mirror of
https://github.com/coder/coder.git
synced 2026-06-03 13:08:25 +00:00
Paweł Banaszewski
f22d4e2cbb
Adds table to store keys that AI Gateway standalone replicas will use to authenticate into Coderd. Also adds RBAC and audit boilerplate.
66 KiB
Generated
66 KiB
Generated
Members
List organization members
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/members \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /api/v2/organizations/{organization}/members
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string | true | Organization ID |
Example responses
200 Response
[
{
"avatar_url": "string",
"created_at": "2019-08-24T14:15:22Z",
"email": "string",
"global_roles": [
{
"display_name": "string",
"name": "string",
"organization_id": "string"
}
],
"has_ai_seat": true,
"is_service_account": true,
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"roles": [
{
"display_name": "string",
"name": "string",
"organization_id": "string"
}
],
"status": "active",
"updated_at": "2019-08-24T14:15:22Z",
"user_created_at": "2019-08-24T14:15:22Z",
"user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
"user_updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.OrganizationMemberWithUserData |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» avatar_url |
string | false | ||
» created_at |
string(date-time) | false | ||
» email |
string | false | ||
» global_roles |
array | false | ||
»» display_name |
string | false | ||
»» name |
string | false | ||
»» organization_id |
string | false | ||
» has_ai_seat |
boolean | false | Has ai seat intentionally omits omitempty so the API always includes the field, even when false. | |
» is_service_account |
boolean | false | ||
» last_seen_at |
string(date-time) | false | ||
» login_type |
codersdk.LoginType | false | ||
» name |
string | false | ||
» organization_id |
string(uuid) | false | ||
» roles |
array | false | ||
» status |
codersdk.UserStatus | false | ||
» updated_at |
string(date-time) | false | ||
» user_created_at |
string(date-time) | false | ||
» user_id |
string(uuid) | false | ||
» user_updated_at |
string(date-time) | false | ||
» username |
string | false |
Enumerated Values
| Property | Value(s) |
|---|---|
login_type |
``, github, none, oidc, password, token |
status |
active, suspended |
To perform this operation, you must be authenticated. Learn more.
Get member roles by organization
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/members/roles \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /api/v2/organizations/{organization}/members/roles
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
Example responses
200 Response
[
{
"assignable": true,
"built_in": true,
"display_name": "string",
"name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"organization_member_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"organization_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"site_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"user_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
]
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.AssignableRoles |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» assignable |
boolean | false | ||
» built_in |
boolean | false | Built in roles are immutable | |
» display_name |
string | false | ||
» name |
string | false | ||
» organization_id |
string(uuid) | false | ||
» organization_member_permissions |
array | false | Organization member permissions are specific for the organization in the field 'OrganizationID' above. | |
»» action |
codersdk.RBACAction | false | ||
»» negate |
boolean | false | Negate makes this a negative permission | |
»» resource_type |
codersdk.RBACResource | false | ||
» organization_permissions |
array | false | Organization permissions are specific for the organization in the field 'OrganizationID' above. | |
» site_permissions |
array | false | ||
» user_permissions |
array | false |
Enumerated Values
| Property | Value(s) |
|---|---|
action |
application_connect, assign, create, create_agent, delete, delete_agent, read, read_personal, share, ssh, start, stop, unassign, update, update_agent, update_personal, use, view_insights |
resource_type |
*, ai_gateway_key, ai_model_price, ai_provider, ai_seat, aibridge_interception, api_key, assign_org_role, assign_role, audit_log, boundary_log, boundary_usage, chat, connection_log, crypto_key, debug_info, deployment_config, deployment_stats, file, group, group_member, idpsync_settings, inbox_notification, license, notification_message, notification_preference, notification_template, oauth2_app, oauth2_app_code_token, oauth2_app_secret, organization, organization_member, prebuilt_workspace, provisioner_daemon, provisioner_jobs, replicas, system, tailnet_coordinator, task, template, usage_event, user, user_secret, user_skill, webpush_subscription, workspace, workspace_agent_devcontainers, workspace_agent_resource_monitor, workspace_dormant, workspace_proxy |
To perform this operation, you must be authenticated. Learn more.
