Skip to main content
POST
Assign Permission

Authentication

✅ Organization User (CustomerEmployee)
✅ Delegated User (EndUser)
✅ Service Account

Required Permissions

Permissions:Assign: Always required.

Authorizations

Authorization
string
header
required

Bearer Token: Used to authenticate API requests. More details how to generate the token: Authentication flows

X-DFNS-USERACTION
string
header
required

User Action Signature: Used to sign the change-inducing API requests. More details how to generate the token: User Action Signing flows

Path Parameters

permissionId
string
required

ID of the permission (also referred to as "role" in the dashboard).

Required string length: 1 - 64

Body

application/json
identityId
string
required

ID of the identity to assign the permission to. Can be a user ID, a service account ID, or a personal access token (PAT) ID.

Minimum string length: 1

Response

200 - application/json

Success

id
string
required

ID of the permission assignment.

Required string length: 1 - 64
Pattern: ^as-[a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{14,16}$
Example:

"as-1vcmc-qrek0-6b4vii9pln60907e"

permissionId
string
required

ID of the permission (also referred to as "role" in the dashboard).

Required string length: 1 - 64
Pattern: ^pm-[a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{14,16}$
Example:

"pm-37vj4-jkr4l-lc9945spfftkne57"

identityId
string
required

ID of the identity the permission is assigned to. Can be a user ID, a service account ID, or a personal access token (PAT) ID.

isImmutable
boolean
required

Whether this assignment is system-managed and cannot be modified.

dateCreated
string<date-time>
required

ISO 8601 date (must be UTC). Date the assignment was created.

Example:

"2023-04-14T20:41:28.715Z"

dateUpdated
string<date-time>
required

ISO 8601 date (must be UTC). Date the assignment was last updated.

Example:

"2023-04-14T20:41:28.715Z"

Last modified on July 9, 2026