- URL:https://[root]/portals/[portalID]/roles/[roleID]/privileges
Example usage
The following is a sample request URL for an ArcGIS Online organization that is used to access the privileges resource:
https://org.arcgis.com/sharing/rest/portals/0123456789ABCDEF/roles/hzHOGSAky23XJu7Q/privileges?f=pjsonThe following is a sample request URL for an ArcGIS Enterprise organization that is used to access the privileges resource:
https://machine.domain.com/webadaptor/sharing/rest/portals/0123456789ABCDEF/roles/hzHOGSAky23XJu7Q/privileges?f=pjsonDescription
The privileges resource lists all privileges for a custom role.
Request parameters
| Parameter | Details |
|---|---|
| f | The response format. The default response format is html. Values: html | json | pjson |
Response properties
| Property | Details |
|---|---|
| id | The ID of the role. |
| privileges | An array of strings with predefined permissions in each. Example |
Supported privileges with predefined permissions
Administrative privileges
Members
| Privilege | Description |
|---|---|
| portal:admin:viewUsers | Grants the ability to view full member account information in the organization. |
| portal:admin:updateUsers | Grants the ability to update member account information and categorize members in the organization. |
| portal:admin:deleteUsers | Grants the ability to delete member accounts in the organization. |
| portal:admin:inviteUsers | ArcGIS Online only—Grants the ability to invite members to the organization. |
| portal:admin:disableUsers | Grants the ability to enable and disable member accounts in the organization. |
| portal:admin:changeUserRoles | Grants the ability to change the role a member is assigned in the organization; however, it does not grant the ability to promote a member to, or demote a member from, the Administrator role. That privilege is reserved for the Administrator role alone. |
| portal:admin:manageLicenses | Grants the ability to assign licenses to members of the organization. |
| portal:admin:updateMemberCategorySchema | Grants the ability to configure the organization member category schema. |
Groups
| Privilege | Description |
|---|---|
| portal:admin:viewGroups | Grants the ability to view all groups in the organization. |
| portal:admin:updateGroups | Grants the ability to update groups in the organization. |
| portal:admin:deleteGroups | Grants the ability to delete groups in the organization. |
| portal:admin:reassignGroups | Grants the ability to reassign groups to other members in the organization. |
| portal:admin:assignToGroups | Grants the ability to assign members to, and remove members from, groups in the organization. |
| portal:admin:manageEnterpriseGroups | ArcGIS Enterprise only—Grants the ability to link group membership to an enterprise group. |
| portal:admin:createUpdateCapableGroup | Grants the ability to create and own groups with item update capabilities. |
Content
| Privilege | Description |
|---|---|
| portal:admin:viewItems | Grants the ability to view all content in the organization. |
| portal:admin:updateItems | Grants the ability to update and categorize content in the organization. |
| portal:admin:deleteItems | Grants the ability to delete content in the organization. |
| portal:admin:reassignItems | Grants the ability to reassign content to other members in the organization. |
| portal:admin:shareToGroup | Grants the ability to share other members' content to groups the user belongs to. |
| portal:admin:shareToOrg | Grants the ability to share other members' content to the organization. |
| portal:admin:shareToPublic | Grants the ability to share other members' content to all users of the portal. |
| portal:admin:updateItemCategorySchema | Grants the ability to configure the organization content category schema. |
| portal:publisher:publishServerGPServices | Grants the ability to publish web tools created in ArcGIS Pro to a federated server or publish web tools from a notebook. |
Organization settings
| Privilege | Description |
|---|---|
| portal:admin:manageSecurity | Grants the ability to manage the organization's security and infrastructure settings. |
| portal:admin:manageWebsite | Grants the ability to manage the organization's website settings. |
| portal:admin:manageCollaborations | Grants the ability to manage the organization's collaborations. |
| portal:admin:manageCredits | Grants the ability to manage the organization's credit budgeting settings. |
| portal:admin:manageRoles | Grants the ability to manage the organization's member roles. |
| portal:admin:manageUtilityServices | Grants the ability to manage the organization's utility service settings. |
ArcGIS Marketplace subscriptions
This privileges are specific only to ArcGIS Online.
