Update role

Authentication and Identity Management

Frontegg offers a comprehensive suite of authentication, user management, and security features to streamline identity management and enhance application security. This section provides an overview of all relevant API endpoints, organized into Authentication, Management, and Self-Service categories.

Authentication Endpoints: Enable secure user login, multi-factor authentication (MFA), passwordless options, and social login integrations, allowing for a flexible and robust sign-in experience.

Management Endpoints: Require environment-level authorization and provide full control over SSO (SAML and OpenID Connect) resources, user roles, permissions, and configurations. These endpoints are designed for administrative use, allowing for centralized identity and access management.

Self-Service Endpoints: Accessible with a user token (JWT), these endpoints empower users to manage their SSO connections and other account settings. Users with the necessary permissions can create, update, or delete SSO configurations directly, ensuring they have the tools to manage their access securely and independently.

Each category in this section helps you configure and extend Frontegg’s capabilities, providing the flexibility to manage user identities, authentication protocols, and access controls as per your application’s needs.

Download OpenAPI description

Users, Auth and Security

Servers

EU Region

https://api.frontegg.com/identity/

US Region

https://api.us.frontegg.com/identity/

CA Region

https://api.ca.frontegg.com/identity/

AU Region

https://api.au.frontegg.com/identity/

Frontegg sub-domain for use with user tokens

https://{domain}.frontegg.com/identity/

API token

Operations

General

Operations

MFA

Operations

Passwordless

Operations

SMS

Operations

Account invitations settings

Operations

Core settings

Operations

Data migration

Operations

Delegation

Operations

Email configuration

Operations

Email templates

Operations

M2M tokens

Operations

MFA configuration

Operations

Permissions categories

Operations

Permissions

Operations

Roles

Operations

Delete role

Request

Delete a role.

Provide the role ID as a path parameter to specify which role to delete.

Path

roleIdstringrequired

Headers

frontegg-tenant-idstring

For relating a role to a specific account (tenant), use get accounts (tenants) API to find the account (tenant) Ids

curl -i -X DELETE \
  'https://api.frontegg.com/identity/resources/roles/v1/{roleId}' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Update role

Request

Update an existing role.

Provide the role ID as a path parameter to specify which role to update, and send the updated role information in the request body.

This route does not update permissions for the role. Use the attach permissions to role route to manage role permissions.

You can obtain the role ID using the Get roles API.

Path

roleIdstringrequired

Headers

frontegg-tenant-idstring

For relating a role to a specific account (tenant), use get accounts (tenants) API to find the account (tenant) Ids

Bodyapplication/jsonrequired

isDefaultboolean

This role will be assigned for every user that will be added without specified roles

firstUserRoleboolean

This role will be assigned to the first user of a tenant (new tenants only)

migrateRoleboolean

Set this property to true together with isDefault in order to assign this role to all users

levelnumber[ 0 .. 32767 ]

Role level for roles elevation, lower level means stronger role.

keystring

namestring

descriptionstring

curl -i -X PATCH \
  'https://api.frontegg.com/identity/resources/roles/v1/{roleId}' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "isDefault": true,
    "firstUserRole": true,
    "migrateRole": true,
    "level": 32767,
    "key": "string",
    "name": "string",
    "description": "string"
  }'

Responses

Bodyapplication/json

idstringrequired

vendorIdstringrequired

tenantIdstringrequired

keystringrequired

namestringrequired

descriptionstringrequired

isDefaultbooleanrequired

firstUserRolebooleanrequired

levelnumberrequired

createdAtstring(date-time)required

updatedAtstring(date-time)required

permissionsArray of stringsrequired

Response

application/json

{
  "id": "string",
  "vendorId": "string",
  "tenantId": "string",
  "key": "string",
  "name": "string",
  "description": "string",
  "isDefault": true,
  "firstUserRole": true,
  "level": 0,
  "createdAt": "2019-08-24T14:15:22Z",
  "updatedAt": "2019-08-24T14:15:22Z",
  "permissions": [
    "string"
  ]
}

Assign permissions to a role

Request

Assign permissions to a role.

Provide the role ID as a path parameter and include the permission IDs in the request body as an array of strings. Any pre-existing permissions will be overridden by the new permissions.

You can obtain role IDs using the Get roles API and permission IDs using the Get permissions API.

Path

roleIdstringrequired

Headers

frontegg-tenant-idstring

For relating a role to a specific account (tenant), use get accounts (tenants) API to find the account (tenant) Ids

Bodyapplication/jsonrequired

permissionIdsArray of stringsrequired

Set permission Ids to attach to the role

curl -i -X PUT \
  'https://api.frontegg.com/identity/resources/roles/v1/{roleId}/permissions' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "permissionIds": [
      "string"
    ]
  }'

Responses

Bodyapplication/json

idstringrequired

vendorIdstringrequired

tenantIdstringrequired

keystringrequired

namestringrequired

descriptionstringrequired

isDefaultbooleanrequired

firstUserRolebooleanrequired

levelnumberrequired

createdAtstring(date-time)required

updatedAtstring(date-time)required

permissionsArray of stringsrequired

Response

application/json

{
  "id": "string",
  "vendorId": "string",
  "tenantId": "string",
  "key": "string",
  "name": "string",
  "description": "string",
  "isDefault": true,
  "firstUserRole": true,
  "level": 0,
  "createdAt": "2019-08-24T14:15:22Z",
  "updatedAt": "2019-08-24T14:15:22Z",
  "permissions": [
    "string"
  ]
}

SMS configuration

Operations

SMS templates

Operations

Sessions configuration

Operations

User pools

Operations

Users

Operations

Account invitations

Operations

Account roles

Operations

API tokens

Operations

Domain restrictions

Operations

IP restrictions

Operations

Lockout policy

Operations

MFA settings

Operations

Password settings

Operations

Personal tokens

Operations

Sessions management

Operations

User groups

Operations

User management

Operations

User sessions

Operations

Users-applications management

Operations

Authentication and Identity Management

API token

General

MFA

Passwordless

SMS

Account invitations settings

Core settings

Custom social OAuth provider

Data migration

Delegation

Email configuration

Email templates

M2M tokens

MFA configuration

Permissions categories

Permissions

Roles

Delete role

Request

Responses

How useful was this page?

Update role

Request

Responses

How useful was this page?

Assign permissions to a role

Request

Responses

How useful was this page?

SMS configuration

SMS templates

Sessions configuration

User pools

Users

Account invitations

Account roles

API tokens

Domain restrictions

IP restrictions

Lockout policy

MFA settings

Password settings

Personal tokens

Sessions management

User groups

User management

User sessions

Users-applications management