Update Field Permissions

Updates the Field permission settings of an App.
Method PUT
URL https://{subdomain}.kintone.com/k/v1/field/acl.json
URL(guest space) https://{subdomain}.kintone.com/k/guest/{SpaceID}/v1/field/acl.json
Authentication API Token Authentication ,Password Authentication
Content-Type application/json

Pre-live settings

Apps may hold pre-live settings that have not yet been deployed to the live App.
Access the pre-live settings with the below URL.

URL https://{subdomain}.kintone.com/k/v1/preview/field/acl.json
URL(guest space) https://{subdomain}.kintone.com/k/guest/{SpaceID}/v1/preview/field/acl.json


  • App management permissions are needed.

Request Parameters

Parameters that are ignored will not be updated.

Parameter Value Required Description
app Integer or String Yes

The App ID.

rights Array Yes An array listing data of field permissions. List in order of priority.
rights[].code String Yes The field code of the field to set permissions around.
rights[].entities Array Yes An array listing the entities the permissions are granted to. List in order of priority.
The "Everyone" group will be treated with the lowest priority, wherever it is placed in the list.
rights[].entities[].accessibility String Yes The permission to grant to the entity.
  • READ: Permissions to view only.
  • WRITE: Permissions to view and edit.
  • NONE: No permissions to view and edit.
rights[].entities[].entity Object Yes An object containing data of the entity the permission is granted to.
rights[].entities[].entity.type String Yes The type of the entity the permission is granted to.
  • USER: User
  • GROUP: Group
  • ORGANIZATION: Department
  • FIELD_ENTITY: User field
rights[].entities[].entity.code String Yes The code of the entity the permission is granted to.
If the "Everyone" group is not specified, the "Everyone" group will have no permissions to view/edit/delete.
To specify guest space users, add the string "guest/" before the guest's log in name.
rights[].entities[].includeSubs Boolean or String   The permission inheritance settings of the department the permissions are granted to.
  • true: Permissions are inherited.
  • false: Permissions are not inherited.

If ignored, this value is false.

revision Integer or String   Specify the revision number of the settings that will be deployed.
The request will fail if the revision number is not the latest revision.
The revision will not be checked if this parameter is ignored, or -1 is specified.

Sample Request

JavaScript (using Kintone REST API Request)


Response Parameters

Parameter Type Description
revision String The revision number of the App settings.

Sample Response

Was this article helpful?
0 out of 0 found this helpful
Do you have any questions or issues related to this article?
Please share your views with us in the Community forums!