Roles & RBAC

Roles & Permissions

Role-Based Access Control with 14 granular permissions and custom roles.

Base URL

/api/v1/roles

Endpoints

GET/ROLE_READ
List all roles
GET/:idROLE_READ
Get role by ID
POST/ROLE_CREATE
Create new role
PATCH/:idROLE_UPDATE
Update role
DELETE/:idROLE_DELETE
Delete role
GET/permissionsROLE_READ
List all permissions
POST/:roleId/users/:userIdROLE_ASSIGN
Assign role to user
DELETE/:roleId/users/:userIdROLE_ASSIGN
Remove role from user

Available Permissions

USER_READView users
USER_CREATECreate users
USER_UPDATEUpdate users
USER_DELETEDelete users
USER_MANAGEFull user management
ROLE_READView roles
ROLE_CREATECreate roles
ROLE_UPDATEUpdate roles
ROLE_DELETEDelete roles
ROLE_ASSIGNAssign/remove roles
ADMIN_ACCESSAdmin panel access
ADMIN_SETTINGSModify settings
AUDIT_READView audit logs
SYSTEM_MANAGESystem management

Default Roles

adminAll permissions (system role)
moderatorUSER_READ, USER_UPDATE, AUDIT_READ
userBasic access (default role)