Create a Space Role
This endpoint allows you to create a new space role.
https://mapi.storyblok.com/v1/spaces/:space_id/space_roles/Path Parameters
-
:space_id
required numberNumeric ID of a space
Request Body Properties
-
space_role
The Space Role Object-
allowed_paths
number[]Story ids the user should have access to (acts as whitelist). If no item is selected the user has rights to access all content items.
-
field_permissions
string[]Hide specific fields for this user with an array of strings with the schema:
"component_name.field_name" -
readonly_field_permissions
string[]An array of defined fields that are hidden for the specific role. The schema used is
component_name.field_name -
permissions
enum[]An array of strings that defines the permissions for the a specific role. These are a few examples, but there are more value that can be present or used.
Try changing the role permissions and retrieve a role to see all the possible values
Permission Description publish_stories Allow publishing of content entries save_stories Allow editing and saving of content entries edit_datasources Allow editing and saving of datasources access_commerce Allow access to commerce app edit_story_slug Deny the change of slugs of content entries move_story Deny moving of content entries view_composer Deny access to visual composer -
role
required stringRole of the collaborator, could be admin, editor or custom roles
-
subtitle
stringDescription of the role
-
datasource_ids
number[]An array of datasource IDs that can be accessed by the role. If no IDs is added, the user has rights to edit all datasources.
-
component_ids
number[]An array of IDs of components that the user role cannot select/use. If none is present/selected, the user role has rights to all components.
-
branch_ids
number[]An array of IDs of pipelines that the user role has right to deploy. If none is present/selected, the user role can access all the pipelines.
-
allowed_languages
string[]List of languages (language codes) that the user role has access to. If none is present/selected, the user role has right to all the languages.
-
asset_folder_ids
number[]An array of IDs of asset folders that the user role has access to. If none is present/selected, the user role can access all the asset folders.
-
Response Properties
-
space_role
The Space Role Object-
id
numberNumeric Unique ID of the space role
-
allowed_paths
number[]Story ids the user should have access to (acts as whitelist). If no item is selected the user has rights to access all content items.
-
resolved_allowed_paths
string[]Resolved allowed_paths for displaying paths
-
field_permissions
string[]Hide specific fields for this user with an array of strings with the schema:
"component_name.field_name" -
readonly_field_permissions
string[]An array of defined fields that are hidden for the specific role. The schema used is
component_name.field_name -
permissions
enum[]An array of strings that defines the permissions for the a specific role. These are a few examples, but there are more value that can be present or used.
Try changing the role permissions and retrieve a role to see all the possible values
Permission Description publish_stories Allow publishing of content entries save_stories Allow editing and saving of content entries edit_datasources Allow editing and saving of datasources access_commerce Allow access to commerce app edit_story_slug Deny the change of slugs of content entries move_story Deny moving of content entries view_composer Deny access to visual composer -
role
stringRole of the collaborator, could be admin, editor or custom roles
-
subtitle
stringDescription of the role
-
datasource_ids
number[]An array of datasource IDs that can be accessed by the role. If no IDs is added, the user has rights to edit all datasources.
-
component_ids
number[]An array of IDs of components that the user role cannot select/use. If none is present/selected, the user role has rights to all components.
-
branch_ids
number[]An array of IDs of pipelines that the user role has right to deploy. If none is present/selected, the user role can access all the pipelines.
-
allowed_languages
string[]List of languages (language codes) that the user role has access to. If none is present/selected, the user role has right to all the languages.
-
asset_folder_ids
number[]An array of IDs of asset folders that the user role has access to. If none is present/selected, the user role can access all the asset folders.
