POST
/
v1
/
keys.setPermissions
curl --request POST \
  --url https://api.unkey.dev/v1/keys.setPermissions \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "keyId": "<string>",
  "permissions": [
    {
      "id": "perm_123"
    },
    {
      "name": "dns.record.create"
    },
    {
      "name": "dns.record.delete",
      "create": true
    }
  ]
}'
[
  {
    "id": "perm_123",
    "name": "dns.record.create"
  }
]

Sets the permissions of a key to a new set of permissions. This endpoint overwrites the existing permissions of the key with the new set. Existing permissions that are not included in the new set are removed.

You can provide either permission ids or permission names in the request body. If you provide a name, we will create the permission if it does not exist.

To use this endpoint, your root key must have the rbac.*.add_permission_to_key and potentially the rbac.*.create_permission permissions.

Changelog

DateChanges
Jul 08 2024Introduced endpoint

Authorizations

Authorization
string
headerrequired

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json
keyId
string
required

The id of the key.

Minimum length: 1
permissions
object[]
required

The permissions you want to set for this key. This overwrites all existing permissions. Setting permissions requires the rbac.*.add_permission_to_key permission.

Response

200 - application/json
id
string
required

The id of the permission. This is used internally

name
string
required

The name of the permission