MarkLogic 12 Product Documentation
POST /manage/v2/privileges

Summary

This resource address creates a new privilege in the security database.

URL Parameters
format	The format of the posted data. Can be either `html`, `json`, or `xml` (default). This value overrides the Accept header if both are present.

Request Headers
Accept	The expected MIME type of the request body. If the `format?` parameter is present, it takes precedence over the Accept header.
Content-type	The MIME type of the data in the request body. Depending upon the value of the `format` parameter or Accept header, one of `application/xml`, `application/json`, or `text/html`.

Response Headers
Content-type	The MIME type of the data in the response body. Depending upon the value of the `format` parameter or Accept header, one of `application/xml`, `application/json`, or `text/html`.
Location	If the request causes a restart, a Location header is included in the reponse. The header contains a path with which to construct a URL to usable to test when the restart has completed.

Response

Upon success, MarkLogic Server returns status code 201 (Created). If the payload is malformed, a status code of 400 (Bad Request) is returned. A status code of 401 (Unauthorized) is returned if the user does not have the necessary privileges.

Required Privileges

This operation requires one of the following:

the manage-admin and security role
the following privileges:
http://marklogic.com/xdmp/privileges/manage

http://marklogic.com/xdmp/privileges/manage-admin

http://marklogic.com/xdmp/privileges/create-privilege
the manage role, http://marklogic.com/xdmp/privileges/manage plus one of the following granular privileges:
- http://marklogic.com/xdmp/privileges/role/edit/role-ID

Usage Notes

The structure of the data in the request body is as shown here. The privilege-name and kind properties are required.

Note: The properties described here are for XML payloads. In general they are the same for JSON, with the exception that, in JSON, roles is expressed in singular form. For example, in JSON, roles is instead role and the format is: "role":["rolename"].

privilege-name

Privilege name (unique)

action

A URI to protect.

kind

A protected "action" (or object).

roles

The roles assigned. The roles assigned to the user.

This is a complex structure with the following children:

role: A role identifier (unique key).

Example


  curl -X POST  --anyauth -u admin:admin -H "Content-Type:application/json" \
  -d '{"privilege-name":"engineer-execute", "http://example.com/privileges/engineer", "kind":"execute"}' \
  http://localhost:8002/manage/v2/privileges

  ==>  Creates an execute privilege, named '"engineer-execute," in the Security database.

Stack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.

MarkLogic 12 Product DocumentationPOST /manage/v2/privileges