Home
Content Management API
Content Management API Overview Using the JavaScript client API versioning Authentication Environments Errors Pagination Asynchronous jobs Technical Limits
Main resources
Record Scheduled publication Scheduled unpublishing Upload Site Model/Block Field Fieldset Record version
Upload-related
Upload permission Upload track Manual tags Smart tags Upload Collection
Site Search
Search result
Environments
Environment Maintenance mode
UI
Menu Item Schema Menu Item Uploads filter Model filter Plugin
Workflows
Workflow
Async jobs
Asynchronous job Job result
Roles & permissions
Account Organization Invitation Collaborator Role
Create a new role Update a role List all roles Retrieve a role Delete a role
API token
Webhooks
Webhook Webhook call
Hosting & CI integrations
Build trigger Deploy activity
Subscription
Subscription limit Subscription feature
Enterprise
SSO Settings SSO User SSO Group White-label settings Audit log event
Show examples in:
Javascript HTTP
Resource info

Content Management API > Role

Role

A Role represents a specific set of actions an editor (or an API token) can perform on your administrative area.

Object payload

id string

ID of role

Example: "34"
type string

Must be exactly "role".

attributes.name string

The name of the role

Example: "Editor"
attributes.can_edit_site boolean

Can change project global properties

attributes.can_edit_favicon boolean

Can edit favicon, global SEO settings and no-index policy

attributes.can_edit_schema boolean

Can create/edit models and plugins

attributes.can_manage_menu boolean

Can customize content navigation bar

attributes.can_manage_users boolean

Can create/edit roles and invite/remove collaborators

attributes.can_manage_shared_filters boolean

Can create/edit shared filters (both for models and the media area)

attributes.can_manage_upload_collections boolean

Can create/edit upload collections

attributes.can_manage_environments boolean

Can create/delete sandbox environments and promote them to primary environment

attributes.can_manage_webhooks boolean

Can create/edit webhooks

attributes.environments_access enum

Specifies the environments the user can access

Example: "primary_only"
all

Can access all environments

primary_only

Can access primary environment only

sandbox_only

Can access sandbox environments only
attributes.can_manage_sso boolean

Can manage Single Sign-On settings

attributes.can_access_audit_log boolean

Can access Audit Log

attributes.can_manage_workflows boolean

Can create/edit workflows

attributes.can_edit_environment boolean

Can change locales, timezone and UI theme

attributes.can_promote_environments boolean

Can promote environments to primary and manage maintenance mode

attributes.can_manage_build_triggers boolean

Can create/edit Build triggers

attributes.can_manage_access_tokens boolean

Can manage API tokens

attributes.can_perform_site_search boolean

Can perform Site Search API calls

attributes.can_access_build_events_log boolean

Can access the build events log

attributes.positive_item_type_permissions

Allowed actions on a model (or all) for a role

Type: Array<object>
environment string

ID of environment. Can only contain lowercase letters, numbers and dashes

Example: "main"
action enum

Permitted action

Example: "all"
all
read
update
create
duplicate
delete
publish
edit_creator
take_over
move_to_stage
item_type undefined
workflow undefined
on_stage null, string
to_stage null, string
on_creator enum, null

Permitted creator

Example: "self"
anyone

Created by anyone

self

Created by the user itself

role

Created by a user with the same role
localization_scope enum, null

Permitted content scope

Example: "all"
all

Any content (localized/unlocalized)

localized

Content under a specific locale (locale must be defined)

not_localized

Non-localized content
locale string, null

Permitted localized content in this locale. Required when localization_scope is localized

Example: "en"
attributes.negative_item_type_permissions

Prohibited actions on a model (or all) for a role

Type: Array<object>
environment string

ID of environment. Can only contain lowercase letters, numbers and dashes

Example: "main"
action enum

Permitted action

Example: "all"
all
read
update
create
duplicate
delete
publish
edit_creator
take_over
move_to_stage
item_type undefined
workflow undefined
on_stage null, string
to_stage null, string
on_creator enum, null

Permitted creator

Example: "self"
anyone

Created by anyone

self

Created by the user itself

role

Created by a user with the same role
localization_scope enum, null

Permitted content scope

Example: "all"
all

Any content (localized/unlocalized)

localized

Content under a specific locale (locale must be defined)

not_localized

Non-localized content
locale string, null

Permitted localized content in this locale. Required when localization_scope is localized

Example: "en"
attributes.positive_upload_permissions

Allowed actions on a model (or all) for a role

Type: Array<object>
action enum

Permitted action

Example: "all"
all
read
update
create
delete
edit_creator
replace_asset
environment string

ID of environment. Can only contain lowercase letters, numbers and dashes

Example: "main"
on_creator enum, null

Permitted creator

Example: "self"
anyone

Created by anyone

self

Created by the user itself

role

Created by a user with the same role
localization_scope enum, null

Permitted content scope

Example: "all"
all

Any content (localized/unlocalized)

localized

Localized content in specific locale (locale must be defined)

not_localized

Non-localized content
locale string, null

Permitted localized content in this locale. Required when localization_scope is localized

Example: "en"
attributes.negative_upload_permissions

Prohibited actions on a model (or all) for a role

Type: Array<object>
action enum

Permitted action

Example: "all"
all
read
update
create
delete
edit_creator
replace_asset
environment string

