Skip to main content

Assign Roles to User

PUT 
/api/users/:user/roles

Syncs the Spatie roles assigned to a user (sanctum guard). Replaces the user's current roles with the provided list.

Body fields:

  • roles (array of role names; each must exist in roles)

Returns the updated user (including roles and flattened permissions).

Authentication: Requires Bearer token AND the users.update permission (403 Forbidden otherwise).

Errors:

  • 403 Forbidden — authenticated user lacks the users.update permission
  • 404 Not Found — the target user does not belong to the current tenant (cross-tenant access is rejected)
  • 422 Unprocessable Entity — a provided role name does not exist

Requires permission: users.update

Request

Responses

OK

Response Headers
    Content-Type