Skip to content

Update a role

PUT
/api/security/roles/{id}
curl --request PUT \
--url https://example.com/api/security/roles/example \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '{ "name": "example", "description": "example", "roles": [ "example" ], "groups": [ "example" ], "repos": [ { "CACHE_ROOT": "my-repo", "id": "repo-123", "permission": "write" } ] }'

Updates an existing role

id
required

Role ID

string
Media typeapplication/json
object
name

Display name

string
description

Description

string
roles

Role assignments

Array<string>
groups

Group memberships

Array<string>
repos

Repository permissions

Array<object>
object
CACHE_ROOT
required

Repository namespace

string
Example
my-repo
id
required

Repository ID

string
Example
repo-123
permission
required

Permission level (view, write, admin)

string
Example
write

Role updated successfully

Media typeapplication/json
object
id
required

Role ID

string
searchId
required

Searchable ID

string
name
required

Role name

string
groups

Groups with this role

Array<string>
default:
users

Users with this role

Array<string>
default:
repos

Repository permissions (legacy coarse model)

Array<object>
default:
object
CACHE_ROOT
required

Repository namespace

string
id
required

Repository ID

string
permission
required

Permission level (view, write, admin)

string
type

Entity type

string
default: role
description

Role description

string
""
bundles

Permission bundle IDs this role inherits from

Array<string>
default:
permissions

Granular permission grants on this role, in addition to bundle-derived permissions

object
global

Permission keys held by this role at global scope

Array<string>
default:
repos

Per-repo permission grants keyed by repo ID. Type-qualified entries take the form ‘:’.

object
key
additional properties
Array<string>
sites

Per-site permission grants keyed by site ID

object
key
additional properties
Array<string>
overrides

Global grant/revoke applied on top of bundle and per-scope permissions

object
grant

Permission keys granted in addition to bundles, applied globally

Array<string>
default:
revoke

Permission keys revoked from the bundle-derived set, applied globally

Array<string>
default:
Example
{
"id": "editor",
"searchId": "editor",
"name": "Editor",
"groups": [],
"users": [],
"repos": [],
"type": "role",
"description": "",
"bundles": [],
"permissions": {
"global": [],
"repos": {},
"sites": {}
},
"overrides": {
"grant": [],
"revoke": []
}
}

Invalid request