It worked this time. Thanks a lot for your help on this.
Original Message:
Sent: 01-10-2025 09:26
From: Diparnab Dey
Subject: READ ONLY role creation
Rushyendar,
The body should be an array. And for updating the metadata security the you should use POST http methond. Here is a sample CURL
curl --location 'https://{{env}}.reltio.com/reltio/permissions/{{mdmTenant}}' \--header 'Authorization: Bearer {{accessToken}}' \--header 'Content-Type: application/json' \--data '[ { "uri": "configuration/entityTypes/Product", "permissions": [ { "role": "ROLE_READ_PRODUCT", "access": [ "READ" ] } ] }]'
As you are saying there was metadata security updated previously for your tenant, I will recommend running the GET Permissions API to retrieve the current metadata security and apply your update on top of that before posting using the API shared above.
------------------------------
Diparnab Dey
Technical Consultant
Reltio
Kolkata, West Bengal
Original Message:
Sent: 01-10-2025 09:11
From: Rushyendar Akula
Subject: READ ONLY role creation
Thank you, Diparnab. I created a new role on the UI and tried configuring read-only access to one of the entities using the URL and body below.
After doing this, the user can log in but cannot see the Entity type. When I sent this request in Postman (tried both POST and PUT), I didn't see the new role in the response. Note that there is already another read-only role with a different name. Could this be the reason? I wasn't aware of the existing read-only role and tried to create a new one. I will use the old one, but I'm curious to know why the new role isn't working.
endpoint URL used: http://test.reltio.com/reltio/permissions/<<Tenant>>
Body:
{
"uri": "configuration/entityTypes/Product",
"permissions": [
{ "role": "ROLE_READ_PRODUCT", "access": ["READ"] }
]
}
------------------------------
Rushyendar Akula
Datasys Inc
Concord NC
Original Message:
Sent: 01-10-2025 00:58
From: Diparnab Dey
Subject: READ ONLY role creation
Hi Rushyendar,
You can create a custom role and use the metadata security to provide read-only access to relevant entities and relationships to that role. Here is what you should do
- Create a custom role, let's say ROLE_CUST_READ_ONLY using the "Create new role" option of User Management.
You do not need to add any specific permission for this role here.
- Then use the Metadata Security API to assign READ permission to all entity and relation types for the newly created custom role. Here is a sample for how the permission set should look like
[ { "uri": "configuration/relationTypes", "permissions": [ { "role": "ROLE_CUST_READ_ONLY", "access": [ "READ" ] } ] }, { "uri": "configuration/entityTypes", "permissions": [ { "role": "ROLE_CUST_READ_ONLY", "access": [ "READ" ] } ] }]
- Now your read-only role is created and if you assign this role to any user along with ROLE_API and ROLE_USER role for the relevant tenant(s), that user will get read-only access to the tenant.
Let me know if this helps.
------------------------------
Diparnab Dey
Technical Consultant
Reltio
Kolkata, West Bengal
Original Message:
Sent: 01-09-2025 09:19
From: Rushyendar Akula
Subject: READ ONLY role creation
Hi,
I hope you all are doing well.
I just realized that Reltio doesn't have a default read-only user role, which would allow a user to have read-only access to the tenant.
How can we create such a role if we need one? There is another discussion thread on this topic, but the instructions are not clear.
My request is that we need a user role like CUST_READ_ONLY
, which allows someone to log in to the tenant and have read-only access. This user should be able to search and perform basic read-only operations.
I would appreciate any inputs on this. Thank you.
------------------------------
Rushyendar Akula
Datasys Inc
Concord NC
------------------------------