API Reference
Start typing to search…

Manage Roles

patch
https://www.virustotal.com/api/v3/groups//relationships/users

Use this endpoint to manage users' group roles and feature permissions. The following operations are available in the request body:

  • roles: replaces all existing roles with the ones provided in the request.
  • add_roles: appends new roles to the user. If a role already exists, it will be updated with the new configuration.
  • remove_roles: revokes only the specific roles provided in the request.

Existing privileges are:

  • USER_ROLE_GROUP_ADMIN: for group administrators
  • USER_ROLE_PRIVATE_SCANNING: for access to Private Scanning

Examples

Clear all individual settings and grant administrative privileges within the group to both user_1 and user_2.

import requests

group_id = "my_group_id"  
user_id_1 = "user_1"  
user_id_2 = "user_2"  
roles = ["USER_ROLE_GROUP_ADMIN"]

url = f"<https://www.virustotal.com/api/v3/groups/{group_id}/relationships/users">  
payload = {  
    'data': [  
        {  
            'type': 'user',  
            "id": user_id_1,  
            'context_attributes': {  
                'roles': roles  
            }  
        },  
        {  
            'type': 'user',  
            "id": user_id_2,  
            'context_attributes': {  
                'roles': roles  
            }  
        }  
    ]  
}  
headers = {  
    "accept": "application/json","x-apikey": <api-key>,"content-type": "application/json"  
}  
res = requests.patch(url, json=payload, headers=headers)

Grant the user access to Private Scanning.

import requests

group_id = "my_group_id"  
user_id = "user_1"  
roles = ["USER_ROLE_PRIVATE_SCANNING"]

url = f"<https://www.virustotal.com/api/v3/groups/{group_id}/relationships/users">  
payload = {  
    'data': [  
        {  
            'type': 'user',  
            "id": user_id,  
            'context_attributes': {  
                'add_roles': roles  
            }  
        }  
    ]  
}  
headers = {  
    "accept": "application/json","x-apikey": <api-key>,"content-type": "application/json"  
}  
res = requests.patch(url, json=payload, headers=headers)

Revoke the user's access to Private Scanning.

import requests

group_id = "my_group_id"  
user_id = "user_1"  
roles = ["USER_ROLE_PRIVATE_SCANNING"]

url = f"<https://www.virustotal.com/api/v3/groups/{group_id}/relationships/users">  
payload = {  
    'data': [  
        {  
            'type': 'user',  
            "id": user_id,  
            'context_attributes': {  
                'remove_roles': roles  
            }  
        }  
    ]  
}  
headers = {  
    "accept": "application/json","x-apikey": <api-key>,"content-type": "application/json"  
}  
res = requests.patch(url, json=payload, headers=headers)
Language
Click Try It! to start a request and see the response here!