Skip to content
Developer Portal Karmo Developer Portal

Replace Role Permissions

PUT
/auth/access-management/organizations/{organizationId}/roles/{slug}/permissions

Requires Authorization: Bearer <service JWT> in deployed environments. Mint the JWT through POST /auth/token with AWS SigV4 credentials. Replaces the complete permission set for the organization role. Unknown permission slugs are created in WorkOS before the role assignment is updated.

Authorizations

Section titled “Authorizations ”

Parameters

Section titled “ Parameters ”

Path Parameters

Section titled “Path Parameters ”
slug
required
string
org-admin

Organization role slug. Must start with ‘org-’ followed by lowercase letters, numbers, hyphens, or underscores.

organizationId
required
string
org_123

Provider tenant or organization identifier. In WorkOS mode this is the WorkOS organization id, for example org_123.

Request Body required

Section titled “Request Body required ”
object
permissions
required

Complete replacement set of permission slugs for the role. Allowed characters: lowercase letters, numbers, colons, periods, underscores, hyphens, and asterisks.

Array<string>
[
  "reports:export",
  "users:write"
]

Responses

Section titled “ Responses ”

204

Section titled “204 ”

Role permissions replaced

400

Section titled “400 ”

BAD_REQUEST

object
type
required
string format: uri
title
required
string
status
required
integer
detail
string
instance
string
karmoCode
required

Karmo 8-digit error code.

string
/^[0-9]{8}$/
karmoMeta

Domain-level metadata emitted by the service.

object
key
additional properties
any
karmoErrors
Array<object>
object
detail
required

Human-readable detail for the specific field error.

string
pointer
required

JSON pointer to the offending value.

string
/email

401

Section titled “401 ”

UNAUTHORIZED

object
type
required
string format: uri
title
required
string
status
required
integer
detail
string
instance
string
karmoCode
required

Karmo 8-digit error code.

string
/^[0-9]{8}$/
karmoMeta

Domain-level metadata emitted by the service.

object
key
additional properties
any
karmoErrors
Array<object>
object
detail
required

Human-readable detail for the specific field error.

string
pointer
required

JSON pointer to the offending value.

string
/email

403

Section titled “403 ”

FORBIDDEN

object
type
required
string format: uri
title
required
string
status
required
integer
detail
string
instance
string
karmoCode
required

Karmo 8-digit error code.

string
/^[0-9]{8}$/
karmoMeta

Domain-level metadata emitted by the service.

object
key
additional properties
any
karmoErrors
Array<object>
object
detail
required

Human-readable detail for the specific field error.

string
pointer
required

JSON pointer to the offending value.

string
/email

404

Section titled “404 ”

NOT_FOUND

object
type
required
string format: uri
title
required
string
status
required
integer
detail
string
instance
string
karmoCode
required

Karmo 8-digit error code.

string
/^[0-9]{8}$/
karmoMeta

Domain-level metadata emitted by the service.

object
key
additional properties
any
karmoErrors
Array<object>
object
detail
required

Human-readable detail for the specific field error.

string
pointer
required

JSON pointer to the offending value.

string
/email

409

Section titled “409 ”

CONFLICT

object
type
required
string format: uri
title
required
string
status
required
integer
detail
string
instance
string
karmoCode
required

Karmo 8-digit error code.

string
/^[0-9]{8}$/
karmoMeta

Domain-level metadata emitted by the service.

object
key
additional properties
any
karmoErrors
Array<object>
object
detail
required

Human-readable detail for the specific field error.

string
pointer
required

JSON pointer to the offending value.

string
/email

422

Section titled “422 ”

UNPROCESSABLE_ENTITY

object
type
required
string format: uri
title
required
string
status
required
integer
detail
string
instance
string
karmoCode
required

Karmo 8-digit error code.

string
/^[0-9]{8}$/
karmoMeta

Domain-level metadata emitted by the service.

object
key
additional properties
any
karmoErrors
Array<object>
object
detail
required

Human-readable detail for the specific field error.

string
pointer
required

JSON pointer to the offending value.

string
/email

429

Section titled “429 ”

Configured access provider rate limited the request.

object
type
required
string format: uri
title
required
string
status
required
integer
detail
string
instance
string
karmoCode
required

Karmo 8-digit error code.

string
/^[0-9]{8}$/
karmoMeta

Domain-level metadata emitted by the service.

object
key
additional properties
any
karmoErrors
Array<object>
object
detail
required

Human-readable detail for the specific field error.

string
pointer
required

JSON pointer to the offending value.

string
/email

500

Section titled “500 ”

INTERNAL_SERVER_ERROR

object
type
required
string format: uri
title
required
string
status
required
integer
detail
string
instance
string
karmoCode
required

Karmo 8-digit error code.

string
/^[0-9]{8}$/
karmoMeta

Domain-level metadata emitted by the service.

object
key
additional properties
any
karmoErrors
Array<object>
object
detail
required

Human-readable detail for the specific field error.

string
pointer
required

JSON pointer to the offending value.

string
/email

503

Section titled “503 ”

Access-management provider is not configured for this environment.

object
type
required
string format: uri
title
required
string
status
required
integer
detail
string
instance
string
karmoCode
required

Karmo 8-digit error code.

string
/^[0-9]{8}$/
karmoMeta

Domain-level metadata emitted by the service.

object
key
additional properties
any
karmoErrors
Array<object>
object
detail
required

Human-readable detail for the specific field error.

string
pointer
required

JSON pointer to the offending value.

string
/email