Permit.io · Capability
Permit.io API — Users Elements Data
Permit.io API — Users Elements Data. 8 operations. Lead operation: Set Config Active. Self-contained Naftiko capability covering one Permit Io business surface.
What You Can Do
POST
Setconfigactive
— Set Config Active
/v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/active
GET
Elementslistroles
— List roles
/v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/roles
GET
Listelementsuserinvites
— List all Elements User Invites
/v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/user-invites
GET
Elementslistusers
— List users
/v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/users
POST
Elementscreateuser
— Create user
/v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/users
DELETE
Elementsdeleteuser
— Delete user
/v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/users/{user-id}
POST
Elementsassignroletouser
— Assign role to user
/v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/users/{user-id}/roles
DELETE
Elementsunassignrolefromuser
— Unassign role from user
/v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/users/{user-id}/roles
MCP Tools
set-config-active
Set Config Active
list-roles
List roles
read-only
idempotent
list-all-elements-user-invites
List all Elements User Invites
read-only
idempotent
list-users
List users
read-only
idempotent
create-user
Create user
delete-user
Delete user
idempotent
assign-role-user
Assign role to user
unassign-role-user
Unassign role from user
idempotent
Capability Spec
naftiko: 1.0.0-alpha2
info:
label: Permit.io API — Users Elements Data
description: 'Permit.io API — Users Elements Data. 8 operations. Lead operation: Set Config Active. Self-contained Naftiko
capability covering one Permit Io business surface.'
tags:
- Permit Io
- Users Elements Data
created: '2026-05-19'
modified: '2026-05-19'
binds:
- namespace: env
keys:
PERMIT_IO_API_KEY: PERMIT_IO_API_KEY
capability:
consumes:
- type: http
namespace: permit-io-users-elements-data
baseUri: ''
description: Permit.io API — Users Elements Data business capability. Self-contained, no shared references.
resources:
- name: v2-elements-proj_id-env_id-config-elements_config_id-data-active
path: /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/active
operations:
- name: setconfigactive
method: POST
description: Set Config Active
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: elements_config_id
in: path
type: string
description: 'Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e:
the "slug").'
required: true
- name: proj_id
in: path
type: string
description: 'Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").'
required: true
- name: env_id
in: path
type: string
description: 'Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").'
required: true
- name: v2-elements-proj_id-env_id-config-elements_config_id-data-roles
path: /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/roles
operations:
- name: elementslistroles
method: GET
description: List roles
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: elements_config_id
in: path
type: string
description: 'Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e:
the "slug").'
required: true
- name: proj_id
in: path
type: string
description: 'Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").'
required: true
- name: env_id
in: path
type: string
description: 'Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").'
required: true
- name: search
in: query
type: string
description: Text search for the email field
- name: page
in: query
type: integer
description: Page number of the results to fetch, starting at 1.
- name: per_page
in: query
type: integer
description: The number of results per page (max 100).
- name: resource_instance_id
in: query
type: string
description: For ReBAC Elements, the resource instance ID or key to work on
- name: v2-elements-proj_id-env_id-config-elements_config_id-data-user-invites
path: /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/user-invites
operations:
- name: listelementsuserinvites
method: GET
description: List all Elements User Invites
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: elements_config_id
in: path
type: string
description: 'Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e:
the "slug").'
required: true
- name: proj_id
in: path
type: string
description: 'Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").'
required: true
- name: env_id
in: path
type: string
description: 'Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").'
required: true
- name: search
in: query
type: string
description: Text search for the email field
- name: status
in: query
type: string
description: Status of the user invite
- name: page
in: query
type: integer
description: Page number of the results to fetch, starting at 1.
- name: per_page
in: query
type: integer
description: The number of results per page (max 100).
- name: resource_instance_id
in: query
type: string
description: For ReBAC Elements, the resource instance ID or key to work on
- name: v2-elements-proj_id-env_id-config-elements_config_id-data-users
path: /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users
operations:
- name: elementslistusers
method: GET
description: List users
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: elements_config_id
in: path
type: string
description: 'Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e:
the "slug").'
required: true
- name: proj_id
in: path
type: string
description: 'Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").'
required: true
- name: env_id
in: path
type: string
description: 'Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").'
required: true
- name: search
in: query
type: string
description: Text search for the email field
- name: page
in: query
type: integer
description: Page number of the results to fetch, starting at 1.
- name: per_page
in: query
type: integer
description: The number of results per page (max 100).
