@epilot/sdk 2.0.0-beta.2 → 2.0.0-beta.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (196) hide show
  1. package/README.md +1 -0
  2. package/definitions/access-token-runtime.json +1 -0
  3. package/definitions/access-token.json +663 -0
  4. package/definitions/address-runtime.json +1 -0
  5. package/definitions/address-suggestions-runtime.json +1 -0
  6. package/definitions/address-suggestions.json +582 -0
  7. package/definitions/address.json +578 -0
  8. package/definitions/ai-agents-runtime.json +1 -0
  9. package/definitions/ai-agents.json +1711 -0
  10. package/definitions/app-runtime.json +1 -0
  11. package/definitions/app.json +4443 -0
  12. package/definitions/audit-logs-runtime.json +1 -0
  13. package/definitions/audit-logs.json +305 -0
  14. package/definitions/automation-runtime.json +1 -0
  15. package/definitions/automation.json +4850 -0
  16. package/definitions/billing-runtime.json +1 -0
  17. package/definitions/billing.json +837 -0
  18. package/definitions/blueprint-manifest-runtime.json +1 -0
  19. package/definitions/blueprint-manifest.json +3376 -0
  20. package/definitions/consent-runtime.json +1 -0
  21. package/definitions/consent.json +344 -0
  22. package/definitions/customer-portal-runtime.json +1 -0
  23. package/definitions/customer-portal.json +15000 -0
  24. package/definitions/dashboard-runtime.json +1 -0
  25. package/definitions/dashboard.json +484 -0
  26. package/definitions/data-management-runtime.json +1 -0
  27. package/definitions/data-management.json +962 -0
  28. package/definitions/deduplication-runtime.json +1 -0
  29. package/definitions/deduplication.json +183 -0
  30. package/definitions/design-runtime.json +1 -0
  31. package/definitions/design.json +1423 -0
  32. package/definitions/document-runtime.json +1 -0
  33. package/definitions/document.json +758 -0
  34. package/definitions/email-settings-runtime.json +1 -0
  35. package/definitions/email-settings.json +2627 -0
  36. package/definitions/email-template-runtime.json +1 -0
  37. package/definitions/email-template.json +1419 -0
  38. package/definitions/entity-mapping-runtime.json +1 -0
  39. package/definitions/entity-mapping.json +1642 -0
  40. package/definitions/entity-runtime.json +1 -0
  41. package/definitions/entity.json +10074 -0
  42. package/definitions/environments-runtime.json +1 -0
  43. package/definitions/environments.json +363 -0
  44. package/definitions/erp-integration-runtime.json +1 -0
  45. package/definitions/erp-integration.json +5845 -0
  46. package/definitions/event-catalog-runtime.json +1 -0
  47. package/definitions/event-catalog.json +1051 -0
  48. package/definitions/file-runtime.json +1 -0
  49. package/definitions/file.json +2842 -0
  50. package/definitions/iban-runtime.json +1 -0
  51. package/definitions/iban.json +132 -0
  52. package/definitions/journey-runtime.json +1 -0
  53. package/definitions/journey.json +2341 -0
  54. package/definitions/kanban-runtime.json +1 -0
  55. package/definitions/kanban.json +929 -0
  56. package/definitions/message-runtime.json +1 -0
  57. package/definitions/message.json +2660 -0
  58. package/definitions/metering-runtime.json +1 -0
  59. package/definitions/metering.json +2321 -0
  60. package/definitions/notes-runtime.json +1 -0
  61. package/definitions/notes.json +1531 -0
  62. package/definitions/notification-runtime.json +1 -0
  63. package/definitions/notification.json +1425 -0
  64. package/definitions/organization-runtime.json +1 -0
  65. package/definitions/organization.json +629 -0
  66. package/definitions/partner-directory-runtime.json +1 -0
  67. package/definitions/partner-directory.json +1718 -0
  68. package/definitions/permissions-runtime.json +1 -0
  69. package/definitions/permissions.json +1480 -0
  70. package/definitions/pricing-runtime.json +1 -0
  71. package/definitions/pricing-tier-runtime.json +1 -0
  72. package/definitions/pricing-tier.json +105 -0
  73. package/definitions/pricing.json +9884 -0
  74. package/definitions/purpose-runtime.json +1 -0
  75. package/definitions/purpose.json +524 -0
  76. package/definitions/sandbox-runtime.json +1 -0
  77. package/definitions/sandbox.json +453 -0
  78. package/definitions/submission-runtime.json +1 -0
  79. package/definitions/submission.json +313 -0
  80. package/definitions/targeting-runtime.json +1 -0
  81. package/definitions/targeting.json +1474 -0
  82. package/definitions/template-variables-runtime.json +1 -0
  83. package/definitions/template-variables.json +1408 -0
  84. package/definitions/user-runtime.json +1 -0
  85. package/definitions/user.json +2408 -0
  86. package/definitions/validation-rules-runtime.json +1 -0
  87. package/definitions/validation-rules.json +1491 -0
  88. package/definitions/webhooks-runtime.json +1 -0
  89. package/definitions/webhooks.json +1525 -0
  90. package/definitions/workflow-definition-runtime.json +1 -0
  91. package/definitions/workflow-definition.json +3417 -0
  92. package/definitions/workflow-runtime.json +1 -0
  93. package/definitions/workflow.json +4106 -0
  94. package/dist/apis/access-token.cjs +13 -84
  95. package/dist/apis/access-token.js +11 -82
  96. package/dist/apis/address-suggestions.cjs +13 -127
  97. package/dist/apis/address-suggestions.js +11 -125
  98. package/dist/apis/address.cjs +13 -79
  99. package/dist/apis/address.js +11 -77
  100. package/dist/apis/ai-agents.cjs +13 -210
  101. package/dist/apis/ai-agents.js +11 -208
  102. package/dist/apis/app.cjs +13 -568
  103. package/dist/apis/app.js +11 -566
  104. package/dist/apis/audit-logs.cjs +13 -50
  105. package/dist/apis/audit-logs.js +11 -48
  106. package/dist/apis/automation.cjs +13 -277
  107. package/dist/apis/automation.js +11 -275
  108. package/dist/apis/billing.cjs +13 -170
  109. package/dist/apis/billing.js +11 -168
  110. package/dist/apis/blueprint-manifest.cjs +13 -499
  111. package/dist/apis/blueprint-manifest.js +11 -497
  112. package/dist/apis/consent.cjs +13 -79
  113. package/dist/apis/consent.js +11 -77
  114. package/dist/apis/customer-portal.cjs +13 -2247
  115. package/dist/apis/customer-portal.js +11 -2245
  116. package/dist/apis/dashboard.cjs +41 -0
  117. package/dist/apis/dashboard.d.cts +18 -0
  118. package/dist/apis/dashboard.d.ts +18 -0
  119. package/dist/apis/dashboard.js +41 -0
  120. package/dist/apis/data-management.cjs +13 -235
  121. package/dist/apis/data-management.js +11 -233
  122. package/dist/apis/deduplication.cjs +13 -37
  123. package/dist/apis/deduplication.js +11 -35
  124. package/dist/apis/design.cjs +13 -214
  125. package/dist/apis/design.js +11 -212
  126. package/dist/apis/document.cjs +13 -73
  127. package/dist/apis/document.js +11 -71
  128. package/dist/apis/email-settings.cjs +13 -528
  129. package/dist/apis/email-settings.js +11 -526
  130. package/dist/apis/email-template.cjs +13 -117
  131. package/dist/apis/email-template.js +11 -115
  132. package/dist/apis/entity-mapping.cjs +13 -210
  133. package/dist/apis/entity-mapping.js +11 -208
  134. package/dist/apis/entity.cjs +13 -1595
  135. package/dist/apis/entity.js +11 -1593
  136. package/dist/apis/environments.cjs +13 -66
  137. package/dist/apis/environments.js +11 -64
  138. package/dist/apis/erp-integration.cjs +13 -581
  139. package/dist/apis/erp-integration.js +11 -579
  140. package/dist/apis/event-catalog.cjs +13 -125
  141. package/dist/apis/event-catalog.js +11 -123
  142. package/dist/apis/file.cjs +13 -568
  143. package/dist/apis/file.js +11 -566
  144. package/dist/apis/iban.cjs +13 -38
  145. package/dist/apis/iban.js +11 -36
  146. package/dist/apis/journey.cjs +13 -265
  147. package/dist/apis/journey.js +11 -263
  148. package/dist/apis/kanban.cjs +13 -159
  149. package/dist/apis/kanban.js +11 -157
  150. package/dist/apis/message.cjs +13 -668
  151. package/dist/apis/message.js +11 -666
  152. package/dist/apis/metering.cjs +13 -394
  153. package/dist/apis/metering.js +11 -392
  154. package/dist/apis/notes.cjs +13 -214
  155. package/dist/apis/notes.js +11 -212
  156. package/dist/apis/notification.cjs +13 -232
  157. package/dist/apis/notification.js +11 -230
  158. package/dist/apis/organization.cjs +13 -113
  159. package/dist/apis/organization.js +11 -111
  160. package/dist/apis/partner-directory.cjs +13 -277
  161. package/dist/apis/partner-directory.js +11 -275
  162. package/dist/apis/permissions.cjs +13 -173
  163. package/dist/apis/permissions.js +11 -171
  164. package/dist/apis/pricing-tier.cjs +14 -32
  165. package/dist/apis/pricing-tier.js +11 -29
  166. package/dist/apis/pricing.cjs +13 -434
  167. package/dist/apis/pricing.js +11 -432
  168. package/dist/apis/purpose.cjs +13 -175
  169. package/dist/apis/purpose.js +11 -173
  170. package/dist/apis/sandbox.cjs +13 -95
  171. package/dist/apis/sandbox.js +11 -93
  172. package/dist/apis/submission.cjs +13 -50
  173. package/dist/apis/submission.js +11 -48
  174. package/dist/apis/targeting.cjs +13 -270
  175. package/dist/apis/targeting.js +11 -268
  176. package/dist/apis/template-variables.cjs +13 -154
  177. package/dist/apis/template-variables.js +11 -152
  178. package/dist/apis/user.cjs +13 -483
  179. package/dist/apis/user.js +11 -481
  180. package/dist/apis/validation-rules.cjs +13 -115
  181. package/dist/apis/validation-rules.js +11 -113
  182. package/dist/apis/webhooks.cjs +13 -247
  183. package/dist/apis/webhooks.js +11 -245
  184. package/dist/apis/workflow-definition.cjs +13 -337
  185. package/dist/apis/workflow-definition.js +11 -335
  186. package/dist/apis/workflow.cjs +13 -397
  187. package/dist/apis/workflow.js +11 -395
  188. package/dist/{chunk-D7ICL3AM.cjs → chunk-5LXNSDG2.cjs} +51 -2
  189. package/dist/{chunk-DGCGLG7G.js → chunk-QMQNMCOC.js} +49 -0
  190. package/dist/dashboard.d-AE3RQ6zo.d.cts +440 -0
  191. package/dist/dashboard.d-AE3RQ6zo.d.ts +440 -0
  192. package/dist/index.cjs +60 -53
  193. package/dist/index.d.cts +70 -68
  194. package/dist/index.d.ts +70 -68
  195. package/dist/index.js +57 -50
  196. package/package.json +55 -3
package/definitions/permissions.json ADDED
@@ -0,0 +1,1480 @@
1
+ {
2
+ "openapi": "3.0.3",
3
+ "info": {
4
+ "title": "Permissions API",
5
+ "version": "1.2.0",
6
+ "description": "Flexible Role-based Access Control for epilot"
7
+ },
8
+ "tags": [
9
+ {
10
+ "name": "Roles",
11
+ "description": "Manage roles and grants"
12
+ },
13
+ {
14
+ "name": "Assignments",
15
+ "description": "Assign roles to users"
16
+ }
17
+ ],
18
+ "security": [
19
+ {
20
+ "EpilotAuth": []
21
+ },
22
+ {
23
+ "EpilotOrg": []
24
+ }
25
+ ],
26
+ "paths": {
27
+ "/v1/permissions/me": {
28
+ "get": {
29
+ "operationId": "listCurrentRoles",
30
+ "summary": "listCurrentRoles",
31
+ "description": "Returns roles and grants assigned to current user",
32
+ "tags": [
33
+ "Roles"
34
+ ],
35
+ "responses": {
36
+ "200": {
37
+ "description": "ok",
38
+ "content": {
39
+ "application/json": {
40
+ "schema": {
41
+ "type": "object",
42
+ "properties": {
43
+ "roles": {
44
+ "type": "array",
45
+ "items": {
46
+ "$ref": "#/components/schemas/Role"
47
+ }
48
+ }
49
+ }
50
+ }
51
+ }
52
+ }
53
+ }
54
+ }
55
+ }
56
+ },
57
