roles
Returns all roles.
Happy response.
Error object.
GET /v1/roles HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"items": [
{
"name": "text",
"display_name": "text",
"lrn": "text",
"description": "text",
"id": "text",
"created_at": "2025-10-24T17:11:22.330Z",
"policy_length": 1,
"metadata": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}
]
}Creates a new role.
Contains the fields needed to create a role.
Sets the unique name of the new role. It must be a valid HQ resource name: it can only contain lowercase alphanumeric characters or hyphens; hyphens cannot appear at the end or start; the length is 63 characters at most.
Sets the display name of the new role. If not provided, the value of "name" will be used.
Sets the description of the new role.
Happy response.
Error object.
POST /v1/roles HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 168
{
"name": "text",
"display_name": "text",
"description": "text",
"policy": [
{
"effect": "allow",
"action": "text",
"resource": "text"
}
],
"metadata": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}{
"name": "text",
"display_name": "text",
"lrn": "text",
"description": "text",
"id": "text",
"created_at": "2025-10-24T17:11:22.330Z",
"policy": [
{
"effect": "allow",
"action": "text",
"resource": "text"
}
],
"metadata": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}Adds a permission statement to an existing Role's policy. No deduplication is done.
Describes the effect for an action and resource.
Enumerates permission effects.
Is either a single action or a list of actions.
Is either a single string or a list of strings.
Happy response.
Error object.
POST /v1/roles/{name}/policy HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 52
{
"effect": "allow",
"action": "text",
"resource": "text"
}{
"name": "text",
"display_name": "text",
"lrn": "text",
"description": "text",
"id": "text",
"created_at": "2025-10-24T17:11:22.330Z",
"policy": [
{
"effect": "allow",
"action": "text",
"resource": "text"
}
],
"metadata": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}Returns a specific role.
Happy response.
Error object.
GET /v1/roles/{name} HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"name": "text",
"display_name": "text",
"lrn": "text",
"description": "text",
"id": "text",
"created_at": "2025-10-24T17:11:22.330Z",
"policy": [
{
"effect": "allow",
"action": "text",
"resource": "text"
}
],
"metadata": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}Deletes a role.
Successful deletion.
No content
Error object.
DELETE /v1/roles/{name} HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
No content
Updates a role.
Updates a role. Absent fields are left untouched.
Updates the display name of the role.
Updates the description of the role.
Happy response.
Error object.
PATCH /v1/roles/{name} HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 154
{
"display_name": "text",
"description": "text",
"policy": [
{
"effect": "allow",
"action": "text",
"resource": "text"
}
],
"metadata": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}{
"name": "text",
"display_name": "text",
"lrn": "text",
"description": "text",
"id": "text",
"created_at": "2025-10-24T17:11:22.330Z",
"policy": [
{
"effect": "allow",
"action": "text",
"resource": "text"
}
],
"metadata": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}Last updated
Was this helpful?