Update a custom organization role
Code samples
# Example request using curl
curl -X PUT http://coder-server:8080/api/v2/organizations/{organization}/members/roles \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PUT /api/v2/organizations/{organization}/members/roles
Body parameter
{
"display_name": "string",
"name": "string",
"organization_member_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"organization_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"site_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"user_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
body |
body | codersdk.CustomRoleRequest | true | Update role request |
Example responses
200 Response
[
{
"display_name": "string",
"name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"organization_member_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"organization_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"site_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"user_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
]
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.Role |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» display_name |
string | false | ||
» name |
string | false | ||
» organization_id |
string(uuid) | false | ||
» organization_member_permissions |
array | false | Organization member permissions are specific for the organization in the field 'OrganizationID' above. | |
»» action |
codersdk.RBACAction | false | ||
»» negate |
boolean | false | Negate makes this a negative permission | |
»» resource_type |
codersdk.RBACResource | false | ||
» organization_permissions |
array | false | Organization permissions are specific for the organization in the field 'OrganizationID' above. | |
» site_permissions |
array | false | ||
» user_permissions |
array | false |
Enumerated Values
| Property | Value(s) |
|---|---|
action |
application_connect, assign, create, create_agent, delete, delete_agent, read, read_personal, share, ssh, start, stop, unassign, update, update_agent, update_personal, use, view_insights |
resource_type |
*, ai_gateway_key, ai_model_price, ai_provider, ai_seat, aibridge_interception, api_key, assign_org_role, assign_role, audit_log, boundary_log, boundary_usage, chat, connection_log, crypto_key, debug_info, deployment_config, deployment_stats, file, group, group_member, idpsync_settings, inbox_notification, license, notification_message, notification_preference, notification_template, oauth2_app, oauth2_app_code_token, oauth2_app_secret, organization, organization_member, prebuilt_workspace, provisioner_daemon, provisioner_jobs, replicas, system, tailnet_coordinator, task, template, usage_event, user, user_secret, user_skill, webpush_subscription, workspace, workspace_agent_devcontainers, workspace_agent_resource_monitor, workspace_dormant, workspace_proxy |
To perform this operation, you must be authenticated. Learn more.
Insert a custom organization role
Code samples
# Example request using curl
curl -X POST http://coder-server:8080/api/v2/organizations/{organization}/members/roles \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
POST /api/v2/organizations/{organization}/members/roles
Body parameter
{
"display_name": "string",
"name": "string",
"organization_member_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"organization_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"site_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"user_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
body |
body | codersdk.CustomRoleRequest | true | Insert role request |
Example responses
200 Response
[
{
"display_name": "string",
"name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"organization_member_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"organization_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"site_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"user_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
]
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.Role |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» display_name |
string | false | ||
» name |
string | false | ||
» organization_id |
string(uuid) | false | ||
» organization_member_permissions |
array | false | Organization member permissions are specific for the organization in the field 'OrganizationID' above. | |
»» action |
codersdk.RBACAction | false | ||
»» negate |
boolean | false | Negate makes this a negative permission | |
»» resource_type |
codersdk.RBACResource | false | ||
» organization_permissions |
array | false | Organization permissions are specific for the organization in the field 'OrganizationID' above. | |
» site_permissions |
array | false | ||
» user_permissions |
array | false |
Enumerated Values
| Property | Value(s) |
|---|---|
action |
application_connect, assign, create, create_agent, delete, delete_agent, read, read_personal, share, ssh, start, stop, unassign, update, update_agent, update_personal, use, view_insights |
resource_type |
*, ai_gateway_key, ai_model_price, ai_provider, ai_seat, aibridge_interception, api_key, assign_org_role, assign_role, audit_log, boundary_log, boundary_usage, chat, connection_log, crypto_key, debug_info, deployment_config, deployment_stats, file, group, group_member, idpsync_settings, inbox_notification, license, notification_message, notification_preference, notification_template, oauth2_app, oauth2_app_code_token, oauth2_app_secret, organization, organization_member, prebuilt_workspace, provisioner_daemon, provisioner_jobs, replicas, system, tailnet_coordinator, task, template, usage_event, user, user_secret, user_skill, webpush_subscription, workspace, workspace_agent_devcontainers, workspace_agent_resource_monitor, workspace_dormant, workspace_proxy |
To perform this operation, you must be authenticated. Learn more.
