# Kiteworks API — sharedMailbox Operations

**9 endpoints** | [Browse interactive reference](https://developer.kiteworks.com/api-reference/sharedMailbox.html) | [Download spec slice](https://developer.kiteworks.com/assets/specs/sharedMailbox.json)

> **Authentication required.** All requests must include a Bearer access token in the
> `Authorization` header. See [Authentication](https://developer.kiteworks.com/authentication.md) for how to
> obtain a token using OAuth 2.0 Authorization Code (PKCE) or JWT Bearer flow.

---

## GET /rest/sharedMailboxes

**Summary:** Return current user's shared mailboxes

### Description:
  Returns a paginated list of shared mailboxes available to the current user.
### Precondition:
  The user must be authenticated and belong to an internal domain.
### Response:
  A list of shared mailboxes is returned.

**Parameters:**

| Name | In | Required | Description |
|------|----|----------|-------------|
| `orderBy` | query | no | Sort order for the results. Allowed values: `modified:asc`, `modified:desc`, `active:asc`, `active:desc`. |
| `limit` | query | no | Maximum number of results to return. |
| `offset` | query | no | Number of items to skip before returning results, for pagination. |
| `active` | query | no | Filter by active status. If true, returns only active shared mailboxes; if false, returns only inactive ones. |
| `id:in` | query | no | Comma-separated list of shared mailbox user IDs to filter by.  (Recommended request size <= 100) |

**Responses:**

| Code | Description |
|------|-------------|
| 200 | The shared mailboxes are returned successfully. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_NOT_INTERNAL_DOMAIN |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_NOT_INTERNAL_DOMAIN):**

```json
{
  "errors": [
    {
      "code": "ERR_NOT_INTERNAL_DOMAIN",
      "message": "The email is not internal domain"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X GET \
  "https://{instance}.kiteworks.com/rest/sharedMailboxes" \
  -H "Authorization: Bearer YOUR_TOKEN"
```

**Python:**

```python
import requests

url = "https://{instance}.kiteworks.com/rest/sharedMailboxes"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())
```

---

## PATCH /rest/sharedMailboxes

**Summary:** Update current user's shared mailbox active status

### Description:
  Updates the active status of one or more shared mailboxes for the current user.
### Precondition:
  The user must be authenticated and belong to an internal domain.
### Response:
  The updated list of shared mailboxes is returned.
**Request Body:**

| Property | Type | Required | Description |
|----------|------|----------|-------------|
| `data` | SharedMailboxMemberStatusPatchRequest[] | yes | List of shared mailbox status updates to apply. |

**Responses:**

| Code | Description |
|------|-------------|
| 200 | The shared mailbox status is updated successfully. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_USER, ERR_NOT_INTERNAL_DOMAIN |
| 422 | Unprocessable Content  <i>Possible error codes: </i>ERR_MAX_ACTIVED_SHAREDMAILBOX |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**403 (ERR_NOT_INTERNAL_DOMAIN):**

```json
{
  "errors": [
    {
      "code": "ERR_NOT_INTERNAL_DOMAIN",
      "message": "The email is not internal domain"
    }
  ]
}
```

**422 (ERR_MAX_ACTIVED_SHAREDMAILBOX):**

```json
{
  "errors": [
    {
      "code": "ERR_MAX_ACTIVED_SHAREDMAILBOX",
      "message": "Maximum activated shared mailbox reached"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X PATCH \
  "https://{instance}.kiteworks.com/rest/sharedMailboxes" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
         "data": [
         {
         "id": "string",
         "active": true
       }
       ]
       }'
```

**Python:**

```python
import requests

url = "https://{instance}.kiteworks.com/rest/sharedMailboxes"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
    "Content-Type": "application/json",
}
payload = {
  "data": [
  {
  "id": "string",
  "active": true
}
]
}
response = requests.patch(url, headers=headers, json=payload)
print(response.json())
```

---

## GET /rest/sharedMailboxes/mail/actions/counters

**Summary:** Return current user's shared mailbox counters

### Description:
  Returns unread message counters for the current user's active shared mailboxes.
### Precondition:
  The user must be authenticated.
### Response:
  A list of mail counters for each active shared mailbox is returned.

