Create a new role
Creates a new role in the project. The role is immediately assignable to collaborators, SSO users, and API tokens.
For the conceptual model — project-level vs content permissions, the discriminated-union shape of each positive_* / negative_* entry, and how inheritance is resolved — see the Role resource overview.
Most custom roles are easier to build by duplicating the closest-matching built-in role (e.g. Editor) and then editing the result, rather than constructing a permission tree from zero. Use this endpoint when you genuinely need a role that doesn't resemble any of the existing ones.
Body parameters
Must be exactly "role".
The name of the role
"Editor"
Can edit favicon, global SEO settings and no-index policy
Can change project-wide settings (project name, internal subdomain, frontend preview URL, deployment settings)
Can create and edit the project schema: models, block models, fields, fieldsets, validators, and plugins
Can customize content navigation bar
Can edit per-environment settings of the environments this role has access to: locales, timezone, and UI theme. This is not about creating or switching environments — see can_manage_environments for that, and environments_access for which environments this role can enter at all.
Can promote a sandbox environment to primary (atomic swap) and toggle the project's maintenance mode. Distinct from can_manage_environments, which covers creating/forking/deleting sandboxes.
Specifies the environments the user can access
"primary_only"
Grants access to all environments
Grants access exclusively to the primary environment
Grants access exclusively to sandbox environments
No access to any environment. This value is typically used when the role is intended to inherit access settings from other roles
Can create and edit roles and invite/remove collaborators
Can create and edit shared filters (both for models and the media area)
Can create and edit search indexes
Can create and edit upload collections
Can create and edit build triggers
Can create and edit webhooks
Can create, fork, and delete sandbox environments. Promotion to primary is gated separately by can_promote_environments.
Can manage Single Sign-On settings
Can access Audit Log
Can create and edit workflows
Can manage API tokens
Can perform Site Search API calls
Can access the build events log
Can access the search index events log
Allowed actions on a model (or all) for a role.
The shape of each entry depends on the action (discriminated union). Idiomatic recipes:
- To grant every action, use a single
action: "all"entry withlocalization_scope: "all". - To grant a subset (e.g. create+read+update but not delete), prefer a single
action: "all"entry plusnegative_item_type_permissionsentries for the actions to exclude — instead of listing each allowed action separately.
Permitted action
"all"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
For action: "all" this must be "all".
"all"
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Restrict to moves towards a specific workflow stage.
Permitted action
"read"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Permitted action
"create"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted content scope
"all"
Any content (localized/unlocalized)
Content under a specific locale (locale must be defined)
Non-localized content
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Required (non-null) when localization_scope is "localized"; must be omitted otherwise.
"en"
Permitted action
"update"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Permitted content scope
"all"
Any content (localized/unlocalized)
Content under a specific locale (locale must be defined)
Non-localized content
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Required (non-null) when localization_scope is "localized"; must be omitted otherwise.
"en"
Permitted action
"duplicate"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Permitted action
"delete"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Permitted action
"move_to_stage"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Restrict to moves towards a specific workflow stage.
Prohibited actions on a model (or all) for a role. Negative permissions take precedence and are typically paired with a broader positive action: "all" entry to subtract specific actions (e.g. forbid delete).
Permitted action
"all"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
For action: "all" this must be "all".
"all"
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Restrict to moves towards a specific workflow stage.
Permitted action
"read"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Permitted action
"create"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted content scope
"all"
Any content (localized/unlocalized)
Content under a specific locale (locale must be defined)
Non-localized content
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Required (non-null) when localization_scope is "localized"; must be omitted otherwise.
"en"
Permitted action
"update"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Permitted content scope
"all"
Any content (localized/unlocalized)
Content under a specific locale (locale must be defined)
Non-localized content
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Required (non-null) when localization_scope is "localized"; must be omitted otherwise.
"en"
Permitted action
"duplicate"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Permitted action
"delete"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Permitted action
"move_to_stage"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Restrict to moves towards a specific workflow stage.
Allowed actions on uploads (or all) for a role.
The shape of each entry depends on the action (discriminated union). To grant a subset, prefer a single action: "all" entry plus negative_upload_permissions entries for the actions to exclude.
Permitted action
"all"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
For action: "all" this must be "all".
"all"
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Permitted action
"update"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Permitted content scope
"all"
Any content (localized/unlocalized)
Localized content in a specific locale (locale must be defined)
Non-localized content
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Required (non-null) when localization_scope is "localized"; must be omitted otherwise.
