Get role mappings | Elasticsearch API documentation

Get role mappings Generally available; Added in 5.5.0

GET /_security/role_mapping/{name}

Role mappings define which roles are assigned to each user. The role mapping APIs are generally the preferred way to manage role mappings rather than using role mapping files. The get role mappings API cannot retrieve role mappings that are defined in role mapping files.

Required authorization

Cluster privileges: manage_security

External documentation

Path parameters

name string | array[string] Required

The distinct name that identifies the role mapping. The name is used solely as an identifier to facilitate interaction via the API; it does not affect the behavior of the mapping in any way. You can specify multiple mapping names as a comma-separated list. If you do not specify this parameter, the API returns information about all role mappings.

Responses

200 application/json
Hide response attribute Show response attribute object
- * object Additional properties
  
  Hide * attributes Show * attributes object
  
  enabled boolean Required
  
  metadata object Required
  
  Hide metadata attribute Show metadata attribute object
  
  * object Additional properties
  
  roles array[string]
  
  role_templates array[object]
  
  Hide role_templates attributes Show role_templates attributes object
  
  format string
  
  Values are string or json.
  
  template object Required
  
  Hide template attributes Show template attributes object
  
  source string | object
  
  One of:
  ScriptSource string SearchRequestBody object
  
  id string
  
  params object
  
  Specifies any named parameters that are passed into the script as variables. Use parameters instead of hard-coded values to decrease compile time.
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  lang string
  
  Any of:
  ScriptLanguage string ScriptLanguage string
  
  Values are painless, expression, mustache, or java.
  
  options object
  
  Hide options attribute Show options attribute object
  
  * string Additional properties
  
  rules object Required
  
  Hide rules attributes Show rules attributes object
  
  any array[object]
  
  all array[object]
  
  field object
  
  except object

GET /_security/role_mapping/{name}

GET /_security/role_mapping/mapping1

curl \
 --request GET 'http://api.example.com/_security/role_mapping/{name}' \
 --header "Authorization: $API_KEY"

Response examples (200)

A successful response from `GET /_security/role_mapping/mapping1`.

{
  "mapping1": {
    "enabled": true,
    "roles": [
      "user"
    ],
    "rules": {
      "field": {
        "username": "*"
      }
    },
    "metadata": {}
  }
}

Get role mappings Generally available; Added in 5.5.0

Required authorization

Path parameters

Responses

source string | object

lang string