See api-docs Menu

Update a Privilege

Use this API to update an existing privilege object.

For a detailed explanation of a privilege object, see Create a Privilege.

Preview Release

This API is part of the OneLogin Delegated Administration Service and only available as a preview release. If you’re interested in using this API please contact your account manager or our support team.

Resource URL

PUT https://api.<us_or_eu>.onelogin.com/api/1/privileges/:id

Header Parameters

Authorization

required

string

Set to bearer:<access_token>.

Set <access_token> to the access token generated using the Generate Token API.

Generate the access token with the API credential pair created using the scope required to call this API. Call this API using the Manage All scope.

Resource Parameter

id

required

string

Set to the id of the privilege you want to update.

Request Parameters

name

required

string

The name of this privilege

privilege

required

object

An object containing statements that describe the level of access granted by this privilege.

  • Version - The version for the privilege schema. This is always 2018-05-18.
  • Statement - An array of statment objects. For a detailed explanation of a Statement object, including possible Actions, see Create a Privilege.

Sample Request Body

Allow the following user actions on any user in OneLogin.

{
    "name": "User Administrator",
    "privilege":  {
        "Version": "2018-05-18",
        "Statement": [{
            "Effect": "Allow",
            "Action": [
                "users:Get",
                "users:Unlock",
                "users:ResetPassword",
                "users:ForceLogout",
                "users:Delete"
            ],
            "Scope": ["*"]
        }]
    }
}

Sample Response

{
    "id": "5e43a548-e9c6-47be-9341-92160902f7a6"
}

No statement or statement is missing an Actions array.

{
    "statusCode": 400,
    "name": "BadRequestError",
    "message": "The request could not be understood by the server due to malformed syntax: Statement required Action array"
}

Effect is missing in the statement

{
    "statusCode": 400,
    "name": "BadRequestError",
    "message": "The request could not be understood by the server due to malformed syntax: Effect is required and must be 'Allow'"
}

Invalid action was supplied. e.g. users:MadeUpAction

{
    "statusCode": 400,
    "name": "BadRequestError",
    "message": "The request could not be understood by the server due to malformed syntax: Operation 'MadeUpAction' does not exist"
}

Typically, this error means that your access token value is invalid.

{
    "statusCode": 401,
    "name": "UnauthorizedError",
    "message": "The request requires user authentication."
}

Sample Code

cURL

curl 'https://api.<us_or_eu>>.onelogin.com/api/1/privileges/<privilege_id>' \
-X PUT \
-H "Authorization: bearer:<access_token>" \
-d '{
    "name": "Super Administrator",
    "privilege":  {
        "Version": "2018-05-18",
        "Statement": [{
            "Effect": "Allow",
            "Action": ["*"],
            "Scope": ["*"]
        }]
    }
}'

Postman Collection

Replace sample variables indicated by {{ }} with your actual values.

Download for the Privileges API


Have a Question?

Have a how-to question? Seeing a weird error? Ask us about it on StackOverflow.

Found a bug? Submit a support ticket.

Have a product idea or request? Share it with us in our Ideas Portal.