# Retrieves all roles defined within the specified scope

RBAC: requires Roles.Read

Endpoint: GET /api/v1/rbac/scopes/{scope}/roles
Version: 1.0
Security: 

## Path parameters:

  - `scope` (string, required)
    Scope to filter permissions, if omitted assumes GlobalScope
    Example: "System or gr_05hxcvk1hjexere4pvtrj0hggt"

## Response 200 fields (application/json):

  - `roleId` (string, required)
    Unique identifier for the role
    Example: "\n        'admin',\n        'System:admin',\n        'rr_01hxcvk1hjexere4pvtrj0ymqq',\n        'System:rr_01hxcvk1hjexere4pvtrj0ymqq',\n        'gr_1lkjvfdoibb126576:rr_01hxcvk1hjexere4pvtrj0ymqq',\n    "

  - `name` (string, required)
    Name of the role, unique within its scope
    Example: "ADMIN"

  - `description` (string,null)
    Optional description of the role's purpose and responsibilities
    Example: "System administrator with full access"

  - `permissions` (object, required)
    Set of permissions assigned to this role

  - `permissions.resourceAccess` (array, required)
    List of type-safe resource-specific access controls

  - `permissions.resourceAccess.resource` (string, required)
    The type-safe resource being controlled

  - `permissions.resourceAccess.actions` (array, required)
    List of allowed type-safe actions for this resource

  - `createdAt` (string, required)
    Timestamp when the role was created
    Example: "2022-03-10T16:15:50Z"

  - `updatedAt` (string, required)
    Timestamp when the role was last updated
    Example: "2022-03-10T16:15:50Z"