Set Role Permissions
POST
/web/v1/workspaces/{workspaceId}/roles/{roleId}/permissions JWTSets the permissions assigned to a workspace role. This is a replace operation: all existing permissions are removed and replaced with the provided list.
Required Headers
| Header | Example Value | Description |
|---|---|---|
| Content-Type | application/json | Request content type |
| Accept | application/json | Expected response type |
| X-Client-Hash | Client device fingerprint | |
| Accept-Language | en, zh, zh-Hant, ja, vi | Response language (default: en) |
| Authorization | Bearer | JWT access token |
| X-Workspace-Id | Target workspace ID |
Request Parameters
| Name | Type | Required | In | Description |
|---|---|---|---|---|
workspaceId | String | Required | path | Business ID of the workspace |
roleId | String | Required | path | Business ID of the role |
Request Body
json
{
"permissionCodes": ["workspace:read", "workspace:write"]
}1
2
3
2
3
Request Example
json
{
"permissionCodes": ["workspace:read", "workspace:write", "role:read"]
}1
2
3
2
3
Success Response
Status: 200 OK
Returns the updated role object with the new permission codes.
Success 200
{
"version": "1.3.0",
"timestamp": 1709337600000,
"success": true,
"code": "2000",
"message": "SUCCESS",
"data": {
"bizId": "ROLE_CUSTOM_TEST_001",
"workspaceBizId": "WS_ROLE_TEST_001",
"roleName": "Editor",
"roleType": {
"value": 10010902,
"name": "CUSTOM",
"code": "CUSTOM"
},
"description": "Editor role",
"permissionCodes": [
"workspace:read",
"workspace:write"
],
"createdAt": "2026-03-22T10:30:00Z",
"updatedAt": "2026-03-22T11:00:00Z"
}
}Error Responses
Unauthorized 401
{
"success": false,
"code": "4010",
"message": "Invalid or expired token"
}Notes
- This is a full replace operation, not an append. Send the complete desired permission list.
- Only CUSTOM roles can have permissions set. OWNER roles implicitly have all permissions.
- Requires
workspace:role:writepermission.