Skip To Content
ArcGIS Developers
Dashboard

/[roleID]/privileges: Privileges

  • URL:https://[root]/portals/[portalID]/roles/[roleID]/privileges

Example usage

Below is a sample request URL for an ArcGIS Online organization that is used to access the privileges resource:

https://org.arcgis.com/sharing/rest/portals/0123456789ABCDEF/roles/hzHOGSAky23XJu7Q/privileges?f=pjson

Below is a sample request URL for an ArcGIS Enterprise organization that is used to access the privileges resource:

https://machine.domain.com/webadaptor/sharing/rest/portals/0123456789ABCDEF/roles/hzHOGSAky23XJu7Q/privileges?f=pjson

Description

This resource lists all privileges for a custom role.

Request parameters

ParameterDetails
f

The response format. The default response format is html.

Values: html | json | pjson

Response properties

PropertyDetails
id

The ID of the role.

privileges

An array of strings with predefined permissions in each.

Example

[
  "features:user:edit",
  "features:user:fullEdit",
  "opendata:user:designateGroup",
  "portal:admin:viewUsers",
  "portal:user:createGroup"
]

Supported privileges with predefined permissions

Administrative privileges

Members

PrivilegeDescription
portal:admin:viewUsers

Grants the ability to view full member account information within organization

portal:admin:updateUsers

Grants the ability to update member account information within organization

portal:admin:deleteUsers

Grants the ability to delete member accounts within organization

portal:admin:inviteUsers

ArcGIS Online only. Grants the ability to invite members to organization.

portal:admin:disableUsers

Grants the ability to enable and disable member accounts within organization.

portal:admin:changeUserRoles

Grants the ability to change the role a member is assigned within organization; however, it does not grant the ability to promote a member to, or demote a member from, the Administrator role. That privilege is reserved for the Administrator role alone.

portal:admin:manageLicenses

Grants the ability to assign licenses to members of organization.

Groups

PrivilegeDescription
portal:admin:viewGroups

Grants the ability to view all groups within organization.

portal:admin:updateGroups

Grants the ability to update groups within organization.

portal:admin:deleteGroups

Grants the ability to delete groups within organization.

portal:admin:reassignGroups

Grants the ability to reassign groups to other members within organization.

portal:admin:assignToGroups

Grants the ability to assign members to, and remove members from, groups within organization.

portal:admin:manageEnterpriseGroups

ArcGIS Enterprise only. Grants the ability to link group membership to an enterprise group.

portal:admin:createUpdateCapableGroup

Grants the ability to create and own groups with item update capabilities.

Content

PrivilegeDescription
portal:admin:viewItems

Grants the ability to view all content within organization.

portal:admin:updateItems

Grants the ability to update and categorize content within organization.

portal:admin:deleteItems

Grants the ability to delete content within organization.

portal:admin:reassignItems

Grants the ability to reassign content to other members within organization.

portal:admin:shareToGroup

Grants the ability to share other member's content to groups the user belongs to.

portal:admin:shareToOrg

Grants the ability to share other member's content to organization.

portal:admin:shareToPublic

Grants the ability to share other member's content to all users of the portal.

portal:admin:updateItemCategorySchema

Grants the ability to configure organization content category schema.

ArcGIS Marketplace subscriptions

This privileges are specific only to ArcGIS Online.

PrivilegeDescription
marketplace:admin:purchase

Grants the ability to request purchase information about apps and data in ArcGIS Marketplace.

marketplace:admin:startTrial

Grants the ability to start trial subscriptions in ArcGIS Marketplace.

marketplace:admin:manage

Grants the ability to create listings, list items and manage subscriptions in ArcGIS Marketplace.

