Permission

List role assignments for a user

get

/tenants/{tenantUid}/users/{tenantUserUid}/roles

Retrieves a list of all roles assigned to the specific user within the tenant.

Required access: Tenant.Admin

Authorizations

AuthorizationstringRequired

Access token recevied after user login with a deviceToken

Path parameters

tenantUidstringRequired

Reference to a tenant.

Pattern: ^[A-Za-z0-9-_]+

tenantUserUidstringRequired

Reference to a TenantUser.

Pattern: ^[A-Za-z0-9-_]+

Query parameters

pageNumberintegerOptional

Reference to a specific page in a result set.

pageSizeintegerOptional

The number of items per page in a result set.

sortBystringOptional

Defines which field the resource list is sorted by.

sortDirectionstring · enumOptional

ENUM	Description
ASC	Sort in ascending order
DESC	Sort in descending order

Possible values:

Responses

200

List of tenant user role assignments

application/json

get

/tenants/{tenantUid}/users/{tenantUserUid}/roles

GET /v2/tenants/{tenantUid}/users/{tenantUserUid}/roles HTTP/1.1
Host: api.flowretail.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

200

List of tenant user role assignments

{
  "items": [
    {
      "tenantRole": {
        "name": "text",
        "tenantRoleUid": "text"
      },
      "organization": {
        "name": "text",
        "organizationUid": "text"
      },
      "store": {
        "name": "text",
        "storeUid": "text",
        "organizationUid": "text",
        "organizationName": "text"
      },
      "assignedAt": "2025-12-15T19:48:29.058Z",
      "assignedBy": "text",
      "createdAt": "2025-12-15T19:48:29.058Z",
      "lastModifiedAt": "2025-12-15T19:48:29.058Z",
      "tenantUserRoleAssignmentUid": "text",
      "isSystemRole": true
    }
  ],
  "paging": {
    "pageNumber": 1,
    "pageSize": 1,
    "totalCount": 1
  }
}

Assign a role to a user

post

/tenants/{tenantUid}/users/{tenantUserUid}/roles

Assigns a new role to the user. Can be a tenant-wide role or scoped to a specific store.

Required access: Tenant.Admin

Authorizations

AuthorizationstringRequired

Access token recevied after user login with a deviceToken

Path parameters

tenantUidstringRequired

Reference to a tenant.

Pattern: ^[A-Za-z0-9-_]+

tenantUserUidstringRequired

Reference to a TenantUser.

Pattern: ^[A-Za-z0-9-_]+

Body

A tenantRole can be assigned at three levels:

Only set a tenantRoleUid in the request: The role will be assigned at tenant level
Set organizationUid and tenantRoleUid: The role will be assigned at organization level
Set storeUid and tenantRoleUid: The role will be assigned at store level

An error occurs if both storeUid and organizationUid is set in the request.

The levels are ranked this way, from top to bottom: tenant, organization, store

A permission set at higher level overrides lower level assignments.

tenantRoleUidstringRequiredPattern: ^[A-Za-z0-9-_]+

storeUidstringOptionalPattern: ^[A-Za-z0-9-_]+

organizationUidstringOptionalPattern: ^[A-Za-z0-9-_]+

Responses

201

Tenant user role assignment response

application/json

post

/tenants/{tenantUid}/users/{tenantUserUid}/roles

POST /v2/tenants/{tenantUid}/users/{tenantUserUid}/roles HTTP/1.1
Host: api.flowretail.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 67

{
  "tenantRoleUid": "text",
  "storeUid": "text",
  "organizationUid": "text"
}

201

Tenant user role assignment response

{
  "tenantRole": {
    "name": "text",
    "tenantRoleUid": "text"
  },
  "organization": {
    "name": "text",
    "organizationUid": "text"
  },
  "store": {
    "name": "text",
    "storeUid": "text",
    "organizationUid": "text",
    "organizationName": "text"
  },
  "assignedAt": "2025-12-15T19:48:29.058Z",
  "assignedBy": "text",
  "createdAt": "2025-12-15T19:48:29.058Z",
  "lastModifiedAt": "2025-12-15T19:48:29.058Z",
  "tenantUserRoleAssignmentUid": "text",
  "isSystemRole": true
}

Get a role assignment

get

/tenants/{tenantUid}/users/{tenantUserUid}/roles/{tenantUserRoleAssignmentUid}

Retrieves details of a specific role assignment.

