Roles

Roles grant permissions to Users. The help docs have more information on the default Roles.

List Roles

Find Roles matching the provided filters.

🔒 Requires Roles: List Roles permission.

Securitybearer

Request

query Parameters

cursor	string This parameter is used to paginate through results. No value is needed for the first request. If there are additional results, the response will contain a `pagination.cursor` value that can be used in the subsequent request to retrieve the next page of results
size	number [ 1 .. 50 ] Default: 20 Number of results to return
sort	string (SortTypeLimitedEnum) Which field to sort by Enum: "createdAt" "updatedAt"
sortDir	string (SortDirectionEnum) The direction to sort the data Enum: "ASC" "DESC"
expand[]	Array of strings (RoleExpandEnum) List of subcollections and sub-objects to expand Items Value: "permissions"

Responses

200

Successful

400

Malformed data and/or validation errors

401

Invalid Authorization

402

You must upgrade your plan to use this feature

403

You are not allowed to perform this action

412

You must accept the Drata terms and conditions to use the API

500

Internal server error

get/roles

Request samples

Response samples

application/json

{"data": [{"id": 1,
"role": "ADMIN",
"createdAt": "2025-07-01T16:45:55.246Z",
"updatedAt": "2025-07-01T16:45:55.246Z",
"permissions": [{"id": 1,
"action": "READ",
"subject": "Asset",
"createdAt": "2019-08-24T14:15:22Z"
}
]
}
],
"pagination": {"cursor": "string"
}
}

Get Role

Get the full detail of a Role record.

🔒 Requires Roles: Get Role permission.

Securitybearer

Request

path Parameters

required

number or string

An integer Role ID or name prefixed with role:

query Parameters

expand[]

Array of strings (RoleExpandEnum)

List of subcollections and sub-objects to expand

Items Value: "permissions"

Responses

200

Successful

400

Malformed data and/or validation errors

401

Invalid Authorization

402

You must upgrade your plan to use this feature

403

You are not allowed to perform this action

404

Not Found

412

You must accept the Drata terms and conditions to use the API

500

Internal server error

get/roles/{roleId}

Request samples

Response samples

application/json

{"id": 1,
"role": "ADMIN",
"createdAt": "2025-07-01T16:45:55.246Z",
"updatedAt": "2025-07-01T16:45:55.246Z",
"permissions": [{"id": 1,
"action": "READ",
"subject": "Asset",
"createdAt": "2019-08-24T14:15:22Z"
}
]
}

List Users with Role

List all Users that have a specific Role assigned.

🔒 Requires Users: List Users permission.

Securitybearer

Request

path Parameters

required

number or string

An integer Role ID or name prefixed with role:

query Parameters

cursor	string This parameter is used to paginate through results. No value is needed for the first request. If there are additional results, the response will contain a `pagination.cursor` value that can be used in the subsequent request to retrieve the next page of results
size	number [ 1 .. 50 ] Default: 20 Number of results to return
sort	string (SortTypeLimitedEnum) Which field to sort by Enum: "createdAt" "updatedAt"
sortDir	string (SortDirectionEnum) The direction to sort the data Enum: "ASC" "DESC"
expand[]	Array of strings (UserExpandEnum) List of subcollections and sub-objects to expand Items Enum: "backgroundChecks" "documents" "personnel" "identities" "roles"
firstName	string User first name Example: firstName=John
lastName	string User last name Example: lastName=Doe

Responses

200

400

Malformed data and/or validation errors

401

Invalid Authorization

402

You must upgrade your plan to use this feature

403

You are not allowed to perform this action

404

Not Found

412

You must accept the Drata terms and conditions to use the API

500

Internal server error

get/roles/{roleId}/users

Request samples

Response samples

application/json

{"data": [{"id": 1,
"email": "[email protected]",
"firstName": "Sally",
"lastName": "Smith",
"createdAt": "2025-07-01T16:45:55.246Z",
"updatedAt": "2025-07-01T16:45:55.246Z",
"jobTitle": "CEO",
"avatarUrl": "https://cdn-prod.imgpilot.com/avatar.png",
"drataTermsAgreedAt": "2025-07-01T16:45:55.246Z",
"roles": ["ROLE",
"ANOTHER_ROLE"
],
"backgroundChecks": [{"id": 0,
"userId": 0,
"status": "OK",
"caseId": "abc123",
"caseInvitationId": "abc123",
"url": "https://app-stage.karmacheck.com/background_check/aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
"manualCheckDate": "2020-07-06",
"manuallyCheckUrl": "url.com",
"type": "CERTN",
"source": "DRATA",
"reportData": "string",
"outOfScopeReason": "abc123",
"outOfScopeAt": "2025-07-01T16:45:55.246Z",
"invitationEmail": "[email protected]",
"linkedAt": "2025-07-01T16:45:55.246Z",
"createdAt": "2025-07-01T16:45:55.246Z",
"updatedAt": "2025-07-01T16:45:55.246Z"
}
],
"documents": [{"id": 1,
"userId": 0,
"downloadUrl": {"signedUrl": "https://somedomain.com/filename.pdf?Signature=ABC123",
"fileBuffer": {"buffer": "RXhhbXBsZSB0ZXh0IGNvbnRlbnQ="
}
},
"name": "Security Training",
"type": "SEC_TRAINING",
"fileUrl": "http://localhost:5000/download/documents/1",
"renewalDate": "2026-10-27",
"createdAt": "2020-07-06",
"updatedAt": "2020-07-06"
}
],
"identities": [{"id": 1,
"identityId": "1a2b3c",
"username": "johndoe",
"connectedAt": "2025-07-01T16:45:55.246Z",
"disconnectedAt": "2025-07-01T16:45:55.246Z",
"hasMfa": true,
"userId": 1,
"connectionId": 1,
"connection": {"id": "1",
"clientType": "GOOGLE",
"clientId": "drata.com",
"clientAlias": "My-connection-alias-1",
"state": "ACTIVE",
"createdAt": "2025-07-01T16:45:55.246Z",
"updatedAt": "2025-07-01T16:45:55.246Z",
"connectedAt": "2025-07-01T16:45:55.246Z",
"failedAt": "2025-07-01T16:45:55.246Z",
"deletedAt": "2025-07-01T16:45:55.246Z"
},
"email": "[email protected]",
"secondaryEmail": "[email protected]",
"firstName": "John",
"lastName": "Doe",
"startedAt": "Thu Aug 14 2025",
"separatedAt": "Thu Aug 14 2025",
"isContractor": true,
"jobTitle": "Engineer",
"managerId": "x00jk12-2312",
"managerName": "Jose Díaz",
"createdAt": "2025-07-01T16:45:55.246Z",
"updatedAt": "2025-07-01T16:45:55.246Z"
}
]
}
],
"pagination": {"cursor": "string"
}
}