- name: resource_instance_id
in: query
type: string
description: For ReBAC Elements, the resource instance ID or key to work on
- name: elementscreateuser
method: POST
description: Create user
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: elements_config_id
in: path
type: string
description: 'Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e:
the "slug").'
required: true
- name: proj_id
in: path
type: string
description: 'Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").'
required: true
- name: env_id
in: path
type: string
description: 'Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").'
required: true
- name: resource_instance_id
in: query
type: string
description: For ReBAC Elements, the resource instance ID or key to work on
- name: body
in: body
type: object
description: Request body (JSON).
required: true
- name: v2-elements-proj_id-env_id-config-elements_config_id-data-users-user_id
path: /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id}
operations:
- name: elementsdeleteuser
method: DELETE
description: Delete user
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: proj_id
in: path
type: string
description: 'Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").'
required: true
- name: env_id
in: path
type: string
description: 'Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").'
required: true
- name: elements_config_id
in: path
type: string
description: 'Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e:
the "slug").'
required: true
- name: user_id
in: path
type: string
description: 'Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug").'
required: true
- name: resource_instance_id
in: query
type: string
description: For ReBAC Elements, the resource instance ID or key to work on
- name: v2-elements-proj_id-env_id-config-elements_config_id-data-users-user_id-roles
path: /v2/elements/{proj_id}/{env_id}/config/{elements_config_id}/data/users/{user_id}/roles
operations:
- name: elementsassignroletouser
method: POST
description: Assign role to user
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: elements_config_id
in: path
type: string
description: 'Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e:
the "slug").'
required: true
- name: user_id
in: path
type: string
description: 'Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug").'
required: true
- name: proj_id
in: path
type: string
description: 'Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").'
required: true
- name: env_id
in: path
type: string
description: 'Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").'
required: true
- name: resource_instance_id
in: query
type: string
description: For ReBAC Elements, the resource instance ID or key to work on
- name: body
in: body
type: object
description: Request body (JSON).
required: true
- name: elementsunassignrolefromuser
method: DELETE
description: Unassign role from user
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: elements_config_id
in: path
type: string
description: 'Either the unique id of the elements_config, or the URL-friendly key of the elements_config (i.e:
the "slug").'
required: true
- name: user_id
in: path
type: string
description: 'Either the unique id of the user, or the URL-friendly key of the user (i.e: the "slug").'
required: true
- name: proj_id
in: path
type: string
description: 'Either the unique id of the project, or the URL-friendly key of the project (i.e: the "slug").'
required: true
- name: env_id
in: path
type: string
description: 'Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the "slug").'
required: true
- name: resource_instance_id
in: query
type: string
description: For ReBAC Elements, the resource instance ID or key to work on
- name: body
in: body
type: object
description: Request body (JSON).
required: true
authentication:
type: bearer
token: '{{env.PERMIT_IO_API_KEY}}'
exposes:
- type: rest
namespace: permit-io-users-elements-data-rest
port: 8080
description: REST adapter for Permit.io API — Users Elements Data. One Spectral-compliant resource per consumed operation,
prefixed with /v1.
resources:
- path: /v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/active
name: v2-elements-proj-id-env-id-config-elements-config-id-data-active
description: REST surface for v2-elements-proj_id-env_id-config-elements_config_id-data-active.
operations:
- method: POST
name: setconfigactive
description: Set Config Active
call: permit-io-users-elements-data.setconfigactive
with:
elements_config_id: rest.elements_config_id
proj_id: rest.proj_id
env_id: rest.env_id
outputParameters:
- type: object
mapping: $.
- path: /v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/roles
name: v2-elements-proj-id-env-id-config-elements-config-id-data-roles
description: REST surface for v2-elements-proj_id-env_id-config-elements_config_id-data-roles.
operations:
- method: GET
name: elementslistroles
description: List roles
call: permit-io-users-elements-data.elementslistroles
with:
elements_config_id: rest.elements_config_id
proj_id: rest.proj_id
env_id: rest.env_id
search: rest.search
page: rest.page
per_page: rest.per_page
resource_instance_id: rest.resource_instance_id
outputParameters:
- type: object
mapping: $.
- path: /v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/user-invites
name: v2-elements-proj-id-env-id-config-elements-config-id-data-user-invites
description: REST surface for v2-elements-proj_id-env_id-config-elements_config_id-data-user-invites.
operations:
- method: GET
name: listelementsuserinvites
description: List all Elements User Invites
call: permit-io-users-elements-data.listelementsuserinvites
with:
elements_config_id: rest.elements_config_id
proj_id: rest.proj_id
env_id: rest.env_id
search: rest.search
status: rest.status
page: rest.page
per_page: rest.per_page
resource_instance_id: rest.resource_instance_id
outputParameters:
- type: object
mapping: $.
- path: /v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/users
name: v2-elements-proj-id-env-id-config-elements-config-id-data-users
description: REST surface for v2-elements-proj_id-env_id-config-elements_config_id-data-users.
operations:
- method: GET
name: elementslistusers
description: List users
call: permit-io-users-elements-data.elementslistusers
with:
elements_config_id: rest.elements_config_id
proj_id: rest.proj_id
env_id: rest.env_id
search: rest.search
page: rest.page
per_page: rest.per_page
resource_instance_id: rest.resource_instance_id
outputParameters:
- type: object
mapping: $.
- method: POST
name: elementscreateuser
description: Create user
call: permit-io-users-elements-data.elementscreateuser
with:
elements_config_id: rest.elements_config_id
proj_id: rest.proj_id
env_id: rest.env_id
resource_instance_id: rest.resource_instance_id
body: rest.body
outputParameters:
- type: object
mapping: $.