+ "/v1/permissions/roles": {
58
+ "get": {
59
+ "operationId": "listAllRoles",
60
+ "summary": "listAllRoles",
61
+ "description": "Returns list of all roles in organization",
62
+ "tags": [
63
+ "Roles"
64
+ ],
65
+ "responses": {
66
+ "200": {
67
+ "description": "ok",
68
+ "content": {
69
+ "application/json": {
70
+ "schema": {
71
+ "type": "object",
72
+ "properties": {
73
+ "roles": {
74
+ "type": "array",
75
+ "items": {
76
+ "$ref": "#/components/schemas/Role"
77
+ }
78
+ }
79
+ }
80
+ }
81
+ }
82
+ }
83
+ }
84
+ }
85
+ },
86
+ "post": {
87
+ "operationId": "createRole",
88
+ "summary": "createRole",
89
+ "description": "Create role",
90
+ "tags": [
91
+ "Roles"
92
+ ],
93
+ "requestBody": {
94
+ "content": {
95
+ "application/json": {
96
+ "schema": {
97
+ "$ref": "#/components/schemas/CreateRolePayload"
98
+ }
99
+ }
100
+ }
101
+ },
102
+ "responses": {
103
+ "200": {
104
+ "description": "ok",
105
+ "content": {
106
+ "application/json": {
107
+ "schema": {
108
+ "$ref": "#/components/schemas/Role"
109
+ }
110
+ }
111
+ }
112
+ },
113
+ "400": {
114
+ "description": "Invalid role configuration",
115
+ "content": {
116
+ "application/json": {
117
+ "schema": {
118
+ "$ref": "#/components/schemas/Error"
119
+ },
120
+ "examples": {
121
+ "parent_role_invalid_type": {
122
+ "summary": "Parent role must be org_role or share_role",
123
+ "value": {
124
+ "message": "Parent role must be org_role or share_role, got user_role"
125
+ }
126
+ },
127
+ "parent_role_different_org": {
128
+ "summary": "Parent org_role must be in the same organization",
129
+ "value": {
130
+ "message": "Parent org_role must be in the same organization"
131
+ }
132
+ },
133
+ "parent_role_max_hierarchy": {
134
+ "summary": "Parent role cannot itself have a parent",
135
+ "value": {
136
+ "message": "Parent role cannot itself have a parent (max 2 levels of hierarchy)"
137
+ }
138
+ },
139
+ "circular_dependency_self": {
140
+ "summary": "Role cannot be its own parent",
141
+ "value": {
142
+ "message": "Role cannot be its own parent"
143
+ }
144
+ },
145
+ "circular_dependency_detected": {
146
+ "summary": "Circular dependency detected",
147
+ "value": {
148
+ "message": "Circular dependency detected: role 123:child would create a cycle"
149
+ }
150
+ }
151
+ }
152
+ }
153
+ }
154
+ },
155
+ "404": {
156
+ "description": "Parent role does not exist",
157
+ "content": {
158
+ "application/json": {
159
+ "schema": {
160
+ "$ref": "#/components/schemas/Error"
161
+ },
162
+ "examples": {
163
+ "parent_role_not_found": {
164
+ "summary": "Parent role does not exist",
165
+ "value": {
166
+ "message": "Parent role 123:nonexistent does not exist"
167
+ }
168
+ }
169
+ }
170
+ }
171
+ }
172
+ }
173
+ }
174
+ }
175
+ },
176
+ "/v1/permissions/roles:search": {
177
+ "post": {
178
+ "operationId": "searchRoles",
179
+ "summary": "searchRoles",
180
+ "description": "Search Roles",
181
+ "tags": [
182
+ "Roles"
183
+ ],
184
+ "requestBody": {
185
+ "content": {
186
+ "application/json": {
187
+ "schema": {
188
+ "$ref": "#/components/schemas/RoleSearchInput"
189
+ }
190
+ }
191
+ }
192
+ },
193
+ "responses": {
194
+ "200": {
195
+ "description": "ok",
196
+ "content": {
197
+ "application/json": {
198
+ "schema": {
199
+ "type": "object",
200
+ "properties": {
201
+ "hits": {
202
+ "type": "number"
203
+ },
204
+ "results": {
205
+ "type": "array",
206
+ "items": {
207
+ "$ref": "#/components/schemas/Role"
208
+ }
209
+ }
210
+ }
211
+ }
212
+ }
213
+ }
214
+ }
215
+ }
216
+ }
217
+ },
218
+ "/v1/permissions/roles/{roleId}": {
219
+ "get": {
220
+ "operationId": "getRole",
221
+ "summary": "getRole",
222
+ "description": "Get role by id",
223
+ "tags": [
224
+ "Roles"
225
+ ],
226
+ "parameters": [
227
+ {
228
+ "name": "roleId",
229
+ "in": "path",
230
+ "required": true,
231
+ "schema": {
232
+ "$ref": "#/components/schemas/RoleId"
233
+ }
234
+ }
235
+ ],
236
+ "responses": {
237
+ "200": {
238
+ "description": "ok",
239
+ "content": {
240
+ "application/json": {
241
+ "schema": {
242
+ "$ref": "#/components/schemas/Role"
243
+ }
244
+ }
245
+ }
246
+ }
247
+ }
248
+ },
249
+ "put": {
250
+ "operationId": "putRole",
251
+ "summary": "putRole",
252
+ "description": "Create or update role",
253
+ "tags": [
254
+ "Roles"
255
+ ],
256
+ "parameters": [
257
+ {
258
+ "name": "roleId",
259
+ "in": "path",
260
+ "required": true,
261
+ "schema": {
262
+ "$ref": "#/components/schemas/RoleId"
263
+ }
264
+ }
265
+ ],
266
+ "requestBody": {
267
+ "content": {
268
+ "application/json": {
269
+ "schema": {
270
+ "$ref": "#/components/schemas/RolePayload"
271
+ },
272
+ "x-examples": {
273
+ "User role: manager": {
274
+ "description": "Example manager role",
275
+ "value": {
276
+ "id": "123:manager",
277
+ "name": "Manager",
278
+ "slug": "manager",
279
+ "type": "user_role",
280
+ "organization_id": "123",
281
+ "grants": [
282
+ {
283
+ "action": "entity:view",
284
+ "resource": "*"
285
+ },
286
+ {
287
+ "action": "entity:update",
288
+ "resource": "*"
289
+ },
290
+ {
291
+ "action": "user:view"
292
+ },
293
+ {
294
+ "action": "user:invite"
295
+ },
296
+ {
297
+ "action": "role:view"
298
+ },
299
+ {
300
+ "action": "role:create"
301
+ },
302
+ {
303
+ "action": "role:assign"
304
+ },
305
+ {
306
+ "action": "entity:view",
307
+ "resource": "file:*",
308
+ "conditions": [
309
+ {
310
+ "attribute": "_tags",
311
+ "operation": "equals",
312
+ "values": [
313
+ "offer",
314
+ "contract"
315
+ ]
316
+ }
317
+ ]
318
+ },
319
+ {
320
+ "action": "message:view",
321
+ "dependencies": [
322
+ {
323
+ "action": "entity:view",
