PUT /api/applications/{applicationId}/access-control
O auth2

Replace the app-level access-control rule configuration for the specified application.

Path parameters

  • applicationId string Required

    The unique identifier of the application.

application/json

Body Required

  • userIds array[string] Required

    An array of user IDs that can access the application.

  • userRoleIds array[string] Required

    An array of user role IDs whose assigned users can access the application.

  • organizationIds array[string] Required

    An array of organization IDs whose members can access the application.

  • organizationRoleRules array[object] Required

    An array of organization-role rule groups. Each group contains an organization ID and the organization role IDs that can access the application in that organization.

    Hide organizationRoleRules attributes Show organizationRoleRules attributes object
    • organizationId string Required
    • organizationRoleIds array[string] Required

      At least 1 element.

Responses

  • 200 application/json

    The app-level access-control rule configuration was replaced successfully.

    Hide response attributes Show response attributes object
    • userIds array[string] Required
    • userRoleIds array[string] Required
    • organizationIds array[string] Required
    • organizationRoleRules array[object] Required
      Hide organizationRoleRules attributes Show organizationRoleRules attributes object
      • organizationId string Required
      • organizationRoleIds array[string] Required
  • 400

    Bad Request

  • 401

    Unauthorized

  • 403

    Forbidden

  • 404

    The application or referenced entities were not found, or app-level access control is unavailable.

  • 422

    The access-control rule payload contains invalid role types or empty organization-role groups.

PUT /api/applications/{applicationId}/access-control 
curl \
 --request PUT 'https://[tenant_id].logto.app/api/applications/{applicationId}/access-control' \
 --header "Authorization: Bearer $ACCESS_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{"userIds":["string"],"userRoleIds":["string"],"organizationIds":["string"],"organizationRoleRules":[{"organizationId":"string","organizationRoleIds":["string"]}]}'
Request examples 
{
  "userIds": [
    "string"
  ],
  "userRoleIds": [
    "string"
  ],
  "organizationIds": [
    "string"
  ],
  "organizationRoleRules": [
    {
      "organizationId": "string",
      "organizationRoleIds": [
        "string"
      ]
    }
  ]
}
Response examples (200) 
{
  "userIds": [
    "string"
  ],
  "userRoleIds": [
    "string"
  ],
  "organizationIds": [
    "string"
  ],
  "organizationRoleRules": [
    {
      "organizationId": "string",
      "organizationRoleIds": [
        "string"
      ]
    }
  ]
}