Update content access for members

post

https://api.seismic.com/cm/v1/teamSites/{teamSiteId}/items/{itemId}/contentAccessPermissions

Create or update explicit content access entries for one or more users or groups on a specific TeamSite item. The item can be TeamSite home (itemId: root), a folder, or a file.

Content Access Permissions

Content Access Permissions are enforced at the TeamSite root, folder, and file level and support these permission ids:
403 (CanView): View, comment, and approve content.
404 (CanEdit): Edit and add folders, and edit, add, publish, or move files.
405 (CanManage): Edit, add, publish, move, delete, and manage content access.

Domain Terms

addContentAccessPermissions: Members and permission ids to add who do not already have an explicit access entry on the target item.
modifyContentAccessPermissions: Existing explicit access entries whose permission level should be changed.
contentAccessNotify: Optional notification configuration applied after the access update succeeds; subscribers receive a message only when needNotify is true.
Full-control members: Members whose access entry cannot be added, modified, or removed by this API.

Validation Rules

The caller must have CanManage on the target item.
Updating member access at TeamSite root additionally requires CanManage on root.
Full-control members cannot be added or modified.
When the library-content-access-updates feature toggle is enabled, TeamSite owner access cannot be modified.
Each member entry must specify exactly one permission id from 403, 404, or 405.

Recent Requests

Time	Status	User Agent
Retrieving recent requests…

Loading…

Path Params

teamSiteId

string

required

TeamSite identifier for the access update context. Accepts a GUID value or the special value 1 for the default TeamSite.

itemId

string

required

Content item identifier to update. Accepts a GUID value or the special value root for TeamSite home.

Body Params

Members to add or modify, and optional notification preferences for this update.

Request payload for adding or modifying explicit content access entries.

addContentAccessPermissions

array of objects

Members and permissions to add on the target content.

addContentAccessPermissions

modifyContentAccessPermissions

array of objects

Existing members whose permissions should be updated.

modifyContentAccessPermissions

contentAccessNotify

object

Notification settings for content access changes.

Responses

`403` in legacy environments.

`403`; clients should handle both `401` and `403` for auth-related failures.

201Content access permissions were saved successfully.

400Bad Request. The permission update request is invalid or violates business rules.

401Unauthorized. The request is missing a valid authentication token or the token has expired. For backward compatibility, clients should also handle equivalent auth failures returned as 403 in legacy environments.

403Forbidden. Caller does not have required permission to manage content access. In some legacy environments, expired or missing authentication may also surface as 403; clients should handle both 401 and 403 for auth-related failures.

404Not Found. The target TeamSite or content item does not exist.

500Internal Server Error. The service failed while saving content access permissions for the requested item.

`403` in legacy environments.

`403`; clients should handle both `401` and `403` for auth-related failures.