POST method for save and apply Security manifest

Edit online
Draft comment:
This topic is shared by BAW, CP4BA. Last updated on 2025-03-13 12:15
API name: saveSolutionSecurityManifest. POST method for save or apply Security Manifest.

URI

/CaseManager/CASEREST/v1/saveSolutionSecurityManifest?DesignObjectStore=<Design Object Store name>&SolutionName=<Solution Name>&ManifestName=<Security Manifest Name>&TargetEnvironmentName=<Target Environment/ Project Area Name>&ApplyRoleMembership=<true/false>&ApplyDiscretionaryTasks=<true/false>&manifestAction=<apply/save>
Table 1. Parameters for thePOST method
Name Type Parameter/Value Description
DesignObjectStore String Mandatory parameter The symbolic name of the Design Object Store.
SolutionName String Mandatory parameter Name of the solution, where security manifest needs to be created or applied.
ManifestName String Mandatory parameter Name of the manifest, which needs to be created and applied.
TargetEnvironmentName String Mandatory parameter for production environment if manifest action is "apply". Name of Target Environment or Project Area.
ApplyRoleMembership String Default parameter value is false. This option applies the role membership configuration to the solution. The previously configured role membership is overwritten.
applyDiscretionaryTasks String Default parameter value is false. This option applies discretionary activities in addition to the security configuration.
manifestAction String Default parameter value is "save". If you want to create or edit and apply the security manifest, use "apply", else save to create or edit the manifest.
Table 2. Request content for create or apply security manifest
Name Description
manifestName Name of the manifest, which needs to be created and applied.
allCaseTypes Keep it empty array if there is no common privilege for all the case types. If there is common privilege for all the case types, make the entry like "allCaseTypes":[{"roleName":"role1","rolePrivileges":["view","update","manage"]}]
caseTypes Define the privilege per case type.
solutionRoles Define the solution roles with the participants.
securityAdministrators Define security administrators array with their role privileges.

POST

Example: 
POST https://example.com:9443/CaseManager/CASEREST/v1/saveSolutionSecurityManifest?DesignObjectStore=dos&SolutionName=testSol&ManifestName=test_security_manifest&ApplyRoleMembership=true&AapplyDiscretionaryTasks=true&manifestAction=apply
with following sample JSON request body 
{
    "manifestName": "test_security_manifest",
    "allCaseTypes": [],
    "caseTypes": [{
        "caseTypeName": "TS_caseType",
        "caseTypeRoles": [{
            "roleName": "role_name",
            "rolePrivileges": ["create", "view", "update", "manage"]
        }]
    }],
    "solutionRoles": [{
        "roleName": "role_name",
        "participants": []
    }],
    "securityAdministrators": [{
        "SHORT_NAME": "deadmin",
        "adminName": "deadmin",
        "principalType": "User",
        "rolePrivileges": ["fullcontrol"]
    }]
}