324
+ "resource": "message*"
325
+ },
326
+ {
327
+ "action": "entity:view",
328
+ "resource": "thread*"
329
+ }
330
+ ]
331
+ },
332
+ {
333
+ "action": "message:send",
334
+ "dependencies": [
335
+ {
336
+ "action": "entity:*",
337
+ "resource": "message*"
338
+ },
339
+ {
340
+ "action": "entity:*",
341
+ "resource": "thread*"
342
+ }
343
+ ]
344
+ },
345
+ {
346
+ "action": "workflow:*"
347
+ }
348
+ ]
349
+ }
350
+ },
351
+ "User role: employee": {
352
+ "description": "Example employee role",
353
+ "value": {
354
+ "id": "123:employee",
355
+ "name": "Employee",
356
+ "slug": "employee",
357
+ "type": "user_role",
358
+ "organization_id": "123",
359
+ "grants": [
360
+ {
361
+ "action": "entity:view",
362
+ "resource": "*"
363
+ },
364
+ {
365
+ "action": "entity:update",
366
+ "resource": "*"
367
+ },
368
+ {
369
+ "action": "user:view"
370
+ },
371
+ {
372
+ "action": "message:view",
373
+ "dependencies": [
374
+ {
375
+ "action": "entity:view",
376
+ "resource": "message*"
377
+ },
378
+ {
379
+ "action": "entity:view",
380
+ "resource": "thread*"
381
+ }
382
+ ]
383
+ },
384
+ {
385
+ "action": "message:send",
386
+ "dependencies": [
387
+ {
388
+ "action": "entity:*",
389
+ "resource": "message*"
390
+ },
391
+ {
392
+ "action": "entity:*",
393
+ "resource": "thread*"
394
+ }
395
+ ]
396
+ },
397
+ {
398
+ "action": "workflow:execution:*"
399
+ }
400
+ ]
401
+ }
402
+ },
403
+ "User role: administrator": {
404
+ "description": "Example administrator role",
405
+ "value": {
406
+ "id": "123:administrator",
407
+ "name": "Administrator",
408
+ "slug": "administrator",
409
+ "type": "user_role",
410
+ "organization_id": "123",
411
+ "grants": [
412
+ {
413
+ "action": "*",
414
+ "resource": "*"
415
+ }
416
+ ]
417
+ }
418
+ },
419
+ "Organization root role": {
420
+ "description": "Example organization root role. Must be satisifed for all org queries.",
421
+ "value": {
422
+ "id": "123:root",
423
+ "name": "Organization root role",
424
+ "slug": "root",
425
+ "type": "org_role",
426
+ "organization_id": "123",
427
+ "grants": [
428
+ {
429
+ "action": "*",
430
+ "resource": "*"
431
+ },
432
+ {
433
+ "action": "webhook:*",
434
+ "effect": "deny"
435
+ }
436
+ ]
437
+ }
438
+ },
439
+ "Share role": {
440
+ "description": "Example share role. This can be assigned to users in other organizations",
441
+ "value": {
442
+ "id": "123:example_share_role",
443
+ "name": "Example opportunity share role",
444
+ "slug": "example_share_role",
445
+ "type": "share_role",
446
+ "organization_id": "123",
447
+ "grants": [
448
+ {
449
+ "action": "entity:view",
450
+ "resource": "opportunity:123456"
451
+ },
452
+ {
453
+ "action": "entity:edit",
454
+ "resource": "opportunity:123456"
455
+ },
456
+ {
457
+ "action": "workflow:execution:*"
458
+ },
459
+ {
460
+ "action": "message:*"
461
+ },
462
+ {
463
+ "action": "entity:*",
464
+ "resource": "message*"
465
+ },
466
+ {
467
+ "action": "entity:*",
468
+ "resource": "thread*"
469
+ }
470
+ ]
471
+ }
472
+ },
473
+ "Partner role": {
474
+ "description": "Example partner role. This can be given to a partner organization, who can then assign it to their users",
475
+ "value": {
476
+ "id": "123:example_partner_role",
477
+ "name": "Example opportunity share role",
478
+ "slug": "example_partner_role",
479
+ "type": "partner_role",
480
+ "organization_id": "123",
481
+ "partner_org_id": "456",
482
+ "grants": [
483
+ {
484
+ "action": "entity:view",
485
+ "resource": "opportunity*"
486
+ },
487
+ {
488
+ "action": "entity:edit",
489
+ "resource": "opportunity*"
490
+ },
491
+ {
492
+ "action": "workflow:execution:*"
493
+ },
494
+ {
495
+ "action": "message:*"
496
+ },
497
+ {
498
+ "action": "entity:*",
499
+ "resource": "message*"
500
+ },
501
+ {
502
+ "action": "entity:*",
503
+ "resource": "thread*"
504
+ }
505
+ ]
506
+ }
507
+ },
508
+ "Portal role": {
509
+ "description": "Example portal role. Implicitly used by end users of portals",
510
+ "value": {
511
+ "id": "123:default_end_customer_portal_role",
512
+ "name": "Default End Customer Portal Role",
513
+ "slug": "default_end_customer_portal_role",
514
+ "type": "portal_role",
515
+ "organization_id": "123",
516
+ "grants": [
517
+ {
518
+ "action": "entity:attribute:view",
519
+ "resource": "contact:*/*"
520
+ },
521
+ {
522
+ "action": "entity:edit",
523
+ "resource": "opportunity*"
524
+ }
525
+ ]
526
+ }
527
+ },
528
+ "User role with parent": {
529
+ "description": "Example user role that inherits from a parent role",
530
+ "value": {
531
+ "id": "123:limited_manager",
532
+ "name": "Limited Manager",
533
+ "slug": "limited_manager",
534
+ "type": "user_role",
535
+ "organization_id": "123",
536
+ "parent_role": "123:manager",
537
+ "grants": [
538
+ {
539
+ "action": "entity:view",
540
+ "resource": "contact:*"
541
+ },
542
+ {
543
+ "action": "entity:edit",
544
+ "resource": "contact:*"
545
+ }
546
+ ]
547
+ }
548
+ }
549
+ }
550
+ }
551
+ }
552
+ },
553
+ "responses": {
554
+ "200": {
555
+ "description": "ok",
556
+ "content": {
557
+ "application/json": {
558
+ "schema": {
559
+ "$ref": "#/components/schemas/Role"
560
+ }
561
+ }
562
+ }
563
+ },
564
+ "400": {
565
+ "description": "Bad Request - Invalid role configuration",
566
+ "content": {
567
+ "application/json": {
568
+ "schema": {
569
+ "$ref": "#/components/schemas/Error"
570
+ },
571
+ "examples": {
572
+ "parent_role_invalid_type": {
573
+ "summary": "Parent role must be org_role or share_role",
574
+ "value": {
575
+ "message": "Parent role must be org_role or share_role, got user_role"
576
