Assignments | ZenML - Bridging the gap between ML & Ops

List Role Assignments Endpoint

get

Endpoint to list role assignments.

Args: role_id: ID of the role for which to list assignments. workspace_id: ID of the workspace for which to list assignments. project_id: ID of the project for which to list assignments. user: The authenticated user. rbac: RBAC component.

Returns: The users and teams that have this role assigned to them.

Authorizations

Path parameters

role_idstring · uuidRequired

Query parameters

workspace_idstring · uuidOptional

project_idstring · uuidOptional

Responses

application/json

object[]Optional

Model for viewing role assignments.

application/json

get

GET /roles/{role_id}/assignments HTTP/1.1
Host: 
Accept: */*

[
  {
    "user": {
      "name": "text",
      "avatar_url": "text",
      "company": "text",
      "job_title": "text",
      "metadata": {},
      "password": "text",
      "password_expired": true,
      "email": "name@gmail.com",
      "oauth_provider": "text",
      "oauth_id": "text",
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "is_active": true,
      "is_superuser": true
    },
    "team": {
      "name": "text",
      "description": "text",
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "created": "2025-04-21T16:49:05.607Z",
      "updated": "2025-04-21T16:49:05.607Z",
      "member_count": 1
    },
    "role": {
      "name": "text",
      "description": "text",
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "organization_id": "123e4567-e89b-12d3-a456-426614174000",
      "level": "organization",
      "system_managed": true,
      "type": "normal"
    },
    "organization_id": "123e4567-e89b-12d3-a456-426614174000",
    "workspace_id": "123e4567-e89b-12d3-a456-426614174000",
    "project_id": "123e4567-e89b-12d3-a456-426614174000"
  }
]

Assign Role Endpoint

post

Endpoint to assign a role.

Args: role_id: ID of the role to assign. user_id: ID of the user to assign the role to. team_id: ID of the team to assign the role to. workspace_id: ID of the workspace to assign the role to. project_id: ID of the project to assign the role to. user: The authenticated user. rbac: RBAC component. organization_manager: Organization manager.

Returns: Model of the created role assignment.

Raises: ValueError: If both or None of user_id and team_id are specified. ValueError: If project_id is specified but workspace_id is not. IllegalOperationError: If the user/team and role are not part of the same organization. IllegalOperationError: If the role can't be assigned at the given scope. IllegalOperationError: If the role is a share role.

Authorizations

Path parameters

role_idstring · uuidRequired

Query parameters

user_idstring · uuidOptional

team_idstring · uuidOptional

workspace_idstring · uuidOptional

project_idstring · uuidOptional

Responses

application/json

objectOptional

Model for viewing role assignments.

application/json

post

POST /roles/{role_id}/assignments HTTP/1.1
Host: 
Accept: */*

{
  "user": {
    "name": "text",
    "avatar_url": "text",
    "company": "text",
    "job_title": "text",
    "metadata": {},
    "password": "text",
    "password_expired": true,
    "email": "name@gmail.com",
    "oauth_provider": "text",
    "oauth_id": "text",
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "is_active": true,
    "is_superuser": true
  },
  "team": {
    "name": "text",
    "description": "text",
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "created": "2025-04-21T16:49:05.607Z",
    "updated": "2025-04-21T16:49:05.607Z",
    "member_count": 1
  },
  "role": {
    "name": "text",
    "description": "text",
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "organization_id": "123e4567-e89b-12d3-a456-426614174000",
    "level": "organization",
    "system_managed": true,
    "type": "normal"
  },
  "organization_id": "123e4567-e89b-12d3-a456-426614174000",
  "workspace_id": "123e4567-e89b-12d3-a456-426614174000",
  "project_id": "123e4567-e89b-12d3-a456-426614174000"
}

Revoke Role Endpoint

delete

Endpoint to revoke a role.

Args: role_id: ID of the role to revoke. user_id: ID of the user to revoke the role from. team_id: ID of the team to revoke the role from. workspace_id: ID of the workspace to revoke the role from. project_id: ID of the project to revoke the role from. user: The authenticated user. rbac: RBAC component. organization_manager: Organization manager.

Raises: IllegalOperationError: If trying to revoke the admin role of an organization owner or the last assigned role of any organization member.

Authorizations

Path parameters

role_idstring · uuidRequired

Query parameters

user_idstring · uuidOptional

team_idstring · uuidOptional

workspace_idstring · uuidOptional

project_idstring · uuidOptional

Responses

application/json

anyOptional

application/json

delete

DELETE /roles/{role_id}/assignments HTTP/1.1
Host: 
Accept: */*

No content