Update RBAC Status

Enable or disable Role-Based Access Control (RBAC) for your workspace.

Endpoint

PUT /v1/workspaces/{workspaceId}/rbac-status

Authentication

Requires API key authentication with a valid access token.

Request

curl -X PUT \
  'https://api.sharely.ai/v1/workspaces/{workspaceId}/rbac-status' \
  -H 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
  -H 'Content-Type: application/json' \
  -H 'organizationid: your-organization-id' \
  -d '{
    "rbacStatus": "ACTIVE"
  }'

Path Parameters

Parameter	Type	Required	Description
`workspaceId`	string (UUID)	Yes	The unique identifier of the workspace

Headers

Header	Type	Required	Description
`Authorization`	string	Yes	Bearer token with access token
`organizationid`	string (UUID)	Yes	Your organization ID
`Content-Type`	string	Yes	Must be `application/json`

Body Parameters

Parameter	Type	Required	Description
`rbacStatus`	string	Yes	RBAC mode: `ACTIVE` or `INACTIVE`

Response

Success Response (200 OK)

{
  "id": "264393d7-6379-453a-9535-e2452e972fdc",
  "rbacStatus": "ACTIVE",
  "updatedAt": "2024-11-14T15:45:00Z"
}

Response Fields

Field	Type	Description
`id`	string (UUID)	Workspace unique identifier
`rbacStatus`	string	Updated RBAC status
`updatedAt`	string (ISO 8601)	Timestamp of the update

RBAC Status Values

ACTIVE

When RBAC is ACTIVE:

All knowledge queries are filtered by assigned roles
Users only see knowledge assigned to their roles
Taxonomy and category access is role-based
Ideal for multi-tenant or role-segmented deployments

INACTIVE

When RBAC is INACTIVE:

All users have access to all knowledge
Role filtering is disabled
Useful for single-user workspaces or development environments

Example Usage

Enable RBAC

const fetch = require('node-fetch');
 
async function enableRBAC(workspaceId, accessToken, organizationId) {
  const response = await fetch(
    `https://api.sharely.ai/v1/workspaces/${workspaceId}/rbac-status`,
    {
      method: 'PUT',
      headers: {
        'Authorization': `Bearer ${accessToken}`,
        'Content-Type': 'application/json',
        'organizationid': organizationId
      },
      body: JSON.stringify({
        rbacStatus: 'ACTIVE'
      })
    }
  );
 
  if (!response.ok) {
    throw new Error(`Failed to update RBAC status: ${response.status}`);
  }
 
  return await response.json();
}

Disable RBAC

import requests
 
def disable_rbac(workspace_id, access_token, organization_id):
    response = requests.put(
        f'https://api.sharely.ai/v1/workspaces/{workspace_id}/rbac-status',
        headers={
            'Authorization': f'Bearer {access_token}',
            'Content-Type': 'application/json',
            'organizationid': organization_id
        },
        json={'rbacStatus': 'INACTIVE'}
    )
 
    response.raise_for_status()
    return response.json()

Important Notes

Before Enabling RBAC: Ensure you have created roles and assigned knowledge to those roles
Impact: Changing RBAC status affects all users immediately
Testing: Test RBAC behavior in a development workspace before enabling in production
Role Assignment: Users without assigned roles will have no access when RBAC is active

Related Endpoints

Create Roles - Define roles for your workspace
Assign Knowledge to Roles - Control access to knowledge
Get Workspace - Check current RBAC status