- Print
- DarkLight
Edit the content role for a specific user.
Updates the content role permissions for a user, including access scopes that control which categories, project versions, and languages the user can access. Requires the UpdateRolesAccountsAndGroups permission. The provided content permissions fully replace any existing content role assignments. Retrieve available content role IDs from GET /v3/projects/{projectId}/users/roles.
All V3 endpoints require a Bearer token. Generate tokens in the Document360 portal under Settings > API Tokens. Tokens are project-scoped, require the customerApi scope, and do not expire by default. Tokens can be revoked at any time from the portal. Include the token in every request: Authorization: Bearer <your-token>. Alternatively, use the Authorize button below to sign in via OAuth2 Authorization Code flow with PKCE.
The unique identifier of the project. Retrieve project IDs from GET /v3/projects.
The identifier of the user whose content roles to update. Retrieve user IDs from GET /v3/projects/{projectId}/users.
The content role update request.
Assigns category-scoped content roles to the user.
{
"content_permissions": [
{
"associated_content_role_id": "a7b8c9d0-e1f2-3a4b-5c6d-7e8f9a0b1c2d",
"access_scope": {
"access_level": "category",
"categories": [
{
"project_version_id": "1c2d3e4f-5a6b-7c8d-9e0f-a1b2c3d4e5f6",
"category_id": "9a3b4c5d-6e7f-8a9b-0c1d-2e3f4a5b6c7d",
"lang_code": "en"
}
],
"project_versions": null,
"languages": null
}
}
]
}Request to update a user's content role assignments.
Updated list of content role assignments. Replaces all existing content permissions.
Defines a content role assignment with its access scope.
Unique identifier of the content role to assign. Retrieve available content roles from GET /v3/projects/{projectId}/users/roles (filter by RoleType = "Content").
The access scope defining which project versions, categories, or languages this role applies to.
The level at which access is scoped. Possible values: 0 = None, 1 = Category, 2 = Version, 3 = Project, 4 = Language, 5 = Article, 6 = Workspace.
List of specific category scopes when AccessLevel is Category (1). Null or empty for broader access levels.
Specifies access to a specific category within a project version and language.
Unique identifier of the project version containing the category. Retrieve from GET /v3/projects/{projectId}/project-versions.
Unique identifier of the category to grant access to. Retrieve from GET /v3/projects/{projectId}/categories.
Language code for the category translation (e.g., "en", "fr", "de"). Retrieve available languages from GET /v3/projects/{projectId}/languages.
List of project version IDs the reader has access to when AccessLevel is Version (2). Retrieve version IDs from GET /v3/projects/{projectId}/project-versions.
List of language scopes defining which translations the reader can access. Applicable when AccessLevel is Language (4).
Specifies access to a specific language within a project version.
Unique identifier of the project version. Retrieve from GET /v3/projects/{projectId}/project-versions.
Language code to grant access to (e.g., "en", "fr", "de"). Retrieve available languages from GET /v3/projects/{projectId}/languages.
Content role updated successfully.
The article workflow status has been transitioned successfully.
{
"success": true,
"request_id": "req_abc123def456",
"errors": null,
"warnings": null
}Base API response wrapper indicating success or failure.
Whether the API request was successful.
Unique identifier for request tracing and correlation.
List of errors if the request failed.
Represents an error returned by the API.
Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).
Human-readable error message.
The request field that caused the error, if applicable.
Additional context about the error.
List of non-fatal warnings from the request.
Represents a non-fatal warning from the API.
Machine-readable warning code.
Human-readable warning message.
Validation error in the request.
RFC 7807 Problem Details response for V3 API errors. Content-Type: application/problem+json
URI reference identifying the error type (links to documentation).
Short human-readable summary of the error type.
HTTP status code.
Human-readable explanation specific to this occurrence.
URI of the request that generated the error.
Request trace identifier for correlation.
Structured list of specific errors (extension field).
Represents an error returned by the API.
Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).
Human-readable error message.
The request field that caused the error, if applicable.
Additional context about the error.
Non-fatal warnings (extension field).
Represents a non-fatal warning from the API.
Machine-readable warning code.
Human-readable warning message.
Authentication token is missing or invalid.
Authentication token is missing or invalid.
