Every authenticated user has a role that determines which API operations they can perform. The role is included in the login response and enforced on every API request.User Roles#
| Role | Description |
|---|
| Admin | Full access — manage users, groups, webhooks, and all platform resources |
| Standard | Write access to operational resources (campaigns, calls, phone numbers, etc.) but cannot manage platform configuration |
| ReadOnly | View-only access — can retrieve data but cannot create, update, or delete anything |
Identifying Your Role#
Your role is returned in the login response under the user object:{
"code": 200,
"message": "Login successful",
"data": {
"access_token": "...",
"user": {
"user_id": 4453,
"email": "user@example.com",
"role_id": 1,
"org_unit_id": 70035
}
}
}
role_id | Role |
|---|
1 | Admin |
2 | Standard |
3 | ReadOnly |
API Access Matrix#
Authentication#
No role restriction — all authenticated users can call these endpoints.
| Endpoint | Method | Admin | Standard | ReadOnly |
|---|
/oauth/token | POST | ✓ | ✓ | ✓ |
/oauth/refresh-token | POST | ✓ | ✓ | ✓ |
/oauth/revoke-token | POST | ✓ | ✓ | ✓ |
Groups#
Admin only — organization hierarchy is a platform configuration resource.
| Operation | Method | Admin | Standard | ReadOnly |
|---|
| List org units | GET | ✓ | — | — |
| Get group tree | GET | ✓ | — | — |
| List groups by parent | GET | ✓ | — | — |
| Get group details | GET | ✓ | — | — |
| Create group | POST | ✓ | — | — |
| Update group | PUT | ✓ | — | — |
| Partial update group | PATCH | ✓ | — | — |
| Delete group | DELETE | ✓ | — | — |
Users#
Admin only — user management is a platform configuration resource.
| Operation | Method | Admin | Standard | ReadOnly |
|---|
| List users | GET | ✓ | — | — |
| Get user details | GET | ✓ | — | — |
| Create user | POST | ✓ | — | — |
| Update user | PUT | ✓ | — | — |
| Partial update user | PATCH | ✓ | — | — |
| Delete user | DELETE | ✓ | — | — |
Webhooks#
Admin only — webhook subscriptions are a platform configuration resource.
| Operation | Method | Admin | Standard | ReadOnly |
|---|
| List webhooks | GET | ✓ | — | — |
| Get webhook details | GET | ✓ | — | — |
| Create webhook | POST | ✓ | — | — |
| Update webhook | PUT | ✓ | — | — |
| Partial update webhook | PATCH | ✓ | — | — |
| Delete webhook | DELETE | ✓ | — | — |
AI Voice Agents#
| Operation | Method | Admin | Standard | ReadOnly |
|---|
| List AI agents | GET | ✓ | ✓ | ✓ |
| Get AI agent details | GET | ✓ | ✓ | ✓ |
| Create AI agent | POST | ✓ | ✓ | — |
| Update AI agent | PUT | ✓ | ✓ | — |
| Partial update AI agent | PATCH | ✓ | ✓ | — |
| Delete AI agent | DELETE | ✓ | ✓ | — |
SMS Broadcasts#
| Operation | Method | Admin | Standard | ReadOnly |
|---|
| List broadcasts | GET | ✓ | ✓ | ✓ |
| Get broadcast details | GET | ✓ | ✓ | ✓ |
| Create broadcast | POST | ✓ | ✓ | — |
| Update broadcast | PUT | ✓ | ✓ | — |
| Partial update broadcast | PATCH | ✓ | ✓ | — |
| Delete broadcast | DELETE | ✓ | ✓ | — |
Phone Numbers#
| Operation | Method | Admin | Standard | ReadOnly |
|---|
| Search available numbers | GET | ✓ | ✓ | ✓ |
| List assigned numbers | GET | ✓ | ✓ | ✓ |
| List provisioned numbers | GET | ✓ | ✓ | ✓ |
| Order a number | POST | ✓ | ✓ | — |
| Release a number | DELETE | ✓ | ✓ | — |
Provisioned Routes#
| Operation | Method | Admin | Standard | ReadOnly |
|---|
| List provisioned routes | GET | ✓ | ✓ | ✓ |
| Get route details | GET | ✓ | ✓ | ✓ |
| Create route | POST | ✓ | ✓ | — |
| Update route | PUT | ✓ | ✓ | — |
| Partial update route | PATCH | ✓ | ✓ | — |
| Delete route | DELETE | ✓ | ✓ | — |
Call Flow Recording#
| Operation | Method | Admin | Standard | ReadOnly |
|---|
| List call flow recordings | GET | ✓ | ✓ | ✓ |
| Get recording details | GET | ✓ | ✓ | ✓ |
| Upload recording | POST | ✓ | ✓ | — |
| Update recording | PUT | ✓ | ✓ | — |
| Delete recording | DELETE | ✓ | ✓ | — |
Conversations (Calls & SMS)#
No role restriction beyond authentication — all authenticated users can view conversation data.
| Operation | Method | Admin | Standard | ReadOnly |
|---|
| List calls | GET | ✓ | ✓ | ✓ |
| Get call details | GET | ✓ | ✓ | ✓ |
| List SMS conversations | GET | ✓ | ✓ | ✓ |
Miscellaneous#
| Operation | Method | Admin | Standard | ReadOnly |
|---|
| List industries | GET | ✓ | ✓ | ✓ |
| List ad sources | GET | ✓ | ✓ | ✓ |
| List tags | GET | ✓ | ✓ | ✓ |
| Create tag | POST | ✓ | ✓ | — |
| Delete tag | DELETE | ✓ | ✓ | — |
Access Denied Response#
When a request is made with insufficient role permissions, the API returns:{
"statusCode": 403,
"message": "Access denied. Required roles: Admin. Your role: Standard",
"error": "Forbidden"
}
Summary#
| Role | Platform Config (Groups, Users, Webhooks) | Operational Resources (Agents, SMS, Routes, etc.) | Read-Only Resources (Calls, Miscellaneous) |
|---|
| Admin | ✓ Full access | ✓ Full access | ✓ Full access |
| Standard | — No access | ✓ Full access | ✓ Full access |
| ReadOnly | — No access | Read only (GET) | ✓ Full access |
Modified at 2026-04-06 07:23:41
