List Roles
Retrieve all roles in your organization. Roles define sets of resources and session duration limits that can be assigned to users.
Request
GET https://api.entryguard.io/api/v1/roles
Authentication
Requires a valid Bearer JWT token with ORG_ADMIN role.
Authorization: Bearer <access_token>
Query Parameters
This endpoint does not accept query parameters. All roles in the authenticated user's organization are returned.
Response
Returns an array of role objects.
Response Schema
[
{
"id": "uuid",
"name": "string",
"description": "string",
"maxSessionDurationHours": "integer",
"resourceIds": ["uuid"],
"userIds": ["uuid"],
"createdAt": "timestamp",
"updatedAt": "timestamp"
}
]
| Field | Type | Description |
|---|---|---|
id | UUID | Unique identifier for the role |
name | string | Role name |
description | string | Optional role description |
maxSessionDurationHours | integer | Maximum session duration in hours for users with this role |
resourceIds | UUID[] | Array of cloud resource IDs assigned to this role |
userIds | UUID[] | Array of user IDs assigned to this role |
createdAt | timestamp | ISO 8601 timestamp when the role was created |
updatedAt | timestamp | ISO 8601 timestamp when the role was last updated |
Success Response
Status Code: 200 OK
[
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"name": "DevOps Team",
"description": "Full access to production resources",
"maxSessionDurationHours": 24,
"resourceIds": [
"660e8400-e29b-41d4-a716-446655440001",
"660e8400-e29b-41d4-a716-446655440002"
],
"userIds": [
"770e8400-e29b-41d4-a716-446655440003"
],
"createdAt": "2026-02-18T10:30:00Z",
"updatedAt": "2026-02-18T10:30:00Z"
},
{
"id": "550e8400-e29b-41d4-a716-446655440010",
"name": "Read Only",
"description": "Limited access for auditors",
"maxSessionDurationHours": 2,
"resourceIds": [],
"userIds": [],
"createdAt": "2026-02-15T14:20:00Z",
"updatedAt": "2026-02-16T09:15:00Z"
}
]
Error Responses
| Status Code | Description |
|---|---|
401 Unauthorized | Missing or invalid authentication token |
403 Forbidden | User does not have ORG_ADMIN role |
429 Too Many Requests | Rate limit exceeded |
500 Internal Server Error | Server error occurred |
Error Response Schema:
{
"timestamp": "2026-02-18T10:30:00Z",
"status": 401,
"error": "Unauthorized",
"message": "Authentication required",
"path": "/api/v1/roles"
}
Example
Request
curl -X GET https://api.entryguard.io/api/v1/roles \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
Response
[
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"name": "DevOps Team",
"description": "Full access to production resources",
"maxSessionDurationHours": 24,
"resourceIds": [
"660e8400-e29b-41d4-a716-446655440001",
"660e8400-e29b-41d4-a716-446655440002"
],
"userIds": [
"770e8400-e29b-41d4-a716-446655440003"
],
"createdAt": "2026-02-18T10:30:00Z",
"updatedAt": "2026-02-18T10:30:00Z"
}
]