Kaolin API — v1.0.0 Documentation

01

Introduction

Roles & Permissions APIs

The Roles and Permissions APIs allow you to manage access control across the application using Spatie Permissions. You can create roles, view available permissions, and assign permissions to specific roles.

🔐 Requires a valid Bearer token in the Authorization header.

02

List Roles

Get a list of all roles and their permissions

GET /api/roles List roles ▶

cURL

curl --request GET \
  --url 'https://yourapp.com/api/roles' \
  --header 'Authorization: Bearer YOUR_TOKEN_HERE' \
  --header 'Accept: application/json'

03

List Permissions

Get all available system permissions

GET /api/roles/permissions List permissions ▶

cURL

curl --request GET \
  --url 'https://yourapp.com/api/roles/permissions' \
  --header 'Authorization: Bearer YOUR_TOKEN_HERE' \
  --header 'Accept: application/json'

04

Create Role

Create a new role and assign permissions

POST /api/roles Create role ▶

Body Parameters (Raw JSON)

Field	Type	Status	Description
name	string	required	Name of the role (must be unique)
permissions	array	optional	Array of permission names to assign

05

Get Role

Retrieve a specific role's details

GET /api/roles/{id} Get role ▶

URL Parameters

Field	Type	Status	Description
id	integer	required	Role ID

06

Update Role

Update role name and its permissions

PUT /api/roles/{id} Update role ▶

Body Parameters (Raw JSON)

Field	Type	Status	Description
name	string	optional	Name of the role
permissions	array	optional	Array of permission names (replaces existing)

07

Delete Role

Permanently delete a role

DELETE /api/roles/{id} Delete role ▶

URL Parameters

Field	Type	Status	Description
id	integer	required	Role ID

08

Add Permissions

Assign new permissions to an existing role

POST /api/roles/{roleId}/add-permissions Add permissions ▶

URL Parameters

roleId

integer

required

Role ID

Body Parameters (Raw JSON)

permissions

array

required

Array of permission names to append

09

Remove Permissions

Revoke permissions from an existing role

POST /api/roles/{roleId}/remove-permissions Remove permissions ▶

URL Parameters

roleId

integer

required

Role ID

Body Parameters (Raw JSON)

permissions

array

required

Array of permission names to remove