ID of environment. Can only contain lowercase letters, numbers and dashes

Example: "main"
on_creator enum, null

Permitted creator

Example: "self"
anyone

Created by anyone

self

Created by the user itself

role

Created by a user with the same role
localization_scope enum, null

Permitted content scope

Example: "all"
all

Any content (localized/unlocalized)

localized

Localized content in specific locale (locale must be defined)

not_localized

Non-localized content
locale string, null

Permitted localized content in this locale. Required when localization_scope is localized

Example: "en"
attributes.positive_build_trigger_permissions

Allowed build triggers for a role

Type: Array<object>
build_trigger undefined
attributes.negative_build_trigger_permissions

Prohibited build triggers for a role

Type: Array<object>
build_trigger undefined
meta.final_permissions object

The final set of permissions considering also inherited roles

can_edit_site boolean

Can change project global properties

can_edit_favicon boolean

Can edit favicon, global SEO settings and no-index policy

can_edit_schema boolean

Can create/edit models and plugins

can_manage_menu boolean

Can customize content navigation bar

can_manage_users boolean

Can create/edit roles and invite/remove collaborators

can_manage_environments boolean

Can create/delete sandbox environments and promote them to primary environment

can_manage_webhooks boolean

Can create/edit webhooks

environments_access enum

Specifies the environments the user can access

Example: "primary_only"
all

Can access all environments

primary_only

Can access primary environment only

sandbox_only

Can access sandbox environments only
can_manage_sso boolean

Can manage Single Sign-On settings

can_access_audit_log boolean

Can access Audit Log

can_manage_workflows boolean

Can create/edit workflows

can_edit_environment boolean

Can change locales, timezone and UI theme

can_promote_environments boolean

Can promote environments to primary and manage maintenance mode

can_manage_shared_filters boolean

Can create/edit shared filters (both for models and the media area)

can_manage_build_triggers boolean

Can create/edit Build triggers

can_manage_upload_collections boolean

Can create/edit upload collections

can_manage_access_tokens boolean

Can manage API tokens

can_perform_site_search boolean

Can perform Site Search API calls

can_access_build_events_log boolean

Can access the build events log

positive_item_type_permissions

Allowed actions on a model (or all) for a role

Type: Array<object>
environment string

ID of environment. Can only contain lowercase letters, numbers and dashes

Example: "main"
action enum

Permitted action

Example: "all"
all
read
update
create
duplicate
delete
publish
edit_creator
take_over
move_to_stage
item_type undefined
workflow undefined
on_stage null, string
to_stage null, string
on_creator enum, null

Permitted creator

Example: "self"
anyone

Created by anyone

self

Created by the user itself

role

Created by a user with the same role
localization_scope enum, null

Permitted content scope

Example: "all"
all

Any content (localized/unlocalized)

localized

Content under a specific locale (locale must be defined)

not_localized

Non-localized content
locale string, null

Permitted localized content in this locale. Required when localization_scope is localized

Example: "en"
negative_item_type_permissions

Prohibited actions on a model (or all) for a role

Type: Array<object>
environment string

ID of environment. Can only contain lowercase letters, numbers and dashes

Example: "main"
action enum

Permitted action

Example: "all"
all
read
update
create
duplicate
delete
publish
edit_creator
take_over
move_to_stage
item_type undefined
workflow undefined
on_stage null, string
to_stage null, string
on_creator enum, null

Permitted creator

Example: "self"
anyone

Created by anyone

self

Created by the user itself

role

Created by a user with the same role
localization_scope enum, null

Permitted content scope

Example: "all"
all

Any content (localized/unlocalized)

localized

Content under a specific locale (locale must be defined)

not_localized

Non-localized content
locale string, null

Permitted localized content in this locale. Required when localization_scope is localized

Example: "en"
positive_upload_permissions

Allowed actions on a model (or all) for a role

Type: Array<object>
action enum

Permitted action

Example: "all"
all
read
update
create
delete
edit_creator
replace_asset
environment string

ID of environment. Can only contain lowercase letters, numbers and dashes

Example: "main"
on_creator enum, null

Permitted creator

Example: "self"
anyone

Created by anyone

self

Created by the user itself

role

Created by a user with the same role
localization_scope enum, null

Permitted content scope

Example: "all"
all

Any content (localized/unlocalized)

localized

Localized content in specific locale (locale must be defined)

not_localized

Non-localized content
locale string, null

Permitted localized content in this locale. Required when localization_scope is localized

Example: "en"
negative_upload_permissions

Prohibited actions on a model (or all) for a role

Type: Array<object>
action enum

Permitted action

Example: "all"
all
read
update
create
delete
edit_creator
replace_asset
environment string

ID of environment. Can only contain lowercase letters, numbers and dashes

Example: "main"
on_creator enum, null

Permitted creator

Example: "self"
anyone

Created by anyone

self

Created by the user itself

role

Created by a user with the same role
localization_scope enum, null

Permitted content scope

Example: "all"
all

Any content (localized/unlocalized)

localized

Localized content in specific locale (locale must be defined)

not_localized

Non-localized content
locale string, null

Permitted localized content in this locale. Required when localization_scope is localized

Example: "en"
positive_build_trigger_permissions

Allowed build triggers for a role

Type: Array<object>
build_trigger undefined
negative_build_trigger_permissions

Prohibited build triggers for a role

Type: Array<object>
build_trigger undefined
relationships.inherits_permissions_from.data

The roles from which this role inherits permissions

Available endpoints

Did this doc help you?
Yes
No
Would you like to add more information?
Optional
To receive further updates or address your feedback, kindly share your email address with us.
Optional

If you need a reply, please contact support instead.

Need help?
Explore our forum, contact support, or connect with our sales team . You can also chat live with other users in our Slack channel.