Skip to main content
POST
/
v2
/
organizations
/
{orgId}
/
roles
Create a new organization role
curl --request POST \
  --url https://api.cal.com/v2/organizations/{orgId}/roles \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "color": "<string>",
  "description": "<string>",
  "permissions": [
    "eventType.read",
    "eventType.create",
    "booking.read"
  ]
}
'
import requests

url = "https://api.cal.com/v2/organizations/{orgId}/roles"

payload = {
"name": "<string>",
"color": "<string>",
"description": "<string>",
"permissions": ["eventType.read", "eventType.create", "booking.read"]
}
headers = {"Content-Type": "application/json"}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({
name: '<string>',
color: '<string>',
description: '<string>',
permissions: ['eventType.read', 'eventType.create', 'booking.read']
})
};

fetch('https://api.cal.com/v2/organizations/{orgId}/roles', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.cal.com/v2/organizations/{orgId}/roles",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'name' => '<string>',
'color' => '<string>',
'description' => '<string>',
'permissions' => [
'eventType.read',
'eventType.create',
'booking.read'
]
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://api.cal.com/v2/organizations/{orgId}/roles"

payload := strings.NewReader("{\n \"name\": \"<string>\",\n \"color\": \"<string>\",\n \"description\": \"<string>\",\n \"permissions\": [\n \"eventType.read\",\n \"eventType.create\",\n \"booking.read\"\n ]\n}")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://api.cal.com/v2/organizations/{orgId}/roles")
.header("Content-Type", "application/json")
.body("{\n \"name\": \"<string>\",\n \"color\": \"<string>\",\n \"description\": \"<string>\",\n \"permissions\": [\n \"eventType.read\",\n \"eventType.create\",\n \"booking.read\"\n ]\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.cal.com/v2/organizations/{orgId}/roles")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request.body = "{\n \"name\": \"<string>\",\n \"color\": \"<string>\",\n \"description\": \"<string>\",\n \"permissions\": [\n \"eventType.read\",\n \"eventType.create\",\n \"booking.read\"\n ]\n}"

response = http.request(request)
puts response.read_body
{
  "status": "success",
  "data": {
    "id": "<string>",
    "name": "<string>",
    "permissions": [
      "booking.read",
      "eventType.create"
    ],
    "createdAt": "<string>",
    "updatedAt": "<string>",
    "color": "<string>",
    "description": "<string>",
    "organizationId": 123
  }
}

Headers

Authorization
string

For non-platform customers - value must be Bearer <token> where <token> is api key prefixed with cal_

x-cal-secret-key
string

For platform customers - OAuth client secret key

x-cal-client-id
string

For platform customers - OAuth client ID

Path Parameters

orgId
number
required

Body

application/json
name
string
required

Name of the role

Minimum string length: 1
color
string

Color for the role (hex code)

description
string

Description of the role

permissions
enum<string>[]

Permissions for this role (format: resource.action). On update, this field replaces the entire permission set for the role (full replace). Use granular permission endpoints for one-by-one changes.

Available options:
*.*,
role.create,
role.read,
role.update,
role.delete,
eventType.create,
eventType.read,
eventType.update,
eventType.delete,
team.create,
team.read,
team.update,
team.delete,
team.invite,
team.remove,
team.listMembers,
team.listMembersPrivate,
team.changeMemberRole,
team.impersonate,
organization.create,
organization.read,
organization.listMembers,
organization.listMembersPrivate,
organization.invite,
organization.remove,
organization.manageBilling,
organization.changeMemberRole,
organization.impersonate,
organization.passwordReset,
organization.editUsers,
organization.update,
organization.delete,
booking.read,
booking.readOrgBookings,
booking.readRecordings,
booking.update,
booking.updateOrgBookings,
booking.readOrgAuditLogs,
insights.read,
workflow.create,
workflow.read,
workflow.update,
workflow.delete,
organization.attributes.read,
organization.attributes.update,
organization.attributes.delete,
organization.attributes.create,
organization.attributes.readSyncHistory,
organization.attributes.editUsers,
organization.attributes.readAuditLogs,
routingForm.create,
routingForm.read,
routingForm.update,
routingForm.delete,
webhook.create,
webhook.read,
webhook.update,
webhook.delete,
watchlist.create,
watchlist.read,
watchlist.update,
watchlist.delete,
featureOptIn.read,
featureOptIn.update,
organization.customDomain.create,
organization.customDomain.read,
organization.customDomain.update,
organization.customDomain.delete
Example:
[
"eventType.read",
"eventType.create",
"booking.read"
]

Response

201 - application/json
status
enum<string>
required
Available options:
success,
error
Example:

"success"

data
object
required