Permissions: create

Creates a permission for a file or shared drive. Try it now.


HTTP request



Parameter name Value Description
Path parameters
fileId string The ID of the file or shared drive.
Optional query parameters
emailMessage string A plain text custom message to include in the notification email.
enforceSingleParent boolean Set to true to opt in to API behavior that aims for all items to have exactly one parent. This parameter only takes effect if the item is not in a shared drive. See moveToNewOwnersRoot for details. (Default: false)
fields string The paths of the fields you want included in the response. If not specified, the response includes a default set of fields specific to this method. For development you can use the special value * to return all fields, but you'll achieve greater performance by only selecting the fields you need. For more information, see Return specific fields for a file.
moveToNewOwnersRoot boolean This parameter only takes effect if the item is not in a shared drive and the request is attempting to transfer the ownership of the item. When set to true, the item is moved to the new owner's My Drive root folder and all prior parents removed. If set to false, when enforceSingleParent=true, parents are not changed. If set to false, when enforceSingleParent=false, existing parents are not changed; however, the file will be added to the new owner's My Drive root folder, unless it is already in the new owner's My Drive. (Default: false)
sendNotificationEmail boolean Whether to send a notification email when sharing to users or groups. This defaults to true for users and groups, and is not allowed for other requests. It must not be disabled for ownership transfers.
supportsAllDrives boolean Whether the requesting application supports both My Drives and shared drives. (Default: false)
supportsTeamDrives boolean Deprecated use supportsAllDrives instead. (Default: false)
transferOwnership boolean Whether to transfer ownership to the specified user and downgrade the current owner to a writer. This parameter is required as an acknowledgement of the side effect. (Default: false)
useDomainAdminAccess boolean Issue the request as a domain administrator; if set to true, then the requester will be granted access if the file ID parameter refers to a shared drive and the requester is an administrator of the domain to which the shared drive belongs. (Default: false)


This request requires authorization with at least one of the following scopes:


Some scopes are restricted and require a security assessment for your app to use them. For more information, see the authentication and authorization page.

Request body

In the request body, supply a Permissions resource with the following properties:

Property name Value Description Notes
Required Properties
role string The role granted by this permission. While new values may be supported in the future, the following are currently allowed:
  • owner
  • organizer
  • fileOrganizer
  • writer
  • commenter
  • reader
type string The type of the grantee. Valid values are:
  • user
  • group
  • domain
  • anyone
When creating a permission, if type is user or group, you must provide an emailAddress for the user or group. When type is domain, you must provide a domain. There isn't extra information required for a anyone type.
Optional Properties
allowFileDiscovery boolean Whether the permission allows the file to be discovered through search. This is only applicable for permissions of type domain or anyone. writable
domain string The domain to which this permission refers. writable
emailAddress string The email address of the user or group to which this permission refers. writable
view string Indicates the view for this permission. Only populated for permissions that belong to a view. published is the only supported value. writable


If successful, this method returns a Permissions resource in the response body.

Try it!

Use the APIs Explorer below to call this method on live data and see the response.