| Privilege | Description |
|---|---|
| marketplace:admin:purchase | Grants the ability to request purchase information about apps and data in ArcGIS Marketplace. |
| marketplace:admin:startTrial | Grants the ability to start trial subscriptions in ArcGIS Marketplace. |
| marketplace:admin:manage | Grants the ability to create listings and list items and manage subscriptions in ArcGIS Marketplace. |
Publisher privileges
| Privilege | Description |
|---|---|
| portal:publisher:publishFeatures | Grants the ability to publish hosted feature layers from shapefiles, CSV files, and so on. |
| portal:publisher:publishTiles | Grants the ability to publish hosted tile layers from tile packages, features, and so on. |
| portal:publisher:publishScenes | Grants the ability to publish hosted scene layers. |
| portal:publisher:bulkPublishFromDataStores | ArcGIS Enterprise—Grants the ability to publish web layers from a registered data store. |
| portal:publisher:registerDataStores | ArcGIS Enterprise—Grants the ability to register data store to the portal. |
| premium:publisher:createNotebooks | Grants the ability to create and edit interactive notebook documents. |
| premium:publisher:createAdvancedNotebooks | Grants the ability to import and use ArcPy modules in notebooks. |
| premium:publisher:scheduleNotebooks | Grants the ability to schedule notebooks. |
User privileges
Members
| Privilege | Description |
|---|---|
| portal:user:viewOrgUsers | Grants the ability to view members of the organization. |
Groups
| Privilege | Description |
|---|---|
| portal:user:createGroup | Grants the ability for a member to create, edit, and delete their own groups. |
| portal:user:joinGroup | Grants the ability to join groups in the organization. |
| portal:user:joinNonOrgGroup | ArcGIS Online only—Grants the ability to join groups external to the organization. |
| portal:user:viewOrgGroups | Grants the ability to view groups shared with the organization. |
| portal:user:invitePartneredCollaborationMembers | Grants the ability to invite members from partnered collaboration organizations to groups. |
| portal:user:addExternalMembersToGroup | Grants the ability to create groups that allow members from other organizations, as well as invite external members to groups. |
Content
| Privilege | Description |
|---|---|
| portal:user:createItem | Grants the ability for a member to create, edit, and delete their own content. |
| portal:user:viewOrgItems | Grants the ability to view content shared with the organization. |
| portal:user:viewTracks | ArcGIS Enterprise only—Grants the ability to view members' location tracks via shared track views when location tracking is enabled. |
| portal:user:reassignItems | Introduced at ArcGIS Enterprise 11.0—Grants a user the ability to reassign only their content to another member with the privilege to receive content. |
| portal:user:receiveItems | Introduced at ArcGIS Enterprise 11.0—Grants a user the ability to receive content that is reassigned to them by another member with the privilege to reassign content. |
Sharing
| Privilege | Description |
|---|---|
| portal:user:shareToGroup | Grants the ability to share content to groups. |
| portal:user:shareToOrg | Grants the ability to share content to the organization. |
| portal:user:shareToPublic | Grants the ability to share content to all users of the portal. |
| portal:user:shareGroupToOrg | Grants the ability to make groups discoverable by the organization. |
| portal:user:shareGroupToPublic | Grants the ability to make groups discoverable by all users of the portal. |
Premium content
| Privilege | Description |
|---|---|
| premium:user:geocode | Grants the ability to perform large-volume geocoding tasks with the Esri World Geocoder, such as publishing a CSV file of addresses as a hosted feature layer. |
| premium:user:networkanalysis | Grants the ability to perform network analysis tasks such as routing and drive-time areas. |
| premium:user:geoenrichment | Grants the ability to geoenrich features. |
| premium:user:demographics | Grants the ability to make use of premium demographic data. |
| premium:user:spatialanalysis | Grants the ability to perform spatial analysis tasks. |
| premium:user:elevation | Grants the ability to perform analytical tasks on elevation data. |
| premium:user:featurereport | Grants the ability to create feature reports in ArcGIS Survey123. |
Features
| Privilege | Description |
|---|---|
| features:user:edit | Grants the ability to edit features in editable layers, according to the edit options enabled on the layer. |
| features:user:fullEdit | Grants the ability to add, delete, and update features in a hosted feature layer regardless of the editing options enabled on the layer. |
Version management
| Privilege | Description |
|---|---|
| features:user:manageVersions | Grants members the ability to manage version locks as well as view, alter, delete, edit, reconcile, and post to all branch versions accessed through ArcGIS Server feature layers. |
Open data
These privileges apply only to ArcGIS Online.
| Privilege | Description |
|---|---|
| opendata:user:openDataAdmin | Grants the ability to manage Open Data Sites for the organization. |
| opendata:user:designateGroup | Grants the ability to designate groups in the organization as being available for use in Open Data. |
JSON Response syntax
{
"id": "<role id>",
"privileges": [
"<privilege1>",
"<privilege2>",
"<privilege3>",
"<privilege4>",
"<privilege5>"
]
}JSON Response example
{
"id": "hzHOGSAky23XJu7Q",
"privileges": [
"features:user:edit",
"features:user:fullEdit",
"opendata:user:designateGroup",
"portal:admin:viewUsers",
"portal:user:createGroup"
]
}