Ctrlk
For the complete documentation index, see llms.txt. This page is also available as Markdown.

Permissions

Return a list of all permissions.

get

Returns the complete list of available permissions in the system. Each permission has a category, entity, action, and optional dependencies on other permissions.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Responses
200

Successful operation.

application/json
namestring · enumRequiredExample: ANALYTIC_POLICY_READPossible values:
categorystring · enumRequiredExample: ANALYTICPossible values:
entitystring · enumRequiredExample: POLICYPossible values:
actionstring · enumRequiredExample: READPossible values:
disabledbooleanRequiredExample: false
dependOnstring[]RequiredExample: ["POLICIES_POLICY_READ"]
get
/permissions

Return a list of all roles.

get

Returns a paginated list of custom roles created by the current Standard Registry. Filter by role name with partial match.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Query parameters
namestringOptional

Filter by role name (case-insensitive, partial match). Leave empty to return all.

pageIndexnumberOptional

The number of pages to skip before starting to collect the result set

Example: 0
pageSizenumberOptional

The numbers of items to return

Example: 20
Responses
200

Successful operation. Returns roles array and total count in X-Total-Count header.

application/json
get
/permissions/roles

Creates new role.

post

Creates new role.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Body
idstringRequired

Internal database identifier

Example: 69aeb71ef8c5b278e3bab4e5
createDatestringRequired

Role creation date in ISO 8601 format

Example: 2026-03-03T17:25:53.312Z
updateDatestringRequired

Last update date in ISO 8601 format

Example: 2026-03-03T17:25:53.312Z
uuidstringRequired

Unique universal identifier

Example: 9db028d2-03ad-4d49-a178-cf4b67f8c147
namestringRequired

Role name

Example: Policy User
descriptionstringRequired

Role description

Example: Role for standard policy users
ownerstringRequired

DID of the Standard Registry who created this role

Example: did:hedera:testnet:Cvzp5kKVUuipBCQjcF54fBjdicvaKsB8zHeQ6Qq22U2Z_0.0.8200599
defaultbooleanRequired

Whether this is the default role for new users

Example: false
readonlybooleanRequired

Whether the role is read-only (system role)

Example: false
Responses
post
/permissions/roles

Updates role configuration.

put

Updates role configuration for the specified role ID.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
idstringRequired

Role Identifier

Example: 69aeb71ef8c5b278e3bab4e5
Body
idstringRequired

Internal database identifier

Example: 69aeb71ef8c5b278e3bab4e5
createDatestringRequired

Role creation date in ISO 8601 format

Example: 2026-03-03T17:25:53.312Z
updateDatestringRequired

Last update date in ISO 8601 format

Example: 2026-03-03T17:25:53.312Z
uuidstringRequired

Unique universal identifier

Example: 9db028d2-03ad-4d49-a178-cf4b67f8c147
namestringRequired

Role name

Example: Policy User
descriptionstringRequired

Role description

Example: Role for standard policy users
ownerstringRequired

DID of the Standard Registry who created this role

Example: did:hedera:testnet:Cvzp5kKVUuipBCQjcF54fBjdicvaKsB8zHeQ6Qq22U2Z_0.0.8200599
defaultbooleanRequired

Whether this is the default role for new users

Example: false
readonlybooleanRequired

Whether the role is read-only (system role)

Example: false
Responses
200

Role configuration.

application/json
idstringRequired

Internal database identifier

Example: 69aeb71ef8c5b278e3bab4e5
createDatestringRequired

Role creation date in ISO 8601 format

Example: 2026-03-03T17:25:53.312Z
updateDatestringRequired

Last update date in ISO 8601 format

Example: 2026-03-03T17:25:53.312Z
uuidstringRequired

Unique universal identifier

Example: 9db028d2-03ad-4d49-a178-cf4b67f8c147
namestringRequired

Role name

Example: Policy User
descriptionstringRequired

Role description

Example: Role for standard policy users
ownerstringRequired

DID of the Standard Registry who created this role

Example: did:hedera:testnet:Cvzp5kKVUuipBCQjcF54fBjdicvaKsB8zHeQ6Qq22U2Z_0.0.8200599
defaultbooleanRequired

Whether this is the default role for new users

Example: false
readonlybooleanRequired

Whether the role is read-only (system role)

Example: false
put
/permissions/roles/{id}

Deletes the role.

delete

Deletes the role with the provided role ID.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
idstringRequired

Role Identifier

Example: 69aeb71ef8c5b278e3bab4e5
Responses
200

Successful operation.

