Skip to content

TRE API Permissions Map

These tables specify each endpoint that exists today in TRE API and the permissions it supports.

Workspace API

Endpoints Researcher Workspace Owner Airlock Manager
GET /workspaces/{workspace_id}/workspace-services V V V
GET /workspaces/{workspace_id}/workspace-service-templates V V V
GET /workspaces/{workspace_id}/workspace-service-templates/{service_template_name}/user-resource-templates V V V
GET /workspaces/{workspace_id}/workspace-services/{service_id} V V
POST /workspaces/{workspace_id}/workspace-services X V
PATCH /workspaces/{workspace_id}/workspace-services/{service_id} X V
DELETE /workspaces/{workspace_id}/workspace-services/{service_id} X V
POST /workspaces/{workspace_id}/workspace-services/{service_id}/invoke-action X V
GET /workspaces/{workspace_id}/workspace-services/{service_id}/operations X V V
GET /workspaces/{workspace_id}/workspace-services/{service_id}/operations/{operation_id} X V V
GET /workspaces/{workspace_id}/workspace-services/{service_id}/user-resources V V V
GET /workspaces/{workspace_id}/workspace-services/{service_id}/user-resources/{resource_id} V V V
POST /workspaces/{workspace_id}/workspace-services/{service_id}/user-resources V V V
PATCH /workspaces/{workspace_id}/workspace-services/{service_id}/user-resources/{resource_id} V V V
DELETE /workspaces/{workspace_id}/workspace-services/{service_id}/user-resources/{resource_id} V V V
POST /workspaces/{workspace_id}/workspace-services/{service_id}/user-resources/{resource_id}/invoke-action V V V
GET /workspaces/{workspace_id}/workspace-services/{service_id}/user-resources/{resource_id}/operations V V V
GET /workspaces/{workspace_id}/workspace-services/{service_id}/user-resources/{resource_id}/operations/{operation_id} V V V
GET /workspaces/{workspace_id}/requests V V V
GET /workspaces/{workspace_id}/requests/{airlock_request_id} V V V
POST /workspaces/{workspace_id}/requests V V X
POST /workspaces/{workspace_id}/requests/{airlock_request_id}/submit V V X
POST /workspaces/{workspace_id}/requests/{airlock_request_id}/cancel V V X
POST /workspaces/{workspace_id}/requests/{airlock_request_id}/review X X V
POST /workspaces/{workspace_id}/requests/{airlock_request_id}/review-user-resource X X V
GET /workspaces/{workspace_id}/requests/{airlock_request_id}/link V V V
## Core API
Endpoints TRE Admin TRE User WS Owner
------------------------------------------------------------------------------------------------------------------- --------- -------- --------
GET /workspace-templates V V
GET /workspace-templates/{workspace_template_name} V V
POST /workspace-templates V X
GET /workspace-service-templates V V
GET /workspace-service-templates/{workspace_service_template_name} V V
POST /workspace-service-templates V X
GET /workspace-service-templates/{service_template_name}/user-resource-templates V V
GET /workspace-service-templates/{service_template_name}/user-resource-templates/{user_resource_template_name} V V
POST /workspace-service-templates/{service_template_name}/user-resource-templates V X
GET /workspaces V V
GET /workspaces/(workspace_id) V V
POST /workspaces V X
PATCH /workspaces/{workspace_id} V X X
DELETE /workspaces/{workspace_id} V X X
POST /workspaces/{workspace_id}/invoke-action V X X
GET /workspaces/{workspace_id}/operations V X V
GET /workspaces/{workspace_id}/operations/{operation_id} V X V
GET /shared-service-templates V V
GET /shared-service-templates/{shared_service_template_name} V V
POST /shared-service-templates V X
GET /shared-service V V
GET /shared-service/{shared_service_id} V V
POST /shared-service V X
PATCH /shared-service/{shared_service_id} V X
DELETE /shared-service/{shared_service_id} V X
POST /shared-service/{shared_service_id}/invoke-action V X
GET /shared-service/{shared_service_id}/operations V X
GET /shared-service/{shared_service_id}/operations/{operation_id} V X
POST /migrations V X
GET /costs V X X
GET /workspaces/{workspace_id}/costs V X V
GET /health - - -
GET /ping - - -
GET /.metadata - - -