**Parameters:**

| Name | In | Required | Description |
|------|----|----------|-------------|
| `id:in` | query | no | Comma-separated list of shared mailbox user IDs to filter by.  (Recommended request size <= 100) |

**Responses:**

| Code | Description |
|------|-------------|
| 200 | The shared mailbox counters are returned successfully. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_USER |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X GET \
  "https://{instance}.kiteworks.com/rest/sharedMailboxes/mail/actions/counters" \
  -H "Authorization: Bearer YOUR_TOKEN"
```

**Python:**

```python
import requests

url = "https://{instance}.kiteworks.com/rest/sharedMailboxes/mail/actions/counters"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())
```

---

## GET /rest/sharedMailboxes/{id}/settings

**Summary:** Return shared mailbox settings

### Description:
  Returns the application settings for the specified shared mailbox.
### Precondition:
  The user must be authenticated and the specified shared mailbox must be active.
### Response:
  The shared mailbox settings are returned.

**Parameters:**

| Name | In | Required | Description |
|------|----|----------|-------------|
| `id` | path | yes | The unique identifier (UUID) of the user. |

**Responses:**

| Code | Description |
|------|-------------|
| 200 | The shared mailbox settings are returned successfully. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_USER |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X GET \
  "https://{instance}.kiteworks.com/rest/sharedMailboxes/:id/settings" \
  -H "Authorization: Bearer YOUR_TOKEN"
```

**Python:**

```python
import requests

id = "VALUE"  # The unique identifier (UUID) of the user.

url = f"https://{{instance}}.kiteworks.com/rest/sharedMailboxes/{id}/settings"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())
```

---

## GET /rest/sharedMailboxes/{id}/webForms

**Summary:** List web forms available to a shared mailbox

### Description:
  Returns a list of web forms available to the specified shared mailbox.
### Precondition:
  The user must be authenticated and the specified shared mailbox must be active.
### Response:
  A list of web forms is returned.

**Parameters:**

| Name | In | Required | Description |
|------|----|----------|-------------|
| `id` | path | yes | The unique identifier (UUID) of the user. |
| `returnEntity` | query | no | If true, includes the entity in the response body. |
| `with` | query | no | Specifies additional fields to include in the response. |
| `mode` | query | no | Determines the detail level of the response body. |

**Responses:**

| Code | Description |
|------|-------------|
| 200 | The web forms are returned successfully. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_USER |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X GET \
  "https://{instance}.kiteworks.com/rest/sharedMailboxes/:id/webForms" \
  -H "Authorization: Bearer YOUR_TOKEN"
```

**Python:**

```python
import requests

id = "VALUE"  # The unique identifier (UUID) of the user.

url = f"https://{{instance}}.kiteworks.com/rest/sharedMailboxes/{id}/webForms"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())
```

---

## GET /rest/admin/sharedMailboxes

**Summary:** Return shared mailbox list

### Description:
  Returns a paginated list of shared mailboxes, optionally filtered by user IDs.
### Precondition:
  Caller must have system, application, or helpdesk admin role.
### Response:
  A list of shared mailboxes is returned.

**Parameters:**

| Name | In | Required | Description |
|------|----|----------|-------------|
| `orderBy` | query | no | Sort order for the results. `modified:asc` – Sort by last modified date, ascending. `modified:desc` – Sort by last modified date, descending. `active:asc` – Sort by active status, ascending. `active:desc` – Sort by active status, descending. |
| `limit` | query | no | Maximum number of results to return. |
| `offset` | query | no | Number of results to skip before returning, for pagination. |
| `active` | query | no | Filter by active status. If true, returns only active shared mailboxes; if false, returns only inactive ones. |
| `id:in` | query | no | Comma-separated list of shared mailbox user UUIDs to filter by.  (Recommended request size <= 100) |

**Responses:**

| Code | Description |
|------|-------------|
| 200 | The shared mailboxes have been successfully returned. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X GET \
  "https://{instance}.kiteworks.com/rest/admin/sharedMailboxes" \
  -H "Authorization: Bearer YOUR_TOKEN"
```

**Python:**

```python
import requests

url = "https://{instance}.kiteworks.com/rest/admin/sharedMailboxes"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())
```

