The Access Control API provides endpoints to manage and query access control information for Organizations, Projects, Users, and Roles in Globant Enterprise AI, supporting integration with external systems to handle user memberships, role assignments, and access permissions across Organizations and Projects.
For generic variables needed to use the API, see the API Reference.
| Method |
Path |
Description |
| GET |
/accessControl/memberships |
Lists Organizations and Projects a user (by email) belongs to, including Roles in each. |
| GET |
/accessControl/projects/memberships |
Lists Projects and Roles for a user (by email) within a specific Organization. |
| GET |
/accessControl/projects/roles |
Lists all Roles supported by a specific Project. |
| GET |
/accessControl/projects/members |
Lists all members and their Roles for a specific Project. |
| GET |
/accessControl/organizations/members |
Lists all members and their Roles for a specific Organization. |
| GET |
/accessControl/organization/plugin-runtime-policies |
Returns the plugin runtime policies for an organization. |
All endpoints require authentication using one of the following:
- Authorization: Bearer $GEAI_APITOKEN
- Authorization: Bearer $OAuth_accesstoken
For $OAuth_accesstoken, you must also include the header: ProjectId: $GEAI_PROJECT_ID
Given an email, lists all Organizations and Projects the User belongs to, including their Roles in each.
This endpoint requires a Globant Enterprise AI API token related to Organization scope.
| Name |
Type |
Description |
| startPage |
Integer |
Page number for pagination (default: 1) |
| pageSize |
Integer |
Number of items per page (default: 20) |
| orderKey |
String |
Field for sorting (only organizationName supported) |
| orderDirection |
String |
Sort direction: asc or desc (default: desc) |
| email |
String |
Email address for search (case-insensitive) |
| roleTypes |
String |
Comma-separated list: backend, frontend (case-insensitive). |
- Method: GET
- Path: $BASE_URL/v2/accessControl/memberships
- Body: Empty
{
"count": integer, // Total number of Organizations found
"pages": integer, // Total number of pages
"organizations":
{
"isStationAvailable": true, // Indicates if the Organization has station available
"organizationId": "string", // Unique identifier for the Organization
"organizationName": "string", // Organization name
"projects": [
{
"projectDescription": "string", // Description of the Project
"projectId": "string", // Unique identifier for the Project
"projectName": "string", // Project name
"roles": [
{
"id": "string", // Unique identifier for the Role
"name": "string", // Role name
"externalId": "string", // External system identifier for the Role
"type": "string", // Role type: Backend, Frontend, Platform
"origin": "string", // Role origin: System or User defined
}
}
]
}
]
}
curl -X GET "$BASE_URL/v2/accessControl/memberships?email=string&startPage=1&pageSize=3&orderKey=organizationName" \
-H "Authorization: Bearer $GEAI_APITOKEN"
Given an email and an Organization, lists all Projects the User is involved in and their Roles in each Project.
This endpoint requires a Globant Enterprise AI API token related to Organization scope.
| Name |
Type |
Description |
| startPage |
Integer |
Page number for pagination (default: 1) |
| pageSize |
Integer |
Number of items per page (default: 20) |
| orderKey |
String |
Field for sorting (only projectName supported) |
| orderDirection |
String |
Sort direction: asc or desc (default: desc) |
| email |
String |
Email address for search (case-insensitive) |
| roleTypes |
String |
Comma-separated list: backend, frontend (case-insensitive). |
- Method: GET
- Path: $BASE_URL/v2/accessControl/projects/memberships
- Body: Empty
{
"count": integer, // Total number of Projects found
"pages": integer, // Total number of pages
"projects":
{
"organizationId": "string", // Organization unique identifier
"organizationName": "string", // Organization name
"projectDescription": "string", // Project description
"projectId": "string", // Project unique identifier
"projectName": "string", // Project name
"roles": [
{
"id": "string", // Role unique identifier
"name": "string", // Role name
"externalId": "string", // External system identifier for the Role
"type": "string", // Role type: Backend, Frontend, Platform
"origin": "string", // Role origin: System or User defined
}
}
curl -X GET "$BASE_URL/v2/accessControl/projects/memberships?email=string&startPage=1&pageSize=3&orderKey=projectName" \
-H "Authorization: Bearer $GEAI_APITOKEN" \
-H "organization-id: $GEAI_ORDANIZATIONID"
Given a Project, retrieves all Roles supported by that Project.
