Roles - Docs - Braintrust

List roles

List out all roles. The roles are sorted by creation date, with the most recently-created roles coming first

GET /v1/role

Most Braintrust endpoints are authenticated by providing your API key as a header Authorization: Bearer [api_key] to your HTTP request. You can create an API key in the Braintrust organization settings page.

In: header

Query Parameters

limitinteger

Limit the number of objects to return

Minimum: 0

starting_afterstring

Pagination cursor id.

For example, if the final item in the last page you fetched had an id of foo, pass starting_after=foo to fetch the next page. Note: you may only pass one of starting_after and ending_before

Format: "uuid"

ending_beforestring

Pagination cursor id.

For example, if the initial item in the last page you fetched had an id of foo, pass ending_before=foo to fetch the previous page. Note: you may only pass one of starting_after and ending_before

Format: "uuid"

idsAny properties in string, array<string>

Filter search results to a particular set of object IDs. To specify a list of IDs, include the query param multiple times

role_namestring

Name of the role to search for

org_namestring

Filter search results to within a particular organization

curl -X GET "https://api.braintrust.dev/v1/role?limit=0&starting_after=497f6eca-6276-4993-bfeb-53cbbbba6f08&ending_before=497f6eca-6276-4993-bfeb-53cbbbba6f08&ids=497f6eca-6276-4993-bfeb-53cbbbba6f08&role_name=string&org_name=string" \
  -H "Authorization: Bearer <token>"

Returns a list of role objects

{
  "objects": [
    {
      "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
      "org_id": "a40f5d1f-d889-42e9-94ea-b9b33585fc6b",
      "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
      "created": "2019-08-24T14:15:22Z",
      "name": "string",
      "description": "string",
      "deleted_at": "2019-08-24T14:15:22Z",
      "member_permissions": [
        {
          "permission": "create",
          "restrict_object_type": "organization"
        }
      ],
      "member_roles": [
        "497f6eca-6276-4993-bfeb-53cbbbba6f08"
      ]
    }
  ]
}

Create role

Create a new role. If there is an existing role with the same name as the one specified in the request, will return the existing role unmodified

POST /v1/role

Authorization

Authorization

Required

Bearer <token>

In: header

Request Body

application/jsonOptional

Any desired information about the new role object

name

Required

string

Name of the role

Minimum length: 1

descriptionstring

Textual description of the role

member_permissionsarray<object>

(permission, restrict_object_type) tuples which belong to this role

member_rolesarray<string>

Ids of the roles this role inherits from

An inheriting role has all the permissions contained in its member roles, as well as all of their inherited permissions

org_namestring

For nearly all users, this parameter should be unnecessary. But in the rare case that your API key belongs to multiple organizations, you may specify the name of the organization the role belongs in.

curl -X POST "https://api.braintrust.dev/v1/role" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "string",
    "description": "string",
    "member_permissions": [
      {
        "permission": "create",
        "restrict_object_type": "organization"
      }
    ],
    "member_roles": [
      "497f6eca-6276-4993-bfeb-53cbbbba6f08"
    ],
    "org_name": "string"
  }'

Returns the new role object

{
  "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  "org_id": "a40f5d1f-d889-42e9-94ea-b9b33585fc6b",
  "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
  "created": "2019-08-24T14:15:22Z",
  "name": "string",
  "description": "string",
  "deleted_at": "2019-08-24T14:15:22Z",
  "member_permissions": [
    {
      "permission": "create",
      "restrict_object_type": "organization"
    }
  ],
  "member_roles": [
    "497f6eca-6276-4993-bfeb-53cbbbba6f08"
  ]
}

Create or replace role

Create or replace role. If there is an existing role with the same name as the one specified in the request, will replace the existing role with the provided fields

PUT /v1/role

Authorization

Authorization

Required

Bearer <token>

In: header

Request Body

application/jsonOptional

Any desired information about the new role object

name

Required

string

Name of the role

Minimum length: 1

descriptionstring

Textual description of the role

member_permissionsarray<object>

(permission, restrict_object_type) tuples which belong to this role

member_rolesarray<string>

Ids of the roles this role inherits from

An inheriting role has all the permissions contained in its member roles, as well as all of their inherited permissions

org_namestring

For nearly all users, this parameter should be unnecessary. But in the rare case that your API key belongs to multiple organizations, you may specify the name of the organization the role belongs in.

curl -X PUT "https://api.braintrust.dev/v1/role" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "string",
    "description": "string",
    "member_permissions": [
      {
        "permission": "create",
        "restrict_object_type": "organization"
      }
    ],
    "member_roles": [
      "497f6eca-6276-4993-bfeb-53cbbbba6f08"
    ],
    "org_name": "string"
  }'

