- Print
- DarkLight
Create a new reader. Sends an invitation to the specified email address.
Creates a new reader account and sends an invitation email to the specified address. The invited_by field is required when authenticating with an M2M (machine-to-machine) token, as the system cannot infer the inviting user from the token. SSO readers can be created by setting is_sso_user to true and providing a scheme_name. Requires the UpdateRolesAccountsAndGroups permission. Related endpoints: GET /v3/projects/{projectId}/readers to list readers, PUT /v3/projects/{projectId}/readers/{readerId} to update a reader.
All V3 endpoints require a Bearer token. Generate tokens in the Document360 portal under Settings > API Tokens. Tokens are project-scoped, require the customerApi scope, and do not expire by default. Tokens can be revoked at any time from the portal. Include the token in every request: Authorization: Bearer <your-token>. Alternatively, use the Authorize button below to sign in via OAuth2 Authorization Code flow with PKCE.
The unique identifier of the project. Retrieve project IDs from GET /v3/projects.
Reader creation details.
Invites a new reader with access to the entire project.
{
"first_name": "John",
"last_name": "Smith",
"email": "[email protected]",
"associated_reader_groups": null,
"access_scope": {
"access_level": "project",
"categories": null,
"project_versions": null,
"languages": null
},
"is_sso_user": false,
"scheme_name": null,
"skip_sso_invitation_email": false,
"invited_by": "a1b2c3d4-e5f6-7a8b-9c0d-1e2f3a4b5c6d"
}Invites a new reader with access restricted to specific categories.
{
"first_name": "Sarah",
"last_name": "Connor",
"email": "[email protected]",
"associated_reader_groups": [
"b2c3d4e5-f6a7-8b9c-0d1e-2f3a4b5c6d7e"
],
"access_scope": {
"access_level": "category",
"categories": [
{
"project_version_id": "1c2d3e4f-5a6b-7c8d-9e0f-a1b2c3d4e5f6",
"category_id": "9a3b4c5d-6e7f-8a9b-0c1d-2e3f4a5b6c7d",
"lang_code": "en"
}
],
"project_versions": null,
"languages": null
},
"is_sso_user": false,
"scheme_name": null,
"skip_sso_invitation_email": false,
"invited_by": "a1b2c3d4-e5f6-7a8b-9c0d-1e2f3a4b5c6d"
}Request to invite a new reader to the knowledge base.
First name of the reader.
Last name of the reader.
Email address of the reader to invite. Must be unique.
List of reader group IDs to add this reader to. Retrieve group IDs from GET /v3/projects/{projectId}/readers/groups.
The access scope defining which content this reader can view.
The level at which access is scoped. Possible values: 0 = None, 1 = Category, 2 = Version, 3 = Project, 4 = Language, 5 = Article, 6 = Workspace.
List of specific category scopes when AccessLevel is Category (1). Null or empty for broader access levels.
Specifies access to a specific category within a project version and language.
Unique identifier of the project version containing the category. Retrieve from GET /v3/projects/{projectId}/project-versions.
Unique identifier of the category to grant access to. Retrieve from GET /v3/projects/{projectId}/categories.
Language code for the category translation (e.g., "en", "fr", "de"). Retrieve available languages from GET /v3/projects/{projectId}/languages.
List of project version IDs the reader has access to when AccessLevel is Version (2). Retrieve version IDs from GET /v3/projects/{projectId}/project-versions.
List of language scopes defining which translations the reader can access. Applicable when AccessLevel is Language (4).
Specifies access to a specific language within a project version.
Unique identifier of the project version. Retrieve from GET /v3/projects/{projectId}/project-versions.
Language code to grant access to (e.g., "en", "fr", "de"). Retrieve available languages from GET /v3/projects/{projectId}/languages.
Whether the reader authenticates via SSO instead of email/password. When true, you must also provide SchemeName. Retrieve available SSO schemes from GET /v3/projects/{projectId}/sso-schemes.
