GitHubStart free

Assignments

List Role Assignments Endpoint

get

Endpoint to list role assignments.

Args: role_id: ID of the role for which to list assignments. workspace_id: ID of the workspace for which to list assignments. project_id: ID of the project for which to list assignments. user: The authenticated user. rbac: RBAC component.

Returns: The users and teams that have this role assigned to them.

Authorizations
OAuth2clientCredentialsRequired
Token URL: Refresh URL:
OAuth2authorizationCodeRequired
Authorization URL: Token URL: Refresh URL:
Path parameters
role_idstring · uuidRequired
Query parameters
workspace_idany ofOptional
string · uuidOptional
or
nullOptional
project_idany ofOptional
string · uuidOptional
or
nullOptional
Responses
200

Successful Response

application/json
get
/roles/{role_id}/assignments
GET /roles/{role_id}/assignments HTTP/1.1
Host: 
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

[
  {
    "user": {
      "password": "text",
      "password_expired": true,
      "name": "text",
      "avatar_url": "text",
      "company": "text",
      "job_title": "text",
      "metadata": {},
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "username": "text",
      "email": "text",
      "oauth_provider": "text",
      "oauth_id": "text",
      "is_active": true,
      "is_superuser": false,
      "is_service_account": false,
      "organization_id": "123e4567-e89b-12d3-a456-426614174000",
      "is_onboarded": false
    },
    "team": {
      "name": "text",
      "description": "text",
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "created": "2025-11-14T18:08:15.274Z",
      "updated": "2025-11-14T18:08:15.274Z",
      "member_count": 1
    },
    "role": {
      "name": "text",
      "description": "text",
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "organization_id": "123e4567-e89b-12d3-a456-426614174000",
      "level": "organization",
      "system_managed": true,
      "type": "normal"
    },
    "organization_id": "123e4567-e89b-12d3-a456-426614174000",
    "workspace_id": "123e4567-e89b-12d3-a456-426614174000",
    "project_id": "123e4567-e89b-12d3-a456-426614174000"
  }
]

Assign Role Endpoint

post

Endpoint to assign a role.

Args: role_id: ID of the role to assign. user_id: ID of the user to assign the role to. team_id: ID of the team to assign the role to. workspace_id: ID of the workspace to assign the role to. project_id: ID of the project to assign the role to. user: The authenticated user. rbac: RBAC component. organization_manager: Organization manager.

Returns: Model of the created role assignment.

Raises: ValueError: If both or None of user_id and team_id are specified. ValueError: If project_id is specified but workspace_id is not. IllegalOperationError: If the user/team and role are not part of the same organization. IllegalOperationError: If the role can't be assigned at the given scope. IllegalOperationError: If the role is a share role.

Authorizations
OAuth2clientCredentialsRequired
Token URL: Refresh URL:
OAuth2authorizationCodeRequired
Authorization URL: Token URL: Refresh URL:
Path parameters
role_idstring · uuidRequired
Query parameters
user_idany ofOptional
string · uuidOptional
or
nullOptional
team_idany ofOptional
string · uuidOptional
or
nullOptional
workspace_idany ofOptional
string · uuidOptional
or
nullOptional
project_idany ofOptional
string · uuidOptional
or
nullOptional
Responses
200

Successful Response

application/json
post
/roles/{role_id}/assignments
POST /roles/{role_id}/assignments HTTP/1.1
Host: 
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

{
  "user": {
    "password": "text",
    "password_expired": true,
    "name": "text",
    "avatar_url": "text",
    "company": "text",
    "job_title": "text",
    "metadata": {},
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "username": "text",
    "email": "text",
    "oauth_provider": "text",
    "oauth_id": "text",
    "is_active": true,
    "is_superuser": false,
    "is_service_account": false,
    "organization_id": "123e4567-e89b-12d3-a456-426614174000",
    "is_onboarded": false
  },
  "team": {
    "name": "text",
    "description": "text",
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "created": "2025-11-14T18:08:15.274Z",
    "updated": "2025-11-14T18:08:15.274Z",
    "member_count": 1
  },
  "role": {
    "name": "text",
    "description": "text",
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "organization_id": "123e4567-e89b-12d3-a456-426614174000",
    "level": "organization",
    "system_managed": true,
    "type": "normal"
  },
  "organization_id": "123e4567-e89b-12d3-a456-426614174000",
  "workspace_id": "123e4567-e89b-12d3-a456-426614174000",
  "project_id": "123e4567-e89b-12d3-a456-426614174000"
}

Revoke Role Endpoint

delete

Endpoint to revoke a role.

Args: role_id: ID of the role to revoke. user_id: ID of the user to revoke the role from. team_id: ID of the team to revoke the role from. workspace_id: ID of the workspace to revoke the role from. project_id: ID of the project to revoke the role from. user: The authenticated user. rbac: RBAC component. organization_manager: Organization manager.

Raises: IllegalOperationError: If trying to revoke the admin role of an organization owner or the last assigned role of any organization member.

Authorizations
OAuth2clientCredentialsRequired
Token URL: Refresh URL:
OAuth2authorizationCodeRequired
Authorization URL: Token URL: Refresh URL:
Path parameters
role_idstring · uuidRequired
Query parameters
user_idany ofOptional
string · uuidOptional
or
nullOptional
team_idany ofOptional
string · uuidOptional
or
nullOptional
workspace_idany ofOptional
string · uuidOptional
or
nullOptional
project_idany ofOptional
string · uuidOptional
or
nullOptional
Responses
200

Successful Response

application/json
Responseany
delete
/roles/{role_id}/assignments
DELETE /roles/{role_id}/assignments HTTP/1.1
Host: 
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

No content
PreviousRolesNextPermissions

Last updated

Was this helpful?