"en"
Permitted action
"create"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Permitted action
"read"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Permitted action
"move"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Restricts the destination upload collection of the move action. When null, any destination is allowed.
Prohibited actions on uploads (or all) for a role. Negative permissions take precedence and are typically paired with a broader positive action: "all" entry to subtract specific actions.
Permitted action
"all"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
For action: "all" this must be "all".
"all"
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Permitted action
"update"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Permitted content scope
"all"
Any content (localized/unlocalized)
Localized content in a specific locale (locale must be defined)
Non-localized content
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Required (non-null) when localization_scope is "localized"; must be omitted otherwise.
"en"
Permitted action
"create"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Permitted action
"read"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Permitted action
"move"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Restricts the destination upload collection of the move action. When null, any destination is allowed.
Build triggers this role is allowed to manually fire. An entry with build_trigger: null covers every build trigger. Note: this does not control creating/editing build triggers themselves — that is gated by can_manage_build_triggers.
Build triggers this role is forbidden from manually firing. Negative entries take precedence over positive ones; pair with a build_trigger: null positive entry to allow all-but-N.
Search indexes this role is allowed to manually re-index. An entry with search_index: null covers every search index. Note: this does not control creating/editing search indexes themselves — that is gated by can_manage_search_indexes.
Search indexes this role is forbidden from manually re-indexing. Negative entries take precedence over positive ones; pair with a search_index: null positive entry to allow all-but-N.
The final set of permissions considering also inherited roles
Can change project-wide settings (project name, internal subdomain, frontend preview URL, deployment settings)
Can edit favicon, global SEO settings and no-index policy
Can create and edit the project schema: models, block models, fields, fieldsets, validators, and plugins
Can customize content navigation bar
Can create and edit roles and invite/remove collaborators
Can create, fork, and delete sandbox environments. Promotion to primary is gated separately by can_promote_environments.
Can create and edit webhooks
Specifies the environments the user can access
"primary_only"
Grants access to all environments
Grants access exclusively to the primary environment
Grants access exclusively to sandbox environments
No access to any environment. This value is typically used when the role is intended to inherit access settings from other roles
Can manage Single Sign-On settings
Can access Audit Log
Can create and edit workflows
Can edit per-environment settings of the environments this role has access to: locales, timezone, and UI theme. This is not about creating or switching environments — see can_manage_environments for that, and environments_access for which environments this role can enter at all.
Can promote a sandbox environment to primary (atomic swap) and toggle the project's maintenance mode. Distinct from can_manage_environments, which covers creating/forking/deleting sandboxes.
Can create and edit shared filters (both for models and the media area)
Can create and edit search indexes
Can create and edit build triggers
Can create and edit upload collections
Can manage API tokens
Can perform Site Search API calls
Can access the build events log
Can access the search index events log
Allowed actions on a model (or all) for a role.
The shape of each entry depends on the action (discriminated union). Idiomatic recipes:
- To grant every action, use a single
action: "all"entry withlocalization_scope: "all". - To grant a subset (e.g. create+read+update but not delete), prefer a single
action: "all"entry plusnegative_item_type_permissionsentries for the actions to exclude — instead of listing each allowed action separately.
Permitted action
"all"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
For action: "all" this must be "all".
"all"
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Restrict to moves towards a specific workflow stage.
Permitted action
"read"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Permitted action
"create"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted content scope
"all"
Any content (localized/unlocalized)
Content under a specific locale (locale must be defined)
Non-localized content
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Required (non-null) when localization_scope is "localized"; must be omitted otherwise.
"en"
Permitted action
"update"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Permitted content scope
"all"
Any content (localized/unlocalized)
Content under a specific locale (locale must be defined)
Non-localized content
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Required (non-null) when localization_scope is "localized"; must be omitted otherwise.
"en"
Permitted action
"duplicate"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Permitted action
"delete"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Permitted action
"move_to_stage"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Restrict to moves towards a specific workflow stage.
Prohibited actions on a model (or all) for a role. Negative permissions take precedence and are typically paired with a broader positive action: "all" entry to subtract specific actions (e.g. forbid delete).
Permitted action
"all"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
For action: "all" this must be "all".
"all"
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Restrict to moves towards a specific workflow stage.
