> For the complete documentation index, see [llms.txt](https://guardian.hedera.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://guardian.hedera.com/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions.md). # APIs related to Roles & Permissions Guardian uses a role-based access control (RBAC) system. Standard Registry users create custom roles with specific permission sets, then assign those roles to users within their organization. Delegation support also allows ordinary users with the appropriate rights to manage role and policy assignments on behalf of peers. **Authentication:** Bearer token required (`Authorization: Bearer `) — obtain via `POST /api/v1/accounts/login`. *** ## Endpoint Index | Method | Endpoint | Description | Auth Required | | ------------ | -------------------------------------------------------- | ----------------------------------------------------------- | ------------- | | **`GET`** | `/api/v1/permissions` | Returns the full list of available system-level permissions | Yes | | **`GET`** | `/api/v1/permissions/roles` | Returns a paginated list of roles | Yes | | **`POST`** | `/api/v1/permissions/roles` | Creates a new custom role | Yes | | **`PUT`** | `/api/v1/permissions/roles/{id}` | Updates an existing role's configuration | Yes | | **`DELETE`** | `/api/v1/permissions/roles/{id}` | Deletes a role by ID | Yes | | **`POST`** | `/api/v1/permissions/roles/default` | Sets a role as the default for new users | Yes | | **`GET`** | `/api/v1/permissions/users` | Returns a paginated list of manageable users | Yes | | **`GET`** | `/api/v1/permissions/users/{username}` | Returns a user's roles, permissions, and assigned policies | Yes | | **`PUT`** | `/api/v1/permissions/users/{username}` | Assigns roles to a user (Standard Registry) | Yes | | **`GET`** | `/api/v1/permissions/users/{username}/policies` | Returns policies accessible to a user | Yes | | **`POST`** | `/api/v1/permissions/users/{username}/policies/assign` | Assigns or unassigns policies to a user (Standard Registry) | Yes | | **`PUT`** | `/api/v1/permissions/users/{username}/delegate` | Delegates roles to a user (ordinary users) | Yes | | **`POST`** | `/api/v1/permissions/users/{username}/policies/delegate` | Delegates policy access to a user (ordinary users) | Yes | *** ## Endpoints * [Returns List of All Permissions](/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions/returns-list-of-all-permissions.md) * [Returns List of All Roles](/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions/returns-list-of-all-roles.md) * [Creates a New Role](/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions/creates-a-new-role.md) * [Updates Role Configuration](/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions/updates-role-configuration.md) * [Deletes Role](/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions/deletes-role.md) * [Setting Default Role](/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions/setting-default-role.md) * [Returns List of All Users](/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions/returns-list-of-all-users-for-whom-the-current-user-can-change-the-role.md) * [Retrieves User Information (Roles, Permissions, Assigned Policies)](/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions/retrieves-information-about-the-user-roles-permissions-assigned-policies.md) * [Updates User Roles (Standard Registry)](/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions/updates-user-roles-only-sr.md) * [Returns List of All Policies for a User](/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions/returns-list-of-all-policies.md) * [Assigns Policies to a User (Standard Registry)](/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions/assigns-policies-to-a-user-only-sr.md) * [Delegates User Roles (Ordinary Users)](/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions/updates-user-roles-for-ordinary-uses.md) * [Delegates Policies to a User (Ordinary Users)](/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions/assigns-policies-to-a-user-for-ordinary-users.md) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://guardian.hedera.com/guardian/standard-registry/roles-and-permissions/apis-related-to-roles-and-permissions.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.