Required access: Tenant.Admin

Authorizations

AuthorizationstringRequired

Access token recevied after user login with a deviceToken

Path parameters

tenantUidstringRequired

Reference to a tenant.

Pattern: ^[A-Za-z0-9-_]+

tenantUserUidstringRequired

Reference to a TenantUser.

Pattern: ^[A-Za-z0-9-_]+

tenantUserRoleAssignmentUidstringRequired

Reference to a TenantUserRoleAssignment.

Pattern: ^[A-Za-z0-9-_]+

Responses

200

Tenant user role assignment response

application/json

get

/tenants/{tenantUid}/users/{tenantUserUid}/roles/{tenantUserRoleAssignmentUid}

GET /v2/tenants/{tenantUid}/users/{tenantUserUid}/roles/{tenantUserRoleAssignmentUid} HTTP/1.1
Host: api.flowretail.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

200

Tenant user role assignment response

{
  "tenantRole": {
    "name": "text",
    "tenantRoleUid": "text"
  },
  "organization": {
    "name": "text",
    "organizationUid": "text"
  },
  "store": {
    "name": "text",
    "storeUid": "text",
    "organizationUid": "text",
    "organizationName": "text"
  },
  "assignedAt": "2025-12-15T19:48:29.058Z",
  "assignedBy": "text",
  "createdAt": "2025-12-15T19:48:29.058Z",
  "lastModifiedAt": "2025-12-15T19:48:29.058Z",
  "tenantUserRoleAssignmentUid": "text",
  "isSystemRole": true
}

Remove a role assignment

delete

/tenants/{tenantUid}/users/{tenantUserUid}/roles/{tenantUserRoleAssignmentUid}

Removes a specific role assignment from the user.

Required access: Tenant.Admin

Authorizations

AuthorizationstringRequired

Access token recevied after user login with a deviceToken

Path parameters

tenantUidstringRequired

Reference to a tenant.

Pattern: ^[A-Za-z0-9-_]+

tenantUserUidstringRequired

Reference to a TenantUser.

Pattern: ^[A-Za-z0-9-_]+

tenantUserRoleAssignmentUidstringRequired

Reference to a TenantUserRoleAssignment.

Pattern: ^[A-Za-z0-9-_]+

Responses

204

Role assignment removed

delete

/tenants/{tenantUid}/users/{tenantUserUid}/roles/{tenantUserRoleAssignmentUid}

DELETE /v2/tenants/{tenantUid}/users/{tenantUserUid}/roles/{tenantUserRoleAssignmentUid} HTTP/1.1
Host: api.flowretail.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

204

Role assignment removed

No content

List available permissions

get

/metadata/permissions

List available permissions

Authorizations

AuthorizationstringRequired

Access token recevied after user login with a deviceToken

Responses

200

Example response

application/json

get

/metadata/permissions

GET /v2/metadata/permissions HTTP/1.1
Host: api.flowretail.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

200

Example response

{
  "items": [
    {
      "permission": "text",
      "description": "text",
      "roleTypes": [
        "TENANT"
      ]
    }
  ]
}

List tenant roles

get

/tenants/{tenantUid}/tenant-roles

List tenant roles

Authorizations

AuthorizationstringRequired

Access token recevied after user login with a deviceToken

Path parameters

tenantUidstringRequired

Reference to a tenant.

Pattern: ^[A-Za-z0-9-_]+

Query parameters

pageNumberintegerOptional

Reference to a specific page in a result set.

pageSizeintegerOptional

The number of items per page in a result set.

sortBystringOptional

Defines which field the resource list is sorted by.

sortDirectionstring · enumOptional

ENUM	Description
ASC	Sort in ascending order
DESC	Sort in descending order

Possible values:

Responses

200

Example response

application/json

get

/tenants/{tenantUid}/tenant-roles

GET /v2/tenants/{tenantUid}/tenant-roles HTTP/1.1
Host: api.flowretail.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

200

Example response

{
  "items": [
    {
      "name": "text",
      "description": "text",
      "externalId": "text",
      "permissions": [
        "text"
      ],
      "tenantRoleUid": "text"
    }
  ],
  "paging": {
    "pageNumber": 1,
    "pageSize": 1,
    "totalCount": 1
  }
}

Add new tenant role

post

/tenants/{tenantUid}/tenant-roles

Add new tenant role.

