# Get Role Assignments Filtered POST / #### Description Gets the set of role assignments matching the supplied filter. Endpoint: POST /filter Version: 1.0 Security: oauth2 ## Request fields (application/json): - `objectIds` (array) The list of target object identifiers to filter role assignments by - `objectType` (string) The type of the object. Enum: "audit", "connection", "control", "controlScope", "domain", "freshnessHistory", "exportFile", "label", "organization", "organizationUser", "policy", "program", "proof", "request", "requirement", "risk", "riskRegister", "section", "task", "scope", "template", "user" - `userIds` (array) The list of principal user identifiers to filter role assignments by Example: ["456e7890-e89b-12d3-a456-426614174000"] - `roleAssignmentIds` (array) The list of unique identifiers for role assignments to return - `directAssignmentsOnly` (boolean) Flag indicating whether to exclude returning inherited role assignments Example: true - `groupIds` (array) The list of group identifiers to filter role assignments by ## Response 200 fields (application/json): - `id` (string, required) The unique identifier for the role assignment Example: "123e4567-e89b-12d3-a456-426614174000" - `roleId` (string, required) The unique identifier of the role being assigned Example: "987e6543-e21b-12d3-a456-426614174000" - `roleKind` (string, required) The user's role kind on an object. Manager has full administrative permissions. Contributor has full edit permissions. Viewer has read-only access to the object and its details. Auditor has read-only access specifically for compliance review purposes. Enum: "manager", "contributor", "auditor", "viewer" - `principalId` (string, required) The unique identifier of the user being assigned the role Example: "456e7890-e89b-12d3-a456-426614174000" - `principalType` (string, required) The type of the object. Enum: "audit", "connection", "control", "controlScope", "domain", "freshnessHistory", "exportFile", "label", "organization", "organizationUser", "policy", "program", "proof", "request", "requirement", "risk", "riskRegister", "section", "task", "scope", "template", "user" - `principalOrgId` (string) The unique identifier of the organization of the principal user Example: "789e0123-e89b-12d3-a456-426614174000" - `targetObjectId` (string, required) The unique identifier of the object the role is assigned on Example: "321e0987-e89b-12d3-a456-426614174000" - `targetObjectType` (string, required) The type of the object. Enum: "audit", "connection", "control", "controlScope", "domain", "freshnessHistory", "exportFile", "label", "organization", "organizationUser", "policy", "program", "proof", "request", "requirement", "risk", "riskRegister", "section", "task", "scope", "template", "user" - `targetOrgId` (string) The unique identifier of the organization of the target object Example: "789e0123-e89b-12d3-a456-426614174000" - `sourceObjectId` (string,null) The unique identifier of the source object if the role assignment on the target object is inherited Example: "555e6666-e89b-12d3-a456-426614174000" - `sourceObjectType` (string,null) The type of the object. Enum: "audit", "connection", "control", "controlScope", "domain", "freshnessHistory", "exportFile", "label", "organization", "organizationUser", "policy", "program", "proof", "request", "requirement", "risk", "riskRegister", "section", "task", "scope", "template", "user" - `groupId` (string,null) The unique identifier of the group if this is a group role assignment - `groupName` (string,null) The name of the group if this is a group role assignment - `groupRoleAssignmentId` (string,null) The unique identifier of the group role assignment if inherited from group - `createdBy` (string) The unique identifier of the user who created the role assignment Example: "111e2222-e89b-12d3-a456-426614174000" - `createdOn` (string) The date the role assignment was created (ISO-8601 format) Example: "2024-01-15T10:30:00Z" - `updatedBy` (string) The unique identifier of the user who last updated the role assignment Example: "111e2222-e89b-12d3-a456-426614174000" - `updatedOn` (string) The date the role assignment was updated (ISO-8601 format) Example: "2024-01-15T10:30:00Z"