Delete a custom organization role
Code samples
# Example request using curl
curl -X DELETE http://coder-server:8080/api/v2/organizations/{organization}/members/roles/{roleName} \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
DELETE /api/v2/organizations/{organization}/members/roles/{roleName}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
roleName |
path | string | true | Role name |
Example responses
200 Response
[
{
"display_name": "string",
"name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"organization_member_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"organization_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"site_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"user_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
]
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.Role |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» display_name |
string | false | ||
» name |
string | false | ||
» organization_id |
string(uuid) | false | ||
» organization_member_permissions |
array | false | Organization member permissions are specific for the organization in the field 'OrganizationID' above. | |
»» action |
codersdk.RBACAction | false | ||
»» negate |
boolean | false | Negate makes this a negative permission | |
»» resource_type |
codersdk.RBACResource | false | ||
» organization_permissions |
array | false | Organization permissions are specific for the organization in the field 'OrganizationID' above. | |
» site_permissions |
array | false | ||
» user_permissions |
array | false |
Enumerated Values
| Property | Value(s) |
|---|---|
action |
application_connect, assign, create, create_agent, delete, delete_agent, read, read_personal, share, ssh, start, stop, unassign, update, update_agent, update_personal, use, view_insights |
resource_type |
*, ai_gateway_key, ai_model_price, ai_provider, ai_seat, aibridge_interception, api_key, assign_org_role, assign_role, audit_log, boundary_log, boundary_usage, chat, connection_log, crypto_key, debug_info, deployment_config, deployment_stats, file, group, group_member, idpsync_settings, inbox_notification, license, notification_message, notification_preference, notification_template, oauth2_app, oauth2_app_code_token, oauth2_app_secret, organization, organization_member, prebuilt_workspace, provisioner_daemon, provisioner_jobs, replicas, system, tailnet_coordinator, task, template, usage_event, user, user_secret, user_skill, webpush_subscription, workspace, workspace_agent_devcontainers, workspace_agent_resource_monitor, workspace_dormant, workspace_proxy |
To perform this operation, you must be authenticated. Learn more.
Get organization member
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/members/{user} \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /api/v2/organizations/{organization}/members/{user}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string | true | Organization ID |
user |
path | string | true | User ID, name, or me |
Example responses
200 Response
{
"avatar_url": "string",
"created_at": "2019-08-24T14:15:22Z",
"email": "string",
"global_roles": [
{
"display_name": "string",
"name": "string",
"organization_id": "string"
}
],
"has_ai_seat": true,
"is_service_account": true,
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"roles": [
{
"display_name": "string",
"name": "string",
"organization_id": "string"
}
],
"status": "active",
"updated_at": "2019-08-24T14:15:22Z",
"user_created_at": "2019-08-24T14:15:22Z",
"user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
"user_updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.OrganizationMemberWithUserData |
To perform this operation, you must be authenticated. Learn more.
Add organization member
Code samples
# Example request using curl
curl -X POST http://coder-server:8080/api/v2/organizations/{organization}/members/{user} \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
POST /api/v2/organizations/{organization}/members/{user}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string | true | Organization ID |
user |
path | string | true | User ID, name, or me |
Example responses
200 Response
{
"created_at": "2019-08-24T14:15:22Z",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"roles": [
{
"display_name": "string",
"name": "string",
"organization_id": "string"
}
],
"updated_at": "2019-08-24T14:15:22Z",
"user_id": "a169451c-8525-4352-b8ca-070dd449a1a5"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.OrganizationMember |
To perform this operation, you must be authenticated. Learn more.
Remove organization member
Code samples
# Example request using curl
curl -X DELETE http://coder-server:8080/api/v2/organizations/{organization}/members/{user} \
-H 'Coder-Session-Token: API_KEY'
DELETE /api/v2/organizations/{organization}/members/{user}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string | true | Organization ID |
user |
path | string | true | User ID, name, or me |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content |
To perform this operation, you must be authenticated. Learn more.
Assign role to organization member
Code samples
# Example request using curl
curl -X PUT http://coder-server:8080/api/v2/organizations/{organization}/members/{user}/roles \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PUT /api/v2/organizations/{organization}/members/{user}/roles
Body parameter
{
"roles": [
"string"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string | true | Organization ID |
user |
path | string | true | User ID, name, or me |
body |
body | codersdk.UpdateRoles | true | Update roles request |
Example responses
200 Response
{
"created_at": "2019-08-24T14:15:22Z",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"roles": [
{
"display_name": "string",
"name": "string",
"organization_id": "string"
}
],
"updated_at": "2019-08-24T14:15:22Z",
"user_id": "a169451c-8525-4352-b8ca-070dd449a1a5"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.OrganizationMember |
To perform this operation, you must be authenticated. Learn more.