-
curl "https://mapi.storyblok.com/v1/spaces/606/space_roles/" \
-X POST \
-H "Content-Type: application/json" \
-H "Authorization: YOUR_OAUTH_TOKEN" \
-d "{\"space_role\": {\"allowed_paths\": [43097198,48581646],\"field_permissions\": [\"article.title\",\"hero.image\"],\"readonly_field_permissions\": [\"hero.RichText_type\",\"hero.TextArea_type\"],\"permissions\": [\"manage_block_library\",\"deny_component_technical_name_update\",\"deny_component_fields_name_update\",\"edit_image\",\"delete_stories\",\"deploy_stories\",\"unpublish_stories\",\"unpublish_folders\",\"publish_stories\",\"publish_folders\",\"manage-non-translatable-fields\",\"manage_tags\"],\"role\": \"Test role\",\"subtitle\": \"desc\",\"datasource_ids\": [2189],\"component_ids\": [57584,43743,72760,67535],\"branch_ids\": [304011],\"allowed_languages\": [\"default\",\"de\"],\"asset_folder_ids\": [56328,29783]}}"// Using the Universal JavaScript Client:
// https://github.com/storyblok/storyblok-js-client
Storyblok.post('/spaces/606/space_roles/', {
"space_role": {
"allowed_paths": [
43097198,
48581646
],
"field_permissions": [
"article.title",
"hero.image"
],
"readonly_field_permissions": [
"hero.RichText_type",
"hero.TextArea_type"
],
"permissions": [
"manage_block_library",
"deny_component_technical_name_update",
"deny_component_fields_name_update",
"edit_image",
"delete_stories",
"deploy_stories",
"unpublish_stories",
"unpublish_folders",
"publish_stories",
"publish_folders",
"manage-non-translatable-fields",
"manage_tags"
],
"role": "Test role",
"subtitle": "desc",
"datasource_ids": [
2189
],
"component_ids": [
57584,
43743,
72760,
67535
],
"branch_ids": [
304011
],
"allowed_languages": [
"default",
"de"
],
"asset_folder_ids": [
56328,
29783
]
}
})
.then(response => {
console.log(response)
}).catch(error => {
console.log(error)
})$client = new \Storyblok\ManagementClient('YOUR_OAUTH_TOKEN');
$payload = [
"space_role" => [
"allowed_paths" => [
43097198,
48581646
],
"field_permissions" => [
"article.title",
"hero.image"
],
"readonly_field_permissions" => [
"hero.RichText_type",
"hero.TextArea_type"
],
"permissions" => [
"manage_block_library",
"deny_component_technical_name_update",
"deny_component_fields_name_update",
"edit_image",
"delete_stories",
"deploy_stories",
"unpublish_stories",
"unpublish_folders",
"publish_stories",
"publish_folders",
"manage-non-translatable-fields",
"manage_tags"
],
"role" => "Test role",
"subtitle" => "desc",
"datasource_ids" => [
2189
],
"component_ids" => [
57584,
43743,
72760,
67535
],
"branch_ids" => [
304011
],
"allowed_languages" => [
"default",
"de"
],
"asset_folder_ids" => [
56328,
29783
]
]
];
$client->post('/spaces/606/space_roles/', $payload)->getBody();require 'storyblok'
client = Storyblok::Client.new(oauth_token: 'YOUR_OAUTH_TOKEN')
payload = {
"space_role" => {
"allowed_paths" => [
43097198,
48581646
],
"field_permissions" => [
"article.title",
"hero.image"
],
"readonly_field_permissions" => [
"hero.RichText_type",
"hero.TextArea_type"
],
"permissions" => [
"manage_block_library",
"deny_component_technical_name_update",
"deny_component_fields_name_update",
"edit_image",
"delete_stories",
"deploy_stories",
"unpublish_stories",
"unpublish_folders",
"publish_stories",
"publish_folders",
"manage-non-translatable-fields",
"manage_tags"
],
"role" => "Test role",
"subtitle" => "desc",
"datasource_ids" => [
2189
],
"component_ids" => [
57584,
43743,
72760,
67535
],
"branch_ids" => [
304011
],
"allowed_languages" => [
"default",
"de"
],
"asset_folder_ids" => [
56328,
29783
]
}
}
client.post('/spaces/606/space_roles/', payload)HttpResponse<String> response = Unirest.post("https://mapi.storyblok.com/v1/spaces/606/space_roles/")
.header("Content-Type", "application/json")
.header("Authorization", "YOUR_OAUTH_TOKEN")
