# Kiteworks API — permissions Operations

**1 endpoint** | [Browse interactive reference](https://developer.kiteworks.com/api-reference/permissions.html) | [Download spec slice](https://developer.kiteworks.com/assets/specs/permissions.json)

> **Authentication required.** All requests must include a Bearer access token in the
> `Authorization` header. See [Authentication](https://developer.kiteworks.com/authentication.md) for how to
> obtain a token using OAuth 2.0 Authorization Code (PKCE) or JWT Bearer flow.

---

## GET /rest/permissions/task/{task_id}

**Summary:** Return the list of permissions available on a task

Returns the list of actions the current user is allowed to perform on the specified task, such as completing or deleting it.

**Parameters:**

| Name | In | Required | Description |
|------|----|----------|-------------|
| `task_id` | path | yes | ID of the task |
| `id` | query | no | Unique action identifier |
| `id:in` | query | no | Unique action identifier. Search for results that match any of the specified values for this parameter. |
| `name` | query | no | Action name |
| `name:contains` | query | no | Action name. Search for results that contain the specified characters in this parameter. |
| `allowed` | query | no | Determines if one has permissions to perform action |
| `enabled` | query | no | Determines if the given action is available considering the current object state (locked, deleted, etc.). |
| `with` | query | no | With parameters |
| `mode` | query | no | Determines the detail level of the response body. |

**Responses:**

| Code | Description |
|------|-------------|
| 200 | Task permissions retrieved successfully. |
| 490 | Request blocked by WAF |

**Response Examples:**

**200 (TaskPermissions):**

```json
{
  "data": [
    {
      "id": "TASK_COMPLETE",
      "name": "Complete Task",
      "allowed": true
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X GET \
  "https://{instance}.kiteworks.com/rest/permissions/task/:task_id" \
  -H "Authorization: Bearer YOUR_TOKEN"
```

**Python:**

```python
import requests

task_id = "VALUE"  # ID of the task

url = f"https://{{instance}}.kiteworks.com/rest/permissions/task/{task_id}"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())
```

---