Permitted action
"read"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Permitted action
"create"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted content scope
"all"
Any content (localized/unlocalized)
Content under a specific locale (locale must be defined)
Non-localized content
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Required (non-null) when localization_scope is "localized"; must be omitted otherwise.
"en"
Permitted action
"update"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Permitted content scope
"all"
Any content (localized/unlocalized)
Content under a specific locale (locale must be defined)
Non-localized content
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Required (non-null) when localization_scope is "localized"; must be omitted otherwise.
"en"
Permitted action
"duplicate"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Permitted action
"delete"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Permitted action
"move_to_stage"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific model. When null, the permission applies to all models.
Restricts the permission to records associated with a specific workflow. Mutually exclusive with item_type.
Restrict to records currently on a workflow stage.
Restrict to moves towards a specific workflow stage.
Allowed actions on uploads (or all) for a role.
The shape of each entry depends on the action (discriminated union). To grant a subset, prefer a single action: "all" entry plus negative_upload_permissions entries for the actions to exclude.
Permitted action
"all"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
For action: "all" this must be "all".
"all"
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Permitted action
"update"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Permitted content scope
"all"
Any content (localized/unlocalized)
Localized content in a specific locale (locale must be defined)
Non-localized content
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Required (non-null) when localization_scope is "localized"; must be omitted otherwise.
"en"
Permitted action
"create"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Permitted action
"read"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Permitted action
"move"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Restricts the destination upload collection of the move action. When null, any destination is allowed.
Prohibited actions on uploads (or all) for a role. Negative permissions take precedence and are typically paired with a broader positive action: "all" entry to subtract specific actions.
Permitted action
"all"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
For action: "all" this must be "all".
"all"
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Permitted action
"update"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Permitted content scope
"all"
Any content (localized/unlocalized)
Localized content in a specific locale (locale must be defined)
Non-localized content
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Required (non-null) when localization_scope is "localized"; must be omitted otherwise.
"en"
Permitted action
"create"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Permitted action
"read"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Permitted action
"move"
ID of environment. Can only contain lowercase letters, numbers and dashes
"main"
Permitted creator
"anyone"
Created by anyone
Created by the user itself
Created by a user with the same role
Restricts the permission to a specific upload collection. When null, the permission applies to all collections.
Restricts the destination upload collection of the move action. When null, any destination is allowed.
Build triggers this role is allowed to manually fire. An entry with build_trigger: null covers every build trigger. Note: this does not control creating/editing build triggers themselves — that is gated by can_manage_build_triggers.
Build triggers this role is forbidden from manually firing. Negative entries take precedence over positive ones; pair with a build_trigger: null positive entry to allow all-but-N.
Search indexes this role is allowed to manually re-index. An entry with search_index: null covers every search index. Note: this does not control creating/editing search indexes themselves — that is gated by can_manage_search_indexes.
Search indexes this role is forbidden from manually re-indexing. Negative entries take precedence over positive ones; pair with a search_index: null positive entry to allow all-but-N.
The roles from which this role inherits permissions
Returns
Returns a resource object of type role.
