Role Mapping
Look up which job roles a STIG applies to. Every mapping links a STIG benchmark to an O*NET occupation, and — when a NICE Work Role applies — enriches the row with the NICE identifier, category, and name from the NIST NICE Workforce Framework.
Roles mapped to a benchmark
Return every O*NET occupation mapped to a given STIG, plus NICE Work Role
metadata where available. The endpoint is session-authenticated, not token-based;
free-tier sessions get a gated: true response with an empty mappings array so
that the caller cannot infer whether mappings exist.
GET /api/v1/role-mapping/benchmark/{benchmarkId}/roles
Parameters
- Name
benchmarkId- Type
- string
- Description
Benchmark ID (numeric or slug) — see the List STIGs endpoint to discover IDs.
Response
Response
{
"gated": false,
"federal": true,
"mappings": [
{
"id": 123,
"onetCode": "15-1212.00",
"occupationTitle": "Information Security Analysts",
"jobZone": 4,
"confidenceScore": 0.92,
"roleResponsibilityLevel": "Primary",
"mappingSource": "automated",
"mappingReason": "NICE Work Role match",
"niceWorkRoleId": "PD-WRL-001",
"niceWorkRoleName": "Cybersecurity Architect",
"niceCategoryCode": "PD",
"niceCategoryName": "Protection and Defense"
}
]
}
When the caller's session lacks the O*NET product entitlement, the response is gated:
Gated response
{
"gated": true,
"federal": false,
"mappings": []
}
Returns 400 if benchmarkId is missing or malformed.