Update an Application Role
This API is used to update an existing Application Role.
You must specify the Id of the Application Role you are updating on the URI. You must specify the Application Id and the Role Id on the URI to identify the role that is being updated.You must specify all of the properties of the Application Role when calling this API with the PUT HTTP method. When used with PUT, this API doesn't merge the existing Application Role and your new data. It replaces the existing Application Role with your new data.
Utilize the PATCH HTTP method to send specific changes to merge into an existing Application Role.
When updating a role on a universal application, a global API key is required. A tenant-scoped API key is not sufficient for this operation.
Request#
OpenAPI Spec
OpenAPI Spec
For backward compatibility, the PATCH method accepts the same media type (specified by a Content-Type of application/json) and body as the PUT request. You can also use the following media types for different behavior:
- JSON Patch/RFC 6902:
application/json-patch+json - JSON Merge Patch/RFC 7396:
merge-patch+json
For details, see the PATCH documentation.
Using a media type of application/json merges the provided request parameters into the existing object. As a result, all parameters are optional with PATCH: only provide the values you want to change. To remove a value, provide a null value. Patching an Array appends all values in the new list to the old list.
Request Headers#
X-FusionAuth-TenantIdStringoptionalThe unique Id of the tenant used to scope this API request.
The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.
Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.
See Making an API request using a Tenant Id for additional information.
Request Parameters#
applicationIdUUIDrequiredImmutableThe Id of the Application to which the Role belongs.
roleIdUUIDrequiredImmutableThe Id of the Role that is being updated.
Request Body#
role.descriptionStringoptionalA description for the role.
role.nameStringrequiredThe name of the Role.
role.isDefaultBooleanoptionalDefaults to falseWhether or not the Role is a default role. A default role is automatically assigned to a user during registration if no roles are provided. More than one role can be marked as default.
role.isSuperRoleBooleanoptionalDefaults to falseWhether or not the Role is a considered to be a super user role. This is a marker to indicate that it supersedes all other roles. FusionAuth will attempt to enforce this contract when using the web UI, it is not enforced programmatically when using the API.
Example Request JSON
{
"role": {
"description": "a new role for the app",
"name": "role 3",
"isDefault": true
}
}
Response#
The response for this API contains the new information for the role that was updated.
Response Codes| Code | Description |
|---|---|
| 200 | The request was successful. The response will contain a JSON body. |
| 400 | The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present. |
| 401 | You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication. |
| 500 | There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty. |
Response Body#
role.descriptionStringThe description of the role.
role.idUUIDThe Id of the Role.
role.insertInstantLongThe instant that the Role was added to the FusionAuth database.
role.lastUpdateInstantLongThe instant that the Role was updated in the FusionAuth database.
role.nameStringThe name of the Role.
role.isDefaultBooleanWhether or not the Role is a default role. A default role is automatically assigned to a user during registration if no roles are provided.
role.isSuperRoleBooleanWhether or not the Role is a considered to be a super user role. This is a marker to indicate that it supersedes all other roles. FusionAuth will attempt to enforce this contract when using the web UI, it is not enforced programmatically when using the API.
Example Response JSON
{
"role": {
"description": "a new role for the app",
"id": "ce485a91-906f-4615-af75-81d37dc71e90",
"insertInstant": 1595361142909,
"lastUpdateInstant": 1595361143101,
"name": "role 3",
"isDefault": true
}
}