Install Self-Hosted
Get Started on Cloud
BasicsPipelinesActions & ServicesEnvironmentsIntegrationsTargetsTestsDomainsSandboxesAgents & Tunnels

Create

View as Markdown
  • POST
  • /workspaces
  • /:workspace
  • /permissions

Creates a custom permission set. Restricted to admins only.

Request

REQUIRED SCOPES
WORKSPACE
URL PARAMETERS
workspacerequiredstring
Workspace domain

Example: "my-company"

POST PARAMETERS
urlread-onlystring
API endpoint to GET this object
html_urlread-onlystring
Web URL to view this object in Buddy.works
namerequiredstring
The name of the permission set
descriptionstring
The description of the permission set
repository_access_levelrequiredstring enum
The repository access level
Allowed enum:
DENIED,
READ_ONLY,
READ_WRITE,
MANAGE
pipeline_access_levelrequiredstring enum
The pipeline access level
Allowed enum:
DENIED,
READ_ONLY,
RUN_ONLY,
READ_WRITE
sandbox_access_levelrequiredstring enum
The sandbox access level
Allowed enum:
DENIED,
READ_ONLY,
RUN_ONLY,
READ_WRITE
project_team_access_levelrequiredstring enum
The project team access level
Allowed enum:
READ_ONLY,
MANAGE
environment_access_levelrequiredstring enum
The environment access level
Allowed enum:
DENIED,
MANAGE,
USE_ONLY
package_access_levelrequiredstring enum
The package access level
Allowed enum:
DENIED,
READ_ONLY,
READ_WRITE,
MANAGE
routing_access_levelrequiredstring enum
The routing access level
Allowed enum:
DENIED,
READ_ONLY,
MANAGE
target_access_levelrequiredstring enum
The target access level
Allowed enum:
DENIED,
READ_ONLY,
USE_ONLY,
MANAGE

Response

RESPONSE BODY
typestring enum
The type of the permission set
Allowed enum:
DEVELOPER,
READ_ONLY,
CUSTOM,
PROJECT_MANAGER
urlread-onlystring
API endpoint to GET this object
html_urlread-onlystring
Web URL to view this object in Buddy.works
namerequiredstring
The name of the permission set
descriptionstring
The description of the permission set
repository_access_levelrequiredstring enum
The repository access level
Allowed enum:
DENIED,
READ_ONLY,
READ_WRITE,
MANAGE
pipeline_access_levelrequiredstring enum
The pipeline access level
Allowed enum:
DENIED,
READ_ONLY,
RUN_ONLY,
READ_WRITE
sandbox_access_levelrequiredstring enum
The sandbox access level
Allowed enum:
DENIED,
READ_ONLY,
RUN_ONLY,
READ_WRITE
project_team_access_levelrequiredstring enum
The project team access level
Allowed enum:
READ_ONLY,
MANAGE
environment_access_levelrequiredstring enum
The environment access level
Allowed enum:
DENIED,
MANAGE,
USE_ONLY
package_access_levelrequiredstring enum
The package access level
Allowed enum:
DENIED,
READ_ONLY,
READ_WRITE,
MANAGE
routing_access_levelrequiredstring enum
The routing access level
Allowed enum:
DENIED,
READ_ONLY,
MANAGE
target_access_levelrequiredstring enum
The target access level
Allowed enum:
DENIED,
READ_ONLY,
USE_ONLY,
MANAGE
idrequiredinteger
The ID of the permission set

Last modified on Jan 26, 2026

Previous pageSingle custom permission setNext pageEdit

Request example

curl -X POST "https://api.buddy.works/workspaces/:workspace/permissions" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "Content-Type: application/json" \
  -d '{
  "name": "Developer",
  "description": "Full development access with restrictions",
  "repository_access_level": "READ_WRITE",
  "pipeline_access_level": "READ_WRITE",
  "sandbox_access_level": "READ_WRITE",
  "project_team_access_level": "READ_ONLY",
  "environment_access_level": "USE_ONLY",
  "package_access_level": "READ_WRITE"
}'