RBAC API
Endpoints
GET /api/rbacGET /api/rbac/summaryPOST /api/rbac/assignmentsDELETE /api/rbac/assignments/{id}POST /api/rbac/provider-mappingsDELETE /api/rbac/provider-mappings/{id}
Purpose
- inspect effective roles, permissions, assignments, and mappings
- manage user-role assignments
- manage provider-role mappings
Notes
- RBAC management requires
rbac:read or rbac:write
- scope-aware enforcement applies at API level
- UI clients should use the returned permission summary instead of duplicating policy rules