- path: /v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/users/{user-id}
name: v2-elements-proj-id-env-id-config-elements-config-id-data-users-user-id
description: REST surface for v2-elements-proj_id-env_id-config-elements_config_id-data-users-user_id.
operations:
- method: DELETE
name: elementsdeleteuser
description: Delete user
call: permit-io-users-elements-data.elementsdeleteuser
with:
proj_id: rest.proj_id
env_id: rest.env_id
elements_config_id: rest.elements_config_id
user_id: rest.user_id
resource_instance_id: rest.resource_instance_id
outputParameters:
- type: object
mapping: $.
- path: /v1/v2/elements/{proj-id}/{env-id}/config/{elements-config-id}/data/users/{user-id}/roles
name: v2-elements-proj-id-env-id-config-elements-config-id-data-users-user-id-roles
description: REST surface for v2-elements-proj_id-env_id-config-elements_config_id-data-users-user_id-roles.
operations:
- method: POST
name: elementsassignroletouser
description: Assign role to user
call: permit-io-users-elements-data.elementsassignroletouser
with:
elements_config_id: rest.elements_config_id
user_id: rest.user_id
proj_id: rest.proj_id
env_id: rest.env_id
resource_instance_id: rest.resource_instance_id
body: rest.body
outputParameters:
- type: object
mapping: $.
- method: DELETE
name: elementsunassignrolefromuser
description: Unassign role from user
call: permit-io-users-elements-data.elementsunassignrolefromuser
with:
elements_config_id: rest.elements_config_id
user_id: rest.user_id
proj_id: rest.proj_id
env_id: rest.env_id
resource_instance_id: rest.resource_instance_id
body: rest.body
outputParameters:
- type: object
mapping: $.
- type: mcp
namespace: permit-io-users-elements-data-mcp
port: 9090
transport: http
description: MCP adapter for Permit.io API — Users Elements Data. One tool per consumed operation, routed inline through
this capability's consumes block.
tools:
- name: set-config-active
description: Set Config Active
hints:
readOnly: false
destructive: false
idempotent: false
call: permit-io-users-elements-data.setconfigactive
with:
elements_config_id: tools.elements_config_id
proj_id: tools.proj_id
env_id: tools.env_id
outputParameters:
- type: object
mapping: $.
- name: list-roles
description: List roles
hints:
readOnly: true
destructive: false
idempotent: true
call: permit-io-users-elements-data.elementslistroles
with:
elements_config_id: tools.elements_config_id
proj_id: tools.proj_id
env_id: tools.env_id
search: tools.search
page: tools.page
per_page: tools.per_page
resource_instance_id: tools.resource_instance_id
outputParameters:
- type: object
mapping: $.
- name: list-all-elements-user-invites
description: List all Elements User Invites
hints:
readOnly: true
destructive: false
idempotent: true
call: permit-io-users-elements-data.listelementsuserinvites
with:
elements_config_id: tools.elements_config_id
proj_id: tools.proj_id
env_id: tools.env_id
search: tools.search
status: tools.status
page: tools.page
per_page: tools.per_page
resource_instance_id: tools.resource_instance_id
outputParameters:
- type: object
mapping: $.
- name: list-users
description: List users
hints:
readOnly: true
destructive: false
idempotent: true
call: permit-io-users-elements-data.elementslistusers
with:
elements_config_id: tools.elements_config_id
proj_id: tools.proj_id
env_id: tools.env_id
search: tools.search
page: tools.page
per_page: tools.per_page
resource_instance_id: tools.resource_instance_id
outputParameters:
- type: object
mapping: $.
- name: create-user
description: Create user
hints:
readOnly: false
destructive: false
idempotent: false
call: permit-io-users-elements-data.elementscreateuser
with:
elements_config_id: tools.elements_config_id
proj_id: tools.proj_id
env_id: tools.env_id
resource_instance_id: tools.resource_instance_id
body: tools.body
outputParameters:
- type: object
mapping: $.
- name: delete-user
description: Delete user
hints:
readOnly: false
destructive: true
idempotent: true
call: permit-io-users-elements-data.elementsdeleteuser
with:
proj_id: tools.proj_id
env_id: tools.env_id
elements_config_id: tools.elements_config_id
user_id: tools.user_id
resource_instance_id: tools.resource_instance_id
outputParameters:
- type: object
mapping: $.
- name: assign-role-user
description: Assign role to user
hints:
readOnly: false
destructive: false
idempotent: false
call: permit-io-users-elements-data.elementsassignroletouser
with:
elements_config_id: tools.elements_config_id
user_id: tools.user_id
proj_id: tools.proj_id
env_id: tools.env_id
resource_instance_id: tools.resource_instance_id
body: tools.body
outputParameters:
- type: object
mapping: $.
- name: unassign-role-user
description: Unassign role from user
hints:
readOnly: false
destructive: true
idempotent: true
call: permit-io-users-elements-data.elementsunassignrolefromuser
with:
elements_config_id: tools.elements_config_id
user_id: tools.user_id
proj_id: tools.proj_id
env_id: tools.env_id
resource_instance_id: tools.resource_instance_id
body: tools.body
outputParameters:
- type: object
mapping: $.