/admin/roles/{role_id}/childrenQuery all direct child roles (next level) of a specified role. References: NIST SP 800-53 AC-2 (Account Management), AC-6 (Least Privilege), OWASP ASVS V1.2 (Access Control Architecture).
| Name | In | Type | Required | Default | Example | Constraints | Description |
|---|---|---|---|---|---|---|---|
role_id |
path |
string |
Yes | Role ID |
| Status | Description | Schema |
|---|---|---|
| 200 | List of child roles | gitee_com_linmes_authms_base_dto.DataResponse-array_gitee_com_linmes_authms_micro-services_rbac-service_internal_handler_dto_RoleResponse |
| 400 | Invalid request parameters | dto.Problem |
| 401 | Unauthenticated | dto.Problem |
| 403 | Forbidden (non-admin) | dto.Problem |
| 404 | Role not found | dto.Problem |
| 500 | Internal server error | dto.Problem |
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
code |
string |
No | Code is the error code (optional) used by programs to identify error types, e.g., "required", "format", "range" | ||
description |
string |
No | Description is a human-readable error description that should explain which rule was violated, e.g., "Must be a valid email address" | ||
field |
string |
No | Field is the path to the error field, using dot notation for nested fields, e.g., "user.email" or "addresses[0].city" | ||
value |
object |
No | Value is the value that caused the error (optional, used in development mode); may not be returned in production to avoid leaking sensitive information |
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
code |
integer |
No | Code is the business error code used by programs to handle specific error scenarios. Example: 30101001 | ||
detail |
string |
No | Detail is a human-readable explanation specific to this error instance, which may include specific error details, e.g., "Field 'email' is required" | ||
errors |
array of |
No | Errors is a list of field-level validation errors (extension field), following Web API standard practices, each error contains the field name and error message | ||
i18n_args |
object |
No | I18nArgs are internationalization parameters used to dynamically fill translation templates | ||
i18n_key |
string |
No | I18nKey is the internationalization key used for client-side localization of error messages. Example: "error.user_not_found" | ||
instance |
string |
No | Instance is the specific URI reference where the problem occurred, usually the request URL, possibly including query parameters. Example: "/api/v1/users?limit=invalid" | ||
request_id |
string |
No | RequestID is the unique request identifier used for log correlation and issue tracking. Example: "req_550e8400-e29b-41d4-a716-446655440000" | ||
retry_after |
integer |
No | RetryAfter is used for 429 Too Many Requests responses, indicating how many seconds the client should wait before retrying (RFC 6585) | ||
service |
string |
No | Service is the service name used in microservice architectures to locate the error source. Example: "auth-service" | ||
span_id |
string |
No | SpanID is the current span identifier used to precisely locate the current node in a distributed trace | ||
status |
integer |
No | Status is the HTTP status code generated, used by clients to distinguish problem types, does not change with Accept-Language. Example: 400, 401, 403, 404, 500 | ||
timestamp |
string |
No | Timestamp is the time the error occurred, in ISO 8601 format. Example: "2026-04-03T12:00:00Z" | ||
title |
string |
No | Title is a short, human-readable summary of the problem type; the same Type should always have the same Title (does not vary by instance). Example: "Invalid Request Parameters" | ||
trace_id |
string |
No | TraceID is the distributed tracing identifier, following the W3C Trace Context standard. Example: "00-0af7651916cd43dd8448eb211c80319c-b7ad6b7169203331-01" | ||
type |
string |
No | Type is a URI reference that identifies the problem type; when dereferenced, it should provide human-readable documentation. Example: "https://api.example.com/errors/invalid-request" |
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
code |
integer |
No | |||
data |
array of See |
No | |||
message |
string |
No | |||
timestamp |
string |
No |
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
code |
string |
No | admin |
Role code | |
created_at |
string |
No | 2026-01-01T00:00:00Z |
Creation time | |
data_scope |
string |
No | self |
Data scope | |
description |
string |
No | System administrator |
Description | |
id |
string |
No | rol_abc123 |
Role ID | |
is_system |
boolean |
No | False |
Is system role | |
name |
string |
No | Administrator |
Role name | |
parent_id |
string |
No | rol_parent |
Parent role ID | |
tenant_id |
string |
No | tnt_xyz789 |
Tenant ID | |
updated_at |
string |
No | 2026-04-10T14:20:00Z |
Update time |