a20b3e2d59
* fleshing out About topic * docs, fgac refactor initial draft * updated FGAC with service account details * finalized restructure * make prettier, corrects spelling * fixes typo * adds rollout strategy topic * started name change * renamed to rbac throughout docs * copy edit to about and actions and scopes docs * finishes content reorg * draft of refactored refactored docs * corrects relrefs * formatting tweaks * fixes typo * copy updates to about rbac * rbac rollout docs edits * update rbac role assignment docs * content update to manage rbac roles doc * sort and reorder roles reference in rbac docs * alphabetize permissions table * Update docs/sources/enterprise/settings-updates.md Co-authored-by: Mitch Seaman <mjseaman@users.noreply.github.com> * incorporates feedback, makes prettier * update http api references in rbac docs * fix broken refs and improve wording on enabling RBAC provisioning Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com> Co-authored-by: Mitchel Seaman <mitchel.seaman@gmail.com> Co-authored-by: Mitch Seaman <mjseaman@users.noreply.github.com>
2.9 KiB
+++ title = "External Group Sync HTTP API " description = "Grafana External Group Sync HTTP API" keywords = ["grafana", "http", "documentation", "api", "team", "teams", "group", "member", "enterprise"] aliases = ["/docs/grafana/latest/http_api/external_group_sync/"] +++
External Group Synchronization API
External Group Synchronization is only available in Grafana Enterprise. Read more about [Grafana Enterprise]({{< relref "../enterprise" >}}).
If you have [Role-based access control]({{< relref "../enterprise/access-control/_index.md" >}}) enabled, access to endpoints will be controlled by role-based access control permissions. Refer to specific endpoints to understand what permissions are required.
Get External Groups
GET /api/teams/:teamId/groups
Required permissions
See note in the [introduction]({{< ref "#team-api" >}}) for an explanation.
| Action | Scope |
|---|---|
| teams.permissions:read | teams:* |
Example Request:
GET /api/teams/1/groups HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
Example Response:
HTTP/1.1 200
Content-Type: application/json
[
{
"orgId": 1,
"teamId": 1,
"groupId": "cn=editors,ou=groups,dc=grafana,dc=org"
}
]
Status Codes:
- 200 - Ok
- 401 - Unauthorized
- 403 - Permission denied
Add External Group
POST /api/teams/:teamId/groups
Required permissions
See note in the [introduction]({{< ref "#team-api" >}}) for an explanation.
| Action | Scope |
|---|---|
| teams.permissions:write | teams:* |
Example Request:
POST /api/teams/1/members HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
{
"groupId": "cn=editors,ou=groups,dc=grafana,dc=org"
}
Example Response:
HTTP/1.1 200
Content-Type: application/json
{"message":"Group added to Team"}
Status Codes:
- 200 - Ok
- 400 - Group is already added to this team
- 401 - Unauthorized
- 403 - Permission denied
- 404 - Team not found
Remove External Group
DELETE /api/teams/:teamId/groups/:groupId
Required permissions
See note in the [introduction]({{< ref "#team-api" >}}) for an explanation.
| Action | Scope |
|---|---|
| teams.permissions:write | teams:* |
Example Request:
DELETE /api/teams/1/groups/cn=editors,ou=groups,dc=grafana,dc=org HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
Example Response:
HTTP/1.1 200
Content-Type: application/json
{"message":"Team Group removed"}
Status Codes:
- 200 - Ok
- 401 - Unauthorized
- 403 - Permission denied
- 404 - Team not found/Group not found