+ }
577
+ },
578
+ "parent_role_different_org": {
579
+ "summary": "Parent org_role must be in the same organization",
580
+ "value": {
581
+ "message": "Parent org_role must be in the same organization"
582
+ }
583
+ },
584
+ "parent_role_max_hierarchy": {
585
+ "summary": "Parent role cannot itself have a parent",
586
+ "value": {
587
+ "message": "Parent role cannot itself have a parent (max 2 levels of hierarchy)"
588
+ }
589
+ },
590
+ "circular_dependency_self": {
591
+ "summary": "Role cannot be its own parent",
592
+ "value": {
593
+ "message": "Role cannot be its own parent"
594
+ }
595
+ },
596
+ "circular_dependency_detected": {
597
+ "summary": "Circular dependency detected",
598
+ "value": {
599
+ "message": "Circular dependency detected: role 123:child would create a cycle"
600
+ }
601
+ }
602
+ }
603
+ }
604
+ }
605
+ },
606
+ "404": {
607
+ "description": "Not Found - Parent role does not exist",
608
+ "content": {
609
+ "application/json": {
610
+ "schema": {
611
+ "$ref": "#/components/schemas/Error"
612
+ },
613
+ "examples": {
614
+ "parent_role_not_found": {
615
+ "summary": "Parent role does not exist",
616
+ "value": {
617
+ "message": "Parent role 123:nonexistent does not exist"
618
+ }
619
+ }
620
+ }
621
+ }
622
+ }
623
+ }
624
+ }
625
+ },
626
+ "delete": {
627
+ "operationId": "deleteRole",
628
+ "summary": "deleteRole",
629
+ "description": "Delete role by id",
630
+ "tags": [
631
+ "Roles"
632
+ ],
633
+ "parameters": [
634
+ {
635
+ "name": "roleId",
636
+ "in": "path",
637
+ "required": true,
638
+ "schema": {
639
+ "$ref": "#/components/schemas/RoleId"
640
+ }
641
+ }
642
+ ],
643
+ "responses": {
644
+ "200": {
645
+ "description": "ok",
646
+ "content": {
647
+ "application/json": {
648
+ "schema": {
649
+ "$ref": "#/components/schemas/Role"
650
+ }
651
+ }
652
+ }
653
+ }
654
+ }
655
+ }
656
+ },
657
+ "/v1/permissions/refresh": {
658
+ "get": {
659
+ "operationId": "refreshPermissions",
660
+ "summary": "refreshPermissions",
661
+ "description": "Makes sure the user has a role in the organization",
662
+ "tags": [
663
+ "Roles"
664
+ ],
665
+ "responses": {
666
+ "200": {
667
+ "description": "Refreshed succesfully"
668
+ }
669
+ }
670
+ }
671
+ },
672
+ "/v1/permissions/assignments/{userId}": {
673
+ "get": {
674
+ "operationId": "getAssignedRolesForUser",
675
+ "summary": "getAssignedRolesForUser",
676
+ "description": "Get list of assigned roles by user id",
677
+ "tags": [
678
+ "Assignments"
679
+ ],
680
+ "parameters": [
681
+ {
682
+ "name": "userId",
683
+ "in": "path",
684
+ "required": true,
685
+ "schema": {
686
+ "$ref": "#/components/schemas/UserId"
687
+ }
688
+ }
689
+ ],
690
+ "responses": {
691
+ "200": {
692
+ "description": "ok",
693
+ "content": {
694
+ "application/json": {
695
+ "schema": {
696
+ "$ref": "#/components/schemas/Assignments"
697
+ }
698
+ }
699
+ }
700
+ }
701
+ }
702
+ },
703
+ "put": {
704
+ "operationId": "assignRoles",
705
+ "summary": "assignRoles",
706
+ "description": "Assign / unassign roles to users.",
707
+ "tags": [
708
+ "Assignments"
709
+ ],
710
+ "parameters": [
711
+ {
712
+ "name": "userId",
713
+ "in": "path",
714
+ "required": true,
715
+ "schema": {
716
+ "$ref": "#/components/schemas/UserId"
717
+ }
718
+ }
719
+ ],
720
+ "requestBody": {
721
+ "content": {
722
+ "application/json": {
723
+ "schema": {
724
+ "$ref": "#/components/schemas/Assignments"
725
+ }
726
+ }
727
+ }
728
+ },
729
+ "responses": {
730
+ "200": {
731
+ "description": "ok",
732
+ "content": {
733
+ "application/json": {
734
+ "schema": {
735
+ "$ref": "#/components/schemas/Assignments"
736
+ }
737
+ }
738
+ }
739
+ }
740
+ }
741
+ }
742
+ },
743
+ "/v1/permissions/assignments/{userId}/{roleId}": {
744
+ "post": {
745
+ "operationId": "addAssignment",
746
+ "summary": "addAssignment",
747
+ "description": "Assign a user to a role.\n\nUse the `x-epilot-org-id` header to assign share roles to users in other orgs\n",
748
+ "tags": [
749
+ "Assignments"
750
+ ],
751
+ "parameters": [
752
+ {
753
+ "name": "userId",
754
+ "in": "path",
755
+ "required": true,
756
+ "schema": {
757
+ "$ref": "#/components/schemas/UserId"
758
+ }
759
+ },
760
+ {
761
+ "name": "roleId",
762
+ "in": "path",
763
+ "required": true,
764
+ "schema": {
765
+ "$ref": "#/components/schemas/RoleId"
766
+ }
767
+ }
768
+ ],
769
+ "responses": {
770
+ "201": {
771
+ "description": "ok",
772
+ "content": {
773
+ "application/json": {
774
+ "schema": {
775
+ "$ref": "#/components/schemas/Assignment"
776
+ }
777
+ }
778
+ }
779
+ }
780
+ }
781
+ },
782
+ "delete": {
783
+ "operationId": "removeAssignment",
784
+ "summary": "removeAssignment",
785
+ "description": "Remove role assignment from user",
786
+ "tags": [
787
+ "Assignments"
788
+ ],
789
+ "parameters": [
790
+ {
791
+ "name": "userId",
792
+ "in": "path",
793
+ "required": true,
794
+ "schema": {
795
+ "$ref": "#/components/schemas/UserId"
796
+ }
797
+ },
798
+ {
799
+ "name": "roleId",
800
+ "in": "path",
801
+ "required": true,
802
+ "schema": {
803
+ "$ref": "#/components/schemas/RoleId"
804
+ }
805
+ }
806
+ ],
807
+ "responses": {
808
+ "200": {
809
+ "description": "ok",
810
+ "content": {
811
+ "application/json": {
812
+ "schema": {
813
+ "$ref": "#/components/schemas/Assignment"
814
+ }
815
+ }
816
+ }
817
+ }
818
+ }
819
+ }
820
+ },
821
+ "/v1/permissions/assignments": {
822
+ "get": {
823
+ "operationId": "listAllAssignments",
824
+ "summary": "listAllAssignments",
825
+ "description": "Returns list of all assignments in organization",
826
+ "tags": [
827
+ "Assignments"
828
