GET /v1/rbac/check
Service: identity · operationId: (none)
Check whether a subject has a given role for a brand
Required scopes
(no scope declared — review service config)
Query parameters
subject_id(string) required —brand_id(string) required —role(string) required —
Responses
200 Check result
{
"type": "object",
"properties": {
"allowed": {
"type": "boolean"
},
"subject_id": {
"type": "string"
},
"brand_id": {
"type": "string"
},
"role": {
"type": "string"
},
"expires_at": {
"type": [
"string",
"null"
]
}
},
"required": [
"allowed",
"subject_id",
"brand_id",
"role",
"expires_at"
]
}400 Validation error
{
"type": "object",
"properties": {
"error": {
"type": "string"
},
"message": {
"type": "string"
}
},
"required": [
"error",
"message"
]
}Example
curl -X GET https://identity.platform.loop.health/v1/rbac/check \
-H "Authorization: Bearer $ACCESS_TOKEN"Related
services/identity— service overview- All endpoints — directory across services
- Auth model — how scopes are enforced