---

## POST /rest/admin/sharedMailboxes

**Summary:** Create a shared mailbox

### Description:
  Converts the specified user account into a shared mailbox and assigns the specified members.
### Precondition:
  Caller must have system, application, or helpdesk admin role.
### Response:
  The shared mailbox is created and its details are returned.
**Request Body:**

| Property | Type | Required | Description |
|----------|------|----------|-------------|
| `userId` | string | yes | The UUID of the user to convert into a shared mailbox. |
| `memberIds` | string[] | yes | List of member UUIDs to add to the shared mailbox.  (Recommended request size <= 100) |
| `remoteWipe` | boolean | no | If true, remotely wipes all devices associated with the user being converted. |
| `deleteUnsharedData` | boolean | no | If true, deletes any data that is not shared with other users after conversion. |
| `retainData` | boolean | no | If true, retains the user's data and transfers it to the specified `retainToUser`. |
| `retainToUser` | string | no | The UUID of the user who will receive the retained data. |
| `retainPermissionToSharedData` | boolean | no | If true, the `retainToUser` will also receive permissions to the shared data. |
| `retainToAdvancedFormUser` | string | no | The UUID of an alternate user for advanced data retention scenarios. |

**Responses:**

| Code | Description |
|------|-------------|
| 201 | The shared mailbox has been created successfully. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_ADMIN, ERR_ACCESS_USER, ERR_ADMIN_ROLE_RANK_RESTRICTED, ERR_NOT_INTERNAL_DOMAIN |
| 413 | Content Too Large  <i>Possible error codes: </i>ERR_SYSTEM_NO_STORAGE_AVAILABLE |
| 422 | Unprocessable Content  <i>Possible error codes: </i>ERR_INVALID_PARAMETER, ERR_CANNOT_RETAIN_DATA_TO_THE_SAME_USER, ERR_USER_IS_NOT_INTERNAL_DL_OR_INTERNAL_ACCOUNT, ERR_CANNOT_RETAIN_DATA_TO_UNVERIFIED_USER |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_ACCESS_ADMIN):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_ADMIN",
      "message": "Insufficient admin access permissions"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**403 (ERR_ADMIN_ROLE_RANK_RESTRICTED):**

```json
{
  "errors": [
    {
      "code": "ERR_ADMIN_ROLE_RANK_RESTRICTED",
      "message": "Action is restricted due to admin role rank"
    }
  ]
}
```

**403 (ERR_NOT_INTERNAL_DOMAIN):**

```json
{
  "errors": [
    {
      "code": "ERR_NOT_INTERNAL_DOMAIN",
      "message": "The email is not internal domain"
    }
  ]
}
```

**413 (ERR_SYSTEM_NO_STORAGE_AVAILABLE):**

```json
{
  "errors": [
    {
      "code": "ERR_SYSTEM_NO_STORAGE_AVAILABLE",
      "message": "Folder owner's remaining storage quota does not permit for a file upload of this size."
    }
  ]
}
```

**422 (ERR_INVALID_PARAMETER):**

```json
{
  "errors": [
    {
      "code": "ERR_INVALID_PARAMETER",
      "message": "Invalid Parameter Exception"
    }
  ]
}
```

**422 (ERR_CANNOT_RETAIN_DATA_TO_THE_SAME_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_CANNOT_RETAIN_DATA_TO_THE_SAME_USER",
      "message": "Cannot retain data: selected user is being deleted/demoted. Please choose a different user."
    }
  ]
}
```

**422 (ERR_USER_IS_NOT_INTERNAL_DL_OR_INTERNAL_ACCOUNT):**

```json
{
  "errors": [
    {
      "code": "ERR_USER_IS_NOT_INTERNAL_DL_OR_INTERNAL_ACCOUNT",
      "message": "User is not internal distribution list or internal domain"
    }
  ]
}
```

**422 (ERR_CANNOT_RETAIN_DATA_TO_UNVERIFIED_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_CANNOT_RETAIN_DATA_TO_UNVERIFIED_USER",
      "message": "Cannot retain data: selected user is unverified. Please select a verified user before proceeding."
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X POST \
  "https://{instance}.kiteworks.com/rest/admin/sharedMailboxes" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
         "userId": "string",
         "memberIds": [
         "string"
       ],
         "remoteWipe": true,
         "deleteUnsharedData": true,
         "retainData": true,
         "retainToUser": "string"
       }'
```

**Python:**

```python
import requests

url = "https://{instance}.kiteworks.com/rest/admin/sharedMailboxes"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
    "Content-Type": "application/json",
}
payload = {
  "userId": "string",
  "memberIds": [
  "string"
],
  "remoteWipe": true,
  "deleteUnsharedData": true,
  "retainData": true,
  "retainToUser": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())
```

---

## DELETE /rest/admin/sharedMailboxes

**Summary:** Delete shared mailboxes

### Description:
  Deletes the specified shared mailboxes and restores the associated user accounts.
### Precondition:
  Caller must have system, application, or helpdesk admin role.
### Response:
  The shared mailboxes are deleted successfully.