Publisher privileges

PrivilegeDescription
portal:publisher:publishFeatures

Grants the ability to publish hosted feature layers from shapefiles, CSVs, etc.

portal:publisher:publishTiles

Grants the ability to publish hosted tile layers from tile packages, features, etc.

portal:publisher:publishScenes

Grants the ability to publish hosted scene layers.

portal:publisher:bulkPublishFromDataStores

ArcGIS Enterprise. Grants the ability to publish web layers from a registered data store.

portal:publisher:registerDataStores

ArcGIS Enterprise. Grants the ability to register data store to the portal.

premium:publisher:createNotebooks

Grants the ability to create and edit interactive notebook documents.

premium:publisher:createAdvancedNotebooks

Grants the ability to import and use ArcPy modules in notebooks.

premium:publisher:scheduleNotebooks

Grants the ability to schedule notebooks.

User privileges

Members

PrivilegeDescription
portal:user:viewOrgUsers

Grants the ability to view members of the organization.

Groups

PrivilegeDescription
portal:user:createGroup

Grants the ability for a member to create, edit, and delete their own groups.

portal:user:joinGroup

Grants the ability to join groups within organization.

portal:user:joinNonOrgGroup

ArcGIS Online only. Grants the ability to join groups external to the organization.

portal:user:viewOrgGroups

Grants the ability to view groups shared with the organization.

portal:user:invitePartneredCollaborationMembers

Grants the ability to invite members from partnered collaboration organizations to groups.

portal:user:addExternalMembersToGroup

Grants the ability to create groups that allow members from other organizations, as well as invite external members to groups.

Content

PrivilegeDescription
portal:user:createItem

Grants the ability for a member to create, edit, and delete their own content.

portal:user:viewOrgItems

Grants the ability to view content shared with the organization.

portal:user:viewTracks

ArcGIS Enterprise only. Grants the ability to view members' location tracks via shared track views when location tracking is enabled.

Sharing

PrivilegeDescription
portal:user:shareToGroup

Grants the ability to share content to groups.

portal:user:shareToOrg

Grants the ability to share content to organization.

portal:user:shareToPublic

Grants the ability to share content to all users of portal.

portal:user:shareGroupToOrg

Grants the ability to make groups discoverable by the organization.

portal:user:shareGroupToPublic

Grants the ability to make groups discoverable by all users of portal.

Premium content

PrivilegeDescription
premium:user:geocode

Grants the ability to perform large-volume geocoding tasks with the Esri World Geocoder such as publishing a CSV of addresses as hosted feature layer.

premium:user:networkanalysis

Grants the ability to perform network analysis tasks such as routing and drive-time areas.

premium:user:geoenrichment

Grants the ability to geoenrich features.

premium:user:demographics

Grants the ability to make use of premium demographic data.

premium:user:spatialanalysis

Grants the ability to perform spatial analysis tasks.

premium:user:elevation

Grants the ability to perform analytical tasks on elevation data.

Features

PrivilegeDescription
features:user:edit

Grants the ability to edit features in editable layers, according to the edit options enabled on the layer.

features:user:fullEdit

Grants the ability to add, delete, and update features in a hosted feature layer regardless of the editing options enabled on the layer.

Version management

PrivilegeDescription
features:user:manageVersions

Grants members the ability to manage version locks as well as view, alter, delete, edit, reconcile, and post to all branch versions accessed through ArcGIS Server feature layers.

Open data

These privileges apply only to ArcGIS Online.

PrivilegeDescription
opendata:user:openDataAdmin

Grants the ability to manage Open Data Sites for the organization.

opendata:user:designateGroup

Grants the ability to designate groups within organization as being available for use in Open Data.

JSON Response syntax

{
  "id": "<role id>",
  "privileges": [
    "<privilege1>",
    "<privilege2>",
    "<privilege3>",
    "<privilege4>",
    "<privilege5>"
  ]
}

JSON Response example

{
  "id": "hzHOGSAky23XJu7Q",
  "privileges": [
    "features:user:edit",
    "features:user:fullEdit",
    "opendata:user:designateGroup",
    "portal:admin:viewUsers",
    "portal:user:createGroup"
  ]
}