Set Scope Permissions
curl --request PUT \
--url https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions \
--header 'Content-Type: application/json' \
--header 'apikey: <api-key>' \
--data '
{
"permissions": {
"sendMessage": "deny",
"initiateCall": "friends"
}
}
'import requests
url = "https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions"
payload = { "permissions": {
"sendMessage": "deny",
"initiateCall": "friends"
} }
headers = {
"apikey": "<api-key>",
"Content-Type": "application/json"
}
response = requests.put(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'PUT',
headers: {apikey: '<api-key>', 'Content-Type': 'application/json'},
body: JSON.stringify({permissions: {sendMessage: 'deny', initiateCall: 'friends'}})
};
fetch('https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "PUT",
CURLOPT_POSTFIELDS => json_encode([
'permissions' => [
'sendMessage' => 'deny',
'initiateCall' => 'friends'
]
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json",
"apikey: <api-key>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions"
payload := strings.NewReader("{\n \"permissions\": {\n \"sendMessage\": \"deny\",\n \"initiateCall\": \"friends\"\n }\n}")
req, _ := http.NewRequest("PUT", url, payload)
req.Header.Add("apikey", "<api-key>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.put("https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions")
.header("apikey", "<api-key>")
.header("Content-Type", "application/json")
.body("{\n \"permissions\": {\n \"sendMessage\": \"deny\",\n \"initiateCall\": \"friends\"\n }\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Put.new(url)
request["apikey"] = '<api-key>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"permissions\": {\n \"sendMessage\": \"deny\",\n \"initiateCall\": \"friends\"\n }\n}"
response = http.request(request)
puts response.read_body{
"data": {
"sendMessage": {
"success": true,
"message": "Permission with id sendMessage have been mapped successfully to scope admin on group cometchat-guid-1."
},
"permissions": {
"sendMessage": "allow",
"listMembers": "allow",
"listMembers.allowedScopes": "participant",
"addReaction": "deny",
"listReactions.allowedScopes": "moderator",
"listReactions": "deny",
"sendThreadedMessage": "allow",
"initiateCall": "deny",
"initiateCall.allowedScopes": "participant",
"initiateCall.allowedType": "audio",
"editMessage": "allow"
}
}
}Role Based Access Control
Set Scope Permissions
Sets or updates permissions for a specific group scope
PUT
/
groups
/
{guid}
/
scopes
/
{scope}
/
permissions
Set Scope Permissions
curl --request PUT \
--url https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions \
--header 'Content-Type: application/json' \
--header 'apikey: <api-key>' \
--data '
{
"permissions": {
"sendMessage": "deny",
"initiateCall": "friends"
}
}
'import requests
url = "https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions"
payload = { "permissions": {
"sendMessage": "deny",
"initiateCall": "friends"
} }
headers = {
"apikey": "<api-key>",
"Content-Type": "application/json"
}
response = requests.put(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'PUT',
headers: {apikey: '<api-key>', 'Content-Type': 'application/json'},
body: JSON.stringify({permissions: {sendMessage: 'deny', initiateCall: 'friends'}})
};
fetch('https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "PUT",
CURLOPT_POSTFIELDS => json_encode([
'permissions' => [
'sendMessage' => 'deny',
'initiateCall' => 'friends'
]
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json",
"apikey: <api-key>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions"
payload := strings.NewReader("{\n \"permissions\": {\n \"sendMessage\": \"deny\",\n \"initiateCall\": \"friends\"\n }\n}")
req, _ := http.NewRequest("PUT", url, payload)
req.Header.Add("apikey", "<api-key>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.put("https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions")
.header("apikey", "<api-key>")
.header("Content-Type", "application/json")
.body("{\n \"permissions\": {\n \"sendMessage\": \"deny\",\n \"initiateCall\": \"friends\"\n }\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://{appId}.api-{region}.cometchat.io/v3/groups/{guid}/scopes/{scope}/permissions")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Put.new(url)
request["apikey"] = '<api-key>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"permissions\": {\n \"sendMessage\": \"deny\",\n \"initiateCall\": \"friends\"\n }\n}"
response = http.request(request)
puts response.read_body{
"data": {
"sendMessage": {
"success": true,
"message": "Permission with id sendMessage have been mapped successfully to scope admin on group cometchat-guid-1."
},
"permissions": {
"sendMessage": "allow",
"listMembers": "allow",
"listMembers.allowedScopes": "participant",
"addReaction": "deny",
"listReactions.allowedScopes": "moderator",
"listReactions": "deny",
"sendThreadedMessage": "allow",
"initiateCall": "deny",
"initiateCall.allowedScopes": "participant",
"initiateCall.allowedType": "audio",
"editMessage": "allow"
}
}
}For the complete error reference, see Error Guide.
Authorizations
API Key with fullAccess scope(i.e. Rest API Key from the Dashboard).
Path Parameters
The group GUID to update scope permissions for
Example:
"supergroup"
The scope identifier (e.g., admin, moderator, participant)
Example:
"admin"
Body
application/json
Permissions object containing key-value pairs for scope permissions
Example:
{
"sendMessage": "deny",
"initiateCall": "friends"
}
Response
200 - application/json
Scope permissions updated successfully
Was this page helpful?
⌘I