Skip to content
Primary navigation

Suggested
API Dashboard
API Reference
Admin
Organization
Users
Roles

Assign organization role to user

client.admin.organization.users.roles.create(stringuserID, RoleCreateParams { role_id } body, RequestOptionsoptions?): RoleCreateResponse { object, role, user }
POST/organization/users/{user_id}/roles

Assigns an organization role to a user within the organization.

ParametersExpand Collapse
userID: string
body: RoleCreateParams { role_id }
role_id: string

Identifier of the role to assign.

ReturnsExpand Collapse
RoleCreateResponse { object, role, user }

Role assignment linking a user to a role.

object: "user.role"

Always user.role.

role: Role { id, description, name, 4 more }

Details about a role that can be assigned through the public Roles API.

id: string

Identifier for the role.

description: string | null

Optional description of the role.

name: string

Unique name for the role.

object: "role"

Always role.

permissions: Array<string>

Permissions granted by the role.

predefined_role: boolean

Whether the role is predefined and managed by OpenAI.

resource_type: string

Resource type the role is bound to (for example api.organization or api.project).

user: OrganizationUser { id, added_at, object, 13 more }

Represents an individual user within an organization.

id: string

The identifier, which can be referenced in API endpoints

added_at: number

The Unix timestamp (in seconds) of when the user was added.

formatunixtime
object: "organization.user"

The object type, which is always organization.user

api_key_last_used_at?: number | null

The Unix timestamp (in seconds) of the user’s last API key usage.

formatunixtime
created?: number

The Unix timestamp (in seconds) of when the user was created.

formatunixtime
developer_persona?: string | null

The developer persona metadata for the user.

email?: string | null

The email address of the user

is_default?: boolean

Whether this is the organization’s default user.

is_scale_tier_authorized_purchaser?: boolean | null

Whether the user is an authorized purchaser for Scale Tier.

is_scim_managed?: boolean

Whether the user is managed through SCIM.

is_service_account?: boolean

Whether the user is a service account.

name?: string | null

The name of the user

projects?: Projects | null

Projects associated with the user, if included.

data: Array<Data>
id?: string | null
name?: string | null
role?: string | null
object: "list"
role?: string | null

owner or reader

technical_level?: string | null

The technical level metadata for the user.

user?: User { id, object, banned, 5 more }

Nested user details.

id: string
object: "user"
banned?: boolean | null
banned_at?: number | null
formatunixtime
email?: string | null
enabled?: boolean | null
name?: string | null
picture?: string | null

Assign organization role to user

import OpenAI from 'openai';

const client = new OpenAI({
  adminAPIKey: process.env['OPENAI_ADMIN_KEY'], // This is the default and can be omitted
});

const role = await client.admin.organization.users.roles.create('user_id', { role_id: 'role_id' });

console.log(role.object);
{
    "object": "user.role",
    "user": {
        "object": "organization.user",
        "id": "user_abc123",
        "name": "Ada Lovelace",
        "email": "ada@example.com",
        "role": "owner",
        "added_at": 1711470000
    },
    "role": {
        "object": "role",
        "id": "role_01J1F8ROLE01",
        "name": "API Group Manager",
        "description": "Allows managing organization groups",
        "permissions": [
            "api.groups.read",
            "api.groups.write"
        ],
        "resource_type": "api.organization",
        "predefined_role": false
    }
}
Returns Examples
{
    "object": "user.role",
    "user": {
        "object": "organization.user",
        "id": "user_abc123",
        "name": "Ada Lovelace",
        "email": "ada@example.com",
        "role": "owner",
        "added_at": 1711470000
    },
    "role": {
        "object": "role",
        "id": "role_01J1F8ROLE01",
        "name": "API Group Manager",
        "description": "Allows managing organization groups",
        "permissions": [
            "api.groups.read",
            "api.groups.write"
        ],
        "resource_type": "api.organization",
        "predefined_role": false
    }
}