1. Docs
  2. API Reference
  3. Add resource permissions to existing roles

Add resource permissions to existing roles

POST/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/{envSlug}/setup/resource-permissions

Authentication

  • Bearer Token Authorization

    JWT access token

Request body

  • resourcesBootstrapResourceDto[]*

    Resources to generate permissions for

  • role_permissionsResourcePermissionRoleDto[]*

    Permission assignments for existing roles. Empty array creates the permissions without binding them to any role.

Code samples

cURLJavaScriptPythonGo
curl -X POST "https://api.canopy.dev/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/{envSlug}/setup/resource-permissions" \
  -H "Authorization: Bearer $CANOPY_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "resources": [
      {
        "name": "notes",
        "actions": [
          "create",
          "read",
          "update",
          "delete"
        ]
      }
    ],
    "role_permissions": [
      {
        "role_id": "string",
        "permission_keys": [
          "invoices.create",
          "invoices.read"
        ]
      }
    ]
  }'

Responses

201 Permissions created and assigned to existing roles in a single transaction 
{
  "permissions_created": 0,
  "skipped_permissions": 0,
  "roles_updated": 0
}

application/json

  • permissions_creatednumber*

    Number of permissions created

  • skipped_permissionsnumber*

    Number of permissions skipped (already exist)

  • roles_updatednumber*

    Number of roles that received new permissions

401 Invalid or expired token
403 This token is not authorized for this endpoint (wrong principal type — e.g., admin token on identity-only endpoint, or vice versa)

Returned object

The ResourcePermissionsResponseDto object View all properties on this resource
On this page

Related endpoints

POSTBootstrap the Environment's permission catalog and roles
Canopy