Hi Sajith, You can take a look at *RemoteAuthorizationManagerService* [1]. There we have the following method.
*isUserAuthorized* (username, resourceId, action) >From this you can check if the user is authorized to perform some action on a particular resource. similarly you can check the same for a role using the following method. *isRoleAuthorized* (rolename, resourceId, action) However AFAIK it is not possible to retrieve all the permissions granted for a user through an admin service. If it is needed, one way is to query the* UM_ROLE_PERMISSION* table [2] (of the internal database) and find out what are the associated permissions (of *UM_PERMISSION* table) for each role. Then you will have to map the user with the roles that the user has been assigned. Hope this will be helpful. [1] https://localhost:9443/services/RemoteAuthorizationManagerService?wsdl [2] http://tharindue.blogspot.com/2015/04/wso2-identity-server-data-dictionary.html Thanks, TharinduE On Mon, Nov 23, 2015 at 6:58 AM, Sajith Ariyarathna <sajit...@wso2.com> wrote: > Hi IS team, > > Is it possible to do $subject? I have the username, domain and tenant ID > of the user. > > Thanks. > > -- > Sajith Ariyarathna > Software Engineer; WSO2, Inc.; http://wso2.com/ > mobile: +94 77 6602284, +94 71 3951048 > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Tharindu Edirisinghe Software Engineer | WSO2 Inc Identity Server Team Blog : tharindue.blogspot.com mobile : 408-714-8437
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev