REST API Permissions

When you set permissions by using the Orchestrator REST API, you must use a set of characters to define the permissions.

You can define the permissions for an element by including a sequence of characters in the <rights> tag of the request body of a POST request .

The characters that you can use to set permissions through the Orchestrator REST API have specific meanings.

Orchestrator REST API Permissions Character Set
Character	Description
`r`	Gives view permissions.
`x`	Gives execute permissions.
`i`	Gives inspect permissions.
`c`	Gives edit permissions.
`a`	Gives administrative permissions.

Example: Syntax for Setting Permissions

You can use the following example syntax in the request body of a POST request at the URL of an Orchestrator element's permissions.

<permissions xmlns="http://www.vmware.com/vco">
    <permission>
        <principal>cn=vcousers,ou=vco,dc=appliance</principal>
        <rights>ric</rights>
    </permission>
</permissions>

By setting ric permissions in the <rights> tag of the request body, you allow members of the vcousers user group to view, inspect, and edit the Orchestrator element.