Retrieves the roles that are assigned to the specified client. A query expression can be used to filter the returned results.

Query Filter Attributes

Name	Type	Case Sensitive	Supported Comparison Operators
`id`	String	Yes	eq, ne, in, nin
`type`	String	No	eq, ne, in, nin
`name`	String	No	eq, ne, sw, lt, le, gt, ge, in, nin
`displayName`	String	No	eq, ne, sw, lt, le, gt, ge, in, nin
`tenantVisibility`	String	No	eq, ne, in, nin

Sort Attributes

id
type
name
displayName
tenantVisibility

Required Permissions

Below is the list of required permissions needed to interact with this API. For each permission, the allowed permission boundaries are also specified.

Permission	Boundary	Description
role:read	Application	The subject can perform this query if the client specified in the URL path is associated with the subject's application.
	Tenant	The subject can perform this query if the client specified in the URL path is owned by the subject's associated tenant.
	Tenant Inclusion List	The subject can perform this query if the client specified in the URL path is owned by a tenant included in the tenant inclusion list.
	Tenant Exclusion List	The subject can perform this query if the client specified in the URL path belongs to the subject's associated application and is owned by a tenant not on the tenant exclusion list.
	Self	The client subject can query the roles assigned to itself.