This endpoint requires a Globant Enterprise AI API token related to Organization scope.
| Name |
Type |
Description |
| startPage |
Integer |
Page number for pagination (default: 1) |
| pageSize |
Integer |
Number of items per page (default: 20) |
| orderKey |
String |
Field for sorting (only name supported) |
| orderDirection |
String |
Sort direction: asc or desc (default: desc) |
| roleTypes |
String |
Comma-separated list: backend, frontend (case-insensitive). |
- Method: GET
- Path: $BASE_URL/v2/accessControl/projects/roles
- Body: Empty
{
"count": integer, // Total number of Roles found
"pages": integer, // Total number of pages
"project": {
"organizationId": "string", // Organization unique identifier
"organizationName": "string", // Organization name
"projectDescription": "string", // Project description
"projectId": "string", // Project unique identifier
"projectName": "string", // Project name
"roles":
{
"id": "string", // Role unique identifier
"name": "string", // Role name
"externalId": "string", // External system identifier for the Role
"type": "string", // Role type: Backend, Frontend, Platform
"origin": "string", // Role origin: System or User defined
}
}
}
curl -X GET "$BASE_URL/accessControl/projects/roles?startPage=1&pageSize=3&orderKey=name" \
-H "Authorization: Bearer $GEAI_APITOKEN" \
-H "project-id: $GEAI_PROJECTID"
Given a Project, lists all members and their Roles.
This endpoint requires a Globant Enterprise AI API token related to Organization scope.
| Name |
Type |
Description |
| startPage |
Integer |
Page number for pagination (default: 1) |
| pageSize |
Integer |
Number of items per page (default: 20) |
| orderKey |
String |
Field for sorting (only name supported) |
| orderDirection |
String |
Sort direction: asc or desc (default: desc) |
| roleTypes |
String |
Comma-separated list: backend, frontend (case-insensitive). |
- Method: GET
- Path: $BASE_URL/v2/accessControl/projects/members
- Body: Empty
{
"count": integer, // Total number of members found
"pages": integer, // Total number of pages
"project": {
"organizationId": "string", // Organization unique identifier
"organizationName": "string", // Organization name
"projectDescription": "string", // Project description
"projectId": "string", // Project unique identifier
"projectName": "string", // Project name
"members":
{
"id": "string", // User unique identifier
"name": "string", // User name
"email": "string", // User email
"accessType": [
"string" // Access type: backend, frontend
,
"roles":
{
"id": "string", // Role unique identifier
"name": "string", // Role name
"externalId": "string", // External system identifier for the Role
"type": "string", // Role type: Backend, Frontend, Platform
"origin": "string", // Role origin: System or User defined
}
}
}
curl -X GET "$BASE_URL/v2/accessControl/projects/members?startPage=1&pageSize=3&orderKey=name" \
-H "Authorization: Bearer $GEAI_APITOKEN" \
-H "project-id: $GEAI_PROJECTID"
Given an Organization, lists all members and their Roles.
This endpoint requires a Globant Enterprise AI API token related to Organization scope.
| Name |
Type |
Description |
| startPage |
Integer |
Page number for pagination (default: 1) |
| pageSize |
Integer |
Number of items per page (default: 20) |
| orderKey |
String |
Field for sorting (only name supported) |
| orderDirection |
String |
Sort direction: asc or desc (default: desc) |
| roleTypes |
String |
Only backend is supported for Organizations (case-insensitive). |
- Method: GET
- Path: $BASE_URL/v2/accessControl/organizations/members
- Body: Empty
{
"count": integer, // Total number of members found
"pages": integer, // Total number of pages
"organization": {
"organizationId": "string", // Organization unique identifier
"organizationName": "string", // Organization name
"members":
{
"id": "string", // User unique identifier
"name": "string", // User name
"email": "string", // User email
"accessType": [
"string" // Access type: backend, frontend
,
"roles":
{
"id": "string", // Role unique identifier
"name": "string", // Role name
"externalId": "string", // External system identifier for the Role
"type": "string", // Role type: Backend
"origin": "string" // Role origin: System
}
}
]
}
}
curl -X GET "$BASE_URL/v2/accessControl/organizations/members?startPage=1&pageSize=3&orderKey=name" \
-H "Authorization: Bearer $GEAI_APITOKEN" \
-H "organization-id: $GEAI_PROJECTID"
Retrieves the plugin runtime policies defined for a given organization. If no policies are defined, a message will indicate that individual policies apply.
- Method: GET
- Path: $BASE_URL/v2/accessControl/organization/plugin-runtime-policies
- Body: Empty
1. Organizations without policies
- Status: 200 OK
- Response Body:
{
"messages":
{
"description": "string” // Message submitted: “Organization plugin runtime policies not defined. Individual policy will apply."
}
}
2. Organizations with policies
{
"policies": {
"chatSharingPermissions": "string", // Gets the maximum execution permissions for organization Agents at The Station. Values can be”none” (only available to import), “project” (all users in the project can execute it) or “organization” all users in the organization can execute it.
"externalExecutionPermissions": "string" // Allows sharing conversation by anonymous users to Workspace. Values can be: "none", "project", "organization"
}
}
curl -X GET "$BASE_URL/v2/accessControl/organization/plugin-runtime-policies" \
- H 'authorization: Bearer $GEAI_ORGANIZATION_APITOKEN' \
-H 'content-type: application/json' \
-H 'organization-id: $GEAI_ORGANIZATION_ID'