Replace role permissions

Assigns provided permission UUIDs to the role and returns updated role payload.

RBAC · role

Path parameters

idstring <uuid>Required

Role UUID from roles.role_id.

Request body

Content type: application/json · schema AccessRolePermissionsBodyV1

permission_idsarray of stringRequired

min items 1

itemsstring <uuid>

Response body

Success response 200 · schema AccessApiSuccessV1

dataanyOfRequired

anyOf (option 1)object

anyOf (option 2)array of object

itemsobject

metaobject

Response codes

200

Operation succeeded.

400

Validation failed (payload/query/path parsing).

401

API key missing/invalid or key user not found.

403

RBAC denied for role:update.

500

Unexpected controller/service failure.

PUT /api/v1/roles/{id}/permissions

cURL

curl -X PUT "https://algapsa.com/api/v1/roles/{id}/permissions" \
  -H "X-API-Key: $ALGA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
  "permission_ids": [
    "01HN2K7VRB9PQ3Y0000000000"
  ]
}'

TypeScript

const response = await fetch("https://algapsa.com/api/v1/roles/{id}/permissions", {
  method: "PUT",
  headers: {
    "X-API-Key": "$ALGA_API_KEY",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    "permission_ids": [
      "01HN2K7VRB9PQ3Y0000000000"
    ]
  })
});
const data = await response.json();

using var client = new HttpClient();
using var request = new HttpRequestMessage(HttpMethod.Put, "https://algapsa.com/api/v1/roles/{id}/permissions");
request.Headers.TryAddWithoutValidation("X-API-Key", "$ALGA_API_KEY");
request.Headers.TryAddWithoutValidation("Content-Type", "application/json");
request.Content = new StringContent(@"{
  ""permission_ids"": [
    ""01HN2K7VRB9PQ3Y0000000000""
  ]
}", Encoding.UTF8, "application/json");
var response = await client.SendAsync(request);
var body = await response.Content.ReadAsStringAsync();

200 OK·application/json

{
  "data": {},
  "meta": {}
}