multiRole

Simulate app-role feature permission for a path

Given role slug and either `operationId` or HTTP method + pathname, returns whether `featurePermissions` would allow gated routes. Unmapped paths or unknown operation IDs return allowed with `no_feature_gate_for_path` or `no_feature_gate_for_operation_id`.

POST/api/projects/{projectId}/multi-role/simulate-permissions

Authentication

Requires JWT

Note

Include your JWT in the Authorization: Bearer YOUR_TOKEN header (user-facing apps, RBAC). View authentication guide →

Path Parameters

Name	Type	Required	Description
`projectId`	string	Yes	Project ID used to resolve role configuration.

Request Body

Role slug plus either OpenAPI `operationId` or HTTP `method` and `pathname` to evaluate.

json

{
  "role": "pixel compress",
  "operationId": "RnaBPUmqK8rEZ3yA",
  "method": "firewall quantify",
  "pathname": "Audie Gutmann",
  "path": "feed connect"
}
{
  "role": "pixel compress",
  "operationId": "RnaBPUmqK8rEZ3yA",
  "method": "firewall quantify",
  "pathname": "Audie Gutmann",
  "path": "feed connect"
}

SDK setup

Create a client and set credentials (JWT and/or API key) before calling the API. Match the authentication type shown above.

import { MudbaseClient } from "mudbase";

const client = new MudbaseClient();
client.setJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1c3JfbW9yZ2FuX2RlIiwiZW1haWwiOiJtb3JnYW4uY2hlbkBub3J0aHdpbmQuZGV2IiwiZXhwIjoxODI1MTI5NjAwfQ.doc_preview_sig");
import { MudbaseClient } from "mudbase";

const client = new MudbaseClient();
client.setJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1c3JfbW9yZ2FuX2RlIiwiZW1haWwiOiJtb3JnYW4uY2hlbkBub3J0aHdpbmQuZGV2IiwiZXhwIjoxODI1MTI5NjAwfQ.doc_preview_sig");

Example request

Call this endpoint using the client from SDK setup. Use View HTTP for a raw cURL example.

const result = await client.multiRole.simulateAppPermissions({
  projectId: "proj_5YP8pOYfXHVQ",
  role: "system input",
  operationId: "dZuuiSV2PePARWw6",
  method: "protocol connect",
  pathname: "Makenna Von",
  path: "driver transmit"
});
const result = await client.multiRole.simulateAppPermissions({
  projectId: "proj_5YP8pOYfXHVQ",
  role: "system input",
  operationId: "dZuuiSV2PePARWw6",
  method: "protocol connect",
  pathname: "Makenna Von",
  path: "driver transmit"
});

Try It Live

Test this endpoint with your own credentials. Your requests will be sent to the live API.

JWT Bearer Token Use the auth endpoints to obtain a JWT.

Path Parameters

projectId

Request Body (JSON)

No Request Yet

Send a request to see the full inspector

Responses

200Simulation result

allowed

json

{
  "success": true,
  "allowed": true,
  "reason": "allowed",
  "evaluated": {
    "role": "customer",
    "resource": "messaging",
    "action": "send_email"
  }
}
{
  "success": true,
  "allowed": true,
  "reason": "allowed",
  "evaluated": {
    "role": "customer",
    "resource": "messaging",
    "action": "send_email"
  }
}

denied

json

{
  "success": true,
  "allowed": false,
  "reason": "feature_not_allowed",
  "evaluated": {
    "role": "viewer",
    "resource": "messaging",
    "action": "send_email"
  }
}
{
  "success": true,
  "allowed": false,
  "reason": "feature_not_allowed",
  "evaluated": {
    "role": "viewer",
    "resource": "messaging",
    "action": "send_email"
  }
}

400Missing role, invalid body, or invalid method/pathname combination.

401Authentication required or invalid token.

403Access denied or insufficient permissions to run the simulation.

Errors

Code	Meaning
`400`	Missing role, invalid body, or invalid method/pathname combination.
`401`	Authentication required or invalid token.
`403`	Access denied or insufficient permissions to run the simulation.

Run in Postman Download OpenAPI

Next steps

Edit this page on GitHub