diff --git a/docs/how-to/sync-users.mdx b/docs/how-to/sync-users.mdx index f8433b05..5fde4cb5 100644 --- a/docs/how-to/sync-users.mdx +++ b/docs/how-to/sync-users.mdx @@ -174,8 +174,18 @@ The rest of the schema for the call consists of the following parameters: - **`attributes`** (Optional) object (Attributes) Default: {} - User attributes are used to enforce attribute-based access control policies. You can read more about - [how to define these attributes here](/how-to/build-policies/abac/defining-attributes). + User attributes are used to enforce attribute-based access control policies. You can read more about + [how to define these attributes here](/how-to/build-policies/abac/defining-attributes). + +- **`role_assignments`** (Optional) array (Role Assignments), + Default: None, + An array of role assignments to assign to the user. Each role assignment is an object with the following properties: + - **`role`** string (Role) The role key or ID. + - **`tenant`** (Optional) string (Tenant) The tenant key or ID. + - **`resource_instance`** (Optional) string (Resource Instance) The resource instance key or ID. + + You need to provide either the tenant or the resource_instance, as the role will be either a tenant role or a resource instance role. + Here's a sample request for using the Create User API call: @@ -192,12 +202,19 @@ Here's a sample request for using the Create User API call: "tier": "pro", "expired": false } - } + }, + "role_assignments": [ + { + "role": "admin", + "tenant": "default" + }, + ] } ``` :::note -The API `Create User` function will not assign the user with a role. This needs to be done -separately via the [`Assign Role To User`](https://api.permit.io/v2/redoc#tag/Users/operation/assign_role_to_user) function. +The `role_assignments` parameter is optional. If you do not provide any role assignments, the user will be created without any roles assigned. +For assigning roles to the user after creation, you can use the [`Assign Role To User`](https://api.permit.io/v2/redoc#tag/Users/operation/assign_role_to_user) function. A full list of all API functions, their uses, and purpose [is available here](https://api.permit.io/v2/redoc#tag/Users). +:::