The SSO scheme name to use. Required when IsSsoUser is true. Retrieve available scheme names from GET /v3/projects/{projectId}/sso-schemes.
Whether to skip sending the SSO invitation email to the reader.
User ID of the team account member sending the invitation. Required for API token (M2M) authentication. When using a user access token (OAuth), this field is ignored — the user ID is resolved from the token. Retrieve user IDs from GET /v3/projects/{projectId}/users.
Reader created successfully.
Returns the reader that was just created
{
"data": {
"id": "a3b4c5d6-e7f8-4a9b-c0d1-e2f3a4b5c6d7",
"first_name": "Carol",
"last_name": "Smith",
"email": "[email protected]",
"access_scope": {
"access_level": "project",
"categories": [],
"project_versions": [],
"languages": []
},
"associated_reader_groups": [
"b2c3d4e5-f6a7-4b8c-9d0e-a1b2c3d4e5f6"
],
"is_invite_sso_user": false,
"last_login_at": null
},
"success": true,
"request_id": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
"errors": [],
"warnings": []
}Generic API response wrapper containing typed data.
Response data payload.
Unique identifier of the reader.
First name of the reader.
Last name of the reader.
The access scope defining which content this reader can view.
The level at which access is scoped. Possible values: 0 = None, 1 = Category, 2 = Version, 3 = Project, 4 = Language, 5 = Article, 6 = Workspace.
List of specific category scopes when AccessLevel is Category (1). Null or empty for broader access levels.
Specifies access to a specific category within a project version and language.
Unique identifier of the project version containing the category. Retrieve from GET /v3/projects/{projectId}/project-versions.
Unique identifier of the category to grant access to. Retrieve from GET /v3/projects/{projectId}/categories.
Language code for the category translation (e.g., "en", "fr", "de"). Retrieve available languages from GET /v3/projects/{projectId}/languages.
List of project version IDs the reader has access to when AccessLevel is Version (2). Retrieve version IDs from GET /v3/projects/{projectId}/project-versions.
List of language scopes defining which translations the reader can access. Applicable when AccessLevel is Language (4).
Specifies access to a specific language within a project version.
Unique identifier of the project version. Retrieve from GET /v3/projects/{projectId}/project-versions.
Language code to grant access to (e.g., "en", "fr", "de"). Retrieve available languages from GET /v3/projects/{projectId}/languages.
List of reader group IDs that this reader belongs to. Retrieve group IDs from GET /v3/projects/{projectId}/readers/groups.
Whether this reader was invited via SSO authentication.
Date and time when the reader last logged in. Null if the reader has never logged in.
Whether the API request was successful.
Unique identifier for request tracing and correlation.
List of errors if the request failed.
Represents an error returned by the API.
Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).
Human-readable error message.
The request field that caused the error, if applicable.
Additional context about the error.
List of non-fatal warnings from the request.
Represents a non-fatal warning from the API.
Machine-readable warning code.
Human-readable warning message.
The request body is malformed or contains invalid JSON.
RFC 7807 Problem Details response for V3 API errors. Content-Type: application/problem+json
URI reference identifying the error type (links to documentation).
Short human-readable summary of the error type.
HTTP status code.
Human-readable explanation specific to this occurrence.
URI of the request that generated the error.
Request trace identifier for correlation.
Structured list of specific errors (extension field).
Represents an error returned by the API.
Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).
Human-readable error message.
The request field that caused the error, if applicable.
Additional context about the error.
Non-fatal warnings (extension field).
Represents a non-fatal warning from the API.
Machine-readable warning code.
Human-readable warning message.
Authentication token is missing or invalid.
Authentication token is missing or invalid.
{
"type": "https://developer.document360.com/errors/unauthorized",
"title": "Unauthorized.",
"status": 401,
"detail": "The authentication token is missing or has expired.",
"instance": null,
"trace_id": "req_abc123def456",
"errors": [
{
"code": "UNAUTHORIZED",
"message": "Bearer token is missing or invalid.",
"field": null,
"details": null
}
],
"warnings": null
}RFC 7807 Problem Details response for V3 API errors. Content-Type: application/problem+json
URI reference identifying the error type (links to documentation).
