Citrix DaaS REST APIs

How to get effective rights of current user in Citrix DaaS

Use REST APIs to get the current user’s effective rights, that is, permissions on various object scopes in your Citrix DaaS (formerly Citrix Virtual Apps and Desktops service) site. This allows a front-end component to perform permission check before invoking a specific API.

Follow the prerequisites and examples to get started with this API.

You can make API requests using the PowerShell code, C# code, Python, or any tool that supports invoking the REST API.

The ability to modify administrator rights or add/remove administrators are not available with Citrix DaaS APIs.

Prerequisites to get effective rights of current user

  • Read the Get started with Citrix Cloud APIs section to ensure that you have the bearer token.
  • Get siteid from How to get site id API.
  • Invoke the API described in this document from a client host or from the API exploration tab to get the rights of current user.

Get effective rights of current user using any REST API tool

Learn from the following example to get the rights of current user in your Citrix DaaS site using any REST API tool.

Request

GET https://api.cloud.com/cvad/manage/Admin/EffectiveRights HTTP/1.1
Accept: application/json
Content-Type: application/json; charset=utf-8
Authorization: CWSAuth bearer=<token-from-prerequisites>
Citrix-CustomerId: loy6oujtu6a4
Citrix-InstanceId: 22ded57c-0306-47e4-b6e8-fed6252759e1
<!--NeedCopy-->

Response

HTTP/1.1 200 OK
citrix-transactionid: b47a1b09-67bc-4a99-a065-d9264523d0d2
content-Length: 52774
content-Type: application/json; charset=utf-8
date: "Thu, 19 Nov 2020 16:11:14 GMT"

{
  "Items": [
    {
      "Scope": {
        "Id": "00000000-0000-0000-0000-000000000000",
        "Uid": null,
        "Name": "All",
        "Description": "All objects",
        "IsBuiltIn": true,
        "IsAllScope": true,
        "IsTenantScope": false,
        "TenantId": null,
        "TenantName": null
      },
      "Role": {
        "Id": "3a45035c-a260-4b4a-88a9-64461cba5acd",
        "Name": "Cloud administrator",
        "Description": "Customer access.",
        "IsBuiltIn": true,
        "Permissions": [
            {
                "Id": "Admin_Read",
                "Name": null,
                "Description": null,
                "IsReadOnly": false,
                "Operations": []
            },
            {
                "Id": "Admin_RoleControl",
                "Name": null,
                "Description": null,
                "IsReadOnly": false,
                "Operations": []
            },
            ...
            {
                "Id": "Zone_Read",
                "Name": null,
                "Description": null,
                "IsReadOnly": false,
                "Operations": []
            },
        ]
      }
    }
  ],
  "ContinuationToken": null,
  "TotalItems": 187
}
<!--NeedCopy-->

Get effective rights of current user using PowerShell

Learn from the following example to get the rights of current user in your Citrix DaaS site using any PowerShell code.

function GetAdminEffectiveRights {
    param (
        [Parameter(Mandatory=$true)]
        [string] $customerid,
        [Parameter(Mandatory=$true)]
        [string] $siteid,
        [Parameter(Mandatory=$true)]
        [string] $bearerToken
    )
    $requestUri = "https://api.cloud.com/cvad/manage/Admin/EffectiveRights"
    $headers = @{
        "Accept" = "application/json";
        "Authorization" = "CWSAuth bearer=$bearerToken";
        "Citrix-CustomerId" = $customerid;
        "Citrix-InstanceId" = $siteid;
    }

    $response = Invoke-RestMethod -Uri $requestUri -Method GET -Headers $headers 
    return $response
}

$customerid = "n2ypkklgy6cv"
$siteid = "12f7438-bf8e-42ba-b1b3-2eb75d098f57"
$bearerToken = "eyJ..."
$response = GetAdminEffectiveRights $customerid $siteid $bearerToken 
<!--NeedCopy-->

Get effective rights of current user using C# code

Learn from the following example to get the rights of current user in your Citrix DaaS site using any C# code.

public static async Task<string> GetAdminEffectiveRights(
    string customerid,
    string siteid,
    string bearerToken)
{
    var requestUri = "https://api.cloud.com/cvad/manage/Admin/EffectiveRights";
    using (var client = new HttpClient())
    {
        client.DefaultRequestHeaders.Accept.ParseAdd("application/json");
        client.DefaultRequestHeaders.Add("Citrix-CustomerId", customerid);
        client.DefaultRequestHeaders.Add("Citrix-InstanceId", siteid);
        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("CWSAuth bearer=" + bearerToken);

        var response = await client.GetAsync(requestUri);

        if (response != null)
        {
            var content = await response.Content.ReadAsStringAsync();
            return content;
        }

        return null;
    }
}
<!--NeedCopy-->

Get effective rights of current user using Python

Learn from the following example to get the rights of current user in your Citrix DaaS site using Python.

import requests 

def get_admin_effective_rights(bearerToken, customerid, siteid):
    request_uri = "https://api.cloud.com/cvad/manage/Admin/EffectiveRights"
    headers = {
                'Authorization': 'CWSAuth bearer=%s' % bearerToken,
                'Citrix-CustomerId': customerid,
                'Citrix-InstanceId': siteid,
                'Content-Type': 'application/json',
                'Accept': 'application/json'
              }

    response = requests.get(request_uri, headers = headers)

    return response.json()
<!--NeedCopy-->
Resources
Citrix DaaS REST APIs OpenAPI Specification
Copy Download
How to get effective rights of current user in Citrix DaaS