When you set permissions by using the Orchestrator REST API, you must use a set of characters to define the permissions.
You can define the permissions for an element by including a sequence of characters in the <rights> tag of the request body of a POST request .
The characters that you can use to set permissions through the Orchestrator REST API have specific meanings.
You can use the following example syntax in the request body of a POST request at the URL of an Orchestrator element's permissions.
<permissions xmlns="http://www.vmware.com/vco"> <permission> <principal>cn=vcousers,ou=vco,dc=appliance</principal> <rights>ric</rights> </permission> </permissions>
By setting ric permissions in the <rights> tag of the request body, you allow members of the vcousers user group to view, inspect, and edit the Orchestrator element.