Amba
API ReferenceClient API

Roles

Current user's roles, union of permissions, single-permission check.

Read-only from the client side. Admins manage roles and assignments at /admin/roles/*.

Source: apps/api/src/routes/client/roles.ts.

Endpoints

MethodPathDescription
GET/client/rolesRoles assigned to the caller with role definition.
GET/client/roles/permissionsDeduplicated union of permissions across all of the caller's roles.
GET/client/roles/check/:permissionCheck a single permission; returns the roles that grant it.

GET /client/roles

Response 200

{
  "data": [
    {
      "app_user_id": "…",
      "role_id": "…",
      "assigned_at": "…",
      "roles": {
        "id": "…",
        "name": "moderator",
        "description": "…",
        "permissions": ["moderation.approve"]
      }
    }
  ]
}

Try it:

GET/client/roles
client auth
curl -X GET 'https://api.amba.dev/client/roles'
Loading auth… Configure auth in the settings drawer (top-right) to run this request.

Curl:

curl -X GET '${BASE_URL}/client/roles' \
  -H 'X-Api-Key: ${CLIENT_API_KEY}' \
  -H 'Authorization: Bearer ${SESSION_TOKEN}'

GET /client/roles/permissions

Response 200

{ "data": { "permissions": ["moderation.approve", "reviews.moderate"] } }

Try it:

GET/client/roles/permissions
client auth
curl -X GET 'https://api.amba.dev/client/roles/permissions'
Loading auth… Configure auth in the settings drawer (top-right) to run this request.

Curl:

curl -X GET '${BASE_URL}/client/roles/permissions' \
  -H 'X-Api-Key: ${CLIENT_API_KEY}' \
  -H 'Authorization: Bearer ${SESSION_TOKEN}'

GET /client/roles/check/:permission

Response 200

{
  "data": {
    "has_permission": true,
    "permission": "moderation.approve",
    "roles": ["moderator"]
  }
}

Try it:

GET/client/roles/check/%7B%7Bpermission%7D%7D
client auth
curl -X GET 'https://api.amba.dev/client/roles/check/%7B%7Bpermission%7D%7D'
Loading auth… Configure auth in the settings drawer (top-right) to run this request.

Curl:

curl -X GET '${BASE_URL}/client/roles/check/{permission}' \
  -H 'X-Api-Key: ${CLIENT_API_KEY}' \
  -H 'Authorization: Bearer ${SESSION_TOKEN}'

Previous

Media

Next

Sessions

On this page