBl3kcR6owg01x9KMgg7",
        "displayName": "Admin",
        "usersCount": 1
      },
      {
        "id": "pFLOxe7C8zkNbWOSP8VartJ0I6Kz0eK2",
        "displayName": "Member",
        "usersCount": 14
      }
    ]
  }
}

Returned Datatypes

The returned datatype role has several parameters. Below is a list of them along with a description of each:

Table: Role

Parameter	Type	Required	Stability	Description
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Mar 18, 2025
`color`	string		`Deprecated`	The color associated with the role. However, role colors are no longer used. This parameter will be removed at the earliest in version 1.195.
`description`	string		`Long-Term`	A description of the role.
`displayName`	string	yes	`Long-Term`	The display name of the role.
`groups`	[`Group`]	yes	`Long-Term`	The groups related to the role. See `Group`.
`groupsCount`	integer	yes	`Long-Term`	The number of groups related to the role.
`groupsV2`	multiple	yes	`Long-Term`	The groups related to the role. The multiple datatype consists of `(search: string, userId: string, searchInRoles: boolean, onlyIncludeGroupsWithRestrictiveQueryPrefix: boolean, limit: integer, skip: integer): GroupResultSetType`. See `GroupResultSetType`.
`id`	string	yes	`Long-Term`	The unique identifier for the role.
`organizationManagementPermissions`	[`OrganizationManagementPermission`]	yes	`Long-Term`	The organization management permissions given to the role. See `OrganizationManagementPermission`.
`organizationPermissions`	[`OrganizationPermission`]	yes	`Long-Term`	The organization permissions given to the role. See `OrganizationPermission`.
`readonlyDefaultRole`	`ReadonlyDefaultRole`		`Preview`	The read-only default role. This parameter is a preview and subject to change. See `ReadonlyDefaultRole`.
`systemPermissions`	[`SystemPermission`]	yes	`Long-Term`	The system permissions given to the role. See `SystemPermission`.
`users`	[`User`]	yes	`Long-Term`	A list of users assigned the role. See `User`.
`usersCount`	integer	yes	`Long-Term`	The number of users assigned the role.
`viewPermissions`	[`Permission`]	yes	`Long-Term`	The view permissions given to the role. See `Permission`.

GraphQL Queries

GraphQL API Stability

GraphQL Groups

GraphQL Mutations

GraphQL Datatypes