Guides
Start typing to search…

Manage Admin Roles

This API collection provides endpoints for managing administrative access and role assignments for users within the system. It enables administrators to promote users to admin status, assign or remove roles, and verify user role configurations. These APIs are typically used in workflows where an employee needs elevated access to perform administrative tasks across different modules. The collection allows precise control over each user's access level through role-based permissions.

Typical Workflow to Assign an Admin Role

  1. Check Admin Status
    Use getEmployeeList?emplyId=JDOE to confirm whether the employee already has admin privileges.

  2. Update Admin Flag (If Needed)
    Use updateEmployee?emplyId=JDOE&adminFlag=Y to mark the employee as an admin.

  3. Get Role ID
    Use getRoleList to retrieve a list of available roles and their identifiers.

  4. Assign Role to Admin User
    Use addUserRoles?usrId=JDOE&mems=RO20 to assign the selected role.

  5. Verify Assigned Roles (Optional)
    Use getUserRoleList?userNo=JDOE to confirm the assigned roles.

  6. Remove Role (If Needed)
    Use deleteUserRole?userNo=JDOE&proxyNo=JDOE&roleNo=RO20 to revoke a role from the user.

Method: updateEmployee

Use this method to update an employee's record. A typical use case is to set the adminFlag to Y, granting the user admin privileges.

Request Header:

JSON

{
  "Content-Type": "application/json",
  "api-key": "your_api_key"
}

Parameters:

Provide the employee ID and the value for adminFlag:

JSON

{
  "emplyId": "JDOE",
  "adminFlag": "Y"
}

Response Structure:

The response will return the full employee profile, including details like name, organization, role metadata, and admin status.

Example Response:

JSON

{
  "success": true,
  "result": {
    "emplyId": "JDOE",
    "locationCode": "MYOFFICE",
    "emplyType": "S",
    "currId": "USD",
    "deptCode": "000000",
    "vendorId": "000",
    "firstName": "John",
    "lastName": "Doe",
    "midInit": "",
    "email1": "[email protected]",
    "email2": "",
    "email3": "",
    "email4": "",
    "ssn": "",
    "adminFlag": "N",
    "entryFlag": "B",
    "exemptFlag": "Y",
    "maxHours": 24.0,
    "phone1": "",
    "notes": "",
    "activeFlag": "Y",
    "startDate": "2019-07-17",
    "partTime": "F",
    "optCode": "0002",
    "functcode": "000",
    "reportingTypeId": "S-MONTHLY",
    "grpMtdAccessId": "159817696",
    "loginType": "L",
    "paymentType": "M",
    "jobTitle": "",
    "timezoneId": "America/Chicago",
    "enableOverride": "NNNNN",
    "countryName": "",
    "fullName": "[JDOE] John Doe",
    "fullNameNoId": "John Doe",
    "entryFlagName": "Time/Expense",
    "partTimeName": "Full Time",
    "optCodeName": " 0002 - DATABASICS, Inc ",
    "deptCodeName": " 000000 - Product and Services Group",
    "emplyTypeName": {
      "en": "Salaried"
    },
    "functcodeName": "Default",
    "vendorIdName": "Default",
    "locationName": " MYOFFICE - My Office",
    "grpMtdAccessIdName": "Offline",
    "currIdName": {
      "en": "*American Dollar",
      "ru": "*American Dollar"
    },
    "reportingTypeName": "Semi-Monthly",
    "avatar": "attach:profileAttachments:TP4EQadKMwkcWambOuzEWboTAJDOE-profile.png"
  }
}

Method: getEmployeeList

The getEmployeeList API call retrieves a list of employees and their attributes. It can be used to check whether a specific employee is an admin (adminFlag == Y) or not.

This endpoint is commonly used before updating admin privileges via updateEmployee.

Request Header:

JSON

{
  "Content-Type": "application/json",
  "api-key": "your_api_key"
}

Parameters:

You may optionally pass a query parameter to filter by a specific employee ID:

GET /getEmployeeList?emplyId=JDOE

Response Structure:

Returns a list of employee profiles with their admin flag, organization info, and additional metadata.

Example Response:

