List roles
List out all roles. The roles are sorted by creation date, with the most recently-created roles coming first
Authorization
Authorization
RequiredBearer <token>
Most Braintrust endpoints are authenticated by providing your API key as a header Authorization: Bearer [api_key]
to your HTTP request. You can create an API key in the Braintrust organization settings page.
In: header
Query Parameters
limit
integer | null
Limit the number of objects to return
Minimum:0
starting_after
string
Pagination cursor id.
For example, if the final item in the last page you fetched had an id of foo
, pass starting_after=foo
to fetch the next page. Note: you may only pass one of starting_after
and ending_before
"uuid"
ending_before
string
Pagination cursor id.
For example, if the initial item in the last page you fetched had an id of foo
, pass ending_before=foo
to fetch the previous page. Note: you may only pass one of starting_after
and ending_before
"uuid"
ids
Any properties in string, array<string>
Filter search results to a particular set of object IDs. To specify a list of IDs, include the query param multiple times
role_name
string
Name of the role to search for
org_name
string
Filter search results to within a particular organization
Status code | Description |
---|---|
200 | Returns a list of role objects |
400 | The request was unacceptable, often due to missing a required parameter |
401 | No valid API key provided |
403 | The API key doesn’t have permissions to perform the request |
429 | Too many requests hit the API too quickly. We recommend an exponential backoff of your requests |
500 | Something went wrong on Braintrust's end. (These are rare.) |
Create role
Create a new role. If there is an existing role with the same name as the one specified in the request, will return the existing role unmodified
Authorization
Authorization
RequiredBearer <token>
Most Braintrust endpoints are authenticated by providing your API key as a header Authorization: Bearer [api_key]
to your HTTP request. You can create an API key in the Braintrust organization settings page.
In: header
Request Body (Optional)
Any desired information about the new role object
name
Requiredstring
Name of the role
Minimum length:1
description
string | null
Textual description of the role
member_permissions
array<object> | null
(permission, restrict_object_type) tuples which belong to this role
member_roles
array<string> | null
Ids of the roles this role inherits from
An inheriting role has all the permissions contained in its member roles, as well as all of their inherited permissions
org_name
string | null
For nearly all users, this parameter should be unnecessary. But in the rare case that your API key belongs to multiple organizations, you may specify the name of the organization the role belongs in.
Status code | Description |
---|---|
200 | Returns the new role object |
400 | The request was unacceptable, often due to missing a required parameter |
401 | No valid API key provided |
403 | The API key doesn’t have permissions to perform the request |
429 | Too many requests hit the API too quickly. We recommend an exponential backoff of your requests |
500 | Something went wrong on Braintrust's end. (These are rare.) |
A role is a collection of permissions which can be granted as part of an ACL
Roles can consist of individual permissions, as well as a set of roles they inherit from
Create or replace role
Create or replace role. If there is an existing role with the same name as the one specified in the request, will replace the existing role with the provided fields
Authorization
Authorization
RequiredBearer <token>
Most Braintrust endpoints are authenticated by providing your API key as a header Authorization: Bearer [api_key]
to your HTTP request. You can create an API key in the Braintrust organization settings page.
In: header
Request Body (Optional)
Any desired information about the new role object
name
Requiredstring
Name of the role
Minimum length:1
description
string | null
Textual description of the role
member_permissions
array<object> | null
(permission, restrict_object_type) tuples which belong to this role
member_roles
array<string> | null
Ids of the roles this role inherits from
An inheriting role has all the permissions contained in its member roles, as well as all of their inherited permissions
org_name
string | null
For nearly all users, this parameter should be unnecessary. But in the rare case that your API key belongs to multiple organizations, you may specify the name of the organization the role belongs in.
Status code | Description |
---|---|
200 | Returns the new role object |
400 | The request was unacceptable, often due to missing a required parameter |
401 | No valid API key provided |
403 | The API key doesn’t have permissions to perform the request |
429 | Too many requests hit the API too quickly. We recommend an exponential backoff of your requests |
500 | Something went wrong on Braintrust's end. (These are rare.) |
A role is a collection of permissions which can be granted as part of an ACL
Roles can consist of individual permissions, as well as a set of roles they inherit from
{role_id}
Get role
Get a role object by its id
Authorization
Authorization
RequiredBearer <token>
Most Braintrust endpoints are authenticated by providing your API key as a header Authorization: Bearer [api_key]
to your HTTP request. You can create an API key in the Braintrust organization settings page.
In: header
Path Parameters
role_id
Requiredstring
Role id
Format:"uuid"
Status code | Description |
---|---|
200 | Returns the role object |
400 | The request was unacceptable, often due to missing a required parameter |
401 | No valid API key provided |
403 | The API key doesn’t have permissions to perform the request |
429 | Too many requests hit the API too quickly. We recommend an exponential backoff of your requests |
500 | Something went wrong on Braintrust's end. (These are rare.) |
A role is a collection of permissions which can be granted as part of an ACL
Roles can consist of individual permissions, as well as a set of roles they inherit from
{role_id}
Partially update role
Partially update a role object. Specify the fields to update in the payload. Any object-type fields will be deep-merged with existing content. Currently we do not support removing fields or setting them to null.
Authorization
Authorization
RequiredBearer <token>
Most Braintrust endpoints are authenticated by providing your API key as a header Authorization: Bearer [api_key]
to your HTTP request. You can create an API key in the Braintrust organization settings page.
In: header
Request Body (Optional)
Fields to update
description
string | null
Textual description of the role
name
string | null
Name of the role
Minimum length:1
add_member_permissions
array<object> | null
A list of permissions to add to the role
remove_member_permissions
array<object> | null
A list of permissions to remove from the role
add_member_roles
array<string> | null
A list of role IDs to add to the role's inheriting-from set
remove_member_roles
array<string> | null
A list of role IDs to remove from the role's inheriting-from set
Path Parameters
role_id
Requiredstring
Role id
Format:"uuid"
Status code | Description |
---|---|
200 | Returns the role object |
400 | The request was unacceptable, often due to missing a required parameter |
401 | No valid API key provided |
403 | The API key doesn’t have permissions to perform the request |
429 | Too many requests hit the API too quickly. We recommend an exponential backoff of your requests |
500 | Something went wrong on Braintrust's end. (These are rare.) |
A role is a collection of permissions which can be granted as part of an ACL
Roles can consist of individual permissions, as well as a set of roles they inherit from
{role_id}
Delete role
Delete a role object by its id
Authorization
Authorization
RequiredBearer <token>
Most Braintrust endpoints are authenticated by providing your API key as a header Authorization: Bearer [api_key]
to your HTTP request. You can create an API key in the Braintrust organization settings page.
In: header
Path Parameters
role_id
Requiredstring
Role id
Format:"uuid"
Status code | Description |
---|---|
200 | Returns the deleted role object |
400 | The request was unacceptable, often due to missing a required parameter |
401 | No valid API key provided |
403 | The API key doesn’t have permissions to perform the request |
429 | Too many requests hit the API too quickly. We recommend an exponential backoff of your requests |
500 | Something went wrong on Braintrust's end. (These are rare.) |
A role is a collection of permissions which can be granted as part of an ACL
Roles can consist of individual permissions, as well as a set of roles they inherit from