Create or update an organization role

PUT

/auth/access-management/organizations/{organizationId}/roles/{slug}

Requires Authorization: Bearer in deployed environments. Mint the JWT through POST /auth/token with AWS SigV4 credentials. Creates the organization-scoped role when it does not exist, or updates the display name when it already exists. Role slugs must use the org-* format.

Authorizations

serviceBearer

Parameters

Path Parameters

slug

required

string

org-admin

Organization role slug. Must start with ‘org-’ followed by lowercase letters, numbers, hyphens, or underscores.

organizationId

required

string

org_123

Provider tenant or organization identifier. In WorkOS mode this is the WorkOS organization id, for example org_123.

Request Body^required

object

name

required

Human-readable organization role name shown in the configured access provider.

string

Organization Admin

Responses

200

Created or updated role id

object

required

Provider role identifier returned after the organization role is created or updated.

string

role_01HXYZ

400

BAD_REQUEST

object

type

required

string format: uri

title

required

string

status

required

integer

detail

string

instance

string

karmoCode

required

Karmo 8-digit error code.

string

/^[0-9]{8}$/

karmoMeta

Domain-level metadata emitted by the service.

object

key

additional properties

any

karmoErrors

Array<object>

object

detail

required

Human-readable detail for the specific field error.

string

pointer

required

JSON pointer to the offending value.

string

/email

401

UNAUTHORIZED

object

type

required

string format: uri

title

required

string

status

required

integer

detail

string

instance

string

karmoCode

required

Karmo 8-digit error code.

string

/^[0-9]{8}$/

karmoMeta

Domain-level metadata emitted by the service.

object

key

additional properties

any

karmoErrors

Array<object>

object

detail

required

Human-readable detail for the specific field error.

string

pointer

required

JSON pointer to the offending value.

string

/email

403

FORBIDDEN

object

type

required

string format: uri

title

required

string

status

required

integer

detail

string

instance

string

karmoCode

required

Karmo 8-digit error code.

string

/^[0-9]{8}$/

karmoMeta

Domain-level metadata emitted by the service.

object

key

additional properties

any

karmoErrors

Array<object>

object

detail

required

Human-readable detail for the specific field error.

string

pointer

required

JSON pointer to the offending value.

string

/email

404

NOT_FOUND

object

type

required

string format: uri

title

required

string

status

required

integer

detail

string

instance

string

karmoCode

required

Karmo 8-digit error code.

string

/^[0-9]{8}$/

karmoMeta

Domain-level metadata emitted by the service.

object

key

additional properties

any

karmoErrors

Array<object>

object

detail

required

Human-readable detail for the specific field error.

string

pointer

required

JSON pointer to the offending value.

string

/email

409

CONFLICT

object

type

required

string format: uri

title

required

string

status

required

integer

detail

string

instance

string

karmoCode

required

Karmo 8-digit error code.

string

/^[0-9]{8}$/

karmoMeta

Domain-level metadata emitted by the service.

object

key

additional properties

any

karmoErrors

Array<object>

object

detail

required

Human-readable detail for the specific field error.

string

pointer

required

JSON pointer to the offending value.

string

/email

422

UNPROCESSABLE_ENTITY

object

type

required

string format: uri

title

required

string

status

required

integer

detail

string

instance

string

karmoCode

required

Karmo 8-digit error code.

string

/^[0-9]{8}$/

karmoMeta

Domain-level metadata emitted by the service.

object

key

additional properties

any

karmoErrors

Array<object>

object

detail

required

Human-readable detail for the specific field error.

string

pointer

required

JSON pointer to the offending value.

string

/email

429

Configured access provider rate limited the request.

object

type

required

string format: uri

title

required

string

status

required

integer

detail

string

instance

string

karmoCode

required

Karmo 8-digit error code.

string

/^[0-9]{8}$/

karmoMeta

Domain-level metadata emitted by the service.

object

key

additional properties

any

karmoErrors

Array<object>

object

detail

required

Human-readable detail for the specific field error.

string

pointer

required

JSON pointer to the offending value.

string

/email

500

INTERNAL_SERVER_ERROR

object

type

required

string format: uri

title

required

string

status

required

integer

detail

string

instance

string

karmoCode

required

Karmo 8-digit error code.

string

/^[0-9]{8}$/

karmoMeta

Domain-level metadata emitted by the service.

object

key

additional properties

any

karmoErrors

Array<object>

object

detail

required

Human-readable detail for the specific field error.

string

pointer

required

JSON pointer to the offending value.

string

/email

503

Access-management provider is not configured for this environment.

object

type

required

string format: uri

title

required

string

status

required

integer

detail

string

instance

string

karmoCode

required

Karmo 8-digit error code.

string

/^[0-9]{8}$/

karmoMeta

Domain-level metadata emitted by the service.

object

key

additional properties

any

karmoErrors

Array<object>

object

detail

required

Human-readable detail for the specific field error.

string

pointer

required

JSON pointer to the offending value.

string

/email

Create or update an organization role

Authorizations

Parameters

Path Parameters

Request Body required

Responses

200

400

401

403

404

409

422

429

500

503

Request Body^required