Examples
POST https://site-api.datocms.com/roles HTTP/1.1Authorization: Bearer YOUR-API-TOKENAccept: application/jsonX-Api-Version: 3Content-Type: application/vnd.api+json
{ "data": { "type": "role", "attributes": { "name": "Editor" } }}curl -g 'https://site-api.datocms.com/roles' \ -X POST \ -H "Authorization: Bearer YOUR-API-TOKEN" \ -H "Accept: application/json" \ -H "X-Api-Version: 3" \ -H "Content-Type: application/vnd.api+json" \ --data-binary '{"data":{"type":"role","attributes":{"name":"Editor"}}}'await fetch("https://site-api.datocms.com/roles", { method: "POST", headers: { Authorization: "Bearer YOUR-API-TOKEN", Accept: "application/json", "X-Api-Version": "3", "Content-Type": "application/vnd.api+json", }, body: JSON.stringify({ data: { type: "role", attributes: { name: "Editor" } }, }),});HTTP/1.1 200 OKContent-Type: application/jsonCache-Control: cache-control: max-age=0, private, must-revalidateX-RateLimit-Limit: 30X-RateLimit-Remaining: 28
{ "data": { "type": "role", "id": "34", "attributes": { "name": "Editor", "can_edit_site": true, "can_edit_favicon": true, "can_edit_schema": true, "can_manage_menu": true, "can_manage_users": true, "can_manage_shared_filters": true, "can_manage_search_indexes": true, "can_manage_upload_collections": true, "can_manage_environments": true, "can_manage_webhooks": true, "environments_access": "primary_only", "can_manage_sso": true, "can_access_audit_log": true, "can_manage_workflows": true, "can_edit_environment": true, "can_promote_environments": true, "can_manage_build_triggers": true, "can_manage_access_tokens": true, "can_perform_site_search": true, "can_access_build_events_log": true, "can_access_search_index_events_log": true, "positive_item_type_permissions": [ { "action": "all", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "read", "environment": "main", "on_creator": "anyone" }, { "action": "create", "environment": "main", "localization_scope": "all" }, { "action": "update", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "duplicate", "environment": "main" }, { "action": "delete", "environment": "main", "on_creator": "anyone" }, { "action": "move_to_stage", "environment": "main", "on_creator": "anyone" } ], "negative_item_type_permissions": [ { "action": "all", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "read", "environment": "main", "on_creator": "anyone" }, { "action": "create", "environment": "main", "localization_scope": "all" }, { "action": "update", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "duplicate", "environment": "main" }, { "action": "delete", "environment": "main", "on_creator": "anyone" }, { "action": "move_to_stage", "environment": "main", "on_creator": "anyone" } ], "positive_upload_permissions": [ { "action": "all", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "update", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "create", "environment": "main" }, { "action": "read", "environment": "main", "on_creator": "anyone" }, { "action": "move", "environment": "main", "on_creator": "anyone" } ], "negative_upload_permissions": [ { "action": "all", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "update", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "create", "environment": "main" }, { "action": "read", "environment": "main", "on_creator": "anyone" }, { "action": "move", "environment": "main", "on_creator": "anyone" } ], "positive_build_trigger_permissions": [ {} ], "negative_build_trigger_permissions": [ {} ], "positive_search_index_permissions": [ {} ], "negative_search_index_permissions": [ {} ] }, "relationships": { "inherits_permissions_from": { "data": [ { "type": "role", "id": "34" } ] } }, "meta": { "final_permissions": { "can_edit_site": true, "can_edit_favicon": true, "can_edit_schema": true, "can_manage_menu": true, "can_manage_users": true, "can_manage_environments": true, "can_manage_webhooks": true, "environments_access": "primary_only", "can_manage_sso": true, "can_access_audit_log": true, "can_manage_workflows": true, "can_edit_environment": true, "can_promote_environments": true, "can_manage_shared_filters": true, "can_manage_search_indexes": true, "can_manage_build_triggers": true, "can_manage_upload_collections": true, "can_manage_access_tokens": true, "can_perform_site_search": true, "can_access_build_events_log": true, "can_access_search_index_events_log": true, "positive_item_type_permissions": [ { "action": "all", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "read", "environment": "main", "on_creator": "anyone" }, { "action": "create", "environment": "main", "localization_scope": "all" }, { "action": "update", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "duplicate", "environment": "main" }, { "action": "delete", "environment": "main", "on_creator": "anyone" }, { "action": "move_to_stage", "environment": "main", "on_creator": "anyone" } ], "negative_item_type_permissions": [ { "action": "all", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "read", "environment": "main", "on_creator": "anyone" }, { "action": "create", "environment": "main", "localization_scope": "all" }, { "action": "update", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "duplicate", "environment": "main" }, { "action": "delete", "environment": "main", "on_creator": "anyone" }, { "action": "move_to_stage", "environment": "main", "on_creator": "anyone" } ], "positive_upload_permissions": [ { "action": "all", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "update", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "create", "environment": "main" }, { "action": "read", "environment": "main", "on_creator": "anyone" }, { "action": "move", "environment": "main", "on_creator": "anyone" } ], "negative_upload_permissions": [ { "action": "all", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "update", "environment": "main", "on_creator": "anyone", "localization_scope": "all" }, { "action": "create", "environment": "main" }, { "action": "read", "environment": "main", "on_creator": "anyone" }, { "action": "move", "environment": "main", "on_creator": "anyone" } ], "positive_build_trigger_permissions": [ {} ], "negative_build_trigger_permissions": [ {} ], "positive_search_index_permissions": [ {} ], "negative_search_index_permissions": [ {} ] } } }}