Authorizations

AuthorizationstringRequired

Access token recevied after user login with a deviceToken

Path parameters

tenantUidstringRequired

Reference to a tenant.

Pattern: ^[A-Za-z0-9-_]+

Body

namestringRequired

descriptionstringRequired

externalIdstringOptional

permissionsstring[]Required

tenantRoleUidstringOptionalPattern: ^[A-Za-z0-9-_]+

Responses

201

Example response

application/json

post

/tenants/{tenantUid}/tenant-roles

POST /v2/tenants/{tenantUid}/tenant-roles HTTP/1.1
Host: api.flowretail.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 102

{
  "name": "text",
  "description": "text",
  "externalId": "text",
  "permissions": [
    "text"
  ],
  "tenantRoleUid": "text"
}

201

Example response

{
  "name": "text",
  "description": "text",
  "externalId": "text",
  "permissions": [
    "text"
  ],
  "tenantRoleUid": "text"
}

Get Tenant Role

get

/tenants/{tenantUid}/tenant-roles/{tenantRoleUid}

Get Tenant Role

Authorizations

AuthorizationstringRequired

Access token recevied after user login with a deviceToken

Path parameters

tenantUidstringRequired

Reference to a tenant.

Pattern: ^[A-Za-z0-9-_]+

tenantRoleUidstringRequired

Reference to a tenantRole.

Pattern: ^[A-Za-z0-9-_]+

Responses

200

Example response

application/json

get

/tenants/{tenantUid}/tenant-roles/{tenantRoleUid}

GET /v2/tenants/{tenantUid}/tenant-roles/{tenantRoleUid} HTTP/1.1
Host: api.flowretail.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

200

Example response

{
  "name": "text",
  "description": "text",
  "externalId": "text",
  "permissions": [
    "text"
  ],
  "tenantRoleUid": "text"
}

Update Tenant Role

put

/tenants/{tenantUid}/tenant-roles/{tenantRoleUid}

Update Tenant Role

Authorizations

AuthorizationstringRequired

Access token recevied after user login with a deviceToken

Path parameters

tenantUidstringRequired

Reference to a tenant.

Pattern: ^[A-Za-z0-9-_]+

tenantRoleUidstringRequired

Reference to a tenantRole.

Pattern: ^[A-Za-z0-9-_]+

Body

namestringOptional

descriptionstringOptional

externalIdstringOptional

permissionsstring[]Optional

Responses

200

Example response

application/json

put

/tenants/{tenantUid}/tenant-roles/{tenantRoleUid}

PUT /v2/tenants/{tenantUid}/tenant-roles/{tenantRoleUid} HTTP/1.1
Host: api.flowretail.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 79

{
  "name": "text",
  "description": "text",
  "externalId": "text",
  "permissions": [
    "text"
  ]
}

200

Example response

{
  "name": "text",
  "description": "text",
  "externalId": "text",
  "permissions": [
    "text"
  ],
  "tenantRoleUid": "text"
}

Delete Tenant Role

delete

/tenants/{tenantUid}/tenant-roles/{tenantRoleUid}

Delete Tenant Role

Authorizations

AuthorizationstringRequired

Access token recevied after user login with a deviceToken

Path parameters

tenantUidstringRequired

Reference to a tenant.

Pattern: ^[A-Za-z0-9-_]+

tenantRoleUidstringRequired

Reference to a tenantRole.

Pattern: ^[A-Za-z0-9-_]+

Responses

204

No Content

delete

/tenants/{tenantUid}/tenant-roles/{tenantRoleUid}

DELETE /v2/tenants/{tenantUid}/tenant-roles/{tenantRoleUid} HTTP/1.1
Host: api.flowretail.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

204

No Content

No content

PreviousPaymentMethodParameters NextPrePayment

Last updated 1 hour ago