> ## Documentation Index
> Fetch the complete documentation index at: https://api-docs.select.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Add role to SSO group

> Add a new role assignment to an existing SSO group



## OpenAPI

````yaml https://api.select.dev/public_openapi post /api/{organization_id}/sso-group-mappings/{sso_group_name}/roles
openapi: 3.1.0
info:
  title: SELECT API (v1)
  version: 0.1.0
servers:
  - url: https://api.select.dev/
    description: SELECT API
security: []
paths:
  /api/{organization_id}/sso-group-mappings/{sso_group_name}/roles:
    post:
      tags:
        - sso
        - public-api
      summary: Add role to SSO group
      description: Add a new role assignment to an existing SSO group
      operationId: >-
        add_sso_group_role_route_api__organization_id__sso_group_mappings__sso_group_name__roles_post
      parameters:
        - name: sso_group_name
          in: path
          required: true
          schema:
            type: string
            title: Sso Group Name
            description: The SSO group name
          description: The SSO group name
        - name: organization_id
          in: path
          required: true
          schema:
            type: string
            title: Organization Id
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PublicRoleCreate'
              description: The role configuration to add
      responses:
        '201':
          description: Successful Response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PublicSSOGroupAccessRole'
        '422':
          description: Validation Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/HTTPValidationError'
      security:
        - HTTPBearer: []
        - HTTPBearer: []
components:
  schemas:
    PublicRoleCreate:
      properties:
        role:
          $ref: '#/components/schemas/UserRoleEnum'
          description: The role level to grant (admin, editor, monitor_editor, or viewer)
        scope:
          anyOf:
            - $ref: '#/components/schemas/RoleScopeRequest'
            - type: 'null'
          description: >-
            The scope for this role. If not provided, creates an
            organization-wide role
      type: object
      required:
        - role
      title: PublicRoleCreate
      description: Schema for creating a role via public API (for users or teams).
    PublicSSOGroupAccessRole:
      properties:
        id:
          type: string
          format: uuid
          title: Id
          description: The unique identifier of this role assignment
        role:
          $ref: '#/components/schemas/UserRoleEnum'
          description: The role level (admin, editor, monitor_editor, or viewer)
        scope:
          $ref: '#/components/schemas/RoleScope'
          description: The scope this role applies to
        created_at:
          type: string
          format: date-time
          title: Created At
          description: When the role was created
        updated_at:
          type: string
          format: date-time
          title: Updated At
          description: When the role was last updated
      type: object
      required:
        - id
        - role
        - scope
        - created_at
        - updated_at
      title: PublicSSOGroupAccessRole
      description: SSO group's access role to a resource.
    HTTPValidationError:
      properties:
        detail:
          items:
            $ref: '#/components/schemas/ValidationError'
          type: array
          title: Detail
      type: object
      title: HTTPValidationError
    UserRoleEnum:
      type: string
      enum:
        - admin
        - editor
        - monitor_editor
        - viewer
      title: UserRoleEnum
    RoleScopeRequest:
      properties:
        type:
          $ref: '#/components/schemas/RoleScopeType'
          description: The type of scope for this role
        id:
          anyOf:
            - type: string
            - type: 'null'
          title: Id
          description: ID of the scoped entity (required for non-organization scopes)
      type: object
      required:
        - type
      title: RoleScopeRequest
      description: Scope definition for creating/updating role assignments (request only).
    RoleScope:
      properties:
        type:
          $ref: '#/components/schemas/RoleScopeType'
          description: The type of scope for this role
        id:
          anyOf:
            - type: string
            - type: 'null'
          title: Id
          description: >-
            ID of the scoped entity (organization ID, Snowflake org name,
            account UUID, or usage group ID)
        name:
          anyOf:
            - type: string
            - type: 'null'
          title: Name
          description: Display name of the scoped entity (populated in responses)
      type: object
      required:
        - type
      title: RoleScope
      description: Scope definition for a role assignment.
    ValidationError:
      properties:
        loc:
          items:
            anyOf:
              - type: string
              - type: integer
          type: array
          title: Location
        msg:
          type: string
          title: Message
        type:
          type: string
          title: Error Type
      type: object
      required:
        - loc
        - msg
        - type
      title: ValidationError
    RoleScopeType:
      type: string
      enum:
        - organization
        - snowflake_organization
        - snowflake_account
        - databricks_account
        - databricks_connection
        - tableau_site
        - usage_group
      title: RoleScopeType
      description: Types of scopes a role can be assigned to.
  securitySchemes:
    HTTPBearer:
      type: http
      scheme: bearer

````