# Roles ## Get roles - [GET /resources/roles/v1](https://developers.frontegg.com/ciam/api/identity/roles/permissionscontrollerv1_getallroles.md): Retrieve all roles across all accounts (tenants). Each role object includes the name, permissions, and other defining information. ## Create roles - [POST /resources/roles/v1](https://developers.frontegg.com/ciam/api/identity/roles/permissionscontrollerv1_addroles.md): Add a new role across all accounts (tenants). This route does not assign permissions to the role. Use the attach permissions to role route to manage role permissions. ## Delete role - [DELETE /resources/roles/v1/{roleId}](https://developers.frontegg.com/ciam/api/identity/roles/permissionscontrollerv1_deleterole.md): Delete a role. Provide the role ID as a path parameter to specify which role to delete. ## Update role - [PATCH /resources/roles/v1/{roleId}](https://developers.frontegg.com/ciam/api/identity/roles/permissionscontrollerv1_updaterole.md): Update an existing role. Provide the role ID as a path parameter to specify which role to update, and send the updated role information in the request body. This route does not update permissions for the role. Use the attach permissions to role route to manage role permissions. You can obtain the role ID using the Get roles API. ## Assign permissions to a role - [PUT /resources/roles/v1/{roleId}/permissions](https://developers.frontegg.com/ciam/api/identity/roles/permissionscontrollerv1_setpermissionstorole.md): Assign permissions to a role. Provide the role ID as a path parameter and include the permission IDs in the request body as an array of strings. Any pre-existing permissions will be overridden by the new permissions. You can obtain role IDs using the Get roles API and permission IDs using the Get permissions API. ## Update role tenant - [PUT /resources/roles/v1/{roleId}/tenant](https://developers.frontegg.com/ciam/api/identity/roles/permissionscontrollerv1_updateroletenant.md): Updates the account (tenant) ID for a specific role. This is a management-only endpoint.