Roles & Permissions

As the account admin, you are free to create roles and assign them permissions however best fit your use patterns. Each account has its own set of permissions. They can be seen by requesting the following endpoint.

GET /permissions

Loading...

Run Code (Cmd + Enter)Reset CodeVIM Disabled

Output:

The output received from the permissions endpoint is all the permissions an account has available. No permissions beyond what are listed here can be assigned to a user or role.

Only SuperAdmins can add and delete permissions from an account, if you believe there is an error in the permissions your account has please contact the System Adminstrator.

Note

You can read more about all the possible permissions that are available and what they mean in the Permissions Reference

Account Roles

Most accounts are created from a template that has pre-defined roles and permissions already setup. Let’s see what those are for us.

GET /roles

Loading...

Run Code (Cmd + Enter)Reset CodeVIM Disabled

Output:

The above output shows a list that looks similar to this:

[
  {
    "id": 243,
    "role": "agent",
    "accountId": "4731740365629714",
    "users": [],
    "permissions": ["readSupport"]
  },
  {
    "id": 244,
    "role": "user",
    "accountId": "4731740365629714",
    "users": [],
    "permissions": ["readSupport"]
  }
]

This endpoint provides all of the following details:

• All the roles the selected account currently has
• Users who are assigned those roles
• The permissions granted to those roles

Create a new Role

POST /roles

Loading...

Run Code (Cmd + Enter)Reset CodeVIM Disabled

Output:

If all went well you should see a message indicating the successful creation of the new ManagerTwo role. If you try to submit this twice, you will get an error about Duplication.

Now you can go back up to list roles and running that query again should now have a list that contains your newly create role.

Next we’ll see how to add permissions and users to this new role.

Assigning permissions to a role

We can assign any number of permissions to a single role as we want. The only restriction is that the permission must also be granted at the account level. For example, if the account level does not have readCRM permission, the this permission will not be able to be assigned to any roles.

PATCH /roles/{role}

Loading...

Run Code (Cmd + Enter)Reset CodeVIM Disabled

Output:

After running the code above the new ManagerTwo role should have a readSupport permission.

Lets assign a user to this role.

Adding roles to users

PATCH /users/{email}/roles

Loading...

Run Code (Cmd + Enter)Reset CodeVIM Disabled

Output:

Tip

You can also assign roles during user creation by including a roles array in the request body when creating a new user. This simplifies user setup by eliminating the need for a separate role assignment request.

See the Account Users - User Creation section for more details.

References

For more information on the endpoints covered in this guide see the API References below

GET /permissions

GET /roles

POST /roles

PATCH /roles/{role}

PATCH /users/{email}/roles