Short human-readable summary of the error type.
HTTP status code.
Human-readable explanation specific to this occurrence.
URI of the request that generated the error.
Request trace identifier for correlation.
Structured list of specific errors (extension field).
Represents an error returned by the API.
Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).
Human-readable error message.
The request field that caused the error, if applicable.
Additional context about the error.
Non-fatal warnings (extension field).
Represents a non-fatal warning from the API.
Machine-readable warning code.
Human-readable warning message.
Validation failed.
The request body contains invalid data.
{
"type": "https://developer.document360.com/errors/validation-error",
"title": "Unprocessable Entity.",
"status": 422,
"detail": "One or more fields failed validation.",
"instance": null,
"trace_id": "req_abc123def456",
"errors": [
{
"code": "VALIDATION_ERROR",
"message": "This field is required.",
"field": "title",
"details": null
}
],
"warnings": null
}RFC 7807 Problem Details response for V3 API errors. Content-Type: application/problem+json
URI reference identifying the error type (links to documentation).
Short human-readable summary of the error type.
HTTP status code.
Human-readable explanation specific to this occurrence.
URI of the request that generated the error.
Request trace identifier for correlation.
Structured list of specific errors (extension field).
Represents an error returned by the API.
Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).
Human-readable error message.
The request field that caused the error, if applicable.
Additional context about the error.
Non-fatal warnings (extension field).
Represents a non-fatal warning from the API.
Machine-readable warning code.
Human-readable warning message.
Rate limit exceeded. Retry after the duration specified in the Retry-After header.
Rate limit exceeded.
{
"type": "https://developer.document360.com/errors/too-many-requests",
"title": "Too Many Requests.",
"status": 429,
"detail": "Rate limit exceeded. Retry after the duration specified in the Retry-After header.",
"instance": null,
"trace_id": "req_abc123def456",
"errors": [
{
"code": "TOO_MANY_REQUESTS",
"message": "Rate limit exceeded. Retry after the duration specified in the Retry-After header.",
"field": null,
"details": null
}
],
"warnings": null
}RFC 7807 Problem Details response for V3 API errors. Content-Type: application/problem+json
URI reference identifying the error type (links to documentation).
Short human-readable summary of the error type.
HTTP status code.
Human-readable explanation specific to this occurrence.
URI of the request that generated the error.
Request trace identifier for correlation.
Structured list of specific errors (extension field).
Represents an error returned by the API.
Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).
Human-readable error message.
The request field that caused the error, if applicable.
Additional context about the error.
Non-fatal warnings (extension field).
Represents a non-fatal warning from the API.
Machine-readable warning code.
Human-readable warning message.
An unexpected server error occurred.
Unexpected server error.
{
"type": "https://developer.document360.com/errors/internal-error",
"title": "Internal Server Error.",
"status": 500,
"detail": "An unexpected error occurred. Please try again or contact support.",
"instance": null,
"trace_id": "req_abc123def456",
"errors": [
{
"code": "INTERNAL_SERVER_ERROR",
"message": "An unexpected error occurred.",
"field": null,
"details": null
}
],
"warnings": null
}RFC 7807 Problem Details response for V3 API errors. Content-Type: application/problem+json
URI reference identifying the error type (links to documentation).
Short human-readable summary of the error type.
HTTP status code.
Human-readable explanation specific to this occurrence.
URI of the request that generated the error.
Request trace identifier for correlation.
Structured list of specific errors (extension field).
Represents an error returned by the API.
Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).
Human-readable error message.
The request field that caused the error, if applicable.
Additional context about the error.
Non-fatal warnings (extension field).
Represents a non-fatal warning from the API.
Machine-readable warning code.
Human-readable warning message.
