API ReferenceManagementUsers
POST
/v1/mgmt/user/update/role/set

Authorization

Descope Project ID and Management Key
AuthorizationBearer <token>

Project ID:Management Key as bearer token.

In: header

Request Body

application/json

loginId?string
tenantId?string
roleNames?array<string>
string

Set an existing user's roles, using a valid management key.

This API endpoint allows you to set a user's roles.

This will override the current roles associated to the user and will set all passed roles.

See also

curl -X POST "https://api.descope.com/v1/mgmt/user/update/role/set" \  -H "Content-Type: application/json" \  -d '{}'
{  "user": {    "loginIds": [      "string"    ],    "userId": "string",    "name": "string",    "email": "string",    "phone": "string",    "verifiedEmail": true,    "verifiedPhone": true,    "roleNames": [      "string"    ],    "userTenants": [      {        "tenantId": "string",        "roleNames": [          "string"        ],        "tenantName": "string",        "permissions": [          "string"        ]      }    ],    "status": "string",    "externalIds": [      "string"    ],    "picture": "string",    "test": false,    "customAttributes": {      "attribute-key": "attribute-value"    },    "createdTime": 0,    "TOTP": false,    "SAML": false,    "OAuth": {      "property1": false,      "property2": false    },    "webauthn": true,    "password": true,    "ssoAppIds": [      "string"    ],    "givenName": "string",    "middleName": "string",    "familyName": "string",    "editable": true,    "SCIM": true,    "push": true,    "permissions": [      "string"    ],    "OIDC": true,    "consentExpiration": 0  },  "created": true}
export interface Response {user?: {loginIds?: string[]userId?: stringname?: stringemail?: stringphone?: stringverifiedEmail?: booleanverifiedPhone?: booleanroleNames?: string[]userTenants?: UserTenants[]status?: stringexternalIds?: string[]picture?: stringtest?: boolean/** * Custom attributes as key-value pairs. Keys must be strings; values can be strings, numbers, booleans, or arrays. */customAttributes?: {[k: string]: string}createdTime?: numberTOTP?: booleanSAML?: booleanOAuth?: {[k: string]: boolean}webauthn?: booleanpassword?: booleanssoAppIds?: string[]givenName?: stringmiddleName?: stringfamilyName?: stringeditable?: booleanSCIM?: booleanpush?: booleanpermissions?: string[]OIDC?: booleanconsentExpiration?: number}created?: boolean}export interface UserTenants {tenantId?: stringroleNames?: string[]tenantName?: stringpermissions?: string[]}
Was this helpful?

Update User Add Roles POST

### Add roles to an existing user, using a valid management key. This API endpoint allows you to add roles to a user granularly without updating all user details. `roleNames` is an array of the role names in string format. The `tenantId` is optional; if provided, the user must be a member of that tenant The response returns the user's details in json format. ### See also - See [Manage Users](/manage/users) for further details on managing users. - See [The User Object](/api/overview#the-user-object) for further details on the user object. - See [Manage Roles](/manage/roles/) for further details on managing roles.

Update User Remove Roles POST

### Remove roles from an existing user, using a valid management key. This API endpoint allows you to remove roles from a user granularly without updating all user details. `roleNames` is an array of the role names in string format. The `tenantId` is optional; if provided, the user must be a member of that tenant The response returns the user's details in json format. ### See also - See [Manage Users](/manage/users) for further details on managing users. - See [The User Object](/api/overview#the-user-object) for further details on the user object. - See [Manage Roles](/manage/roles/) for further details on managing roles.