Add or Invite new iTwin user members. Users which are external (i.e. not in the same organization as the iTwin) are not automatically added to the iTwin. Instead, they're invited. Users which are not external, are immediately added as members on the iTwin.
Invited individuals will recieve an invitation via Email, where they'll be prompted to accept the invitation. Upon accepting, they'll then become a member of the iTwin.
The total number of roles assigned in this request must not exceed 50. This can be achieved with many different configurations. For example, 1 role can be assigned to 50 users, or 5 roles can be assigned to 10 users, both resulting in 50 role assignments.
Authentication
Requires Authorization header with valid Bearer token for scope itwin-platform.
For more documentation on authorization and how to get access token visit OAUTH2 Authorization page.
Authorization
User must have the administration_invite_member permission assigned at the iTwin level or be an Organization Administrator for the Organization that owns a given iTwin.
An Organization Administrator must have at least one of the following roles assigned in User Management: Account Administrator, Co-Administrator, or CONNECT Services Administrator. For more information about User Management please visit our Bentley Communities Licensing, Cloud, and Web Services wiki page.
Request parameters
Request headers
OAuth access token with itwin-platform scope
Setting to application/vnd.bentley.itwin-platform.v2+json is recommended.
Request body
User Members (add)
Example
{ "members": [{ "email": "John.Johnson@example.com", "roleIds": ["5abbfcef-0eab-472a-b5f5-5c5a43df34b1", "83ee0d80-dea3-495a-b6c0-7bb102ebbcc3"] }, { "email": "Maria.Miller@example.com", "roleIds": ["5abbfcef-0eab-472a-b5f5-5c5a43df34b1", "83ee0d80-dea3-495a-b6c0-7bb102ebbcc3"] } ] }
Response 201 Created
iTwin user member was successfully added.
{ "members": [{ "id": "99cf5e21-735c-4598-99eb-fe3940f96353", "email": "John.Johnson@example.com", "givenName": "John", "surname": "Johnson", "organization": "Organization Corp.", "roles": [{ "id": "5abbfcef-0eab-472a-b5f5-5c5a43df34b1", "displayName": "Read Access", "description": "Read Access" }] }, { "id": "25407933-cad2-41a2-acf4-5a074c83046b", "email": "Maria.Miller@example.com", "givenName": "Maria", "surname": "Miller", "organization": "Organization Corp.", "roles": [{ "id": "5abbfcef-0eab-472a-b5f5-5c5a43df34b1", "displayName": "Read Access", "description": "Read Access" }] } ], "invitations": [{ "id": "25407933-cad2-41a2-acf4-5a074c83046b", "email": "invitee.user@anotherOrg.com", "invitedByEmail": "inviter.user@org.com", "status": "Pending", "createdDate": "2023-11-10T14:22:42.231788Z", "expirationDate": "2023-11-17T14:22:42.231788Z", "roles": [{ "id": "5abbfcef-0eab-472a-b5f5-5c5a43df34b1", "displayName": "Read Access" }] }] }
Response 401 Unauthorized
This response indicates that request lacks valid authentication credentials. Access token might not been provided, issued by the wrong issuer, does not have required scopes or request headers were malformed.
{ "error": { "code": "HeaderNotFound", "message": "Header Authorization was not found in the request. Access denied." } }
Response 403 Forbidden
The user has insufficient permissions for the requested operation.
{ "error": { "code": "InsufficientPermissions", "message": "The user has insufficient permissions for the requested operation." } }
Response 404 Not Found
This response indicates that iTwin, user member, or roles with specified ID were not found.
{ "error": { "code": "ItwinNotFound", "message": "Requested iTwin is not available." } }
Response 409 Conflict
Invalid request to add new iTwin user member. User Member already exists in iTwin.
{ "error": { "code": "TeamMemberExists", "message": "Requested team member already exists in iTwin.", "target": "members[0].email" } }
Response 422 Unprocessable Entity
Invalid request to add new iTwin user member. Request payload might be missing some of the required properties.
{ "error": { "code": "InvalidiTwinsMemberRequest", "message": "Request body or query is invalid.", "details": [{ "code": "MissingRequiredProperty", "message": "Required property is missing.", "target": "members[0].email" }, { "code": "MissingRequiredProperty", "message": "Required property is missing.", "target": "members[0].roleIds" }, { "code": "InvalidProperty", "message": "Collection size exceeds maximum size.", "target": "members" }, { "code": "InvalidRequestBody", "message": "Failed to parse request body or collection is empty." } ] } }
Response 429 Too many requests
This response indicates that the client sent more requests than allowed by this API for the current tier of the client.
