Organization Permissions

The MANAGE Organization permission gives the access to actions and resources across the entire GoodData deployment. This permission should be reserved for administrators.

Supported Permissions

The following permissions are applicable to the Organization object type:


    User has access to any protected action or resource.

Set Permissions For an Organization

Permissions for an organization are set using the /api/v1/layout/organization declarative API endpoint.


  1. Make the following API call to fetch an up-to-date json definition of your organization layout:

    curl -H "Authorization: Bearer <your_bearer_token>" \
        -H "Content-Type: application/json" \
        -X GET \
  2. In the organization layout json file, update the permissions definition:

      "organization": {
        "permissions": [
                "assignee": {
                    "id": "<user_id_or_user_group_id>",
                    "type": "<user_or_userGroup>"
                "name": "MANAGE"
  3. Update the organization using your updated json in the following API call:

    curl -H "Authorization: Bearer <your_bearer_token>" \
      -H "Content-Type: application/json" \
      -X PUT \
      <your_hostname>/api/v1/layout/organization -d @<your_updated_organization_layout>.json