Skip to main content
POST
/
role
/
permission
/
factor
/
list
List permission factors
curl --request POST \
  --url 'https://api.flashcat.cloud/role/permission/factor/list?app_key=' \
  --header 'Content-Type: application/json' \
  --data '
{
  "factor_types": [
    "api"
  ]
}
'
{
  "request_id": "01HK8XQE3Z7JM2NTFQ5YJ8P9R4",
  "data": [
    {
      "factor_name": "template:read:info",
      "factor_type": "api"
    }
  ]
}

Documentation Index

Fetch the complete documentation index at: https://docs.flashcat.cloud/llms.txt

Use this file to discover all available pages before exploring further.

Restrictions

AspectValue
Rate limits1,000 requests/minute; 50 requests/second per account
PermissionsNone — any valid app_key can call this operation

Usage

  • Permission factors are the fine-grained controls that make up each permission.
  • factor_types accepts: api, button, visit, menu, url.

Authorizations

app_key
string
query
required

App key issued from the Flashduty console under Account → APP Keys. Required on every public API call. Keep it secret — it grants the same access as the owning account.

Body

application/json

Filters for listing permission factors.

factor_types
enum<string>[]

Filter by factor type.

Available options:
api,
button,
visit,
menu,
url

Response

Success

Success response envelope. On every 2xx response, request_id identifies the call (also mirrored in the Flashcat-Request-Id header) and data holds the endpoint-specific payload. Failure responses use a different shape — see ErrorResponse.

request_id
string
required

Unique ID for this request. Mirrored in the Flashcat-Request-Id response header. Include it when reporting issues.

Example:

"01HK8XQE3Z7JM2NTFQ5YJ8P9R4"

data
object[]
required

List of permission factors.