# Update user role

This endpoint updates a given role. Any parameters not provided in the request will be left unchanged.

Method	Path	Operation*
PATCH	/roles/{role}	update_user_role

In order for a user to perform the "update_user_role" operation, the "update_user_role" permission must be included in the list of allowed actions in the statement of the user's role.

# Request

Parameter Type In Description

{role}
required string path role UUID.

name
optional * string body Name of the role. It must match the regular expression(opens new window) ^[0-9A-Za-z][0-9A-Za-z_ \-]{0,30}[0-9A-Za-z]$. It does not need to be unique in the context of the account.

rules
optional * dictionary body Rules control access to a "twin", an "entry" or an "identity". If a rule evaluates to True, it allows to access the given resource.

statement
optional *

dictionary

body

Lists "actions" corresponding with the names of endpoint operations a user with the role is allowed ("effect": "allow") or not allowed ("effect": "deny") to perform.

Parameter	Type	In	Description
effect required	string, value is `"allow"` or `"deny"`	body	Permission to perform an `"action"` applied at the level of the account.
actions required	list	body	List of `"actions"` that we grant the user with the role the permission to perform. For a list of available actions, please consult the Available actions section.

Any optional parameters not provided in the request will be left unchanged. Any optional parameters provided in the request will replace current parameters.

# Response

Attribute Type Description

uuid string Role UUID.

name string Name of the role. It must match the regular expression(opens new window) ^[0-9A-Za-z][0-9A-Za-z_ \-]{0,30}[0-9A-Za-z]$. It does not need to be unique in the context of the account.

account string Account UUID.

rules dictionary Rules control access to a "twin", an "entry" or an "identity". If a rule evaluates to True, it allows to access the given resource.

statement

dictionary

Lists "actions" that correspond with the names of endpoint operations that a user with the role is allowed or not allowed to perform.

Attribute	Type	Description
effect	string, value is `"allow"` or `"deny"`	Permission or to perform an `"action"` applied at the level of the account.
actions	list	List of actions that we grant the user with the role the permission to perform. For a list of available actions, please consult the Available actions section.

created_ts timestamp Time at which the role was created. Measured in seconds (to three decimal places) that have elapsed since the Unix epoch(opens new window).

updated_ts timestamp Time at which the role was last updated. Measured in seconds (to three decimal places) that have elapsed since the Unix epoch(opens new window).

# Status codes

Requests to this endpoint result in generic status codes. For a comprehensive list of status codes, please consult the Status codes section.

← Get user roles Delete user role →

# Update user role

# Request

# Response

# Status codes

Was this article helpful?