Paginated organization members
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/paginated-members \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /api/v2/organizations/{organization}/paginated-members
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string | true | Organization ID |
q |
query | string | false | Member search query |
after_id |
query | string(uuid) | false | After ID |
limit |
query | integer | false | Page limit, if 0 returns all members |
offset |
query | integer | false | Page offset |
Example responses
200 Response
[
{
"count": 0,
"members": [
{
"avatar_url": "string",
"created_at": "2019-08-24T14:15:22Z",
"email": "string",
"global_roles": [
{
"display_name": "string",
"name": "string",
"organization_id": "string"
}
],
"has_ai_seat": true,
"is_service_account": true,
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"roles": [
{
"display_name": "string",
"name": "string",
"organization_id": "string"
}
],
"status": "active",
"updated_at": "2019-08-24T14:15:22Z",
"user_created_at": "2019-08-24T14:15:22Z",
"user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
"user_updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
]
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.PaginatedMembersResponse |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» count |
integer | false | ||
» members |
array | false | ||
»» avatar_url |
string | false | ||
»» created_at |
string(date-time) | false | ||
»» email |
string | false | ||
»» global_roles |
array | false | ||
»»» display_name |
string | false | ||
»»» name |
string | false | ||
»»» organization_id |
string | false | ||
»» has_ai_seat |
boolean | false | Has ai seat intentionally omits omitempty so the API always includes the field, even when false. | |
»» is_service_account |
boolean | false | ||
»» last_seen_at |
string(date-time) | false | ||
»» login_type |
codersdk.LoginType | false | ||
»» name |
string | false | ||
»» organization_id |
string(uuid) | false | ||
»» roles |
array | false | ||
»» status |
codersdk.UserStatus | false | ||
»» updated_at |
string(date-time) | false | ||
»» user_created_at |
string(date-time) | false | ||
»» user_id |
string(uuid) | false | ||
»» user_updated_at |
string(date-time) | false | ||
»» username |
string | false |
Enumerated Values
| Property | Value(s) |
|---|---|
login_type |
``, github, none, oidc, password, token |
status |
active, suspended |
To perform this operation, you must be authenticated. Learn more.
Get site member roles
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/users/roles \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /api/v2/users/roles
Example responses
200 Response
[
{
"assignable": true,
"built_in": true,
"display_name": "string",
"name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"organization_member_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"organization_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"site_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
],
"user_permissions": [
{
"action": "application_connect",
"negate": true,
"resource_type": "*"
}
]
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.AssignableRoles |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» assignable |
boolean | false | ||
» built_in |
boolean | false | Built in roles are immutable | |
» display_name |
string | false | ||
» name |
string | false | ||
» organization_id |
string(uuid) | false | ||
» organization_member_permissions |
array | false | Organization member permissions are specific for the organization in the field 'OrganizationID' above. | |
»» action |
codersdk.RBACAction | false | ||
»» negate |
boolean | false | Negate makes this a negative permission | |
»» resource_type |
codersdk.RBACResource | false | ||
» organization_permissions |
array | false | Organization permissions are specific for the organization in the field 'OrganizationID' above. | |
» site_permissions |
array | false | ||
» user_permissions |
array | false |
Enumerated Values
| Property | Value(s) |
|---|---|
action |
application_connect, assign, create, create_agent, delete, delete_agent, read, read_personal, share, ssh, start, stop, unassign, update, update_agent, update_personal, use, view_insights |
resource_type |
*, ai_gateway_key, ai_model_price, ai_provider, ai_seat, aibridge_interception, api_key, assign_org_role, assign_role, audit_log, boundary_log, boundary_usage, chat, connection_log, crypto_key, debug_info, deployment_config, deployment_stats, file, group, group_member, idpsync_settings, inbox_notification, license, notification_message, notification_preference, notification_template, oauth2_app, oauth2_app_code_token, oauth2_app_secret, organization, organization_member, prebuilt_workspace, provisioner_daemon, provisioner_jobs, replicas, system, tailnet_coordinator, task, template, usage_event, user, user_secret, user_skill, webpush_subscription, workspace, workspace_agent_devcontainers, workspace_agent_resource_monitor, workspace_dormant, workspace_proxy |
To perform this operation, you must be authenticated. Learn more.