JSON

{
  "success": true,
  "result": {
    "emplyId": "JDOE",
    "locationCode": "MyOFFICE",
    "emplyType": "S",
    "currId": "USD",
    "deptCode": "000000",
    "vendorId": "000",
    "firstName": "John",
    "lastName": "Doe",
    "midInit": "",
    "email1": "[email protected]",
    "email2": "",
    "email3": "",
    "email4": "",
    "ssn": "",
    "adminFlag": "N",
    "entryFlag": "B",
    "exemptFlag": "Y",
    "maxHours": 24.0,
    "phone1": "",
    "notes": "",
    "activeFlag": "Y",
    "startDate": "2019-07-17",
    "partTime": "F",
    "optCode": "0002",
    "functcode": "000",
    "reportingTypeId": "S-MONTHLY",
    "grpMtdAccessId": "159817696",
    "loginType": "L",
    "paymentType": "M",
    "jobTitle": "",
    "timezoneId": "America/Chicago",
    "enableOverride": "NNNNN",
    "countryName": "",
    "fullName": "[JDOE] John Doe",
    "fullNameNoId": "John Doe",
    "entryFlagName": "Time/Expense",
    "partTimeName": "Full Time",
    "optCodeName": " 0002 - DATABASICS, Inc ",
    "deptCodeName": " 000000 - Product and Services Group",
    "emplyTypeName": {
      "en": "Salaried"
    },
    "functcodeName": "Default",
    "vendorIdName": "Default",
    "locationName": " MYOFFICE - My Office",
    "grpMtdAccessIdName": "Offline",
    "currIdName": {
      "en": "*American Dollar",
      "ru": "*American Dollar"
    },
    "reportingTypeName": "Semi-Monthly",
    "avatar": "attach:profileAttachments:TP4EQadKMwkcWambOuzEWboTAJDOE-profile.png"
  }
}

Method: getRoleList

The getRoleList API call retrieves a list of available admin roles that can be assigned to a user. Each role contains metadata such as its name, associated organizational scope, and access flags.

This method is typically used before calling addUserRoles to determine the correct roleId.

Request Header:

JSON

{
  "Content-Type": "application/json",
  "api-key": "your_api_key"
}

Parameters:

None required — simply call:

GET /getRoleList

Response Structure:

Returns a list of available roles, including unique identifiers (roleNo), role names, access types, and applicable scope definitions (such as optCode or myGroup).

Example Response:

JSON

{
  "success": true,
  "result": [
    {
      "uuid": "iomxkrkmlqbrowawmtftbqbumykremok",
      "name": {
        "en": "Administratiors - Read Only"
      },
      "vars": "{myGroup:\"P\",optCode:\"0002\",deptCode:\"\"}",
      "defaultFlag": "no",
      "introduction": "",
      "viewOnly": "yes",
      "apiFlag": "N",
      "myGroup": "P",
      "roleNo": "iomxkrkmlqbrowawmtftbqbumykremok",
      "optCode": "0002",
      "myGroupName": "My Proxy",
      "optCodeName": {
        "en": "DATABASICS, Inc "
      }
    }
  ]
}

Method: addUserRoles

The addUserRoles API call is used to assign a single admin role to a specified user. You must supply the user's ID and a single role ID retrieved from the getRoleList endpoint.

Request Header:

JSON

{
  "Content-Type": "application/json",
  "api-key": "your_api_key"
}

Parameters:

You must supply both the user ID and the role ID:

POST /addUserRoles

JSON Body Example:

{
  "usrId": "JDOE",
  "mems": "RO20"
}
  • usrId (string): The user’s employee ID (e.g., JDOE)
  • mems (string): The role identifier to assign. Use a value retrieved from getRoleList.

Response Structure:

Returns a success status indicating whether the role was successfully assigned.

Example Response:

{
  "success": true
}

Method: getUserRoleList

The getUserRoleList API call retrieves the list of admin roles currently assigned to a specific user. This can be used to verify which roles a user holds after assigning or removing roles.

Request Header:

JSON

{
  "Content-Type": "application/json",
  "api-key": "your_api_key"
}

Parameters:

Provide the user's employee ID (used as both userNo and proxyNo):

GET /getUserRoleList?userNo=JDOE&proxyNo=JDOE

  • userNo (string): The user’s employee ID.
  • proxyNo (string): The same employee ID, used to filter proxy-based role access.

Response Structure:

Returns a list of roles currently associated with the user.

Example Response:

{
  "success": true,
  "result": [
    {
      "uuid": "llfqiwclenjtkqkyglixixlzewltetds",
      "defaultFlag": "no",
      "chatFlag": "no",
      "hideUserRole": "no",
      "roleNoName": "{\n\t\"en\":\"My Report/Timesheets\"\n}",
      "introduction": "",
      "roleNo": "RO20",
      "userNo": "JDOE",
      "proxyNo": "JDOE"
    }
  ],
  "amount": 1
}

Method: deleteUserRole

The deleteUserRole API call removes a specific admin role from a given user. This requires the user identifier (userNo), the proxy user (proxyNo), and the role identifier (roleNo) to ensure proper targeting of the role revocation.

Request Header:

{
  "Content-Type": "application/json",
  "api-key": "your_api_key"
}

Parameters:

POST /deleteUserRole?userNo=JDOE&proxyNo=JDOE&roleNo=RO20

  • userNo (string): The employee ID of the user.
  • proxyNo (string): The proxy user ID (Same as userNo).
  • roleNo (string): The role identifier to be removed.

Response Structure:

A successful deletion will return a JSON object indicating the action was completed.

Example Response:

{
  "success": true
}

Updated 21 days ago