Skip to main content

Grant Flow Access

This endpoint allows administrators to grant a specific user access to a specific flow. The system will either add the flow permission to an existing API key or create a new API key for the user.

Endpoint

POST /api/v1/langflow/admin/permissions/grant

Authentication

Requires Admin authentication:

  • Valid JWT token
  • Admin role verification via middleware

Request Format

Sent as application/json.

Request Body

Both fields are required for granting flow access.

FieldTypeDescription
userIdstringThe ID of the user to grant access to
flowIdstringThe ID of the flow to grant access to

Example Request

curl --location 'https://8ehqmu89grlsbn-8001.proxy.runpod.net/api/v1/langflow/admin/permissions/grant' \
--header 'Authorization: Bearer YOUR_JWT_TOKEN' \
--header 'Content-Type: application/json' \
--data '{
  "userId": "user123",
  "flowId": "550e8400-e29b-41d4-a716-446655440000"
}'

Response Format

Success Response - Existing API Key

Status Code: 200 OK

When the user already has an API key, the flow permission is added to the existing key.

{
  "apiKey": "lf_1234567890abcdef...",
  "message": "Flow access added to existing API key"
}

Success Response - New API Key

Status Code: 201 Created

When the user doesn't have an API key, a new one is created with the flow permission.

{
  "apiKey": "lf_0987654321fedcba...",
  "message": "API key created with flow access"
}

Error Responses

Missing Fields

Status Code: 400 Bad Request

{
  "error": "Missing userId or flowId in request body"
}

Flow Not Found

Status Code: 404 Not Found

{
  "error": "Flow not found"
}

Unauthorized

Status Code: 401 Unauthorized

{
  "error": "Unauthorized access"
}

Server Error

Status Code: 500 Internal Server Error

{
  "error": "Internal server error"
}

Notes

  • Only administrators can grant flow access
  • The flow must exist in Langflow before granting access
  • Each user can have only one API key, but it can have multiple flow permissions
  • The returned API key should be securely provided to the user
  • API keys are managed by Langflow and stored in the permissions database
  • The admin who grants access is tracked for audit purposes