go to pipedrive.com
Log inSign up
Contents

2024

2023

2022

2021

Changelog

ADDED
Effective from:

June 21, 2023

Introducing item-specific create and update permissions

Announced: June 21, 2023

Effective from:
June 21, 2023

We are introducing 2 new types of permissions as part of the Permission sets feature in our web app and API:

  • Permissions for adding items
  • Permissions for editing another user’s items

Users can now be restricted from creating new and/or editing existing other users’ entities (deals, leads, persons and organizations). This ensures data reliability and quality for your Pipedrive account.

What is being added?

We will roll the feature out to all companies between June 26 and July 20, 2023.

By default, nothing will be changed in the API behavior.

When a user’s permission for creating entities (e.g., the can_add_deals permission for deals) is disabled, the user will not be able to add new deals, leads, persons and/or organizations via the API. Similarly, the user will not be able to edit other users’ entities when the editing permission is disabled. The deals, leads, persons and organizations that are owned by the user themselves will always remain editable.


1. Permissions for adding items

Deals API

If the user does not have the can_add_deals permission, calling the POST /deals and/or POST /deals/{id}/duplicate endpoints will result in a 403 error.

Leads API

If the user does not have the can_add_leads permission, calling the POST /leads endpoint will result in a 403 error.

Organizations API

If the user does not have the can_add_organizations permission, calling the POST /organizations endpoint will result in a 403 error.

Persons API

If the user does not have the can_add_people permission, calling the POST /persons endpoint will result in a 403 error.


2. Permissions for editing another user’s items

Deals API

If the user does not have the can_edit_other_users_deals permission, calling the following endpoints will result in a 403 error:

Leads API

If the user does not have the can_edit_other_users_leads permission, calling the PATCH /leads/{id} endpoint will result in a 403 error.

Organizations API

If the user does not have the can_edit_other_users_organizations permission, calling the PUT /organizations/{id} endpoint will result in a 403 error.

Persons API

If the user does not have the can_edit_other_users_people permission, calling the following endpoints will result in a 403 error:


Here’s an example 403 error response for both types of permissions:

{ "success": false, "error": "You do not have permission to do this.", "error_info": "Please check developers.pipedrive.com for more information about Pipedrive API.", "data": null, "additional_data": null }

Where can I find the permissions for a user?

We will be adding all of the above mentioned permission fields to the response of the GET /users/{id}/permissions endpoint, which can be used to find a specific user’s permissions.

If you have any questions or comments, let us know in our Developers' Community.

Subscribe to our
Changelog

You may unsubscribe anytime using the unsubscribe link in our emails. For more information, please see our privacy notice.

Subscribe to our
Changelog

You may unsubscribe anytime using the unsubscribe link in our emails. For more information, please see our privacy notice.