Risk Cloud API: Update Roles on User

Updating roles on a single user can be a common task in the Risk Cloud, and with Risk Cloud’s User API, you can achieve that as well.

Prerequisites

Obtain your API Access Token or pull the Risk Cloud Postman Collection to get started.
Required user role: Admin for the PUT endpoint at least
You will NOT be able to update users who are auto-provisioned. This will have to be managed thru your IDP.

1. Get User

Retrieve the user that you want to update via this endpoint.

GET/api/v1/internal/users/{userId}

This endpoint has the following parameters:

Required Path Parameter	Required	Description
userId	Yes	The User ID you want to update.

2. Update User

Update the user via this endpoint. Specify the userId. Add the user data in to the body request. Update the user data "Role" field to add and/or remove role(s) that you want.

PUT/api/v1/internal/users/{userId}

This endpoint has the following parameters:

Required Path Parameter	Required	Description
userId	Yes	The User ID you want to update.

Request

This endpoint has the following request body properties:

//Everything will be copied over from the GET User Response
//All you would need to do to add / remove roles from the "roles" list
{
    "status": <string: status ex Active>,
    ...
    "roles": [
        {
            "id":<string: roleId that already exist and I am keeping it - this would be left alone>
        },
        {
            "id":<string: roleId I want to add - this would be added>
        }
        //{
        //    "id":<string: roleId that already exist and I want to remove - this would be deleted>
        //}
    ],
    ...
    "transientIdOrId": <string: transientIdorId>
}

Response

This endpoint will return the updated User object.