• Get Started
  • Documentation
  • Samples
  • Blog
  • Pricing
    • Table of contents
    Overview
    Tutorials
    Samples
    Changelog
    Access Control
    Download API definition:
    Update iTwin group
    PATCH https://dev-api.bentley.com/accesscontrol/itwins/{id}/groups/{groupId}

    Update the specified iTwin group. The members and imsGroups properties are both capped at 50 each.

    Authentication

    Requires Authorization header with valid Bearer token for scope itwin-platform.

    For more documentation on authorization and how to get access token visit OAUTH2 Authorization page.

    Authorization

    A user can update a Group by being assigned the administration_manage_groups on the iTwin level. If the user is adding members or IMS groups they must also have the administration_invite_member permission assigned at the iTwin level. If the user is removing members or IMS groups they must also have the administration_remove_member permission assigned at the iTwin level.

    A user also can update a Group on an iTwin by either being an Organization Administrator for the Organization that owns the given iTwin, or an owner of the iTwin.

    To update a Group on the Account iTwin, the user must be an Organization Administrator for the Organization.

    An Organization Administrator must have at least one of the following roles assigned in User Management: Account Administrator, Co-Administrator, or CONNECT Services Administrator. For more information about User Management please visit our Bentley Communities Licensing, Cloud, and Web Services wiki page

    Request

    Request parameters

    Name
    Required?
    Description
    id
    Yes
    groupId
    Yes

    Request headers

    Name
    Required?
    Description
    Authorization
    Yes

    OAuth access token with itwin-platform scope

    Accept
    No

    Setting to application/vnd.bentley.itwin-platform.v2+json is recommended.

    Request body

    Group (update)

    Name
    Type
    Required?
    Description
    name
    String
    No

    The name of your Group.

    description
    String
    No

    A description of your Group.

    members
    String[]
    No

    List of users assigned to the Group. Max size of 50.

    imsGroups
    String[]
    No

    List of IMS Group assigned to the Group. Max size of 50.

    Example

    json
    {
    "name": "A new group name",
    "description": "A new group description",
    "members": ["John.Johnson@example.com"],
    "imsGroups": ["Sample IMS Group"]
}

    Response

    Response 200 OK

    OK

    json
    {
    "group": {
        "id": "149d0860-39e9-4ae9-9b05-0b5dcedd2d4b",
        "name": "Sample Group",
        "description": "This is a group for a sample",
        "members": [{
            "userId": "99cf5e21-735c-4598-99eb-fe3940f96353",
            "email": "John.Johnson@example.com",
            "givenName": "John",
            "surname": "Johnson",
            "organization": "Organization Corp."
        }],
        "imsGroups": ["Sample IMS Group"]
    }
}

    Response 401 Unauthorized

    This response indicates that request lacks valid authentication credentials. Access token might not been provided, issued by the wrong issuer, does not have required scopes or request headers were malformed.

    json
    {
    "error": {
        "code": "HeaderNotFound",
        "message": "Header Authorization was not found in the request. Access denied."
    }
}

    Response 403 Forbidden

    The user has insufficient permissions for the requested operation.

    json
    {
    "error": {
        "code": "InsufficientPermissions",
        "message": "The user has insufficient permissions for the requested operation."
    }
}

    Response 404 Not Found

    This response indicates that iTwin, group, member, or IMS group with specified ID was not found.

    json
    {
    "error": {
        "code": "ItwinNotFound",
        "message": "Requested iTwin is not available."
    }
}

    Response 409 Conflict

    Invalid request to update iTwin group. User or IMS Group already exists in iTwin group.

    json
    {
    "error": {
        "code": "UserExists",
        "message": "Requested user already exists in iTwin group.",
        "target": "members[1]"
    }
}

    Response 422 Unprocessable Entity

    Invalid request to update iTwin group. Make sure request had required properties, does not pass in readonly properties, and does not exceed maximum size

    json
    {
    "error": {
        "code": "InvalidiTwinsGroupRequest",
        "message": "Cannot create/update group.",
        "details": [{
                "code": "MissingRequiredProperty",
                "message": "Required property is missing.",
                "target": "Name"
            },
            {
                "code": "MissingRequiredProperty",
                "message": "Required property is missing.",
                "target": "Description"
            },
            {
                "code": "InvalidProperty",
                "message": "Collection size exceeds maximum size.",
                "target": "members"
            },
            {
                "code": "InvalidProperty",
                "message": "Collection size exceeds maximum size.",
                "target": "imsGroups"
            },
            {
                "code": "MissingRequiredProperty",
                "message": "Required property is missing.",
                "target": "members[0]"
            },
            {
                "code": "MissingRequiredProperty",
                "message": "Required property is missing.",
                "target": "imsGroups[0]"
            },
            {
                "code": "InvalidRequestBody",
                "message": "Failed to parse request body or collection is empty."
            }
        ]
    }
}

    Response 429 Too many requests

    This response indicates that the user has sent too many requests in a given amount of time.

    json
    {
    "error": {
        "code": "TooManyRequests",
        "message": "More requests were received than the subscription rate-limit allows."
    }
}

    Response headers

    Name
    Description
    retry-after

    The number of requests exceeds the rate-limit for the client subscription.

    Definitions

    GroupResponse

    Name
    Type
    Description
    group
    Group

    Group

    Name
    Type
    Description
    id
    String

    The Group id.

    name
    String

    The name of your Group.

    description
    String

    A description of your Group.

    members
    GroupUser[]

    List of members assigned to the Group. Max size of 50.

    imsGroups
    String[]

    List of IMS Groups assigned to the Group. Max size of 50.

    GroupUser

    Name
    Type
    Description
    userId
    String

    The user Id in Identity Management System.

    email
    String

    User email.

    givenName
    String

    User given name.

    surname
    String

    User surname.

    organization
    String

    Organization user is member of in Identity Management System.

    Group (update)

    Name
    Type
    Description
    name
    String

    The name of your Group.

    description
    String

    A description of your Group.

    members
    String[]

    List of users assigned to the Group. Max size of 50.

    imsGroups
    String[]

    List of IMS Group assigned to the Group. Max size of 50.

    Error

    Contains error information.

    Name
    Type
    Description
    code
    String

    One of a server-defined set of error codes.

    message
    String

    A human-readable representation of the error.

    target
    String, null

    The target of the error.

    Error Response

    Gives details for an error that occurred while handling the request. Note that clients MUST NOT assume that every failed request will produce an object of this schema, or that all of the properties in the response will be non-null, as the error may have prevented this response from being constructed.

    Name
    Type
    Description
    error
    Error

    Error information.