Authorization Server Admin API

The Authorization Server exposes a number of endpoints to administer the server itself.

The available API methods to administer the Authorization server are:

To access any of these API methods you must have the ADMIN_USER role.

The following table lists the specific permissions required to use the API methods:

API method	Endpoint	Required permission
Administer Groups
`Create a group`	POST /groups	`groups.write`
`Delete a group`	DELETE /groups/{groupId}	`groups.write`
`Get group by ID`	GET /groups/{groupId}	`groups.read`
`Get groups`	GET /groups	`groups.read`
`Update a group`	PUT /groups/{groupId}	`groups.write`
Administer Permissions
`Get permission by ID`	GET /permissions/{permissionId}	`permissions.read`
`Get permissions`	GET /permissions	`permissions.read`
Administer Roles
`Get role by ID`	GET /roles/{roleId}	`roles.read`
`Get roles`	GET /roles	`roles.read`
Administer Users
`Revoke a user’s session`	DELETE /sessions/{sessionId}	`users.write`
`Get user by ID`	GET /users/{userId}	`users.read`
`Get users`	GET /users	`users.read`
`Get user sessions`	GET /users/{userId}/sessions	`users.read`
`Update user`	PUT /users/{userId}	`users.write`
`Get a user's roles and permissions`	GET /users/{userId}/roles	`users.read`
`Enable a user`	POST /users/{userId}/enable	`users.write`
`Disable a user`	POST /users/{userId}/disable	`users.write`

Further information on the roles and permissions can be found on the Roles and Permissions page.

Further information on the API methods are provided on the other pages in this section.

Table of contents