Skip to main content
DELETE
/
v2
/
organizations
/
{orgId}
/
roles
/
{roleId}
/
permissions
Remove multiple permissions from an organization role
curl --request DELETE \
  --url https://api.cal.com/v2/organizations/{orgId}/roles/{roleId}/permissions
import requests

url = "https://api.cal.com/v2/organizations/{orgId}/roles/{roleId}/permissions"

response = requests.delete(url)

print(response.text)
const options = {method: 'DELETE'};

fetch('https://api.cal.com/v2/organizations/{orgId}/roles/{roleId}/permissions', options)
  .then(res => res.json())
  .then(res => console.log(res))
  .catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://api.cal.com/v2/organizations/{orgId}/roles/{roleId}/permissions",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "DELETE",
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}
package main

import (
	"fmt"
	"net/http"
	"io"
)

func main() {

	url := "https://api.cal.com/v2/organizations/{orgId}/roles/{roleId}/permissions"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)

	fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.delete("https://api.cal.com/v2/organizations/{orgId}/roles/{roleId}/permissions")
  .asString();
require 'uri'
require 'net/http'

url = URI("https://api.cal.com/v2/organizations/{orgId}/roles/{roleId}/permissions")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Delete.new(url)

response = http.request(request)
puts response.read_body

Headers

Authorization
string

For non-platform customers - value must be Bearer <token> where <token> is api key prefixed with cal_

x-cal-secret-key
string

For platform customers - OAuth client secret key

x-cal-client-id
string

For platform customers - OAuth client ID

Path Parameters

orgId
number
required
roleId
string
required

Query Parameters

permissions
enum<string>[]

Permissions to remove (format: resource.action). Supports comma-separated values as well as repeated query params.

Available options:
*.*,
role.create,
role.read,
role.update,
role.delete,
eventType.create,
eventType.read,
eventType.update,
eventType.delete,
team.create,
team.read,
team.update,
team.delete,
team.invite,
team.remove,
team.listMembers,
team.listMembersPrivate,
team.changeMemberRole,
team.impersonate,
organization.create,
organization.read,
organization.listMembers,
organization.listMembersPrivate,
organization.invite,
organization.remove,
organization.manageBilling,
organization.changeMemberRole,
organization.impersonate,
organization.passwordReset,
organization.editUsers,
organization.update,
organization.delete,
booking.read,
booking.readOrgBookings,
booking.readRecordings,
booking.update,
booking.updateOrgBookings,
booking.readOrgAuditLogs,
insights.read,
workflow.create,
workflow.read,
workflow.update,
workflow.delete,
organization.attributes.read,
organization.attributes.update,
organization.attributes.delete,
organization.attributes.create,
organization.attributes.readSyncHistory,
organization.attributes.editUsers,
organization.attributes.readAuditLogs,
routingForm.create,
routingForm.read,
routingForm.update,
routingForm.delete,
webhook.create,
webhook.read,
webhook.update,
webhook.delete,
watchlist.create,
watchlist.read,
watchlist.update,
watchlist.delete,
featureOptIn.read,
featureOptIn.update,
organization.customDomain.create,
organization.customDomain.read,
organization.customDomain.update,
organization.customDomain.delete
Example:

"?permissions=eventType.read,booking.read"

Response

204 - undefined