Assigning and referencing a role

This section explains how to assign a role to a user or group, and how to reference it.

To have users or groups participate in a project, select a role to assign.

Set the environment variables below as follows:

$ TMP_PROJECT_ID=<projIdThatUserOrGroupIsToParticipateIn>

$ TMP_USER_ID=<userToParticipateInProj>

$ TMP_GROUP=<groupToParticipateInProj>

$ TMP_ROLE_ID=<roleId>

Execute the following API:

$ curl -i -X PUT -Ss $IDENTITY/v3/projects/$TMP_PROJECT_ID/users/\
$TMP_USER_ID/roles/$TMP_ROLE_ID -H "X-Auth-Token:$OS_AUTH_TOKEN" \
-H "Content-Type:application/json"

$ curl -i -X PUT -Ss $IDENTITY/v3/projects/$TMP_PROJECT_ID/groups/\
$TMP_GROUP_ID/roles/$TMP_ROLE_ID -H "X-Auth-Token:$OS_AUTH_TOKEN" \
-H "Content-Type:application/json"

The following response is output:

HTTP/1.1 204 No Content
Vary:  X-Auth-Token
Content-Length:  0
Date:  Www, DD MMM yyyy hh:mm:ss GMT

Check the roles of users and groups.
To check the roles, the four following patterns are available.
1. Project - Group
2. Project - User
3. Domain - Group
4. Domain - User
Set the environment variables below as follows, according to the desired pattern:
1.
```
$ TMP_PROJECT_ID="<projId>"
```
2.
```
$ TMP_DOMAIN_ID="<domainId>"
```
3.
```
$ TMP_USER_ID"<userId>"
```
4.
```
$ TMP_GROUP_ID="<groupId>"
```

Execute the following API:

$ curl -X GET $IDENTITY/v3/projects/$TMP_PROJECT_ID/groups/\
$TMP_GROUP_ID/roles -H "X-Auth-Token:$OS_AUTH_TOKEN" \
-H "Content-Type:application/json" | jq .

$ curl -X GET $IDENTITY/v3/projects/$TMP_PROJECT_ID/users/\
$TMP_USER_ID/roles -H "X-Auth-Token:$OS_AUTH_TOKEN" \
-H "Content-Type:application/json" | jq .

$ curl -X GET $IDENTITY/v3/domains/$DOMAIN_ID/groups/\
$TMP_GROUP_ID/roles -H "X-Auth-Token:$OS_AUTH_TOKEN" \
-H "Content-Type:application/json" | jq .

$ curl -X GET $IDENTITY/v3/domains/$DOMAIN_ID/users/\
$TMP_USER_ID/roles -H "X-Auth-Token:$OS_AUTH_TOKEN" \
-H "Content-Type:application/json" | jq .