Get Permissions

curl --request POST \
  --url https://api.velt.dev/v2/auth/permissions/get \
  --header 'Content-Type: application/json' \
  --header 'x-velt-api-key: <x-velt-api-key>' \
  --header 'x-velt-auth-token: <x-velt-auth-token>' \
  --data '{
  "data": {
    "organizationId": "<string>",
    "userIds": [
      {}
    ],
    "folderIds": [
      {}
    ],
    "documentIds": [
      {}
    ]
  }
}'

{
    "result": {
        "status": "success",
        "message": "User permissions retrieved successfully.",
        "data": {
            "1.1": {
                "documents": {
                    "document1-26-may-2025-folder2": {
                        "accessRole": "viewer"
                    }
                },
                "organization": {
                    "org1": {
                        "accessRole": "editor"
                    }
                }
            }
        }
    }
}

POST

auth

permissions

get

Get Permissions

curl --request POST \
  --url https://api.velt.dev/v2/auth/permissions/get \
  --header 'Content-Type: application/json' \
  --header 'x-velt-api-key: <x-velt-api-key>' \
  --header 'x-velt-auth-token: <x-velt-auth-token>' \
  --data '{
  "data": {
    "organizationId": "<string>",
    "userIds": [
      {}
    ],
    "folderIds": [
      {}
    ],
    "documentIds": [
      {}
    ]
  }
}'

{
    "result": {
        "status": "success",
        "message": "User permissions retrieved successfully.",
        "data": {
            "1.1": {
                "documents": {
                    "document1-26-may-2025-folder2": {
                        "accessRole": "viewer"
                    }
                },
                "organization": {
                    "org1": {
                        "accessRole": "editor"
                    }
                }
            }
        }
    }
}

Use this API to get a user’s permissions for various resources like organizations, folders, documents, etc.

Returns permissions per user and resource. Temporary permissions include an expiresAt (Unix seconds) value.
See the Access Control overview for concepts and detailed guidance.

Endpoint

POST https://api.velt.dev/v2/auth/permissions/get

Headers

x-velt-api-key

string

required

Your API key.

x-velt-auth-token

string

required

Your Auth Token.

Body

data

object

required

Show properties

organizationId

string

required

The ID of the organization to query.

userIds

array

required

Array of user IDs to fetch permissions for.

folderIds

array

Optional array of folder IDs to include in the result.

documentIds

array

Optional array of document IDs to include in the result.

Example Request

JSON
cURL

{
  "data": {
    "organizationId": "org1",
    "documentIds": ["freestyle-comments1"],
    "userIds": ["samarth"]
  }
}

Response

Error responses include an errorCode field with structured error codes from the UserPermissionAccessRoleResult enum. This helps you handle permission resolution failures programmatically.

Response Schema

The response returns a nested structure with permissions per user and resource type. Each resource permission can include:

Field	Type	Description
`accessRole`	`string`	The user’s access role (`"editor"` or `"viewer"`)
`expiresAt`	`number`	Unix timestamp (seconds) when temporary access expires
`error`	`string`	Human-readable error message if permission resolution failed
`errorCode`	`string`	Error code from UserPermissionAccessRoleResult enum (v4.5.4+)

Success Response

{
    "result": {
        "status": "success",
        "message": "User permissions retrieved successfully.",
        "data": {
            "1.1": {
                "documents": {
                    "document1-26-may-2025-folder2": {
                        "accessRole": "viewer"
                    }
                },
                "organization": {
                    "org1": {
                        "accessRole": "editor"
                    }
                }
            }
        }
    }
}

Permission Denied

{
    "result": {
        "status": "success",
        "message": "User permissions retrieved successfully.",
        "data": {
            "1.1": {
                "documents": {
                    "document5": {
                        "error": "User does not have access to document",
                        "errorCode": "permission_denied"
                    }
                },
                "organization": {
                    "org1": {
                        "accessRole": "editor"
                    }
                }
            }
        }
    }
}

Error Response Examples

When a resource does not exist, is denied, or encounters an error, the response includes both an error message and an errorCode: Resource Not Found:

{
    "error": {
        "details": {
            "1.1": {
                "documents": {
                    "document1-26-may-2025-folder222": {
                        "error": "Document does not exist",
                        "errorCode": "does_not_exist"
                    }
                },
                "organization": {
                    "org1": {
                        "accessRole": "editor"
                    }
                }
            }
        },
        "message": "Folder or document does not exist",
        "status": "NOT_FOUND"
    }
}

API Failure Response

{
  "error": {
    "message": "ERROR_MESSAGE",
    "status": "INVALID_ARGUMENT"
  }
}

{
    "result": {
        "status": "success",
        "message": "User permissions retrieved successfully.",
        "data": {
            "1.1": {
                "documents": {
                    "document1-26-may-2025-folder2": {
                        "accessRole": "viewer"
                    }
                },
                "organization": {
                    "org1": {
                        "accessRole": "editor"
                    }
                }
            }
        }
    }
}

Add Permissions Remove Permissions

⌘I

REST APIs

SDK

Get Permissions

Endpoint

Headers

Body

Example Request

Response

Response Schema

Success Response

Permission Denied

Error Response Examples

API Failure Response

REST APIs

SDK

​Endpoint

​Headers

​Body

​Example Request

​Response

​Response Schema

​Success Response

​Permission Denied

​Error Response Examples

​API Failure Response

Endpoint

Headers

Body

Example Request

Response

Response Schema

Success Response

Permission Denied

Error Response Examples

API Failure Response