application/json
booleanOptional
delete
/permissions/roles/{id}

Set default role.

post

Set the role as default for new users.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Body
idstringRequired

Role Identifier

Example: 69aeb71ef8c5b278e3bab4e5
Responses
post
/permissions/roles/default

Return a list of all users.

get

Returns all users.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Query parameters
pageIndexnumberOptional

The number of pages to skip before starting to collect the result set

Example: 0
pageSizenumberOptional

The numbers of items to return

Example: 20
rolestringOptional

Filter by role

Example: 69aeb71ef8c5b278e3bab4e5
statusstring · enumOptional

Filter by status

Possible values:
usernamestringOptional

Filter by username

Example: username
Responses
200

Successful operation.

application/json
get
/permissions/users

Updates user permissions.

get

Updates user permissions for the specified username.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
usernamestringRequired

User Identifier

Example: username
Responses
200

User permissions.

application/json
usernamestringRequiredExample: username
rolestring · enumRequiredExample: USERPossible values:
permissionsGroupstring[]OptionalExample: [{}]
permissionsstring[]RequiredExample: ["POLICIES_POLICY_READ"]
didstringOptionalExample: did:hedera:testnet:Cvzp5kKVUuipBCQjcF54fBjdicvaKsB8zHeQ6Qq22U2Z_0.0.8200599
parentstringOptionalExample: did:hedera:testnet:Cvzp5kKVUuipBCQjcF54fBjdicvaKsB8zHeQ6Qq22U2Z_0.0.8200599
hederaAccountIdstringOptionalExample: 0.0.6046379
get
/permissions/users/{username}

Updates user permissions.

put

Updates user permissions for the specified username.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
usernamestringRequired

User Identifier

Example: username
Bodystring[]
string[]Optional
Responses
200

User permissions.

application/json
usernamestringRequiredExample: username
rolestring · enumRequiredExample: USERPossible values:
permissionsGroupstring[]OptionalExample: [{}]
permissionsstring[]RequiredExample: ["POLICIES_POLICY_READ"]
didstringOptionalExample: did:hedera:testnet:Cvzp5kKVUuipBCQjcF54fBjdicvaKsB8zHeQ6Qq22U2Z_0.0.8200599
parentstringOptionalExample: did:hedera:testnet:Cvzp5kKVUuipBCQjcF54fBjdicvaKsB8zHeQ6Qq22U2Z_0.0.8200599
hederaAccountIdstringOptionalExample: 0.0.6046379
put
/permissions/users/{username}

Return a list of all roles.

get

Returns all roles.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
usernamestringRequired

User Identifier

Example: username
Query parameters
pageIndexnumberOptional

The number of pages to skip before starting to collect the result set

Example: 0
pageSizenumberOptional

The numbers of items to return

Example: 20
statusstring · enumOptional

Filter by status

Possible values:
Responses
200

Successful operation.

application/json
get
/permissions/users/{username}/policies

Assign policy.

post

Assign policy.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
usernamestringRequired

User Identifier

Example: username
Body
policyIdsstring[]RequiredExample: ["69aeb71ef8c5b278e3bab4e5"]
assignbooleanRequiredExample: true
Responses
post
/permissions/users/{username}/policies/assign

Delegate user permissions.

put

Delegate user permissions for the specified username.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
usernamestringRequired

User Identifier

Example: username
Bodystring[]
string[]Optional
Responses
200

User permissions.

application/json
usernamestringRequiredExample: username
rolestring · enumRequiredExample: USERPossible values:
permissionsGroupstring[]OptionalExample: [{}]
permissionsstring[]RequiredExample: ["POLICIES_POLICY_READ"]
didstringOptionalExample: did:hedera:testnet:Cvzp5kKVUuipBCQjcF54fBjdicvaKsB8zHeQ6Qq22U2Z_0.0.8200599
parentstringOptionalExample: did:hedera:testnet:Cvzp5kKVUuipBCQjcF54fBjdicvaKsB8zHeQ6Qq22U2Z_0.0.8200599
hederaAccountIdstringOptionalExample: 0.0.6046379
put
/permissions/users/{username}/delegate

Delegate policy.

post

Delegate policy.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
usernamestringRequired

User Identifier

Example: username
Body
policyIdsstring[]RequiredExample: ["69aeb71ef8c5b278e3bab4e5"]
assignbooleanRequiredExample: true
Responses
post
/permissions/users/{username}/policies/delegate

Last updated