> ## Documentation Index > Fetch the complete documentation index at: https://docs.omni.co/llms.txt > Use this file to discover all available pages before exploring further. # Grant document permissions > Grant document permissions to users or groups ## OpenAPI ````yaml /api/openapi.yaml post /v1/documents/{documentId}/permissions openapi: 3.1.0 info: title: Omni API description: > The Omni REST API provides programmatic access to your Omni instance for managing users, documents, queries, schedules, and more. version: 1.0.0 contact: name: Omni Support url: https://docs.omni.co servers: - url: https://{instance}.omniapp.co/api description: Production variables: instance: default: blobsrus description: Your production Omni instance subdomain - url: https://{instance}.playground.exploreomni.dev/api description: Playground variables: instance: default: blobsrus description: Your playground Omni instance subdomain security: - bearerAuth: [] - orgApiKey: [] tags: - name: AI description: AI-powered query generation - name: API Tokens description: >- Manage API tokens (Organization keys, Personal Access Tokens, MCP OAuth grants) - name: Connections description: Manage database connections - name: Connection environments description: Manage connection environments database connections - name: Content description: Unified content retrieval (documents and folders) - name: Content migration description: Export and import dashboards - name: Content validator description: Validate content against models and perform find/replace operations - name: Dashboard downloads description: Download dashboards and tiles as PDF, PNG, XLSX, CSV, or JSON files - name: Dashboard filters and controls description: Read and update dashboard filter and control default values - name: dbt description: Manage dbt configuration for connections - name: Documents description: Create, retrieve, and manage documents - name: Document favorites description: Favorite and unfavorite documents - name: Document labels description: Apply and manage labels on documents - name: Document permissions description: Manage document-level access - name: Labels description: > Manage labels in an organization. Labels can be applied to documents and folders to help organize and categorize content. **Label types:** - **Basic labels**: Can be created and managed by any user - **Verified labels**: Indicate curated or officially sanctioned content. Admin-only. - **Homepage labels**: Appear on the organization homepage. Admin-only. - name: Folders description: Create and organize content folders - name: Folder permissions description: Manage folder-level access - name: Jobs description: Check status of asynchronous jobs - name: Models description: Create and manage data models - name: Model branches description: Manage model branches and merge changes - name: Model git configuration description: Manage git configuration for shared models - name: Queries description: Execute workbook queries - name: Schedules description: Create and manage scheduled tasks - name: Schedule recipients description: Manage schedule recipients - name: Schema refresh schedules description: Manage automated schema refresh schedules for connections - name: Topics description: Retrieve topic information from models - name: Uploads description: Manage file uploads - name: Users description: Manage users - name: User attributes description: Manage user attribute definitions - name: User groups description: Manage user groups - name: User model roles description: Manage model and connection role assignments for users - name: User group model roles description: Manage model and connection role assignments for user groups - name: Uploads description: Manage CSV and spreadsheet uploads paths: /v1/documents/{documentId}/permissions: post: tags: - Document permissions summary: Grant document permissions description: Grant document permissions to users or groups operationId: grantDocumentPermissions parameters: - name: documentId in: path required: true schema: type: string description: > The document identifier. To retrieve the ID, navigate to **File > Document settings** in the document and then click **Settings**. The **Identifier** field contains the document ID. requestBody: required: true content: application/json: schema: type: object required: - role properties: role: type: string enum: - NO_ACCESS - VIEWER - EDITOR - MANAGER description: > The content role to assign. Must be one of: - `NO_ACCESS` - No access. Document won't appear in content system or search results. - `VIEWER` - View dashboard - `EDITOR` - Edit dashboard and workbook - `MANAGER` - Edit dashboard and workbook and manage permissions accessBoost: type: boolean default: false description: If `true`, AccessBoost will be enabled for the document. userIds: type: array items: type: string format: uuid description: > The list of user IDs to assign permissions to. Use the [List users](/api/users/list-users) and [List embed users](/api/users/list-embed-users) endpoints to retrieve user IDs. **Either `userIds` or `userGroupIds` is required.** userGroupIds: type: array items: type: string description: > The list of user group IDs to assign permissions to. Use the [List user groups](/api/user-groups/list-user-groups) endpoint to retrieve user group IDs. **Either `userIds` or `userGroupIds` is required.** responses: '200': description: Permissions granted successfully content: application/json: schema: $ref: '#/components/schemas/SuccessResponse' '400': description: | Bad Request. Possible causes: - Missing `userIds` or `userGroupIds` parameter - Invalid `userId` value content: application/json: schema: $ref: '#/components/schemas/Error' examples: missingIds: summary: Missing userIds or userGroupIds value: detail: >- userIds.userGroupIds: userIds or userGroupIds must be provided status: 400 invalidUuid: summary: Invalid userId value value: detail: 'userIds.0: Invalid uuid' status: 400 '403': description: > Forbidden. The user sending the API request must have **Manager** permissions for the document. content: application/json: schema: $ref: '#/components/schemas/Error' example: detail: User does not have permission to manage document permissions status: 403 '404': description: Document not found content: application/json: schema: $ref: '#/components/schemas/Error' example: detail: Document with identifier "" not found status: 404 '429': $ref: '#/components/responses/TooManyRequests' security: - bearerAuth: [] components: schemas: SuccessResponse: type: object properties: success: type: boolean example: true Error: type: object properties: error: type: string description: HTTP response code for the error example: message: type: string description: Detailed error description example: responses: TooManyRequests: description: Too Many Requests - Rate limit exceeded (60 requests/minute) content: application/json: schema: $ref: '#/components/schemas/Error' securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT description: > Can be either an [Organization API Key](/api/authentication#organization-api-keys) or [Personal Access Token (PAT)](/api/authentication#personal-access-tokens-pat). Include in the `Authorization` header as: `Bearer YOUR_TOKEN` orgApiKey: type: http scheme: bearer bearerFormat: JWT description: > Requires an [Organization API Key](/api/authentication#organization-api-keys). Personal Access Tokens (PATs) are not supported for this endpoint. Include in the `Authorization` header as: `Bearer ORGANIZATION_API_KEY` ````