Returns the new role object

{
  "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  "org_id": "a40f5d1f-d889-42e9-94ea-b9b33585fc6b",
  "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
  "created": "2019-08-24T14:15:22Z",
  "name": "string",
  "description": "string",
  "deleted_at": "2019-08-24T14:15:22Z",
  "member_permissions": [
    {
      "permission": "create",
      "restrict_object_type": "organization"
    }
  ],
  "member_roles": [
    "497f6eca-6276-4993-bfeb-53cbbbba6f08"
  ]
}

Get role

Get a role object by its id

GET /v1/role/{role_id}

Authorization

Authorization

Required

Bearer <token>

In: header

Path Parameters

role_id

Required

string

Role id

Format: "uuid"

curl -X GET "https://api.braintrust.dev/v1/role/497f6eca-6276-4993-bfeb-53cbbbba6f08" \
  -H "Authorization: Bearer <token>"

Returns the role object

{
  "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  "org_id": "a40f5d1f-d889-42e9-94ea-b9b33585fc6b",
  "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
  "created": "2019-08-24T14:15:22Z",
  "name": "string",
  "description": "string",
  "deleted_at": "2019-08-24T14:15:22Z",
  "member_permissions": [
    {
      "permission": "create",
      "restrict_object_type": "organization"
    }
  ],
  "member_roles": [
    "497f6eca-6276-4993-bfeb-53cbbbba6f08"
  ]
}

Partially update role

Partially update a role object. Specify the fields to update in the payload. Any object-type fields will be deep-merged with existing content. Currently we do not support removing fields or setting them to null.

PATCH /v1/role/{role_id}

Authorization

Authorization

Required

Bearer <token>

In: header

Request Body

application/jsonOptional

Fields to update

descriptionstring

Textual description of the role

namestring

Name of the role

Minimum length: 1

add_member_permissionsarray<object>

A list of permissions to add to the role

remove_member_permissionsarray<object>

A list of permissions to remove from the role

add_member_rolesarray<string>

A list of role IDs to add to the role's inheriting-from set

remove_member_rolesarray<string>

A list of role IDs to remove from the role's inheriting-from set

Path Parameters

role_id

Required

string

Role id

Format: "uuid"

curl -X PATCH "https://api.braintrust.dev/v1/role/497f6eca-6276-4993-bfeb-53cbbbba6f08" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "description": "string",
    "name": "string",
    "add_member_permissions": [
      {
        "permission": "create",
        "restrict_object_type": "organization"
      }
    ],
    "remove_member_permissions": [
      {
        "permission": "create",
        "restrict_object_type": "organization"
      }
    ],
    "add_member_roles": [
      "497f6eca-6276-4993-bfeb-53cbbbba6f08"
    ],
    "remove_member_roles": [
      "497f6eca-6276-4993-bfeb-53cbbbba6f08"
    ]
  }'

Returns the role object

{
  "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  "org_id": "a40f5d1f-d889-42e9-94ea-b9b33585fc6b",
  "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
  "created": "2019-08-24T14:15:22Z",
  "name": "string",
  "description": "string",
  "deleted_at": "2019-08-24T14:15:22Z",
  "member_permissions": [
    {
      "permission": "create",
      "restrict_object_type": "organization"
    }
  ],
  "member_roles": [
    "497f6eca-6276-4993-bfeb-53cbbbba6f08"
  ]
}

Delete role

Delete a role object by its id

DELETE /v1/role/{role_id}

Authorization

Authorization

Required

Bearer <token>

In: header

Path Parameters

role_id

Required

string

Role id

Format: "uuid"

curl -X DELETE "https://api.braintrust.dev/v1/role/497f6eca-6276-4993-bfeb-53cbbbba6f08" \
  -H "Authorization: Bearer <token>"

Returns the deleted role object

{
  "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  "org_id": "a40f5d1f-d889-42e9-94ea-b9b33585fc6b",
  "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
  "created": "2019-08-24T14:15:22Z",
  "name": "string",
  "description": "string",
  "deleted_at": "2019-08-24T14:15:22Z",
  "member_permissions": [
    {
      "permission": "create",
      "restrict_object_type": "organization"
    }
  ],
  "member_roles": [
    "497f6eca-6276-4993-bfeb-53cbbbba6f08"
  ]
}

Response

TypeScript

Response

TypeScript

Response

TypeScript

Response

TypeScript

Response

TypeScript

Response

TypeScript

On this page