{ "error": { "code": "RateLimitExceeded", "message": "The client sent more requests than allowed by this API for the current tier of the client." } }
Response headers
Number of seconds to wait until client is allowed to make more requests.
iTwin User Member
The user Id in Identity Management System.
User email.
User given name.
User surname.
Organization user is member of in Identity Management System.
{ "type": "object", "title": "iTwin User Member", "properties": { "id": { "type": "string", "description": "The user Id in Identity Management System." }, "email": { "type": "string", "description": "User email." }, "givenName": { "type": "string", "description": "User given name." }, "surname": { "type": "string", "description": "User surname." }, "organization": { "type": "string", "description": "Organization user is member of in Identity Management System." }, "roles": { "type": "array", "description": "List of roles.", "items": { "$ref": "#/components/schemas/Role" } } }, "additionalProperties": false }
iTwin User Invitation status
The status of the invitation.
{ "type": "string", "enum": [ "Pending", "Accepted" ], "description": "The status of the invitation.", "title": "iTwin User Invitation status" }
iTwin User Invitation
The user Id in Identity Management System.
User that was invited.
User that sent the invitation.
Datetime when the invitation was created.
DateTime when the invitation will expire.
{ "type": "object", "nullable": true, "title": "iTwin User Invitation", "properties": { "id": { "type": "string", "description": "The user Id in Identity Management System." }, "email": { "type": "string", "description": "User that was invited." }, "invitedByEmail": { "type": "string", "description": "User that sent the invitation." }, "status": { "type": "string", "enum": [ "Pending", "Accepted" ], "description": "The status of the invitation.", "title": "iTwin User Invitation status", "$ref": "#/components/schemas/MemberInvitation-status" }, "createdDate": { "type": "string", "description": "Datetime when the invitation was created.", "format": "date-time", "example": "0000-00-00T00:00:00.000000" }, "expirationDate": { "type": "string", "description": "DateTime when the invitation will expire.", "format": "date-time", "example": "0000-00-00T00:00:00.000000" }, "roles": { "type": "array", "description": "List of roles.", "items": { "$ref": "#/components/schemas/Role" } } }, "additionalProperties": false }
Adding iTwin User Members (response)
{ "type": "object", "title": "Adding iTwin User Members (response)", "properties": { "members": { "type": "array", "description": "List of user members.", "items": { "$ref": "#/components/schemas/UserMemberRepresentation" } }, "invitations": { "type": "array", "description": "List of user invitations.", "items": { "$ref": "#/components/schemas/MemberInvitation" } } }, "additionalProperties": false }
Role
The role id.
The display name of your Role.
A description of your Role.
List of permissions assigned to the role.
{ "type": "object", "properties": { "id": { "type": "string", "description": "The role id." }, "displayName": { "type": "string", "description": "The display name of your Role." }, "description": { "type": "string", "description": "A description of your Role." }, "permissions": { "type": "array", "description": "List of permissions assigned to the role.", "items": { "type": "string" } } }, "additionalProperties": false }
User Member (add)
User email.
List of role ids.
{ "type": "object", "title": "User Member (add)", "properties": { "email": { "type": "string", "description": "User email." }, "roleIds": { "type": "array", "description": "List of role ids.", "items": { "type": "string" } } }, "additionalProperties": false }
User Members (add)
{ "type": "object", "title": "User Members (add)", "properties": { "members": { "type": "array", "description": "List of members.", "items": { "$ref": "#/components/schemas/UserMemberAdd" } } }, "additionalProperties": false }
Error
Contains error information.
One of a server-defined set of error codes.
A human-readable representation of the error.
The target of the error.
{ "type": "object", "description": "Contains error information.", "properties": { "code": { "type": "string", "description": "One of a server-defined set of error codes." }, "message": { "type": "string", "description": "A human-readable representation of the error." }, "target": { "type": "string", "description": "The target of the error.", "nullable": true } }, "required": [ "code", "message" ], "additionalProperties": true }
Error Response
Gives details for an error that occurred while handling the request. Note that clients MUST NOT assume that every failed request will produce an object of this schema, or that all of the properties in the response will be non-null, as the error may have prevented this response from being constructed.
{ "type": "object", "title": "Error Response", "description": "Gives details for an error that occurred while handling the request. Note that clients MUST NOT assume that every failed request will produce an object of this schema, or that all of the properties in the response will be non-null, as the error may have prevented this response from being constructed.", "properties": { "error": { "description": "Error information.", "$ref": "#/components/schemas/Error" } }, "required": [ "error" ], "additionalProperties": false }
Was this page helpful?