+ ],
829
+ "responses": {
830
+ "200": {
831
+ "description": "ok",
832
+ "content": {
833
+ "application/json": {
834
+ "schema": {
835
+ "type": "object",
836
+ "properties": {
837
+ "assignments": {
838
+ "type": "array",
839
+ "items": {
840
+ "$ref": "#/components/schemas/Assignment"
841
+ }
842
+ }
843
+ }
844
+ }
845
+ }
846
+ }
847
+ }
848
+ }
849
+ }
850
+ }
851
+ },
852
+ "components": {
853
+ "securitySchemes": {
854
+ "EpilotAuth": {
855
+ "type": "http",
856
+ "scheme": "bearer",
857
+ "description": "Authorization header with epilot OAuth2 bearer token",
858
+ "bearerFormat": "JWT"
859
+ },
860
+ "EpilotOrg": {
861
+ "description": "Overrides the target organization to allow shared tenantaccess",
862
+ "name": "x-epilot-org-id",
863
+ "in": "header",
864
+ "type": "apiKey"
865
+ }
866
+ },
867
+ "schemas": {
868
+ "Grant": {
869
+ "type": "object",
870
+ "properties": {
871
+ "action": {
872
+ "type": "string",
873
+ "example": "entity-read"
874
+ },
875
+ "resource": {
876
+ "type": "string",
877
+ "example": "entity:123:contact:f7c22299-ca72-4bca-8538-0a88eeefc947"
878
+ },
879
+ "effect": {
880
+ "type": "string",
881
+ "default": "allow",
882
+ "enum": [
883
+ "allow",
884
+ "deny"
885
+ ]
886
+ },
887
+ "conditions": {
888
+ "type": "array",
889
+ "items": {
890
+ "$ref": "#/components/schemas/GrantCondition"
891
+ }
892
+ }
893
+ },
894
+ "required": [
895
+ "action"
896
+ ]
897
+ },
898
+ "GrantWithDependencies": {
899
+ "allOf": [
900
+ {
901
+ "$ref": "#/components/schemas/Grant"
902
+ },
903
+ {
904
+ "type": "object",
905
+ "properties": {
906
+ "dependencies": {
907
+ "description": "Provided additional dependencies, exploded when storing the role",
908
+ "type": "array",
909
+ "items": {
910
+ "$ref": "#/components/schemas/Grant"
911
+ }
912
+ }
913
+ }
914
+ }
915
+ ]
916
+ },
917
+ "GrantCondition": {
918
+ "allOf": [
919
+ {
920
+ "description": "An additional condition that must be met for the grant",
921
+ "type": "object",
922
+ "required": [
923
+ "operation"
924
+ ]
925
+ },
926
+ {
927
+ "anyOf": [
928
+ {
929
+ "$ref": "#/components/schemas/EqualsCondition"
930
+ }
931
+ ]
932
+ }
933
+ ]
934
+ },
935
+ "EqualsCondition": {
936
+ "description": "Check if attribute equals to any of the values",
937
+ "type": "object",
938
+ "properties": {
939
+ "attribute": {
940
+ "type": "string",
941
+ "example": "workflows.primary.task_name"
942
+ },
943
+ "operation": {
944
+ "type": "string",
945
+ "enum": [
946
+ "equals"
947
+ ]
948
+ },
949
+ "values": {
950
+ "type": "array",
951
+ "items": {
952
+ "example": "Qualification"
953
+ }
954
+ }
955
+ },
956
+ "required": [
957
+ "attribute",
958
+ "operation",
959
+ "values"
960
+ ]
961
+ },
962
+ "RoleId": {
963
+ "type": "string",
964
+ "example": "123:owner",
965
+ "description": "Format: <organization_id>:<slug>"
966
+ },
967
+ "BaseRole": {
968
+ "type": "object",
969
+ "properties": {
970
+ "id": {
971
+ "$ref": "#/components/schemas/RoleId"
972
+ },
973
+ "name": {
974
+ "type": "string",
975
+ "example": "Owner",
976
+ "description": "Human-friendly name for the role"
977
+ },
978
+ "slug": {
979
+ "type": "string",
980
+ "example": "owner",
981
+ "description": "URL-friendly name for the role"
982
+ },
983
+ "type": {
984
+ "type": "string",
985
+ "description": "Type of the role"
986
+ },
987
+ "expires_at": {
988
+ "type": "string",
989
+ "format": "date-time",
990
+ "example": "2028-07-21T17:32:28Z",
991
+ "description": "date and time then the role will expire"
992
+ },
993
+ "organization_id": {
994
+ "$ref": "#/components/schemas/OrganizationId"
995
+ },
996
+ "grants": {
997
+ "type": "array",
998
+ "items": {
999
+ "$ref": "#/components/schemas/Grant"
1000
+ },
1001
+ "description": "List of grants (permissions) applied to the role"
1002
+ }
1003
+ },
1004
+ "required": [
1005
+ "id",
1006
+ "name",
1007
+ "slug",
1008
+ "type",
1009
+ "organization_id",
1010
+ "grants"
1011
+ ]
1012
+ },
1013
+ "BaseRoleForCreate": {
1014
+ "type": "object",
1015
+ "properties": {
1016
+ "id": {
1017
+ "$ref": "#/components/schemas/RoleId"
1018
+ },
1019
+ "name": {
1020
+ "type": "string",
1021
+ "example": "Owner",
1022
+ "description": "Human-friendly name for the role"
1023
+ },
1024
+ "slug": {
1025
+ "type": "string",
1026
+ "example": "owner",
1027
+ "description": "URL-friendly name for the role"
1028
+ },
1029
+ "type": {
1030
+ "type": "string",
1031
+ "description": "Type of the role"
1032
+ },
1033
+ "expires_at": {
1034
+ "type": "string",
1035
+ "format": "date-time",
1036
+ "example": "2028-07-21T17:32:28Z",
1037
+ "description": "date and time then the role will expire"
1038
+ },
1039
+ "organization_id": {
1040
+ "$ref": "#/components/schemas/OrganizationId"
1041
+ },
1042
+ "grants": {
1043
+ "type": "array",
1044
+ "items": {
1045
+ "$ref": "#/components/schemas/Grant"
1046
+ },
1047
+ "description": "List of grants (permissions) applied to the role"
1048
+ }
1049
+ },
1050
+ "required": [
1051
+ "name",
1052
+ "slug",
1053
+ "type",
1054
+ "grants"
1055
+ ]
1056
+ },
1057
+ "UserRole": {
1058
+ "allOf": [
1059
+ {
1060
+ "$ref": "#/components/schemas/BaseRole"
1061
+ },
1062
+ {
1063
+ "description": "A standard user role. Must be explicitly assigned to users.",
1064
+ "properties": {
1065
+ "type": {
1066
+ "enum": [
1067
+ "user_role"
1068
+ ]
1069
+ },
1070
+ "parent_role": {
1071
+ "allOf": [
1072
+ {
1073
+ "$ref": "#/components/schemas/RoleId"
1074
+ },
1075
+ {
1076
+ "description": "Optional parent role that this role inherits from. Must be an `org_role` or `share_role`."
