Grants a role (one of 'admin', 'editor', 'commenter', or 'viewer') on a workspace resource to a user, group, or workspace (service account) API key. This overrides any existing role the target has on the resource. To target a user or service account, pass only the user email; the user must be in your workspace. To target a group, pass only the group id. To target a workspace (service account) API key, pass the api key id; the resource will be shared with the service account associated with that key. You must have admin access to the resource to share it.
Request
This endpoint expects an object.
roleenumRequired
Role to grant to the target: one of ‘admin’, ‘editor’, ‘commenter’, or ‘viewer’.
resource_typeenumRequired
Resource type of the target resource.
user_emailstring or nullOptional
The email of the user or service account.
group_idstring or nullOptional
The ID of the target group. Use ‘default’ to set the resource’s baseline role — every workspace member receives this role unless they hold a higher one through a direct user grant, group membership, or workspace (service account) API key.
workspace_api_key_idstring or nullOptional
The ID of the target workspace (service account) API key. This is not the API key string itself that you pass in the header for authentication — it is the key’s ID, which workspace admins can find under Developers → Service Accounts.