{
"type": "https://developer.document360.com/errors/unauthorized",
"title": "Unauthorized.",
"status": 401,
"detail": "The authentication token is missing or has expired.",
"instance": null,
"trace_id": "req_abc123def456",
"errors": [
{
"code": "UNAUTHORIZED",
"message": "Bearer token is missing or invalid.",
"field": null,
"details": null
}
],
"warnings": null
}RFC 7807 Problem Details response for V3 API errors. Content-Type: application/problem+json
URI reference identifying the error type (links to documentation).
Short human-readable summary of the error type.
HTTP status code.
Human-readable explanation specific to this occurrence.
URI of the request that generated the error.
Request trace identifier for correlation.
Structured list of specific errors (extension field).
Represents an error returned by the API.
Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).
Human-readable error message.
The request field that caused the error, if applicable.
Additional context about the error.
Non-fatal warnings (extension field).
Represents a non-fatal warning from the API.
Machine-readable warning code.
Human-readable warning message.
User not found.
The requested resource was not found.
{
"type": "https://developer.document360.com/errors/not-found",
"title": "Not Found.",
"status": 404,
"detail": "The requested resource does not exist or has been deleted.",
"instance": null,
"trace_id": "req_abc123def456",
"errors": [
{
"code": "RESOURCE_NOT_FOUND",
"message": "The requested resource was not found.",
"field": null,
"details": null
}
],
"warnings": null
}RFC 7807 Problem Details response for V3 API errors. Content-Type: application/problem+json
URI reference identifying the error type (links to documentation).
Short human-readable summary of the error type.
HTTP status code.
Human-readable explanation specific to this occurrence.
URI of the request that generated the error.
Request trace identifier for correlation.
Structured list of specific errors (extension field).
Represents an error returned by the API.
Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).
Human-readable error message.
The request field that caused the error, if applicable.
Additional context about the error.
Non-fatal warnings (extension field).
Represents a non-fatal warning from the API.
Machine-readable warning code.
Human-readable warning message.
Rate limit exceeded. Retry after the duration specified in the Retry-After header.
Rate limit exceeded.
{
"type": "https://developer.document360.com/errors/too-many-requests",
"title": "Too Many Requests.",
"status": 429,
"detail": "Rate limit exceeded. Retry after the duration specified in the Retry-After header.",
"instance": null,
"trace_id": "req_abc123def456",
"errors": [
{
"code": "TOO_MANY_REQUESTS",
"message": "Rate limit exceeded. Retry after the duration specified in the Retry-After header.",
"field": null,
"details": null
}
],
"warnings": null
}RFC 7807 Problem Details response for V3 API errors. Content-Type: application/problem+json
URI reference identifying the error type (links to documentation).
Short human-readable summary of the error type.
HTTP status code.
Human-readable explanation specific to this occurrence.
URI of the request that generated the error.
Request trace identifier for correlation.
Structured list of specific errors (extension field).
Represents an error returned by the API.
Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).
Human-readable error message.
The request field that caused the error, if applicable.
Additional context about the error.
Non-fatal warnings (extension field).
Represents a non-fatal warning from the API.
Machine-readable warning code.
Human-readable warning message.
An unexpected server error occurred.
Unexpected server error.
{
"type": "https://developer.document360.com/errors/internal-error",
"title": "Internal Server Error.",
"status": 500,
"detail": "An unexpected error occurred. Please try again or contact support.",
"instance": null,
"trace_id": "req_abc123def456",
"errors": [
{
"code": "INTERNAL_SERVER_ERROR",
"message": "An unexpected error occurred.",
"field": null,
"details": null
}
],
"warnings": null
}RFC 7807 Problem Details response for V3 API errors. Content-Type: application/problem+json
URI reference identifying the error type (links to documentation).
Short human-readable summary of the error type.
HTTP status code.
Human-readable explanation specific to this occurrence.
URI of the request that generated the error.
Request trace identifier for correlation.
Structured list of specific errors (extension field).
Represents an error returned by the API.
Machine-readable error code (e.g. VALIDATION_ERROR, RESOURCE_NOT_FOUND).
Human-readable error message.
The request field that caused the error, if applicable.
Additional context about the error.
Non-fatal warnings (extension field).
Represents a non-fatal warning from the API.
Machine-readable warning code.
Human-readable warning message.