1077
+ }
1078
+ ]
1079
+ }
1080
+ }
1081
+ }
1082
+ ]
1083
+ },
1084
+ "OrgRole": {
1085
+ "allOf": [
1086
+ {
1087
+ "$ref": "#/components/schemas/BaseRole"
1088
+ },
1089
+ {
1090
+ "description": "A role automatically applied to all users in an organization.",
1091
+ "properties": {
1092
+ "type": {
1093
+ "enum": [
1094
+ "org_role"
1095
+ ]
1096
+ },
1097
+ "pricing_tier": {
1098
+ "type": "string",
1099
+ "description": "The pricing tier of the organization this root role is based on",
1100
+ "example": "Professional"
1101
+ }
1102
+ }
1103
+ }
1104
+ ]
1105
+ },
1106
+ "ShareRole": {
1107
+ "allOf": [
1108
+ {
1109
+ "$ref": "#/components/schemas/BaseRole"
1110
+ },
1111
+ {
1112
+ "description": "A role that can be assigned to users in other organizations for sharing purposes.",
1113
+ "properties": {
1114
+ "type": {
1115
+ "enum": [
1116
+ "share_role"
1117
+ ]
1118
+ }
1119
+ }
1120
+ }
1121
+ ]
1122
+ },
1123
+ "PartnerRole": {
1124
+ "allOf": [
1125
+ {
1126
+ "$ref": "#/components/schemas/BaseRole"
1127
+ },
1128
+ {
1129
+ "description": "A role that appears in another organization's role list that can be assigned but not modified by the partner organization.",
1130
+ "properties": {
1131
+ "type": {
1132
+ "enum": [
1133
+ "partner_role"
1134
+ ]
1135
+ },
1136
+ "partner_org_id": {
1137
+ "allOf": [
1138
+ {
1139
+ "description": "Partner organization who can assign this role to their users."
1140
+ },
1141
+ {
1142
+ "$ref": "#/components/schemas/OrganizationId"
1143
+ }
1144
+ ]
1145
+ },
1146
+ "vendor_enforced_user_limit": {
1147
+ "type": "integer",
1148
+ "readOnly": true,
1149
+ "description": "Maximum number of users that can be assigned this role (vendor-enforced limit, can only be set via internal auth)"
1150
+ }
1151
+ }
1152
+ }
1153
+ ]
1154
+ },
1155
+ "PortalRole": {
1156
+ "allOf": [
1157
+ {
1158
+ "$ref": "#/components/schemas/BaseRole"
1159
+ },
1160
+ {
1161
+ "description": "A role that is applied to end customers and installers using the Portals",
1162
+ "properties": {
1163
+ "type": {
1164
+ "enum": [
1165
+ "portal_role"
1166
+ ]
1167
+ }
1168
+ }
1169
+ }
1170
+ ]
1171
+ },
1172
+ "Role": {
1173
+ "oneOf": [
1174
+ {
1175
+ "$ref": "#/components/schemas/UserRole"
1176
+ },
1177
+ {
1178
+ "$ref": "#/components/schemas/OrgRole"
1179
+ },
1180
+ {
1181
+ "$ref": "#/components/schemas/ShareRole"
1182
+ },
1183
+ {
1184
+ "$ref": "#/components/schemas/PartnerRole"
1185
+ },
1186
+ {
1187
+ "$ref": "#/components/schemas/PortalRole"
1188
+ }
1189
+ ]
1190
+ },
1191
+ "RolePayload": {
1192
+ "allOf": [
1193
+ {
1194
+ "properties": {
1195
+ "grants": {
1196
+ "type": "array",
1197
+ "items": {
1198
+ "$ref": "#/components/schemas/GrantWithDependencies"
1199
+ }
1200
+ }
1201
+ }
1202
+ },
1203
+ {
1204
+ "oneOf": [
1205
+ {
1206
+ "$ref": "#/components/schemas/UserRole"
1207
+ },
1208
+ {
1209
+ "$ref": "#/components/schemas/OrgRole"
1210
+ },
1211
+ {
1212
+ "$ref": "#/components/schemas/ShareRole"
1213
+ },
1214
+ {
1215
+ "$ref": "#/components/schemas/PartnerRole"
1216
+ },
1217
+ {
1218
+ "$ref": "#/components/schemas/PortalRole"
1219
+ }
1220
+ ]
1221
+ }
1222
+ ]
1223
+ },
1224
+ "Assignment": {
1225
+ "type": "object",
1226
+ "description": "A role attached to an user",
1227
+ "properties": {
1228
+ "user_id": {
1229
+ "$ref": "#/components/schemas/UserId"
1230
+ },
1231
+ "roles": {
1232
+ "type": "array",
1233
+ "items": {
1234
+ "$ref": "#/components/schemas/RoleId"
1235
+ }
1236
+ }
1237
+ }
1238
+ },
1239
+ "InternalAssignment": {
1240
+ "type": "object",
1241
+ "description": "A role attached to an user",
1242
+ "properties": {
1243
+ "userId": {
1244
+ "$ref": "#/components/schemas/UserId"
1245
+ },
1246
+ "roles": {
1247
+ "type": "array",
1248
+ "items": {
1249
+ "$ref": "#/components/schemas/RoleId"
1250
+ }
1251
+ }
1252
+ }
1253
+ },
1254
+ "OrgAssignments": {
1255
+ "type": "object",
1256
+ "description": "All roles attached to an users of an organization",
1257
+ "properties": {
1258
+ "organizationId": {
1259
+ "$ref": "#/components/schemas/OrganizationId"
1260
+ },
1261
+ "assignments": {
1262
+ "type": "array",
1263
+ "items": {
1264
+ "$ref": "#/components/schemas/InternalAssignment"
1265
+ }
1266
+ }
1267
+ }
1268
+ },
1269
+ "OrgRoles": {
1270
+ "type": "object",
1271
+ "description": "All roles attached to an users of an organization",
1272
+ "properties": {
1273
+ "organizationId": {
1274
+ "$ref": "#/components/schemas/OrganizationId"
1275
+ },
1276
+ "roles": {
1277
+ "type": "array",
1278
+ "items": {
1279
+ "$ref": "#/components/schemas/Role"
1280
+ }
1281
+ }
1282
+ }
1283
+ },
1284
+ "Assignments": {
