Add a User Role

This section guides you through the ways of adding a user role to WSO2 Identity Server.

Use the Management Console

  1. Navigate Main > Identity and click Users and Roles > Add.

  2. Click Add New Role.

  3. In the Domain list, select the user store in which you want to create this role (e.g., "Primary") and enter the Role Name (e.g., "Manager").

  4. Click Finish or you can click Next to specify permissions for the role


In SCIM 2.0, creating a role is the same as creating a group.


To create a group with users, the relevant users should already exist in the user store.

Use the following curl command to create a new user group with a new member. The attributes you have to include in the cURL command are the userID, username:password.

The sample request given below adds a group named "engineer" with the user "Mark" as a member.


curl -v -k --user {IS_USERNAME}:{IS_PASSWORD} --data '{"displayName": {GROUP_NAME},"members": {MEMBERS_OF_THE_GROUP}}'}}' --header "Content-Type:application/json" https://{IS_IP}:{IS_PORT}/wso2/scim2/Groups

Sample Request

curl -v -k --user admin:admin --data '{"displayName": "engineer","members": [{"value":"008bba85-451d-414b-87de-c03b5a1f4217","Mark": "Mark"}]}' --header "Content-Type:application/json" https://localhost:9443/wso2/scim2/Groups

Sample Response


You receive a response with the payload as indicated above and a response status 201 CREATED.