Use the DevOps API to create, modify, and delete roles for your organization.
You can use the DevOps API to perform the actions your role permissions allow.
The following roles use the application token to execute DevOps API queries:
- Organization Administrator
- Database Administrator
Prerequisites
- Create an application token to authenticate your service account in the DevOps API.
- Once you have authenticated your service account, you can create, update, and delete roles in the DevOps API.
- Check existing roles within the organization to ensure you don't duplicate roles with a GET query:
- Create a new role for your organization:
- Confirm role was created with the necessary permissions:
For more, see link:_attachments/devopsv2.html#operation/addOrganizationRole[Create a role in an organization] in the DevOps API.
- If you need to make changes to the permissions for an existing role, you can change the policy :
- Confirm role was created with the necessary permissions:
For more, see link:_attachments/devopsv2.html#operation/updateRole[Update a role within an organization] in the DevOps API.
When you delete a custom role, all users and tokens assigned to that role will no longer have access.
- Delete a custom role to revoke access based on that role:
- Confirm role no longer exists:
For more, see link:_attachments/devopsv2.html#operation/deleteOrganizationRole[Delete a role by ID] in the DevOps API.
What’s next?
Learn how to manage tokens using the DevOps API.