Grant
Grant the specified privilege(s) on the named securable to the named granteeΒΆ
POST/api/v2/grants/{granteeType}/{granteeName}/{securableType}/{securableName}/privileges
Endpoint to indicate that the privileges listed in the request body should be granted.
| Parameter | Type | Description |
|---|
{
"privileges": [
"CREATE DATABASE",
"EXECUTE TASK"
],
"grant_option": true,
"created_on": "2019-08-24T14:15:22Z",
"grantee_type": "ROLE",
"grantee_name": "ACCOUNTADMIN",
"securable_type": "ACCOUNT",
"securable_name": "string",
"granted_by_role_type": "ROLE",
"granted_by_name": "SUBADMIN"
}Response
| Code | Description | ||||
|---|---|---|---|---|---|
| 200 | Successful request. {
"status": "Request successfully completed"
}
| ||||
| 202 |
| 400 | |
| 401 | |
| 403 | |
| 404 | |
| 405 | |
| 408 | |
| 409 | |
| 410 | |
| 429 | |
| 500 | |
| 503 | |
| 504 |
| Parameter | Type | Description |
|---|---|---|
| status | string | Message returned by the server. |
Grant the specified privilege(s) on all/future (as specified by bulkGrantType) securables of this type in a given scope to the named granteeΒΆ
POST/api/v2/grants/{granteeType}/{granteeName}/{bulkGrantType}/{securableTypePlural}/{scopeType}/{scopeName}/privileges
Endpoint to indicate that the privileges listed in the request body should be granted to all securables of this type in the given scope.
| Parameter | Type | Description |
|---|
{
"privileges": [
"CREATE DATABASE",
"EXECUTE TASK"
],
"grant_option": true,
"created_on": "2019-08-24T14:15:22Z",
"grantee_type": "ROLE",
"grantee_name": "ACCOUNTADMIN",
"securable_type": "ACCOUNT",
"securable_name": "string",
"granted_by_role_type": "ROLE",
"granted_by_name": "SUBADMIN"
}Response
| Code | Description |
|---|---|
| 200 | |
| 202 |
| 400 | |
| 401 | |
| 403 | |
| 404 | |
| 405 | |
| 408 | |
| 409 | |
| 410 | |
| 429 | |
| 500 | |
| 503 | |
| 504 |
Revoke the specified privilege on the named securable from the named granteeΒΆ
DELETE/api/v2/grants/{granteeType}/{granteeName}/{securableType}/{securableName}/privileges/{privilege}
Endpoint to indicate that the privilege listed in the path should be revoked.
Response
| Code | Description |
|---|---|
| 200 | |
| 202 |
| 400 | |
| 401 | |
| 403 | |
| 404 | |
| 405 | |
| 408 | |
| 409 | |
| 410 | |
| 429 | |
| 500 | |
| 503 | |
| 504 |
Revoke the grant option for the specified privilege on the named securable from the named granteeΒΆ
DELETE/api/v2/grants/{granteeType}/{granteeName}/{securableType}/{securableName}/privileges/{privilege}/grant-option
Endpoint to indicate that the grant option for the privilege listed in the path should be revoked.
Response
| Code | Description |
|---|---|
| 200 | |
| 202 |
| 400 | |
| 401 | |
| 403 | |
| 404 | |
| 405 | |
| 408 | |
| 409 | |
| 410 | |
| 429 | |
| 500 | |
| 503 | |
| 504 |
Revoke the specified privilege on the specified all/future securable in the given scope from the named granteeΒΆ
DELETE/api/v2/grants/{granteeType}/{granteeName}/{bulkGrantType}/{securableTypePlural}/{scopeType}/{scopeName}/privileges/{privilege}
Endpoint to indicate that the privilege listed on the group securable in the given scope should be revoked.
Response
| Code | Description |
|---|---|
| 200 | |
| 202 |
| 400 | |
| 401 | |
| 403 | |
| 404 | |
| 405 | |
| 408 | |
| 409 | |
| 410 | |
| 429 | |
| 500 | |
| 503 | |
| 504 |
Revoke the grant option for the specified privilege on the specified all/future securable in the given scope from the named granteeΒΆ
DELETE/api/v2/grants/{granteeType}/{granteeName}/{bulkGrantType}/{securableTypePlural}/{scopeType}/{scopeName}/privileges/{privilege}/grant-option
Endpoint to indicate that the grant option for the privilege listed on the group securable in the given scope should be revoked.
Response
| Code | Description |
|---|---|
| 200 | |
| 202 |
| 400 | |
| 401 | |
| 403 | |
| 404 | |
| 405 | |
| 408 | |
| 409 | |
| 410 | |
| 429 | |
| 500 | |
| 503 | |
| 504 |
List of privileges associated with this grantee type and nameΒΆ
GET/api/v2/grants/{granteeType}/{granteeName}
List the roles and privileges granted to the specified grantee using the output of SHOW GRANTS TO
Query Parameters
| Parameter | Type | Description |
|---|---|---|
| showLimit | integer | Query parameter to limit the maximum number of rows returned by a command. |
Response
| Code | Description | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| 200 | successful [
{
"privileges": [
"CREATE DATABASE",
"EXECUTE TASK"
],
"grant_option": true,
"created_on": "2019-08-24T14:15:22Z",
"grantee_type": "ROLE",
"grantee_name": "ACCOUNTADMIN",
"securable_type": "ACCOUNT",
"securable_name": "string",
"granted_by_role_type": "ROLE",
"granted_by_name": "SUBADMIN"
}
]
| |||||||||
| 202 | Successfully accepted the request, but it is not completed yet. {
"code": "392604",
"message": "Request execution in progress. Use the provided location header or result handler ID to perform query monitoring and management."
}
|
| 400 | Bad Request. The request payload is invalid or malformed. This happens if the application didn't send the correct request payload. The response body may include the error code and message indicating the actual cause. The application must reconstruct the request body for retry. |
| 401 | Unauthorized. The request is not authorized. This happens if the attached access token is invalid or missing. The response body may include the error code and message indicating the actual cause, e.g., expired, invalid token. The application must obtain a new access token for retry. |
| 403 | Forbidden. The request is forbidden. This can also happen if the request is made even if the API is not enabled. |
| 404 | Not Found. The request endpoint is not valid. This happens if the API endpoint does not exist, or if the API is not enabled. |
| 405 | Method Not Allowed. The request method doesn't match the supported API. This happens, for example, if the application calls the API with GET method but the endpoint accepts only POST. |
| 408 | Request Timeout. This indicates that the request from the client timed out and was not completed by the server. |
| 409 | Conflict. The requested operation could not be performed due to a conflicting state that could not be resolved. This usually happens when a CREATE request was performed when there is a pre-existing resource with the same name, and also without one of the options orReplace/ifNotExists. |
| 410 | Gone. This error is primarily intended to assist the task of web maintenance by notifying the recipient that the resource is intentionally unavailable. |
| 429 | Limit Exceeded. The number of requests hit the rate limit. The application must slow down the frequency of hitting the API endpoints. |
| 500 | Internal Server Error. The server hit an unrecoverable system error. The response body may include the error code and message for further guidance. The application owner may need to reach out the customer support. |
| 503 | Service Unavailable. The request was not processed due to server side timeouts. The application may retry with backoff. The jittered backoff is recommended. |
| 504 | Gateway Timeout. The request was not processed due to server side timeouts. The application may retry with backoff. The jittered backoff is recommended. |
| Parameter | Type | Description |
|---|