Skip to main content
GET
https://sandbox.finhub.cloud
/
api
/
v2.1
/
admin
/
roles
/
raci-matrix
Role Management API
curl --request GET \
  --url https://sandbox.finhub.cloud/api/v2.1/admin/roles/raci-matrix \
  --header 'Authorization: <authorization>' \
  --header 'Content-Type: application/json' \
  --header 'X-Tenant-ID: <x-tenant-id>' \
  --data '
{
  "process": "<string>",
  "roleAssignments": {}
}
'
{
  "success": true,
  "data": {
    "matrix": [
      {
        "processName": "CUSTOMER_ONBOARDING",
        "responsible": "COMPLIANCE_OFFICER",
        "accountable": "ADMIN",
        "consulted": ["SUPPORT_AGENT"],
        "informed": ["CUSTOMER"]
      },
      {
        "processName": "VERIFICATION_APPROVAL",
        "responsible": "COMPLIANCE_OFFICER",
        "accountable": "ADMIN",
        "consulted": [],
        "informed": ["CUSTOMER", "SUPPORT_AGENT"]
      },
      {
        "processName": "TRANSFER_APPROVAL",
        "responsible": "APPROVER",
        "accountable": "ADMIN",
        "consulted": ["COMPLIANCE_OFFICER"],
        "informed": ["CUSTOMER"]
      }
    ]
  }
}

Role Management API

APIs for managing role configurations and RACI (Responsible, Accountable, Consulted, Informed) matrix validations.
Base URL: https://sandbox.finhub.cloud/api/v2.1/admin/roles

Available Endpoints

RACI Matrix

Get process responsibility matrix

Role Configurations

List all role configurations

Validate RACI

Validate role assignments

Get RACI Matrix

Retrieves the RACI matrix for a specific process, showing role responsibilities.

Request

process
string
Process name to filter (optional)
Authorization
string
required
Bearer token for authentication
X-Tenant-ID
string
required
Tenant identifier

Code Examples

curl -X GET "https://sandbox.finhub.cloud/api/v2.1/admin/roles/raci-matrix?process=CUSTOMER_ONBOARDING" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "X-Tenant-ID: YOUR_TENANT_ID"

{
  "success": true,
  "data": {
    "matrix": [
      {
        "processName": "CUSTOMER_ONBOARDING",
        "responsible": "COMPLIANCE_OFFICER",
        "accountable": "ADMIN",
        "consulted": ["SUPPORT_AGENT"],
        "informed": ["CUSTOMER"]
      },
      {
        "processName": "VERIFICATION_APPROVAL",
        "responsible": "COMPLIANCE_OFFICER",
        "accountable": "ADMIN",
        "consulted": [],
        "informed": ["CUSTOMER", "SUPPORT_AGENT"]
      },
      {
        "processName": "TRANSFER_APPROVAL",
        "responsible": "APPROVER",
        "accountable": "ADMIN",
        "consulted": ["COMPLIANCE_OFFICER"],
        "informed": ["CUSTOMER"]
      }
    ]
  }
}

Get Role Configurations

Retrieves all configured roles and their associated permissions.

Code Examples

curl -X GET "https://sandbox.finhub.cloud/api/v2.1/admin/roles/role-configurations" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "X-Tenant-ID: YOUR_TENANT_ID"

{
  "success": true,
  "data": {
    "roles": [
      {
        "id": "role_admin",
        "name": "ADMIN",
        "description": "Full administrative access",
        "permissions": [
          "user:read",
          "user:write",
          "user:delete",
          "customer:read",
          "customer:write",
          "customer:activate",
          "transfer:approve",
          "verification:approve",
          "settings:manage"
        ],
        "isSystemRole": true
      },
      {
        "id": "role_compliance",
        "name": "COMPLIANCE_OFFICER",
        "description": "Compliance and verification management",
        "permissions": [
          "customer:read",
          "verification:read",
          "verification:approve",
          "verification:reject",
          "audit:read"
        ],
        "isSystemRole": true
      },
      {
        "id": "role_approver",
        "name": "APPROVER",
        "description": "Transaction approval authority",
        "permissions": [
          "transfer:read",
          "transfer:approve",
          "transfer:reject"
        ],
        "isSystemRole": false
      },
      {
        "id": "role_viewer",
        "name": "VIEWER",
        "description": "Read-only access",
        "permissions": [
          "customer:read",
          "transfer:read",
          "verification:read"
        ],
        "isSystemRole": false
      }
    ]
  }
}

Validate RACI Assignment

Validates whether a role assignment satisfies the RACI requirements for a process.

Request

process
string
required
Process name to validate
roleAssignments
object
required
Role assignments to validate

Code Examples

curl -X POST "https://sandbox.finhub.cloud/api/v2.1/admin/roles/validate-raci" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "X-Tenant-ID: YOUR_TENANT_ID" \
  -H "Content-Type: application/json" \
  -d '{
    "process": "TRANSFER_APPROVAL",
    "roleAssignments": {
      "userId": "user_12345",
      "roles": ["APPROVER", "VIEWER"]
    }
  }'

{
  "success": true,
  "data": {
    "isValid": true,
    "process": "TRANSFER_APPROVAL",
    "validatedRoles": ["APPROVER", "VIEWER"],
    "effectivePermissions": [
      "transfer:read",
      "transfer:approve",
      "transfer:reject"
    ]
  }
}

Role Types

RoleDescription
ADMINFull administrative access
COMPLIANCE_OFFICERVerification and compliance management
SUPPORT_AGENTCustomer support operations

Response Codes

CodeDescription
200Request successful
400Invalid request parameters
401Unauthorized
403Insufficient permissions
500Internal server error