How to get effective rights of current user in Citrix DaaS
Use REST APIs to get the current user’s effective rights, that is, permissions on various object scopes in your Citrix DaaS (formerly Citrix Virtual Apps and Desktops service) site. This allows a front-end component to perform permission check before invoking a specific API.
Follow the prerequisites and examples to get started with this API.
You can make API requests using the PowerShell code, C# code, Python, or any tool that supports invoking the REST API.
The ability to modify administrator rights or add/remove administrators are not available with Citrix DaaS APIs.
Prerequisites to get effective rights of current user
- Read the Get started with Citrix Cloud APIs section to ensure that you have the
bearer token. - Get
siteidfrom How to get site id API. - Invoke the API described in this document from a client host or from the API exploration tab to get the rights of current user.
Get effective rights of current user using any REST API tool
Learn from the following example to get the rights of current user in your Citrix DaaS site using any REST API tool.
Request
GET https://api.cloud.com/cvad/manage/Admin/EffectiveRights HTTP/1.1
Accept: application/json
Content-Type: application/json; charset=utf-8
Authorization: CWSAuth bearer=<token-from-prerequisites>
Citrix-CustomerId: loy6oujtu6a4
Citrix-InstanceId: 22ded57c-0306-47e4-b6e8-fed6252759e1
<!--NeedCopy-->
Response
HTTP/1.1 200 OK
citrix-transactionid: b47a1b09-67bc-4a99-a065-d9264523d0d2
content-Length: 52774
content-Type: application/json; charset=utf-8
date: "Thu, 19 Nov 2020 16:11:14 GMT"
{
"Items": [
{
"Scope": {
"Id": "00000000-0000-0000-0000-000000000000",
"Uid": null,
"Name": "All",
"Description": "All objects",
"IsBuiltIn": true,
"IsAllScope": true,
"IsTenantScope": false,
"TenantId": null,
"TenantName": null
},
"Role": {
"Id": "3a45035c-a260-4b4a-88a9-64461cba5acd",
"Name": "Cloud administrator",
"Description": "Customer access.",
"IsBuiltIn": true,
"Permissions": [
{
"Id": "Admin_Read",
"Name": null,
"Description": null,
"IsReadOnly": false,
"Operations": []
},
{
"Id": "Admin_RoleControl",
"Name": null,
"Description": null,
"IsReadOnly": false,
"Operations": []
},
...
{
"Id": "Zone_Read",
"Name": null,
"Description": null,
"IsReadOnly": false,
"Operations": []
},
]
}
}
],
"ContinuationToken": null,
"TotalItems": 187
}
<!--NeedCopy-->
Get effective rights of current user using PowerShell
Learn from the following example to get the rights of current user in your Citrix DaaS site using any PowerShell code.
function GetAdminEffectiveRights {
param (
[Parameter(Mandatory=$true)]
[string] $customerid,
[Parameter(Mandatory=$true)]
[string] $siteid,
[Parameter(Mandatory=$true)]
[string] $bearerToken
)
$requestUri = "https://api.cloud.com/cvad/manage/Admin/EffectiveRights"
$headers = @{
"Accept" = "application/json";
"Authorization" = "CWSAuth bearer=$bearerToken";
"Citrix-CustomerId" = $customerid;
"Citrix-InstanceId" = $siteid;
}
$response = Invoke-RestMethod -Uri $requestUri -Method GET -Headers $headers
return $response
}
$customerid = "n2ypkklgy6cv"
$siteid = "12f7438-bf8e-42ba-b1b3-2eb75d098f57"
$bearerToken = "eyJ..."
$response = GetAdminEffectiveRights $customerid $siteid $bearerToken
<!--NeedCopy-->
Get effective rights of current user using C# code
Learn from the following example to get the rights of current user in your Citrix DaaS site using any C# code.
public static async Task<string> GetAdminEffectiveRights(
string customerid,
string siteid,
string bearerToken)
{
var requestUri = "https://api.cloud.com/cvad/manage/Admin/EffectiveRights";
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Accept.ParseAdd("application/json");
client.DefaultRequestHeaders.Add("Citrix-CustomerId", customerid);
client.DefaultRequestHeaders.Add("Citrix-InstanceId", siteid);
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("CWSAuth bearer=" + bearerToken);
var response = await client.GetAsync(requestUri);
if (response != null)
{
var content = await response.Content.ReadAsStringAsync();
return content;
}
return null;
}
}
<!--NeedCopy-->
Get effective rights of current user using Python
Learn from the following example to get the rights of current user in your Citrix DaaS site using Python.
import requests
def get_admin_effective_rights(bearerToken, customerid, siteid):
request_uri = "https://api.cloud.com/cvad/manage/Admin/EffectiveRights"
headers = {
'Authorization': 'CWSAuth bearer=%s' % bearerToken,
'Citrix-CustomerId': customerid,
'Citrix-InstanceId': siteid,
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.get(request_uri, headers = headers)
return response.json()
<!--NeedCopy-->