The Canva Admin API is currently provided as a preview and is subject to change.

Update group member

Updates a group member.

HTTP method and URL path

PATCH https://api.canva.com/admin/v1/teams/{teamId}/groups/{groupId}/members/{userId}

Authentication and authorization

This endpoint requires a valid access token that was generated using client credentials.

Scopes

The access token must have all the following scopes (permissions):

  • admin:group:write

Header parameters

Authorizationstring
Required

Provides credentials to authenticate the request, in the form of a Bearer token.

For example: Authorization: Bearer {token}

Content-Typestring
Required

Indicates the media type of the information sent in the request. This must be set to application/json.

For example: Content-Type: application/json

Path parameters

teamIdstring
Required

The team ID.

groupIdstring
Required

The group ID.

userIdstring
Required

The user ID.

Body parameters

rolestring
Required

The role of the user in the group.

Available values:

  • admin
  • member

Example request

Examples for using the /v1/teams/{teamId}/groups/{groupId}/members/{userId} endpoint:

curl --request PATCH 'https://api.canva.com/admin/v1/teams/{teamId}/groups/{groupId}/members/{userId}' \
--header 'Authorization: Bearer {token}' \
--header 'Content-Type: application/json' \
--data '{
"role": "admin"
}'
SH
const fetch = require("node-fetch");
fetch("https://api.canva.com/admin/v1/teams/{teamId}/groups/{groupId}/members/{userId}", {
method: "PATCH",
headers: {
"Authorization": "Bearer {token}",
"Content-Type": "application/json",
},
body: JSON.stringify({
"role": "admin"
}),
})
.then(async (response) => {
const data = await response.json();
console.log(data);
})
.catch(err => console.error(err));
JS
import java.io.IOException;
import java.net.URI;
import java.net.http.*;
public class ApiExample {
public static void main(String[] args) throws IOException, InterruptedException {
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.canva.com/admin/v1/teams/{teamId}/groups/{groupId}/members/{userId}"))
.header("Authorization", "Bearer {token}")
.header("Content-Type", "application/json")
.method("PATCH", HttpRequest.BodyPublishers.ofString("{\"role\": \"admin\"}"))
.build();
HttpResponse<String> response = HttpClient.newHttpClient().send(
request,
HttpResponse.BodyHandlers.ofString()
);
System.out.println(response.body());
}
}
JAVA
import requests
headers = {
"Authorization": "Bearer {token}",
"Content-Type": "application/json"
}
data = {
"role": "admin"
}
response = requests.patch("https://api.canva.com/admin/v1/teams/{teamId}/groups/{groupId}/members/{userId}",
headers=headers,
json=data
)
print(response.json())
PY
using System.Net.Http;
var client = new HttpClient();
var request = new HttpRequestMessage
{
Method = HttpMethod.Patch,
RequestUri = new Uri("https://api.canva.com/admin/v1/teams/{teamId}/groups/{groupId}/members/{userId}"),
Headers =
{
{ "Authorization", "Bearer {token}" },
},
Content = new StringContent(
"{\"role\": \"admin\"}",
Encoding.UTF8,
"application/json"
),
};
using (var response = await client.SendAsync(request))
{
response.EnsureSuccessStatusCode();
var body = await response.Content.ReadAsStringAsync();
Console.WriteLine(body);
};
CSHARP
package main
import (
"fmt"
"io"
"net/http"
"strings"
)
func main() {
payload := strings.NewReader(`{
"role": "admin"
}`)
url := "https://api.canva.com/admin/v1/teams/{teamId}/groups/{groupId}/members/{userId}"
req, _ := http.NewRequest("PATCH", url, payload)
req.Header.Add("Authorization", "Bearer {token}")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}
GO
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://api.canva.com/admin/v1/teams/{teamId}/groups/{groupId}/members/{userId}",
CURLOPT_CUSTOMREQUEST => "PATCH",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {token}',
'Content-Type: application/json',
),
CURLOPT_POSTFIELDS => json_encode([
"role" => "admin"
])
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if (empty($err)) {
echo $response;
} else {
echo "Error: " . $err;
}
PHP
require 'net/http'
require 'uri'
url = URI('https://api.canva.com/admin/v1/teams/{teamId}/groups/{groupId}/members/{userId}')
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Patch.new(url)
request['Authorization'] = 'Bearer {token}'
request['Content-Type'] = 'application/json'
request.body = <<REQUEST_BODY
{
"role": "admin"
}
REQUEST_BODY
response = http.request(request)
puts response.read_body
RUBY

Success response

If successful, the endpoint returns a 200 response with a JSON body with the following parameters:

group_memberGroupMember

A member in a group.

user_idstring

The user ID.

group_idstring

The group ID.

team_idstring

The team ID.

rolestring

The role of the user in the group.

Available values:

  • admin
  • member

Example response

{
"group_member": {
"user_id": "UAAAAAAAAA1",
"group_id": "GAAAAAAAAAA",
"team_id": "BAAAAAAAAAA",
"role": "member"
}
}
JSON

Error responses

404 Not Found

codestring

A short string indicating what failed. This field can be used to handle errors programmatically. For a complete list of error codes, see Error responses.

messagestring

A human-readable description of what went wrong.

Example error responses

The team was not found
{
"code": "team_not_found",
"message": "Team {teamId} not found"
}
JSON
The group was not found
{
"code": "group_not_found",
"message": "Group {groupId} not found"
}
JSON
The user is not a member of the group
{
"code": "user_not_found",
"message": "User {userId} is not a member of group {groupId}"
}
JSON