GitHub user dosubot[bot] added a comment to the discussion: Role Management through API - Datasource Access
<!-- Greeting --> Hi @joaoreispv! I'm [Dosu](https://go.dosu.dev/dosubot) and I’m helping the superset team. <!-- Answer --> To assign datasource access to a role via the Superset API, you need to find the correct permission ID for each dataset. Here’s how you can do it: 1. Get the dataset metadata using `/api/v1/dataset/{id}` to retrieve the database name, table name, and dataset ID. 2. Construct the permission string in the format `[database_name].[table_name](id:dataset_id)`, for example, `[mydb].[mytable](id:123)`. 3. Call `/api/v1/security/permissions-resources/` and filter for entries where `permission_name` is `datasource_access` and `view_menu_name` matches your constructed string. The matching entry will have the permission ID you need. 4. Assign this permission to a role by sending a payload with the permission ID to `/api/v1/security/roles/{role_id}/permissions`: ```json { "permission_view_menu_ids": [PERMISSION_ID] } ``` Note: In Superset 5.0.0, `datasource_access` permissions for individual datasets may not appear in the API response by default—they are only created after certain backend events (like accessing the dataset or running a permissions sync). If you don’t see the permission, try accessing the dataset in the UI or running a permissions sync, then check the API again. For most API workflows, it’s often easier to use the `can_read`/`can_write` permissions on `Dataset` instead of fine-grained `datasource_access` permissions via the API. [See discussion and details](https://github.com/apache/superset/discussions/34571) <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/03ec05c0-03a8-4728-8834-3d76c131ed58?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/03ec05c0-03a8-4728-8834-3d76c131ed58?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/03ec05c0-03a8-4728-8834-3d76c131ed58?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/03ec05c0-03a8-4728-8834-3d76c131ed58?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/03ec05c0-03a8-4728-8834-3d76c131ed58?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/03ec05c0-03a8-4728-8834-3d76c131ed58?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/03ec05c0-03a8-4728-8834-3d76c131ed58?feedback_type=other)</sup> [](https://app.dosu.dev/a28d3c7e-a9d3-459e-9fb6-3a6f9ff4f357/ask?utm_source=github) [](https://cursor.com/link/prompt?text=To%20assign%20datasource%20access%20to%20a%20role%20via%20the%20Superset%20API%2C%20you%20need%20to%20find%20the%20correct%20permission%20ID%20for%20each%20dataset.%20Here%E2%80%99s%20how%20you%20can%20do%20it%3A%0A%0A1.%20Get%20the%20dataset%20metadata%20using%20%60/api/v1/dataset/%7Bid%7D%60%20to%20retrieve%20the%20database%20name%2C%20table%20name%2C%20and%20dataset%20ID.%0A2.%20Construct%20the%20permission%20string%20in%20the%20format%20%60%5Bdatabase_name%5D.%5Btable_name%5D%28id%3Adataset_id%29%60%2C%20for%20example%2C%20%60%5Bmydb%5D.%5Bmytable%5D%28id%3A123%29%60.%0A3.%20Call%20%60/api/v1/security/permissions-resources/%60%20and%20filter%20for%20entries%20where%20%60permission_name%60%20is%20%60datasource_access%60%20and%20%60view_menu_name%60 %20matches%20your%20constructed%20string.%20The%20matching%20entry%20will%20have%20the%20permission%20ID%20you%20need.%0A4.%20Assign%20this%20permission%20to%20a%20role%20by%20sending%20a%20payload%20with%20the%20permission%20ID%20to%20%60/api/v1/security/roles/%7Brole_id%7D/permissions%60%3A%0A%20%20%20%60%60%60json%0A%20%20%20%7B%20%22permission_view_menu_ids%22%3A%20%5BPERMISSION_ID%5D%20%7D%0A%20%20%20%60%60%60%0A%20%20%20%0ANote%3A%20In%20Superset%205.0.0%2C%20%60datasource_access%60%20permissions%20for%20individual%20datasets%20may%20not%20appear%20in%20the%20API%20response%20by%20default%E2%80%94they%20are%20only%20created%20after%20certain%20backend%20events%20%28like%20accessing%20the%20dataset%20or%20running%20a%20permissions%20sync%29.%20If%20you%20don%E2%80%99t%20see%20the%20permission%2C%20try%20accessing%20the%20dataset%20in%20the%20UI%20or%20running%20a%20permissions%20sync%2C%20then%20check%20the%20API%20again.%20For%20most%20API%20workflows%2C%20it%E2%80%99s%20often %20easier%20to%20use%20the%20%60can_read%60/%60can_write%60%20permissions%20on%20%60Dataset%60%20instead%20of%20fine-grained%20%60datasource_access%60%20permissions%20via%20the%20API.%20%20%0A%5BSee%20discussion%20and%20details%5D%28https%3A//github.com/apache/superset/discussions/34571%29) [](https://go.dosu.dev/discord-bot) [](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/superset/discussions/37254) GitHub link: https://github.com/apache/superset/discussions/37254#discussioncomment-15539879 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
