Connection Grants API
The following article relates to Sigma’s developer API for connection grants.
Summary of Content
Endpoints
The Grant Object
Attributes
The Grant List Object
Attributes
List Existing Grants
Grant a Member or Team Access to a Connection
Revoke Granted Access
Related Resources
Endpoints
GET /v2/connections/{connectionId}/grants
Returns a list grants associated with the requested connection
Try it in Swagger
POST /v2/connections/{connectionId}/grants
Creates and/or updates a connection's grants. Returns an empty object.
Try it in Swagger
DELETE /v2/connections/{connectionId}/grants/{grantId}
Revokes an existing grant. Returns an empty object.
Try it in Swagger
The Grant Object
Attributes
grantId string
The unique identifier associated with the grant.
organizationId string
The unique identifier associated with the Sigma organization in which the connection lives.
memberId string | null
The unique identifier associated with the organization member assigned to the grant.
If the grant is specific to a team, not an individual member, this value will be null.
teamId string | null
The unique identifier associated with the team assigned to the grant.
If the grant is specific to an organization member, not a team, this value will be null.
permission string
The permission type associated with the grant.
| Permission | Label displayed in Sigma UI |
| usage | Can Use |
| annotate | Can Use & Annotate |
createdBy string
The unique identifier, memberId, of the organization member who created the grant.
updatedBy string
The unique identifier, memberId, of the organization member who created the grant.
createdAt string
The timestamp at which the grant was created.
updatedAt string
The timestamp at which the grant was last updated.
{
"grantId":"qt2de26e-9a2c-4f45-ba1c-91a0875df8ez",
"organizationId":"cf2de26e-9a2c-4c58-ba1c-91a0955df7ez",
"memberId": "D09b2ZDXwvssbKuMZRWUdk0c6h892",
"teamId": null,
"permission": "usage",
"createdBy":"6VZszXPJqLXpIezceRadESnwfPPUg",
"updatedBy": "6VZszXPJqLXpIezceRadESnwfPPUg",
"createdAt": "2022-02-28T21:42:56.809Z",
"updatedAt": "2022-03-28T21:12:56.108Z"
}
The Grant List Object
Attributes
entries Array<Grant Object>
A list of grant objects matching the requested connectionId and parameters.
hasMore boolean
True if additional grants are available for the requested connection.
nextPage string | null
The next page in the list of grants. Used for pagination.
List Existing Grants
Returns a list grants associated with the requested connection.
GET /v2/connections/{connectionId}/grants
Permissions
- The user account associated with the API access token must have permission to view connection data permissions.
Note: If you encounter a permission error for the given endpoint, verify your account type and permissions associated with your API token.
Parameters
page string [optional]
An identifier used for pagination.
limit number [optional]
The number of materialization entries to be returned.
cURL Request
curl --location --request GET 'https://api.sigmacomputing.com/v2/connections/{connectionId}/grants?page={page}&limit={limit} \
--header 'Authorization: Bearer {access_token}' \
--header 'Content-Type: application/json' \
Response
Returns a grant list object.
{
"entries": [
{
"grantId": string,
"organizationId": string,
"memberId": string | null,
"teamId": string | null,
"permission": string,
"createdBy": string,
"updatedBy": string,
"createdAt": string,
"updatedAt": string
}
],
"hasMore": boolean,
"nextPage": string | null
}
Example
Example Request:
curl --location --request GET 'https://api.sigmacomputing.com/v2/connections/g3e8e8947-c9f5-43re-93b0-T80d0ddf5627/grants?page={3}&limit={4} \
--header 'Authorization: Bearer {access_token}' \
--header 'Content-Type: application/json' \
Example Response:
{
"entries": [
{
"grantId":"qt2de26e-9a2c-4f45-ba1c-91a0875df8ez",
"organizationId":"cf2de26e-9a2c-4c58-ba1c-91a0955df7ez",
"memberId": "D09b2ZDXwvssbKuMZRWUdk0c6h892",
"teamId": null,
"permission": "usage",
"createdBy":"6VZszXPJqLXpIezceRadESnwfPPUg",
"updatedBy": "6VZszXPJqLXpIezceRadESnwfPPUg",
"createdAt": "2022-02-28T21:42:56.809Z",
"updatedAt": "2022-03-28T21:12:56.108Z"
}
],
"hasMore": true,
"nextPage": "2"
}
Grant a Member or Team Access to a Connection
Creates and/or updates a connection's grants. Returns an empty object.
POST /v2/connections/{connectionId}/grants
Try it in Swagger
Note: No more than a total of 100 can be added or removed at a time.
Permissions
-
The user account associated with the API access token must have permission to assign connection data permissions. This is only available to organization Admins.
Note: If you encounter a permission error for the given endpoint, verify your account type and permissions associated with your API token.
Parameters
grants Array<{grantee, permission}>
A list of one or more objects describing the grant(s) to be added.
Example — Single Grant
{
grantee: { memberId: string } | { teamId: string }
permission: string // 'annotate', 'usage'
}
Example — List of Grants
[
{
grantee: {
memberId: "6VZszXPJqLXpIezcD5adESnwfPPUg"
},
permission: "annotate"
},
{
grantee: {
teamId: "88858466-5299-4425-95c0-4b7d93268bae"
},
permission: "usage"
}
]
cURL Request
curl --location --request POST 'https://api.sigmacomputing.com/v2/connection/{connectionId}/grants' \
--header 'Authorization: Bearer {access_token}' \
--header 'Content-Type: application/json' \
--data-raw '{"grants": [
{
grantee: { memberId: string } | { teamId: string }
permission: string. // 'annotate', 'usage'
},
...
]}'
Response
{}
Example
Example Request:
curl --location --request POST 'https://api.sigmacomputing.com/v2/connection/g3e8e8947-c9f5-43re-93b0-T80d0ddf5627/grants' \
--header 'Authorization: Bearer {access_token}' \
--header 'Content-Type: application/json' \
--data-raw '{"grants": [
{
grantee: {
memberId: "6VZszXPJqLXpIezcD5adESnwfPPUg"
},
permission: "annotate"
},
{
grantee: {
teamId: "88858466-5299-4425-95c0-4b7d93268bae"
},
permission: "usage"
}
]}'
Example Response:
{}
Revoke Granted Access
Revokes an existing grant. Returns an empty object.
DELETE /v2/connections/{connectionId}/grants/{grantId}
Permissions
- The user account associated with the API access token must have permission to revoke connection data permissions. This is only available to organization Admins.
Note: If you encounter a permission error for the given endpoint, check with your organization Admin to verify your account type and permissions associated with your API token.
Parameters
None
cURL Request
curl --location --request DELETE 'https://api.sigmacomputing.com/v2/connections/{connectionId}/grants/{grantId} \
--header 'Authorization: Bearer {access_token}' \
--header 'Content-Type: application/json' \
Response
{}
Example
Example Request:
curl --location --request DELETE 'https://api.sigmacomputing.com/v2/connections/g3e8e8947-c9f5-43re-93b0-T80d0ddf5627/grants/qt2de26e-9a2c-4f45-ba1c-91a0875df8ez \
--header 'Authorization: Bearer {access_token}' \
--header 'Content-Type: application/json' \
Example Response:
{}
Related Resources
API Documentation
Get an API Token and Client ID
Identify Unique IDs in Sigma