Updates account settings for the requesting user's account. To get your primary account's Id, call the Get My Primary Account endpoint.
Account settings allows configuration of how the iTwins API works for your organization. The configurable settings and their supported values are listed below:
- CreationAuthPolicy - Controls who is able to create iTwins
RbacPermission- Creation only for users who have theitwin_createaccess control permissionAnyoneInOrg- Creation for any user in the account's organization
Authentication
Requires Authorization header with valid Bearer token for scope itwin-platform.
For more documentation on authorization and how to get access token visit OAUTH2 Authorization page.
Authorization
The calling user must be an org admin for their account.
Request parameters
The user's accountId
Request headers
OAuth access token with itwin-platform scope
Setting to application/vnd.bentley.itwin-platform.v1+json is recommended.
Request body
Account Settings (create)
Example
{ "creationAuthPolicy": "RbacPermission" }
Response 200 OK
Account settings successfully updated.
{ "accountSettings": { "id": "76c1102e-4f33-4dfa-ad93-bcd9ab717977", "creationAuthPolicy": "RbacPermission", "lastModifiedDateTime": "2026-05-20T14:36:41Z", "lastModifiedBy": "c08876e6-ea42-4174-8bd4-303de0ed14d9" } }
Response 401 Unauthorized
This response indicates that request lacks valid authentication credentials. Access token might not been provided, issued by the wrong issuer, does not have required scopes or request headers were malformed.
{ "error": { "code": "HeaderNotFound", "message": "Header Authorization was not found in the request. Access denied." } }
Response 403 Forbidden
User is not authorized to update account settings for this account.
{ "error": { "code": "InsufficientPermissions", "message": "The user has insufficient permissions for the requested operation." } }
Response 404 Not Found
This response indicates that the specified iTwin was not found.
{ "error": { "code": "iTwinNotFound", "message": "Requested iTwin is not available." } }
Response 422 Unprocessable Entity
Invalid request to update account settings.
{ "error": { "code": "InvalidiTwinsRequest", "message": "creationAuthPolicy must be a supported value." } }
Response 429 Too many requests
This response indicates that the client sent more requests than allowed by this API for the current tier of the client.
{ "error": { "code": "RateLimitExceeded", "message": "The client sent more requests than allowed by this API for the current tier of the client." } }
Response headers
Number of seconds to wait until client is allowed to make more requests.
Error
Contains error information.
One of a server-defined set of error codes.
The target of the error.
A human-readable representation of the error.
{ "type": "object", "required": [ "code", "message" ], "properties": { "code": { "type": "string", "description": "One of a server-defined set of error codes." }, "target": { "type": "string", "nullable": true, "description": "The target of the error." }, "message": { "type": "string", "description": "A human-readable representation of the error." } }, "description": "Contains error information.", "additionalProperties": true }
Error Response
Gives details for an error that occurred while handling the request. Note that clients MUST NOT assume that every failed request will produce an object of this schema, or that all of the properties in the response will be non-null, as the error may have prevented this response from being constructed.
{ "type": "object", "title": "Error Response", "required": [ "error" ], "properties": { "error": { "$ref": "#/components/schemas/Error", "description": "Error information." } }, "description": "Gives details for an error that occurred while handling the request. Note that clients MUST NOT assume that every failed request will produce an object of this schema, or that all of the properties in the response will be non-null, as the error may have prevented this response from being constructed.", "additionalProperties": false }
Account Settings Policy
Account-level configuration for iTwin API behavior.
Unique identifier of the account.
The Id of the user that last modified the settings.
UTC timestamp of the most recent update.
{ "type": "object", "title": "Account Settings Policy", "required": [ "id", "creationAuthPolicy" ], "properties": { "id": { "type": "string", "format": "uuid", "description": "Unique identifier of the account." }, "lastModifiedBy": { "type": "string", "nullable": true, "description": "The Id of the user that last modified the settings." }, "creationAuthPolicy": { "$ref": "#/components/schemas/AccountSettingsCreateAuthType" }, "lastModifiedDateTime": { "type": "string", "format": "date-time", "nullable": true, "description": "UTC timestamp of the most recent update." } }, "description": "Account-level configuration for iTwin API behavior.", "additionalProperties": false }
Account Settings (create)
Properties for creating account-level iTwin settings.
{ "type": "object", "title": "Account Settings (create)", "required": [ "creationAuthPolicy" ], "properties": { "creationAuthPolicy": { "$ref": "#/components/schemas/AccountSettingsCreateAuthType" } }, "description": "Properties for creating account-level iTwin settings.", "additionalProperties": false }
Account Settings Create Auth Type
Determines who can create iTwins for the account.
{ "enum": [ "RbacPermission", "AnyoneInOrg" ], "type": "string", "title": "Account Settings Create Auth Type", "description": "Determines who can create iTwins for the account." }
AccountSettingsPolicy-response
{ "type": "object", "required": [ "accountSettings" ], "properties": { "accountSettings": { "$ref": "#/components/schemas/AccountSettingsPolicy" } }, "additionalProperties": false }
Was this page helpful?