**Parameters:**

| Name | In | Required | Description |
|------|----|----------|-------------|
| `id:in` | query | no | Comma-separated list of shared mailbox user UUIDs to delete.  (Recommended request size <= 100) |

**Responses:**

| Code | Description |
|------|-------------|
| 204 | The shared mailboxes have been deleted successfully. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED, ERR_ENTITY_NOT_FOUND |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_ADMIN, ERR_ACCESS_USER, ERR_ADMIN_ROLE_RANK_RESTRICTED, ERR_LICENSE_MAX_USERS_COUNT_REACHED |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**401 (ERR_ENTITY_NOT_FOUND):**

```json
{
  "errors": [
    {
      "code": "ERR_ENTITY_NOT_FOUND",
      "message": "Entity does not exist"
    }
  ]
}
```

**403 (ERR_ACCESS_ADMIN):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_ADMIN",
      "message": "Insufficient admin access permissions"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**403 (ERR_ADMIN_ROLE_RANK_RESTRICTED):**

```json
{
  "errors": [
    {
      "code": "ERR_ADMIN_ROLE_RANK_RESTRICTED",
      "message": "Action is restricted due to admin role rank"
    }
  ]
}
```

**403 (ERR_LICENSE_MAX_USERS_COUNT_REACHED):**

```json
{
  "errors": [
    {
      "code": "ERR_LICENSE_MAX_USERS_COUNT_REACHED",
      "message": "License count has been reached"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X DELETE \
  "https://{instance}.kiteworks.com/rest/admin/sharedMailboxes" \
  -H "Authorization: Bearer YOUR_TOKEN"
```

**Python:**

```python
import requests

url = "https://{instance}.kiteworks.com/rest/admin/sharedMailboxes"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
}
response = requests.delete(url, headers=headers)
print(response.json())
```

---

## PATCH /rest/admin/sharedMailboxes/{id}

**Summary:** Update shared mailbox members

### Description:
  Updates the member list of the specified shared mailbox.
### Precondition:
  Caller must have system, application, or helpdesk admin role.
### Response:
  The shared mailbox is updated and its details are returned.

**Parameters:**

| Name | In | Required | Description |
|------|----|----------|-------------|
| `id` | path | yes | The unique identifier (UUID) of the user. |

**Request Body:**

| Property | Type | Required | Description |
|----------|------|----------|-------------|
| `memberIds` | string[] | yes | List of member ids  (Recommended request size <= 100) |

**Responses:**

| Code | Description |
|------|-------------|
| 200 | The shared mailbox has been updated successfully. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_ADMIN, ERR_ACCESS_USER, ERR_ADMIN_ROLE_RANK_RESTRICTED, ERR_NOT_INTERNAL_DOMAIN |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_ACCESS_ADMIN):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_ADMIN",
      "message": "Insufficient admin access permissions"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**403 (ERR_ADMIN_ROLE_RANK_RESTRICTED):**

```json
{
  "errors": [
    {
      "code": "ERR_ADMIN_ROLE_RANK_RESTRICTED",
      "message": "Action is restricted due to admin role rank"
    }
  ]
}
```

**403 (ERR_NOT_INTERNAL_DOMAIN):**

```json
{
  "errors": [
    {
      "code": "ERR_NOT_INTERNAL_DOMAIN",
      "message": "The email is not internal domain"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X PATCH \
  "https://{instance}.kiteworks.com/rest/admin/sharedMailboxes/:id" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
         "memberIds": [
         "string"
       ]
       }'
```

**Python:**

```python
import requests

id = "VALUE"  # The unique identifier (UUID) of the user.

url = f"https://{{instance}}.kiteworks.com/rest/admin/sharedMailboxes/{id}"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
    "Content-Type": "application/json",
}
payload = {
  "memberIds": [
  "string"
]
}
response = requests.patch(url, headers=headers, json=payload)
print(response.json())
```

---