1285
+ "type": "array",
1286
+ "description": "List of role ids attached to an user",
1287
+ "items": {
1288
+ "$ref": "#/components/schemas/RoleId"
1289
+ }
1290
+ },
1291
+ "UserId": {
1292
+ "type": "string",
1293
+ "example": "1",
1294
+ "description": "Id of a user"
1295
+ },
1296
+ "OrganizationId": {
1297
+ "type": "string",
1298
+ "example": "123",
1299
+ "description": "Id of an organization"
1300
+ },
1301
+ "Slug": {
1302
+ "type": "string",
1303
+ "example": "owner",
1304
+ "description": "Slug of a role; for a role with id = 123:manager -> 123 is org_id & manager is slug"
1305
+ },
1306
+ "RoleSearchInput": {
1307
+ "type": "object",
1308
+ "properties": {
1309
+ "role_ids": {
1310
+ "type": "array",
1311
+ "description": "List of role ids to filter by",
1312
+ "example": [
1313
+ "123:manager",
1314
+ "456:owner"
1315
+ ],
1316
+ "items": {
1317
+ "$ref": "#/components/schemas/RoleId"
1318
+ }
1319
+ },
1320
+ "org_ids": {
1321
+ "type": "array",
1322
+ "description": "List of organization ids to filter by",
1323
+ "example": [
1324
+ "123",
1325
+ "456"
1326
+ ],
1327
+ "items": {
1328
+ "$ref": "#/components/schemas/OrganizationId"
1329
+ }
1330
+ },
1331
+ "slugs": {
1332
+ "type": "array",
1333
+ "description": "List of role slugs to filter by",
1334
+ "example": [
1335
+ "manager",
1336
+ "owner"
1337
+ ],
1338
+ "items": {
1339
+ "$ref": "#/components/schemas/Slug"
1340
+ }
1341
+ },
1342
+ "query": {
1343
+ "type": "string",
1344
+ "description": "Input to search across fields",
1345
+ "example": "Administrator"
1346
+ },
1347
+ "limit": {
1348
+ "type": "number",
1349
+ "description": "The Number of roles to return",
1350
+ "example": 1,
1351
+ "minimum": 1,
1352
+ "default": 50
1353
+ },
1354
+ "offset": {
1355
+ "type": "number",
1356
+ "description": "The number of roles to skip before starting to collect the result set",
1357
+ "example": 1,
1358
+ "minimum": 1,
1359
+ "default": 0
1360
+ }
1361
+ }
1362
+ },
1363
+ "CreateRolePayload": {
1364
+ "allOf": [
1365
+ {
1366
+ "properties": {
1367
+ "grants": {
1368
+ "type": "array",
1369
+ "items": {
1370
+ "$ref": "#/components/schemas/GrantWithDependencies"
1371
+ }
1372
+ }
1373
+ }
1374
+ },
1375
+ {
1376
+ "$ref": "#/components/schemas/BaseRoleForCreate"
1377
+ },
1378
+ {
1379
+ "oneOf": [
1380
+ {
1381
+ "description": "A standard user role. Must be explicitly assigned to users.",
1382
+ "properties": {
1383
+ "type": {
1384
+ "enum": [
1385
+ "user_role"
1386
+ ]
1387
+ },
1388
+ "parent_role": {
1389
+ "allOf": [
1390
+ {
1391
+ "$ref": "#/components/schemas/RoleId"
1392
+ },
1393
+ {
1394
+ "description": "Optional parent role that this role inherits from. Must be an `org_role` or a sharing role of type `share_role` or `partner_role`."
1395
+ }
1396
+ ]
1397
+ }
1398
+ }
1399
+ },
1400
+ {
1401
+ "description": "A role automatically applied to all users in an organization.",
1402
+ "properties": {
1403
+ "type": {
1404
+ "enum": [
1405
+ "org_role"
1406
+ ]
1407
+ },
1408
+ "pricing_tier": {
1409
+ "type": "string",
1410
+ "description": "The pricing tier of the organization this root role is based on",
1411
+ "example": "Professional"
1412
+ }
1413
+ }
1414
+ },
1415
+ {
1416
+ "description": "A role that can be assigned to users in other organizations for sharing purposes.",
1417
+ "properties": {
1418
+ "type": {
1419
+ "enum": [
1420
+ "share_role"
1421
+ ]
1422
+ }
1423
+ }
1424
+ },
1425
+ {
1426
+ "description": "A role that appears in another organization's role list that can be assigned but not modified by the partner organization.",
1427
+ "properties": {
1428
+ "type": {
1429
+ "enum": [
1430
+ "partner_role"
1431
+ ]
1432
+ },
1433
+ "partner_org_id": {
1434
+ "allOf": [
1435
+ {
1436
+ "description": "Partner organization who can assign this role to their users."
1437
+ },
1438
+ {
1439
+ "$ref": "#/components/schemas/OrganizationId"
1440
+ }
1441
+ ]
1442
+ }
1443
+ }
1444
+ },
1445
+ {
1446
+ "description": "A role that is applied to end customers and installers using the Portals",
1447
+ "properties": {
1448
+ "type": {
1449
+ "enum": [
1450
+ "portal_role"
1451
+ ]
1452
+ }
1453
+ }
1454
+ }
1455
+ ]
1456
+ }
1457
+ ]
1458
+ },
1459
+ "Error": {
1460
+ "type": "object",
1461
+ "description": "Error response",
1462
+ "properties": {
1463
+ "message": {
1464
+ "type": "string",
1465
+ "description": "Error message",
1466
+ "example": "Parent role 123:nonexistent does not exist"
1467
+ }
1468
+ },
1469
+ "required": [
1470
+ "message"
1471
+ ]
1472
+ }
1473
+ }
1474
+ },
1475
+ "servers": [
1476
+ {
1477
+ "url": "https://permissions.sls.epilot.io"
1478
+ }
1479
+ ]
1480
+ }