# Project roles

Use the following endpoints to manage your project roles.

Project roles can have the following values:

Value Definition
system Default roles provided by Workato.
custom Roles created manually within a workspace.
inheritable Custom roles from an AHQ admin or Embedded partner workspace that are inheritable by child workspaces.
inherited Roles inherited by a child workspace from its AHQ or Embedded parent workspace.

# Rate limits

Project roles resource has the following rate limit:

Type Resource Limit
All All Project roles endpoints60 requests per minute

# Quick reference

Type Resource Description
GET /api/project_roles List project roles.
GET /api/project_roles/:id Get project role details.
POST /api/project_roles Create a project role.
PUT /api/project_roles/:id Update a project role.
DELETE /api/project_roles/:id Delete a project role.

# List project roles

Retrieves a list of project roles from a workspace.

GET /api/project_roles

# Query parameters

Name Type Description
name string
optional
Filter project roles by their name.
page[number] integer
optional
The page number to retrieve. The default value is 1.
page[size] integer
optional
The number of items per page to retrieve. The default and maximum value is 100.

# Sample request

curl -X GET 'https://www.workato.com/api/project_roles?name=Builder&page[number]=1&page[size]=100' \
  -H 'Authorization: Bearer <api_token>'

# Response

{
  "data": [
    {
      "id": 1,
      "name" : "Builder",
      "members_count": 1,
      "type": "custom",
      "created_at": "2024-08-02T13:35:11.691-07:00",
      "updated_at": "2024-08-02T13:35:11.691-07:00"
    }
  ],
  "total": 1,
  "page": {
    "number": 1,
    "size": 100
  }
}

# Get project role details

Retrieves a project role by its ID.

GET /api/project_roles/:id

# Path parameters

Name Type Description
id string
required
The ID of the project role to retrieve.

# Sample request

curl -X GET 'https://www.workato.com/api/project_roles/pr-APmWpgTs-dwARGH' \
  -H 'Authorization: Bearer <api_token>'

# Response

{
  "data": {
    "id": "pr-APmWpgTs-dwARGH",
    "name" : "Developer",
    "config": { "recipe": { "privileges": "all" } },
    "members_count": 1,
    "type": "custom",
    "created_at": "2024-08-02T13:35:11.691-07:00",
    "updated_at": "2024-08-02T13:35:11.691-07:00"
  }
}

# Create a project role

Creates a new project role.

POST /api/project_roles

# Request body

Name Type Description
project_role object
required
Defines the project role to create.
project_role[name] string
required
The name of the project role to create. The maximum length is 200 characters.
project_role[config] object
required
Defines the privileges assigned to the role.
project_role[inheritable] boolean
optional
Child workspaces inherit the role when set to true. The default value is false. This value can only be set to true in Admin AHQ or Embedded partner workspaces.

# Sample request

curl -X POST 'https://www.workato.com/api/project_roles' \
  -H 'Authorization: Bearer <api_token>' \
  -H 'Content-Type: application/json' \
  -d '{
        "project_role": { 
          "name": "Builder",
          "config": { "recipe": { "privileges": "all" } },
          "inheritable": false
        }
      }'

# Response

{
  "data": {
    "id": "pr-APmWpgTs-dwARGH",
    "name" : "Builder",
    "config": { "recipe": { "privileges": "all" } },
    "members_count": 0,
    "type": "custom",
    "created_at": "2024-08-02T13:35:11.691-07:00",
    "updated_at": "2024-08-02T13:35:11.691-07:00"
  }
}

# Update a project role

Updates an existing project role by its ID.

PUT /api/project_roles/:id

# Path parameters

Name Type Description
id string
required
The ID of the project role to update.

# Request body

Name Type Description
project_role object
required
Defines the updated project role.
project_role[name] string
required
The updated name of the project role. The maximum length is 200 characters.
project_role[config] object
required
Defines the privileges assigned to the role.
project_role[inheritable] boolean
optional
Child workspaces inherit the role when set to true. The default value is false. This value can only be set to true in Admin AHQ or Embedded partner workspaces.

# Sample request

curl -X PUT 'https://www.workato.com/api/project_roles/pr-APmWpgTs-dwARGH' \
  -H 'Authorization: Bearer <api_token>' \
  -H 'Content-Type: application/json' \
  -d '{
        "project_role": { 
          "name": "Builder",
          "config": { "recipe": { "privileges": "all" } },
          "inheritable": false
        }
      }'

# Response

{
  "data": {
    "id": "pr-APmWpgTs-dwARGH",
    "name" : "Builder",
    "config": { "recipe": { "privileges": "all" } },
    "members_count": 1,
    "type": "custom",
    "created_at": "2024-08-02T13:35:11.691-07:00",
    "updated_at": "2024-08-02T13:35:11.691-07:00"
  }
}

# Delete a project role

Deletes a project role by its ID.

DELETE /api/project_roles/:id

# Path parameters

Name Type Description
id string
required
The ID of the project role to delete.

# Sample request

curl -X DELETE 'https://www.workato.com/api/project_roles/pr-APmWpgTs-dwARGH' \
  -H 'Authorization: Bearer <api_token>'

# Response

A successful request returns a 204 No Content status code. The API deletes the project role and returns an empty response body.

400 BAD REQUEST

A 400 Bad Request error indicates that the server couldn't process the request due to client-side issues. Common causes include malformed requests, invalid fields, or violations of field constraints, such as unsupported data types.

In the following example, the request fails because the role is still assigned to some collaborators:

{ 
  "errors": [
    {
      "code": "bad_request",
      "title": "You can’t delete a role when collaborators are assigned to the role."
    }
  ] 
}


Last updated: 9/9/2025, 2:59:57 PM