Method: organizations.roles.create

Creates a new customRole.

HTTP request

POST https://iam.googleapis.com/v1/{parent=organizations/*}/roles

The URL usesgRPC Transcoding syntax.

Path parameters

Parameters
parent

string

Theparent parameter's value depends on the target resource for the request, namelyprojects ororganizations. Each resource type'sparent value format is described below:

  • projects.roles.create:projects/{PROJECT_ID}. This method creates project-levelcustom roles. Example request URL:https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles

  • organizations.roles.create:organizations/{ORGANIZATION_ID}. This method creates organization-levelcustom roles. Example request URL:https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles

Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

Authorization requires the followingIAM permission on the specified resourceparent:

  • iam.roles.create

Request body

The request body contains data with the following structure:

JSON representation
{"roleId":string,"role":{object (Role)}}
Fields
roleId

string

The role ID to use for this role.

A role ID may contain alphanumeric characters, underscores (_), and periods (.). It must contain a minimum of 3 characters and a maximum of 64 characters.

role

object (Role)

The Role resource to create.

Response body

If successful, the response body contains a newly created instance ofRole.

Authorization scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/iam
  • https://www.googleapis.com/auth/cloud-platform

For more information, see theAuthentication Overview.

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-05-21 UTC.