Ask AI
Documentation Index
Fetch the complete documentation index at: https://cloudinary.com/documentation/llms.txt
Use this file to discover all available pages before exploring further.
Roles and Permissions via API
Last updated: Apr-20-2026
This guide describes the Roles and Permissions system. For details on all roles available in the legacy system, see Role-based permissions.
- Enterprise accounts: Broad Enterprise migration hasn't started yet. If your team hasn't already been moved with Cloudinary's help, you're still on the legacy system.
- Existing free and paid accounts: Migration starts May 12, 2026.
- New free accounts (created since February 2026): You may already have the new system.
You can confirm which permissions system you have. Open Console Settings and look for Role Management. If it's listed, your account is on Roles and Permissions. If it isn't listed, you're still on the legacy permissions model.
- For a quick comparison, see Roles and Permissions vs. legacy.
- If your account is being migrated, see Migrating to Roles and Permissions to understand what changes.
Overview
Use the Permissions API to programmatically manage access control across your Cloudinary account. The API allows you to create and assign roles and define custom permission policies.
This section covers:
Manage roles: How to manage roles via the Permissions API, including viewing, creating, updating, and assigning roles
Assign roles: How to assign roles to principals (users, groups, and API keys) via the Permissions API
-
Define custom policies: How to define and apply custom permission policies using the Cedar-based schema
NoteCustom policies give you fine-grained control, but they can behave in unexpected ways if not configured correctly. Review them carefully and test to make sure they align with your intended access rules.
Error
Rate this page:
