> ## Documentation Index > Fetch the complete documentation index at: https://altostrat.io/docs/llms.txt > Use this file to discover all available pages before exploring further. # Update a member's role > Updates the role of an existing member in a workspace. Role changes are subject to hierarchy rules; for example, an admin cannot promote another member to an owner. ## OpenAPI ````yaml /api/en/workspaces.yaml patch /workspaces/{workspaceId}/members/{memberId} openapi: 3.0.3 info: title: Altostrat Workspaces API version: 1.0.0 description: >- The Altostrat Workspaces API is the microservice responsible for tenancy, billing, user identity, and organizational hierarchy. It serves as the foundational layer for all multi-tenancy and subscription logic within the Altostrat SDX platform, enabling the secure separation of customer data and resources for SD-WAN, network automation, and agentic AI features. This API allows you to programmatically manage: - **Workspaces:** The top-level containers for all tenant resources, users, and billing configurations. - **Organizations:** Hierarchical entities used to model customer tenants or business units, track resource usage, and apply limits. - **Billing & Subscriptions:** The financial accounts and Stripe-powered subscriptions that govern access to Altostrat SDX features and resources. - **Members & Access:** The users and their specific roles (Owner, Admin, Viewer) within a workspace. Developers use this API to build the structural foundation and manage the billing lifecycle upon which all other Altostrat SDX automation and AI features operate. servers: - url: https://v1.api.altostrat.io description: Production API Server security: - bearerAuth: [] tags: - name: Workspaces description: Manage workspaces, the top-level containers for all resources. - name: Workspace Members description: Manage user access and roles within a workspace. - name: Organizations description: Manage hierarchical organizations for tenancy and resource segmentation. - name: Billing Accounts description: Manage financial accounts linked to Stripe for billing and subscriptions. - name: Subscriptions description: Manage product subscriptions powered by Stripe. - name: Invoices description: Retrieve invoice history and preview upcoming billing changes. - name: Payment Methods description: Manage customer payment methods for subscriptions. - name: Public description: Unauthenticated endpoints for retrieving public organization information. paths: /workspaces/{workspaceId}/members/{memberId}: patch: tags: - Workspace Members summary: Update a member's role description: >- Updates the role of an existing member in a workspace. Role changes are subject to hierarchy rules; for example, an admin cannot promote another member to an owner. parameters: - $ref: '#/components/parameters/WorkspaceId' - $ref: '#/components/parameters/MemberId' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/UpdateMemberRequest' responses: '200': description: The member's role was updated successfully. content: application/json: schema: $ref: '#/components/schemas/WorkspaceMember' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '422': description: >- Unprocessable Entity - The request violates a business rule, such as a user attempting to demote themselves when they are the last owner. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' example: type: unprocessable_entity code: last_owner_demotion message: >- You cannot change your role from owner because you are the only owner. Please add another owner first. doc_url: https://docs.altostrat.io/errors/last_owner_demotion '500': $ref: '#/components/responses/ServerError' components: parameters: WorkspaceId: name: workspaceId in: path required: true description: The ID of the workspace. schema: type: string example: ws_a1b2c3d4e5f6g7h8 MemberId: name: memberId in: path required: true description: The Auth0 User ID (`sub`) of the workspace member. schema: type: string example: auth0|64f5a6b7c8d9e0f1a2b3c4d5 schemas: UpdateMemberRequest: type: object required: - role properties: role: type: string description: The new role for the workspace member. enum: - owner - admin - viewer example: admin WorkspaceMember: type: object properties: user_id: type: string description: The unique identifier for the user (Auth0 `sub`). example: auth0|64f5a6b7c8d9e0f1a2b3c4d5 workspace_id: type: string description: The ID of the workspace this membership belongs to. example: ws_a1b2c3d4e5f6g7h8 role: type: string description: The role of the user within the workspace. enum: - owner - admin - viewer example: admin created_at: type: string format: date-time description: The timestamp when the member was added. example: '2025-10-29T00:40:06.000000Z' updated_at: type: string format: date-time description: The timestamp when the member's role was last updated. example: '2025-10-29T00:40:06.000000Z' ErrorResponse: type: object properties: type: type: string description: A broad category for the error (e.g., 'invalid_request_error'). example: invalid_request_error code: type: string description: A short, unique string identifying the specific error. example: parameter_missing message: type: string description: A human-readable description of what went wrong. example: The 'name' parameter is required for this request. doc_url: type: string description: >- A direct link to the documentation page for this specific error code. example: https://docs.altostrat.io/errors/parameter_missing responses: BadRequest: description: >- Bad Request - The request was malformed or contained invalid parameters. The response body will contain details about the error. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' example: type: invalid_request_error code: parameter_invalid message: The 'name' parameter cannot exceed 50 characters. doc_url: https://docs.altostrat.io/errors/parameter_invalid Unauthorized: description: >- Unauthorized - The request was not authenticated. Ensure you have provided a valid Bearer token in the Authorization header. Forbidden: description: >- Forbidden - The authenticated user does not have permission to perform this action. NotFound: description: Not Found - The requested resource could not be found. ServerError: description: Internal Server Error - An unexpected error occurred on the server. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' example: type: api_error code: internal_server_error message: An internal server error occurred. Please try again later. doc_url: https://docs.altostrat.io/errors/internal_server_error securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT description: 'Enter your JWT in the format: Bearer {token}' ````