Tenant-level group account resources
Tenant-level group account resources let you create, retrieve information about, modify, and delete tenant-level group accounts. The table below provides information about these resources.
Group account resources are not available for the default tenant.
.../tenants/tenant-name/groupAccounts
Data type | Method | Use | Access | Notes |
groupAccount | PUT | Create a group account for a tenant | Tenant-level user account with the security role | You can create a group account only if HCP is configured to support AD. |
List | GET | Retrieve a list of the group accounts defined for a tenant | Tenant-level user account with the monitor, administrator, or security role |
The listed group accounts are identified by the group name. In XML, the element that identifies each group account is In JSON, the name in the name/value pair that lists the group accounts is |
.../tenants/tenant-name/groupAccounts/group-name
Data type | Method | Use | Access | Notes |
groupAccount | GET | Retrieve information about a group account | Tenant-level user account with the monitor, administrator, or security role | The information returned depends on the roles associated with the user making the request. |
N/A | HEAD | Check for the existence of a group account | Tenant-level user account with the monitor, administrator, or security role | |
groupAccount | POST | Modify a group account | Tenant-level user account with the administrator or security role | A user with only the administrator role can modify only the allow-NamespaceManagement property. A user with only the security role cannot modify that property. |
N/A | DELETE | Delete a group account | Tenant-level user account with the security role |
.../tenants/tenant-name/groupAccounts/group-name/dataAccessPermissions
Data type | Method | Use | Access | Notes |
dataAccess Permissions | GET | Retrieve information about the data access permissions associated with a group account | Tenant-level user account with the administrator, security, or monitor role | |
POST | Modify the data access permissions associated with a group account | Tenant-level user account with the administrator role |
The request body must contain all permissions granted for each included namespace. If a namespace is not included, its permissions are not changed by the POST request. By default, when you create a group account, it does not include any data access permissions. |