In [28]: org_admin_app.application.user Out[28]: <Box: {'type': 'User', 'account_number': '6465273', 'org_id': '6472023', 'email': 'clarkdamon@example.com', 'first_name': 'John', 'last_name': 'Doe', 'is_active': True, 'is_org_admin': True, 'is_internal': False, 'locale': 'en_US', 'jwt_grant_type': 'password', 'username': 'tmack', 'password': '', 'user_id': '6465273', 'cert_type': 'system', 'auth': {'jwt_grant_type': 'password', 'username': 'tmack', 'password': '', 'user_id': '6465273', 'cert_type': 'system', 'cn': 'bjALIadoEiApaZct.example.org'}, 'identity': {'account_number': '6465273', 'org_id': '6472023', 'type': 'User', 'auth_type': 'jwt-auth', 'user': {'username': 'tmack', 'email': 'clarkdamon@example.com', 'first_name': 'John', 'last_name': 'Doe', 'is_active': True, 'is_org_admin': True, 'is_internal': False, 'locale': 'en_US', 'user_id': '6465273'}, 'internal': {'org_id': '6472023', 'auth_time': 23, 'cross_account': False}}, 'entitlements': {'hybrid_cloud': {'is_entitled': True, 'is_trial': False}, 'insights': {'is_entitled': True, 'is_trial': False}, 'openshift': {'is_entitled': True, 'is_trial': False}, 'smart_management': {'is_entitled': True, 'is_trial': False}}}> 

In [47]: org_admin_app.tasks.rbac_api.get_tasks_access()
2026-01-14 05:41:19.131 [    INFO] [iqe.base.rest_client] REST: GET http://rbac-service.ephemeral-5i09ek.svc:8000/api/rbac/v1/access/ with query params [('application', 'tasks')] and x-rh-insights-request-id=None
Out[47]: 
{'data': [{'permission': 'tasks:*:*', 'resource_definitions': []}],
 'links': {'first': '/api/rbac/v1/access/?application=tasks&limit=1&offset=0',
           'last': '/api/rbac/v1/access/?application=tasks&limit=1&offset=0',
           'next': None,
           'previous': None},
 'meta': {'count': 1, 'limit': 1, 'offset': 0}} 

In [29]: non_org_admin_app.application.user Out[29]: <Box: {'type': 'User', 'account_number': '6465273', 'org_id': '6472023', 'email': 'iccrtssrwcutdsgp@example.org', 'first_name': 'PDIFREnxZDcIrwyH', 'last_name': 'PkOsiMNKVGwtgNeO', 'is_active': True, 'is_org_admin': False, 'is_internal': False, 'locale': 'bem_ZM.UTF-8', 'jwt_grant_type': 'password', 'username': 'hiajzxnffvdmpkpd', 'password': '', 'user_id': '6465273', 'cert_type': 'system', 'auth': {'jwt_grant_type': 'password', 'username': 'hiajzxnffvdmpkpd', 'password': '', 'user_id': '6465273', 'cert_type': 'system', 'cn': 'hxWhpxjhOpKokbFX.example.net'}, 'identity': {'account_number': '6465273', 'org_id': '6472023', 'type': 'User', 'auth_type': 'jwt-auth', 'user': {'username': 'hiajzxnffvdmpkpd', 'email': 'iccrtssrwcutdsgp@example.org', 'first_name': 'PDIFREnxZDcIrwyH', 'last_name': 'PkOsiMNKVGwtgNeO', 'is_active': True, 'is_org_admin': False, 'is_internal': False, 'locale': 'bem_ZM.UTF-8', 'user_id': '6465273'}, 'internal': {'org_id': '6472023', 'auth_time': 19, 'cross_account': False}}, 'entitlements': {'ansible': {'is_entitled': True, 'is_trial': False}, 'cost_management': {'is_entitled': True, 'is_trial': False}, 'insights': {'is_entitled': True, 'is_trial': False}, 'migrations': {'is_entitled': True, 'is_trial': False}, 'subscriptions': {'is_entitled': True, 'is_trial': False}, 'settings': {'is_entitled': True, 'is_trial': False}, 'user_preferences': {'is_entitled': True, 'is_trial': False}, 'openshift': {'is_entitled': True, 'is_trial': False}, 'smart_management': {'is_entitled': True, 'is_trial': False}, 'rhel': {'is_entitled': True, 'is_trial': False}, 'rhods': {'is_entitled': True, 'is_trial': False}, 'rhoam': {'is_entitled': True, 'is_trial': False}, 'rhosak': {'is_entitled': True, 'is_trial': False}, 'hybrid_cloud': {'is_entitled': True, 'is_trial': False}}}>  

In [46]: non_org_admin_app.tasks.rbac_api.get_tasks_access()
2026-01-14 05:41:09.351 [    INFO] [iqe.base.rest_client] REST: GET http://rbac-service.ephemeral-5i09ek.svc:8000/api/rbac/v1/access/ with query params [('application', 'tasks')] and x-rh-insights-request-id=None
Out[46]: 
{'data': [],
 'links': {'first': '/api/rbac/v1/access/?application=tasks&limit=0&offset=0',
           'last': '/api/rbac/v1/access/?application=tasks&limit=0&offset=0',
           'next': None,
           'previous': None},
 'meta': {'count': 0, 'limit': 0, 'offset': 0}}
 

In [24]:  user = non_org_admin_app.application.user["auth"]["username"]

In [48]: with org_admin_app.tasks.rbac_api.add_permission_to_user(user, permission="tasks:*:*"):
    ...:     tasks_role=non_org_admin_app.tasks.rbac_api.get_tasks_access()
    ...: 
2026-01-14 05:45:46.910 [    INFO] [iqe.base.rest_client] REST: POST http://rbac-service.ephemeral-5i09ek.svc:8000/api/rbac/v1/roles/ with query params [] and x-rh-insights-request-id=None
---------------------------------------------------------------------------
ApiException                              Traceback (most recent call last)
Cell In[48], line 1
----> 1 with org_admin_app.tasks.rbac_api.add_permission_to_user(user, permission="tasks:*:*"):
.......


packages/iqe_rbac_api/rest.py:224, in RESTClientObject.request(self, method, url, query_params, headers, body, post_params, _preload_content, _request_timeout)
    221     logger.debug("response body: %s", r.data)
    223 if not 200 <= r.status <= 299:
--> 224     raise ApiException(http_resp=r)
    226 return rApiException: (400)
Reason: Bad Request
HTTP response headers: HTTPHeaderDict({'Server': 'gunicorn', 'Date': 'Wed, 14 Jan 2026 05:45:46 GMT', 'Connection': 'keep-alive', 'Content-Type': 'application/json', 'Allow': 'GET, POST, HEAD, OPTIONS', 'X-Frame-Options': 'DENY', 'Content-Length': '97', 'X-Content-Type-Options': 'nosniff', 'Referrer-Policy': 'same-origin', 'Cross-Origin-Opener-Policy': 'same-origin', 'Vary': 'origin'})
HTTP response body: {"errors":[{"detail":"Custom roles cannot be created for tasks","source":"role","status":"400"}]}