As an administrator, you can manage users in your Workspace programmatically using the Multi-Tenancy Management (MTM) REST API. In this guide, you will learn how to update user permissions through the API.
Permissions define the user permission status, role, and other attributes related to authorization for each Workspace.
Each user can only have a single permission for each Workspace. Each attribute on the permission can only be set once. Some attributes, such as role, only allow a single value. Other attributes, such as customerRoles, allow multiple values.
Learn more about managing users in our user documentation.
In all API requests listed on this page, replace {ACCESS_TOKEN} with your access token.
API Reference
You can view the reference documentation for the MTM API in the OpenAPI Explorer. The base URL differs for different customers, so make sure to use the right link.
To navigate to the OpenAPI Explorer from your Workspace, on the user menu, select About LeanIX, and then select Browse API. In the OpenAPI Explorer, select MTM in the upper-right corner.
Step 1. Retrieve User Permissions for a Workspace
To update a user permission, you need to get a list of permissions first.
Use the following endpoint to retrieve all user permissions for a Workspace. You can filter results for a specific user by providing their user ID or email address.
GET https://{SUBDOMAIN}.leanix.net/services/mtm/v1/workspaces/{id}/permissions
👍
How do I get my {SUBDOMAIN} value?
Copy the subdomain value from your Workspace URL. Learn more about the base URL.
Example subdomain in a Workspace URL
Parameter
Parameter Type
Data Type
Required?
Description
id
Path
String
✓
The ID of the Workspace to retrieve user permissions for. To get your Workspace ID, on the user menu, click Administration, and then go to API Tokens. Copy the WorkspaceId value.
email
Query
String
The email address of the user to search for.
q
Query
String
Query string to filter data for a specific user. You can specify a user's first name, last name, role, or other details. This parameter is not used in the example.
status
Query
String
The status of the user to search for, such as ACTIVE, INVITED, or ARCHIVED. This parameter is not used in the example.