.body("{\"space_role\": {\"allowed_paths\": [43097198,48581646],\"field_permissions\": [\"article.title\",\"hero.image\"],\"readonly_field_permissions\": [\"hero.RichText_type\",\"hero.TextArea_type\"],\"permissions\": [\"manage_block_library\",\"deny_component_technical_name_update\",\"deny_component_fields_name_update\",\"edit_image\",\"delete_stories\",\"deploy_stories\",\"unpublish_stories\",\"unpublish_folders\",\"publish_stories\",\"publish_folders\",\"manage-non-translatable-fields\",\"manage_tags\"],\"role\": \"Test role\",\"subtitle\": \"desc\",\"datasource_ids\": [2189],\"component_ids\": [57584,43743,72760,67535],\"branch_ids\": [304011],\"allowed_languages\": [\"default\",\"de\"],\"asset_folder_ids\": [56328,29783]}}")
.asString();var client = new RestClient("https://mapi.storyblok.com/v1/spaces/606/space_roles/");
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "YOUR_OAUTH_TOKEN");
request.AddParameter("application/json", "{\"space_role\": {\"allowed_paths\": [43097198,48581646],\"field_permissions\": [\"article.title\",\"hero.image\"],\"readonly_field_permissions\": [\"hero.RichText_type\",\"hero.TextArea_type\"],\"permissions\": [\"manage_block_library\",\"deny_component_technical_name_update\",\"deny_component_fields_name_update\",\"edit_image\",\"delete_stories\",\"deploy_stories\",\"unpublish_stories\",\"unpublish_folders\",\"publish_stories\",\"publish_folders\",\"manage-non-translatable-fields\",\"manage_tags\"],\"role\": \"Test role\",\"subtitle\": \"desc\",\"datasource_ids\": [2189],\"component_ids\": [57584,43743,72760,67535],\"branch_ids\": [304011],\"allowed_languages\": [\"default\",\"de\"],\"asset_folder_ids\": [56328,29783]}}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);import Foundation
let headers = [
"Content-Type": "application/json",
"Authorization": "YOUR_OAUTH_TOKEN"
]
let postData = NSData(data: "{\"space_role\": {\"allowed_paths\": [43097198,48581646],\"field_permissions\": [\"article.title\",\"hero.image\"],\"readonly_field_permissions\": [\"hero.RichText_type\",\"hero.TextArea_type\"],\"permissions\": [\"manage_block_library\",\"deny_component_technical_name_update\",\"deny_component_fields_name_update\",\"edit_image\",\"delete_stories\",\"deploy_stories\",\"unpublish_stories\",\"unpublish_folders\",\"publish_stories\",\"publish_folders\",\"manage-non-translatable-fields\",\"manage_tags\"],\"role\": \"Test role\",\"subtitle\": \"desc\",\"datasource_ids\": [2189],\"component_ids\": [57584,43743,72760,67535],\"branch_ids\": [304011],\"allowed_languages\": [\"default\",\"de\"],\"asset_folder_ids\": [56328,29783]}}".data(using: String.Encoding.utf8)!)
let request = NSMutableURLRequest(url: NSURL(string: "https://mapi.storyblok.com/v1/spaces/606/space_roles/")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0)
request.method = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()import requests
url = "https://mapi.storyblok.com/v1/spaces/606/space_roles/"
querystring = {}
payload = "{\"space_role\": {\"allowed_paths\": [43097198,48581646],\"field_permissions\": [\"article.title\",\"hero.image\"],\"readonly_field_permissions\": [\"hero.RichText_type\",\"hero.TextArea_type\"],\"permissions\": [\"manage_block_library\",\"deny_component_technical_name_update\",\"deny_component_fields_name_update\",\"edit_image\",\"delete_stories\",\"deploy_stories\",\"unpublish_stories\",\"unpublish_folders\",\"publish_stories\",\"publish_folders\",\"manage-non-translatable-fields\",\"manage_tags\"],\"role\": \"Test role\",\"subtitle\": \"desc\",\"datasource_ids\": [2189],\"component_ids\": [57584,43743,72760,67535],\"branch_ids\": [304011],\"allowed_languages\": [\"default\",\"de\"],\"asset_folder_ids\": [56328,29783]}}"
headers = {
'Content-Type': "application/json",
'Authorization': "YOUR_OAUTH_TOKEN"
}
response = requests.request("POST", url, data=payload, headers=headers, params=querystring)
print(response.text)